For the component test_psa_crypto_config_accel_rsa_crypto,
ignore the test cases depending on MBEDTLS_GENPRIME being
enabled. When all RSA crypto is provided by drivers
MBEDTLS_GENPRIME will not be enabled when it is not
a configuration option anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
For the test_psa_crypto_config_accel_rsa_crypto component,
ignore test cases that depend on MBEDTLS_GENPRIME being enabled.
When all RSA cryptographic operations are provided by drivers,
MBEDTLS_GENPRIME will not be enabled, as it will no longer be a configuration
option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add warning log when disabling a configuration
option that does not exist.
When the removal of the legacy crypto config
options is completed, the warning will be
reverted to an error.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of the removal of the configuration
option MBEDTLS_POLY1305_C, disable it in
test_psa_crypto_config_accel_cipher_aead_cmac as
it will be not possible to enable it when
CHACHA20_POLY1305 is accelerated.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of the removal of MBEDTLS_ECP_DP_*
configuration options, replace them by their
PSA_WANT_ECC_* equivalent in dependencies.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of the removal of MBEDTLS_RSA_C,
replace MBEDTLS_RSA_C by its PSA_WANT_ closest
equivalent PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC
in dependencies.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove dependencies on MBEDTLS_CIPHER_MODE_CBC and
MBEDTLS_AES_C, as these options will no longer be
available once they are removed from the configuration.
The affected tests rely on the built-in CBC and AES
implementations. With the removal of
MBEDTLS_CIPHER_MODE_CBC and MBEDTLS_AES_C as
configuration options, there is no longer a mechanism
in ssl-opt.sh to express these dependencies.
As a result, filter out these tests at the all.sh
component level when the built-in CBC and AES
implementations are not available.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
To ease the removal of legacy crypto options, do not
fail in depends.py when disabling a non-existing option.
This mimics the behavior of 'config.py unset'.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Following the move of all crypto code to the
tfpsacrypto library, do not link against the
driver libraries anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Describe the change to the cipher mechanism specification. Consolidate that
with the removal of the RNG arguments.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In some cases, we were calling `mbedtls_test_ssl_endpoint_free()` on an
uninitialized `mbedtls_test_ssl_endpoint` object if the test case failed
early, e.g. due to `psa_crypto_init()` failing. This was largely harmless,
but could have caused weird test results in case of failure, and was flagged
by Coverity.
Use a more systematic style for initializing the stack object as soon as
it's declared.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
