From 9a37ff63645b8392a1773ed7ec62b2bec70ad6e1 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 2 Dec 2021 17:50:50 +0100 Subject: [PATCH 01/32] tests: psa: aead: Fix operation type in entry point prototypes Signed-off-by: Ronald Cron --- tests/include/test/drivers/aead.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 24215601a6..33e1f50cdc 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -75,34 +75,34 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); psa_status_t mbedtls_test_transparent_aead_encrypt_setup( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); psa_status_t mbedtls_test_transparent_aead_decrypt_setup( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); psa_status_t mbedtls_test_transparent_aead_set_nonce( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, const uint8_t *nonce, size_t nonce_length ); psa_status_t mbedtls_test_transparent_aead_set_lengths( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, size_t ad_length, size_t plaintext_length ); psa_status_t mbedtls_test_transparent_aead_update_ad( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, const uint8_t *input, size_t input_length ); psa_status_t mbedtls_test_transparent_aead_update( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, @@ -110,7 +110,7 @@ psa_status_t mbedtls_test_transparent_aead_update( size_t *output_length ); psa_status_t mbedtls_test_transparent_aead_finish( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length, @@ -119,7 +119,7 @@ psa_status_t mbedtls_test_transparent_aead_finish( size_t *tag_length ); psa_status_t mbedtls_test_transparent_aead_verify( - mbedtls_psa_aead_operation_t *operation, + mbedtls_transparent_test_driver_aead_operation_t *operation, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length, @@ -127,7 +127,7 @@ psa_status_t mbedtls_test_transparent_aead_verify( size_t tag_length ); psa_status_t mbedtls_test_transparent_aead_abort( - mbedtls_psa_aead_operation_t *operation ); + mbedtls_transparent_test_driver_aead_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */ From c7a40bc9c24a2c7432135d131caf2952bc9899dd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 3 Dec 2021 15:12:01 +0100 Subject: [PATCH 02/32] tests: psa: driver: cipher: Remove unnecessary check Signed-off-by: Ronald Cron --- tests/src/drivers/test_driver_cipher.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 89a7b59944..be06b970a0 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -148,9 +148,6 @@ psa_status_t mbedtls_test_transparent_cipher_abort( { mbedtls_test_driver_cipher_hooks.hits++; - if( operation->alg == 0 ) - return( PSA_SUCCESS ); - mbedtls_transparent_test_driver_cipher_abort( operation ); /* Wiping the entire struct here, instead of member-by-member. This is From 170067043ff9af98c33ab24f30047b1d2518de56 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 3 Dec 2021 15:25:24 +0100 Subject: [PATCH 03/32] psa: Fix unused variable warnings Fix unused variable warnings when no AEAD algorithm is enabled in the build. Signed-off-by: Ronald Cron --- library/psa_crypto_aead.c | 6 +++++- library/psa_crypto_driver_wrappers.c | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index c7f7352fbd..03327f2458 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -432,7 +432,9 @@ psa_status_t mbedtls_psa_aead_set_nonce( else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { + ( void ) operation; ( void ) nonce; + ( void ) nonce_length; return ( PSA_ERROR_NOT_SUPPORTED ); } @@ -533,8 +535,10 @@ psa_status_t mbedtls_psa_aead_update( else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { + ( void ) operation; ( void ) input; - ( void ) input_length; + ( void ) output; + ( void ) output_size; return ( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index cfc77fbb5b..992b7a72b6 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1130,6 +1130,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( default: /* Key is declared with a lifetime not known to us */ (void)status; + (void)operation; (void)key_buffer; (void)key_buffer_size; (void)alg; From a72b12defb5a717587ecb0d4f059a05beffd0bd7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 1 Jul 2021 11:24:02 +0200 Subject: [PATCH 04/32] tests: psa: driver: mac: Remove opaque entry points in library Opaque test entry points will be implemented only in test code. Signed-off-by: Ronald Cron --- library/psa_crypto_mac.c | 102 ---------------------------- library/psa_crypto_mac.h | 44 ------------ tests/src/drivers/test_driver_mac.c | 59 ++++++++++------ 3 files changed, 37 insertions(+), 168 deletions(-) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 7e0a8325df..cf2f07280b 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -667,108 +667,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_abort( return( mac_abort( operation ) ); } -psa_status_t mbedtls_opaque_test_driver_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - (void) input; - (void) input_length; - (void) mac; - (void) mac_size; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_sign_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_verify_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_update( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) input; - (void) input_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_sign_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) mac; - (void) mac_size; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_verify_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - (void) mac; - (void) mac_length; - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_opaque_test_driver_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ) -{ - /* Opaque driver testing is not implemented yet through this mechanism. */ - (void) operation; - return( PSA_ERROR_NOT_SUPPORTED ); -} - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 9b81e73e02..c0948dc237 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -323,50 +323,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( psa_status_t mbedtls_transparent_test_driver_mac_abort( mbedtls_transparent_test_driver_mac_operation_t *operation ); -psa_status_t mbedtls_opaque_test_driver_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_sign_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_opaque_test_driver_mac_verify_setup( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_opaque_test_driver_mac_update( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_sign_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_verify_finish( - mbedtls_opaque_test_driver_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ); - -psa_status_t mbedtls_opaque_test_driver_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ); - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_MAC_H */ diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 3b766dcb53..4e25370410 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -211,11 +211,16 @@ psa_status_t mbedtls_test_opaque_mac_compute( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_compute( - attributes, key_buffer, key_buffer_size, alg, - input, input_length, - mac, mac_size, mac_length ); + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -237,9 +242,12 @@ psa_status_t mbedtls_test_opaque_mac_sign_setup( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_sign_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -261,9 +269,12 @@ psa_status_t mbedtls_test_opaque_mac_verify_setup( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_verify_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -283,9 +294,10 @@ psa_status_t mbedtls_test_opaque_mac_update( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_update( - operation, input, input_length ); + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -306,9 +318,11 @@ psa_status_t mbedtls_test_opaque_mac_sign_finish( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_sign_finish( - operation, mac, mac_size, mac_length ); + (void) operation; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -328,9 +342,10 @@ psa_status_t mbedtls_test_opaque_mac_verify_finish( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_verify_finish( - operation, mac, mac_length ); + (void) operation; + (void) mac; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -348,8 +363,8 @@ psa_status_t mbedtls_test_opaque_mac_abort( } else { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_opaque_test_driver_mac_abort( operation ); + (void) operation; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } return( mbedtls_test_driver_mac_hooks.driver_status ); From 81ca97e080c9449cf6550a5d4fd8943cf60444c4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Apr 2021 15:32:03 +0200 Subject: [PATCH 05/32] tests: psa driver: Align RSA/ECP sign/verify hash dispatch Align RSA/ECP sign/verify hash dispatch with the corresponding code of the library. The library code was modified recently but not the test code one and these modifications ease the following work. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 6 +- tests/src/drivers/test_driver_signature.c | 134 +++++++++++----------- 2 files changed, 70 insertions(+), 70 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0a04ba1061..e0005cc3a2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2909,8 +2909,7 @@ psa_status_t psa_sign_hash_builtin( return( PSA_ERROR_INVALID_ARGUMENT ); } } - else - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) { if( PSA_ALG_IS_ECDSA( alg ) ) { @@ -2980,8 +2979,7 @@ psa_status_t psa_verify_hash_builtin( return( PSA_ERROR_INVALID_ARGUMENT ); } } - else - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) { if( PSA_ALG_IS_ECDSA( alg ) ) { diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 2d58756aa5..86f03195b0 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -54,58 +54,56 @@ psa_status_t sign_hash( size_t signature_size, size_t *signature_length ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { - return( mbedtls_transparent_test_driver_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); - } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( -#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - PSA_ALG_IS_ECDSA( alg ) -#else - PSA_ALG_IS_RANDOMIZED_ECDSA( alg ) -#endif - ) + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || + PSA_ALG_IS_RSA_PSS( alg) ) { - return( mbedtls_transparent_test_driver_ecdsa_sign_hash( +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) + return( mbedtls_transparent_test_driver_rsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); +#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || + * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ } else { return( PSA_ERROR_INVALID_ARGUMENT ); } } - else + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + { + if( PSA_ALG_IS_ECDSA( alg ) ) + { +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) + return( mbedtls_transparent_test_driver_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ - { - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } } + + (void)attributes; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)hash; + (void)hash_length; + (void)signature; + (void)signature_size; + (void)signature_length; + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t verify_hash( @@ -118,52 +116,56 @@ psa_status_t verify_hash( const uint8_t *signature, size_t signature_length ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) { - return( mbedtls_transparent_test_driver_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); - } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) + if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || + PSA_ALG_IS_RSA_PSS( alg) ) { - return( mbedtls_transparent_test_driver_ecdsa_verify_hash( +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) + return( mbedtls_transparent_test_driver_rsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); +#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || + * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ } else { return( PSA_ERROR_INVALID_ARGUMENT ); } } - else + else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) + { + if( PSA_ALG_IS_ECDSA( alg ) ) + { +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) + return( mbedtls_transparent_test_driver_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ - { - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - - return( PSA_ERROR_NOT_SUPPORTED ); + } + else + { + return( PSA_ERROR_INVALID_ARGUMENT ); + } } + + (void)attributes; + (void)key_buffer; + (void)key_buffer_size; + (void)alg; + (void)hash; + (void)hash_length; + (void)signature; + (void)signature_length; + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_signature_sign_message( From 40e46cf89c7dc7203dbc8634e3d3aee613c46dd9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Mar 2021 14:57:04 +0200 Subject: [PATCH 06/32] tests: psa: Remove wrong test function dependencies Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index bc6ff34716..8b7f413e61 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -312,7 +312,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ +/* BEGIN_CASE */ void validate_key( int force_status_arg, int key_type_arg, data_t *key_input, @@ -348,7 +348,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ +/* BEGIN_CASE */ void export_key( int force_status_arg, data_t *fake_output, int key_in_type_arg, From 18cd8db99aa80f77447801104b0b77f799a3acad Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 10:18:46 +0200 Subject: [PATCH 07/32] tests: ssl: Add misssing dependencies on SHA-1 Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 9dabb51c21..43c8eefa11 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -236,7 +236,7 @@ depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_ handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 DTLS Handshake, tls1_2 @@ -264,7 +264,7 @@ depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_ handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 From ae4a690926b4808b657f1f46e9f33461f8dfa565 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 10:30:43 +0200 Subject: [PATCH 08/32] tests: psa: Fix MD5 support not available dependencies MD5 should not be supported by the library and any driver. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2c5537f391..a9b6b12190 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1624,11 +1624,11 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT PSA MAC setup: algorithm known but not supported, long key -depends_on:!MBEDTLS_MD5_C +depends_on:!PSA_WANT_ALG_MD5 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED PSA MAC setup: algorithm known but not supported, short key -depends_on:!MBEDTLS_MD5_C +depends_on:!PSA_WANT_ALG_MD5 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED PSA MAC: bad order function calls From d21e6b71d526f3f181991d1429c8bb74230a03a1 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Mar 2021 16:08:38 +0200 Subject: [PATCH 09/32] tests: psa: Fix the dependencies on some driver wrappers fallback tests The driver wrappers fallback tests depend on the builtin support not builtin or driver. Signed-off-by: Ronald Cron --- .../test_suite_psa_crypto_driver_wrappers.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index ead7a699d2..ea6c9b32c4 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -90,11 +90,11 @@ depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_ validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: fallback private key -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through transparent driver: fallback public key -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: error @@ -110,7 +110,7 @@ depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDT export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS export_key private to public through driver: fallback -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS export_key private to public through driver: error @@ -126,11 +126,11 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317" PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good @@ -162,7 +162,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric decrypt: AES-CTR, 16 bytes, fake From 64df7387f37a618de274d10b68f1a7c08127d6a7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 6 Jul 2021 09:23:06 +0200 Subject: [PATCH 10/32] tests: psa: Fix guards Signed-off-by: Ronald Cron --- tests/src/psa_exercise_key.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index fc58fbd489..de2c48d6da 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -643,7 +643,7 @@ int mbedtls_test_psa_exported_key_sanity_check( TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); else -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) if( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { uint8_t *p = (uint8_t*) exported; @@ -690,7 +690,7 @@ int mbedtls_test_psa_exported_key_sanity_check( TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); } else -#endif /* MBEDTLS_RSA_C */ +#endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) @@ -703,7 +703,7 @@ int mbedtls_test_psa_exported_key_sanity_check( else #endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_ASN1_PARSE_C) if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) { uint8_t *p = (uint8_t*) exported; @@ -731,7 +731,7 @@ int mbedtls_test_psa_exported_key_sanity_check( PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); } else -#endif /* MBEDTLS_RSA_C */ +#endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) From 56f7897e7d5da68b7ae1718c3a295941cddbb767 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Apr 2021 17:15:06 +0200 Subject: [PATCH 11/32] psa: Fix hash and mac operation type The test entry points defined in psa_crypto_hash.c and psa_crypto_mac.c are supposed to be exact clones of the Mbed TLS driver entry points. Thus the operation type should be the Mbed TLS operation type not a test one. There was no compilation error as the hash and cipher operation test types are currently equal to the Mbed TLS ones. Signed-off-by: Ronald Cron --- library/psa_crypto_hash.c | 12 ++++++------ library/psa_crypto_hash.h | 12 ++++++------ library/psa_crypto_mac.c | 12 ++++++------ library/psa_crypto_mac.h | 12 ++++++------ 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 92dcbba96b..787093a78e 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -564,7 +564,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( } psa_status_t mbedtls_transparent_test_driver_hash_setup( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { if( is_hash_accelerated( alg ) ) @@ -574,8 +574,8 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( } psa_status_t mbedtls_transparent_test_driver_hash_clone( - const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ) + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ) { if( is_hash_accelerated( source_operation->alg ) ) return( hash_clone( source_operation, target_operation ) ); @@ -584,7 +584,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( } psa_status_t mbedtls_transparent_test_driver_hash_update( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { @@ -595,7 +595,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( } psa_status_t mbedtls_transparent_test_driver_hash_finish( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ) @@ -607,7 +607,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( } psa_status_t mbedtls_transparent_test_driver_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ) + mbedtls_psa_hash_operation_t *operation ) { return( hash_abort( operation ) ); } diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 66556439f0..7e1b919b52 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -246,26 +246,26 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( size_t *hash_length); psa_status_t mbedtls_transparent_test_driver_hash_setup( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ); psa_status_t mbedtls_transparent_test_driver_hash_clone( - const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ); + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ); psa_status_t mbedtls_transparent_test_driver_hash_update( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ); psa_status_t mbedtls_transparent_test_driver_hash_finish( - mbedtls_transparent_test_driver_hash_operation_t *operation, + mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); psa_status_t mbedtls_transparent_test_driver_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ); + mbedtls_psa_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index cf2f07280b..19671ec8ac 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -600,7 +600,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( } psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -614,7 +614,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( } psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -628,7 +628,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( } psa_status_t mbedtls_transparent_test_driver_mac_update( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) { @@ -639,7 +639,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_update( } psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ) @@ -651,7 +651,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( } psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) { @@ -662,7 +662,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( } psa_status_t mbedtls_transparent_test_driver_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ) + mbedtls_psa_mac_operation_t *operation ) { return( mac_abort( operation ) ); } diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index c0948dc237..ba32954a72 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -291,37 +291,37 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( size_t *mac_length ); psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); psa_status_t mbedtls_transparent_test_driver_mac_update( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ); psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ); psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( - mbedtls_transparent_test_driver_mac_operation_t *operation, + mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ); psa_status_t mbedtls_transparent_test_driver_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ); + mbedtls_psa_mac_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ From fcaba24697f826f8aaf948294e7c4a6e8a8df8af Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 09:10:31 +0200 Subject: [PATCH 12/32] psa: Fix hash max sizes The PSA max hash size has to be 64 if SHA512 or SHA384 is supported by the library or an accelerator, not just in case of the library. Signed-off-by: Ronald Cron --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index af8a4a69ed..9bbcb34446 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -121,7 +121,7 @@ /* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for * HMAC-SHA3-512. */ -#if defined(MBEDTLS_SHA512_C) +#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_384) #define PSA_HASH_MAX_SIZE 64 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 #else From 69a63426afbbedab01a4b7342ebcf1022e0e9b64 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 09:47:58 +0200 Subject: [PATCH 13/32] psa: Fix the size of hash buffers Fix the size of hash buffers for PSA hash operations. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 4 ++-- library/psa_crypto_mac.c | 2 +- library/ssl_cli.c | 7 ++++++- library/ssl_srv.c | 4 ++++ library/ssl_tls.c | 2 +- 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index e0005cc3a2..088d14555e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2193,7 +2193,7 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation, const uint8_t *hash, size_t hash_length ) { - uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; + uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_status_t status = psa_hash_finish( operation, @@ -2236,7 +2236,7 @@ psa_status_t psa_hash_compare( psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *hash, size_t hash_length ) { - uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE]; + uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; if( !PSA_ALG_IS_HASH( alg ) ) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 19671ec8ac..cf20a9b63c 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -127,7 +127,7 @@ static psa_status_t psa_hmac_finish_internal( uint8_t *mac, size_t mac_size ) { - uint8_t tmp[MBEDTLS_MD_MAX_SIZE]; + uint8_t tmp[PSA_HASH_MAX_SIZE]; psa_algorithm_t hash_alg = hmac->alg; size_t hash_size = 0; size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 68d3033ced..32d4969132 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -37,6 +37,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "mbedtls/psa_util.h" +#include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ #include @@ -3082,7 +3083,11 @@ start_processing: if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) { size_t sig_len, hashlen; - unsigned char hash[64]; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + unsigned char hash[PSA_HASH_MAX_SIZE]; +#else + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; +#endif mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 5e2d1528d8..f34f2de30f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3098,7 +3098,11 @@ curve_matching_done: { size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; size_t hashlen = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + unsigned char hash[PSA_HASH_MAX_SIZE]; +#else unsigned char hash[MBEDTLS_MD_MAX_SIZE]; +#endif int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0d54ae9b0b..5c27692587 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6967,7 +6967,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, goto exit; } - if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE, + if( ( status = psa_hash_finish( &hash_operation, hash, PSA_HASH_MAX_SIZE, hashlen ) ) != PSA_SUCCESS ) { MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status ); From 73c9d9e254e24584a7eb62cfeed373cf9064df16 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 9 Apr 2021 11:09:54 +0200 Subject: [PATCH 14/32] psa: driver: Reduce the scope of test driver entry points Define test driver entry points that provide an alternative to Mbed TLS driver entry points only when the PSA configuration is used. Their purpose is only to test the PSA configuration thus there is no good reason to use them out of this scope. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.c | 22 +- library/psa_crypto_cipher.h | 4 +- library/psa_crypto_ecp.c | 12 +- library/psa_crypto_ecp.h | 4 +- library/psa_crypto_hash.c | 36 ++- library/psa_crypto_hash.h | 4 +- library/psa_crypto_mac.c | 12 +- library/psa_crypto_mac.h | 4 +- library/psa_crypto_rsa.c | 12 +- library/psa_crypto_rsa.h | 4 +- tests/src/drivers/hash.c | 62 +++++ tests/src/drivers/test_driver_aead.c | 107 ++++++++ tests/src/drivers/test_driver_cipher.c | 65 ++++- .../src/drivers/test_driver_key_management.c | 252 +++++++++++------- tests/src/drivers/test_driver_mac.c | 87 ++++++ tests/src/drivers/test_driver_signature.c | 95 +++++-- 16 files changed, 619 insertions(+), 163 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 07c6a001b6..f7c2aeeae5 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -32,25 +32,29 @@ #include #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) ) #define BUILTIN_KEY_TYPE_DES 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) ) #define BUILTIN_ALG_CBC_NO_PADDING 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) ) #define BUILTIN_ALG_CBC_PKCS7 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) ) #define BUILTIN_KEY_TYPE_CHACHA20 1 #endif @@ -150,7 +154,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( (int) key_bits, mode ) ); } -#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) static psa_status_t cipher_setup( mbedtls_psa_cipher_operation_t *operation, @@ -569,7 +574,8 @@ exit: cipher_abort( &operation ); return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */ +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || + (PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG) */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) psa_status_t mbedtls_psa_cipher_encrypt_setup( @@ -658,7 +664,7 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, @@ -739,6 +745,6 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( alg, input, input_length, output, output_size, output_length ) ); } -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 5971e8d3f0..b0d1939fb4 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -308,7 +308,7 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, @@ -358,6 +358,6 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( uint8_t *output, size_t output_size, size_t *output_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 144ba1c1b3..913d12ea8d 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -42,18 +42,21 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) ) #define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 #endif -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ +#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) ) #define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ defined(MBEDTLS_ECDSA_C) ) ) #define BUILTIN_ALG_ECDSA 1 @@ -61,6 +64,7 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \ defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) ) #define BUILTIN_ALG_DETERMINISTIC_ECDSA 1 @@ -567,7 +571,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) @@ -663,6 +667,6 @@ psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index dc9e887eff..042d5a0855 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -222,7 +222,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_test_driver_ecp_import_key( const psa_key_attributes_t *attributes, @@ -251,6 +251,6 @@ psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_ECP_H */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 787093a78e..2eac2d0147 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -32,31 +32,45 @@ /* Use builtin defines specific to this compilation unit, since the test driver * relies on the software driver. */ #if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) #define BUILTIN_ALG_MD5 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) #define BUILTIN_ALG_RIPEMD160 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) #define BUILTIN_ALG_SHA_1 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) #define BUILTIN_ALG_SHA_224 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) #define BUILTIN_ALG_SHA_256 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) #define BUILTIN_ALG_SHA_384 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) #define BUILTIN_ALG_SHA_512 1 #endif @@ -107,7 +121,8 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) /* Implement the PSA driver hash interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(MBEDTLS_PSA_BUILTIN_HASH) || defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) static psa_status_t hash_abort( mbedtls_psa_hash_operation_t *operation ) { @@ -453,7 +468,8 @@ exit: return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_HASH || PSA_CRYPTO_DRIVER_TEST */ +#endif /* MBEDTLS_PSA_BUILTIN_HASH || + ( PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG ) */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_compute( @@ -509,7 +525,7 @@ psa_status_t mbedtls_psa_hash_abort( /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) static int is_hash_accelerated( psa_algorithm_t alg ) { diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 7e1b919b52..770d9062b2 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -235,7 +235,7 @@ psa_status_t mbedtls_psa_hash_abort( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_hash_compute( psa_algorithm_t alg, @@ -267,6 +267,6 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( psa_status_t mbedtls_transparent_test_driver_hash_abort( mbedtls_psa_hash_operation_t *operation ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_HASH_H */ diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index cf20a9b63c..d59178ef3e 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -33,11 +33,15 @@ /* Use builtin defines specific to this compilation unit, since the test driver * relies on the software driver. */ #if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) ) #define BUILTIN_ALG_CMAC 1 #endif #if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) ) + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) ) #define BUILTIN_ALG_HMAC 1 #endif @@ -560,7 +564,7 @@ psa_status_t mbedtls_psa_mac_abort( /* * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) static int is_mac_accelerated( psa_algorithm_t alg ) { @@ -667,6 +671,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_abort( return( mac_abort( operation ) ); } -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index ba32954a72..80a644b578 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -277,7 +277,7 @@ psa_status_t mbedtls_psa_mac_abort( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_transparent_test_driver_mac_compute( const psa_key_attributes_t *attributes, @@ -323,6 +323,6 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( psa_status_t mbedtls_transparent_test_driver_mac_abort( mbedtls_psa_mac_operation_t *operation ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_MAC_H */ diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 8318ef47b3..629f354cd9 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -43,18 +43,21 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) ) #define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 #endif -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ +#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \ + ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) ) #define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 #endif #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) ) #define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 @@ -62,6 +65,7 @@ #if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ ( defined(PSA_CRYPTO_DRIVER_TEST) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) ) #define BUILTIN_ALG_RSA_PSS 1 @@ -630,7 +634,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) @@ -725,6 +729,6 @@ psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( #endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index 55406843d3..a5321b6efb 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -216,7 +216,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. */ -#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) psa_status_t mbedtls_test_driver_rsa_import_key( const psa_key_attributes_t *attributes, @@ -245,6 +245,6 @@ psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_RSA_H */ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index b1880f778e..25574177dd 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -41,10 +41,25 @@ psa_status_t mbedtls_test_transparent_hash_compute( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_compute( + alg, input, input_length, + hash, hash_size, hash_length ); +#else + (void) alg; + (void) input; + (void) input_length; + (void) hash; + (void) hash_size; + (void) hash_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -63,8 +78,17 @@ psa_status_t mbedtls_test_transparent_hash_setup( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_setup( operation, alg ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_setup( operation, alg ); +#else + (void) operation; + (void) alg; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -83,9 +107,18 @@ psa_status_t mbedtls_test_transparent_hash_clone( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_clone( source_operation, target_operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_clone( source_operation, target_operation ); +#else + (void) source_operation; + (void) target_operation; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -105,9 +138,19 @@ psa_status_t mbedtls_test_transparent_hash_update( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_update( operation, input, input_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_update( operation, input, input_length ); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -128,9 +171,20 @@ psa_status_t mbedtls_test_transparent_hash_finish( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_finish( operation, hash, hash_size, hash_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); +#else + (void) operation; + (void) hash; + (void) hash_size; + (void) hash_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); @@ -148,8 +202,16 @@ psa_status_t mbedtls_test_transparent_hash_abort( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_abort( operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_abort( operation ); +#else + (void) operation; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_hash_hooks.driver_status ); diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 6befe7cc0f..b5619603fd 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -46,6 +46,7 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_encrypt( attributes, key_buffer, key_buffer_size, @@ -54,6 +55,22 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( additional_data, additional_data_length, plaintext, plaintext_length, ciphertext, ciphertext_size, ciphertext_length ); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; + (void) plaintext_length; + (void) ciphertext; + (void) ciphertext_size; + (void) ciphertext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -77,6 +94,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_decrypt( attributes, key_buffer, key_buffer_size, @@ -85,6 +103,22 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( additional_data, additional_data_length, ciphertext, ciphertext_length, plaintext, plaintext_size, plaintext_length ); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) ciphertext; + (void) ciphertext_length; + (void) plaintext; + (void) plaintext_size; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -105,9 +139,18 @@ psa_status_t mbedtls_test_transparent_aead_encrypt_setup( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_encrypt_setup( operation, attributes, key_buffer, key_buffer_size, alg ); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -128,9 +171,18 @@ psa_status_t mbedtls_test_transparent_aead_decrypt_setup( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_decrypt_setup( operation, attributes, key_buffer, key_buffer_size, alg ); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -150,8 +202,15 @@ psa_status_t mbedtls_test_transparent_aead_set_nonce( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_set_nonce( operation, nonce, nonce_length ); +#else + (void) operation; + (void) nonce; + (void) nonce_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -171,9 +230,16 @@ psa_status_t mbedtls_test_transparent_aead_set_lengths( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_set_lengths( operation, ad_length, plaintext_length ); +#else + (void) operation; + (void) ad_length; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -193,8 +259,15 @@ psa_status_t mbedtls_test_transparent_aead_update_ad( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_update_ad( operation, input, input_length ); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -217,9 +290,19 @@ psa_status_t mbedtls_test_transparent_aead_update( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_update( operation, input, input_length, output, output_size, output_length ); +#else + (void) operation; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -243,10 +326,21 @@ psa_status_t mbedtls_test_transparent_aead_finish( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_finish( operation, ciphertext, ciphertext_size, ciphertext_length, tag, tag_size, tag_length ); +#else + (void) operation; + (void) ciphertext; + (void) ciphertext_size; + (void) ciphertext_length; + (void) tag; + (void) tag_size; + (void) tag_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); @@ -272,6 +366,7 @@ psa_status_t mbedtls_test_transparent_aead_verify( uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE]; size_t check_tag_length; +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_finish( operation, plaintext, @@ -280,6 +375,13 @@ psa_status_t mbedtls_test_transparent_aead_verify( check_tag, sizeof( check_tag ), &check_tag_length ); +#else + (void) operation; + (void) plaintext; + (void) plaintext_size; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif if( mbedtls_test_driver_aead_hooks.driver_status == PSA_SUCCESS ) { @@ -308,8 +410,13 @@ psa_status_t mbedtls_test_transparent_aead_abort( } else { +#if defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_abort( operation ); +#else + (void) operation; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_aead_hooks.driver_status ); diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index be06b970a0..ed65c9168f 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -66,10 +66,19 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_encrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_decrypt( @@ -101,10 +110,19 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_decrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( @@ -124,8 +142,15 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); - return ( mbedtls_transparent_test_driver_cipher_encrypt_setup( - operation, attributes, key, key_length, alg ) ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_cipher_encrypt_setup( + operation, attributes, key, key_length, alg ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_encrypt_setup( + operation, attributes, key, key_length, alg ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( @@ -139,8 +164,15 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); - return ( mbedtls_transparent_test_driver_cipher_decrypt_setup( - operation, attributes, key, key_length, alg ) ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_transparent_test_driver_cipher_decrypt_setup( + operation, attributes, key, key_length, alg ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_decrypt_setup( + operation, attributes, key, key_length, alg ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_abort( @@ -148,7 +180,11 @@ psa_status_t mbedtls_test_transparent_cipher_abort( { mbedtls_test_driver_cipher_hooks.hits++; +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_transparent_test_driver_cipher_abort( operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + mbedtls_psa_cipher_abort( operation ); +#endif /* Wiping the entire struct here, instead of member-by-member. This is * useful for the test suite, since it gives a chance of catching memory @@ -169,8 +205,14 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_set_iv( operation, iv, iv_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_update( @@ -199,9 +241,17 @@ psa_status_t mbedtls_test_transparent_cipher_update( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_update( operation, input, input_length, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_transparent_cipher_finish( @@ -228,8 +278,15 @@ psa_status_t mbedtls_test_transparent_cipher_finish( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_cipher_finish( operation, output, output_size, output_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return( mbedtls_psa_cipher_finish( + operation, output, output_size, output_length ) ); +#endif + + return( PSA_ERROR_NOT_SUPPORTED ); } /* diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 61ebc8aa1a..a2e637aea2 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -173,27 +173,32 @@ psa_status_t mbedtls_test_transparent_generate_key( return( PSA_SUCCESS ); } - /* Copied from psa_crypto.c */ -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) - if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) - && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) + if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) + && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) { +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_ecp_generate_key( attributes, key, key_size, key_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) + return( mbedtls_psa_ecp_generate_key( + attributes, key, key_size, key_length ) ); +#endif } - else -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) - if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) + else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) + { +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_rsa_generate_key( attributes, key, key_size, key_length ) ); - else -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */ - { - (void)attributes; - return( PSA_ERROR_NOT_SUPPORTED ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + return( mbedtls_psa_rsa_generate_key( + attributes, key, key_size, key_length ) ); +#endif } + + (void)attributes; + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_opaque_generate_key( @@ -221,45 +226,56 @@ psa_status_t mbedtls_test_transparent_import_key( if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_key_management_hooks.forced_status ); - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = psa_get_key_type( attributes ); -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( type ) ) { - status = mbedtls_test_driver_ecp_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); - } - else +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_test_driver_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return( mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); #endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - status = mbedtls_test_driver_rsa_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); } - else -#endif + else if( PSA_KEY_TYPE_IS_RSA( type ) ) { - status = PSA_ERROR_NOT_SUPPORTED; - (void)data; - (void)data_length; - (void)key_buffer; - (void)key_buffer_size; - (void)key_buffer_length; - (void)bits; - (void)type; +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_test_driver_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return( mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ) ); +#endif } - return( status ); + (void)data; + (void)data_length; + (void)key_buffer; + (void)key_buffer_size; + (void)key_buffer_length; + (void)bits; + (void)type; + + return( PSA_ERROR_NOT_SUPPORTED ); } @@ -298,40 +314,58 @@ psa_status_t mbedtls_test_opaque_import_key( memcpy( key_buffer_temp, data, data_length ); *key_buffer_length = data_length; } -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) else if( PSA_KEY_TYPE_IS_ECC( type ) ) { +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_test_driver_ecp_import_key( attributes, data, data_length, - key_buffer_temp, - key_buffer_size, + key_buffer_temp, key_buffer_size, key_buffer_length, bits ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + status = mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer_temp, key_buffer_size, + key_buffer_length, bits ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif if( status != PSA_SUCCESS ) goto exit; } - else -#endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( type ) ) + else if( PSA_KEY_TYPE_IS_RSA( type ) ) { +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_test_driver_rsa_import_key( attributes, data, data_length, - key_buffer_temp, - key_buffer_size, + key_buffer_temp, key_buffer_size, key_buffer_length, bits ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + status = mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer_temp, key_buffer_size, + key_buffer_length, bits ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif if( status != PSA_SUCCESS ) goto exit; } else -#endif { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } + status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length, key_buffer, key_buffer_size, key_buffer_length ); exit: @@ -439,39 +473,48 @@ psa_status_t mbedtls_test_transparent_export_public_key( return( PSA_SUCCESS ); } - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t key_type = psa_get_key_type( attributes ); -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( key_type ) ) { - status = mbedtls_test_driver_ecp_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ); - } - else +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_test_driver_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return( mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); #endif -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( key_type ) ) - { - status = mbedtls_test_driver_rsa_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ); } - else -#endif + else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) { - status = PSA_ERROR_NOT_SUPPORTED; - (void)key_buffer; - (void)key_buffer_size; - (void)key_type; +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) + return( mbedtls_test_driver_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return( mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length ) ); +#endif } - return( status ); + (void)key_buffer; + (void)key_buffer_size; + (void)key_type; + + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t mbedtls_test_opaque_export_public_key( @@ -489,34 +532,55 @@ psa_status_t mbedtls_test_opaque_export_public_key( if( key_buffer_temp == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) if( PSA_KEY_TYPE_IS_ECC( key_type ) ) { status = mbedtls_test_opaque_unwrap_key( key, key_length, key_buffer_temp, key_length, data_length ); if( status == PSA_SUCCESS ) + { +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_test_driver_ecp_export_public_key( - attributes, - key_buffer_temp, *data_length, - data, data_size, data_length ); + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + status = mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif + } } - else - #endif - #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( key_type ) ) + else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) { status = mbedtls_test_opaque_unwrap_key( key, key_length, key_buffer_temp, key_length, data_length ); if( status == PSA_SUCCESS ) + { +#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_test_driver_rsa_export_public_key( - attributes, - key_buffer_temp, *data_length, - data, data_size, data_length ); + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + status = mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif + } } else - #endif { status = PSA_ERROR_NOT_SUPPORTED; (void)key; diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 4e25370410..e586c8d080 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -47,11 +47,30 @@ psa_status_t mbedtls_test_transparent_mac_compute( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, mac, mac_size, mac_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_compute( + attributes, key_buffer, key_buffer_size, alg, + input, input_length, + mac, mac_size, mac_length ); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -73,9 +92,22 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_sign_setup( operation, attributes, key_buffer, key_buffer_size, alg ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_sign_setup( + operation, attributes, key_buffer, key_buffer_size, alg ); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -97,9 +129,22 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_verify_setup( operation, attributes, key_buffer, key_buffer_size, alg ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_verify_setup( + operation, attributes, key_buffer, key_buffer_size, alg ); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -119,9 +164,20 @@ psa_status_t mbedtls_test_transparent_mac_update( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_update( operation, input, input_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_update( + operation, input, input_length ); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -142,9 +198,21 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_sign_finish( operation, mac, mac_size, mac_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_sign_finish( + operation, mac, mac_size, mac_length ); +#else + (void) operation; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -164,9 +232,20 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_verify_finish( operation, mac, mac_length ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_verify_finish( + operation, mac, mac_length ); +#else + (void) operation; + (void) mac; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); @@ -184,8 +263,16 @@ psa_status_t mbedtls_test_transparent_mac_abort( } else { +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_transparent_test_driver_mac_abort( operation ); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_abort( operation ); +#else + (void) operation; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } return( mbedtls_test_driver_mac_hooks.driver_status ); diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 86f03195b0..8494385421 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -59,15 +59,22 @@ psa_status_t sign_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_rsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return( mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); +#endif } else { @@ -78,15 +85,22 @@ psa_status_t sign_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_ecdsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return( mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); +#endif } else { @@ -121,15 +135,22 @@ psa_status_t verify_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_rsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return( mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); +#endif } else { @@ -140,15 +161,22 @@ psa_status_t verify_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) return( mbedtls_transparent_test_driver_ecdsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return( mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); +#endif } else { @@ -164,7 +192,6 @@ psa_status_t verify_hash( (void)hash_length; (void)signature; (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); } @@ -200,16 +227,25 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( return( PSA_SUCCESS ); } +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_transparent_test_driver_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); - +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, + hash, sizeof( hash ), &hash_length ); +#else + (void) input; + (void) input_length; + status = PSA_ERROR_NOT_SUPPORTED; +#endif if( status != PSA_SUCCESS ) return status; - return sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ); + return( sign_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); } psa_status_t mbedtls_test_opaque_signature_sign_message( @@ -255,16 +291,25 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_signature_verify_hooks.forced_status ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) status = mbedtls_transparent_test_driver_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); - +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, + hash, sizeof( hash ), &hash_length ); +#else + (void) input; + (void) input_length; + status = PSA_ERROR_NOT_SUPPORTED; +#endif if( status != PSA_SUCCESS ) return status; - return verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ); + return( verify_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); } psa_status_t mbedtls_test_opaque_signature_verify_message( From 89b4aa7efc079a212d9cf676147572154133b2ff Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 8 Sep 2021 14:28:35 +0200 Subject: [PATCH 15/32] psa: asymmetric_encrypt/decrypt: Improve error code consistency In psa_asymmetric_encrypt/decrypt(), always return PSA_ERROR_INVALID_ARGUMENT if the key is a PSA key and the algorithm is not a PSA algorithm we know about, whether RSA is supported or not. Signed-off-by: Ronald Cron --- library/psa_crypto.c | 49 +++++++++++++++++++++++++++++--------------- 1 file changed, 32 insertions(+), 17 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 088d14555e..c84c17955a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3069,10 +3069,10 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, goto exit; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( slot->attr.type, slot->key.data, @@ -3086,9 +3086,11 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, status = PSA_ERROR_BUFFER_TOO_SMALL; goto rsa_exit; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( mbedtls_rsa_pkcs1_encrypt( rsa, mbedtls_psa_get_random, @@ -3096,12 +3098,14 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, input_length, input, output ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) status = mbedtls_to_psa_error( psa_rsa_oaep_set_padding_mode( alg, rsa ) ); if( status != PSA_SUCCESS ) @@ -3115,23 +3119,26 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, input_length, input, output ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ { status = PSA_ERROR_INVALID_ARGUMENT; - goto rsa_exit; } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: if( status == PSA_SUCCESS ) *output_length = mbedtls_rsa_get_len( rsa ); mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - } - else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ + } + else { status = PSA_ERROR_NOT_SUPPORTED; } @@ -3177,10 +3184,10 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, goto exit; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( slot->attr.type, slot->key.data, @@ -3194,10 +3201,12 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_ARGUMENT; goto rsa_exit; } +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( mbedtls_rsa_pkcs1_decrypt( rsa, mbedtls_psa_get_random, @@ -3206,12 +3215,14 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, input, output, output_size ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) if( PSA_ALG_IS_RSA_OAEP( alg ) ) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) status = mbedtls_to_psa_error( psa_rsa_oaep_set_padding_mode( alg, rsa ) ); if( status != PSA_SUCCESS ) @@ -3226,20 +3237,24 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, input, output, output_size ) ); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ { status = PSA_ERROR_INVALID_ARGUMENT; } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: mbedtls_rsa_free( rsa ); mbedtls_free( rsa ); - } - else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ + } + else { status = PSA_ERROR_NOT_SUPPORTED; } From 7a55deb5a8346e4662bcdabab57fa5b3c83b2fdb Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 28 Apr 2021 14:29:00 +0200 Subject: [PATCH 16/32] psa: Fix unused variable warnings Signed-off-by: Ronald Cron --- library/psa_crypto_aead.c | 12 ++++++++++++ library/psa_crypto_driver_wrappers.c | 3 +++ library/psa_crypto_mac.c | 1 + 3 files changed, 16 insertions(+) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 03327f2458..c181415461 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -119,6 +119,8 @@ static psa_status_t psa_aead_setup( #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ default: + (void) status; + (void) key_buffer; return( PSA_ERROR_NOT_SUPPORTED ); } @@ -214,6 +216,11 @@ psa_status_t mbedtls_psa_aead_encrypt( #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { (void) tag; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; return( PSA_ERROR_NOT_SUPPORTED ); } @@ -321,6 +328,11 @@ psa_status_t mbedtls_psa_aead_decrypt( else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; return( PSA_ERROR_NOT_SUPPORTED ); } diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 992b7a72b6..d6e5778dff 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1059,6 +1059,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( default: /* Key is declared with a lifetime not known to us */ (void)status; + (void)operation; (void)key_buffer; (void)key_buffer_size; (void)alg; @@ -2077,6 +2078,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( default: /* Key is declared with a lifetime not known to us */ (void) status; + (void) operation; (void) key_buffer; (void) key_buffer_size; (void) alg; @@ -2148,6 +2150,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( default: /* Key is declared with a lifetime not known to us */ (void) status; + (void) operation; (void) key_buffer; (void) key_buffer_size; (void) alg; diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index d59178ef3e..421d12e033 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -236,6 +236,7 @@ static psa_status_t mac_init( else #endif /* BUILTIN_ALG_HMAC */ { + (void) operation; status = PSA_ERROR_NOT_SUPPORTED; } From 9ba7691bf721117eb133b33a1f5d032696698abc Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 10 Apr 2021 16:57:30 +0200 Subject: [PATCH 17/32] psa: Add driver initialization and termination Signed-off-by: Ronald Cron --- library/psa_crypto.c | 13 +++---- library/psa_crypto_driver_wrappers.c | 38 +++++++++++++++++++ library/psa_crypto_driver_wrappers.h | 6 +++ tests/include/test/drivers/key_management.h | 5 +++ .../src/drivers/test_driver_key_management.c | 19 ++++++++++ 5 files changed, 73 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c84c17955a..ffe659a401 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5818,11 +5818,9 @@ void mbedtls_psa_crypto_free( void ) * In particular, this sets all state indicator to the value * indicating "uninitialized". */ mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - /* Unregister all secure element drivers, so that we restart from - * a pristine state. */ - psa_unregister_all_se_drivers( ); -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + + /* Terminate drivers */ + psa_driver_wrapper_free( ); } #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) @@ -5871,11 +5869,10 @@ psa_status_t psa_crypto_init( void ) if( status != PSA_SUCCESS ) goto exit; -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - status = psa_init_all_se_drivers( ); + /* Init drivers */ + status = psa_driver_wrapper_init( ); if( status != PSA_SUCCESS ) goto exit; -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction( ); diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index d6e5778dff..96797159ae 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -67,6 +67,44 @@ #include "psa_crypto_se.h" #endif +psa_status_t psa_driver_wrapper_init( void ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + status = psa_init_all_se_drivers( ); + if( status != PSA_SUCCESS ) + return( status ); +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_init( ); + if( status != PSA_SUCCESS ) + return( status ); + + status = mbedtls_test_opaque_init( ); + if( status != PSA_SUCCESS ) + return( status ); +#endif + + (void) status; + return( PSA_SUCCESS ); +} + +void psa_driver_wrapper_free( void ) +{ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* Unregister all secure element drivers, so that we restart from + * a pristine state. */ + psa_unregister_all_se_drivers( ); +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + +#if defined(PSA_CRYPTO_DRIVER_TEST) + mbedtls_test_transparent_free( ); + mbedtls_test_opaque_free( ); +#endif +} + /* Start delegation functions */ psa_status_t psa_driver_wrapper_sign_message( const psa_key_attributes_t *attributes, diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 0873b738d8..6026b82206 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -25,6 +25,12 @@ #include "psa/crypto.h" #include "psa/crypto_driver_common.h" +/* + * Initialization and termination functions + */ +psa_status_t psa_driver_wrapper_init( void ); +void psa_driver_wrapper_free( void ); + /* * Signature functions */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index d147568cdc..5bba611746 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -66,6 +66,11 @@ size_t mbedtls_test_opaque_size_function( extern mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks; +psa_status_t mbedtls_test_transparent_init( void ); +void mbedtls_test_transparent_free( void ); +psa_status_t mbedtls_test_opaque_init( void ); +void mbedtls_test_opaque_free( void ); + psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index a2e637aea2..59a1ce4efa 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -56,6 +56,25 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; +psa_status_t mbedtls_test_transparent_init( void ) +{ + return( PSA_SUCCESS ); +} + +void mbedtls_test_transparent_free( void ) +{ + return; +} + +psa_status_t mbedtls_test_opaque_init( void ) +{ + return( PSA_SUCCESS ); +} + +void mbedtls_test_opaque_free( void ) +{ + return; +} /* * This macro returns the base size for the key context when SE does not From 5601cd2cf172b0fe146e7362a1dcd9d8851e72a5 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 10 Apr 2021 15:12:00 +0200 Subject: [PATCH 18/32] psa: test driver: Move driver test entry points prototypes In preparation of the driver test entry points to be provided by a test driver library, move their prototypes to tests directory. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.h | 56 --------------------- library/psa_crypto_ecp.h | 35 ------------- library/psa_crypto_hash.h | 38 -------------- library/psa_crypto_mac.h | 52 ------------------- library/psa_crypto_rsa.h | 36 ------------- tests/include/test/drivers/cipher.h | 52 +++++++++++++++++++ tests/include/test/drivers/hash.h | 34 +++++++++++++ tests/include/test/drivers/key_management.h | 33 ++++++++++++ tests/include/test/drivers/mac.h | 48 ++++++++++++++++++ tests/include/test/drivers/signature.h | 29 +++++++++++ tests/src/drivers/test_driver_signature.c | 1 + 11 files changed, 197 insertions(+), 217 deletions(-) diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index b0d1939fb4..bb4657dcd1 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -304,60 +304,4 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, size_t output_size, size_t *output_length ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_update( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_finish( - mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ); - -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); - -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index 042d5a0855..429c062719 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -218,39 +218,4 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_test_driver_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t mbedtls_test_driver_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); - -psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_ECP_H */ diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 770d9062b2..7091dc5a7b 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -231,42 +231,4 @@ psa_status_t mbedtls_psa_hash_finish( psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_transparent_test_driver_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t mbedtls_transparent_test_driver_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ); - -psa_status_t mbedtls_transparent_test_driver_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t mbedtls_transparent_test_driver_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ); - -psa_status_t mbedtls_transparent_test_driver_hash_abort( - mbedtls_psa_hash_operation_t *operation ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_HASH_H */ diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 80a644b578..a821e74116 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -273,56 +273,4 @@ psa_status_t mbedtls_psa_mac_verify_finish( psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ); -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_transparent_test_driver_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t mbedtls_transparent_test_driver_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ); - -psa_status_t mbedtls_transparent_test_driver_mac_abort( - mbedtls_psa_mac_operation_t *operation ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_MAC_H */ diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index a5321b6efb..bea762c7c6 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -211,40 +211,4 @@ psa_status_t mbedtls_psa_rsa_verify_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); - -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t mbedtls_test_driver_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t mbedtls_test_driver_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); - -psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_RSA_H */ diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 142f3b7655..676eba4dae 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -136,5 +136,57 @@ psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( + mbedtls_psa_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( + mbedtls_psa_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *iv, size_t iv_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_update( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_finish( + mbedtls_psa_cipher_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_abort( + mbedtls_psa_cipher_operation_t *operation ); + +psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); + +psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ); +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index d202c8bf06..cabe17ff84 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -72,5 +72,39 @@ psa_status_t mbedtls_test_transparent_hash_finish( psa_status_t mbedtls_test_transparent_hash_abort( mbedtls_psa_hash_operation_t *operation ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t mbedtls_transparent_test_driver_hash_setup( + mbedtls_psa_hash_operation_t *operation, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_hash_clone( + const mbedtls_psa_hash_operation_t *source_operation, + mbedtls_psa_hash_operation_t *target_operation ); + +psa_status_t mbedtls_transparent_test_driver_hash_update( + mbedtls_psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t mbedtls_transparent_test_driver_hash_finish( + mbedtls_psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t mbedtls_transparent_test_driver_hash_abort( + mbedtls_psa_hash_operation_t *operation ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 5bba611746..a2853c2ad0 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -125,6 +125,39 @@ psa_status_t mbedtls_test_opaque_copy_key( size_t target_key_buffer_size, size_t *target_key_buffer_length); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_ecp_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, + uint8_t *key_buffer, size_t key_buffer_size, + size_t *key_buffer_length, size_t *bits ); + +psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length ); + +psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, + uint8_t *key_buffer, size_t key_buffer_size, + size_t *key_buffer_length, size_t *bits ); + +psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index 5f6cd38a4d..0adec75adb 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -133,5 +133,53 @@ psa_status_t mbedtls_test_opaque_mac_verify_finish( psa_status_t mbedtls_test_opaque_mac_abort( mbedtls_opaque_test_driver_mac_operation_t *operation ); +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ); + +psa_status_t mbedtls_transparent_test_driver_mac_update( + mbedtls_psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( + mbedtls_psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( + mbedtls_psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length ); + +psa_status_t mbedtls_transparent_test_driver_mac_abort( + mbedtls_psa_mac_operation_t *operation ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 67f2b29a35..b34849702e 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -120,5 +120,34 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + +psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ); + +psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ); + +psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length ); + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 8494385421..d81fc23359 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -29,6 +29,7 @@ #include "psa_crypto_rsa.h" #include "mbedtls/ecp.h" +#include "test/drivers/hash.h" #include "test/drivers/signature.h" #include "mbedtls/md.h" From 40170d9516cdcbab7d5ac41062d781dc4c507f30 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 13 Mar 2021 18:19:08 +0100 Subject: [PATCH 19/32] tests: Rename test driver entry points Rename test driver entry points to libtestdriver1_. This aligns with the renaming of all Mbed TLS APIs for the test driver library (that will be put in place in the following commits) to avoid name conflicts when linking it with the Mbed TLS library. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.c | 17 +++++---- library/psa_crypto_ecp.c | 10 ++--- library/psa_crypto_hash.c | 12 +++--- library/psa_crypto_mac.c | 14 +++---- library/psa_crypto_rsa.c | 10 ++--- tests/include/test/drivers/cipher.h | 16 ++++---- tests/include/test/drivers/hash.h | 12 +++--- tests/include/test/drivers/key_management.h | 12 +++--- tests/include/test/drivers/mac.h | 14 +++---- tests/include/test/drivers/signature.h | 8 ++-- tests/src/drivers/hash.c | 14 +++---- tests/src/drivers/test_driver_cipher.c | 16 ++++---- .../src/drivers/test_driver_key_management.c | 20 +++++----- tests/src/drivers/test_driver_mac.c | 14 +++---- tests/src/drivers/test_driver_signature.c | 37 ++++++++++--------- 15 files changed, 114 insertions(+), 112 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index f7c2aeeae5..872e18f5f7 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -665,7 +665,7 @@ psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, */ #if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -675,7 +675,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( operation, attributes, key_buffer, key_buffer_size, alg ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -685,14 +685,14 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( operation, attributes, key_buffer, key_buffer_size, alg ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( +psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length ) { return( cipher_set_iv( operation, iv, iv_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_update( +psa_status_t libtestdriver1_mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length ) @@ -701,20 +701,20 @@ psa_status_t mbedtls_transparent_test_driver_cipher_update( output, output_size, output_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_finish( +psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length ) { return( cipher_finish( operation, output, output_size, output_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_abort( +psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ) { return( cipher_abort( operation ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -730,7 +730,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( output, output_size, output_length ) ); } -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -745,6 +745,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( alg, input, input_length, output, output_size, output_length ) ); } + #endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 913d12ea8d..3fdcdb2678 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -576,7 +576,7 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) -psa_status_t mbedtls_test_driver_ecp_import_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -587,7 +587,7 @@ psa_status_t mbedtls_test_driver_ecp_import_key( key_buffer_length, bits ) ); } -psa_status_t mbedtls_test_driver_ecp_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -601,7 +601,7 @@ psa_status_t mbedtls_test_driver_ecp_export_public_key( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) -psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -614,7 +614,7 @@ psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( #if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) -psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -640,7 +640,7 @@ psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( #endif } -psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 2eac2d0147..3ecc95499a 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -564,7 +564,7 @@ static int is_hash_accelerated( psa_algorithm_t alg ) } } -psa_status_t mbedtls_transparent_test_driver_hash_compute( +psa_status_t libtestdriver1_mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -579,7 +579,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_hash_setup( +psa_status_t libtestdriver1_mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { @@ -589,7 +589,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_hash_clone( +psa_status_t libtestdriver1_mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ) { @@ -599,7 +599,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_clone( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_hash_update( +psa_status_t libtestdriver1_mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -610,7 +610,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_update( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_hash_finish( +psa_status_t libtestdriver1_mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, @@ -622,7 +622,7 @@ psa_status_t mbedtls_transparent_test_driver_hash_finish( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_hash_abort( +psa_status_t libtestdriver1_mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) { return( hash_abort( operation ) ); diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 421d12e033..fe15e9f6b0 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -585,7 +585,7 @@ static int is_mac_accelerated( psa_algorithm_t alg ) } } -psa_status_t mbedtls_transparent_test_driver_mac_compute( +psa_status_t libtestdriver1_mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -604,7 +604,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, @@ -618,7 +618,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, @@ -632,7 +632,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t mbedtls_transparent_test_driver_mac_update( +psa_status_t libtestdriver1_mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -643,7 +643,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_update( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, @@ -655,7 +655,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) @@ -666,7 +666,7 @@ psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( return( PSA_ERROR_BAD_STATE ); } -psa_status_t mbedtls_transparent_test_driver_mac_abort( +psa_status_t libtestdriver1_mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) { return( mac_abort( operation ) ); diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 629f354cd9..9492a6b14f 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -639,7 +639,7 @@ psa_status_t mbedtls_psa_rsa_verify_hash( #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) -psa_status_t mbedtls_test_driver_rsa_import_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -650,7 +650,7 @@ psa_status_t mbedtls_test_driver_rsa_import_key( key_buffer_length, bits ) ); } -psa_status_t mbedtls_test_driver_rsa_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -663,7 +663,7 @@ psa_status_t mbedtls_test_driver_rsa_export_public_key( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */ #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) -psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -674,7 +674,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) -psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -701,7 +701,7 @@ psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( #endif } -psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 676eba4dae..5b9226f630 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -137,35 +137,35 @@ psa_status_t mbedtls_test_opaque_cipher_finish( uint8_t *output, size_t output_size, size_t *output_length); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_cipher_set_iv( +psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_update( +psa_status_t libtestdriver1_mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_finish( +psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_abort( +psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); -psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -176,7 +176,7 @@ psa_status_t mbedtls_transparent_test_driver_cipher_encrypt( size_t output_size, size_t *output_length ); -psa_status_t mbedtls_transparent_test_driver_cipher_decrypt( +psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index cabe17ff84..d89ec40554 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -74,7 +74,7 @@ psa_status_t mbedtls_test_transparent_hash_abort( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_hash_compute( +psa_status_t libtestdriver1_mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -82,26 +82,26 @@ psa_status_t mbedtls_transparent_test_driver_hash_compute( size_t hash_size, size_t *hash_length); -psa_status_t mbedtls_transparent_test_driver_hash_setup( +psa_status_t libtestdriver1_mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_hash_clone( +psa_status_t libtestdriver1_mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ); -psa_status_t mbedtls_transparent_test_driver_hash_update( +psa_status_t libtestdriver1_mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ); -psa_status_t mbedtls_transparent_test_driver_hash_finish( +psa_status_t libtestdriver1_mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); -psa_status_t mbedtls_transparent_test_driver_hash_abort( +psa_status_t libtestdriver1_mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ); #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index a2853c2ad0..91cda831cd 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -127,33 +127,33 @@ psa_status_t mbedtls_test_opaque_copy_key( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_ecp_import_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits ); -psa_status_t mbedtls_transparent_test_driver_ecp_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t mbedtls_transparent_test_driver_ecp_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_import_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, size_t *bits ); -psa_status_t mbedtls_transparent_test_driver_rsa_export_public_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_generate_key( +psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index 0adec75adb..3819f1e523 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -135,7 +135,7 @@ psa_status_t mbedtls_test_opaque_mac_abort( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_mac_compute( +psa_status_t libtestdriver1_mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -146,37 +146,37 @@ psa_status_t mbedtls_transparent_test_driver_mac_compute( size_t mac_size, size_t *mac_length ); -psa_status_t mbedtls_transparent_test_driver_mac_sign_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_mac_verify_setup( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ); -psa_status_t mbedtls_transparent_test_driver_mac_update( +psa_status_t libtestdriver1_mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ); -psa_status_t mbedtls_transparent_test_driver_mac_sign_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length ); -psa_status_t mbedtls_transparent_test_driver_mac_verify_finish( +psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ); -psa_status_t mbedtls_transparent_test_driver_mac_abort( +psa_status_t libtestdriver1_mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ); #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index b34849702e..e0469550ff 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -123,25 +123,25 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash( +psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 25574177dd..270e5af23a 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -43,7 +43,7 @@ psa_status_t mbedtls_test_transparent_hash_compute( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_compute( + libtestdriver1_mbedtls_psa_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -80,7 +80,7 @@ psa_status_t mbedtls_test_transparent_hash_setup( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_setup( operation, alg ); + libtestdriver1_mbedtls_psa_hash_setup( operation, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_setup( operation, alg ); @@ -109,8 +109,8 @@ psa_status_t mbedtls_test_transparent_hash_clone( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_clone( source_operation, - target_operation ); + libtestdriver1_mbedtls_psa_hash_clone( source_operation, + target_operation ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_clone( source_operation, target_operation ); @@ -140,7 +140,7 @@ psa_status_t mbedtls_test_transparent_hash_update( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_update( + libtestdriver1_mbedtls_psa_hash_update( operation, input, input_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = @@ -173,7 +173,7 @@ psa_status_t mbedtls_test_transparent_hash_finish( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_finish( + libtestdriver1_mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = @@ -204,7 +204,7 @@ psa_status_t mbedtls_test_transparent_hash_abort( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_transparent_test_driver_hash_abort( operation ); + libtestdriver1_mbedtls_psa_hash_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_abort( operation ); diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index ed65c9168f..412771af52 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -67,7 +67,7 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_encrypt( + return( libtestdriver1_mbedtls_psa_cipher_encrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); @@ -111,7 +111,7 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_decrypt( + return( libtestdriver1_mbedtls_psa_cipher_decrypt( attributes, key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); @@ -143,7 +143,7 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_encrypt_setup( + return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup( operation, attributes, key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_encrypt_setup( @@ -165,7 +165,7 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_decrypt_setup( + return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup( operation, attributes, key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_decrypt_setup( @@ -181,7 +181,7 @@ psa_status_t mbedtls_test_transparent_cipher_abort( mbedtls_test_driver_cipher_hooks.hits++; #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - mbedtls_transparent_test_driver_cipher_abort( operation ); + libtestdriver1_mbedtls_psa_cipher_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) mbedtls_psa_cipher_abort( operation ); #endif @@ -206,7 +206,7 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_set_iv( + return( libtestdriver1_mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); @@ -242,7 +242,7 @@ psa_status_t mbedtls_test_transparent_cipher_update( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_update( + return( libtestdriver1_mbedtls_psa_cipher_update( operation, input, input_length, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -279,7 +279,7 @@ psa_status_t mbedtls_test_transparent_cipher_finish( return( mbedtls_test_driver_cipher_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_cipher_finish( + return( libtestdriver1_mbedtls_psa_cipher_finish( operation, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_finish( diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 59a1ce4efa..af34739cb8 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -197,7 +197,7 @@ psa_status_t mbedtls_test_transparent_generate_key( { #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecp_generate_key( + return( libtestdriver1_mbedtls_psa_ecp_generate_key( attributes, key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) return( mbedtls_psa_ecp_generate_key( @@ -208,7 +208,7 @@ psa_status_t mbedtls_test_transparent_generate_key( { #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_generate_key( + return( libtestdriver1_mbedtls_psa_rsa_generate_key( attributes, key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) return( mbedtls_psa_rsa_generate_key( @@ -252,7 +252,7 @@ psa_status_t mbedtls_test_transparent_import_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_test_driver_ecp_import_key( + return( libtestdriver1_mbedtls_psa_ecp_import_key( attributes, data, data_length, key_buffer, key_buffer_size, @@ -271,7 +271,7 @@ psa_status_t mbedtls_test_transparent_import_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_test_driver_rsa_import_key( + return( libtestdriver1_mbedtls_psa_rsa_import_key( attributes, data, data_length, key_buffer, key_buffer_size, @@ -338,7 +338,7 @@ psa_status_t mbedtls_test_opaque_import_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_test_driver_ecp_import_key( + status = libtestdriver1_mbedtls_psa_ecp_import_key( attributes, data, data_length, key_buffer_temp, key_buffer_size, @@ -361,7 +361,7 @@ psa_status_t mbedtls_test_opaque_import_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_test_driver_rsa_import_key( + status = libtestdriver1_mbedtls_psa_rsa_import_key( attributes, data, data_length, key_buffer_temp, key_buffer_size, @@ -499,7 +499,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_test_driver_ecp_export_public_key( + return( libtestdriver1_mbedtls_psa_ecp_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); @@ -516,7 +516,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_test_driver_rsa_export_public_key( + return( libtestdriver1_mbedtls_psa_rsa_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); @@ -560,7 +560,7 @@ psa_status_t mbedtls_test_opaque_export_public_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_test_driver_ecp_export_public_key( + status = libtestdriver1_mbedtls_psa_ecp_export_public_key( attributes, key_buffer_temp, *data_length, data, data_size, data_length ); @@ -584,7 +584,7 @@ psa_status_t mbedtls_test_opaque_export_public_key( #if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_test_driver_rsa_export_public_key( + status = libtestdriver1_mbedtls_psa_rsa_export_public_key( attributes, key_buffer_temp, *data_length, data, data_size, data_length ); diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index e586c8d080..43fc7e6c82 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -49,7 +49,7 @@ psa_status_t mbedtls_test_transparent_mac_compute( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_compute( + libtestdriver1_mbedtls_psa_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, mac, mac_size, mac_length ); @@ -94,7 +94,7 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_sign_setup( + libtestdriver1_mbedtls_psa_mac_sign_setup( operation, attributes, key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -131,7 +131,7 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_verify_setup( + libtestdriver1_mbedtls_psa_mac_verify_setup( operation, attributes, key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -166,7 +166,7 @@ psa_status_t mbedtls_test_transparent_mac_update( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_update( + libtestdriver1_mbedtls_psa_mac_update( operation, input, input_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -200,7 +200,7 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_sign_finish( + libtestdriver1_mbedtls_psa_mac_sign_finish( operation, mac, mac_size, mac_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -234,7 +234,7 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_verify_finish( + libtestdriver1_mbedtls_psa_mac_verify_finish( operation, mac, mac_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = @@ -265,7 +265,7 @@ psa_status_t mbedtls_test_transparent_mac_abort( { #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_transparent_test_driver_mac_abort( operation ); + libtestdriver1_mbedtls_psa_mac_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_abort( operation ); diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index d81fc23359..cc005764b7 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -31,6 +31,7 @@ #include "test/drivers/hash.h" #include "test/drivers/signature.h" +#include "test/drivers/hash.h" #include "mbedtls/md.h" #include "mbedtls/ecdsa.h" @@ -63,18 +64,18 @@ psa_status_t sign_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_sign_hash( + return( libtestdriver1_mbedtls_psa_rsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return( mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ) ); #endif } else @@ -89,7 +90,7 @@ psa_status_t sign_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecdsa_sign_hash( + return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, @@ -139,18 +140,18 @@ psa_status_t verify_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_rsa_verify_hash( + return( libtestdriver1_mbedtls_psa_rsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + return( mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ) ); #endif } else @@ -165,7 +166,7 @@ psa_status_t verify_hash( #if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ defined(MBEDTLS_PSA_CRYPTO_CONFIG) - return( mbedtls_transparent_test_driver_ecdsa_verify_hash( + return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, @@ -229,7 +230,7 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( } #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_transparent_test_driver_hash_compute( + status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -293,7 +294,7 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( return( mbedtls_test_driver_signature_verify_hooks.forced_status ); #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - status = mbedtls_transparent_test_driver_hash_compute( + status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -357,9 +358,9 @@ psa_status_t mbedtls_test_transparent_signature_sign_hash( return( PSA_SUCCESS ); } - return sign_hash( attributes, key_buffer, key_buffer_size, + return( sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length ) ); } psa_status_t mbedtls_test_opaque_signature_sign_hash( From 72b25da82b2dbf810422dc85a69b2908860d372a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 28 Apr 2021 18:29:24 +0200 Subject: [PATCH 20/32] tests: Add build of a PSA test driver library PR #3959 has proven that by adding a prefix (LIBTESTDRIVER1/libtestdriver1_ in this commit) to all MBEDTLS/PSA_* and mbedtls/psa_* symbols of a copy of the Mbed TLS library, we can build a library that can be linked with the Mbed TLS library. This commit leverages this to build a PSA test driver library based on the Mbed TLS library code. The cryptographic features supported by the test library are defined by: . a minimal configuration (in the sense of config.h), see config_test_driver.h . PSA_WANT_* and PSA_ACCEL_* defined macros. The PSA_WANT_* macros have to be the same as the ones used to build the Mbed TLS library the test driver library is supposed to be linked to as the PSA_WANT_* macros are used in the definition of structures and macros that are shared by the PSA crypto core, Mbed TLS drivers and the driver test library. The PSA_ACCEL_* macros are intended to define the cryptographic features that have to be removed from the Mbed TLS library and thus supported by the test library in test scenarios. The PSA_ACCEL_* macros to build the test library are thus mirrored from the ones to build the Mbed TLS library by extended the crypto_config.h: see crypto_config_test_driver_entension.h. Signed-off-by: Ronald Cron --- tests/.gitignore | 2 + tests/Makefile | 46 ++++ .../include/test/drivers/config_test_driver.h | 59 +++++ .../crypto_config_test_driver_extension.h | 237 ++++++++++++++++++ 4 files changed, 344 insertions(+) create mode 100644 tests/include/test/drivers/config_test_driver.h create mode 100644 tests/include/test/drivers/crypto_config_test_driver_extension.h diff --git a/tests/.gitignore b/tests/.gitignore index fa901cbe5b..15fce6888b 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -18,3 +18,5 @@ include/test/instrument_record_status.h src/*.o src/drivers/*.o src/libmbed* + +libtestdriver1/* diff --git a/tests/Makefile b/tests/Makefile index 77a31720f0..94a834ef85 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -176,6 +176,7 @@ ifndef WINDOWS rm -rf $(BINARIES) *.c *.datax rm -f src/*.o src/drivers/*.o src/libmbed* rm -f include/test/instrument_record_status.h + rm -rf libtestdriver1 else if exist *.c del /Q /F *.c if exist *.exe del /Q /F *.exe @@ -199,6 +200,51 @@ check: $(BINARIES) test: check +# Generate test library + +# Perl code that is executed to transform each original line from a library +# source file into the corresponding line in the test driver copy of the +# library. Add a LIBTESTDRIVER1_/libtestdriver1_ to mbedtls_xxx and psa_xxx +# symbols. +define libtestdriver1_rewrite := + s!^(\s*#\s*include\s*[\"<])(mbedtls|psa)/!$${1}libtestdriver1/include/$${2}/!; \ + next if /^\s*#\s*include/; \ + s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \ + s/\b(?=mbedtls_|psa_)/libtestdriver1_/g; +endef + +libtestdriver1.a: + # Copy the library and fake a 3rdparty Makefile include. + rm -Rf ./libtestdriver1 + mkdir ./libtestdriver1 + cp -Rf ../library ./libtestdriver1 + cp -Rf ../include ./libtestdriver1 + cp -Rf ../scripts ./libtestdriver1 + mkdir ./libtestdriver1/3rdparty + touch ./libtestdriver1/3rdparty/Makefile.inc + + # Set the test driver base (minimal) configuration. + cp ./include/test/drivers/config_test_driver.h ./libtestdriver1/include/mbedtls/mbedtls_config.h + + # Set the PSA cryptography configuration for the test library. + # It is set from the copied include/psa/crypto_config.h of the Mbed TLS + # library the test library is intended to be linked with extended by + # ./include/test/drivers/crypto_config_test_driver_extension.h to + # mirror the PSA_ACCEL_* macros. + mv ./libtestdriver1/include/psa/crypto_config.h ./libtestdriver1/include/psa/crypto_config.h.bak + head -n -1 ./libtestdriver1/include/psa/crypto_config.h.bak > ./libtestdriver1/include/psa/crypto_config.h + cat ./include/test/drivers/crypto_config_test_driver_extension.h >> ./libtestdriver1/include/psa/crypto_config.h + echo "#endif /* PSA_CRYPTO_CONFIG_H */" >> ./libtestdriver1/include/psa/crypto_config.h + + # Prefix MBEDTLS_* PSA_* symbols with LIBTESTDRIVER1_ as well as + # mbedtls_* psa_* symbols with libtestdriver1_ to avoid symbol clash + # when this test driver library is linked with the Mbed TLS library. + perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/library/*.[ch] + perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/include/*/*.h + + $(MAKE) -C ./libtestdriver1/library CFLAGS="-I../../ $(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a + cp ./libtestdriver1/library/libmbedcrypto.a ../library/libtestdriver1.a + ifdef RECORD_PSA_STATUS_COVERAGE_LOG include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile echo " Gen $@" diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h new file mode 100644 index 0000000000..6dcefd7a94 --- /dev/null +++ b/tests/include/test/drivers/config_test_driver.h @@ -0,0 +1,59 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +#define MBEDTLS_PSA_CRYPTO_C +#define MBEDTLS_PSA_CRYPTO_CONFIG + +/* PSA core mandatory configuration options */ +#define MBEDTLS_CIPHER_C +#define MBEDTLS_AES_C +#define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C + +/* + * Configuration options that may need to be additionally enabled for the + * purpose of a specific set of tests. + */ +//#define MBEDTLS_SHA1_C +//#define MBEDTLS_SHA384_C +//#define MBEDTLS_SHA512_C +//#define MBEDTLS_PEM_PARSE_C +//#define MBEDTLS_BASE64_C + +#include "mbedtls/config_psa.h" +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h new file mode 100644 index 0000000000..51ad4ab67e --- /dev/null +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -0,0 +1,237 @@ +/** + * \file psa/crypto_config.h + * \brief PSA crypto configuration options (set of defines) + * + */ + +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CBC_PKCS7) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CFB) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CFB) +#undef MBEDTLS_PSA_ACCEL_ALG_CFB +#else +#define MBEDTLS_PSA_ACCEL_ALG_CFB 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CTR) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CTR) +#undef MBEDTLS_PSA_ACCEL_ALG_CTR +#else +#define MBEDTLS_PSA_ACCEL_ALG_CTR 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) +#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA +#else +#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECDSA) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) +#undef MBEDTLS_PSA_ACCEL_ALG_ECDSA +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECDSA 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD2) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) +#undef MBEDTLS_PSA_ACCEL_ALG_MD2 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD2 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD4) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) +#undef MBEDTLS_PSA_ACCEL_ALG_MD4 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD4 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD5) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#undef MBEDTLS_PSA_ACCEL_ALG_MD5 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD5 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_OFB) +#if defined(MBEDTLS_PSA_ACCEL_ALG_OFB) +#undef MBEDTLS_PSA_ACCEL_ALG_OFB +#else +#define MBEDTLS_PSA_ACCEL_ALG_OFB 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#undef MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 +#else +#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PSS +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_1) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_1 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_1 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_224) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_224 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_224 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_256) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_256 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_256 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_384) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_384 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_384 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_512) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_512 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_512 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_XTS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_XTS) +#undef MBEDTLS_PSA_ACCEL_ALG_XTS +#else +#define MBEDTLS_PSA_ACCEL_ALG_XTS 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_AES) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ARIA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR 1 +#endif +#endif + +#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 +#define MBEDTLS_PSA_ACCEL_ALG_CCM 1 +#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1 +#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 +#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 +#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1 +#define MBEDTLS_PSA_ACCEL_ALG_GCM 1 +#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 +#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 +#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 +#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1 +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1 + +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1 +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1 +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1 +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1 +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1 +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1 +#endif + +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 From 7975fae6bd767fbe057920db68460e468fcee025 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 13 Sep 2021 14:50:42 +0200 Subject: [PATCH 21/32] Move to separately compiled PSA test driver library This commit removes the test_psa_crypto_config_basic all.sh component that can no longer work without adapting it to the separately compiled test driver library. This component is replaced by several components in the following commits to test various type of acceleration independently. Signed-off-by: Ronald Cron --- include/psa/crypto_builtin_composites.h | 17 ---- include/psa/crypto_builtin_primitives.h | 25 ------ .../psa/crypto_driver_contexts_composites.h | 52 +++++++++++- .../psa/crypto_driver_contexts_primitives.h | 52 +++++++++++- tests/include/test/drivers/cipher.h | 52 ------------ tests/include/test/drivers/hash.h | 34 -------- tests/include/test/drivers/key_management.h | 34 -------- tests/include/test/drivers/mac.h | 48 ----------- tests/include/test/drivers/signature.h | 29 ------- tests/scripts/all.sh | 40 --------- tests/scripts/check_names.py | 3 +- tests/src/drivers/hash.c | 22 +++-- tests/src/drivers/test_driver_cipher.c | 42 +++++++--- .../src/drivers/test_driver_key_management.c | 84 ++++++++++--------- tests/src/drivers/test_driver_mac.c | 36 +++++--- tests/src/drivers/test_driver_signature.c | 44 ++++++---- 16 files changed, 245 insertions(+), 369 deletions(-) diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 8075caf660..e11e239cf3 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -112,21 +112,4 @@ typedef struct #define MBEDTLS_PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, {0}} -/* - * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) - -typedef mbedtls_psa_mac_operation_t mbedtls_transparent_test_driver_mac_operation_t; -typedef mbedtls_psa_mac_operation_t mbedtls_opaque_test_driver_mac_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT -#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT - -typedef mbedtls_psa_aead_operation_t mbedtls_transparent_test_driver_aead_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT MBEDTLS_PSA_AEAD_OPERATION_INIT - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 31f4aa6d55..8caf0bd64d 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -112,29 +112,4 @@ typedef struct { #define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} -/* - * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) - -typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT - -typedef mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; - -typedef struct { - unsigned int initialised : 1; - mbedtls_transparent_test_driver_cipher_operation_t ctx; -} mbedtls_opaque_test_driver_cipher_operation_t; - -#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - MBEDTLS_PSA_CIPHER_OPERATION_INIT - -#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ - { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - #endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */ diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index 957986c22f..3f1c8af4b8 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -36,11 +36,59 @@ #include "psa/crypto_driver_common.h" +/* Include the context structure definitions for the Mbed TLS software drivers */ +#include "psa/crypto_builtin_composites.h" + /* Include the context structure definitions for those drivers that were * declared during the autogeneration process. */ -/* Include the context structure definitions for the Mbed TLS software drivers */ -#include "psa/crypto_builtin_composites.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) +typedef libtestdriver1_mbedtls_psa_mac_operation_t + mbedtls_transparent_test_driver_mac_operation_t; +typedef libtestdriver1_mbedtls_psa_mac_operation_t + mbedtls_opaque_test_driver_mac_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT +#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT + +#else +typedef mbedtls_psa_mac_operation_t + mbedtls_transparent_test_driver_mac_operation_t; +typedef mbedtls_psa_mac_operation_t + mbedtls_opaque_test_driver_mac_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ + MBEDTLS_PSA_MAC_OPERATION_INIT +#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ + MBEDTLS_PSA_MAC_OPERATION_INIT + +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC */ + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) +typedef libtestdriver1_mbedtls_psa_aead_operation_t + mbedtls_transparent_test_driver_aead_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_AEAD_OPERATION_INIT +#else +typedef mbedtls_psa_aead_operation_t + mbedtls_transparent_test_driver_aead_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \ + MBEDTLS_PSA_AEAD_OPERATION_INIT + +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ /* Define the context to be used for an operation that is executed through the * PSA Driver wrapper layer as the union of all possible driver's contexts. diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index 104d4bdb6d..2bb01ed432 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -35,11 +35,59 @@ #include "psa/crypto_driver_common.h" +/* Include the context structure definitions for the Mbed TLS software drivers */ +#include "psa/crypto_builtin_primitives.h" + /* Include the context structure definitions for those drivers that were * declared during the autogeneration process. */ -/* Include the context structure definitions for the Mbed TLS software drivers */ -#include "psa/crypto_builtin_primitives.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) +typedef libtestdriver1_mbedtls_psa_cipher_operation_t + mbedtls_transparent_test_driver_cipher_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT +#else +typedef mbedtls_psa_cipher_operation_t + mbedtls_transparent_test_driver_cipher_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ + MBEDTLS_PSA_CIPHER_OPERATION_INIT +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && + LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */ + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) +typedef libtestdriver1_mbedtls_psa_hash_operation_t + mbedtls_transparent_test_driver_hash_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT +#else +typedef mbedtls_psa_hash_operation_t + mbedtls_transparent_test_driver_hash_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ + MBEDTLS_PSA_HASH_OPERATION_INIT +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && + LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */ + +typedef struct { + unsigned int initialised : 1; + mbedtls_transparent_test_driver_cipher_operation_t ctx; +} mbedtls_opaque_test_driver_cipher_operation_t; + +#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ + { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } + +#endif /* PSA_CRYPTO_DRIVER_TEST */ /* Define the context to be used for an operation that is executed through the * PSA Driver wrapper layer as the union of all possible driver's contexts. diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 5b9226f630..142f3b7655 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -136,57 +136,5 @@ psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_update( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( - mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index d89ec40554..d202c8bf06 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -72,39 +72,5 @@ psa_status_t mbedtls_test_transparent_hash_finish( psa_status_t mbedtls_test_transparent_hash_abort( mbedtls_psa_hash_operation_t *operation ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t libtestdriver1_mbedtls_psa_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ); - -psa_status_t libtestdriver1_mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 91cda831cd..ba1e04ab71 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -125,39 +125,5 @@ psa_status_t mbedtls_test_opaque_copy_key( size_t target_key_buffer_size, size_t *target_key_buffer_length); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index 3819f1e523..5f6cd38a4d 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -133,53 +133,5 @@ psa_status_t mbedtls_test_opaque_mac_verify_finish( psa_status_t mbedtls_test_opaque_mac_abort( mbedtls_opaque_test_driver_mac_operation_t *operation ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ); - -psa_status_t libtestdriver1_mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index e0469550ff..67f2b29a35 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -120,34 +120,5 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); - -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); - -psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); - -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b67758705c..dd6240e4ea 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1553,46 +1553,6 @@ component_test_no_use_psa_crypto_full_cmake_asan() { env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } -component_test_psa_crypto_config_basic() { - # Test the library excluding all Mbed TLS cryptographic support for which - # we have an accelerator support. Acceleration is faked with the - # transparent test driver. - msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG + as much acceleration as supported" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - # There is no intended accelerator support for ALG STREAM_CIPHER and - # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the - # inclusion of the Mbed TLS cipher operations. As we want to test here with - # cipher operations solely supported by accelerators, disabled those - # PSA configuration options. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - # Don't test DES encryption as: - # 1) It is not an issue if we don't test all cipher types here. - # 2) That way we don't have to modify in psa_crypto.c the compilation - # guards MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES for the code they guard to be - # available to the test driver. Modifications that we would need to - # revert when we move to compile the test driver separately. - # We also disable MBEDTLS_DES_C as the dependencies on DES in PSA test - # suites are still based on MBEDTLS_DES_C and not PSA_WANT_KEY_TYPE_DES. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DES - scripts/config.py unset MBEDTLS_DES_C - - loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL" - loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" - loc_cflags="${loc_cflags} -I../tests/include -O2" - - make CC=gcc CFLAGS="$loc_cflags" LDFLAGS="$ASAN_CFLAGS" - unset loc_cflags - - msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG" - make test -} - component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index ac2490fc1e..562a365c4f 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -779,7 +779,8 @@ class NameChecker(): match.name for match in self.parse_result["macros"] + self.parse_result["enum_consts"]} - typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$") + typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|" + r"MBEDTLS_TEST_LIBTESTDRIVER*") for name_match in self.parse_result["mbed_words"]: found = name_match.name in all_caps_names diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 270e5af23a..44e0e80591 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -24,6 +24,10 @@ #include "test/drivers/hash.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_hash.h" +#endif + mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT; @@ -41,7 +45,8 @@ psa_status_t mbedtls_test_transparent_hash_compute( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_compute( alg, input, input_length, @@ -78,7 +83,8 @@ psa_status_t mbedtls_test_transparent_hash_setup( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_setup( operation, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) @@ -107,7 +113,8 @@ psa_status_t mbedtls_test_transparent_hash_clone( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_clone( source_operation, target_operation ); @@ -138,7 +145,8 @@ psa_status_t mbedtls_test_transparent_hash_update( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_update( operation, input, input_length ); @@ -171,7 +179,8 @@ psa_status_t mbedtls_test_transparent_hash_finish( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); @@ -202,7 +211,8 @@ psa_status_t mbedtls_test_transparent_hash_abort( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 412771af52..3d1efb85e7 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -30,6 +30,10 @@ #include "test/random.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_cipher.h" +#endif + #include mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = @@ -66,9 +70,11 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_encrypt( - attributes, key_buffer, key_buffer_size, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -110,9 +116,11 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_decrypt( - attributes, key_buffer, key_buffer_size, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg, input, input_length, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -142,9 +150,12 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - operation, attributes, key, key_length, alg ) ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_encrypt_setup( operation, attributes, key, key_length, alg ) ); @@ -164,9 +175,12 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - operation, attributes, key, key_length, alg ) ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_length, alg ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) return( mbedtls_psa_cipher_decrypt_setup( operation, attributes, key, key_length, alg ) ); @@ -180,7 +194,8 @@ psa_status_t mbedtls_test_transparent_cipher_abort( { mbedtls_test_driver_cipher_hooks.hits++; -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) libtestdriver1_mbedtls_psa_cipher_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) mbedtls_psa_cipher_abort( operation ); @@ -205,7 +220,8 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -241,7 +257,8 @@ psa_status_t mbedtls_test_transparent_cipher_update( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_update( operation, input, input_length, output, output_size, output_length ) ); @@ -278,7 +295,8 @@ psa_status_t mbedtls_test_transparent_cipher_finish( if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_cipher_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) return( libtestdriver1_mbedtls_psa_cipher_finish( operation, output, output_size, output_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index af34739cb8..0ff283fed4 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -29,9 +29,13 @@ #include "mbedtls/error.h" #include "test/drivers/key_management.h" - #include "test/random.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_ecp.h" +#include "libtestdriver1/library/psa_crypto_rsa.h" +#endif + #include mbedtls_test_driver_key_management_hooks_t @@ -195,10 +199,11 @@ psa_status_t mbedtls_test_transparent_generate_key( if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) { -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) return( libtestdriver1_mbedtls_psa_ecp_generate_key( - attributes, key, key_size, key_length ) ); + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) return( mbedtls_psa_ecp_generate_key( attributes, key, key_size, key_length ) ); @@ -206,10 +211,11 @@ psa_status_t mbedtls_test_transparent_generate_key( } else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) { -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) return( libtestdriver1_mbedtls_psa_rsa_generate_key( - attributes, key, key_size, key_length ) ); + (const libtestdriver1_psa_key_attributes_t *)attributes, + key, key_size, key_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) return( mbedtls_psa_rsa_generate_key( attributes, key, key_size, key_length ) ); @@ -249,11 +255,11 @@ psa_status_t mbedtls_test_transparent_import_key( if( PSA_KEY_TYPE_IS_ECC( type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_ecp_import_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits ) ); @@ -268,11 +274,11 @@ psa_status_t mbedtls_test_transparent_import_key( } else if( PSA_KEY_TYPE_IS_RSA( type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_rsa_import_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits ) ); @@ -335,11 +341,11 @@ psa_status_t mbedtls_test_opaque_import_key( } else if( PSA_KEY_TYPE_IS_ECC( type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) status = libtestdriver1_mbedtls_psa_ecp_import_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, data, data_length, key_buffer_temp, key_buffer_size, key_buffer_length, bits ); @@ -358,11 +364,11 @@ psa_status_t mbedtls_test_opaque_import_key( } else if( PSA_KEY_TYPE_IS_RSA( type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) status = libtestdriver1_mbedtls_psa_rsa_import_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, data, data_length, key_buffer_temp, key_buffer_size, key_buffer_length, bits ); @@ -496,11 +502,11 @@ psa_status_t mbedtls_test_transparent_export_public_key( if( PSA_KEY_TYPE_IS_ECC( key_type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_ecp_export_public_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ @@ -513,11 +519,11 @@ psa_status_t mbedtls_test_transparent_export_public_key( } else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) return( libtestdriver1_mbedtls_psa_rsa_export_public_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, key_buffer, key_buffer_size, data, data_size, data_length ) ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ @@ -557,11 +563,11 @@ psa_status_t mbedtls_test_opaque_export_public_key( key_buffer_temp, key_length, data_length ); if( status == PSA_SUCCESS ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) status = libtestdriver1_mbedtls_psa_ecp_export_public_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, key_buffer_temp, *data_length, data, data_size, data_length ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ @@ -581,11 +587,11 @@ psa_status_t mbedtls_test_opaque_export_public_key( key_buffer_temp, key_length, data_length ); if( status == PSA_SUCCESS ) { -#if ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) status = libtestdriver1_mbedtls_psa_rsa_export_public_key( - attributes, + (const libtestdriver1_psa_key_attributes_t *)attributes, key_buffer_temp, *data_length, data, data_size, data_length ); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 43fc7e6c82..f909785dfd 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -24,6 +24,10 @@ #include "test/drivers/mac.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_mac.h" +#endif + mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks = MBEDTLS_TEST_DRIVER_MAC_INIT; @@ -47,10 +51,12 @@ psa_status_t mbedtls_test_transparent_mac_compute( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_compute( - attributes, key_buffer, key_buffer_size, alg, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg, input, input_length, mac, mac_size, mac_length ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) @@ -92,10 +98,13 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_sign_setup( @@ -129,10 +138,13 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, + (const libtestdriver1_psa_key_attributes_t *)attributes, + key_buffer, key_buffer_size, alg ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_verify_setup( @@ -164,7 +176,8 @@ psa_status_t mbedtls_test_transparent_mac_update( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_update( operation, input, input_length ); @@ -198,7 +211,8 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_finish( operation, mac, mac_size, mac_length ); @@ -232,7 +246,8 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_finish( operation, mac, mac_length ); @@ -263,7 +278,8 @@ psa_status_t mbedtls_test_transparent_mac_abort( } else { -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_abort( operation ); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index cc005764b7..ef6d135eb8 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -38,6 +38,12 @@ #include "test/random.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_ecp.h" +#include "libtestdriver1/library/psa_crypto_hash.h" +#include "libtestdriver1/library/psa_crypto_rsa.h" +#endif + #include mbedtls_test_driver_signature_hooks_t @@ -61,11 +67,11 @@ psa_status_t sign_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) return( libtestdriver1_mbedtls_psa_rsa_sign_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); @@ -87,11 +93,11 @@ psa_status_t sign_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ) ); @@ -137,11 +143,11 @@ psa_status_t verify_hash( if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || PSA_ALG_IS_RSA_PSS( alg) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) return( libtestdriver1_mbedtls_psa_rsa_verify_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); @@ -163,11 +169,11 @@ psa_status_t verify_hash( { if( PSA_ALG_IS_ECDSA( alg ) ) { -#if ( defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) ) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ) ); @@ -229,7 +235,8 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( return( PSA_SUCCESS ); } -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); @@ -293,7 +300,8 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) return( mbedtls_test_driver_signature_verify_hooks.forced_status ); -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, hash, sizeof( hash ), &hash_length ); From 0266cfed51377d0ec6854ccd28829ac5f97cbba1 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 13 Mar 2021 18:50:11 +0100 Subject: [PATCH 22/32] psa: Remove test code in the library The current testing of the PSA configuration is based on test code located in the library itself. Remove this code as we are moving to using a test library instead. Signed-off-by: Ronald Cron --- library/psa_crypto_cipher.c | 343 ++++-------------- library/psa_crypto_ecp.c | 248 ++----------- library/psa_crypto_hash.c | 300 +++------------ library/psa_crypto_mac.c | 318 ++++------------ library/psa_crypto_rsa.c | 260 ++----------- tests/include/test/drivers/hash.h | 2 +- .../src/drivers/test_driver_key_management.c | 13 + 7 files changed, 263 insertions(+), 1221 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 872e18f5f7..09bd28c5fc 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -31,34 +31,6 @@ #include -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) ) -#define BUILTIN_KEY_TYPE_DES 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) ) -#define BUILTIN_ALG_CBC_NO_PADDING 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) ) -#define BUILTIN_ALG_CBC_PKCS7 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) ) -#define BUILTIN_KEY_TYPE_CHACHA20 1 -#endif - const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, @@ -154,10 +126,9 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( (int) key_bits, mode ) ); } -#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) +#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) -static psa_status_t cipher_setup( +static psa_status_t psa_cipher_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -184,7 +155,7 @@ static psa_status_t cipher_setup( if( ret != 0 ) goto exit; -#if defined(BUILTIN_KEY_TYPE_DES) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ @@ -204,8 +175,8 @@ static psa_status_t cipher_setup( if( ret != 0 ) goto exit; -#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \ - defined(BUILTIN_ALG_CBC_PKCS7) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) switch( alg ) { case PSA_ALG_CBC_NO_PADDING: @@ -223,7 +194,8 @@ static psa_status_t cipher_setup( } if( ret != 0 ) goto exit; -#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING || + MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */ operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -233,30 +205,31 @@ exit: return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t cipher_encrypt_setup( +psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ) { - return( cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_ENCRYPT ) ); + return( psa_cipher_setup( operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_ENCRYPT ) ); } -static psa_status_t cipher_decrypt_setup( +psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg ) { - return( cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_DECRYPT ) ); + return( psa_cipher_setup( operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_DECRYPT ) ); } -static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ) +psa_status_t mbedtls_psa_cipher_set_iv( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *iv, size_t iv_length ) { if( iv_length != operation->iv_length ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -370,12 +343,10 @@ exit: return( status ); } -static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_update( + mbedtls_psa_cipher_operation_t *operation, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t expected_output_size; @@ -422,10 +393,9 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation, return( status ); } -static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_finish( + mbedtls_psa_cipher_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length ) { psa_status_t status = PSA_ERROR_GENERIC_ERROR; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; @@ -461,7 +431,8 @@ exit: return( status ); } -static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) +psa_status_t mbedtls_psa_cipher_abort( + mbedtls_psa_cipher_operation_t *operation ) { /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ @@ -473,46 +444,50 @@ static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation ) return( PSA_SUCCESS ); } -static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = cipher_encrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, alg ); + status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, + alg ); if( status != PSA_SUCCESS ) goto exit; accumulated_length = 0; if( operation.iv_length > 0 ) { - status = cipher_set_iv( &operation, output, operation.iv_length ); + status = mbedtls_psa_cipher_set_iv( &operation, + output, operation.iv_length ); if( status != PSA_SUCCESS ) goto exit; accumulated_length = operation.iv_length; } - status = cipher_update( &operation, input, input_length, - output + operation.iv_length, - output_size - operation.iv_length, - &olength ); + status = mbedtls_psa_cipher_update( &operation, input, input_length, + output + operation.iv_length, + output_size - operation.iv_length, + &olength ); if( status != PSA_SUCCESS ) goto exit; accumulated_length += olength; - status = cipher_finish( &operation, output + accumulated_length, - output_size - accumulated_length, &olength ); + status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, + &olength ); if( status != PSA_SUCCESS ) goto exit; @@ -520,48 +495,53 @@ static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes, exit: if( status == PSA_SUCCESS ) - status = cipher_abort( &operation ); + status = mbedtls_psa_cipher_abort( &operation ); else - cipher_abort( &operation ); + mbedtls_psa_cipher_abort( &operation ); + return( status ); } -static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = cipher_decrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, alg ); + status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes, + key_buffer, key_buffer_size, + alg ); if( status != PSA_SUCCESS ) goto exit; if( operation.iv_length > 0 ) { - status = cipher_set_iv( &operation, input, operation.iv_length ); + status = mbedtls_psa_cipher_set_iv( &operation, + input, operation.iv_length ); if( status != PSA_SUCCESS ) goto exit; } - status = cipher_update( &operation, input + operation.iv_length, - input_length - operation.iv_length, - output, output_size, &olength ); + status = mbedtls_psa_cipher_update( &operation, input + operation.iv_length, + input_length - operation.iv_length, + output, output_size, &olength ); if( status != PSA_SUCCESS ) goto exit; accumulated_length = olength; - status = cipher_finish( &operation, output + accumulated_length, - output_size - accumulated_length, &olength ); + status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length, + output_size - accumulated_length, + &olength ); if( status != PSA_SUCCESS ) goto exit; @@ -569,183 +549,12 @@ static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes, exit: if ( status == PSA_SUCCESS ) - status = cipher_abort( &operation ); + status = mbedtls_psa_cipher_abort( &operation ); else - cipher_abort( &operation ); + mbedtls_psa_cipher_abort( &operation ); + return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || - (PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG) */ - -#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) -psa_status_t mbedtls_psa_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_encrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_decrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, - size_t iv_length ) -{ - return( cipher_set_iv( operation, iv, iv_length ) ); -} - -psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_update( operation, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_finish( operation, output, output_size, output_length ) ); -} - -psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ) -{ - return( cipher_abort( operation ) ); -} - -psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_encrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_decrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_encrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - mbedtls_psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( cipher_decrypt_setup( - operation, attributes, key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_set_iv( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ) -{ - return( cipher_set_iv( operation, iv, iv_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_update( - mbedtls_psa_cipher_operation_t *operation, - const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ) -{ - return( cipher_update( operation, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_finish( - mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ) -{ - return( cipher_finish( operation, output, output_size, output_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ) -{ - return( cipher_abort( operation ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_encrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) -{ - return( cipher_decrypt( attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); -} - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 3fdcdb2678..db6682c6dc 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -40,40 +40,10 @@ #include #include -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) ) -#define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) ) -#define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ - defined(MBEDTLS_ECDSA_C) ) ) -#define BUILTIN_ALG_ECDSA 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \ - defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) ) -#define BUILTIN_ALG_DETERMINISTIC_ECDSA 1 -#endif - -#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(BUILTIN_ALG_ECDSA) || \ - defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, size_t curve_bits, @@ -185,16 +155,16 @@ exit: return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - * defined(BUILTIN_ALG_ECDSA) || - * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ -#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) -static psa_status_t ecp_import_key( +psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -285,7 +255,7 @@ psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, } } -static psa_status_t ecp_export_public_key( +psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -309,11 +279,11 @@ static psa_status_t ecp_export_public_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) -static psa_status_t ecp_generate_key( +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) +psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -355,15 +325,15 @@ static psa_status_t ecp_generate_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ /****************************************************************/ /* ECDSA sign/verify */ /****************************************************************/ -#if defined(BUILTIN_ALG_ECDSA) || \ - defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) -static psa_status_t ecdsa_sign_hash( +#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) +psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -395,7 +365,7 @@ static psa_status_t ecdsa_sign_hash( if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) ) { -#if defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); @@ -408,7 +378,7 @@ static psa_status_t ecdsa_sign_hash( #else ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; goto cleanup; -#endif /* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ } else { @@ -437,7 +407,7 @@ cleanup: return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t ecdsa_verify_hash( +psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -496,177 +466,7 @@ cleanup: return( mbedtls_to_psa_error( ret ) ); } -#endif /* defined(BUILTIN_ALG_ECDSA) || \ - * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - -psa_status_t mbedtls_psa_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( ecp_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t mbedtls_psa_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( ecp_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) -psa_status_t mbedtls_psa_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( ecp_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ - - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - -psa_status_t mbedtls_psa_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ - - return( ecdsa_sign_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -} - -psa_status_t mbedtls_psa_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ - return( ecdsa_verify_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) - -psa_status_t libtestdriver1_mbedtls_psa_ecp_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( ecp_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_ecp_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( ecp_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \ - defined(MBEDTLS_GENPRIME) -psa_status_t libtestdriver1_mbedtls_psa_ecp_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( ecp_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && - defined(MBEDTLS_GENPRIME) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ - -#if defined(MBEDTLS_ECDSA_C) - return( ecdsa_sign_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} - -psa_status_t libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ -#if defined(MBEDTLS_ECDSA_C) - return( ecdsa_verify_hash( attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} - -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || - * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */ - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 3ecc95499a..f8f7fc6ba4 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -29,51 +29,6 @@ #include #include -/* Use builtin defines specific to this compilation unit, since the test driver - * relies on the software driver. */ -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) ) -#define BUILTIN_ALG_MD5 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) ) -#define BUILTIN_ALG_RIPEMD160 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) ) -#define BUILTIN_ALG_SHA_1 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) ) -#define BUILTIN_ALG_SHA_224 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) ) -#define BUILTIN_ALG_SHA_256 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) ) -#define BUILTIN_ALG_SHA_384 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) ) -#define BUILTIN_ALG_SHA_512 1 -#endif - #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ @@ -121,9 +76,8 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) /* Implement the PSA driver hash interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(MBEDTLS_PSA_BUILTIN_HASH) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) ) -static psa_status_t hash_abort( +#if defined(MBEDTLS_PSA_BUILTIN_HASH) +psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) { switch( operation->alg ) @@ -133,37 +87,37 @@ static psa_status_t hash_abort( * in use. It's ok to call abort on such an object, and there's * nothing to do. */ break; -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_free( &operation->ctx.md5 ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_free( &operation->ctx.sha1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_free( &operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_free( &operation->ctx.sha512 ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_free( &operation->ctx.sha512 ); break; @@ -175,7 +129,7 @@ static psa_status_t hash_abort( return( PSA_SUCCESS ); } -static psa_status_t hash_setup( +psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, psa_algorithm_t alg ) { @@ -189,43 +143,43 @@ static psa_status_t hash_setup( switch( alg ) { -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_init( &operation->ctx.md5 ); ret = mbedtls_md5_starts( &operation->ctx.md5 ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); ret = mbedtls_ripemd160_starts( &operation->ctx.ripemd160 ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_init( &operation->ctx.sha1 ); ret = mbedtls_sha1_starts( &operation->ctx.sha1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts( &operation->ctx.sha256, 1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_init( &operation->ctx.sha256 ); ret = mbedtls_sha256_starts( &operation->ctx.sha256, 0 ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts( &operation->ctx.sha512, 1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_init( &operation->ctx.sha512 ); ret = mbedtls_sha512_starts( &operation->ctx.sha512, 0 ); @@ -239,11 +193,11 @@ static psa_status_t hash_setup( if( ret == 0 ) operation->alg = alg; else - hash_abort( operation ); + mbedtls_psa_hash_abort( operation ); return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t hash_clone( +psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, mbedtls_psa_hash_operation_t *target_operation ) { @@ -251,43 +205,43 @@ static psa_status_t hash_clone( { case 0: return( PSA_ERROR_BAD_STATE ); -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: mbedtls_md5_clone( &target_operation->ctx.md5, &source_operation->ctx.md5 ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, &source_operation->ctx.ripemd160 ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: mbedtls_sha1_clone( &target_operation->ctx.sha1, &source_operation->ctx.sha1 ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: mbedtls_sha256_clone( &target_operation->ctx.sha256, &source_operation->ctx.sha256 ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: mbedtls_sha512_clone( &target_operation->ctx.sha512, &source_operation->ctx.sha512 ); @@ -303,7 +257,7 @@ static psa_status_t hash_clone( return( PSA_SUCCESS ); } -static psa_status_t hash_update( +psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -312,43 +266,43 @@ static psa_status_t hash_update( switch( operation->alg ) { -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_update( &operation->ctx.md5, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_update( &operation->ctx.ripemd160, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_update( &operation->ctx.sha1, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: ret = mbedtls_sha256_update( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: ret = mbedtls_sha256_update( &operation->ctx.sha256, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: ret = mbedtls_sha512_update( &operation->ctx.sha512, input, input_length ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: ret = mbedtls_sha512_update( &operation->ctx.sha512, input, input_length ); @@ -363,7 +317,7 @@ static psa_status_t hash_update( return( mbedtls_to_psa_error( ret ) ); } -static psa_status_t hash_finish( +psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, @@ -390,37 +344,37 @@ static psa_status_t hash_finish( switch( operation->alg ) { -#if defined(BUILTIN_ALG_MD5) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: ret = mbedtls_md5_finish( &operation->ctx.md5, hash ); break; #endif -#if defined(BUILTIN_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: ret = mbedtls_ripemd160_finish( &operation->ctx.ripemd160, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_1) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: ret = mbedtls_sha1_finish( &operation->ctx.sha1, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_224) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_256) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_384) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash ); break; #endif -#if defined(BUILTIN_ALG_SHA_512) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash ); break; @@ -437,7 +391,7 @@ exit: return( status ); } -static psa_status_t hash_compute( +psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -450,184 +404,24 @@ static psa_status_t hash_compute( psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; *hash_length = hash_size; - status = hash_setup( &operation, alg ); + status = mbedtls_psa_hash_setup( &operation, alg ); if( status != PSA_SUCCESS ) goto exit; - status = hash_update( &operation, input, input_length ); + status = mbedtls_psa_hash_update( &operation, input, input_length ); if( status != PSA_SUCCESS ) goto exit; - status = hash_finish( &operation, hash, hash_size, hash_length ); + status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length ); if( status != PSA_SUCCESS ) goto exit; exit: - abort_status = hash_abort( &operation ); + abort_status = mbedtls_psa_hash_abort( &operation ); if( status == PSA_SUCCESS ) return( abort_status ); else return( status ); } -#endif /* MBEDTLS_PSA_BUILTIN_HASH || - ( PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG ) */ - -#if defined(MBEDTLS_PSA_BUILTIN_HASH) -psa_status_t mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ - return( hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); -} - -psa_status_t mbedtls_psa_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ) -{ - return( hash_setup( operation, alg ) ); -} - -psa_status_t mbedtls_psa_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ) -{ - return( hash_clone( source_operation, target_operation ) ); -} - -psa_status_t mbedtls_psa_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - return( hash_update( operation, input, input_length ) ); -} - -psa_status_t mbedtls_psa_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) -{ - return( hash_finish( operation, hash, hash_size, hash_length ) ); -} - -psa_status_t mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ) -{ - return( hash_abort( operation ) ); -} #endif /* MBEDTLS_PSA_BUILTIN_HASH */ - /* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -static int is_hash_accelerated( psa_algorithm_t alg ) -{ - switch( alg ) - { -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) - case PSA_ALG_MD5: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) - case PSA_ALG_SHA_1: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) - case PSA_ALG_SHA_224: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) - case PSA_ALG_SHA_256: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) - case PSA_ALG_SHA_384: - return( 1 ); -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) - case PSA_ALG_SHA_512: - return( 1 ); -#endif - default: - return( 0 ); - } -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length) -{ - if( is_hash_accelerated( alg ) ) - return( hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_setup( - mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ) -{ - if( is_hash_accelerated( alg ) ) - return( hash_setup( operation, alg ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_clone( - const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ) -{ - if( is_hash_accelerated( source_operation->alg ) ) - return( hash_clone( source_operation, target_operation ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_update( - mbedtls_psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - if( is_hash_accelerated( operation->alg ) ) - return( hash_update( operation, input, input_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_finish( - mbedtls_psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) -{ - if( is_hash_accelerated( operation->alg ) ) - return( hash_finish( operation, hash, hash_size, hash_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ) -{ - return( hash_abort( operation ) ); -} - -#endif /* PSA_CRYPTO_DRIVER_TEST */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index fe15e9f6b0..5e78d65a61 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -30,22 +30,7 @@ #include #include -/* Use builtin defines specific to this compilation unit, since the test driver - * relies on the software driver. */ -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) ) -#define BUILTIN_ALG_CMAC 1 -#endif -#if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) ) -#define BUILTIN_ALG_HMAC 1 -#endif - -#if defined(BUILTIN_ALG_HMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) static psa_status_t psa_hmac_abort_internal( mbedtls_psa_hmac_operation_t *hmac ) { @@ -164,9 +149,9 @@ exit: mbedtls_platform_zeroize( tmp, hash_size ); return( status ); } -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer ) @@ -202,11 +187,12 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, exit: return( mbedtls_to_psa_error( ret ) ); } -#endif /* BUILTIN_ALG_CMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ /* Implement the PSA driver MAC interface on top of mbed TLS if either the * software driver or the test driver requires it. */ -#if defined(BUILTIN_ALG_HMAC) || defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) /* Initialize this driver's MAC operation structure. Once this function has been * called, mbedtls_psa_mac_abort can run and will do the right thing. */ @@ -218,15 +204,15 @@ static psa_status_t mac_init( operation->alg = alg; -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { mbedtls_cipher_init( &operation->ctx.cmac ); status = PSA_SUCCESS; } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { /* We'll set up the hash operation later in psa_hmac_setup_internal. */ @@ -234,7 +220,7 @@ static psa_status_t mac_init( status = PSA_SUCCESS; } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) operation; status = PSA_ERROR_NOT_SUPPORTED; @@ -245,7 +231,7 @@ static psa_status_t mac_init( return( status ); } -static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation ) +psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) { if( operation->alg == 0 ) { @@ -255,20 +241,20 @@ static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation ) return( PSA_SUCCESS ); } else -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { mbedtls_cipher_free( &operation->ctx.cmac ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { psa_hmac_abort_internal( &operation->ctx.hmac ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ @@ -288,11 +274,11 @@ bad_state: return( PSA_ERROR_BAD_STATE ); } -static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) +static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -304,7 +290,7 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, if( status != PSA_SUCCESS ) return( status ); -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC ) { /* Key buffer size for CMAC is dictated by the key bits set on the @@ -313,8 +299,8 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, status = cmac_setup( operation, attributes, key_buffer ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( alg ) ) { status = psa_hmac_setup_internal( &operation->ctx.hmac, @@ -323,7 +309,7 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, PSA_ALG_HMAC_GET_HASH( alg ) ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) attributes; (void) key_buffer; @@ -332,12 +318,34 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation, } if( status != PSA_SUCCESS ) - mac_abort( operation ); + mbedtls_psa_mac_abort( operation ); return( status ); } -static psa_status_t mac_update( +psa_status_t mbedtls_psa_mac_sign_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ) +{ + return( psa_mac_setup( operation, attributes, + key_buffer, key_buffer_size, alg ) ); +} + +psa_status_t mbedtls_psa_mac_verify_setup( + mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg ) +{ + return( psa_mac_setup( operation, attributes, + key_buffer, key_buffer_size, alg ) ); +} + +psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -345,7 +353,7 @@ static psa_status_t mac_update( if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { return( mbedtls_to_psa_error( @@ -353,15 +361,15 @@ static psa_status_t mac_update( input, input_length ) ) ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { return( psa_hmac_update_internal( &operation->ctx.hmac, input, input_length ) ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by * a setup function. */ @@ -371,11 +379,11 @@ static psa_status_t mac_update( } } -static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size ) +static psa_status_t psa_mac_finish_internal( + mbedtls_psa_mac_operation_t *operation, + uint8_t *mac, size_t mac_size ) { -#if defined(BUILTIN_ALG_CMAC) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) { uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE]; @@ -386,15 +394,15 @@ static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, return( mbedtls_to_psa_error( ret ) ); } else -#endif /* BUILTIN_ALG_CMAC */ -#if defined(BUILTIN_ALG_HMAC) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) if( PSA_ALG_IS_HMAC( operation->alg ) ) { return( psa_hmac_finish_internal( &operation->ctx.hmac, mac, mac_size ) ); } else -#endif /* BUILTIN_ALG_HMAC */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by * a setup function. */ @@ -405,7 +413,7 @@ static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation, } } -static psa_status_t mac_sign_finish( +psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, @@ -416,15 +424,14 @@ static psa_status_t mac_sign_finish( if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); - status = mac_finish_internal( operation, mac, mac_size ); - + status = psa_mac_finish_internal( operation, mac, mac_size ); if( status == PSA_SUCCESS ) *mac_length = mac_size; return( status ); } -static psa_status_t mac_verify_finish( +psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) @@ -439,7 +446,7 @@ static psa_status_t mac_verify_finish( if( mac_length > sizeof( actual_mac ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = mac_finish_internal( operation, actual_mac, mac_length ); + status = psa_mac_finish_internal( operation, actual_mac, mac_length ); if( status != PSA_SUCCESS ) goto cleanup; @@ -452,7 +459,7 @@ cleanup: return( status ); } -static psa_status_t mac_compute( +psa_status_t mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -466,212 +473,29 @@ static psa_status_t mac_compute( psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT; - status = mac_setup( &operation, - attributes, key_buffer, key_buffer_size, - alg ); + status = psa_mac_setup( &operation, + attributes, key_buffer, key_buffer_size, + alg ); if( status != PSA_SUCCESS ) goto exit; if( input_length > 0 ) { - status = mac_update( &operation, input, input_length ); + status = mbedtls_psa_mac_update( &operation, input, input_length ); if( status != PSA_SUCCESS ) goto exit; } - status = mac_finish_internal( &operation, mac, mac_size ); + status = psa_mac_finish_internal( &operation, mac, mac_size ); if( status == PSA_SUCCESS ) *mac_length = mac_size; exit: - mac_abort( &operation ); + mbedtls_psa_mac_abort( &operation ); return( status ); } -#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */ - -#if defined(MBEDTLS_PSA_BUILTIN_MAC) -psa_status_t mbedtls_psa_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - return( mac_compute( attributes, key_buffer, key_buffer_size, alg, - input, input_length, - mac, mac_size, mac_length ) ); -} - -psa_status_t mbedtls_psa_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); -} - -psa_status_t mbedtls_psa_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - return( mac_update( operation, input, input_length ) ); -} - -psa_status_t mbedtls_psa_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - return( mac_sign_finish( operation, mac, mac_size, mac_length ) ); -} - -psa_status_t mbedtls_psa_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) -{ - return( mac_verify_finish( operation, mac, mac_length ) ); -} - -psa_status_t mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ) -{ - return( mac_abort( operation ) ); -} -#endif /* MBEDTLS_PSA_BUILTIN_MAC */ - - /* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -static int is_mac_accelerated( psa_algorithm_t alg ) -{ -#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) - if( PSA_ALG_IS_HMAC( alg ) ) - return( 1 ); -#endif - - switch( PSA_ALG_FULL_LENGTH_MAC( alg ) ) - { -#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) - case PSA_ALG_CMAC: - return( 1 ); -#endif - default: - return( 0 ); - } -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - if( is_mac_accelerated( alg ) ) - return( mac_compute( attributes, key_buffer, key_buffer_size, alg, - input, input_length, - mac, mac_size, mac_length ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - if( is_mac_accelerated( alg ) ) - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_setup( - mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) -{ - if( is_mac_accelerated( alg ) ) - return( mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); - else - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_update( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) -{ - if( is_mac_accelerated( operation->alg ) ) - return( mac_update( operation, input, input_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_sign_finish( - mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) -{ - if( is_mac_accelerated( operation->alg ) ) - return( mac_sign_finish( operation, mac, mac_size, mac_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_verify_finish( - mbedtls_psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) -{ - if( is_mac_accelerated( operation->alg ) ) - return( mac_verify_finish( operation, mac, mac_length ) ); - else - return( PSA_ERROR_BAD_STATE ); -} - -psa_status_t libtestdriver1_mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ) -{ - return( mac_abort( operation ) ); -} - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 9492a6b14f..df524e1bcb 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -41,42 +41,12 @@ #include #include "pk_wrap.h" -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) ) -#define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) ) -#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) ) -#define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 -#endif - -#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ - ( defined(PSA_CRYPTO_DRIVER_TEST) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) ) -#define BUILTIN_ALG_RSA_PSS 1 -#endif - #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ - defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(BUILTIN_ALG_RSA_PSS) || \ - defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) /* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes * that are not a multiple of 8) well. For example, there is only @@ -152,15 +122,15 @@ exit: } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || - * defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || - * defined(BUILTIN_ALG_RSA_PSS) || - * defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) -static psa_status_t rsa_import_key( +psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, @@ -252,7 +222,7 @@ psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, #endif /* MBEDTLS_PK_WRITE_C */ } -static psa_status_t rsa_export_public_key( +psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -276,10 +246,10 @@ static psa_status_t rsa_export_public_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || - * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, size_t domain_parameters_size, @@ -307,7 +277,7 @@ static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, return( PSA_SUCCESS ); } -static psa_status_t rsa_generate_key( +psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -338,14 +308,15 @@ static psa_status_t rsa_generate_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) * defined(MBEDTLS_GENPRIME) */ /****************************************************************/ /* Sign/verify hashes */ /****************************************************************/ -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) /* Decode the hash algorithm from alg and store the mbedtls encoding in * md_alg. Verify that the hash length is acceptable. */ @@ -377,7 +348,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, return( PSA_SUCCESS ); } -static psa_status_t rsa_sign_hash( +psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -405,7 +376,7 @@ static psa_status_t rsa_sign_hash( goto exit; } -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, @@ -422,8 +393,8 @@ static psa_status_t rsa_sign_hash( } } else -#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ -#if defined(BUILTIN_ALG_RSA_PSS) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) if( PSA_ALG_IS_RSA_PSS( alg ) ) { ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); @@ -440,7 +411,7 @@ static psa_status_t rsa_sign_hash( } } else -#endif /* BUILTIN_ALG_RSA_PSS */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; @@ -457,7 +428,7 @@ exit: return( status ); } -#if defined(BUILTIN_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) static int rsa_pss_expected_salt_len( psa_algorithm_t alg, const mbedtls_rsa_context *rsa, size_t hash_length ) @@ -476,9 +447,9 @@ static int rsa_pss_expected_salt_len( psa_algorithm_t alg, else return( room ); } -#endif +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ -static psa_status_t rsa_verify_hash( +psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -506,7 +477,7 @@ static psa_status_t rsa_verify_hash( goto exit; } -#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) { ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, @@ -521,8 +492,8 @@ static psa_status_t rsa_verify_hash( } } else -#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */ -#if defined(BUILTIN_ALG_RSA_PSS) +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) if( PSA_ALG_IS_RSA_PSS( alg ) ) { ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); @@ -539,7 +510,7 @@ static psa_status_t rsa_verify_hash( } } else -#endif /* BUILTIN_ALG_RSA_PSS */ +#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; @@ -559,176 +530,7 @@ exit: return( status ); } -#endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || - * defined(BUILTIN_ALG_RSA_PSS) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - -psa_status_t mbedtls_psa_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( rsa_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t mbedtls_psa_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( rsa_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ - defined(MBEDTLS_GENPRIME) -psa_status_t mbedtls_psa_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( rsa_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - * defined(MBEDTLS_GENPRIME) */ - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) -psa_status_t mbedtls_psa_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ - return( rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -} - -psa_status_t mbedtls_psa_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ - return( rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -} #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ -/* - * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY. - */ - -#if defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) - -psa_status_t libtestdriver1_mbedtls_psa_rsa_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) -{ - return( rsa_import_key( attributes, data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); -} - -psa_status_t libtestdriver1_mbedtls_psa_rsa_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) -{ - return( rsa_export_public_key( attributes, key_buffer, key_buffer_size, - data, data_size, data_length ) ); -} - -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */ - -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) -psa_status_t libtestdriver1_mbedtls_psa_rsa_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ - return( rsa_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ) ); -} -#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */ - -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) -psa_status_t libtestdriver1_mbedtls_psa_rsa_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) -{ -#if defined(MBEDTLS_RSA_C) && \ - (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)) - return( rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} - -psa_status_t libtestdriver1_mbedtls_psa_rsa_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ -#if defined(MBEDTLS_RSA_C) && \ - (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)) - return( rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); -#else - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); -#endif -} -#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || - * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */ - -#endif /* PSA_CRYPTO_DRIVER_TEST && MBEDTLS_PSA_CRYPTO_CONFIG */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index d202c8bf06..b05fcd79f1 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -70,7 +70,7 @@ psa_status_t mbedtls_test_transparent_hash_finish( size_t *hash_length ); psa_status_t mbedtls_test_transparent_hash_abort( - mbedtls_psa_hash_operation_t *operation ); + mbedtls_transparent_test_driver_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 0ff283fed4..5028073a62 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -62,11 +62,24 @@ const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = psa_status_t mbedtls_test_transparent_init( void ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + status = libtestdriver1_psa_crypto_init( ); + if( status != PSA_SUCCESS ) + return( status ); +#endif + + (void)status; return( PSA_SUCCESS ); } void mbedtls_test_transparent_free( void ) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + libtestdriver1_mbedtls_psa_crypto_free( ); +#endif + return; } From ef6ffe3033253c998d83172b9a8476b3335ef1ac Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 10:12:20 +0200 Subject: [PATCH 23/32] psa: Fix Mbed TLS hash operation definition Use PSA_BUILTIN macros instead of the Mbed TLS ones as in the hash operation contexts the context for a given hash is needed only if the support for it through PSA is enabled. Signed-off-by: Ronald Cron --- include/psa/crypto_builtin_primitives.h | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 8caf0bd64d..d3cf33a9dd 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -61,21 +61,23 @@ typedef struct psa_algorithm_t MBEDTLS_PRIVATE(alg); union { - unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */ -#if defined(MBEDTLS_MD5_C) - mbedtls_md5_context MBEDTLS_PRIVATE(md5); + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) + mbedtls_md5_context md5; #endif -#if defined(MBEDTLS_RIPEMD160_C) - mbedtls_ripemd160_context MBEDTLS_PRIVATE(ripemd160); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) + mbedtls_ripemd160_context ripemd160; #endif -#if defined(MBEDTLS_SHA1_C) - mbedtls_sha1_context MBEDTLS_PRIVATE(sha1); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) + mbedtls_sha1_context sha1; #endif -#if defined(MBEDTLS_SHA256_C) - mbedtls_sha256_context MBEDTLS_PRIVATE(sha256); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + mbedtls_sha256_context sha256; #endif -#if defined(MBEDTLS_SHA512_C) - mbedtls_sha512_context MBEDTLS_PRIVATE(sha512); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + mbedtls_sha512_context sha512; #endif } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_hash_operation_t; From d4c2c9bf94d6f8da93ff0477fcf9343a518899ea Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 28 Apr 2021 18:28:46 +0200 Subject: [PATCH 24/32] psa: Fix some dependencies in config_psa.h Signed-off-by: Ronald Cron --- include/mbedtls/config_psa.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 5615a6858d..68dda0f395 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -93,6 +93,10 @@ extern "C" { #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 #define MBEDTLS_ECDSA_C +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ #endif /* PSA_WANT_ALG_ECDSA */ @@ -225,6 +229,8 @@ extern "C" { #define MBEDTLS_PK_PARSE_C #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PK_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */ #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ @@ -237,6 +243,8 @@ extern "C" { #define MBEDTLS_PK_PARSE_C #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PK_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ @@ -418,10 +426,12 @@ extern "C" { #endif /* PSA_WANT_ALG_GCM */ #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_KEY_TYPE_CHACHA20) #define MBEDTLS_CHACHAPOLY_C #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ +#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) From 403c15cb51413414311e19610abdae4ca8ff2540 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 13 Sep 2021 09:38:05 +0200 Subject: [PATCH 25/32] all.sh: psa: Add ECDSA and RSA signature acceleration component Add ECDSA and RSA signature acceleration testing with signature capabilitites removed from the Mbed TLS library. Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 126 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 126 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index dd6240e4ea..c358fed3ef 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1553,6 +1553,132 @@ component_test_no_use_psa_crypto_full_cmake_asan() { env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } +component_test_psa_crypto_config_accel_ecdsa () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + # SHA384 needed for some ECDSA signature tests. + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C + + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + # Restore test driver base configuration + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA384_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_ecdsa_ library/ecdsa.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" + make test +} + +component_test_psa_crypto_config_accel_rsa_signature () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + # It seems it is not possible to remove only the support for RSA signature + # in the library. Thus we have to remove all RSA support (signature and + # encryption/decryption). AS there is no driver support for asymmetric + # encryption/decryption so far remove RSA encryption/decryption from the + # application algorithm list. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + + # Make sure both the library and the test library support the SHA hash + # algorithms and only those ones (SHA256 is included by default). That way: + # - the test library can compute the RSA signatures even in the case of a + # composite RSA signature algorithm based on a SHA hash (no other hash + # used in the unit tests). + # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is + # fulfilled as the hash SHA algorithm is supported by the library, and + # thus the tests are run, not skipped. + # - when testing a signature key with an algorithm wildcard built from + # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash + # algorithm based on the hashes supported by the library is also + # supported by the test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C + + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C + # We need PEM parsing in the test library as well to support the import + # of PEM encoded RSA keys. + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_PEM_PARSE_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_BASE64_C + + loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + # Restore test driver base configuration + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C + scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_BASE64_C + + + # Mbed TLS library build + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + + # Remove RSA support and its dependencies + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + + scripts/config.py unset MBEDTLS_MD2_C + scripts/config.py unset MBEDTLS_MD4_C + scripts/config.py unset MBEDTLS_MD5_C + scripts/config.py unset MBEDTLS_RIPEMD160_C + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1 + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1 + scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o + if_build_succeeded not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" + make test +} + component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" From 4c0ec7651ba334d8871b01b8ea3d162d177174c9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 31 Aug 2021 19:08:55 +0200 Subject: [PATCH 26/32] tests: psa: Refine choice of default hash algorithm for signature As PSA signatures rely on built-in hash implementations (cannot take an advantage of an accelerator for the time being), chose an available built-in hash for tests exercising a signature key. Signed-off-by: Ronald Cron --- tests/include/test/psa_exercise_key.h | 28 +++++++++++++++++++++++++++ tests/src/psa_exercise_key.c | 4 ++-- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index aa0aeb5afd..6cffeb22bf 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -52,6 +52,34 @@ #undef KNOWN_SUPPORTED_HASH_ALG #endif +/** \def KNOWN_MBEDTLS_SUPPORTED_HASH_ALG + * + * A hash algorithm that is known to be supported by Mbed TLS APIs. + * + * This is used in some smoke tests where the hash algorithm is used as + * part of another algorithm like a signature algorithm and the hashing is + * completed through an Mbed TLS hash API, not the PSA one. + */ +#if defined(MBEDTLS_MD2_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD2 +#elif defined(MBEDTLS_MD4_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD4 +#elif defined(MBEDTLS_MD5_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD5 +/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of + * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 + * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be + * implausible anyway. */ +#elif defined(MBEDTLS_SHA1_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_1 +#elif defined(MBEDTLS_SHA256_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_256 +#elif defined(MBEDTLS_SHA512_C) +#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_512 +#else +#undef KNOWN_MBEDLTS_SUPPORTED_HASH_ALG +#endif + /** \def KNOWN_SUPPORTED_BLOCK_CIPHER * * A block cipher that is known to be supported. diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index de2c48d6da..c1e76c85ef 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -309,8 +309,8 @@ static int exercise_signature_key( mbedtls_svc_key_id_t key, /* If the policy allows signing with any hash, just pick one. */ if( PSA_ALG_IS_SIGN_HASH( alg ) && hash_alg == PSA_ALG_ANY_HASH ) { - #if defined(KNOWN_SUPPORTED_HASH_ALG) - hash_alg = KNOWN_SUPPORTED_HASH_ALG; + #if defined(KNOWN_MBEDTLS_SUPPORTED_HASH_ALG) + hash_alg = KNOWN_MBEDTLS_SUPPORTED_HASH_ALG; alg ^= PSA_ALG_ANY_HASH ^ hash_alg; #else TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" ); From c9586dbbcfd4ab12e1cb723e7722e53eaf87864e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 11:10:05 +0200 Subject: [PATCH 27/32] tests: psa: Add dependencies on built-in hash Add dependencies on built-in hash of signature/ signature verification and asymmetric encryption/decryption tests. The dependency is not added for tests based on SHA-256 as SHA-256 is always present when PSA is involved (necessary to the PSA core) and that way most of PSA signature /verification tests are still run when PSA hash operations are accelerated. Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto.data | 38 ++++++++++++------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index a9b6b12190..7ed7830eb8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3528,7 +3528,7 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign hash: deterministic ECDSA SECP384R1 SHA-256 @@ -3624,11 +3624,11 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256 @@ -3648,7 +3648,7 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_1 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) @@ -3704,35 +3704,35 @@ depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLI verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800" PSA verify hash: RSA-1024 PSS SHA-512, slen=61 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=61 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a" PSA verify hash: RSA-1024 PSS SHA-512, slen=62 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4" PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=62 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4" PSA verify hash: RSA-528 PSS SHA-512, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955" PSA verify hash: RSA-528 PSS-any-salt SHA-512, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955" PSA verify hash: RSA-520 PSS SHA-512 (hash too large) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA-520 PSS-any-salt SHA-512 (hash too large) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes) @@ -3796,7 +3796,7 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548" PSA sign message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066" PSA sign message: deterministic ECDSA SECP384R1 SHA-256 @@ -3916,7 +3916,7 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAI sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256 @@ -4052,11 +4052,11 @@ depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBL asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair @@ -4076,7 +4076,7 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBED asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm @@ -4104,7 +4104,7 @@ depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_ asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" PSA encrypt-decrypt: RSA OAEP-SHA-384 -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 @@ -4140,7 +4140,7 @@ depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_ asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) From b231245ea86fa17509395f3762213f2526d5dc3e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 8 May 2021 14:32:59 +0200 Subject: [PATCH 28/32] all.sh: psa: Add hash acceleration test component Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c358fed3ef..c57d44f748 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1679,6 +1679,47 @@ component_test_psa_crypto_config_accel_rsa_signature () { make test } +component_test_psa_crypto_config_accel_hash () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + loc_accel_list="ALG_MD4 ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_MD2_C + scripts/config.py unset MBEDTLS_MD4_C + scripts/config.py unset MBEDTLS_MD5_C + scripts/config.py unset MBEDTLS_RIPEMD160_C + scripts/config.py unset MBEDTLS_SHA1_C + # Don't unset MBEDTLS_SHA256_C as it is needed by PSA crypto core. + scripts/config.py unset MBEDTLS_SHA384_C + scripts/config.py unset MBEDTLS_SHA512_C + # Unset MBEDTLS_SSL_PROTO_SSL3, MBEDTLS_SSL_PROTO_TLS1 and MBEDTLS_SSL_PROTO_TLS1_1 as they depend on MBEDTLS_SHA1_C + scripts/config.py unset MBEDTLS_SSL_PROTO_SSL3 + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1 + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1 + # Unset MBEDTLS_SSL_CBC_RECORD_SPLITTING as it depends on MBEDTLS_SSL_PROTO_TLS1 in the default configuration. + scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_sha512_init library/sha512.o + if_build_succeeded not grep mbedtls_sha1_init library/sha1.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" + make test +} + component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" From 3a8714d5d49ff87d3be41b7a2f88de7a747881a2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 18 Oct 2021 11:26:01 +0200 Subject: [PATCH 29/32] all.sh: psa: Add cipher acceleration test component Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c57d44f748..219be42023 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1720,6 +1720,45 @@ component_test_psa_crypto_config_accel_hash () { make test } +component_test_psa_crypto_config_accel_cipher () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" + + loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + + # There is no intended accelerator support for ALG STREAM_CIPHER and + # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the + # inclusion of the Mbed TLS cipher operations. As we want to test here with + # cipher operations solely supported by accelerators, disabled those + # PSA configuration options. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC + + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 + scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR + scripts/config.py unset MBEDTLS_CIPHER_MODE_CFB + scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + unset loc_accel_flags + unset loc_accel_list + + if_build_succeeded not grep mbedtls_des* library/des.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" + make test +} + component_test_psa_crypto_config_no_driver() { # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" From fd25ddbf5804eb7fec7e924ccf2cb190a8fa06fa Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Nov 2021 18:01:40 +0100 Subject: [PATCH 30/32] psa: Fix and improve comments Signed-off-by: Ronald Cron --- library/psa_crypto_hash.c | 2 -- library/psa_crypto_mac.c | 2 -- tests/include/test/drivers/config_test_driver.h | 14 ++++++-------- .../drivers/crypto_config_test_driver_extension.h | 8 +++++--- 4 files changed, 11 insertions(+), 15 deletions(-) diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index f8f7fc6ba4..536c6c1188 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -74,8 +74,6 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ -/* Implement the PSA driver hash interface on top of mbed TLS if either the - * software driver or the test driver requires it. */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation ) diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 5e78d65a61..dcf065a672 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -189,8 +189,6 @@ exit: } #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ -/* Implement the PSA driver MAC interface on top of mbed TLS if either the - * software driver or the test driver requires it. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 6dcefd7a94..b9ba5fb5f0 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -1,11 +1,9 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. +/* + * Mbed TLS configuration for PSA test driver libraries. It includes: + * . the minimum set of modules needed by the PSA core. + * . the Mbed TLS configuration options that may need to be additionally + * enabled for the purpose of a specific test. + * . the PSA configuration file for the Mbed TLS library and its test drivers. */ /* * Copyright The Mbed TLS Contributors diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index 51ad4ab67e..af4686b97e 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -1,7 +1,9 @@ /** - * \file psa/crypto_config.h - * \brief PSA crypto configuration options (set of defines) - * + * This file is intended to be used to build PSA test driver libraries. It is + * intended to be appended by the test build system to the crypto_config.h file + * of the Mbed TLS library the test library will be linked to. It mirrors the + * PSA_ACCEL_* macros defining the cryptographic operations the test library + * supports. */ #if defined(PSA_WANT_ALG_CBC_NO_PADDING) From f467d6306cf98815decfd3658aacb1a596f67712 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Nov 2021 18:02:34 +0100 Subject: [PATCH 31/32] psa: Fix obsolete code guard Signed-off-by: Ronald Cron --- library/psa_crypto.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ffe659a401..9134dee64a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -324,15 +324,11 @@ psa_status_t mbedtls_to_psa_error( int ret ) /* Key management */ /****************************************************************/ -/* For now the MBEDTLS_PSA_ACCEL_ guards are also used here since the - * current test driver in key_management.c is using this function - * when accelerators are used for ECC key pair and public key. - * Once that dependency is resolved these guards can be removed. - */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, size_t bits, int bits_is_sloppy ) @@ -428,9 +424,10 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, return( MBEDTLS_ECP_DP_NONE ); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || - * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || + defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type, size_t bits ) From 27d47713c9c142f8cb4a35a14b1fd08933c39f0f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 7 Dec 2021 09:54:36 +0100 Subject: [PATCH 32/32] tests: psa: Remove MD2, MD4 and ARC4 related code MD2, MD4 and ARC4 are not supported anymore in 3.x. Signed-off-by: Ronald Cron --- .../crypto_config_test_driver_extension.h | 17 ----------------- tests/include/test/psa_exercise_key.h | 6 +----- tests/scripts/all.sh | 8 +------- 3 files changed, 2 insertions(+), 29 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index af4686b97e..927009ad96 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -54,22 +54,6 @@ #endif #endif -#if defined(PSA_WANT_ALG_MD2) -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2) -#undef MBEDTLS_PSA_ACCEL_ALG_MD2 -#else -#define MBEDTLS_PSA_ACCEL_ALG_MD2 1 -#endif -#endif - -#if defined(PSA_WANT_ALG_MD4) -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4) -#undef MBEDTLS_PSA_ACCEL_ALG_MD4 -#else -#define MBEDTLS_PSA_ACCEL_ALG_MD4 1 -#endif -#endif - #if defined(PSA_WANT_ALG_MD5) #if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) #undef MBEDTLS_PSA_ACCEL_ALG_MD5 @@ -231,7 +215,6 @@ #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 6cffeb22bf..18333a9372 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -60,11 +60,7 @@ * part of another algorithm like a signature algorithm and the hashing is * completed through an Mbed TLS hash API, not the PSA one. */ -#if defined(MBEDTLS_MD2_C) -#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD2 -#elif defined(MBEDTLS_MD4_C) -#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD4 -#elif defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD5_C) #define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD5 /* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 219be42023..27b86dcdc9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1620,8 +1620,6 @@ component_test_psa_crypto_config_accel_rsa_signature () { # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash # algorithm based on the hashes supported by the library is also # supported by the test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C @@ -1658,8 +1656,6 @@ component_test_psa_crypto_config_accel_rsa_signature () { scripts/config.py unset MBEDTLS_RSA_C scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT - scripts/config.py unset MBEDTLS_MD2_C - scripts/config.py unset MBEDTLS_MD4_C scripts/config.py unset MBEDTLS_MD5_C scripts/config.py unset MBEDTLS_RIPEMD160_C scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1 @@ -1687,14 +1683,12 @@ component_test_psa_crypto_config_accel_hash () { scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - loc_accel_list="ALG_MD4 ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" + loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py unset MBEDTLS_MD2_C - scripts/config.py unset MBEDTLS_MD4_C scripts/config.py unset MBEDTLS_MD5_C scripts/config.py unset MBEDTLS_RIPEMD160_C scripts/config.py unset MBEDTLS_SHA1_C