Adapt configurations to stricter compile-time checks
for entropy enablement and MBEDTLS_ENTROPY_NV_SEED
option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove unnecessary passing of the crypto config filename either with the
'-f' or '-c' switch, throughout all of the all.sh component files.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Ensure that when we switch from SHA-512 to SHA-256
as the default CTR_DRBG hash, we still properly
test CTR_DRBG with SHA-512.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove all references to MBEDTLS_ECDSA_DETERMINISTIC from
components-configuration-crypto.sh. Replace them with
PSA_WANT_ALG_DETERMINISTIC_ECDSA.
This is safe because:
* MBEDTLS_ECDSA_DETERMINISTIC is only ever unset in components in order
to avoid errors from disabling its dependency MBEDTLS_HMAC_DRBG_C.
* MBEDTLS_ECDSA_DETERMINISTIC is only ever defined in
config_adjust_legacy_from_psa.h, and only if
PSA_WANT_ALG_DETERMINISTIC_ECDSA is defined.
Therefore PSA_WANT_ALG_DETERMINISTIC_ECDSA's dependencies are a superset
of MBEDTLS_ECDSA_DETERMINISTIC's dependencies and must include
MBEDTLS_HMAC_DRBG_C, so disabling PSA_WANT_ALG_DETERMINISTIC_ECDSA is a
sufficient substitute for disabling MBEDTLS_ECDSA_DETERMINISTIC.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Enable p192[k|r]1 curves which are disabled by default in tf-psa-crypto.
This is required to get the proper test coverage otherwise there are
tests in 'test_suite_psa_crypto_op_fail' that would never be executed.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Some EC/DH group might be disabled in default configuration in
"crypto_config.h" so before running "helper_get_psa_key_type_list" and/or
"helper_get_psa_curve_list" it's better to set/unset what's required
for that test component and only then parse the enabled groups.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Disable MBEDTLS_GENPRIME in the
test_psa_crypto_config_accel_rsa_crypto component.
This should likely have been the case already,
as all RSA crypto in this component is expected
to be provided by the test driver.
This change is necessary following the previous
commit to prevent analyze_outcomes.py from
complaining that, as MBEDTLS_GENPRIME tests are
passing in both the driver and reference
components, they should not be ignored.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of the removal of the configuration
option MBEDTLS_POLY1305_C, disable it in
test_psa_crypto_config_accel_cipher_aead_cmac as
it will be not possible to enable it when
CHACHA20_POLY1305 is accelerated.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove dependencies on MBEDTLS_CIPHER_MODE_CBC and
MBEDTLS_AES_C, as these options will no longer be
available once they are removed from the configuration.
The affected tests rely on the built-in CBC and AES
implementations. With the removal of
MBEDTLS_CIPHER_MODE_CBC and MBEDTLS_AES_C as
configuration options, there is no longer a mechanism
in ssl-opt.sh to express these dependencies.
As a result, filter out these tests at the all.sh
component level when the built-in CBC and AES
implementations are not available.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The SW implementation is guarded with the `MBEDTLS_PSA_BUILTIN_ALG_SHA3`
macros and not enabled when driver accelaration is set. So disabling
the `PSA_WANT` macros is not needed.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This is necessary to let entropy being able to gather entropy data from
the native platform source.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit moves the tf-psa-crypto configuration options
for this test to `crypto-config-ccm-aes-sha256.h`.
A blank MbedTLS configuration file is now used for the library
side.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
