Do not assume that tests with !PSA_WANT_ALG_TLS12_PRF will not
be executed in AnalyzeCoverage task.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
MBEDTLS_PSA_KEY_BUFFER_MAX_SIZE is only used in tests so it should
not be defined in a public header such as "crypto_extra.h".
"psa_crypto_helpers.h" is a better option.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE() is not defined when there
is no MBEDTLS_PSA_CRYPTO_CLIENT so we need this guard to
define MBEDTLS_TEST_STATIC_KEY_SLOTS_SUPPORT_RSA_[2048/4096].
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- MBEDTLS_TEST_STATIC_KEY_SLOTS_SUPPORT_RSA_[2048/4096] are always
defined because they are only used in test_suite_psa_crypto
tests.
- MBEDTLS_TEST_ALLOW_RSA_4096 was renamed as
MBEDTLS_TEST_PK_ALLOW_RSA_KEY_PAIR_4096 because this is only used in
PK related test suites.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This value should be:
- OK for all EC/FFDH key pairs/public keys;
- OK for all supported public RSA keys;
- OK for RSA key pairs up to 2048 bits;
- FAIL for RSA key pairs above 2048 bits.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Intentionally set MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE slightly
smaller than the maximum RSA key pair size for an RSA key of 4096
bits. Also add a test in test_suite_psa_crypto to verify this
condition.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Disable all MBEDTLS_xxx symbols (keeping only the relevant ones enabled)
when building the main library.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit also fixes related errors in test suites. In all
cases those failures are related to the use of raw keys whose
size cannot be determined a-priori.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
With the `depend.py` using the crypto config the `PBKDF2_HMAC` can be
enabled so thest cases can be run.
The equivalence (synonym) between `PSA_WANT_ALG_RSA_PSS_ANY_SALT` and
`PSA_WANT_ALG_RSA_PSS` is now done properly, the test can be run.
Dependencies for `MBEDTLS_CIPHER_PADDING_PKCS7' has been updated and
now it can be actually disabled.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit fixes a linking error with psa_sim_crypto_server.c where
mbedtls_test_hook_error_add was undefined.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
The PSA and MbedTLS options can switch the same functionality separately
so add a check to ensure the cpnsistency.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit fixes the error test suite to depend on MBEDTLS_ERROR_C
rather than MBEDTLS_ERRORCOMMON_C.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
We cannot add the equivalent of
cmake_package_install yet as the build in
tf-psa-crypto still references some headers
in ./include/mbedtls like mbedtls_config.h.
We cannot add the equivalent of
cmake_subproject yet as currently only
the case of the Mbed TLS parent project is
supported.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Let the projects using some CMakeLists.txt files
without the top CMakeLists.txt define the variables
that the top CMakeLists.txt set for all.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Without quotes, when the variable is empty, the shell will see three
tokens: [, -n, ]. After skipping ] as usual, it will see a single token,
so it will consider it not as command, but a string to be tested for "is
it empty", and since "-n" is not empty, the command will return true.
With quotes it see 4 tokens: [, -n, <empty string>, ] and interprets -n
as desired.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Replace obvious additions of an `MBEDTLS_ERR_xxx` constant by a call to
`MBEDTLS_ERROR_ADD`.
Skip `case` statements since `MBEDTLS_ERROR_ADD(pp_constant)` is not a
preprocessor constant.
This commit does not replace additions split over lines. Those will be
handled in a subsequent commit.
```
git ls-files '*.h' '*.c' '*.function' '*.data' |
xargs perl -i -pe '
next if /\bcase\b/;
s/\b(MBEDTLS_ERR_\w+)\s*\+\s*(\w+)\b/MBEDTLS_ERROR_ADD($1, $2)/g;
s/\b(\w+)\s*\+\s*(MBEDTLS_ERR_\w+)\b/MBEDTLS_ERROR_ADD($1, $2)/g'
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
