diff --git a/components/mbedtls/test/test_aes_gcm.c b/components/mbedtls/test/test_aes_gcm.c index 1e05b356ed..115a67cf41 100644 --- a/components/mbedtls/test/test_aes_gcm.c +++ b/components/mbedtls/test/test_aes_gcm.c @@ -82,11 +82,11 @@ TEST_CASE("mbedtls GCM stream test", "[aes-gcm]") memset(key, 0x56, 16); // allocate internal memory - uint8_t *chipertext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL); + uint8_t *ciphertext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL); uint8_t *plaintext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL); uint8_t *decryptedtext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL); - TEST_ASSERT_NOT_NULL(chipertext); + TEST_ASSERT_NOT_NULL(ciphertext); TEST_ASSERT_NOT_NULL(plaintext); TEST_ASSERT_NOT_NULL(decryptedtext); @@ -96,44 +96,47 @@ TEST_CASE("mbedtls GCM stream test", "[aes-gcm]") */ for (int bytes_to_process = 16; bytes_to_process < SZ; bytes_to_process = bytes_to_process + 16) { memset(nonce, 0x89, 16); - memset(chipertext, 0x0, SZ); + memset(ciphertext, 0x0, SZ); memset(decryptedtext, 0x0, SZ); memset(tag, 0x0, 16); mbedtls_gcm_init(&ctx); mbedtls_gcm_setkey(&ctx, cipher, key, 128); mbedtls_gcm_starts( &ctx, MBEDTLS_AES_ENCRYPT, nonce, sizeof(nonce) ); + mbedtls_gcm_update_ad( &ctx, NULL, 0 ); // Encrypt for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) { // Limit length of last call to avoid exceeding buffer size size_t length = (idx + bytes_to_process > SZ) ? (SZ - idx) : bytes_to_process; - mbedtls_gcm_update(&ctx, plaintext + idx, length, chipertext + idx, 0, NULL); + mbedtls_gcm_update(&ctx, plaintext + idx, length, ciphertext + idx, 0, NULL); } size_t olen; mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag, sizeof(tag) ); - TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher, chipertext, SZ); + TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher, ciphertext, SZ); TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_tag, tag, sizeof(tag)); // Decrypt memset(nonce, 0x89, 16); mbedtls_gcm_free( &ctx ); + mbedtls_gcm_init(&ctx); mbedtls_gcm_setkey(&ctx, cipher, key, 128); mbedtls_gcm_starts( &ctx, MBEDTLS_AES_DECRYPT, nonce, sizeof(nonce)); + mbedtls_gcm_update_ad( &ctx, NULL, 0 ); for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) { // Limit length of last call to avoid exceeding buffer size size_t length = (idx + bytes_to_process > SZ) ? (SZ - idx) : bytes_to_process; - mbedtls_gcm_update(&ctx, chipertext + idx, length, decryptedtext + idx, 0, NULL); + mbedtls_gcm_update(&ctx, ciphertext + idx, length, decryptedtext + idx, 0, NULL); } mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag, sizeof(tag) ); TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, SZ); mbedtls_gcm_free( &ctx ); } free(plaintext); - free(chipertext); + free(ciphertext); free(decryptedtext); } @@ -157,7 +160,7 @@ typedef struct { typedef struct { const uint8_t *expected_tag; - const uint8_t *ciphertext_last_block; // Last block of the chipertext + const uint8_t *ciphertext_last_block; // Last block of the ciphertext } aes_gcm_test_expected_res_t; diff --git a/components/mbedtls/test/test_rsa.c b/components/mbedtls/test/test_rsa.c index 96d2ab8b57..fc6d721c03 100644 --- a/components/mbedtls/test/test_rsa.c +++ b/components/mbedtls/test/test_rsa.c @@ -421,12 +421,15 @@ static void print_rsa_details(mbedtls_rsa_context *rsa) } #endif +// TODO: IDF-4708 +#if !TEMPORARY_DISABLED_FOR_TARGETS(ESP32, ESP32S2, ESP32S3, ESP32C3) TEST_CASE("test performance RSA key operations", "[bignum]") { for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) { rsa_key_operations(keysize, true, false, false); } } +#endif TEST_CASE("test RSA-3072 calculations", "[bignum]") { diff --git a/components/protocomm/src/security/security1.c b/components/protocomm/src/security/security1.c index 716f4fa0a1..dca71315bd 100644 --- a/components/protocomm/src/security/security1.c +++ b/components/protocomm/src/security/security1.c @@ -223,6 +223,7 @@ static esp_err_t handle_session_command0(session_t *cur_session, } mbedtls_ecdh_init(ctx_server); + mbedtls_ecdh_setup(ctx_server, MBEDTLS_ECP_DP_CURVE25519); mbedtls_ctr_drbg_init(ctr_drbg); mbedtls_entropy_init(entropy); diff --git a/components/protocomm/test/test_protocomm.c b/components/protocomm/test/test_protocomm.c index 7b4b1165f2..6e44ffd247 100644 --- a/components/protocomm/test/test_protocomm.c +++ b/components/protocomm/test/test_protocomm.c @@ -370,6 +370,7 @@ static esp_err_t test_sec_endpoint(session_t *session) uint8_t *outbuf = NULL; mbedtls_ecdh_init(&session->ctx_client); + mbedtls_ecdh_setup(&session->ctx_client, MBEDTLS_ECP_DP_CURVE25519); mbedtls_ctr_drbg_init(&session->ctr_drbg); mbedtls_entropy_init(&session->entropy); diff --git a/tools/unit-test-app/components/test_utils/memory_checks.c b/tools/unit-test-app/components/test_utils/memory_checks.c index f126ea9c12..f845eab5ca 100644 --- a/tools/unit-test-app/components/test_utils/memory_checks.c +++ b/tools/unit-test-app/components/test_utils/memory_checks.c @@ -8,6 +8,9 @@ #include "esp_heap_caps.h" #include "unity.h" #include "memory_checks.h" +#ifdef CONFIG_HEAP_TRACING +#include "esp_heap_trace.h" +#endif static size_t before_free_8bit; static size_t before_free_32bit;