Disable MBEDTLS_GENPRIME in the
test_psa_crypto_config_accel_rsa_crypto component.
This should likely have been the case already,
as all RSA crypto in this component is expected
to be provided by the test driver.
This change is necessary following the previous
commit to prevent analyze_outcomes.py from
complaining that, as MBEDTLS_GENPRIME tests are
passing in both the driver and reference
components, they should not be ignored.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of the removal of the configuration
option MBEDTLS_POLY1305_C, disable it in
test_psa_crypto_config_accel_cipher_aead_cmac as
it will be not possible to enable it when
CHACHA20_POLY1305 is accelerated.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove dependencies on MBEDTLS_CIPHER_MODE_CBC and
MBEDTLS_AES_C, as these options will no longer be
available once they are removed from the configuration.
The affected tests rely on the built-in CBC and AES
implementations. With the removal of
MBEDTLS_CIPHER_MODE_CBC and MBEDTLS_AES_C as
configuration options, there is no longer a mechanism
in ssl-opt.sh to express these dependencies.
As a result, filter out these tests at the all.sh
component level when the built-in CBC and AES
implementations are not available.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The SW implementation is guarded with the `MBEDTLS_PSA_BUILTIN_ALG_SHA3`
macros and not enabled when driver accelaration is set. So disabling
the `PSA_WANT` macros is not needed.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This is necessary to let entropy being able to gather entropy data from
the native platform source.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit moves the tf-psa-crypto configuration options
for this test to `crypto-config-ccm-aes-sha256.h`.
A blank MbedTLS configuration file is now used for the library
side.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Moving forward the MBEDTLS_PSA_CRYPTO_CONFIG_FILE now resides in the
ts-psa/crypto configuration. This patch removes it from the library
configuration files, and updates the tests to explicitely use it.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Remove the configuration option MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED and all
code guarded by it. This remove support for the RSA-PSK key exchange in TLS
1.2.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that it's always on, this is no longer necessary.
Also this is a step towards no longer being able to set it, because it soon
won't be a selectable configuration option anymore.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Remove all.sh components that explicitly disable MBEDTLS_USE_PSA_CRYPTO, and
for which there is another component with MBEDTLS_USE_PSA_CRYPTO enabled
that does the same or more testing.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
With PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE disabled, test TLS 1.3 and
USE_PSA TLS 1.2.
With PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE disabled, just test crypto,
because the TLS code needs that to generate ephemeral ECDH keys but this is
not tracked properly (the ephemeral ECDH code is only gated on having ECDH).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This value should be:
- OK for all EC/FFDH key pairs/public keys;
- OK for all supported public RSA keys;
- OK for RSA key pairs up to 2048 bits;
- FAIL for RSA key pairs above 2048 bits.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
