diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 7306d8eb1..7393d81dc 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -11,7 +11,7 @@ #include "test/helpers.h" -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) #include "test/psa_helpers.h" #include #endif @@ -38,12 +38,15 @@ mbedtls_psa_crypto_free(); \ } \ while (0) -#else /*MBEDTLS_PSA_CRYPTO_C */ +#elif defined(MBEDTLS_PSA_CRYPTO_CLIENT) /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */ +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) +#define PSA_DONE() mbedtls_psa_crypto_free(); +#else /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */ #define PSA_INIT() ((void) 0) #define PSA_DONE() ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_C */ -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) @@ -313,7 +316,7 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); } \ while (0) -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ /** \def USE_PSA_INIT * diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index 937bd45d2..b2232764a 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -11,7 +11,7 @@ #include #include -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) #include #include @@ -1332,4 +1332,4 @@ exit: } #endif /* MBEDTLS_PK_C */ -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 70e7badca..982be3c6e 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -59,7 +59,7 @@ void debug_print_msg_threshold(int threshold, int level, char *file, mbedtls_ssl_config conf; struct buffer_data buffer; - MD_PSA_INIT(); + MD_OR_USE_PSA_INIT(); mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); @@ -86,7 +86,7 @@ void debug_print_msg_threshold(int threshold, int level, char *file, exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); - MD_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -98,7 +98,7 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value, mbedtls_ssl_config conf; struct buffer_data buffer; - MD_PSA_INIT(); + MD_OR_USE_PSA_INIT(); mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); @@ -122,7 +122,7 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value, exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); - MD_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -134,7 +134,7 @@ void mbedtls_debug_print_buf(char *file, int line, char *text, mbedtls_ssl_config conf; struct buffer_data buffer; - MD_PSA_INIT(); + MD_OR_USE_PSA_INIT(); mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); @@ -158,7 +158,7 @@ void mbedtls_debug_print_buf(char *file, int line, char *text, exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); - MD_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -211,7 +211,7 @@ void mbedtls_debug_print_mpi(char *value, char *file, int line, struct buffer_data buffer; mbedtls_mpi val; - MD_PSA_INIT(); + MD_OR_USE_PSA_INIT(); mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); @@ -239,6 +239,6 @@ exit: mbedtls_mpi_free(&val); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); - MD_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_lmots.function b/tests/suites/test_suite_lmots.function index 293287aab..c81501c4d 100644 --- a/tests/suites/test_suite_lmots.function +++ b/tests/suites/test_suite_lmots.function @@ -37,6 +37,7 @@ void lmots_sign_verify_test(data_t *msg, data_t *key_id, int leaf_id, mbedtls_lmots_public_init(&pub_ctx); mbedtls_lmots_private_init(&priv_ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lmots_generate_private_key(&priv_ctx, MBEDTLS_LMOTS_SHA256_N32_W8, key_id->x, leaf_id, seed->x, seed->len), 0); @@ -48,6 +49,7 @@ void lmots_sign_verify_test(data_t *msg, data_t *key_id, int leaf_id, exit: mbedtls_lmots_public_free(&pub_ctx); mbedtls_lmots_private_free(&priv_ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -60,6 +62,7 @@ void lmots_sign_verify_null_msg_test(data_t *key_id, int leaf_id, data_t *seed) mbedtls_lmots_public_init(&pub_ctx); mbedtls_lmots_private_init(&priv_ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lmots_generate_private_key(&priv_ctx, MBEDTLS_LMOTS_SHA256_N32_W8, key_id->x, leaf_id, seed->x, seed->len), 0); @@ -71,6 +74,7 @@ void lmots_sign_verify_null_msg_test(data_t *key_id, int leaf_id, data_t *seed) exit: mbedtls_lmots_public_free(&pub_ctx); mbedtls_lmots_private_free(&priv_ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -83,6 +87,7 @@ void lmots_verify_test(data_t *msg, data_t *sig, data_t *pub_key, unsigned char *tmp_sig = NULL; mbedtls_lmots_public_init(&ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lmots_import_public_key(&ctx, pub_key->x, pub_key->len), 0); @@ -137,6 +142,7 @@ void lmots_verify_test(data_t *msg, data_t *sig, data_t *pub_key, exit: mbedtls_free(tmp_sig); mbedtls_lmots_public_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -149,6 +155,8 @@ void lmots_import_export_test(data_t *pub_key, int expected_import_rc) size_t exported_pub_key_size; mbedtls_lmots_public_init(&ctx); + USE_PSA_INIT(); + TEST_EQUAL(mbedtls_lmots_import_public_key(&ctx, pub_key->x, pub_key->len), expected_import_rc); @@ -192,6 +200,7 @@ void lmots_import_export_test(data_t *pub_key, int expected_import_rc) exit: mbedtls_lmots_public_free(&ctx); mbedtls_free(exported_pub_key); + USE_PSA_DONE(); } /* END_CASE */ @@ -202,6 +211,7 @@ void lmots_reuse_test(data_t *msg, data_t *key_id, int leaf_id, data_t *seed) unsigned char sig[MBEDTLS_LMOTS_SIG_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)]; mbedtls_lmots_private_init(&ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lmots_generate_private_key(&ctx, MBEDTLS_LMOTS_SHA256_N32_W8, key_id->x, leaf_id, seed->x, seed->len), 0); @@ -217,6 +227,7 @@ void lmots_reuse_test(data_t *msg, data_t *key_id, int leaf_id, data_t *seed) exit: mbedtls_lmots_private_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -233,6 +244,7 @@ void lmots_signature_leak_test(data_t *msg, data_t *key_id, int leaf_id, memset(sig, 0x7E, sizeof(sig)); mbedtls_lmots_private_init(&ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lmots_generate_private_key(&ctx, MBEDTLS_LMOTS_SHA256_N32_W8, key_id->x, leaf_id, seed->x, seed->len), 0); @@ -242,5 +254,6 @@ void lmots_signature_leak_test(data_t *msg, data_t *key_id, int leaf_id, exit: mbedtls_lmots_private_free(&ctx); mbedtls_lmots_sign_private_key_invalidated_hook = NULL; + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_lms.function b/tests/suites/test_suite_lms.function index 7116f6181..377efcd9b 100644 --- a/tests/suites/test_suite_lms.function +++ b/tests/suites/test_suite_lms.function @@ -17,6 +17,7 @@ void lms_sign_verify_test(data_t *msg, data_t *seed) mbedtls_lms_public_init(&pub_ctx); mbedtls_lms_private_init(&priv_ctx); + USE_PSA_INIT(); /* Allocation failure isn't a test failure, since it likely just means * there's not enough memory to run the test. @@ -38,6 +39,7 @@ void lms_sign_verify_test(data_t *msg, data_t *seed) exit: mbedtls_lms_public_free(&pub_ctx); mbedtls_lms_private_free(&priv_ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -50,6 +52,7 @@ void lms_sign_verify_null_msg_test(data_t *seed) mbedtls_lms_public_init(&pub_ctx); mbedtls_lms_private_init(&priv_ctx); + USE_PSA_INIT(); /* Allocation failure isn't a test failure, since it likely just means * there's not enough memory to run the test. @@ -71,6 +74,7 @@ void lms_sign_verify_null_msg_test(data_t *seed) exit: mbedtls_lms_public_free(&pub_ctx); mbedtls_lms_private_free(&priv_ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -83,6 +87,7 @@ void lms_verify_test(data_t *msg, data_t *sig, data_t *pub_key, unsigned char *tmp_sig = NULL; mbedtls_lms_public_init(&ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lms_import_public_key(&ctx, pub_key->x, pub_key->len), 0); @@ -139,6 +144,7 @@ void lms_verify_test(data_t *msg, data_t *sig, data_t *pub_key, exit: mbedtls_free(tmp_sig); mbedtls_lms_public_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -151,6 +157,7 @@ void lms_import_export_test(data_t *pub_key, int expected_import_rc) unsigned char *exported_pub_key = NULL; mbedtls_lms_public_init(&ctx); + USE_PSA_INIT(); TEST_EQUAL(mbedtls_lms_import_public_key(&ctx, pub_key->x, pub_key->len), expected_import_rc); @@ -194,5 +201,6 @@ void lms_import_export_test(data_t *pub_key, int expected_import_rc) exit: mbedtls_free(exported_pub_key); mbedtls_lms_public_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 2bc3848f3..6911265f0 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -95,11 +95,11 @@ depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE/ECDSA(ANY_HASH), check ECDSA(SHA256) -depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE/ECDSA(SHA256), check ECDSA(SHA256) -depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDSA(SHA256)/NONE, invalid check ECDSA(ANY) @@ -147,15 +147,15 @@ depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDSA(SHA256)+DERIVE|SIGN -depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDSA(SHA256)+SIGN -depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDSA(SHA256)+DERIVE -depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE:1 PK can do ext: RSA_PKCS1V15_SIGN(ANY)/NONE, check not allowed COPY usage @@ -195,11 +195,11 @@ depends_on:MBEDTLS_RSA_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE, RSA_PKCS1V15_SIGN(ANY), check RSA_PKCS1V15_SIGN(SHA256) -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE, RSA_PKCS1V15_SIGN(SHA256), check RSA_PKCS1V15_SIGN(SHA256) -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: RSA_PKCS1V15_SIGN(SHA256)/NONE, invalid check RSA_PKCS1V15_SIGN(ANY) @@ -235,11 +235,11 @@ depends_on:MBEDTLS_RSA_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ALG_NONE:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE, RSA_PSS(ANY), check RSA_PSS(SHA256) -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE, RSA_PSS(SHA256), check RSA_PSS(SHA256) -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: RSA_PSS(SHA256)/NONE, invalid check RSA_PSS(ANY) @@ -283,11 +283,11 @@ depends_on:MBEDTLS_RSA_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT|PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:1024:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:1 PK can do ext: RSA_PKCS1V15_CRYPT/RSA_PSS(ANY), check RSA_PKCS1V15_CRYPT -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT|PSA_KEY_USAGE_DECRYPT|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:1 PK can do ext: RSA_PKCS1V15_CRYPT/RSA_PSS(ANY), check RSA_PSS(SHA256) -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT|PSA_KEY_USAGE_DECRYPT|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_DECRYPT:1 PK can do ext: RSA_PKCS1V15_CRYPT/RSA_PSS(ANY), check non allowed ENCRYPT usage @@ -295,7 +295,7 @@ depends_on:MBEDTLS_RSA_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT|PSA_KEY_USAGE_DECRYPT|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_ENCRYPT:0 PK can do ext: RSA_PKCS1V15_SIGN(ANY)/RSA_PSS(ANY), check RSA_PSS(SHA256) -depends_on:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_C pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: RSA_PKCS1V15_SIGN(ANY)/RSA_PSS(ANY), check RSA_PKCS1V15_SIGN(SHA256) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 38c27e399..5f4267780 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -45,7 +45,7 @@ #define MBEDTLS_TEST_PK_PSA_SIGN #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) /* Pick an elliptic curve that's supported by PSA. Note that the curve is * not guaranteed to be supported by the ECP module. * @@ -153,7 +153,7 @@ #define MBEDTLS_TEST_PSA_ECC_HAVE_TWO_BITS #endif -#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) */ +#endif /* defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) */ /* Always define the macros so that we can use them in test data. */ #if !defined(MBEDTLS_TEST_PSA_ECC_ONE_FAMILY) @@ -220,7 +220,7 @@ exit: return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) psa_status_t pk_psa_import_key(const unsigned char *key_data, size_t key_len, psa_key_type_t type, psa_key_usage_t usage, psa_algorithm_t alg, mbedtls_svc_key_id_t *key) @@ -239,7 +239,7 @@ psa_status_t pk_psa_import_key(const unsigned char *key_data, size_t key_len, return status; } -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ /** Setup the provided PK context. * @@ -305,7 +305,7 @@ exit: return ret; } -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) /** Create a PSA key of the desired type and properties. * * - For RSA and EC keys predefined key data is used (as in the pk_setup() above). @@ -465,7 +465,7 @@ static int pk_public_same(const mbedtls_pk_context *pk1, exit: return ok; } -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ #if defined(MBEDTLS_RSA_C) int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen, @@ -499,7 +499,7 @@ typedef enum { FROM_PAIR = 1 } from_pair_t; -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, mbedtls_pk_context *pk, psa_key_type_t *psa_type) { @@ -567,9 +567,9 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, exit: return MBEDTLS_ERR_ERROR_GENERIC_ERROR; } -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) /* Create a new PSA key which will contain only the public part of the private * key which is provided in input. For this new key: * - Type is the public counterpart of the private key. @@ -636,7 +636,7 @@ exit: psa_reset_key_attributes(&new_attr); return new_key_id; } -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1753,7 +1753,7 @@ void pk_rsa_alt() TEST_ASSERT(mbedtls_pk_get_type(&alt) == MBEDTLS_PK_RSA_ALT); TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0); -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; TEST_EQUAL(mbedtls_pk_get_psa_attributes(&alt, PSA_KEY_USAGE_ENCRYPT, @@ -1762,7 +1762,7 @@ void pk_rsa_alt() mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; TEST_EQUAL(mbedtls_pk_import_into_psa(&alt, &attributes, &key_id), MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE); -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ /* Test signature */ #if SIZE_MAX > UINT_MAX @@ -2107,7 +2107,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT */ void pk_get_psa_attributes(int pk_type, int from_pair, int usage_arg, int to_pair, int expected_alg) @@ -2155,7 +2155,11 @@ void pk_get_psa_attributes(int pk_type, int from_pair, mbedtls_pk_get_bitlen(&pk)); TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); TEST_EQUAL(psa_get_key_algorithm(&attributes), expected_alg); +#if defined(MBEDTLS_PSA_CRYPTO_C) TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), PSA_ALG_NONE); +#else /* MBEDTLS_PSA_CRYPTO_C */ + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), 42); +#endif /* MBEDTLS_PSA_CRYPTO_C */ TEST_EQUAL(mbedtls_pk_import_into_psa(&pk, &attributes, &new_key_id), 0); if (!mbedtls_test_key_consistency_psa_pk(new_key_id, &pk)) { @@ -2170,7 +2174,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 */ void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, int usage_arg, int to_pair, int expected_alg) @@ -2218,7 +2222,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT */ void pk_get_psa_attributes_fail(int pk_type, int from_pair, int usage_arg, int expected_ret) @@ -2244,7 +2248,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PSA_CRYPTO_STORAGE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PSA_CRYPTO_STORAGE_C */ void pk_import_into_psa_lifetime(int from_opaque, int from_persistent, /* when from opaque */ int from_exportable, /* when from opaque */ @@ -2395,7 +2399,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT */ void pk_import_into_psa_fail(int pk_type, int from_pair, int type_arg, int bits_arg, int expected_ret) @@ -2490,7 +2494,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C*/ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT*/ void pk_copy_from_psa_fail(void) { mbedtls_pk_context pk_ctx; @@ -2535,7 +2539,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC:!MBEDTLS_RSA_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT:MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC:!MBEDTLS_RSA_C */ void pk_copy_from_psa_builtin_fail() { mbedtls_pk_context pk_ctx; @@ -2558,7 +2562,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C*/ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT */ void pk_copy_from_psa_success(data_t *priv_key_data, int key_type_arg, int key_alg_arg) { @@ -2645,7 +2649,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C*/ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_CLIENT*/ void pk_copy_public_from_psa(data_t *priv_key_data, int key_type_arg) { psa_key_type_t key_type = key_type_arg; diff --git a/tests/suites/test_suite_psa_crypto_attributes.function b/tests/suites/test_suite_psa_crypto_attributes.function index c933cb724..bc7adb4a2 100644 --- a/tests/suites/test_suite_psa_crypto_attributes.function +++ b/tests/suites/test_suite_psa_crypto_attributes.function @@ -20,6 +20,8 @@ void attributes_set_get(int owner_id_arg, int id_arg, int lifetime_arg, psa_key_type_t type = type_arg; size_t bits = bits_arg; + USE_PSA_INIT(); + TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( @@ -56,6 +58,8 @@ void attributes_set_get(int owner_id_arg, int id_arg, int lifetime_arg, TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); TEST_EQUAL(psa_get_key_type(&attributes), 0); TEST_EQUAL(psa_get_key_bits(&attributes), 0); + + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index 20167fdab..c7c72f43d 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -6,7 +6,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PSA_CRYPTO_C + * depends_on:MBEDTLS_PSA_CRYPTO_CLIENT * END_DEPENDENCIES */ @@ -35,7 +35,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on: MBEDTLS_PSA_CRYPTO_C */ void hmac(int alg_arg, char *input, data_t *expected_mac) { psa_algorithm_t alg = PSA_ALG_HMAC(alg_arg); diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index c96b4adad..b4d345186 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -561,11 +561,11 @@ depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC: handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PSA_CRYPTO_C handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTSL_PSA_CRYPTO_C handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 840af7d2d..8125e5833 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3297,7 +3297,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SOME */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SOME */ void raw_key_agreement_fail(int bad_server_ecdhe_key) { enum { BUFFSIZE = 17000 };