Alert if all tests are filtered out or skipped: that probably indicates a
test script that set up an unintended configuration or an overly strict
filter. You can pass `--min 0` to bypass this check. You can pass `--min`
with a larger value to require that many test cases to run.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The Mbed TLS implementations of ALG_TLS12_PRF,
ALG_TLS12_PSK_TO_MS, ALG_HKDF, ALG_HKDF_EXTRACT,
ALG_HKDF_EXPAND and ALG_PBKDF2 rely on HMAC
operations through the driver interface. Thus
if one of these algorithms is enabled and not
accelerated, we need ALG_HMAC to be enabled
(PSA_WANT_ALG_HMAC and PSA_WANT_KEY_TYPE_HMAC
defined). As HMAC operations occur through
the driver interface, HMAC operations can be
accelerated even if the caller algorithm
is not.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
While at this, fix also Makefile so that "make clean" does not
complain if some of the files to be cancelled do not exist.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Enable MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO
is reference configurations as we are working towards
removing (always on) them.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Change the way we decide if for a given
configuration we need to run tests with
and without MBEDTLS_USE_PSA_CRYPTO enabled.
That makes the script suitable for 3.6 and
development branch.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Also converts legacy symbols into their PSA equivalents.
When PSA is defined this does not change the compiled code
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Convert legacy symbols to their PSA equivalents.
This does not change code compiled when this config is active with PSA
enabled
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Also convert legacy symbols to their PSA equivalents.
This does not change code compiled when this config is active with PSA
enabled
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Replaces legacy symbols with the PSA equivalents.
This doesn't change the code generated when this config is active
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This allows to re-enable MBEDTLS_ENTROPY_NV_SEED since the
seedfile is correctly found in the "test" folder at runtime.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- add quotes to the $@ parameter in helper_crypto_client_build()
- instead of copying mbedtls_config.h to build static libraries,
we rely on the already existing backup/cleanup mechanism which
is available in all.sh.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Replace more sample PSK by longer (GnuTLS-compatible) strings, taking care
of keeping distinct PSK distinct for wrong-PSK tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add DEBUG=1 in test_psasim() to helpers and final make to build
the libraries and the final binaries with debug symbols
enabled.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move the generation of tests/src/test_certs.h and tests/src/test_keys.h
to the main CMakeLists.txt. This is required because these files are
needed both by tests and programs, whereas tests/CMakeLists.txt is only
included when ENABLE_TESTING is on.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Instead of copying the entire library & include folders twice
to build libraries for client and server:
- change the main config file (mbedtls_config.h)
- build in the root library folder
- move the generated library in the psasim folder
- use those library for linking the client/server binaries
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The goal is to keep psasim as simple as possible:
- do not build a separate lib for psa-ff; build those source
files as part of server or client
- do not have lot of different makefiles: just 1 that does all
we need
- do not have several subfolders for headers: only 1 is enough
for this kind of project
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is necessary because otherwise the library is not able to
find the seedfile at runtime and it fails the initialization.
However since this test runs on a standard PC we can rely on
platform entropy as source of entropy.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit implements the first useful IPC communication between
the client and the server. The implemented command is simple,
psa_crypto_init(), and its return value is sent back to the client.
Note: the newly added file psa_functions_codes.h is temporary
and it's probably the one that needs to be automatically
generated by a python script to support all crypto functions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
