Backport 2.x: Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
Straightforward backport from development to developement_2.x plus one trivial commit, only one approval is enough.
Modify tests to test mbedtls_psa_cipher_operation_t,
mbedtls_transparent_test_driver_cipher_operation_t and
mbedtls_opaque_test_driver_cipher_operation_t struct initialization macros.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Fix initialization of mbedtls_psa_cipher_operation_t by not initializing the mbedtls_cipher_context_t typed field completely.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Tests for psa_cipher_encrypt and psa_cipher_decrypt functions.
The psa_cipher_encrypt function takes no parameter for IV and always generates
it therefore there will be a randomness in the calculation and cannot be
validated by comparing the actual output with the expected output.
The function is tested by:
- doing a prtially randomized test with an encryption then a decryption
and validating the input with output of the decryption
- validating against the multipart encryption
The combination of this two methods provides enough coverage like a
known answer test.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Various functions for PSA hash operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Remove late binding of iterators to enable the creation of an object
with an actual state of a variable.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
According to the PSA specification the PSA_USAGE_SIGN_HASH has the
permission to sign a message as PSA_USAGE_SIGN_MESSAGE. Similarly the
PSA_USAGE_VERIFY_HASH has the permission to verify a message as
PSA_USAGE_VERIFY_MESSAGE. These permission will also be present when
the application queries the usage flags of the key.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Various functions for PSA cipher and mac operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
The cipher_bad_order test happened to pass, but was not testing the
failure case it intended to test.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This makes it easier to ensure that crypto_spe.h is included everywhere it
needs to be, and that it's included early enough to do its job (it must be
included before any mention of psa_xxx() functions with external linkage,
because it defines macros to rename these functions).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>