From 062597693d6222ec65d137318a0966c053ac4f24 Mon Sep 17 00:00:00 2001 From: Adrian Gielniewski Date: Wed, 5 Feb 2025 15:41:00 +0100 Subject: [PATCH] [nrf fromtree] Fix and re-enable Zephyr native tests (#37333) * [nrfconnect] Workaround for Zephyr native link issue Add temporary workaround for Zephyr native link issue. This will be fixed with the next NCS release. Signed-off-by: Adrian Gielniewski * [nrfconnect] Fix PSA configuration in tests Signed-off-by: Adrian Gielniewski * Add missing PSA initialization in some tests Signed-off-by: Adrian Gielniewski * Fix hmac key handle validation when PSA is used Signed-off-by: Adrian Gielniewski * Fix heap memory check in TestChipCryptoPAL Wipe all key slots during each test case SetUp to avoid reusing slot previously used by other tests. This affects heap memory usage calculation as when the slot is reused it frees the memory. Signed-off-by: Adrian Gielniewski * Fix TestEventLoopHandler for Zephyr native Expect correct sequence for different LayerImplSelect::Signal implementations. When CHIP_SYSTEM_CONFIG_POSIX_LOCKING is not defined, WakeEvent::Notify is called and loop has to spin one more time to process the event. Signed-off-by: Adrian Gielniewski --------- Signed-off-by: Adrian Gielniewski Signed-off-by: Adrian Gielniewski (cherry picked from commit 7786bb639fe8e8778e82668dfbac26698477015e) --- .../server/tests/TestICDMonitoringTable.cpp | 89 ++++++++++--------- src/credentials/tests/TestFabricTable.cpp | 3 + src/crypto/tests/TestChipCryptoPAL.cpp | 13 ++- src/system/tests/TestEventLoopHandler.cpp | 5 ++ .../main/include/CHIPProjectConfig.h | 3 + .../main/include/app_mbedtls_config.h | 1 - src/test_driver/nrfconnect/prj.conf | 25 +++--- 7 files changed, 80 insertions(+), 59 deletions(-) diff --git a/src/app/icd/server/tests/TestICDMonitoringTable.cpp b/src/app/icd/server/tests/TestICDMonitoringTable.cpp index 81fcb2af18..ffa5c349a1 100644 --- a/src/app/icd/server/tests/TestICDMonitoringTable.cpp +++ b/src/app/icd/server/tests/TestICDMonitoringTable.cpp @@ -26,6 +26,10 @@ #include #include +#if CHIP_CRYPTO_PSA +#include +#endif + using namespace chip; using namespace chip::app::Clusters::IcdManagement; @@ -65,7 +69,30 @@ constexpr uint8_t kKeyBuffer3a[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f }; -TEST(TestICDMonitoringTable, TestEntryAssignationOverload) +struct TestICDMonitoringTable : public ::testing::Test +{ + void SetUp() override + { +#if CHIP_CRYPTO_PSA + ASSERT_EQ(psa_crypto_init(), PSA_SUCCESS); +#endif + } + + void ValidateHmac128(const Crypto::Hmac128KeyHandle & saved, const Crypto::Hmac128KeyHandle & loaded) + { +#if CHIP_CRYPTO_PSA + EXPECT_NE(saved.As(), loaded.As()); + EXPECT_GE(loaded.As(), to_underlying(Crypto::KeyIdBase::ICDKeyRangeStart)); + EXPECT_LE(loaded.As(), to_underlying(Crypto::KeyIdBase::Maximum)); +#else + EXPECT_EQ(memcmp(saved.As(), loaded.As(), + sizeof(Crypto::Symmetric128BitsKeyByteArray)), + 0); +#endif + } +}; + +TEST_F(TestICDMonitoringTable, TestEntryAssignationOverload) { TestSessionKeystoreImpl keystore; ICDMonitoringEntry entry(&keystore); @@ -100,7 +127,7 @@ TEST(TestICDMonitoringTable, TestEntryAssignationOverload) EXPECT_TRUE(entry2.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); } -TEST(TestICDMonitoringTable, TestEntryMaximumSize) +TEST_F(TestICDMonitoringTable, TestEntryMaximumSize) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -114,7 +141,7 @@ TEST(TestICDMonitoringTable, TestEntryMaximumSize) EXPECT_EQ(CHIP_NO_ERROR, table.Set(0, entry)); } -TEST(TestICDMonitoringTable, TestEntryKeyFunctions) +TEST_F(TestICDMonitoringTable, TestEntryKeyFunctions) { TestSessionKeystoreImpl keystore; ICDMonitoringEntry entry(&keystore); @@ -140,7 +167,7 @@ TEST(TestICDMonitoringTable, TestEntryKeyFunctions) EXPECT_EQ(entry.DeleteKey(), CHIP_NO_ERROR); } -TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) +TEST_F(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -178,9 +205,7 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId12, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kPermanent, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); - EXPECT_EQ(memcmp(entry1.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry1.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve second entry EXPECT_EQ(CHIP_NO_ERROR, loading.Get(1, entry)); @@ -189,9 +214,7 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kEphemeral, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // No more entries EXPECT_EQ(CHIP_ERROR_NOT_FOUND, loading.Get(2, entry)); @@ -213,9 +236,7 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kEphemeral, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve second entry EXPECT_EQ(CHIP_NO_ERROR, loading.Get(1, entry)); @@ -224,12 +245,10 @@ TEST(TestICDMonitoringTable, TestSaveAndLoadRegistrationValue) EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_EQ(ClientTypeEnum::kPermanent, entry.clientType); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry4.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry4.hmacKeyHandle, entry.hmacKeyHandle); } -TEST(TestICDMonitoringTable, TestSaveAllInvalidRegistrationValues) +TEST_F(TestICDMonitoringTable, TestSaveAllInvalidRegistrationValues) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -271,7 +290,7 @@ TEST(TestICDMonitoringTable, TestSaveAllInvalidRegistrationValues) EXPECT_EQ(CHIP_ERROR_INVALID_ARGUMENT, table.Set(0, entry5)); } -TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) +TEST_F(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -314,9 +333,7 @@ TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) EXPECT_EQ(kClientNodeId11, entry.checkInNodeID); EXPECT_EQ(kClientNodeId12, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); - EXPECT_EQ(memcmp(entry1.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry1.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve fabric1, second entry EXPECT_EQ(CHIP_NO_ERROR, table1.Get(1, entry)); @@ -324,9 +341,7 @@ TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) EXPECT_EQ(kClientNodeId12, entry.checkInNodeID); EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve fabric2, first entry EXPECT_EQ(CHIP_NO_ERROR, table2.Get(0, entry)); @@ -334,12 +349,10 @@ TEST(TestICDMonitoringTable, TestSaveLoadRegistrationValueForMultipleFabrics) EXPECT_EQ(kClientNodeId21, entry.checkInNodeID); EXPECT_EQ(kClientNodeId22, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry3.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry3.hmacKeyHandle, entry.hmacKeyHandle); } -TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) +TEST_F(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) { TestPersistentStorageDelegate storage; TestSessionKeystoreImpl keystore; @@ -379,9 +392,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId11, entry.checkInNodeID); EXPECT_EQ(kClientNodeId12, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a))); - EXPECT_EQ(memcmp(entry1.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry1.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve second entry (not modified) EXPECT_EQ(CHIP_NO_ERROR, table1.Get(1, entry)); @@ -389,9 +400,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId12, entry.checkInNodeID); EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Remove (existing) EXPECT_EQ(CHIP_NO_ERROR, table1.Remove(0)); @@ -405,9 +414,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId12, entry.checkInNodeID); EXPECT_EQ(kClientNodeId11, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a))); - EXPECT_EQ(memcmp(entry2.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry2.hmacKeyHandle, entry.hmacKeyHandle); // Retrieve fabric2, first entry EXPECT_EQ(CHIP_NO_ERROR, table2.Get(0, entry)); @@ -415,9 +422,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId21, entry.checkInNodeID); EXPECT_EQ(kClientNodeId22, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry3.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry3.hmacKeyHandle, entry.hmacKeyHandle); // Remove all (fabric 1) EXPECT_EQ(CHIP_NO_ERROR, table1.RemoveAll()); @@ -429,9 +434,7 @@ TEST(TestICDMonitoringTable, TestDeleteValidEntryFromStorage) EXPECT_EQ(kClientNodeId21, entry.checkInNodeID); EXPECT_EQ(kClientNodeId22, entry.monitoredSubject); EXPECT_TRUE(entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b))); - EXPECT_EQ(memcmp(entry3.hmacKeyHandle.As(), - entry.hmacKeyHandle.As(), sizeof(Crypto::Symmetric128BitsKeyByteArray)), - 0); + ValidateHmac128(entry3.hmacKeyHandle, entry.hmacKeyHandle); // Remove all (fabric 2) EXPECT_EQ(CHIP_NO_ERROR, table2.RemoveAll()); diff --git a/src/credentials/tests/TestFabricTable.cpp b/src/credentials/tests/TestFabricTable.cpp index 407d0863ad..de58db73ac 100644 --- a/src/credentials/tests/TestFabricTable.cpp +++ b/src/credentials/tests/TestFabricTable.cpp @@ -203,6 +203,9 @@ struct TestFabricTable : public ::testing::Test { DeviceLayer::SetConfigurationMgr(&DeviceLayer::ConfigurationManagerImpl::GetDefaultInstance()); ASSERT_EQ(chip::Platform::MemoryInit(), CHIP_NO_ERROR); +#if CHIP_CRYPTO_PSA + ASSERT_EQ(psa_crypto_init(), PSA_SUCCESS); +#endif } static void TearDownTestSuite() { chip::Platform::MemoryShutdown(); } }; diff --git a/src/crypto/tests/TestChipCryptoPAL.cpp b/src/crypto/tests/TestChipCryptoPAL.cpp index 2d1f5c0612..255d887be1 100644 --- a/src/crypto/tests/TestChipCryptoPAL.cpp +++ b/src/crypto/tests/TestChipCryptoPAL.cpp @@ -73,6 +73,10 @@ #if CHIP_CRYPTO_PSA #include +extern "C" { +psa_status_t psa_initialize_key_slots(void); +void psa_wipe_all_key_slots(void); +} #endif using namespace chip; @@ -287,14 +291,17 @@ static void TestAES_CTR_128_Decrypt(const AesCtrTestEntry * vector) struct TestChipCryptoPAL : public ::testing::Test { - static void SetUpTestSuite() + static void SetUpTestSuite() { ASSERT_EQ(chip::Platform::MemoryInit(), CHIP_NO_ERROR); } + static void TearDownTestSuite() { chip::Platform::MemoryShutdown(); } + + void SetUp() override { - ASSERT_EQ(chip::Platform::MemoryInit(), CHIP_NO_ERROR); #if CHIP_CRYPTO_PSA psa_crypto_init(); + psa_wipe_all_key_slots(); + psa_initialize_key_slots(); #endif } - static void TearDownTestSuite() { chip::Platform::MemoryShutdown(); } }; TEST_F(TestChipCryptoPAL, TestAES_CTR_128CryptTestVectors) diff --git a/src/system/tests/TestEventLoopHandler.cpp b/src/system/tests/TestEventLoopHandler.cpp index 4d5456098e..fa2b0099cb 100644 --- a/src/system/tests/TestEventLoopHandler.cpp +++ b/src/system/tests/TestEventLoopHandler.cpp @@ -108,7 +108,12 @@ TEST_F(TestEventLoopHandler, EventLoopHandlerSequence) }); chip::DeviceLayer::PlatformMgr().RunEventLoop(); + +#if CHIP_SYSTEM_CONFIG_POSIX_LOCKING EXPECT_EQ(loopHandler.trace, std::string("1AP2HP3R4")); +#else + EXPECT_EQ(loopHandler.trace, std::string("1APHP2HPHP3R4")); +#endif } TEST_F(TestEventLoopHandler, EventLoopHandlerWake) diff --git a/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h b/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h index 3c3df5b97d..0c028f0528 100644 --- a/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h +++ b/src/test_driver/nrfconnect/main/include/CHIPProjectConfig.h @@ -33,4 +33,7 @@ // Enable unit-test only features #define CONFIG_BUILD_FOR_HOST_UNIT_TEST 1 +// Increase max. lambda event size +#define CHIP_CONFIG_LAMBDA_EVENT_SIZE 32 + #endif // CHIP_PROJECT_CONFIG_H diff --git a/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h b/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h index b28420c418..27a0198083 100644 --- a/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h +++ b/src/test_driver/nrfconnect/main/include/app_mbedtls_config.h @@ -17,7 +17,6 @@ */ // Enable cryptographic functions needed by CHIP which can't be enabled via Kconfig -#define MBEDTLS_HKDF_C #define MBEDTLS_X509_CREATE_C #define MBEDTLS_X509_CSR_PARSE_C #define MBEDTLS_X509_CSR_WRITE_C diff --git a/src/test_driver/nrfconnect/prj.conf b/src/test_driver/nrfconnect/prj.conf index 97b7787fe9..a3afbbcd89 100644 --- a/src/test_driver/nrfconnect/prj.conf +++ b/src/test_driver/nrfconnect/prj.conf @@ -43,23 +43,24 @@ CONFIG_MBEDTLS_HEAP_SIZE=65536 CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=768 CONFIG_MBEDTLS_USER_CONFIG_ENABLE=y CONFIG_MBEDTLS_USER_CONFIG_FILE="app_mbedtls_config.h" -CONFIG_MBEDTLS_ZEPHYR_ENTROPY=y -CONFIG_MBEDTLS_ENTROPY_ENABLED=y -CONFIG_MBEDTLS_CTR_DRBG_ENABLED=y -CONFIG_MBEDTLS_CIPHER_CCM_ENABLED=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y +CONFIG_MBEDTLS_ENTROPY_POLL_ZEPHYR=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y -CONFIG_MBEDTLS_ECDH_C=y -CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECP_C=y -CONFIG_MBEDTLS_PK_WRITE_C=y -CONFIG_MBEDTLS_PKCS5_C=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_MBEDTLS_MEMORY_DEBUG=y CONFIG_MBEDTLS_DEBUG=y -# Enable entropy -CONFIG_ENTROPY_GENERATOR=y +# PSA Crypto configuration +CONFIG_PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY=y +CONFIG_PSA_WANT_ALG_HMAC=y +CONFIG_PSA_WANT_ALG_HKDF=y +CONFIG_PSA_WANT_ALG_ECDSA=y +CONFIG_PSA_WANT_ALG_ECDH=y +CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y +CONFIG_PSA_WANT_KEY_TYPE_AES=y +CONFIG_PSA_WANT_ALG_CCM=y +CONFIG_PSA_WANT_ALG_ECB_NO_PADDING=y +CONFIG_PSA_WANT_ALG_SHA_1=y +CONFIG_PSA_WANT_ECC_SECP_R1_256=y # Disable OpenThread CONFIG_NET_L2_OPENTHREAD=n