Rsa related On Target Tests crash with stack overflow

[RonEld]

Description

• Type: Bug
• Priority: Major
  3 generated On Target tests related to rsa crash with Stack Overflow
  Tested on NRF52840_DK

---

Bug

OS
Mbed OS

mbed TLS build:
Version: 2.13.0

Expected behavior
Tests to run without crashing

Actual behavior
features-mbedtls-tests-mbedtls-test_suite_pk, features-mbedtls-tests-mbedtls-test_suite_pkcs1_v21 and features-mbedtls-tests-mbedtls-test_suite_rsa crash with stack overflow

Steps to reproduce
generate the On target tests with RSA enabled, and run On Target( Tested on NRF52840_DK, reproduces on K64F If I Remember Correct)

[ciarmcom]

ARM Internal Ref: IOTSSL-2629

[RonEld]

The failures are consisted of 3 issues:

1. The tests themselves consume too uch stack
2. When MBEDTLS_MPI_MAX_SIZE is the default 1024, it consumes too much stack
3. The tests are too long, and the overall timeout of 180 seconds expire

[RonEld]

Notes to pass the tests (on K64F):

1. features-mbedtls-tests-mbedtls-test_suite_pk - reduce stack usage in the tests. After building with MBEDTLS_MPI_MAX_SIZE=512, tests finish successfully after 58.71 seconds
2. features-mbedtls-tests-mbedtls-test_suite_pkcs1_v21 - reduce the stack usage in the tests. After building with MBEDTLS_MPI_MAX_SIZE=768 and MBEDTLS_SHA1_C defined, tests finished successfully after 581.78 seconds. Without MBEDTLS_SHA1_C defined ( default in Mbed OS), all tests skipped, and suite finishes successfully after 260.70 seconds
3. features-mbedtls-tests-mbedtls-test_suite_rsa -- reduce the stack usage in the tests. After building with MBEDTLS_MPI_MAX_SIZE=768 and MBEDTLS_GENPRIME defined, test finished after 528.74 seconds, only with one failure, in test "RSA Check Public key Object identifier database #6 (N exactly 8192 bits)" which is reasonable considering the MPI Max size. Without MBEDTLS_GENPRIM ( default in Mbed OS), all tests skipped, and suite finishes successfully after 202.92 seconds.

[RonEld]

Open question: Should the timout be increased to a value that should fit the non default configuration (e.g. MBEDTLS_SHA1_C and MBEDTLS_GENPRIME), or should we adapt only to the default configuration, and increase to 300 seconds?

[Patater]

Let's increase the timeout. It will let us run on more targets, but shouldn't slow down the quicker ones.

[RonEld]

@Patater
My question was whether we wan't to increase the timeout to 300 for example, where the default Mbed TLS configuration is set ( without MBEDTLS_SHA1_C and MBEDTLS_GENPRIME ), or should we increase to 600, to fit these tests as well?

Note that the module that consumes the most time, as I saw, is the greentea test infrastructure, trying to serialize and deserialize the long test data in these tests, so I don't think this is platform dependent( perhaps a bit dependent on the MCU \ networking etc.. )

[RonEld]

With PR #2230 and setting MBEDTLS_MPI_MAX_SIZE to 512, all of the tests succeed except:
"RSA Check Public key #6 (N exactly 8192 bits)" test, which is reasonable, considering the max mpi size

Need to add a condition dependency in the test infrastructure

[RonEld]

features-mbedtls-tests-mbedtls-test_suite_pkcs1_v15 also crashes when MBEDTLS_SHA1_C and MBEDTLS_GENPRIME are defined

[RonEld]

Need to add a condition dependency in the test infrastructure

This has been addressed in #2231

[RonEld]

Setting the default size of MBEDTLS_MPI_MAX_SIZE to 512 in Mbed OS has been raised in
ARMmbed/mbed-os#8936

[RonEld]

All causes for the RSA failures have been fixed in:

• Address RSA related tests #2230 Fix on target test issues ARMmbed/mbed-crypto#278
• Add conditional dependency to tests #2231
• Reduce default MBEDTLS_MPI_MAX_SIZE ARMmbed/mbed-os#8936

Therefore, adding the label "Fix available"

[tom-cosgrove-arm]

Closing this issue as on-target testing was removed from Mbed TLS in PR #5116 (#4944 for 2.28 LTS), following the announcement in issue #4912 in Sep 2021.

A separate issue (#5595) has been raised as a placeholder, in case we want to come back to it at some point in the future.