When building Mbed TLS with test drivers, "psa_crypto_mldsa.h" is not on the
include path. Rather than get it on, which seems complicated and is not
desirable in the long term, arrange to do without this header. We just need
to define the macro PSA_ALG_IS_ML_DSA, and its behavior is defined by the
PSA Crypto API specification so pretty much set in stone.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When TF-PSA-Crypto has pure ML-DSA, we need to handle it in the test driver
for signatures. But we must not try to reference ML-DSA identifiers in
TF-PSA-Crypto branches where they don't exist yet, even though the
compilation option already exists (which notably includes the TF-PSA-Crypto
1.1.0 release).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We don't support ML-DSA in libtestdriver1 yet, because it's a copy of the
`builtin` driver but ML-DSA is provided by the `pqcp` driver. This means
that we can't test “driver-only” ML-DSA builds, but it should be possible to
enable ML-DSA in a build that dispatches through the test driver. This is
currently impossible because pure ML-DSA is not a sign-the-hash algorithm,
but the code in the test driver for signatures assumes that all signature
algorithms are sign-the-hash. Fix this in a minimal way by making the test
driver activate the fallback mechanism of driver dispatch when the algorithm
is pure ML-DSA. (Don't do this for all algorithms that are not sign-the-hash,
because in general, we do want the test driver to fail if it's given an
algorithm that it doesn't support.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When running tests that use mbedtls_test_fork_run_child() under Valgrind,
bad things happen. Specifically:
* Valgrind reports leaks in the child. Those leaks do exist, but they're
deliberate since we avoid cleaning up in the child (because we want to
do as little as possible in the child, and because cleanups such as
destroying PSA persistent keys would have undesirable effects outside
the child process).
* Valgrind's overridden `_exit()` doesn't just perform checks, but also for
some reason it causes the file description on the .datax file to seek
backwards, causing tests to run again in a loop.
Avoid this by calling `execve()` (via `execlp()`) rather than `_exit()` if
it looks like the test is run under Valgrind. This is safe as long as
Valgrind isn't run with `--trace-children=yes`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
If we rely on `tf_psa_crypto_common.h`, it's too late. And `common.h in 3.6
doesn't have platform requirements.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Partially revert "Give test code access to internal macros of the library".
I think that it would be better not to require every user of `test/macros.h`
to have access to the library source, but it's out of scope here.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The child code isn't supposed to cause memory corruption, but if it does,
try to report a problem rather than mess up further.
Adapt the code to report the failure to the parent accordingly. In
particular, we need to make sure that the first byte written to the
reporting pipe is the result code in all cases, so don't jump over the
writing of the result code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the success case, we were only reporting the correct data written by the
child if the data was read in a single `read` call.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When reading data from the child, if the child reports a failure, the parent
expects the child to write an `mbedtls_test_info_t` structure, no less, no
more. To achieve this, we try reading at least one byte more, and check that
we couldn't read more than the expected size. This commit fixes two bugs:
* On success, don't require the child to fill the output buffer. This check
was only intended for the failure case, but was accidentally put in the
wrong place.
* On failure, we weren't checking that the child had written at least the
expected size, which could have been worse (we'd end up with a
child_test_info structure that's only partially initialized).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Run some code in a child process. Propagate output from the child if the
test succeeds, and propagate the test result information otherwise.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Include `"test_common.h"` as the first thing in C files, and
`<test/build_info.h>` as the first thing in header files.
This requires moving `<test/test_common.h>` to its intended location
`"test_common.h"`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The header `test_common.h` contains two kinds of things:
* Things to do at the beginning of individual C files. Specifically,
defining macros that notify system headers about what we want from them.
Keep those in `test_common.h`, which will subsequently be moved out of
the include directory.
* Things to do at the beginning of every header. In particular, read the
library configuration. Move them to a new header `build_info.h`,
which is the only one intended to be included from headers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This lets us define things that we want to have everywhere in test code. In
particular, this lets us define platform-specific symbols that influence
what system headers declare. This also takes care of including the library
configuration.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Since Mbed TLS 3.6.0, all officially supported versions of Visual Studio
a printf function family that is sufficiently compliant to C99 for our
purposes, in particular supporting `%zu` for `size_t`. The only platform
without `%zu` that we semi-officially support is older versions of MinGW,
still used in our CI. MinGW provides either a Windows legacy printf or a
standards-compliant printf depending on the value of
`__USE_MINGW_ANSI_STDIO` when compiling each C file. Force the use of the
compliant version. Don't rely on `MBEDTLS_PRINTF_SIZET`, which is defined in
`<mbedtls/debug.h>` and no longer considers the Windows legacy version in
Mbed TLS >= 4.1.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Keep TEST_EQUAL() on the function that might fail so that if a failure
happen the message will report the actual function that failed.
Documentation of the helper function is also updated.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
A new look-up table is created, "predefined_keys_psa", to list all the
predefined keys together with the corresponding PSA key type and bits.
A new look-up table was created in order not to conflict with the already
existing "predefined_keys" one.
"mbedtls_pk_helpers_get_predefined_key_data" is modified in order to
use the new look-up table.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Get rid of one subdirectory in include/ limitation.
Prefix all file basename instead of changing the
name of `include/mbedtls` to `include/libtestdriver1`.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Update test drivers for TF-PSA-Crypto test driver
based on a copy of `drivers/builtin`.
We mainly keep using what is already in place for
libtestdriver1 in Mbed TLS by still defining
MBEDTLS_TEST_LIBTESTDRIVER1.
As in TF-PSA-Crypto, the test driver is a derivative
of a clone of the built-in driver, not of the whole
library, the paths to the driver internal headers
are different. The paths are relative to
`drivers/libtestdriver1/include`.
Otherwise, `psa_key_attributes_t` is prefixed with
`libtestdriver1_` in Mbed TLS test driver but not
in TF-PSA-Crypto one. Thus in TF-PSA-Crypto case
define `libtestdriver1_psa_key_attributes_t` as
`psa_key_attributes_t`.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix clang warning related to mismatch
between function prototype and
function definition: void func(void) vs void func().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Since TF-PSA-Crypto 1.0 (threading internal interface version 4.0.0.1),
`mbedtls_mutex_free()` on an all-bits-zero mutex is defined to be a no-op.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In Mbed TLS 3.6, this error was used in the library as well as the test
framework, but since TF-PSA-Crypto 1.0, it has been removed from the
library.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The way the mutex usage verification framework plugs into the library
requires it to have access to the API type, which holds the state field. In
the new threading API, the mutable function that the framework overrides now
only receives a pointer to the platform object that is embedded in the API
object. Hence we need to calculate a pointer to the containing API object
when given a pointer to the platform object. It's ugly, but it works.
A follow-up should clean this up by changing how the mutex usage
verification framework plugs into the library. It should use a more normal
hook function mechanism instead of replacing the function pointers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Gilles Peskine