Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make TLS 1.2 components work with PSA_CRYPTO_CONFIG set #9062

Open
wants to merge 10 commits into
base: development
Choose a base branch
from
Open

Make TLS 1.2 components work with PSA_CRYPTO_CONFIG set #9062

wants to merge 10 commits into from

Conversation

tom-daubney-arm
Copy link
Contributor

Description

Progresses #8153.

Replace Mbed TLS API config options with their PSA API equivalents in three TLS 1.2 components in all.sh.

This PR modifies the following three components:

  • test_tls1_2_default_stream_cipher_only_use_psa
  • test_tls1_2_deafult_cbc_legacy_cipher_only_use_psa
  • test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only_use_psa

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

  • changelog not required
  • 3.6 backport 4.0 only
  • 2.28 backport 4.0 only
  • tests existing tests suffice

Notes for the submitter

Please refer to the contributing guidelines, especially the
checklist for PR contributors.

Help make review efficient:

  • Multiple simple commits
    • please structure your PR into a series of small commits, each of which does one thing
  • Avoid force-push
    • please do not force-push to update your PR - just add new commit(s)
  • See our Guidelines for Contributors for more details about the review process.

@tom-daubney-arm
Modify component_test_tls1_2_default_stream_cipher_only_use_psa
b8cbbe7 
Replace relevant Mbed TLS API config options with their PSA
API equivalents.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm tom-daubney-arm added needs-work size-s Estimated task size: small (~2d) component-test Test framework and CI scripts priority-high High priority - will be reviewed soon labels Apr 26, 2024
@tom-daubney-arm
Modify component_test_tls1_2_deafult_cbc_legacy_cipher_only_use_psa
6258621 
Replace relevant Mbed TLS API config options with their PSA
API equivalents.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm
Modify component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only_u…
ff33abd 
…se_psa

Replace relevant Mbed TLS API config options with their PSA
API equivalents.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm tom-daubney-arm added needs-review Every commit must be reviewed by at least two team members, needs-ci Needs to pass CI tests needs-reviewer This PR needs someone to pick it up for review and removed needs-work needs-ci Needs to pass CI tests labels Apr 26, 2024
@ronald-cron-arm ronald-cron-arm self-requested a review April 29, 2024 07:39
@tom-daubney-arm
Restore Mbed TLS style AEAD options for now
1ca1f3d 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm
Restore toggling of MBEDTLS_CIPHER_MODE_CBC
67338c0 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
ronald-cron-arm
ronald-cron-arm requested changes May 14, 2024
View reviewed changes
Copy link
Contributor

@ronald-cron-arm ronald-cron-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for addressing my comments. The adaption of the configurations seems okay to me now. But there is one thing I did not think about before: remove the non use_psa() equivalent components (i.e component_test_tls1_2_default_stream_cipher_only(), component_test_tls1_2_default_cbc_legacy_cipher_only() and component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only()) and then remove the use_psa() suffix of the ones we keep.

@tom-daubney-arm
Remove non- _use_psa versions of components
5f2595a 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm
Remove _use_psa suffix from remaining components
b7c624d 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
ronald-cron-arm
ronald-cron-arm requested changes May 14, 2024
View reviewed changes
tests/scripts/all.sh Outdated Show resolved Hide resolved
@tom-daubney-arm
Fix typo
69ca57e 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
ronald-cron-arm
ronald-cron-arm requested changes May 16, 2024
View reviewed changes
Copy link
Contributor

@ronald-cron-arm ronald-cron-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few final things to change I think and this will be good to me.

tests/scripts/all.sh Outdated Show resolved Hide resolved
tests/scripts/all.sh Outdated Show resolved Hide resolved
tests/scripts/all.sh Show resolved Hide resolved
@tom-daubney-arm
Change the way CBC is set
8f83ba0 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm
Add additional CCM unset
a8004f2 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
@tom-daubney-arm tom-daubney-arm force-pushed the crypto_config-tls1_2_default_stream_cipher_only_use_psa branch from 9cfda24 to a8004f2 Compare May 17, 2024 13:49
@tom-daubney-arm
Copy link
Contributor Author

@ronald-cron-arm Apologies for the force push. I had to amend a commit where I had made an error.

ronald-cron-arm
ronald-cron-arm approved these changes May 21, 2024
View reviewed changes
Copy link
Contributor

@ronald-cron-arm ronald-cron-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks.

@tom-daubney-arm tom-daubney-arm removed the needs-reviewer This PR needs someone to pick it up for review label May 21, 2024
@ronald-cron-arm ronald-cron-arm mentioned this pull request May 23, 2024
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm left review comments

@ronald-cron-arm ronald-cron-arm ronald-cron-arm approved these changes

@bensze01 bensze01 Awaiting requested review from bensze01

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
component-test Test framework and CI scripts needs-review Every commit must be reviewed by at least two team members, priority-high High priority - will be reviewed soon size-s Estimated task size: small (~2d)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@tom-daubney-arm @gilles-peskine-arm @ronald-cron-arm