The compile time guards were too restrictive, excluding builds with
drivers, updating them will allow driver tests to run as well.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Assert that two forked children have distinct RNG states, and also that the
state is distinct from their parent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit fixes two problems:
1. In 3.6 the SSL unit test framework ignores option.cipher, we need to
enforce it manually
2. In 3.6 we still have RSA key exchange and we need to condition the
RSA test on the presence of ECDHE_RSA key exchange modes as well
Signed-off-by: Janos Follath <janos.follath@arm.com>
DEBUG_C supposed to have been removed from the test dependencies, still
being there is an oversight. Removing it was the sole purpose of
3e58109fbd.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The unit test framework always loads the client key as well, which
requires a different curve and a hash than the server key.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add a test case with a successful handshake for each test case that
causes the desired handshake failure, with minimal differences between
the two.
The reason is to have more assurance that the handshake is failing for
the desired reason (as opposed to not having done something correctly in
the test code).
Signed-off-by: Janos Follath <janos.follath@arm.com>
There are other issues that can fail with the same error code. Make sure
that the handshake fails exactly the way we want it to fail by analysing
the client logs.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We usually follow the pattern that a zero-initialised struct is safe to
free. This wasn't the case here.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This root certificate uses SECP-384 and if we don't have it in the
build, the parsing already fails even if we don't try to use it, there
is no reason to have it in the build without the SECP-384.
Signed-off-by: Janos Follath <janos.follath@arm.com>
In Mbed TLS 3.6 we still need to manually configure the RNG for TLS. Add
this to the testcase for default verify_result.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This patch adds psa_aead_decrypt_setup() & psa_aead_finish()
path to the multipart_state_testing.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Add tests for key import-export and key import followed by public-key
export when the output buffer is too small. Add these tests for the
following curves:
* p256 as an example of a Weierstrass curve
* Curve25519
* Curve448
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This testcase calls psa_export_public_key() on an FFDH key with an
output buffer that is too small. Since the size is calculated based on
the required key size but not checked against the available buffer size,
we overflow the buffer.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
