Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

secure_storage: fix tests #2494

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

secure_storage: fix tests #2494

wants to merge 9 commits into from

Conversation

tomi-font
Copy link
Contributor

@tomi-font tomi-font commented Feb 13, 2025
edited
Loading

@NordicBuilder NordicBuilder mentioned this pull request Feb 13, 2025
Open
@tomi-font tomi-font force-pushed the secure_storage_fix_tests branch from 2bffacd to ff3d3e5 Compare February 13, 2025 14:39
@shanthanordic shanthanordic requested a review from magnev February 14, 2025 07:20
tomi-font and others added 9 commits February 14, 2025 11:59
@tomi-font
Revert "[nrf noup] samples: psa: Fix issues"
605f386 
This reverts commit 8a64a2e.

We shouldn't have noups to fix things that can
and should be fixed elsewhere/differently.

Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font
Revert "[nrf noup] tests: secure_storage: Fix issues"
c9933ec 
This reverts commit fcb4238.

We shouldn't have noups to fix things that can
and should be fixed elsewhere/differently.

Signed-off-by: Tomi Fontanilles <[email protected]>
@ozersa @tomi-font
[nrf fromtree] tests: subsys: secure_storage: Add filter for small pr…
a505b76 
…ofile

TF-M small profile does not support secure storage (know as Protected
storage), this commit add filter for tfm test case to pass it
incase of small profile been set, see tf-m profiles in below link

https://tf-m-user-guide.trustedfirmware.org/configuration/profiles/index.html

Signed-off-by: Sadik Ozer <[email protected]>
(cherry picked from commit 6932885996ae36d43603633381373b4f13de503a)
Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font
[nrf fromlist] secure_storage: improve tests' compatibility in TF-M-e…
125cff6 
…nabled scenarios

Explicitly set the TF-M profile to not rely on the build system defaults
which might differ.

Signed-off-by: Tomi Fontanilles <[email protected]>

Upstream PR #: 85735

(cherry picked from commit 6e055a26c347ceba5804ef7f22aa490305d8b217)
Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font
[nrf fromlist] tests: secure_storage: psa: crypto: improve compatibility
8356f18 
The psa_key_attributes_t type is implementation-defined according to
the PSA Crypto spec.
Compare its fields individually instead of doing a memcmp() over the
entire struct.

Signed-off-by: Tomi Fontanilles <[email protected]>

Upstream PR #: 85735

(cherry picked from commit 16c07e0e8cd697e31599f1114820428f2b095f8d)
Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font
[nrf fromlist] secure_storage: enable CONFIG_ENTROPY_GENERATOR in sam…
fffaf6a 
…ples/tests

Explicitly enable CONFIG_ENTROPY_GENERATOR instead of relying on the
build system's defaults.

This:
- Makes sure the filtering works properly between entropy_driver and
entropy_not_secure test scenarios for the samples.
- Helps with TF-M builds in certain scenarios where key generation (via
`psa_generate_key()`) would fail due to the RNG functionality being
disabled.

Signed-off-by: Tomi Fontanilles <[email protected]>

Upstream PR #: 85735

(cherry picked from commit 80a290ea218a6deaa2faa8d421f39029fcf27a4a)
Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font
[nrf fromlist] secure_storage: use dynamic PSA key slots in samples/t…
1576958 
…ests

Use dynamic key slots for better compatibility as static ones are a new
feature that not all PSA Crypto implementations support.

Explicitly enable CONFIG_MBEDTLS_ENABLE_HEAP to ensure that Mbed TLS uses
heap for the PSA key slots (instead of failing at runtime).
This will turn off CONFIG_MBEDTLS_PSA_STATIC_KEY_SLOTS, making the
implementation default to dynamic key slots.

Signed-off-by: Tomi Fontanilles <[email protected]>

Upstream PR #: 85735

(cherry picked from commit b2971fb1b230c39a11af26714c5debd5d4d22910)
Signed-off-by: Tomi Fontanilles <[email protected]>
@alxelax @tomi-font
[nrf fromtree] Bluetooth: Mesh: use secure storage in ble mesh
455083c 
Commit:
 - adds dependency of the mbedtls psa usage on secure storage
 - removes PSA ITS emulator and enables usage of
   the secure storage in ble mesh bsim tests
 - enables secure storage in all ble mesh and related samples

Signed-off-by: Aleksandr Khromykh <[email protected]>
(cherry picked from commit 967b096)
Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font
[nrf fromlist] modules: mbedtls: add promptless CONFIG_MBEDTLS_PSA_CR…
9f0260a 
…YPTO_STORAGE_C

Add a Kconfig option to match the Mbed TLS define
instead of defining it based on CONFIG_SECURE_STORAGE.

This gives more flexibility regarding the potential re-definition of the
CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C Kconfig option.

Signed-off-by: Tomi Fontanilles <[email protected]>

Upstream PR #: 85735

(cherry picked from commit 2313a8d40c1e2b25865197d246625e9940e2f506)
Signed-off-by: Tomi Fontanilles <[email protected]>
@tomi-font tomi-font force-pushed the secure_storage_fix_tests branch from ff3d3e5 to 9f0260a Compare February 14, 2025 14:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@magnev magnev Awaiting requested review from magnev

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tomi-font @ozersa @alxelax