test: add new component to test core library without calloc/free
This commit also fixes issues found in test suites
function/data files.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index de9f0e7..cbebd16 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -64,6 +64,92 @@
check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a
}
+# The goal of this component is to build a configuration where:
+# - test code and libtestdriver1 can make use of calloc/free and
+# - core library (including PSA core) cannot use calloc/free.
+component_test_psa_crypto_without_heap() {
+ # Disable PSA features that cannot be accelerated and whose builtin support
+ # requires calloc/free.
+ scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
+ scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_HKDF*
+ scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_PBKDF2*
+ scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_TLS12*
+ # RSA key support requires ASN1 parse/write support for testing, but ASN1
+ # is disabled below.
+ scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_KEY_TYPE_RSA_*
+ scripts/config.py -f $CRYPTO_CONFIG_H unset-all PSA_WANT_ALG_RSA_*
+ # DES requires built-in support for key generation (parity check) so it
+ # cannot be accelerated
+ scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DES
+ # EC-JPAKE use calloc/free in PSA core
+ scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_JPAKE
+
+ # Accelerate all PSA features (which are still enabled in CRYPTO_CONFIG_H).
+ PSA_SYM_LIST=$(./scripts/config.py -f $CRYPTO_CONFIG_H get-all-enabled PSA_WANT)
+ loc_accel_list=$(echo $PSA_SYM_LIST | sed 's/PSA_WANT_//g')
+
+ msg "build: libtestdriver1"
+ helper_libtestdriver1_adjust_config crypto
+ helper_libtestdriver1_make_drivers "$loc_accel_list"
+
+ msg "build: main library"
+ # Enable fully-static key slots in PSA core.
+ scripts/config.py set MBEDTLS_PSA_STATIC_KEY_SLOTS
+ # Prevent PSA core from creating a copy of input/output buffers
+ scripts/config.py set MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
+ # Prevent PSA core from using CTR-DRBG or HMAC-DRBG for random generation.
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+ # Set cmalloc/free as null pointer functions. Calling them would crash
+ # the program so we can use this as a "sentinel" for being sure no module
+ # is making use of these functions in the library.
+ scripts/config.py set MBEDTLS_PLATFORM_MEMORY
+ scripts/config.py set MBEDTLS_PLATFORM_STD_CALLOC NULL
+ scripts/config.py set MBEDTLS_PLATFORM_STD_FREE NULL
+
+ # Disable all the modules/features that use cmalloc directly
+ scripts/config.py unset-all MBEDTLS_ASN1_
+ scripts/config.py unset MBEDTLS_BIGNUM_C
+ scripts/config.py unset MBEDTLS_CIPHER_C
+ scripts/config.py unset MBEDTLS_CMAC_C
+ scripts/config.py unset MBEDTLS_DHM_C
+ scripts/config.py unset MBEDTLS_ECDSA_C
+ scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
+ scripts/config.py unset MBEDTLS_ECP_C
+ scripts/config.py unset-all MBEDTLS_LMS_
+ scripts/config.py unset MBEDTLS_MD_C
+ scripts/config.py unset MBEDTLS_OID_C
+ scripts/config.py unset-all MBEDTLS_PEM_
+ scripts/config.py unset MBEDTLS_PKCS7_C
+ scripts/config.py unset-all MBEDTLS_PK_
+ scripts/config.py unset MBEDTLS_RSA_C
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+ # Disable all modules that depend on the the previous ones
+ scripts/config.py unset MBEDTLS_NIST_KW_C
+ scripts/config.py unset MBEDTLS_ECDH_C
+ scripts/config.py unset MBEDTLS_ECJPAKE_C
+ scripts/config.py unset-all MBEDTLS_PKCS1_
+ scripts/config.py unset-all MBEDTLS_ENTROPY_
+ scripts/config.py unset-all MBEDTLS_SHA
+ scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
+ scripts/config.py unset MBEDTLS_HKDF_C
+ scripts/config.py unset MBEDTLS_PKCS5_C
+ scripts/config.py unset MBEDTLS_PKCS12_C
+ scripts/config.py unset MBEDTLS_HMAC_DRBG_C
+ scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
+ helper_libtestdriver1_make_main "$loc_accel_list" lib
+
+ msg "build: test suites and helpers"
+ # Reset cmalloc/free functions to normal operations so that test code can
+ # freely use them.
+ scripts/config.py unset MBEDTLS_PLATFORM_MEMORY
+ scripts/config.py unset MBEDTLS_PLATFORM_STD_CALLOC
+ scripts/config.py unset MBEDTLS_PLATFORM_STD_FREE
+ helper_libtestdriver1_make_main "$loc_accel_list" tests
+
+ msg "run tests"
+ make test
+}
+
component_test_no_rsa_key_pair_generation () {
msg "build: default config minus PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE"
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data
index 548f4b4..8ddd6d7 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.data
@@ -7402,9 +7402,11 @@
generate_key:PSA_KEY_TYPE_RAW_DATA:9:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0
PSA generate key: raw data, (MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
+depends_on:!MBEDTLS_PSA_STATIC_KEY_SLOTS
generate_key:PSA_KEY_TYPE_RAW_DATA:(MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
PSA generate key: raw data, (2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8 bits
+depends_on:!MBEDTLS_PSA_STATIC_KEY_SLOTS
generate_key:PSA_KEY_TYPE_RAW_DATA:(2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1) * 8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS:0
PSA generate key: raw data, 65528 bits (large key, ok if it fits)
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
index e29d16c..b1c662f 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
@@ -1236,7 +1236,7 @@
}
#endif /* MBEDTLS_ECP_RESTARTABLE */
-#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) && defined(MBEDTLS_ASN1_PARSE_C)
static int rsa_test_e(mbedtls_svc_key_id_t key,
size_t bits,
const data_t *e_arg)
@@ -10180,7 +10180,7 @@
TEST_EQUAL(psa_get_key_type(&got_attributes), type);
TEST_EQUAL(psa_get_key_bits(&got_attributes), bits);
-#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) && defined(MBEDTLS_ASN1_PARSE_C)
if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
TEST_ASSERT(rsa_test_e(key, bits, custom_data));
}
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index fb2da8c..632a4b6 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -256,35 +256,35 @@
generate_ec_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
validate key through transparent driver: good private key
-depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
validate key through transparent driver: good public key
-depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through transparent driver: fallback private key
-depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:132:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
validate key through transparent driver: fallback public key
-depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:133:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through transparent driver: error
-depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_LOCATION_LOCAL_STORAGE:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
validate key through opaque driver: good private key
-depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
validate key through opaque driver: good public key
-depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through opaque driver: error
-depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_CRYPTO_STORAGE_C
validate_key:PSA_ERROR_GENERIC_ERROR:PSA_CRYPTO_TEST_DRIVER_LOCATION:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
export_key private to public through driver: fake
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 84611fa..14fc644 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -6,13 +6,14 @@
size_t pake_expected_hit_count = 0;
int pake_in_driver = 0;
+#if defined(PSA_WANT_ALG_JPAKE) && \
+ defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
+ defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
+
/* The only two JPAKE user/peer identifiers supported for the time being. */
static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' };
static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
-#if defined(PSA_WANT_ALG_JPAKE) && \
- defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
- defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256)
static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive,
psa_pake_operation_t *server,
psa_pake_operation_t *client,
@@ -437,6 +438,11 @@
mbedtls_mpi_init(&D);
mbedtls_mpi_init(&C);
mbedtls_mpi_init(&X);
+#else /* MBEDTLS_BIGNUM_C */
+ (void) alg;
+ (void) private_exponent;
+ (void) input_data;
+ (void) buf;
#endif /* MBEDTLS_BIGNUM_C */
int ok = 0;
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_entropy.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_entropy.function
index 4d5eda2..2408163 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_entropy.function
@@ -8,6 +8,10 @@
#include "entropy_poll.h"
/* Calculating the minimum allowed entropy size in bytes */
+#if !defined(MBEDTLS_ENTROPY_BLOCK_SIZE)
+#define MBEDTLS_ENTROPY_BLOCK_SIZE MBEDTLS_ENTROPY_MIN_PLATFORM
+#endif
+
#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, \
MBEDTLS_ENTROPY_BLOCK_SIZE)
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_init.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_init.function
index 954560a..c9a1e07 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_init.function
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_init.function
@@ -24,6 +24,9 @@
exit:
return 0;
}
+#if !defined(MBEDTLS_ENTROPY_BLOCK_SIZE)
+#define MBEDTLS_ENTROPY_BLOCK_SIZE MBEDTLS_ENTROPY_MIN_PLATFORM
+#endif
#define ENTROPY_MIN_NV_SEED_SIZE \
MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)