diff --git a/src/app/icd/server/tests/TestICDMonitoringTable.cpp b/src/app/icd/server/tests/TestICDMonitoringTable.cpp index 81fcb2af18..ffa5c349a1 100644 --- a/src/app/icd/server/tests/TestICDMonitoringTable.cpp +++ b/src/app/icd/server/tests/TestICDMonitoringTable.cpp @@ -26,6 +26,10 @@ #include #include +#if CHIP_CRYPTO_PSA +#include +#endif + using namespace chip; using namespace chip::app::Clusters::IcdManagement; @@ -65,7 +69,30 @@ constexpr uint8_t kKeyBuffer3a[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f }; -TEST(TestICDMonitoringTable, TestEntryAssignationOverload) +struct TestICDMonitoringTable : public ::testing::Test +{ + void SetUp() override + { +#if CHIP_CRYPTO_PSA + ASSERT_EQ(psa_crypto_init(), PSA_SUCCESS); +#endif + } + + void ValidateHmac128(const Crypto::Hmac128KeyHandle & saved, const Crypto::Hmac128KeyHandle & loaded) + { +#if CHIP_CRYPTO_PSA + EXPECT_NE(saved.As(), loaded.As()); + EXPECT_GE(loaded.As(), to_underlying(Crypto::KeyIdBase::ICDKeyRangeStart)); + EXPECT_LE(loaded.As(), to_underlying(Crypto::KeyIdBase::Maximum)); +#else + EXPECT_EQ(memcmp(saved.As(), loaded.As(), + sizeof(Crypto::Symmetric128BitsKeyByteArray)), + 0); +#endif + } +}; + +TEST_F(TestICDMonitoringTable, TestEntryAssignationOverload) { TestSessionKeystoreImpl keystore; ICDMonitoringEntry entry(&keystore); @@ -100,7 +127,7 @@ TEST(TestICDMonitoringTable, TestEntryAssignationOverload) EXPECT_TRUE(entry2.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); } -TEST(TestICDMonitoringTable, TestEntryMaximumSize) +TEST_F(TestICDMonitoringTable, TestEntryMaximumSize) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -114,7 +141,7 @@ TEST(TestICDMonitoringTable, TestEntryMaximumSize) EXPECT_EQ(CHIP_NO_ERROR, table.Set(0, entry)); } -TEST(TestICDMonitoringTable, TestEntryKeyFunctions) +TEST_F(TestICDMonitoringTable, TestEntryKeyFunctions) { TestSessionKeystoreImpl keystore; ICDMonitoringEntry entry(&keystore); @@ -140,7 +167,7 @@ TEST(TestICDMonitoringTable, TestEntryKeyFunctions) EXPECT_EQ(entry.DeleteKey(), CHIP_NO_ERROR); } -TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) +TEST_F(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -178,9 +205,7 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId12, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kPermanent, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); - EXPECT_EQ(memcmp(entry1.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry1.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve second entry EXPECT_EQ(CHIP_NO_ERROR, loading.Get(1, entry)); @@ -189,9 +214,7 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kEphemeral, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // No more entries EXPECT_EQ(CHIP_ERROR_NOT_FOUND, loading.Get(2, entry)); @@ -213,9 +236,7 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kEphemeral, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve second entry EXPECT_EQ(CHIP_NO_ERROR, loading.Get(1, entry)); @@ -224,12 +245,10 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kPermanent, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry4.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry4.hmacKeyHandle, entry.hmacKeyHandle); } -TEST(TestICDMonitoringTable, TestSaveAllInvalidRegistrationValues) +TEST_F(TestICDMonitoringTable, TestSaveAllInvalidRegistrationValues) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -271,7 +290,7 @@ TEST(TestICDMonitoringTable, TestSaveAllInvalidRegistrationValues) EXPECT_EQ(CHIP_ERROR_INVALID_ARGUMENT, table.Set(0, entry5)); } -TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) +TEST_F(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -314,9 +333,7 @@ TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) EXPECT_EQ(kClientNodeId11, entry.checkInNodeID); EXPECT_EQ(kClientNodeId12, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); - EXPECT_EQ(memcmp(entry1.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry1.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve fabric1, second entry EXPECT_EQ(CHIP_NO_ERROR, table1.Get(1, entry)); @@ -324,9 +341,7 @@ TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) EXPECT_EQ(kClientNodeId12, entry.checkInNodeID); EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve fabric2, first entry EXPECT_EQ(CHIP_NO_ERROR, table2.Get(0, entry)); @@ -334,12 +349,10 @@ TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) EXPECT_EQ(kClientNodeId21, entry.checkInNodeID); EXPECT_EQ(kClientNodeId22, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry3.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry3.hmacKeyHandle, entry.hmacKeyHandle); } -TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) +TEST_F(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -379,9 +392,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId11, entry.checkInNodeID); EXPECT_EQ(kClientNodeId12, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); - EXPECT_EQ(memcmp(entry1.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry1.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve second entry (not modified) EXPECT_EQ(CHIP_NO_ERROR, table1.Get(1, entry)); @@ -389,9 +400,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId12, entry.checkInNodeID); EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Remove (existing) EXPECT_EQ(CHIP_NO_ERROR, table1.Remove(0)); @@ -405,9 +414,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId12, entry.checkInNodeID); EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve fabric2, first entry EXPECT_EQ(CHIP_NO_ERROR, table2.Get(0, entry)); @@ -415,9 +422,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId21, entry.checkInNodeID); EXPECT_EQ(kClientNodeId22, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry3.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry3.hmacKeyHandle, entry.hmacKeyHandle); // Remove all (fabric 1) EXPECT_EQ(CHIP_NO_ERROR, table1.RemoveAll()); @@ -429,9 +434,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId21, entry.checkInNodeID); EXPECT_EQ(kClientNodeId22, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry3.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry3.hmacKeyHandle, entry.hmacKeyHandle); // Remove all (fabric 2) EXPECT_EQ(CHIP_NO_ERROR, table2.RemoveAll()); diff --git a/src/credentials/tests/TestFabricTable.cpp b/src/credentials/tests/TestFabricTable.cpp index 407d0863ad..de58db73ac 100644 --- a/src/credentials/tests/TestFabricTable.cpp +++ b/src/credentials/tests/TestFabricTable.cpp @@ -203,6 +203,9 @@ struct TestFabricTable : public ::testing::Test { DeviceLayer::SetConfigurationMgr(&DeviceLayer::ConfigurationManagerImpl::GetDefaultInstance()); ASSERT_EQ(chip::Platform::MemoryInit(), CHIP_NO_ERROR); +#if CHIP_CRYPTO_PSA + ASSERT_EQ(psa_crypto_init(), PSA_SUCCESS); +#endif } static void TearDownTestSuite() { chip::Platform::MemoryShutdown(); } }; diff --git a/src/crypto/tests/TestChipCryptoPAL.cpp b/src/crypto/tests/TestChipCryptoPAL.cpp index 2d1f5c0612..255d887be1 100644 --- a/src/crypto/tests/TestChipCryptoPAL.cpp +++ b/src/crypto/tests/TestChipCryptoPAL.cpp @@ -73,6 +73,10 @@ #if CHIP_CRYPTO_PSA #include +extern "C" { +psa_status_t psa_initialize_key_slots(void); +void psa_wipe_all_key_slots(void); +} #endif using namespace chip; @@ -287,14 +291,17 @@ static void TestAES_CTR_128_Decrypt(const AesCtrTestEntry * vector) struct TestChipCryptoPAL : public ::testing::Test { - static void SetUpTestSuite() + static void SetUpTestSuite() { ASSERT_EQ(chip::Platform::MemoryInit(), CHIP_NO_ERROR); } + static void TearDownTestSuite() { chip::Platform::MemoryShutdown(); } + + void SetUp() override { - ASSERT_EQ(chip::Platform::MemoryInit(), CHIP_NO_ERROR); #if CHIP_CRYPTO_PSA psa_crypto_init(); + psa_wipe_all_key_slots(); + psa_initialize_key_slots(); #endif } - static void TearDownTestSuite() { chip::Platform::MemoryShutdown(); } }; TEST_F(TestChipCryptoPAL, TestAES_CTR_128CryptTestVectors) diff --git a/src/system/tests/TestEventLoopHandler.cpp b/src/system/tests/TestEventLoopHandler.cpp index 4d5456098e..fa2b0099cb 100644 --- a/src/system/tests/TestEventLoopHandler.cpp +++ b/src/system/tests/TestEventLoopHandler.cpp @@ -108,7 +108,12 @@ TEST_F(TestEventLoopHandler, EventLoopHandlerSequence) }); chip::DeviceLayer::PlatformMgr().RunEventLoop(); + +#if CHIP_SYSTEM_CONFIG_POSIX_LOCKING EXPECT_EQ(loopHandler.trace, std::string("1AP2HP3R4")); +#else + EXPECT_EQ(loopHandler.trace, std::string("1APHP2HPHP3R4")); +#endif } TEST_F(TestEventLoopHandler, EventLoopHandlerWake) diff --git a/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h b/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h index 3c3df5b97d..0c028f0528 100644 --- a/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h +++ b/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h @@ -33,4 +33,7 @@ // Enable unit-test only features #define CONFIG_BUILD_FOR_HOST_UNIT_TEST 1 +// Increase max. lambda event size +#define CHIP_CONFIG_LAMBDA_EVENT_SIZE 32 + #endif // CHIP_PROJECT_CONFIG_H diff --git a/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h b/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h index b28420c418..27a0198083 100644 --- a/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h +++ b/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h @@ -17,7 +17,6 @@ */ // Enable cryptographic functions needed by CHIP which can't be enabled via Kconfig -#define MBEDTLS_HKDF_C #define MBEDTLS_X509_CREATE_C #define MBEDTLS_X509_CSR_PARSE_C #define MBEDTLS_X509_CSR_WRITE_C diff --git a/src/test_driver/nrfconnect/prj.conf b/src/test_driver/nrfconnect/prj.conf index 97b7787fe9..a3afbbcd89 100644 --- a/src/test_driver/nrfconnect/prj.conf +++ b/src/test_driver/nrfconnect/prj.conf @@ -43,23 +43,24 @@ CONFIG_MBEDTLS_HEAP_SIZE=65536 CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=768 CONFIG_MBEDTLS_USER_CONFIG_ENABLE=y CONFIG_MBEDTLS_USER_CONFIG_FILE="app_mbedtls_config.h" -CONFIG_MBEDTLS_ZEPHYR_ENTROPY=y -CONFIG_MBEDTLS_ENTROPY_ENABLED=y -CONFIG_MBEDTLS_CTR_DRBG_ENABLED=y -CONFIG_MBEDTLS_CIPHER_CCM_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y +CONFIG_MBEDTLS_ENTROPY_POLL_ZEPHYR=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y -CONFIG_MBEDTLS_ECDH_C=y -CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECP_C=y -CONFIG_MBEDTLS_PK_WRITE_C=y -CONFIG_MBEDTLS_PKCS5_C=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_MBEDTLS_MEMORY_DEBUG=y CONFIG_MBEDTLS_DEBUG=y -# Enable entropy -CONFIG_ENTROPY_GENERATOR=y +# PSA Crypto configuration +CONFIG_PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY=y +CONFIG_PSA_WANT_ALG_HMAC=y +CONFIG_PSA_WANT_ALG_HKDF=y +CONFIG_PSA_WANT_ALG_ECDSA=y +CONFIG_PSA_WANT_ALG_ECDH=y +CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y +CONFIG_PSA_WANT_KEY_TYPE_AES=y +CONFIG_PSA_WANT_ALG_CCM=y +CONFIG_PSA_WANT_ALG_ECB_NO_PADDING=y +CONFIG_PSA_WANT_ALG_SHA_1=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y # Disable OpenThread CONFIG_NET_L2_OPENTHREAD=n