Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Crypto Service - keys access control TESTS #9780

Merged
merged 15 commits into from Mar 1, 2019

Conversation

Projects
None yet
8 participants
@itayzafrir
Copy link
Contributor

commented Feb 20, 2019

Description

Tests for crypto access control in PSA systems.

This PR needs preceding PR #9638

Pull request type

[ ] Fix
[ ] Refactor
[ ] Target update
[ ] Functionality change
[ ] Docs update
[X] Test update
[ ] Breaking change

Reviewers

@avolinski

Release Notes

@ciarmcom ciarmcom requested review from avolinski and ARMmbed/mbed-os-maintainers Feb 20, 2019

@ciarmcom

This comment has been minimized.

Copy link
Member

commented Feb 20, 2019

@itayzafrir, thank you for your changes.
@avolinski @ARMmbed/mbed-os-maintainers please review.

read_input_param_from_message(msg, 1, &key_type);
read_input_param_from_message(msg, 2, &key_data_size);

key_data = calloc(1, key_data_size);

This comment has been minimized.

Copy link
@avolinski

avolinski Feb 24, 2019

Contributor

where key_data is being freed?

This comment has been minimized.

Copy link
@itayzafrir

itayzafrir Feb 24, 2019

Author Contributor

oops :(
added in 391ff6135acbb28bd7797e847b7556f9dee0763c


/* via test partition - create a key, set key policy but no key material */
key_handle = 0;
TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_create_persistent_key(key_id, &key_handle));

This comment has been minimized.

Copy link
@avolinski

avolinski Feb 24, 2019

Contributor

when is this key destroyed?

This comment has been minimized.

Copy link
@itayzafrir

itayzafrir Feb 24, 2019

Author Contributor

All ITS keys are being erased in case_setup_handler and case_teardown_handler.

size_t len;

/* via test partition - create a key, set key policy, generate key material and close */
TEST_ASSERT_EQUAL(PSA_SUCCESS, create_and_generate_key_via_test_partition(key_id, key_type, key_alg, key_usage,

This comment has been minimized.

Copy link
@avolinski

avolinski Feb 24, 2019

Contributor

were is teardown for this key?

This comment has been minimized.

Copy link
@itayzafrir

itayzafrir Feb 24, 2019

Author Contributor

All ITS keys are being erased in case_setup_handler and case_teardown_handler.

psa_cipher_operation_t operation;

/* via test partition - create a key, set key policy, generate key material and close */
TEST_ASSERT_EQUAL(PSA_SUCCESS, create_and_generate_key_via_test_partition(key_id, key_type, key_alg, key_usage,

This comment has been minimized.

Copy link
@avolinski

avolinski Feb 24, 2019

Contributor

were is teardown for this key?

This comment has been minimized.

Copy link
@itayzafrir

itayzafrir Feb 24, 2019

Author Contributor

All ITS keys are being erased in case_setup_handler and case_teardown_handler.

@itayzafrir itayzafrir force-pushed the itayzafrir:crypto-access-control-tests branch Feb 24, 2019

@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 24, 2019

rebased on master + aligned with updated error codes

@0xc0170 0xc0170 added the risk: A label Feb 25, 2019

@cmonr cmonr added risk: R and removed risk: A labels Feb 25, 2019

@cmonr

This comment has been minimized.

Copy link
Contributor

commented Feb 27, 2019

CI started

@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 27, 2019

CI won't pass now, this needs preceding PR #9638

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 27, 2019

Test run: SUCCESS

Summary: 12 of 12 test jobs passed
Build number : 1
Build artifacts

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 27, 2019

It did pass, what do we miss?

@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 27, 2019

It did pass, what do we miss?

There was no reason for compilation to break, but running the tests would have failed. AFAIK for targets which are FUTURE_SEQUANA_PSA tests are only built and not run, correct me if I'm wrong.

@itayzafrir itayzafrir force-pushed the itayzafrir:crypto-access-control-tests branch Feb 27, 2019

@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 27, 2019

Rebased on master & added a7efc0e which aligns error code handling to latest standards.

@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 27, 2019

#9638 is merged, this PR is unblocked now.

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 27, 2019

CI started

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 27, 2019

Test run: FAILED

Summary: 3 of 8 test jobs failed
Build number : 2
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_build-ARMC6
  • jenkins-ci/mbed-os-ci_build-ARM
  • jenkins-ci/mbed-os-ci_build-GCC_ARM
@alekla01

This comment has been minimized.

Copy link
Contributor

commented Feb 27, 2019

Restarted CI.

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 27, 2019

Test run: FAILED

Summary: 1 of 8 test jobs failed
Build number : 3
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_build-ARM

@itayzafrir itayzafrir force-pushed the itayzafrir:crypto-access-control-tests branch Feb 27, 2019

@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 27, 2019

CI failure doesn't seem to be directly related to the changes in this PR.

Rebased branch on master & added 2 new commits:

  1. Fix for test asymmetric encrypt decrypt (5f3989bec701f156cb666017725b8a4a5a27c57a)
  2. Update secure side binary hex (b124ae2c28286ff17d10d88eb31c0d4977506ccc)
@cmonr

This comment has been minimized.

Copy link
Contributor

commented Feb 27, 2019

CI restarted

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 27, 2019

Test run: FAILED

Summary: 1 of 8 test jobs failed
Build number : 4
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_build-ARM
@cmonr

This comment has been minimized.

Copy link
Contributor

commented Feb 27, 2019

@itayzafrir Please take a look at the NUMAKER_PFM_M2351 ARM build failure.

@cmonr cmonr added needs: work and removed needs: CI labels Feb 27, 2019

@cmonr

This comment has been minimized.

Copy link
Contributor

commented Feb 27, 2019

Info: A CI config issue appears to be affecting NUMAKER_PFM_M2351 builds. Please ignore build errors against the target for now.

Other build failures should still be investigated, if any. Will restart CI when appropriate.

@cmonr cmonr added needs: CI and removed needs: work labels Feb 27, 2019

@itayzafrir itayzafrir force-pushed the itayzafrir:crypto-access-control-tests branch to 02f5918 Feb 28, 2019

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 28, 2019

CI restarted

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 28, 2019

Test run: FAILED

Summary: 2 of 13 test jobs failed
Build number : 5
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_greentea-test
  • jenkins-ci/mbed-os-ci_exporter
@itayzafrir

This comment has been minimized.

Copy link
Contributor Author

commented Feb 28, 2019

CI failures don't seem to be related to changes in this PR:

  1. | K66F-IAR | K66F | components-storage-blockdevice-component_sd-tests-filesystem-parallel | FAIL | 74.5 | default |
  2. Exporter -> IAR -> NUMAKER_PFM_NUC472

@mikisch81 mikisch81 referenced this pull request Feb 28, 2019

Merged

mbed-SPM updates #9823

@alekla01

This comment has been minimized.

Copy link
Contributor

commented Feb 28, 2019

@0xc0170: Ci will be restarted (iar8 exporter issue we will resolve separately).

@cmonr cmonr added ready for merge and removed needs: CI labels Feb 28, 2019

@cmonr cmonr merged commit 486f4f5 into ARMmbed:master Mar 1, 2019

28 checks passed

continuous-integration/jenkins/pr-head This commit looks good
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
jenkins-ci/build-ARMC5 Success
Details
jenkins-ci/build-ARMC6 Success
Details
jenkins-ci/build-GCC_ARM Success
Details
jenkins-ci/build-IAR8 Success
Details
jenkins-ci/cloud-client-test Success
Details
jenkins-ci/dynamic-memory-usage RTOS ROM(+0 bytes) RAM(+0 bytes)
Details
jenkins-ci/exporter Success
Details
jenkins-ci/greentea-test Success
Details
jenkins-ci/mbed2-build-ARMC5 Success
Details
jenkins-ci/mbed2-build-ARMC6 Success
Details
jenkins-ci/mbed2-build-GCC_ARM Success
Details
jenkins-ci/mbed2-build-IAR8 Success
Details
jenkins-ci/unittests Success
Details
travis-ci/astyle Local astyle testing has passed
Details
travis-ci/docs Local docs testing has passed
Details
travis-ci/doxy-spellcheck Local doxy-spellcheck testing has passed
Details
travis-ci/events Passed, runtime is 9306 cycles
Details
travis-ci/gitattributestest Local gitattributestest testing has passed
Details
travis-ci/include_check Local include_check testing has passed
Details
travis-ci/licence_check Local licence_check testing has passed
Details
travis-ci/littlefs Passed, code size is 8408B (+0.00%)
Details
travis-ci/psa-autogen Local psa-autogen testing has passed
Details
travis-ci/tools-py2.7 Local tools-py2.7 testing has passed
Details
travis-ci/tools-py3.5 Local tools-py3.5 testing has passed
Details
travis-ci/tools-py3.6 Local tools-py3.6 testing has passed
Details
travis-ci/tools-py3.7 Local tools-py3.7 testing has passed
Details

@cmonr cmonr removed the ready for merge label Mar 1, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.