Skip to content

Commit

Permalink
Merge pull request #6415 from mprse/aead_driver_test_2_28_backport
Browse files Browse the repository at this point in the history 
2.28 backport: Enable testing of AEAD drivers with libtestdriver1
  • Loading branch information
@mpg
mpg authored Oct 14, 2022
2 parents 279188f + 9030a25 commit 3495ca3
Show file tree
Hide file tree
Showing 6 changed files with 121 additions and 4 deletions.
3 changes: 3 additions & 0 deletions ChangeLog.d/fix_aead_psa_driver_build.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Bugfix
* Fix compilation errors when trying to build with
PSA drivers for AEAD (GCM, CCM, Chacha20-Poly1305).
6 changes: 6 additions & 0 deletions include/psa/crypto_builtin_composites.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,12 @@
#define MBEDTLS_PSA_BUILTIN_MAC
#endif

#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
#define MBEDTLS_PSA_BUILTIN_AEAD 1
#endif

#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
typedef struct
{
Expand Down
1 change: 1 addition & 0 deletions tests/include/test/drivers/config_test_driver.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
#define MBEDTLS_CTR_DRBG_C
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_POLY1305_C

/*
* Configuration options that may need to be additionally enabled for the
Expand Down
18 changes: 16 additions & 2 deletions tests/include/test/drivers/crypto_config_test_driver_extension.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,14 @@
#endif
#endif

#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
#if defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
#undef MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305
#else
#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
#endif
#endif

#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
Expand Down Expand Up @@ -198,9 +206,16 @@
#endif
#endif

#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20
#else
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
#endif
#endif

#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1
#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1
Expand Down Expand Up @@ -232,7 +247,6 @@
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1
Expand Down
35 changes: 35 additions & 0 deletions tests/scripts/all.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1962,6 +1962,41 @@ component_test_psa_crypto_config_accel_cipher () {
make test
}

component_test_psa_crypto_config_accel_aead () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD"

# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
# partial support for cipher operations in the driver test library.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING

loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA"
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"

scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG

scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# Features that depend on AEAD
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
scripts/config.py unset MBEDTLS_SSL_TICKET_C

loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"

# There's a risk of something getting re-enabled via config_psa.h
# make sure it did not happen.
not grep mbedtls_ccm library/ccm.o
not grep mbedtls_gcm library/gcm.o
not grep mbedtls_chachapoly library/chachapoly.o

msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD"
make test
}

component_test_psa_crypto_config_no_driver() {
# full plus MBEDTLS_PSA_CRYPTO_CONFIG
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
Expand Down
62 changes: 60 additions & 2 deletions tests/src/drivers/test_driver_aead.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,10 @@

#include "test/drivers/aead.h"

#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
#include "libtestdriver1/library/psa_crypto_aead.h"
#endif

mbedtls_test_driver_aead_hooks_t
mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT;

Expand All @@ -49,6 +53,18 @@ psa_status_t mbedtls_test_transparent_aead_encrypt(
}
else
{
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
libtestdriver1_mbedtls_psa_aead_encrypt(
(const libtestdriver1_psa_key_attributes_t *)attributes,
key_buffer, key_buffer_size,
alg,
nonce, nonce_length,
additional_data, additional_data_length,
plaintext, plaintext_length,
ciphertext, ciphertext_size, ciphertext_length );
#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_encrypt(
attributes, key_buffer, key_buffer_size,
Expand All @@ -57,8 +73,23 @@ psa_status_t mbedtls_test_transparent_aead_encrypt(
additional_data, additional_data_length,
plaintext, plaintext_length,
ciphertext, ciphertext_size, ciphertext_length );
#else
(void) attributes;
(void) key_buffer;
(void) key_buffer_size;
(void) alg;
(void) nonce;
(void) nonce_length;
(void) additional_data;
(void) additional_data_length;
(void) plaintext;
(void) plaintext_length;
(void) ciphertext;
(void) ciphertext_size;
(void) ciphertext_length;
mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
}

return( mbedtls_test_driver_aead_hooks.driver_status );
}

Expand All @@ -80,6 +111,18 @@ psa_status_t mbedtls_test_transparent_aead_decrypt(
}
else
{
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
libtestdriver1_mbedtls_psa_aead_decrypt(
(const libtestdriver1_psa_key_attributes_t *)attributes,
key_buffer, key_buffer_size,
alg,
nonce, nonce_length,
additional_data, additional_data_length,
ciphertext, ciphertext_length,
plaintext, plaintext_size, plaintext_length );
#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_decrypt(
attributes, key_buffer, key_buffer_size,
Expand All @@ -88,8 +131,23 @@ psa_status_t mbedtls_test_transparent_aead_decrypt(
additional_data, additional_data_length,
ciphertext, ciphertext_length,
plaintext, plaintext_size, plaintext_length );
#else
(void) attributes;
(void) key_buffer;
(void) key_buffer_size;
(void) alg;
(void) nonce;
(void) nonce_length;
(void) additional_data;
(void) additional_data_length;
(void) ciphertext;
(void) ciphertext_length;
(void) plaintext;
(void) plaintext_size;
(void) plaintext_length;
mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
#endif
}

return( mbedtls_test_driver_aead_hooks.driver_status );
}

Expand Down

0 comments on commit 3495ca3

Please sign in to comment.