It would time out when run on-device due to the NVS setting backend being
incredibly slow once enough entries exist.
Also, rename the tests which use different store implementations to make
that explicit.
Fixes https://github.com/zephyrproject-rtos/zephyr/issues/83210.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG to the list of
test Kconfigs. Typical use case of this:
- the platform has "zephyr,entropy" defined in the devicetree which means
that CSPRNG_AVAILABLE is set;
- for some reason the board actually does not have any entropy driver
enabled (ex: ENTROPY_BT_HCI is disabled in nrf5340bsim when BT is _not_
enabled in the build);
- since TEST_RANDOM_GENERATOR is enabled then also TEST_CSPRNG_GENERATOR
would be;
- unfortunately the call to psa_generate_random() would fail in
get_random_data() (in modules/mbedtls/zephyr_entropy.c) because
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG is not set and it would
not reach "subsys/random/random_test_csprng.c".
This commit fixes this problem.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Add a test scenario for the ITS store module implementation that uses
ZMS for storage.
Reorganize the others at the same time.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
It becomes the new default when the secure_storage_its_partition
devicetree chosen property is defined as it is a preferred alternative.
See the help message of the
`CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS` Kconfig option
for more information.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
The PSA Crypto implementation provided by Mbed TLS generally requires
some amount of heap to function, so enable the arena unconditionally
to make the test compatible with MINIMAL_LIBC configurations where the
arena is disabled by default.
Signed-off-by: Ilya Tagunov <Ilya.Tagunov@synopsys.com>
As long as MBEDTLS_ENTROPY_C is enabled, Mbed TLS needs to
poll some entropy source to gather data that will then be
processed by CTR/HMAC-DRBG modules. This means that in most
of the cases, once MBEDTLS_ENTROPY_C is enabled then also
MBEDTLS_ENTROPY_POLL_ZEPHYR needs to be enabled. This was
done manually until now, as the long list of samples/tests
demonstrate.
This commit solves this dependency by defaulting
MBEDTLS_ENTROPY_POLL_ZEPHYR to on as soon as
MBEDTLS_ENTROPY_C is set. As a consequence, all manual
enablement of MBEDTLS_ENTROPY_POLL_ZEPHYR in samples/tests
are removed.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Obviously, everyone knows that there are 8 bits per byte, so
there isn't a lot of magic happening, per se, but it's also
helpful to clearly denote where the magic number 8 is referring
to the number of bits in a byte.
Occasionally, 8 will refer to a field size or offset in a
structure, MMR, or word. Occasionally, the number 8 will refer
to the number of bytes in a 64-bit value (which should probably
be replaced with `sizeof(uint64_t)`).
For converting bits to bytes, or vice-versa, let's use
`BITS_PER_BYTE` for clarity (or other appropriate `BITS_PER_*`
macros).
Signed-off-by: Chris Friedt <cfriedt@tenstorrent.com>
Consistently use the nRF54L15 as the non-TF-M integration platform
in addition to `native_sim`, and the nRF9151 as the TF-M one.
In addition, add the `integration_platforms` specification to the
tests that were missing it.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add one suite to test the PSA ITS API directly, and another to test it
through the PSA Crypto API.
The PSA ITS API test suite is run with different configurations to also
test customization possibilities that the secure storage subsystem offers.
Both test suites also have a test scenario with TF-M instead of the
secure storage subsystem.
This serves as compatibility testing to ensure that the PSA Secure
Storage API behaves the same from the user's point of view regardless
of the underlying implementation provider.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
