It used to be the case that when an algorithm that uses a hash inside was
accelerated through a PSA driver, it might end up calling a hash algorithm
that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT,
this no longer happens: PSA accelerated hashes are available to callers of
the MD module, so the test driver can use all available hash algorithms.
Hence the workaround to skip testing certain accelerated cases is no longer
needed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a
dependency here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Some are about raw or AES keys where PK seems really unrelated.
The others are about RSA where PK may be relevant, but the necessary
bits of PK are auto-enabled when RSA key types are requested, so we
shouldn't need to list them as dependencies in tests.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Since _DERIVE can't be accelerated now, in
config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT
as well as the built-in version of each curve that's supported in this
build. So, we don't need to list those as dependencies here - and they
would cause issues when we add support for _DERIVE drivers.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There's no reason the tests would depend specifically on our built-in
implementation and not work with drivers, so replace the RSA_C
dependency with the correct PSA_WANT dependencies.
Those 6 cases use two different test functions, but both of those
functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or
KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of
key being tested.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Most of them were removed in 7162, not sure how these ones slipped in.
There's no reason deterministic ECDSA verification would need PK parse
more than the other tests. The following finds no match:
grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c
Even if PK parse was actually needed for this, the right way would be to
auto-enable it based on PSA_WANT symbols, and then only depend on
PSA_WANT symbols here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This tied input and output buffers together in
awkward pairs, which made the API more difficult
to use.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Since we are internal rather than user-facing,
PSA_ERROR_CORRUPTION_DETECTED makes more sense than
PSA_ERROR_BUFFER_TOO_SMALL. Whilst it really is a buffer that is too
small, this error code is intended to indicate that a user-supplied
buffer is too small, not an internal one.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This removes some gubbins related to making sure the buffer is not NULL
that was previously cluttering the test case.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Test that a buffer pair can be created with psa_crypto_alloc_and_copy()
and destroyed with psa_crypto_copy_and_free() correctly.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Zero-length buffers should be represented in the
psa_crypto_buffer_copy_t struct as NULL if it was created in
psa_crypto_alloc_and_copy(), so reject non-NULL zero-length buffers.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
If we have a copy buffer but no original to copy back to, there is not
much sensible we can do. The psa_crypto_buffer_copy_t state is invalid.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Since it is implementation-dependent whether
malloc(0) returns NULL or a pointer, explicitly
represent zero-length buffers as NULL in the
buffer-copy struct, so as to have a uniform
behaviour.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we can't test decrypt for
AES-ECB, so adding this dependency for some test cases
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Some test cases are using encrypted key file, thus have
dependency on low-level block cipher modules (e.g. AES).
This commit adds unencrypted key file so that we could
get rid of those dependencies.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
