mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-08-01 10:06:53 +03:00
remove MBEDTLS_USE_PSA_CRYPTO from tests
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
This commit is contained in:
Ben Taylor
@ -15,8 +15,7 @@
|
||||
#endif /* MBEDTLS_PK_HAVE_PRIVATE_HEADER */
|
||||
#include "mbedtls/psa_util.h"
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
||||
defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)
|
||||
#if defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)
|
||||
static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen)
|
||||
{
|
||||
unsigned char hash[PSA_HASH_MAX_SIZE];
|
||||
@ -53,7 +52,7 @@ cleanup:
|
||||
mbedtls_x509_csr_free(&csr);
|
||||
return ret;
|
||||
}
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
|
||||
#endif /* MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
|
||||
|
||||
#if defined(MBEDTLS_X509_CSR_WRITE_C)
|
||||
|
||||
@ -131,11 +130,6 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type,
|
||||
mbedtls_x509write_csr req;
|
||||
unsigned char buf[4096];
|
||||
int ret;
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
unsigned char check_buf[4000];
|
||||
FILE *f;
|
||||
size_t olen = 0;
|
||||
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
|
||||
size_t pem_len = 0, buf_index;
|
||||
int der_len = -1;
|
||||
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
|
||||
@ -215,20 +209,10 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type,
|
||||
TEST_ASSERT(buf[buf_index] == 0);
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
// When using PSA crypto, RNG isn't controllable, so cert_req_check_file can't be used
|
||||
(void) cert_req_check_file;
|
||||
buf[pem_len] = '\0';
|
||||
TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0);
|
||||
#else
|
||||
f = fopen(cert_req_check_file, "r");
|
||||
TEST_ASSERT(f != NULL);
|
||||
olen = fread(check_buf, 1, sizeof(check_buf), f);
|
||||
fclose(f);
|
||||
|
||||
TEST_ASSERT(olen >= pem_len - 1);
|
||||
TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf));
|
||||
TEST_ASSERT(der_len >= 0);
|
||||
@ -237,14 +221,10 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
// When using PSA crypto, RNG isn't controllable, result length isn't
|
||||
// deterministic over multiple runs, removing a single byte isn't enough to
|
||||
// go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case
|
||||
der_len /= 2;
|
||||
#else
|
||||
der_len -= 1;
|
||||
#endif
|
||||
ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len));
|
||||
TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
|
||||
|
||||
@ -256,7 +236,7 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
|
||||
void x509_csr_check_opaque(char *key_file, int md_type, int key_usage,
|
||||
int cert_type)
|
||||
{
|
||||
@ -342,10 +322,8 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd,
|
||||
int der_len = -1;
|
||||
FILE *f;
|
||||
mbedtls_test_rnd_pseudo_info rnd_info;
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
|
||||
#endif
|
||||
mbedtls_pk_type_t issuer_key_type;
|
||||
mbedtls_x509_san_list san_ip;
|
||||
mbedtls_x509_san_list san_dns;
|
||||
@ -409,7 +387,6 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd,
|
||||
|
||||
issuer_key_type = mbedtls_pk_get_type(&issuer_key);
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
/* Turn the issuer PK context into an opaque one. */
|
||||
if (pk_wrap == 2) {
|
||||
TEST_EQUAL(mbedtls_pk_get_psa_attributes(&issuer_key, PSA_KEY_USAGE_SIGN_HASH,
|
||||
@ -419,7 +396,6 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd,
|
||||
mbedtls_pk_init(&issuer_key);
|
||||
TEST_EQUAL(mbedtls_pk_wrap_psa(&issuer_key, key_id), 0);
|
||||
}
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
if (pk_wrap == 2) {
|
||||
TEST_ASSERT(mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_OPAQUE);
|
||||
@ -570,14 +546,12 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd,
|
||||
TEST_ASSERT(p < end);
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
// When using PSA crypto, RNG isn't controllable, result length isn't
|
||||
// deterministic over multiple runs, removing a single byte isn't enough to
|
||||
// go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case
|
||||
if (issuer_key_type != MBEDTLS_PK_RSA) {
|
||||
der_len /= 2;
|
||||
} else
|
||||
#endif
|
||||
der_len -= 1;
|
||||
|
||||
ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len));
|
||||
@ -592,9 +566,7 @@ exit:
|
||||
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
||||
mbedtls_mpi_free(&serial_mpi);
|
||||
#endif
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_destroy_key(key_id);
|
||||
#endif
|
||||
MD_OR_USE_PSA_DONE();
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
Reference in New Issue
Block a user