It's a crypto test suite, but it was added in the main tree in a careless
forward port from 3.6.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
generate_test_code.py doesn't support UTF-8 in .function files (but does
in .data files) when run in a non-UTF-8 locale with Python <=3.6.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Run the function on a few different curves with shorter, just-right and
larger buffer sizes. Perform some basic sanity checks on the output (which
is random).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Skip 6144-bit and 8192-bit FFDH tests in MSan or Valgrind test
configurations. These test cases are slow and sometimes trigger GnuTLS's
built-in timeout (which cannot be configured until more recent versions).
Resolves#9742.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that it's always on, this is no longer necessary.
Also this is a step towards no longer being able to set it, because it soon
won't be a selectable configuration option anymore.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that MBEDTLS_USE_PSA_CRYPTO is always on, remove code that handles the
case when it's disabled.
Also this is a step towards no longer expecting it to be reported by
query_compile_time_config.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that MBEDTLS_USE_PSA_CRYPTO is always on, we don't need to check for it.
Also this is a step towards no longer expecting it to be reported by
query_compile_time_config.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We no longer have two (only partially distinct) implementations of ECJ-PAKE
cipher suites in TLS, now that the non-MBEDTLS_USE_PSA_CRYPTO implementation
is being removed.
We may want to add this testing back in the future, but we'll have to use an
old Mbed TLS instead of a differently-built one.
https://github.com/Mbed-TLS/mbedtls/issues/9740
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The Thumb-1 tests are by far the slowest, so split the -O0 and -Os tests
into their own components.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Since PSA is always on in 4.x, *_PSA_INIT() and *_PSA_DONE() can be
simply aliased to PSA_INIT() and PSA_DONE() until such a time as we
remove them.
Simplify the login of these PSA_INIT/DONE variants by aliasing them in
4.x and keeping the more complex 3.6 logic entirely separate.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Remove all.sh components that explicitly disable MBEDTLS_USE_PSA_CRYPTO, and
for which there is another component with MBEDTLS_USE_PSA_CRYPTO enabled
that does the same or more testing.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Variables that are in any way destructed on exit should be initialised
prior to any tests that might jump to exit, to save potential
uninitialised memory accesses.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
With PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE disabled, test TLS 1.3 and
USE_PSA TLS 1.2.
With PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE disabled, just test crypto,
because the TLS code needs that to generate ephemeral ECDH keys but this is
not tracked properly (the ephemeral ECDH code is only gated on having ECDH).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Do not assume that tests with !PSA_WANT_ALG_TLS12_PRF will not
be executed in AnalyzeCoverage task.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
