When PSA uses CTR_DRBG for its random generator and CTR_DRBG uses PSA for
AES, as currently implemented, there is one volatile key in permanent use
for the CTR_DRBG instance. Account for that in tests that want to know
exactly how many volatile keys are in use, or how many volatile keys can be
created.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When the PSA RNG uses AES through a PSA driver, it consumes one volatile key
identifier. When MBEDTLS_PSA_KEY_SLOT_DYNAMIC is enabled, that identifier
happens to coincide with the key ID value that the test case assumes not to
exist. Use a different value that avoids this coincidence.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Split the "many transient keys" test function in two: one that expects to
successfully create many keys, and one that expects to fill the key store.
This will make things easier when we add a dynamic key store where filling
the key store is not practical unless artificially limited.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The description was misleading: setting the option doesn't “restrict” the
number of slots, that restriction exists anyway. Setting the option merely
determines the value of the limit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
PSA_KEY_ID_VOLATILE_MIN-1 is now in the persistent key ID range, so it's no
longer an invalid key ID for registration.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix interference between PSA volatile keys and built-in keys
when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096. This overlap used to make it
possible that a volatile key would receive the identifier of a built-in key,
and is now caught by a static assertion.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Ensure that a key ID can't be in range for more than one of volatile keys,
persistent (i.e. user-chosen) keys or built-in keys.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Restricting the built-in key range would be an API break since applications
can hard-code a built-in key value and expect that it won't clash with
anything else. Make it harder to accidentally break the API.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_psa_register_se_key() is not usable with volatile keys, since there
is no way to return the implementation-chosen key identifier which would be
needed to use the key. Document this limitation. Reject an attempt to create
such an unusable key. Fixes#9253.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Make it possible, but not officially supported, to switch the CTR_DRBG
module to PSA mode even if MBEDTLS_AES_C is defined. This is not really
useful in practice, but is convenient to test the PSA mode without setting
up drivers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
At the top level, the macro would have had to be used without a following
semicolon (except with permissive compilers that accept spurious semicolons
outside of a function), which is confusing to humans and indenters. Fix
that.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_test_mock_tcp_recv_msg is currently popping a message
queue and does not check if this was done correctly.
This extra check makes the test more complete/robust.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
PSA buffers and their length should follow a pattern for which
the latter is named after the former as <buffer_name>_length,
but this was not the case for psa_key_derivation_verify_bytes().
This makes life of crypto.h parsers (for automatic code generation)
harder. This commit aims at solving this problem.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move the DATA_FILES_PATH_VAR variable into the generated bash rather
than only variablising it in the python that generates the test script.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
A path containing '../../' was defined in relation to a directory in the
tests/data_files directory. Since this has been moved to
framework/data_files, we must update the path to refer correctly to the
same location as before.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
