ThePassionate opened a new pull request, #3384:
URL: https://github.com/apache/nuttx-apps/pull/3384
# NuttX-Apps Crypto Testing Framework Enhancement
## Overview
Comprehensive enhancement to the NuttX-Apps crypto testing framework,
implementing cmocka-based unit testing, improving test coverage, and adding
support for additional cryptographic operations and key management.
## Key Changes
### 1. CMocka Framework Migration
- **Commit**: testing/crypto: change crypto module testcase into cmocka
- Converts crypto module tests from basic CLI tests to cmocka unit testing
framework
- Enables better test isolation, mocking, and assertion capabilities
- Refactored test cases for AES, 3DES, CRC32, HMAC, Hash, DHM, ECDSA, RSA
- Improves code quality and test maintainability
### 2. AES-CMAC Improvements
- **Commit**: testing/crypto: aes-cmac need to update message before finish
- Fixes AES-CMAC test to properly update message before operation completion
- Ensures correct test execution flow and message handling
### 3. Dependency Configuration
- **Commit**: testing/crypto: correct dependency configuration of crypto
testing cases in UT testing
- Corrects Kconfig dependency settings for crypto tests
- Improves build configuration accuracy for unit testing
### 4. QEMU Backend Support
- **Commit**: crypto: fix aesctr/aesxts to support qemu backend
- Fixes AES-CTR and AES-XTS implementations for QEMU backend compatibility
- Adjusts parameter handling for data unit and sequence number
- Enables testing with QEMU virtual crypto devices
### 5. IV Length Support
- **Commit**: testing/crypto: add ivlen in test cases
- Adds explicit IV length (ivlen) and output length (olen) parameters
- Provides more complete test coverage for cryptographic operations
- Enables proper validation of IV handling across algorithms
### 6. AES Stream Mode Support
- **Commit**: testing/crypto: aes support stream mode
- Extends AES testing to support stream mode operations
- Adds comprehensive test cases for streaming encryption/decryption workflows
- Covers both single-shot and streaming modes
### 7. Cryptosoftware Dependency Removal
- **Commit**: crypto/testing: remove dependence crypto driver testing of
cryptosoftware
- Removes unnecessary dependency on cryptosoftware implementation
- Supports testing with rpmsg driver and virtio driver backends
- Enables flexible backend selection for testing
### 8. Key Management Test Cases
- **Commit**: testing/crypto: add keymanagement test cases
- Comprehensive key management test suite covering:
- AES key generation (128, 192, 256-bit)
- RSA keypair generation with variable key sizes
- ECDSA keypair generation on SECP256R1 curve
- Tests key lifecycle operations:
- CRK_DELETE_KEY: Remove keys from driver
- CRK_SAVE_KEY: Persist keys to non-volatile storage
- CRK_LOAD_KEY: Load previously saved keys
- Validates MTD-based persistent key storage
- Supports both symmetric and asymmetric cryptography
## Testing
All test cases have been validated against:
- CMocka unit testing framework with proper assertions and mocking
- Multiple cryptographic backends (software, QEMU, RPMSG, VIRTIO)
- Both hardware and software key management implementations
- Persistent key storage via MTD devices
## Code Quality
- Maintains backward compatibility with existing crypto subsystem
- Follows Apache NuttX contribution guidelines
- All commits properly signed-off
- No internal metadata (Change-Id, JIRA IDs) in final PR
- Clean commit history with descriptive messages
## Compatibility
- Works with Apache NuttX master branch
- Compatible with cryptodev driver interface
- Supports multiple crypto backend implementations
- No breaking changes to existing API
## Related Features
- Implements comprehensive testing for asymmetric cryptography (RSA, ECDSA)
- Supports MTD-based persistent key storage for non-volatile credential
persistence
- Enables secure device configuration with non-volatile credentials across
reboots
- Provides framework for testing specialized crypto operations
## Checklist
- [x] Changes follow code style guidelines
- [x] Code is properly tested with cmocka framework
- [x] No breaking changes to existing functionality
- [x] All commits properly signed-off
- [x] No internal metadata in commit messages
- [x] Ready for Apache community contribution
- [x] Backward compatible with existing crypto subsystem
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
