yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
29227 commits 89 branches 205 tags 114 MiB
Commit graph

10477 commits

Author SHA1 Message Date
David Horstmann e04a97a1eb Move MPI initialization to start of function 
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-08 18:34:15 +00:00
Xiaokang Qian aedfc0932b Revert to ae952174a7 and addressing some comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-08 10:43:24 +00:00
Pengyu Lv d90fbf7769 Adjuest checks in generate_key_rsa suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:30:33 +08:00
Yanray Wang 177e49ad7a tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:33 +08:00
Ronald Cron 90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst 
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
 2023-12-07 09:25:35 +00:00
Pengyu Lv abeca020d8 Remove test_psa_crypto_config_accel_rsa_signature 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:25:15 +08:00
Pengyu Lv 98a90c6542 Fix various issue 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:23:25 +08:00
Xiaokang Qian dce183f2e2 Remove the duplicate cases and add early_data_file option 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 09:22:38 +00:00
Xiaokang Qian 864c62a906 Add one test case with early_data_file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 06:11:38 +00:00
Xiaokang Qian dd8a7f8acf Revert the early data test case 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:58:05 +00:00
Pengyu Lv 3cd16c47bd Add analyze_driver_vs_reference_rsa for analyze_outcomes 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:24:29 +08:00
Pengyu Lv 9e976f3649 Conditionally check the attribute of generated RSA key 
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:35 +08:00
Pengyu Lv f1cacad870 Correctly use asymmetric encrypt/decrypt driver 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:35 +08:00
Pengyu Lv e705f572f9 Add components to test crypto_full w/wo accelerated RSA 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 10:22:03 +08:00
Dave Rodgman 779819a4dd
Merge pull request #8613 from bensze01/valgrind-only-in-nightlies 
Do not run Valgrind tests in PR jobs
 2023-12-06 19:18:24 +00:00
Gilles Peskine 57e401b39f
Merge pull request #8521 from valeriosetti/issue8441 
[G4] Make CTR-DRBG fall back on PSA when AES not built in
 2023-12-06 18:25:44 +00:00
Waleed Elmelegy 9aec1c71f2 Add record size checking during handshake 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-06 15:18:15 +00:00
Jan Bruckner f482dcc6c7 Comply with the received Record Size Limit extension 
Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-12-06 15:18:08 +00:00
Bence Szépkúti 0354d04d3c Do not run Valgrind tests in PR jobs 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-06 16:14:37 +01:00
Jerry Yu 750e06743f remove misbehavior tests and code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:22:15 +08:00
Jerry Yu ea96ac3da9 fix various issues 
- get ticket_flags with function.
- improve output message and check it.
- improve `ssl_server2` help message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:37 +08:00
Jerry Yu 391c943340 Add tests for ticket early data permission bit 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:16:48 +08:00
Ronald Cron 40f3f1c36f
Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data 
TLS 1.3 EarlyData SRV: Parsing 0-RTT data
 2023-12-06 06:47:32 +00:00
Xiaokang Qian 70fbdcf904 Change early data flag to input file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-05 05:50:08 +00:00
Valerio Setti 5e18b90c95 config-tfm: disable CIPHER_C 
We also add a check in "all.sh" components:
- component_test_tfm_config_p256m_driver_accel_ec
- component_test_tfm_config
to ensure that CIPHER_C was not re-enabled accidentally.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 15:24:25 +01:00
Valerio Setti 58d0206f39 test_suite_block_cipher: fix depends_on for Camellia tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 15:24:25 +01:00
Valerio Setti 302a487499 test_driver_key_management: rename counter for export_public_key() hits 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 829ce0facf test_driver_cipher: add forced return status for encrypt and set_iv 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 7ef35a9b3c test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 83e0de8481 crypto_extra: revert changes to mbedtls_psa_random_free() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 0ca1868fcd test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 7448367f68 test_suite_psa_crypto_slot_management: modify check on open key slots 
This commit
- Reverts changes previously done to psa_crypto_helpers.[c,h]
- Implements a new check for open key slots in
  mbedtls_test_helper_is_psa_leaking():
   - when CTR_DRBG does not use AES_C or PSA does not have an external
     RNG, then we allow 1 key slot (it's the one holding the AES key)
   - when the above conditions are not met, then we fallback to the
     usual check for "no open key slots remaining"

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 45337a8895 test_suite_psa_crypto_driver_wrappers: add counter for cipher_update() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 6ef82ae39d test_suite_psa_crypto_driver_wrappers: improving driver access counters 
When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This
means that, when AES-ECB is accelerated, each random operation goes through
driver access as well. This might result in unexpectedly increased
counters for driver's access.
We add extra counters in test_driver_[cipher/key_management].c to be
more specific on which driver functions are accessed and ignore
extra accesses due to CTR_DRBG.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti 0a903db804 test_suite_psa_crypto_slot_management: some fix for available key slots 
When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means
that PSA holds an open AES key since psa_crypto_init() is called, which
- reduces the maximum number of available key slots
- shifts the 1st available index

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti dc32ac20fd test_suite_[ctr_drbg/random]: initialize/close PSA in tests 
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti 402cfba4dc psa: free RNG implementation before checking for remaining open key slots 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti 40a93dff32 all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Yanray Wang 3d82ffce5b ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-04 17:50:43 +08:00
Thomas Daubney 10769bca9e Fix bad whitespace in keyword argument assignment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 23:47:59 +00:00
Thomas Daubney 3a0690647e Use guess_mbedtls_root in Mbed-TLS-only script 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 18:27:25 +00:00
Thomas Daubney 04c446cc21 Modify crypto_core_directory to also return a relative path 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 17:18:38 +00:00
Ronald Cron 857d29f29a
Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size 
TLS1.3 EarlyData: client: parse max_early_data_size
 2023-12-01 08:27:26 +00:00
Thomas Daubney 08c6dc4942 Rename project_crypto_name 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:56:09 +00:00
Dave Rodgman f5e46fd45c
Merge pull request #8535 from daverodgman/update-tfm 
Adjust to match current TF-M config
 2023-11-29 16:14:06 +00:00
Gilles Peskine 18eab984c7
Merge pull request #8560 from lpy4105/issue/8423/optimize-analyze_outcomes_py 
Optimize analyze_outcomes.py
 2023-11-29 14:51:41 +00:00
Janos Follath c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction 
Make mutex abstraction and tests thread safe
 2023-11-29 13:26:23 +00:00
Gilles Peskine 172c0b930f
Merge pull request #8561 from ronald-cron-arm/fix-ciphersuites-list-in-ssl-opt 
ssl-opt.sh: Fix getting the list of supported ciphersuites.
 2023-11-29 11:31:33 +00:00
Pengyu Lv 5dcfd0c613 Some improvements 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-29 18:03:28 +08:00
Dave Rodgman 51e72456f9 Automatically set MBEDTLS_NO_PLATFORM_ENTROPY in TF-M config 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-29 09:44:44 +00:00
Manuel Pégourié-Gonnard 6b5cedf51f
Merge pull request #8547 from valeriosetti/issue8483 
[G2] Make PSA-AEAD work with cipher-light
 2023-11-29 08:53:42 +00:00
Pengyu Lv 550cd6f9b2 Use boolean hit instead of int hits 
Also fix a typo in the comments.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-29 09:17:59 +08:00
Ronald Cron 60f76663c0 Align forced ciphersuite with test description 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 17:52:42 +01:00
Dave Rodgman c3cd410acf
Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan 
Fix test_suite_platform failure with Asan on modern Clang
 2023-11-28 16:48:31 +00:00
Ronald Cron 29ad2d7609 ssl-opt.sh: Remove unnecessary symmetric crypto dependencies 
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
   forced ciphersuite is available.
3) The fact that the forced ciphersuite is
   available implies that the symmetric
   cipher algorithm it uses is available as
   well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 17:44:39 +01:00
Dave Rodgman 82d7a875ff Update tests to refer to our tf-m config wrapper 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 16:10:37 +00:00
Ronald Cron 41bc42ac1b ssl-opt.sh: Fix some symmetric crypto dependencies 
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 15:59:40 +01:00
Ronald Cron 5b73de8ddb ssl-opt.sh: Add a check of the list of supported ciphersuites 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-28 15:59:03 +01:00
Tom Cosgrove 9e1d2e5727
Merge pull request #8029 from gilles-peskine-arm/fix-MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA 
Update old dependency to MBEDTLS_MD_CAN
 2023-11-28 13:12:10 +00:00
Valerio Setti 6632a12fa3 all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 11:45:38 +01:00
Dave Rodgman be5489ae98 Simplify test for building P256-M 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 10:15:37 +00:00
Dave Rodgman 897bb77c0c Update tf-m tests in all.sh for P256-M 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 10:15:11 +00:00
Pengyu Lv 451ec8a4bc Add comment to read_outcome_file in analyze_outcomes.py 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 17:59:05 +08:00
Pengyu Lv c2e8f3a080 Add type annotations to analyze_outcomes.py 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 17:22:04 +08:00
Manuel Pégourié-Gonnard 294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060 
[G2] Make CCM and GCM work with the new block_cipher module
 2023-11-28 08:18:45 +00:00
Pengyu Lv 20e3ca391e Run tests for ref_vs_driver outside task function 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 15:30:03 +08:00
Pengyu Lv 18908ec276 Define named tuple for component outcomes 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 13:04:11 +08:00
Pengyu Lv 28ae4648a6 Use mutable set all the time 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 11:35:19 +08:00
Pengyu Lv 59b9efc6dd Check if driver_component is missing 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 11:15:00 +08:00
Pengyu Lv f28cf594b1 Break the loop when case hits 
We don't care about the number of hits of the test cases,
so break the iteration when the case hits.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 10:56:29 +08:00
Pengyu Lv dd1d6a7cca Improve readability of the script 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 10:52:25 +08:00
Pengyu Lv a1ddcfaef8 Extend the pattern of pkparse test on encrypted keys 
These test cases are ignored when analyzing outcomes on
analyze_driver_vs_reference_cipher_aead task.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-28 09:46:01 +08:00
Pengyu Lv 6c927c0795 Merge branch 'development' into review/gilles/update-old-dep-MD_CAN 2023-11-28 09:31:44 +08:00
Gilles Peskine 150002c9f9 Skip calloc overallocation test case 
This test case is incompatible with sanitizers (e.g. ASan), and thus
skipped. If the driver component uses a sanitizer but the reference
component doesn't, we have a PASS vs SKIP mismatch. Since this test case is
unrelated to drivers, we don't mind ignoring it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-27 18:24:45 +01:00
Dave Rodgman 9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2 
Support hw-accelerated AES on Thumb and Arm
 2023-11-27 09:58:58 +00:00
Paul Elliott 392ed3fe7f Add better documentation for mbedtls_test_mutex_mutex 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-24 15:48:28 +00:00
Thomas Daubney e8f3789312 Revert change that removed in_tf_psa_crypto_repo variable 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-24 11:41:23 +00:00
Thomas Daubney 6130a619f8 Remove unused variable 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-24 10:58:07 +00:00
Thomas Daubney fc60e9b7bf Make function calls consistent 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-24 10:56:04 +00:00
Paul Elliott f25d831123 Ensure mutex test mutex gets free'd 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-23 18:49:43 +00:00
Dave Rodgman 8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only 
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
 2023-11-23 17:43:00 +00:00
Dave Rodgman c44042ddbc
Merge pull request #7905 from lpy4105/issue/misc-improvement 
misc improvements
 2023-11-23 16:20:58 +00:00
Ronald Cron 34915fac3a ssl-opt.sh: Fix getting the list of supported ciphersuites. 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-23 17:20:19 +01:00
Yanray Wang 18040ede3f all.sh: export LC_COLLATE=C for sorting in ASCII order 
By default, 'sort' sorts characters with system default locale,
which causes unexpected sorting order. To sort characters in ASCII
from computer perspective, export LC_COLLATE=C to specify character
collation for regular expressions and sorting with C locale.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 21:30:00 +08:00
Thomas Daubney 8932404c45 Introduce project_crypto_name in build_tree.py 
Add new function to build_tree.py to return the crypto
name for the project; either tfpsacrypto or mbedcrypto.
Deploy this function where needed.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-23 10:14:12 +00:00
Thomas Daubney d0c3076dba Make use of crypto_core_directory function in script 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-23 09:59:57 +00:00
Yanray Wang 42be1bab30 block_cipher_no_decrypt: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 14:34:41 +08:00
Yanray Wang 70642ecb24 all.sh: check_test_dependencies: add one more option 
- add !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT in whitelist

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 14:34:15 +08:00
Pengyu Lv 31a9b7891a Improve comments and variable naming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-23 14:15:37 +08:00
Pengyu Lv a442858878 Restruct the structure of outcome file presentation 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-23 10:52:42 +08:00
Yanray Wang 690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Pengyu Lv a6cf5d67c5 Share parsed outcomes among tasks when ananlyzing 
This extremely improves the performance.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-23 09:51:58 +08:00
Thomas Daubney 755d32117b Rename guess_mbedtls_root to guess_project_root 
Rename for consistency. Also, replace all calls to
this function with correct name.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-22 17:18:22 +00:00
Gilles Peskine 3b2b7f8acf MSan and TSan complain as well, not just ASan 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 18:08:17 +01:00
Gilles Peskine 05ebe967be Disable check_mbedtls_calloc overallocation under ASan 
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:56:26 +01:00
Gilles Peskine fa8ec2611e Detect enabled GCC/Clang sanitizers 
Occasionally we want tests to take advantage of sanitizers, or work around
them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:56:26 +01:00
Jerry Yu 0e9eafff13 Update tests to the code status 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-22 16:48:39 +08:00
Yanray Wang 951b3cb400 tls13-misc: cli: check parser of max_early_data_size ext 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 10:33:11 +08:00
Jerry Yu aa5dc24df9 Change if to switch case 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu 60e997205d replace check string 
The output has been changed

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu 713ce1f889 various improvement 
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu 4ac648ef20 improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu d84c14f80c improve code style 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu b2455d2472 Guards ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu 472a69260b fix build failure 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:20 +08:00
Jerry Yu 342a555eef rename ticket received 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 25ba4d40ef rename ticket_creation to ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 28547c49ed update tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Gilles Peskine 8b1a124126
Merge pull request #8438 from yuhaoth/pr/disable-stdout-for-config-query-call 
Disable stdout in require_*_configs_* functions
 2023-11-20 18:27:03 +00:00
Gilles Peskine 885bcfc9d0
Merge pull request #7649 from yuhaoth/pr/add-command-for-server9-bad-saltlen 
Add command for server9-bad-saltlen
 2023-11-20 14:07:19 +00:00
Gilles Peskine 473ff34d59
Merge pull request #8489 from valeriosetti/issue8482 
Make CCM* and CCM independent
 2023-11-20 14:07:14 +00:00
Gilles Peskine 6267dd59c8
Merge pull request #8463 from gilles-peskine-arm/metatest-create 
Create a metatest program
 2023-11-20 14:07:08 +00:00
Manuel Pégourié-Gonnard a4e7953f59
Merge pull request #8527 from lpy4105/issue/6324/driver-only-cipher+aead-tls-compat 
[G3] Driver-only cipher+aead: TLS: compat.sh
 2023-11-20 09:37:06 +00:00
Ronald Cron 97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field 
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
 2023-11-20 08:04:57 +00:00
Paul Elliott 9e25936241 Rename mutex->is_valid to mutex->state 
Rename struct member to make it more representative of its current use.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:14:16 +00:00
Paul Elliott 3774637518 Make threading helpers tests thread safe 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:49 +00:00
Paul Elliott 5fa986c8cb Move handling of mutex->is_valid into threading_helpers.c 
This is now a field only used for testing.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:05 +00:00
Pengyu Lv 7afd9a4663 Change the test messages 
We are now testing driver-only cipher+aead with full config.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-16 17:55:25 +08:00
Valerio Setti 59de2ae6de all.sh: re-enable CCM/GCM in test_full_no_cipher() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 08:20:27 +01:00
Pengyu Lv c5d4c46983 Add missing PSA init 
EC might be supported through PSA, so use `MD_OR_USE_PSA_INIT`
in pk_parse_{public_}keyfile_ec.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-16 09:07:28 +08:00
Gilles Peskine e7fc8a232f Readability improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-15 16:56:26 +01:00
Manuel Pégourié-Gonnard dc848955d6
Merge pull request #8519 from mpg/block-cipher 
[G2] Add internal module block_cipher
 2023-11-15 11:53:22 +00:00
Gilles Peskine 4ebccc0396 Update PSA init for md-ligt 
Also initialize PSA in builds where hashes are PSA-only, for the sake of
encrypted keys (otherwise PBKDF fails).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-15 11:04:30 +01:00
Gilles Peskine 799befd58e Update to TEST_EQUAL macros for easier debuggability 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-15 11:04:23 +01:00
Pengyu Lv f561ed8b3a all.sh: enable compat.sh testing in psa_crypto_config_[accel/reference]_cipher_aead 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-15 17:42:55 +08:00
Manuel Pégourié-Gonnard 9e80a91f27
Merge pull request #8164 from yanrayw/adjust_tfm_configs 
Adjust how we handle TF-M config files
 2023-11-15 08:21:27 +00:00
Valerio Setti 776981ba42 psa_exercise_key: add missing #else for KNOWN_SUPPORTED_BLOCK_CIPHER 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti a50b89ebab all.sh: disable CCM_STAR_NO_TAG in test_psa_crypto_config_accel_aead() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti a4b60593c1 psa_exercise_key: replace legacy symbols with PSA_WANT ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti ff2b06a235 all.sh: improve components for without CCM/CCM* 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti a765eaa33e test_driver_extension: fix acceleration support for CCM and CCM* 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti 51d5b196a1 all.sh: accelerate also CCM* in test_psa_crypto_config_accel_cipher_aead 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:16:46 +01:00
Valerio Setti bdfecb6a83 all.sh: add test components for no-CCM and no-CCM* 
The idea is to show that there is no more any dependency between
the two symbols:

- component_test_full_no_ccm() keeps ALG_CCM_STAR_NO_TAG enabled,
  disables ALG_CCM and ensures that the latter does not get
  re-enabled accidentally

- test_full_no_ccm_star_no_tag() keeps ALG_CCM enabled and disables
  ALG_CCM_STAR_NO_TAG and ensures that the latter does not get
  re-enabled accidentally

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:16:37 +01:00
Manuel Pégourié-Gonnard bce640b7e3
Merge pull request #8499 from valeriosetti/issue8488 
Clean up libtestdriver1 config: unconditonal removals
 2023-11-15 04:25:14 +00:00
Thomas Daubney 4291bc27b9 Remove trailing whitespace 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-14 18:05:19 +00:00
Thomas Daubney 0eb2dc11c4 Call the right function 
Correct erroneous function call

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-14 16:59:39 +00:00
Thomas Daubney d289b8bdca Stylise TF-PSA-Crypto correctly 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-14 15:30:07 +00:00
Thomas Daubney e58128e2ba Refactor repository detection 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-14 15:25:52 +00:00
Thomas Daubney d3f844337f Further modify check-generated-files.sh 
Add further modifications to repo detection and calling
the checks.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-14 12:02:26 +00:00
Manuel Pégourié-Gonnard 752dd39a69
Merge pull request #8508 from valeriosetti/issue6323 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
 2023-11-14 11:39:06 +00:00
Yanray Wang c43479103a aesce: fix unused parameter 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-14 11:09:56 +08:00
Thomas Daubney c9f8386a7c Modify check-generated-files.sh to work in both repos 
Make the script work in both Mbed TLS and TF PSA
Crypto.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-13 10:03:56 +00:00
Valerio Setti 04c85e146c ssl-opt: fix wrong CCM dependencies with GCM 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-13 10:54:05 +01:00
Valerio Setti c747306848 all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-13 10:51:52 +01:00
Yanray Wang 19583e44ed psa_information: improve code readability 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-13 17:43:37 +08:00
Yanray Wang 3ae1199788 all.sh: add config_block_cipher_no_decrypt to simplify code 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-13 17:43:21 +08:00
Yanray Wang 07e663de5e all.sh: block_cipher_no_decrypt: clean up cflags 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-13 17:23:40 +08:00
Yanray Wang b2d6e52758 all.sh: block_cipher_no_decrypt: simplify code 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-13 17:23:19 +08:00
Yanray Wang 85b7465712 all.sh: block_cipher_no_decrypt: fix various issues 
- improve test completeness
- renaming
- fix typo

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-13 17:18:34 +08:00
Manuel Pégourié-Gonnard cf582df426
Merge pull request #8498 from mpg/legacy-deps-psa-tests 
Remove legacy dependencies from PSA tests
 2023-11-13 08:16:30 +00:00
Tom Cosgrove 08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data 
TLS 1.3: Rename early_data and max_early_data_size configuration function
 2023-11-10 19:35:46 +00:00
Gilles Peskine cce0012463 Add documentation 
Explain the goals of metatests, how to write them, and how to read their
output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-10 15:36:15 +01:00
Manuel Pégourié-Gonnard 76fa16cab3 block_cipher: add encrypt() 
Test data copied from existing test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 12:14:53 +01:00
Manuel Pégourié-Gonnard 3e0884fc53 block_cipher: add setkey() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:52:10 +01:00
Manuel Pégourié-Gonnard 21718769d1 Start adding internal module block_cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:21:17 +01:00
Manuel Pégourié-Gonnard 9f164f0103 all.sh: more comments in check_test_cases() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 10:16:06 +01:00
Manuel Pégourié-Gonnard 5c6f787caa all.sh: robustness improvement 
The original pattern would catch any extension, which could include
things like editor backup files etc, that we'd rather ignore.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 10:04:22 +01:00
Manuel Pégourié-Gonnard a742337ef6 all.sh: add diff to can_keep_going_after_failure 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 09:58:31 +01:00
Valerio Setti 73d053123f ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters 
Check either legacy or PSA symbols based on USE_PSA_CRYPTO

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:27:45 +01:00
Valerio Setti dd43d7b3a4 ssl-opt: set proper dependencies on tests with encrypted server5 key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:12:07 +01:00
Valerio Setti f941455e3b all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:12:07 +01:00
Valerio Setti ec9b25877f all.sh: disable CIPHER_C in test_psa_crypto_config_accel_cipher_aead 
Extra features that depend on CIPHER_C are disabled also in the
reference component in order to get test parity.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:08:43 +01:00
Yanray Wang 799bd84b0d all.sh: resue support_build_armcc for *_armcc test 
For time being, pre_check_tools check armcc and armclang together.
Therefore, we can resue support_build_armcc even if the test only
needs armclang.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:23 +08:00
Yanray Wang 4cd1b1617d all.sh: check additional symbols in asece for block_cipher_no_decrypt 
check
 - mbedtls_aesce_inverse_key
 - aesce_decrypt_block

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:23 +08:00
Yanray Wang 49cd4b5f7d all.sh: refine and simplify component for block_cipher_no_decrypt 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:10 +08:00
Manuel Pégourié-Gonnard 7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls 
[G3] Driver-only cipher+aead: TLS: main test suite
 2023-11-09 11:10:34 +00:00
Jerry Yu de7ead0a64
Update license 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-09 10:10:33 +08:00
Gilles Peskine 4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377 
Fixes "CSR parsing with critical fields fails"
 2023-11-08 18:07:04 +00:00
Gilles Peskine c75ee77dbb
Merge pull request #8439 from yuhaoth/pr/add-test-suite-parameter-to-ssl-opt 
Add test-suite parameter to filter tests
 2023-11-08 18:05:44 +00:00
Dave Rodgman 0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr 
Mbed TLS 3.5.1
 2023-11-08 18:01:32 +00:00
Valerio Setti b9015385fd test_driver_extension: use same def/undef pattern for all accelerated symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-08 13:11:10 +01:00
Manuel Pégourié-Gonnard 3e1d39b332 Add check about legacy dependencies in PSA tests 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:54:02 +01:00
Dave Rodgman 28d40930ae Restore bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:08 +00:00
Gilles Peskine 1d6de4ceb7 No more limitations accelerated algorithms using a built-in hash 
It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard fcc5f31bb8 Rm unjustified MD_C dependencies in PSA test 
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard af302b9e5d Rm unjustified PK_C dependencies in PSA tests 
Some are about raw or AES keys where PK seems really unrelated.

The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:52 +01:00
Manuel Pégourié-Gonnard 433150e8f2 Rm redundant ECC dependencies in psa_crypto tests 
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard 59a8b41ca3 Fix incorrect RSA dependencies in psa_crypto tests 
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.

Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:51 +01:00
Manuel Pégourié-Gonnard 0d9a3618bd Rm unneeded dep on PK_PARSE_C in psa crypto tests 
Most of them were removed in 7162, not sure how these ones slipped in.

There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:

    grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c

Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-08 12:30:51 +01:00
Ronald Cron c27a4ce3dd
Merge pull request #8429 from gilles-peskine-arm/fix-test_suite_constant_time_hmac-not-executed 
Fix test suite never executed due to an undefined symbol
 2023-11-08 09:05:12 +00:00
Pengyu Lv 2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros 
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:21:19 +08:00
Pengyu Lv ba6825e37b ssl: use MBEDTLS_SSL_HAVE_* in tests 
Done by commands:

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl*
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:09:16 +08:00
Yanray Wang 7b320fa7c9 ssl-opt.sh: fix typo 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 10:33:32 +08:00
Pengyu Lv fe03a4071b ssl_helper: fix missin initialization of cli_log_obj 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 10:30:48 +08:00
Yanray Wang 30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
Matthias Schulz e92f6dcf5c New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 15:16:35 +01:00
Tom Cosgrove 53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed 
TLS 1.3: EarlyData SRV: Write early data extension  in EncryptedExtension
 2023-11-07 13:59:13 +00:00
Yanray Wang 4995e0c31b cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT 
- fix remaining dependency in test_suite_psa_crypto.data

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 17:51:32 +08:00
Tom Cosgrove 4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination 
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
 2023-11-07 09:26:21 +00:00
Jerry Yu 7ef9fd8989 fix various issues 
- Debug message
- Improve comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:31:37 +08:00
Pengyu Lv 4ebf86e780 tls13-misc: Do not check kex mode for some cases 
Ephemeral is preferred over pure PSK, the change is
to make CI happy.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-07 10:14:32 +08:00
Pengyu Lv 1f00926142 Change base config to full 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-07 09:55:11 +08:00
Gilles Peskine 102aea2ba8 Add metatests for mutex usage 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine 6848d1709b Run metatests in selected components 
Run metatests in some components, covering both GCC and Clang, with ASan,
MSan or neither.

Note that this commit does not cover constant-flow testing builds or Valgrind.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine f109664448 Script to run all the metatests (with platform filtering) 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:18 +01:00
Dave Rodgman b578514b03
Merge pull request #8470 from gilles-peskine-arm/check-files-license 
Check copyright statements and SPDX license statements
 2023-11-06 17:07:54 +00:00
Paul Elliott e03270f2e0
Merge pull request #8391 from paul-elliott-arm/full_no_platform 
Add full_no_platform config preset
 2023-11-06 11:35:28 +00:00
Manuel Pégourié-Gonnard 964dee6b3f
Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509 
X.509: Support driver-only cipher+aead
 2023-11-06 09:10:57 +00:00
Yanray Wang bc29aefdea all.sh: test BLOCK_CIPHER_NO_DECRYPT in build_aes_variations 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 11:14:38 +08:00
Jerry Yu 9e47b268c4 Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only" 
This reverts commit cfe68a0cb6.

As commit 5eb2b02862, this line is used to report test suite name.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-06 10:53:43 +08:00
Jerry Yu 50d07bdeec Add test-suite parameter to filter tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-06 10:49:01 +08:00
Yanray Wang f149640021 all.sh: add components to test BLOCK_CIPHER_NO_DECRYPT with PSA 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Gilles Peskine ce78200fb5 Pacify mypy 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-04 16:07:26 +01:00
Gilles Peskine 3b9facd8ac Also complain if licenses are mentioned 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-04 16:07:26 +01:00
Gilles Peskine f2fb9f667c Check copyright statements and SPDX license identifier 
Enforce a specific copyright statement and a specific SPDX license
identifier where they are present.

Binary files, third-party modules and a few other exceptions are not
checked.

There is currently no check that copyright statements and license
identifiers are present.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-04 16:07:26 +01:00
Gilles Peskine 990030bce0 Sort imports 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-04 16:07:26 +01:00
Gilles Peskine 8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407 
[G2] Make TLS work without Cipher
 2023-11-04 15:05:00 +00:00
Gilles Peskine c5ce9fcf03
Merge pull request #8435 from valeriosetti/issue8415 
Remove cipher/aead legacy dependencies from PSA test suites
 2023-11-04 15:04:51 +00:00
Gilles Peskine e9f50bf161
Merge pull request #8443 from valeriosetti/issue8274 
Clean up curves handling in libtestdriver1 config
 2023-11-04 15:04:42 +00:00
Gilles Peskine 0c29963265
Merge pull request #8462 from daverodgman/license-change 
License change
 2023-11-04 15:47:07 +01:00
Dave Rodgman bb5a18344a Bump version 
./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:31:30 +00:00
Dave Rodgman a9b6c64a69 Fix some non-standard headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:24:58 +00:00
Dave Rodgman e3c05853d6 Header updates 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:21:36 +00:00
Dave Rodgman 4eb44e4780 Standardise some more headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:15:12 +00:00
Yanray Wang 6b190d4f27 psa_information.py: generate dep for AES/ARIA/CAMELLIA ECB test case 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-03 17:37:22 +08:00
Dave Rodgman 16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Dave Rodgman 4472ce14b9
Merge pull request #8088 from tgonzalezorlandoarm/tg/check_test_cases-new 
Make check_test_cases.py recognize test case name templates in ssl-opt.sh
 2023-11-02 12:22:52 +00:00
Yanray Wang eefd2695d2 test_suite_psa_crypto: add dependency for decrypt test cases 
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we can't test decrypt for
AES-ECB, so adding this dependency for some test cases

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:38:01 +08:00
Yanray Wang 66111393e4 all.sh: modify components to test BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:38:01 +08:00
Pengyu Lv 59afe498d4 test: tls13: change server output check 
tls13 server now does not parse pre-shared key extension unless
there are some psk key exchange modes really available.
For `ephemeral_all/psk_or_ephemeral` configuration pairs, there
wouldn't be any psk key exchange mode available, so the check
of "Pre shared key found" should be inverse.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-01 14:50:44 +08:00
Jerry Yu 454dda3e25 fix various issues 
- improve output message
- Remove unnecessary checks
- Simplify test command

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:28:43 +08:00
Valerio Setti ac7a809ac3 all.sh: remove leftover loc_curve_list usage 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-31 12:23:44 +01:00
Pengyu Lv 2151ba55f6 test_suite_x509write: use plaintext key file 
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 18:12:04 +08:00
Yanray Wang b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-10-31 17:22:06 +08:00
Yanray Wang 5779096753 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-10-31 13:39:07 +08:00
Pengyu Lv 78657d0c1d Change base config to full minus SSL 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 10:29:41 +08:00
Pengyu Lv f2814ff97b Move common config to common function 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 10:29:41 +08:00
Paul Elliott afc6a992c5
Merge pull request #8381 from gilles-peskine-arm/20231017-misc-cleanup 
Cleanups in test code
 2023-10-30 18:08:01 +00:00
Paul Elliott 835edd627d
Merge pull request #8404 from paul-elliott-arm/fix_coverity_issues 
Fix two coverity issues
 2023-10-30 18:00:14 +00:00
Dave Rodgman b06d701f56
Merge pull request #8406 from beni-sandu/aesni 
AES-NI: use target attributes for x86 32-bit intrinsics
 2023-10-30 17:01:06 +00:00
Manuel Pégourié-Gonnard 1c6100240d
Merge pull request #8398 from mpg/analyze-outcome-ignore-re 
In analyze_outcomes.py, add pattern-ignore
 2023-10-30 12:46:35 +00:00
Valerio Setti 3d59ebef2c ssl_helpers: remove CIPHER_C guards in mbedtls_test_ssl_build_transforms() 
Use !USE_PSA_CRYPTO instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:59:37 +01:00
Valerio Setti 847213120c test_suite_psa_crypto_metadata: remove unnecessary CIPHER_C dependencies 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:37:09 +01:00
Valerio Setti 74d5f23c3f test_suite_ssl: use new internal symbols in tests using CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Valerio Setti 31ad3a14cc ssl_helpers: allow mbedtls_test_ssl_build_transforms to work without CIPHER_C 
A new internal function is added to get cipher's info (mode, key bits and
iv len) without relying on CIPHER_C. This function is basically a lookup
table used only for test purposes.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Valerio Setti 852d26c70d all.sh: enable SSL_TLS and SSL_TICKET in full_no_cipher with PSA_CRYPTO 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Valerio Setti 3fe105b042 all.sh: fix test components using accelerated curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:08:12 +01:00
Valerio Setti 05c25cbaf9 test_driver_extension: manage curves' acceleration the same as other PSA_WANT symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:07:18 +01:00
Manuel Pégourié-Gonnard c51c411cc1 analyze_outcome: only warn on ignored tests that pass 
The previous check also warned when on tests that were already skipped
in the reference config, which are not really a problem. The purpose of
this "uselessly ignored" check is to make sure that the ignore list
(together with the config common to driver and reference in all.sh)
always correct reflects what works or doesn't in driver-only builds. For
this it's enough to warn when a test is ignored but passing.

The previous, stricter check, was causing issues like:

Error: uselessly ignored: test_suite_pkcs12;PBE Encrypt, pad = 8 (PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs12;PBE Decrypt, (Invalid padding & PKCS7 padding disabled)
Error: uselessly ignored: test_suite_pkcs5;PBES2 Decrypt (Invalid padding & PKCS7 padding disabled)

These are skipped in the reference config because is has PKCS7 padding
enabled, and that's OK.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-30 10:21:22 +01:00
Manuel Pégourié-Gonnard cd84a290a9 analyze_outcomes: use regexes for cipher/aead 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-30 10:21:15 +01:00
Jerry Yu 9dd0cc06e5 disable stdout in require_*_configs_* functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-30 17:05:42 +08:00
Beniamin Sandu 3bca7817e5 tests/scripts/all.sh: add test for 32-bit AES-NI intrinsics with clang 
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
 2023-10-27 17:02:22 +01:00
Tomás González 7f2cddb1ae check_test_cases: Minor documentation change 
* Make an iteration comment generic to every file it may affect
   instead of making it specific a particular file.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:46:23 +01:00
Tomás González 4fc582461b compat.sh: Rename list_test_case to list_test_cases 
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00
Tomás González cfe68a0cb6 ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only 
Ignore the test suite name as file from opt-testcases cannot
actually be called separately.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00
Tomás González 51cb704342 Avoid using print_name when --list-test-cases is used 
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00
Tomás González 378e364c3c ssl-opt.sh: Correct print format for test cases' names 
Avoid printing an extra space when using the --list-test-cases
option.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00
Tomás González 12787c9ba5 Remove invalid -l option from test scripts 
The -l option mentioned in previous commits for both ssl-opt.sh and
compat.sh scripts should only be a --list-test-cases option.

Remove -l option from the help list.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00
Tomás González 38ecf9fa1e check_test_cases: Avoid removing duplicated test cases 
One of the jobs of check_test_cases is to check for duplicate test
descriptions and to have them ordered:

 * Stop using a set to collect the different test cases from the
   test scripts.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00
Tomás González 4a86da2460 check_test_cases: Unify walk_compat_sh and walk_opt_sh into one 
walk_compat_sh and walk_opt_sh are basically the same now, so:

 * Merge them into one function.
 * Use the --list-test-cases option for both of them.
 * Rename this merged function as collect_from_script which seems
   more appropriate as since it isn't iterating the script but
   calling it.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
 2023-10-27 11:43:15 +01:00