The SW implementation is guarded with the `MBEDTLS_PSA_BUILTIN_ALG_SHA3`
macros and not enabled when driver accelaration is set. So disabling
the `PSA_WANT` macros is not needed.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
With the removal of MBEDTLS_SHA3_C the test cases with disabled SHA3
dependency are never executed. Adding a temporary `all.sh` component
which disabling the `PSA_WANT_ALG_SHA3_*` macros to cover
these test cases.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
The goal of testing with GCC 15 is to validate fixes for
https://github.com/Mbed-TLS/mbedtls/issues/9814 . The bug is present in
multiple places, and some of them affect third-party drivers but not our
built-in implementation. (The bug is that driver contexts might not be
zero-initialized, but some of our built-in implementations happen not to
care about this.) Thus, enable the test drivers in the test component that
uses GCC 15, to gain the extra checks performed in the driver wrappers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is a new warning in GCC 15 that our code base triggers in many places.
Silence it for the time being.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Import component_test_platform_get_entropy_alt() from its counterpart
in TF-PSA-Crypto repo.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Use the proper Clang C++ compiler to build C++ code otherwise the C
compiler will fail because std::cout() is unknown in
"cpp_dummy_build.cpp".
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Use alternative implementation of mbedtls_platform_get_entropy() since
the default one lives in "platform.c" and that one is excluded in
this test component.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
By default C++ code would be compiled with GNU while C with Clang and
this can create problems at link time. In order to prevent this we
use Clang for both.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is necessary to let entropy being able to gather entropy data from
the native platform source.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Now that in TF-PSA-Crypto CI, the TF-PSA-Crypto
all.sh components are run in pure TF-PSA-Crypto
context, there is no need to run them as part of
mbedtls CI anymore. The all.sh wrapper wrapping
./tests/scripts/mbedtls-all.sh and
./tf-psa-crypto/tests/scripts/all.sh can be
removed.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
With the removal of the component_test_psa_inject_entropy test,
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES is no longer set in any tests, and so
the CI will complain unless it is added to the ignore list.
Signed-off-by: Felix Conway <felix.conway@arm.com>
Adapt builds and check-generated-files.sh to the fact
that generate_config_tests.py does not generate
test_suite_config.psa_boolean.data in Mbed TLS 4.x
context anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reassemble handshake fragments incrementally instead of all at the end. That
is, every time we receive a non-initial handshake fragment, append it to the
initial fragment. Since we only have to deal with at most two handshake
fragments at the same time, this simplifies the code (no re-parsing of a
record) and is a little more memory-efficient (no need to store one record
header per record).
This commit also fixes a bug. The previous code did not calculate offsets
correctly when records use an explicit IV, which is the case in TLS 1.2 with
CBC (encrypt-then-MAC or not), GCM and CCM encryption (i.e. all but null and
ChachaPoly). This led to the wrong data when an encrypted handshake message
was fragmented (Finished or renegotiation). The new code handles this
correctly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
