diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index dac07acd33..66378e7def 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -1,9 +1,24 @@ /** - * This file is intended to be used to build PSA test driver libraries. It is - * intended to be appended by the test build system to the crypto_config.h file - * of the Mbed TLS library the test library will be linked to. It mirrors the - * PSA_ACCEL_* macros defining the cryptographic operations the test library - * supports. + * This file is intended to be used to build PSA external test driver + * libraries (libtestdriver1). + * + * It is intended to be appended by the test build system to the + * crypto_config.h file of the Mbed TLS library the test library will be + * linked to (see `tests/Makefile` libtestdriver1 target). This is done in + * order to insert it at the right time: after the main configuration + * (PSA_WANT) but before the logic that determines what built-ins to enable + * based on PSA_WANT and MBEDTLS_PSA_ACCEL macros. + * + * It reverses the PSA_ACCEL_* macros defining the cryptographic operations + * that will be accelerated in the main library: + * - When something is accelerated in the main library, we need it supported + * in libtestdriver1, so we disable the accel macro in order to the built-in + * to be enabled. + * - When something is NOT accelerated in the main library, we don't need it + * in libtestdriver1, so we enable its accel macro in order to the built-in + * to be disabled, to keep libtestdriver1 minimal. (We can't adjust the + * PSA_WANT macros as they need to be the same between libtestdriver1 and + * the main library, since they determine the ABI between the two.) */ #include "psa/crypto_legacy.h" diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index bf0707d429..82f333ccb5 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -11,7 +11,8 @@ #include "test/helpers.h" -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if (MBEDTLS_VERSION_MAJOR < 4 && defined(MBEDTLS_PSA_CRYPTO_C)) || \ + (MBEDTLS_VERSION_MAJOR >= 4 && defined(MBEDTLS_PSA_CRYPTO_CLIENT)) #include "test/psa_helpers.h" #include #endif @@ -40,12 +41,16 @@ mbedtls_psa_crypto_free(); \ } \ while (0) -#else /*MBEDTLS_PSA_CRYPTO_C */ +#elif MBEDTLS_VERSION_MAJOR >= 4 && defined(MBEDTLS_PSA_CRYPTO_CLIENT) +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) +#define PSA_DONE() mbedtls_psa_crypto_free(); +#else /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */ #define PSA_INIT() ((void) 0) #define PSA_DONE() ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_C */ -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if (MBEDTLS_VERSION_MAJOR < 4 && defined(MBEDTLS_PSA_CRYPTO_C)) || \ + (MBEDTLS_VERSION_MAJOR >= 4 && defined(MBEDTLS_PSA_CRYPTO_CLIENT)) #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) @@ -253,15 +258,15 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); #if defined(MBEDTLS_AES_ALT) || \ defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) -#define MBEDTLS_TEST_HAVE_ALT_AES 1 +#define MBEDTLS_TEST_HAVE_ACCEL_AES 1 #else -#define MBEDTLS_TEST_HAVE_ALT_AES 0 +#define MBEDTLS_TEST_HAVE_ACCEL_AES 0 #endif #define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \ do \ { \ - if ((MBEDTLS_TEST_HAVE_ALT_AES) && \ + if ((MBEDTLS_TEST_HAVE_ACCEL_AES) && \ ((key_type) == PSA_KEY_TYPE_AES) && \ (key_bits == 192)) \ { \ @@ -293,18 +298,19 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); * \param alg The AEAD algorithm. * \param nonce_length The nonce length in number of bytes. */ + #if defined(MBEDTLS_GCM_ALT) || \ defined(MBEDTLS_PSA_ACCEL_ALG_GCM) -#define MBEDTLS_TEST_HAVE_ALT_GCM 1 +#define MBEDTLS_TEST_HAVE_ACCEL_GCM 1 #else -#define MBEDTLS_TEST_HAVE_ALT_GCM 0 +#define MBEDTLS_TEST_HAVE_ACCEL_GCM 0 #endif #define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \ nonce_length) \ do \ { \ - if ((MBEDTLS_TEST_HAVE_ALT_GCM) && \ + if ((MBEDTLS_TEST_HAVE_ACCEL_GCM) && \ (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \ PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \ ((nonce_length) != 12)) \ @@ -315,7 +321,22 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); } \ while (0) -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT || MBEDTLS_PSA_CRYPTO_C */ + +#if MBEDTLS_VERSION_MAJOR >= 4 +/* Legacy PSA_INIT() / PSA_DONE() variants from 3.6 */ +#define USE_PSA_INIT() PSA_INIT() +#define USE_PSA_DONE() PSA_DONE() +#define MD_PSA_INIT() PSA_INIT() +#define MD_PSA_DONE() PSA_DONE() +#define BLOCK_CIPHER_PSA_INIT() PSA_INIT() +#define BLOCK_CIPHER_PSA_DONE() PSA_DONE() +#define MD_OR_USE_PSA_INIT() PSA_INIT() +#define MD_OR_USE_PSA_DONE() PSA_DONE() +#define AES_PSA_INIT() PSA_INIT() +#define AES_PSA_DONE() PSA_DONE() + +#else /* MBEDTLS_VERSION_MAJOR < 4 */ /** \def USE_PSA_INIT * @@ -448,6 +469,8 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); #define AES_PSA_DONE() ((void) 0) #endif /* MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_VERSION_MAJOR >= 4 */ + #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ defined(MBEDTLS_CTR_DRBG_C) && \ defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO) diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 76ec12a22f..54aec93225 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -13,7 +13,11 @@ #include "test/drivers/hash.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_hash.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.h" +#endif #endif mbedtls_test_driver_hash_hooks_t diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 314ce83a25..6992a066d2 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -16,7 +16,11 @@ #include "mbedtls/constant_time.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_aead.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.h" +#endif #endif mbedtls_test_driver_aead_hooks_t diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index 4fc8c9d34b..6fdbe43aee 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -16,7 +16,11 @@ #include "test/drivers/key_management.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_rsa.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" +#endif #endif #define PSA_RSA_KEY_PAIR_MAX_SIZE \ diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 2bc751a8a2..90256fc4ea 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -19,7 +19,11 @@ #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_cipher.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.h" +#endif #endif #include diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index 8471959e2a..8a7a9ea525 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -20,9 +20,15 @@ #include #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/include/psa/crypto.h" #include "libtestdriver1/library/psa_crypto_ecp.h" #include "libtestdriver1/library/psa_crypto_ffdh.h" +#else +#include "libtestdriver1/tf-psa-crypto/include/psa/crypto.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h" +#endif #endif mbedtls_test_driver_key_agreement_hooks_t diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 2a878994c2..d2ca157b8b 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -23,9 +23,15 @@ #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_ecp.h" #include "libtestdriver1/library/psa_crypto_rsa.h" #include "libtestdriver1/library/psa_crypto_ffdh.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h" +#endif #endif #include diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 9f8120bd4a..f1cf504303 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -13,7 +13,11 @@ #include "test/drivers/mac.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_mac.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.h" +#endif #endif mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks = diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c index a0b6c1cb0c..c3ce326fe2 100644 --- a/tests/src/drivers/test_driver_pake.c +++ b/tests/src/drivers/test_driver_pake.c @@ -1,5 +1,5 @@ /* - * Test driver for MAC entry points. + * Test driver for PAKE entry points. */ /* Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later @@ -14,7 +14,11 @@ #include "string.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_pake.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.h" +#endif #endif mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks = diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 4fca5d178d..a6eef573b2 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -26,9 +26,15 @@ #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#if MBEDTLS_VERSION_MAJOR < 4 #include "libtestdriver1/library/psa_crypto_ecp.h" #include "libtestdriver1/library/psa_crypto_hash.h" #include "libtestdriver1/library/psa_crypto_rsa.h" +#else +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" +#endif #endif #include diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index 937bd45d22..032c489201 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -11,7 +11,8 @@ #include #include -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if (MBEDTLS_VERSION_MAJOR < 4 && defined(MBEDTLS_PSA_CRYPTO_C)) || \ + (MBEDTLS_VERSION_MAJOR >= 4 && defined(MBEDTLS_PSA_CRYPTO_CLIENT)) #include #include @@ -1284,7 +1285,7 @@ int mbedtls_test_key_consistency_psa_pk(mbedtls_svc_key_id_t psa_key, break; #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA) +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA) case MBEDTLS_PK_ECKEY: case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECDSA: @@ -1295,7 +1296,7 @@ int mbedtls_test_key_consistency_psa_pk(mbedtls_svc_key_id_t psa_key, pk_public_buffer, sizeof(pk_public_buffer)), 0); pk_public = pk_public_buffer; break; -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_PK_USE_PSA_EC_DATA */ +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY && !MBEDTLS_PK_USE_PSA_EC_DATA */ #if defined(MBEDTLS_USE_PSA_CRYPTO) case MBEDTLS_PK_OPAQUE: @@ -1332,4 +1333,4 @@ exit: } #endif /* MBEDTLS_PK_C */ -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_C || MBEDTLS_PSA_CRYPTO_CLIENT */