After upgrading certificates, some parsing unit tests are failing because
the new certificates have a different expiry date, by design. Switch those
test cases to using the moved copy of the old data (as we did in a more
systematic way in the development branch).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Copy updated test certificates and related data (keys, CSR, etc.) from
development. This replaces certificates that will expire on 2023-09-07,
causing the unit tests to fail. This also adds new data files that are not
used, and moves some files.
The replacement data is good until 2023-12-31.
The update causes some parsing unit tests to fail because the new
certificates have a different expiry date. This will be fixed in a
subsequent commit.
```
git checkout dc2d7cce02a273f6ec6a7cd78512dfeaf633a3a5 -- tests/data_files tests/src/test_certs.h tests/src/certs.c
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This previous test is correct, as it is using make. Switch to using
config.py for robustness and consistency.
Signed-off-by: Janos Follath <janos.follath@arm.com>
These tests weren't working, because they use CMake and can't pass
options with CFLAGS directly. This could be mitigated by adding a CMake
option, but using config.py is less invasive and it is what we normally
use for setting build options anyway.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The latest and earliest clang/GCC compilers are now used through
variables instead of symlinks and also the all.sh script is updated
to support options for overriding the default values.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
The component functions in all.sh will be listed using
compgen instead of sed so this check is not needed.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
Explain how PSA_CRYPTO_DRIVER_TEST_ALL works and why we have it. Note that
it is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG. As a consequence, disable
that option in component_test_psa_crypto_drivers.
MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is in the full config, so there's no need to
add it explicitly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
