1# The goal here is to showcase that Mbed TLS's PSA crypto implementation can be
2# supported on any platform. A very minimal configuration is tested here: simply
3# enable support for PSA crypto APIs in Mbed TLS and then test them with:
4# - psa_crypto_init() which is required before any PSA crypto operation
5# - psa_generate_random() which is always available as long as PSA crypto is
6#   initialized.
7#
8# Since it might take too long to execute this test on all platforms
9# supported by Zephyr, we reduce to a very small selected group whose
10# characteristics are:
11# - no TF-M enabled devices because we assume that the TF-M implementation
12#   of PSA crypto is working fine on the platforms that support TF-M.
13# - platform should be testable by the CI.
14# - pick 1 platform which supports entropy driver and 1 which does not. The
15#   latter case will allow to test
16#   CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG.
17common:
18  filter: not CONFIG_BUILD_WITH_TFM
19  tags:
20    - mbedtls
21    - psa
22tests:
23  crypto.mbedtls_psa.with_entropy_driver:
24    filter: CONFIG_CSPRNG_ENABLED
25    # Pick a platform which has an entropy driver and enable it.
26    integration_platforms:
27      - native_sim/native/64
28    extra_configs:
29      - CONFIG_ENTROPY_GENERATOR=y
30  crypto.mbedtls_psa.without_entropy_driver:
31    filter: not CONFIG_CSPRNG_ENABLED
32    # Pick a platform which does not have an entropy driver. In this case we
33    # enable the timer random generator because it's always available on all
34    # platforms.
35    # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this is
36    # not "automatically selected" when there is no CSPRNG available.
37    integration_platforms:
38      - qemu_x86
39    extra_configs:
40      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
41      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y
42      - CONFIG_TEST_RANDOM_GENERATOR=y
43