Don't add a certificate requirement when PSK is enabled.
Do command line requirement detection after the injection of PSK into the
command line in PSK-only mode. Otherwise certificate requirements would be
added even in PSK-only mode.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When requiring a cryptographic mechanism for the sake of certificate
authentication, also require that certificate authentication is enabled.
Setting auth_mode explicitly means that we're testing something related to
how certificate-based authentication is handled, so require a key exchange
with certificate-based authentication.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add a test that does some basic validation of the pkg-config files.
Example run:
./tests/scripts/all.sh test_cmake_as_package
<snip>
******************************************************************
* test_cmake_as_package: build: cmake 'as-package' build
* Wed Sep 11 16:22:09 UTC 2024
******************************************************************
cmake .
make
Built against Mbed TLS 3.6.1
testing package config file: mbedtls ... passed
testing package config file: mbedx509 ... passed
testing package config file: mbedcrypto ... passed
make clean
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
The rest of the file uses mbedtls_mpi_uint_t unconditionally, so its
definition should also be #include'd unconditionally.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Without this, it's not at all obvious that turning on MBEDTLS_TEST_HOOKS
doesn't change the functional behavior of the code.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Unfortunately compilers aren't good at analyzing whether variables are
analyzed on all code paths, and it is better to initialize to the
safe-path values.
Signed-off-by: Janos Follath <janos.follath@arm.com>
A + B + 1 is not a good way to get a number that's neither A nor B.
This can be a problem for example if values later are changed to
A = 0 and B = -1.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Only add the test hooks where it is meaningful. That is, not adding
where the operation is essentially the same or the target is not the
function that is being tested.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Not adding _unsafe version to the tests targeting behaviour related to
RR as it is independent from the secret involved in the safe/unsafe
distinction.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2 ChangeLog entries that were originally placed under "Changes" are
more appropriately placed under "Default behaviour changes".
Move these 2 entries to the correct section.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This is in keeping with other generated files (such as generated .data
files) that are added to releases.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
