We have checks for CBC, XTS and KW modes in check_config.h. This
means we should never get a successful build with above three modes.
Therefore, the checks in cipher_setkey is not necessary as other
error will be emitted if asking for those modes in the cipher.
Additionally, removing the checks can save extra code size.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This removes the dependency from cipher module and legacy key/modes
symbols which are used in cipher_wrap.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Extra features that depend on CIPHER_C are disabled also in the
reference component in order to get test parity.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
For time being, pre_check_tools check armcc and armclang together.
Therefore, we can resue support_build_armcc even if the test only
needs armclang.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Compiling a regex improves performance and avoids accidentally
combining it with a string. This commit makes this change.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
If we enabled AES_DECRYPT_ALT and either AES_SETKEY_DEC_ALT or
AES_USE_HARDWARE_ONLY, this means RSb and RTx are not needed.
This commit extends how we guard RSb and RTx for the combinations of
these configurations.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Some are about raw or AES keys where PK seems really unrelated.
The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.
Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Most of them were removed in 7162, not sure how these ones slipped in.
There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:
grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c
Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Mainly done by the commands, with some manual adjust.
```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
