mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-14 01:26:49 +00:00
test: add new component to test core library without calloc/free
This commit also fixes issues found in test suites function/data files. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
parent
168d24a00d
commit
efce6052d8
@ -64,6 +64,92 @@ component_build_psa_crypto_spm () {
|
||||
check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a
|
||||
}
|
||||
|
||||
# The goal of this component is to build a configuration where:
|
||||
# - test code and libtestdriver1 can make use of calloc/free and
|
||||
# - core library (including PSA core) cannot use calloc/free.
|
||||
component_test_psa_crypto_without_heap() {
|
||||
# Disable PSA features that cannot be accelerated and whose builtin support
|
||||
# requires calloc/free.
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_HKDF*
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_PBKDF2*
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_TLS12*
|
||||
# RSA key support requires ASN1 parse/write support for testing, but ASN1
|
||||
# is disabled below.
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_KEY_TYPE_RSA_*
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_RSA_*
|
||||
# DES requires built-in support for key generation (parity check) so it
|
||||
# cannot be accelerated
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DES
|
||||
# EC-JPAKE use calloc/free in PSA core
|
||||
scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_JPAKE
|
||||
|
||||
# Accelerate all PSA features (which are still enabled in CRYPTO_CONFIG_H).
|
||||
PSA_SYM_LIST=$(./scripts/config.py -f $CRYPTO_CONFIG_H get-all-enabled PSA_WANT)
|
||||
loc_accel_list=$(echo $PSA_SYM_LIST | sed 's/PSA_WANT_//g')
|
||||
|
||||
msg "build: libtestdriver1"
|
||||
helper_libtestdriver1_adjust_config crypto
|
||||
helper_libtestdriver1_make_drivers "$loc_accel_list"
|
||||
|
||||
msg "build: main library"
|
||||
# Enable fully-static key slots in PSA core.
|
||||
scripts/config.py set MBEDTLS_PSA_STATIC_KEY_SLOTS
|
||||
# Prevent PSA core from creating a copy of input/output buffers
|
||||
scripts/config.py set MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
|
||||
# Prevent PSA core from using CTR-DRBG or HMAC-DRBG for random generation.
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
|
||||
# Set cmalloc/free as null pointer functions. Calling them would crash
|
||||
# the program so we can use this as a "sentinel" for being sure no module
|
||||
# is making use of these functions in the library.
|
||||
scripts/config.py set MBEDTLS_PLATFORM_MEMORY
|
||||
scripts/config.py set MBEDTLS_PLATFORM_STD_CALLOC NULL
|
||||
scripts/config.py set MBEDTLS_PLATFORM_STD_FREE NULL
|
||||
|
||||
# Disable all the modules/features that use cmalloc directly
|
||||
scripts/config.py unset-all MBEDTLS_ASN1_
|
||||
scripts/config.py unset MBEDTLS_BIGNUM_C
|
||||
scripts/config.py unset MBEDTLS_CIPHER_C
|
||||
scripts/config.py unset MBEDTLS_CMAC_C
|
||||
scripts/config.py unset MBEDTLS_DHM_C
|
||||
scripts/config.py unset MBEDTLS_ECDSA_C
|
||||
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
|
||||
scripts/config.py unset MBEDTLS_ECP_C
|
||||
scripts/config.py unset-all MBEDTLS_LMS_
|
||||
scripts/config.py unset MBEDTLS_MD_C
|
||||
scripts/config.py unset MBEDTLS_OID_C
|
||||
scripts/config.py unset-all MBEDTLS_PEM_
|
||||
scripts/config.py unset MBEDTLS_PKCS7_C
|
||||
scripts/config.py unset-all MBEDTLS_PK_
|
||||
scripts/config.py unset MBEDTLS_RSA_C
|
||||
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
# Disable all modules that depend on the the previous ones
|
||||
scripts/config.py unset MBEDTLS_NIST_KW_C
|
||||
scripts/config.py unset MBEDTLS_ECDH_C
|
||||
scripts/config.py unset MBEDTLS_ECJPAKE_C
|
||||
scripts/config.py unset-all MBEDTLS_PKCS1_
|
||||
scripts/config.py unset-all MBEDTLS_ENTROPY_
|
||||
scripts/config.py unset-all MBEDTLS_SHA
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
|
||||
scripts/config.py unset MBEDTLS_HKDF_C
|
||||
scripts/config.py unset MBEDTLS_PKCS5_C
|
||||
scripts/config.py unset MBEDTLS_PKCS12_C
|
||||
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
|
||||
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
|
||||
helper_libtestdriver1_make_main "$loc_accel_list" lib
|
||||
|
||||
msg "build: test suites and helpers"
|
||||
# Reset cmalloc/free functions to normal operations so that test code can
|
||||
# freely use them.
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_STD_CALLOC
|
||||
scripts/config.py unset MBEDTLS_PLATFORM_STD_FREE
|
||||
helper_libtestdriver1_make_main "$loc_accel_list" tests
|
||||
|
||||
msg "run tests"
|
||||
make test
|
||||
}
|
||||
|
||||
# Get a list of library-wise undefined symbols and ensure that they only
|
||||
# belong to psa_xxx() functions and not to mbedtls_yyy() ones.
|
||||
# This function is a common helper used by both:
|
||||
|
||||
@ -7414,9 +7414,11 @@ PSA generate key: raw data, 9 bits: invalid argument
|
||||
generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
|
||||
|
||||
PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
|
||||
depends_on:!MBEDTLS_PSA_STATIC_KEY_SLOTS
|
||||
generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
|
||||
|
||||
PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
|
||||
depends_on:!MBEDTLS_PSA_STATIC_KEY_SLOTS
|
||||
generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
|
||||
|
||||
PSA generate key: raw data, 65528 bits (large key, ok if it fits)
|
||||
|
||||
@ -1236,7 +1236,7 @@ static void interruptible_signverify_get_minmax_completes(uint32_t max_ops,
|
||||
}
|
||||
#endif /* MBEDTLS_ECP_RESTARTABLE */
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) && defined(MBEDTLS_ASN1_PARSE_C)
|
||||
static int rsa_test_e(mbedtls_svc_key_id_t key,
|
||||
size_t bits,
|
||||
const data_t *e_arg)
|
||||
@ -10246,7 +10246,7 @@ void generate_key_custom(int type_arg,
|
||||
TEST_EQUAL(psa_get_key_type(&got_attributes), type);
|
||||
TEST_EQUAL(psa_get_key_bits(&got_attributes), bits);
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) && defined(MBEDTLS_ASN1_PARSE_C)
|
||||
if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||
TEST_ASSERT(rsa_test_e(key, bits, custom_data));
|
||||
}
|
||||
|
||||
@ -256,35 +256,35 @@ generate_ec_key through transparent driver: error
|
||||
generate_ec_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
validate key through transparent driver: good private key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: good public key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: fallback private key
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:132:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: fallback public key
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
|
||||
depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:133:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
|
||||
|
||||
validate key through transparent driver: error
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_LOCATION_LOCAL_STORAGE:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
validate key through opaque driver: good private key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
|
||||
|
||||
validate key through opaque driver: good public key
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
|
||||
|
||||
validate key through opaque driver: error
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
|
||||
depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_CRYPTO_STORAGE_C
|
||||
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_CRYPTO_TEST_DRIVER_LOCATION:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
|
||||
|
||||
export_key private to public through driver: fake
|
||||
|
||||
@ -6,13 +6,14 @@
|
||||
size_t pake_expected_hit_count = 0;
|
||||
int pake_in_driver = 0;
|
||||
|
||||
#if defined(PSA_WANT_ALG_JPAKE) && \
|
||||
defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
|
||||
defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
|
||||
|
||||
/* The only two JPAKE user/peer identifiers supported for the time being. */
|
||||
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
|
||||
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
|
||||
|
||||
#if defined(PSA_WANT_ALG_JPAKE) && \
|
||||
defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
|
||||
defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
|
||||
static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive,
|
||||
psa_pake_operation_t *server,
|
||||
psa_pake_operation_t *client,
|
||||
@ -437,6 +438,11 @@ static int sanity_check_rsa_encryption_result(
|
||||
mbedtls_mpi_init(&D);
|
||||
mbedtls_mpi_init(&C);
|
||||
mbedtls_mpi_init(&X);
|
||||
#else /* MBEDTLS_BIGNUM_C */
|
||||
(void) alg;
|
||||
(void) private_exponent;
|
||||
(void) input_data;
|
||||
(void) buf;
|
||||
#endif /* MBEDTLS_BIGNUM_C */
|
||||
|
||||
int ok = 0;
|
||||
|
||||
@ -8,6 +8,10 @@
|
||||
#include "entropy_poll.h"
|
||||
|
||||
/* Calculating the minimum allowed entropy size in bytes */
|
||||
#if !defined(MBEDTLS_ENTROPY_BLOCK_SIZE)
|
||||
#define MBEDTLS_ENTROPY_BLOCK_SIZE MBEDTLS_ENTROPY_MIN_PLATFORM
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, \
|
||||
MBEDTLS_ENTROPY_BLOCK_SIZE)
|
||||
|
||||
|
||||
@ -24,6 +24,9 @@ static int check_stats(void)
|
||||
exit:
|
||||
return 0;
|
||||
}
|
||||
#if !defined(MBEDTLS_ENTROPY_BLOCK_SIZE)
|
||||
#define MBEDTLS_ENTROPY_BLOCK_SIZE MBEDTLS_ENTROPY_MIN_PLATFORM
|
||||
#endif
|
||||
|
||||
#define ENTROPY_MIN_NV_SEED_SIZE \
|
||||
MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user