diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 51bb962919..475883702e 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -83,3 +83,8 @@ */ #define MBEDTLS_SSL_IN_CONTENT_LEN 1024 #define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 + +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index c70773d63b..95c40875f7 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -110,3 +110,8 @@ */ #define MBEDTLS_SSL_IN_CONTENT_LEN 1024 #define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 + +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 36d8245106..c032fdc4b5 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -85,3 +85,8 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index c63b511306..dc0f120e44 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -30,16 +30,20 @@ use strict; my %configs = ( 'config-ccm-psk-tls1_2.h' => { 'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', + 'test_again_with_use_psa' => 1 }, 'config-no-entropy.h' => { }, 'config-suite-b.h' => { 'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", + 'test_again_with_use_psa' => 1, }, 'config-symmetric-only.h' => { + 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice }, 'config-thread.h' => { 'opt' => '-f ECJPAKE.*nolog', + 'test_again_with_use_psa' => 1, }, ); @@ -79,18 +83,33 @@ if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) { close SEEDFILE or die; } -while( my ($conf, $data) = each %configs ) { +sub perform_test { + my $conf = $_[0]; + my $data = $_[1]; + my $test_with_psa = $_[2]; + system( "cp $config_h.bak $config_h" ) and die; system( "make clean" ) and die; print "\n******************************************\n"; print "* Testing configuration: $conf\n"; + if ( $test_with_psa ) + { + print "* ENABLING MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO \n"; + } print "******************************************\n"; + $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf; system( "cp configs/$conf $config_h" ) and abort "Failed to activate $conf\n"; + if ( $test_with_psa ) + { + system( "scripts/config.py set MBEDTLS_PSA_CRYPTO_C" ); + system( "scripts/config.py set MBEDTLS_USE_PSA_CRYPTO" ); + } + system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n"; system( "make test" ) and abort "Failed test suite: $conf\n"; @@ -119,6 +138,15 @@ while( my ($conf, $data) = each %configs ) { } } +while( my ($conf, $data) = each %configs ) { + my $test_with_psa = $data->{'test_again_with_use_psa'}; + if ( $test_with_psa ) + { + perform_test( $conf, $data, $test_with_psa ); + } + perform_test( $conf, $data, 0 ); +} + system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; system( "make clean" ); exit 0;