Allow imports of an ECC public key on an unsupported curve to return
INVALID_ARGUMENT rather than NOT_SUPPORTED. This can happen in our library
code in edge cases when only certain curve families are supported, and it's
acceptable.
The new code does not trigger yet, but it will be useful for a future commit
"Do run not-supported test cases on not-implemented mechanisms"
(forward port of 995d7d4c15406b0a115cadf3f5ec69becafdf20f).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Uniformly return PSA_ERROR_NOT_SUPPORTED if given an algorithm that includes
a hash, but that hash algorithm is not supported. This will make it easier
to have a uniform treatment of unsupported hashes in automatically generated
tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Update the framework pointer to reference new changes to
tests/src/psa_exercise.key.c and tests/include/test/psa_exercise_key.h
that have been ported to the framework from the main repo.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The paths to this header in clean: targets were missed previously when
changing paths to reflect the move of the header to the framework.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These were accidentally documented incorrectly in the PSA shared memory
documentation due to a global find and replace.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The function mbedtls_test_hook_error_add() is declared in the library
but supplied by test helpers in framework/tests/src, so it is undefined
in library-only builds. This messes up our checks for missing symbols,
so disable MBEDTLS_TEST_HOOKS when we are building to check missing
symbols.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
We need to include from both tests/include and framework/tests/include.
Update scripts/generate_visualc_files.pl to re-add tests/include, which
had previously been replaced with framework/tests/include.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These are not moving to the framework, so their paths are fine to stay
as they are, undo the update done through global search-replace.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Both the main repository and framework test helper paths are needed, so
generate these in the script.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These need to include from the framework path as this is where most test
helpers have been moved to.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Some tests need the SSL-related parts of tests/include and tests/src
which stayed in Mbed TLS. Add these parts to the mbedtls_test target
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The fuzzer needs both kinds of test helper so needs to include things
from both new and old locations.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These must include from both the framework and the main repository since
the test helpers straddle the two locations.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Everything not TLS-related and not ALT-interface-related has been moved
out of tests/src and tests/include and into the framework.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit fixes an issue in the GCM shared buffer test case where
input data could be of length 0 and an adequate buffer was not
allocated.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit fixes an issue with check_names failing due to not being
defined as a macro in Mbed TLS. This is instead defined by alternative
implementations of MBEDTLS_GCM.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit adds test cases for input and output buffer overlap. The
data for the test cases is a duplicate of existing encrypt/decrypt test
cases.
The two test functions gcm_<encrypt/decrypt>_input_output_buffer_overlap
are modified to use a single malloc buffer rounded to the nearest
128-bits/16-bytes for input and output.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit updates GCM buffer overlap documentation to explicitly
support overlapping encryption/decryption buffers for GCM.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This fixes accesses to uninitialized memory in test code if
`psa_crypto_init()` fails.
A lot of those were pointed out by Coverity. I quickly reviewed all calls to
`MD_PSA_INIT()` manually, rather than follow any particular list.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The existing check only took care of CONFIG_H. This was both not enough
and too much:
- not enough because config.py can also modify CRYPTO_CONFIG_H and we
want to know about it just as much as CONFIG_H;
- too much because CONFIG_H does not exist in tf-psa-crypto.
Check a list of files instead of a single one, and adjust that list.
Also update an outdated comment about Makefiles
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
