zephyrproject-rtos
diff --git a/‎tests/bluetooth/host/crypto/CMakeLists.txt‎
Lines changed: 4 additions & 5 deletions b/‎tests/bluetooth/host/crypto/CMakeLists.txt‎
Lines changed: 4 additions & 5 deletions
diff --git a/‎tests/bluetooth/host/crypto/bt_encrypt_be/src/main.c‎
Lines changed: 5 additions & 5 deletions b/‎tests/bluetooth/host/crypto/bt_encrypt_be/src/main.c‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎tests/bluetooth/host/crypto/bt_encrypt_be/src/test_suite_invalid_inputs.c‎
Lines changed: 13 additions & 13 deletions b/‎tests/bluetooth/host/crypto/bt_encrypt_be/src/test_suite_invalid_inputs.c‎
Lines changed: 13 additions & 13 deletions
diff --git a/‎tests/bluetooth/host/crypto/bt_encrypt_le/src/main.c‎
Lines changed: 3 additions & 3 deletions b/‎tests/bluetooth/host/crypto/bt_encrypt_le/src/main.c‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎tests/bluetooth/host/crypto/bt_encrypt_le/src/test_suite_invalid_inputs.c‎
Lines changed: 6 additions & 6 deletions b/‎tests/bluetooth/host/crypto/bt_encrypt_le/src/test_suite_invalid_inputs.c‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎tests/bluetooth/host/crypto/bt_rand/src/main.c‎
Lines changed: 8 additions & 54 deletions b/‎tests/bluetooth/host/crypto/bt_rand/src/main.c‎
Lines changed: 8 additions & 54 deletions
@@ -8,11 +8,10 @@ add_library(mocks STATIC
             mocks/hci_core_expects.c
             mocks/aes.c
             mocks/aes_expects.c
-            mocks/hmac_prng.c
-            mocks/hmac_prng_expects.c
-            mocks/crypto_help_utils.c
+            mocks/prng.c
+            mocks/prng_expects.c
 
-            ${ZEPHYR_BASE}/subsys/bluetooth/host/crypto_tc.c
+            ${ZEPHYR_BASE}/subsys/bluetooth/host/crypto_psa.c
             ${ZEPHYR_BASE}/subsys/logging/log_minimal.c
             ${ZEPHYR_BASE}/subsys/bluetooth/common/bt_str.c
             ${ZEPHYR_BASE}/subsys/bluetooth/host/uuid.c
@@ -24,7 +23,7 @@ target_include_directories(mocks PUBLIC
   ${ZEPHYR_BASE}/subsys/bluetooth/host
   ${ZEPHYR_BASE}/tests/bluetooth/host
   ${ZEPHYR_BASE}/tests/bluetooth/host/crypto/mocks
-  ${ZEPHYR_BASE}/../modules/crypto/tinycrypt/lib/include
+  ${ZEPHYR_MBEDTLS_MODULE_DIR}/include
 )
 
 target_link_libraries(mocks PRIVATE test_interface)
@@ -28,8 +28,8 @@ ZTEST_SUITE(bt_encrypt_be, NULL, NULL, NULL, NULL, NULL);
  *  Test bt_encrypt_be() succeeds
  *
  *  Constraints:
- *   - tc_aes128_set_encrypt_key() succeeds and returns 'TC_CRYPTO_SUCCESS'.
- *   - tc_aes_encrypt() succeeds and returns 'TC_CRYPTO_SUCCESS'.
+ *   - psa_import_key() succeeds and returns 'PSA_SUCCESS'.
+ *   - psa_cipher_encrypt() succeeds and returns 'PSA_SUCCESS'.
  *
  *  Expected behaviour:
  *   - bt_encrypt_be() returns 0 (success)
@@ -41,12 +41,12 @@ ZTEST(bt_encrypt_be, test_bt_encrypt_be_succeeds)
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
 
-	tc_aes128_set_encrypt_key_fake.return_val = TC_CRYPTO_SUCCESS;
-	tc_aes_encrypt_fake.return_val = TC_CRYPTO_SUCCESS;
+	psa_import_key_fake.return_val = PSA_SUCCESS;
+	psa_cipher_encrypt_fake.return_val = PSA_SUCCESS;
 
 	err = bt_encrypt_be(key, plaintext, enc_data);
 
-	expect_single_call_tc_aes_encrypt(enc_data);
+	expect_single_call_psa_cipher_encrypt(enc_data);
 
 	zassert_ok(err, "Unexpected error code '%d' was returned", err);
 }
@@ -12,7 +12,7 @@
 
 #include <host/crypto.h>
 
-ZTEST_SUITE(bt_encrypt_le_invalid_cases, NULL, NULL, NULL, NULL, NULL);
+ZTEST_SUITE(bt_encrypt_be_invalid_cases, NULL, NULL, NULL, NULL, NULL);
 
 /*
  *  Test passing NULL reference for the key argument
@@ -24,7 +24,7 @@ ZTEST_SUITE(bt_encrypt_le_invalid_cases, NULL, NULL, NULL, NULL, NULL);
  *  Expected behaviour:
  *   - An assertion is raised and execution stops
  */
-ZTEST(bt_encrypt_le_invalid_cases, test_null_key_reference)
+ZTEST(bt_encrypt_be_invalid_cases, test_null_key_reference)
 {
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
@@ -43,7 +43,7 @@ ZTEST(bt_encrypt_le_invalid_cases, test_null_key_reference)
  *  Expected behaviour:
  *   - An assertion is raised and execution stops
  */
-ZTEST(bt_encrypt_le_invalid_cases, test_null_plaintext_reference)
+ZTEST(bt_encrypt_be_invalid_cases, test_null_plaintext_reference)
 {
 	const uint8_t key[16] = {0};
 	uint8_t enc_data[16] = {0};
@@ -62,7 +62,7 @@ ZTEST(bt_encrypt_le_invalid_cases, test_null_plaintext_reference)
  *  Expected behaviour:
  *   - An assertion is raised and execution stops
  */
-ZTEST(bt_encrypt_le_invalid_cases, test_null_enc_data_reference)
+ZTEST(bt_encrypt_be_invalid_cases, test_null_enc_data_reference)
 {
 	const uint8_t key[16] = {0};
 	const uint8_t plaintext[16] = {0};
@@ -75,19 +75,19 @@ ZTEST(bt_encrypt_le_invalid_cases, test_null_enc_data_reference)
  *  Test bt_encrypt_le() fails when tc_aes128_set_encrypt_key() fails
  *
  *  Constraints:
- *   - tc_aes128_set_encrypt_key() fails and returns 'TC_CRYPTO_FAIL'.
+ *   - psa_import_key() fails and returns 'PSA_ERROR_GENERIC_ERROR'.
  *
  *  Expected behaviour:
  *   - bt_encrypt_le() returns a negative error code '-EINVAL' (failure)
  */
-ZTEST(bt_encrypt_le_invalid_cases, test_tc_aes128_set_encrypt_key_fails)
+ZTEST(bt_encrypt_be_invalid_cases, test_psa_import_key_fails)
 {
 	int err;
 	const uint8_t key[16] = {0};
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
 
-	tc_aes128_set_encrypt_key_fake.return_val = TC_CRYPTO_FAIL;
+	psa_import_key_fake.return_val = PSA_ERROR_GENERIC_ERROR;
 
 	err = bt_encrypt_le(key, plaintext, enc_data);
 
@@ -98,23 +98,23 @@ ZTEST(bt_encrypt_le_invalid_cases, test_tc_aes128_set_encrypt_key_fails)
  *  Test bt_encrypt_le() fails when tc_aes_encrypt() fails
  *
  *  Constraints:
- *   - tc_aes128_set_encrypt_key() succeeds and returns 'TC_CRYPTO_SUCCESS'.
- *   - tc_aes_encrypt() fails and returns 'TC_CRYPTO_FAIL'.
+ *   - psa_import_key() succeeds and returns 'PSA_SUCCESS'.
+ *   - psa_cipher_encrypt() fails and returns 'PSA_ERROR_GENERIC_ERROR'.
  *
  *  Expected behaviour:
  *   - bt_encrypt_le() returns a negative error code '-EINVAL' (failure)
  */
-ZTEST(bt_encrypt_le_invalid_cases, test_tc_aes_encrypt_fails)
+ZTEST(bt_encrypt_be_invalid_cases, test_psa_cipher_encrypt_fails)
 {
 	int err;
 	const uint8_t key[16] = {0};
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
 
-	tc_aes128_set_encrypt_key_fake.return_val = TC_CRYPTO_SUCCESS;
-	tc_aes_encrypt_fake.return_val = TC_CRYPTO_FAIL;
+	psa_import_key_fake.return_val = PSA_SUCCESS;
+	psa_cipher_encrypt_fake.return_val = -EINVAL;
 
 	err = bt_encrypt_le(key, plaintext, enc_data);
 
-	zassert_true(err == -EINVAL, "Unexpected error code '%d' was returned", err);
+	zassert_true(err == -EIO, "Unexpected error code '%d' was returned", err);
 }
@@ -41,12 +41,12 @@ ZTEST(bt_encrypt_le, test_bt_encrypt_le_succeeds)
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
 
-	tc_aes128_set_encrypt_key_fake.return_val = TC_CRYPTO_SUCCESS;
-	tc_aes_encrypt_fake.return_val = TC_CRYPTO_SUCCESS;
+	psa_import_key_fake.return_val = PSA_SUCCESS;
+	psa_cipher_encrypt_fake.return_val = PSA_SUCCESS;
 
 	err = bt_encrypt_le(key, plaintext, enc_data);
 
-	expect_single_call_tc_aes_encrypt(enc_data);
+	expect_single_call_psa_cipher_encrypt(enc_data);
 
 	zassert_ok(err, "Unexpected error code '%d' was returned", err);
 }
@@ -87,7 +87,7 @@ ZTEST(bt_encrypt_le_invalid_cases, test_tc_aes128_set_encrypt_key_fails)
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
 
-	tc_aes128_set_encrypt_key_fake.return_val = TC_CRYPTO_FAIL;
+	psa_import_key_fake.return_val = PSA_ERROR_GENERIC_ERROR;
 
 	err = bt_encrypt_le(key, plaintext, enc_data);
 
@@ -98,8 +98,8 @@ ZTEST(bt_encrypt_le_invalid_cases, test_tc_aes128_set_encrypt_key_fails)
  *  Test bt_encrypt_le() fails when tc_aes_encrypt() fails
  *
  *  Constraints:
- *   - tc_aes128_set_encrypt_key() succeeds and returns 'TC_CRYPTO_SUCCESS'.
- *   - tc_aes_encrypt() fails and returns 'TC_CRYPTO_FAIL'.
+ *   - psa_import_key() succeeds and returns 'PSA_SUCCESS'.
+ *   - psa_cipher_encrypt() fails and returns '-EINVAL'.
  *
  *  Expected behaviour:
  *   - bt_encrypt_le() returns a negative error code '-EINVAL' (failure)
@@ -111,10 +111,10 @@ ZTEST(bt_encrypt_le_invalid_cases, test_tc_aes_encrypt_fails)
 	const uint8_t plaintext[16] = {0};
 	uint8_t enc_data[16] = {0};
 
-	tc_aes128_set_encrypt_key_fake.return_val = TC_CRYPTO_SUCCESS;
-	tc_aes_encrypt_fake.return_val = TC_CRYPTO_FAIL;
+	psa_import_key_fake.return_val = PSA_SUCCESS;
+	psa_cipher_encrypt_fake.return_val = -EINVAL;
 
 	err = bt_encrypt_le(key, plaintext, enc_data);
 
-	zassert_true(err == -EINVAL, "Unexpected error code '%d' was returned", err);
+	zassert_true(err == -EIO, "Unexpected error code '%d' was returned", err);
 }
@@ -4,11 +4,10 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-#include "mocks/crypto_help_utils.h"
 #include "mocks/hci_core.h"
 #include "mocks/hci_core_expects.h"
-#include "mocks/hmac_prng.h"
-#include "mocks/hmac_prng_expects.h"
+#include "mocks/prng.h"
+#include "mocks/prng_expects.h"
 
 #include <zephyr/bluetooth/crypto.h>
 #include <zephyr/fff.h>
@@ -21,7 +20,7 @@ DEFINE_FFF_GLOBALS;
 static void fff_reset_rule_before(const struct ztest_unit_test *test, void *fixture)
 {
 	HCI_CORE_FFF_FAKES_LIST(RESET_FAKE);
-	HMAC_PRNG_FFF_FAKES_LIST(RESET_FAKE);
+	PRNG_FFF_FAKES_LIST(RESET_FAKE);
 }
 
 ZTEST_RULE(fff_reset_rule, fff_reset_rule_before, NULL);
@@ -57,74 +56,29 @@ ZTEST(bt_rand, test_bt_rand_succeeds_host_crypto_prng_disabled)
 }
 
 /*
- *  Test bt_rand() succeeds when tc_hmac_prng_generate() succeeds on the first call while
+ *  Test bt_rand() succeeds when psa_generate_random() succeeds on the first call while
  * 'CONFIG_BT_HOST_CRYPTO_PRNG' is enabled.
  *
  *  Constraints:
  *   - 'CONFIG_BT_HOST_CRYPTO_PRNG' is enabled
- *   - tc_hmac_prng_generate() succeeds and returns 'TC_CRYPTO_SUCCESS' on the first call.
+ *   - psa_generate_random() succeeds and returns 'PSA_SUCCESS' on the first call.
  *
  *  Expected behaviour:
  *   - bt_rand() returns 0 (success)
  */
-ZTEST(bt_rand, test_tc_hmac_prng_generate_succeeds_on_first_call)
+ZTEST(bt_rand, test_psa_generate_random_succeeds_on_first_call)
 {
 	int err;
 	uint8_t buf[16];
 	size_t buf_len = 16;
-	struct tc_hmac_prng_struct *hmac_prng = bt_crypto_get_hmac_prng_instance();
 
 	Z_TEST_SKIP_IFNDEF(CONFIG_BT_HOST_CRYPTO_PRNG);
 
-	tc_hmac_prng_generate_fake.return_val = TC_CRYPTO_SUCCESS;
+	psa_generate_random_fake.return_val = PSA_SUCCESS;
 
 	err = bt_rand(buf, buf_len);
 
-	expect_call_count_tc_hmac_prng_generate(1, buf, buf_len, hmac_prng);
-
-	zassert_ok(err, "Unexpected error code '%d' was returned", err);
-}
-
-static int tc_hmac_prng_generate_custom_fake(uint8_t *out, unsigned int outlen, TCHmacPrng_t prng)
-{
-	if (tc_hmac_prng_generate_fake.call_count == 1) {
-		return TC_HMAC_PRNG_RESEED_REQ;
-	}
-
-	return TC_CRYPTO_SUCCESS;
-}
-
-/*
- *  Test bt_rand() succeeds when tc_hmac_prng_generate() succeeds on the second call after a seeding
- *  request by tc_hmac_prng_generate() while 'CONFIG_BT_HOST_CRYPTO_PRNG' is enabled.
- *
- *  Constraints:
- *   - 'CONFIG_BT_HOST_CRYPTO_PRNG' is enabled
- *   - tc_hmac_prng_generate() fails and returns 'TC_HMAC_PRNG_RESEED_REQ' on the first call.
- *   - tc_hmac_prng_generate() succeeds and returns 'TC_CRYPTO_SUCCESS' on the second call.
- *
- *  Expected behaviour:
- *   - bt_rand() returns 0 (success)
- */
-ZTEST(bt_rand, test_tc_hmac_prng_generate_succeeds_on_second_call)
-{
-	int err;
-	uint8_t buf[16];
-	size_t buf_len = 16;
-	struct tc_hmac_prng_struct *hmac_prng = bt_crypto_get_hmac_prng_instance();
-
-	Z_TEST_SKIP_IFNDEF(CONFIG_BT_HOST_CRYPTO_PRNG);
-
-	tc_hmac_prng_generate_fake.custom_fake = tc_hmac_prng_generate_custom_fake;
-
-	/* This is to make prng_reseed() succeeds and return 0 */
-	bt_hci_le_rand_fake.return_val = 0;
-	tc_hmac_prng_reseed_fake.return_val = TC_CRYPTO_SUCCESS;
-
-	err = bt_rand(buf, buf_len);
-
-	expect_call_count_tc_hmac_prng_generate(2, buf, buf_len, hmac_prng);
-	expect_single_call_tc_hmac_prng_reseed(hmac_prng, 32, sizeof(int64_t));
+	expect_single_call_psa_generate_random(buf, buf_len);
 
 	zassert_ok(err, "Unexpected error code '%d' was returned", err);
 }