The paths to this header in clean: targets were missed previously when
changing paths to reflect the move of the header to the framework.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The function mbedtls_test_hook_error_add() is declared in the library
but supplied by test helpers in framework/tests/src, so it is undefined
in library-only builds. This messes up our checks for missing symbols,
so disable MBEDTLS_TEST_HOOKS when we are building to check missing
symbols.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These are not moving to the framework, so their paths are fine to stay
as they are, undo the update done through global search-replace.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These need to include from the framework path as this is where most test
helpers have been moved to.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Everything not TLS-related and not ALT-interface-related has been moved
out of tests/src and tests/include and into the framework.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This fixes accesses to uninitialized memory in test code if
`psa_crypto_init()` fails.
A lot of those were pointed out by Coverity. I quickly reviewed all calls to
`MD_PSA_INIT()` manually, rather than follow any particular list.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The existing check only took care of CONFIG_H. This was both not enough
and too much:
- not enough because config.py can also modify CRYPTO_CONFIG_H and we
want to know about it just as much as CONFIG_H;
- too much because CONFIG_H does not exist in tf-psa-crypto.
Check a list of files instead of a single one, and adjust that list.
Also update an outdated comment about Makefiles
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
In preparation for adding tf-psa-crypto/test/scripts/all.sh which will
run from tf-psa-crypto.
Use paths relative to the currently sourced file when including common
files (ie, those that will soon be moved to the framework). Otherwise,
use paths relative to the current directory, aka project's root.
Document that test/script/all.sh must be invoked from the project's root
(that was already the case, but implicit so far).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Skip 6144-bit and 8192-bit FFDH tests in MSan or Valgrind test
configurations. These test cases are slow and sometimes trigger GnuTLS's
built-in timeout (which cannot be configured until more recent versions).
Resolves#9742.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
generate_test_code.py doesn't support UTF-8 in .function files (but does
in .data files) when run in a non-UTF-8 locale with Python <=3.6.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Run the function on a few different curves with shorter, just-right and
larger buffer sizes. Perform some basic sanity checks on the output (which
is random).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The Thumb-1 tests are by far the slowest, so split the -O0 and -Os tests
into their own components.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Cleanly reject bits == 0 when calling mbedtls_ecdsa_raw_to_der() and
mbedtls_ecdsa_der_to_raw(). This can plausibly happen when bits is
user-provided data that the calling application doesn't check.
Before this patch, there was typically-benign undefined behavior, such as
adding 0 to a null pointer or calling memcpy on a null pointer with a size
of 0.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use TEST_CALLOC instead of a fixed-size buffer, so that Asan/Valgrind builds
will detect a buffer overflow.
Honor output_size regardless of the value of the number.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
