Switch generate_psa_test.py to automatic dependencies for negative test cases#157
Merged
gilles-peskine-arm merged 3 commits intoJan 20, 2025
Conversation
gilles-peskine-arm
added
priority-high
gilles-peskine-arm
force-pushed
the
psa-storage-test-cases-never-supported-negative-crypto
branch
from
af1f05f to
99aa44c
Compare
gilles-peskine-arm
added
needs-review
davidhorstmann-arm
previously approved these changes
Jan 20, 2025
davidhorstmann-arm
left a comment
davidhorstmann-arm
left a comment
Contributor
There was a problem hiding this comment.
LGTM, thanks!
Fix psa_key_agreement_iop_setup() (and psa_key_agreement_iop_complete()) happily parsing key material as an ECC private key even when it is different (e.g. an ECC public key), and happily performing ECDH even when passed a different algorithm (e.g. FFDH), when nothing else goes wrong. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
…ible Detect a bad algorithm later, so that psa_key_agreement_iop_setup() returns the same error as psa_key_agreement() in more error cases. This simplifies testing, and in particular makes test_suite_psa_crypto pass without requiring changes in `psa_exercise_key.c`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
dismissed stale reviews from davidhorstmann-arm and waleed-elmelegy-arm
via
137b577
gilles-peskine-arm
force-pushed
the
psa-storage-test-cases-never-supported-negative-crypto
branch
from
99aa44c to
137b577
Compare
Contributor
Author
|
I've rebased on top of the latest The CI still needs Mbed-TLS/mbedtls#9909 to pass. |
davidhorstmann-arm
added
needs-ci
gilles-peskine-arm
removed
the
needs-preceding-pr
waleed-elmelegy-arm
approved these changes
Jan 20, 2025
waleed-elmelegy-arm
removed
the
needs-review
waleed-elmelegy-arm
added
approved
Contributor
Author
|
The CI has passed on Mbed-TLS/mbedtls#9909 at Mbed-TLS/mbedtls@13c418d, thus I'm merging. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This completes the forward port of Mbed-TLS/mbedtls#9025. This is mostly happening in the framework, but a follow-up to #144 is also needed here.
The CI is expected to fail here due to needing an updated framework in mbedtls. The CI should pass in the consuming PR.
PR checklist