From 1c3de61ba8c70a27aa34bccac5c59f63230163d1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 20 Mar 2023 16:59:15 +0100 Subject: [PATCH] test: remove previous tests for accelerated ECDSA/ECDH/ECJPAKE coverage analysis All these EC based algs are now tested all at once in test_psa_crypto_config_[accel/reference]_all_ec_algs_use_psa() functions. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 239 ------------------------------------------- 1 file changed, 239 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d24da47ded..4f0360fea3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2171,245 +2171,6 @@ component_test_psa_crypto_config_accel_ecdsa_use_psa () { tests/ssl-opt.sh } -# Keep in sync with component_test_psa_crypto_config_accel_ecdsa_use_psa. -# Used by tests/scripts/analyze_outcomes.py for comparison purposes. -component_test_psa_crypto_config_reference_ecdsa_use_psa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA" - - # To be aligned with the accel component that needs this - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - config_psa_crypto_config_ecdsa_use_psa 0 - - make - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA" - make test - - msg "test: ssl-opt.sh" - tests/ssl-opt.sh -} - -component_test_psa_crypto_config_accel_ecdh () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" - - # Algorithms and key types to accelerate - loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" - - # Configure and build the test driver library - # ------------------------------------------- - - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" - - # Configure and build the main libraries - # -------------------------------------- - - # Start from default config (no USE_PSA or TLS 1.3) + driver support - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - - # Disable the module that's accelerated - scripts/config.py unset MBEDTLS_ECDH_C - - # Disable things that depend on it - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - - # Build the main library - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - - # Make sure this was not re-enabled by accident (additive config) - not grep mbedtls_ecdh_ library/ecdh.o - - # Run the tests - # ------------- - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" - make test -} - -# Auxiliary function to build config for ECDH with and without drivers. -# -# This is used by the two following components to ensure they always use the -# same config, except for the use of driver or built-in ECDH: -# - component_test_psa_crypto_config_accel_ecdh_use_psa; -# - component_test_psa_crypto_config_reference_ecdh_use_psa. -# This support comparing their test coverage with analyze_outcomes.py. -config_psa_crypto_config_ecdh_use_psa () { - DRIVER_ONLY="$1" - # start with config full for maximum coverage (also enables USE_PSA) - scripts/config.py full - # enable support for drivers and configuring PSA-only algorithms - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - if [ "$DRIVER_ONLY" -eq 1 ]; then - # Disable the module that's accelerated - scripts/config.py unset MBEDTLS_ECDH_C - fi - - # Restartable feature is not yet supported by PSA. Once it will in - # the future, the following line could be removed (see issues - # 6061, 6332 and following ones) - scripts/config.py unset MBEDTLS_ECP_RESTARTABLE -} - -# Keep in sync with component_test_psa_crypto_config_reference_ecdh_use_psa -component_test_psa_crypto_config_accel_ecdh_use_psa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA" - - # Algorithms and key types to accelerate - loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" - - # Configure and build the test driver library - # ------------------------------------------- - - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" - - # Configure and build the main libraries - # -------------------------------------- - - # Use the same config as reference, only without built-in ECDH - config_psa_crypto_config_ecdh_use_psa 1 - - # Build the main library - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - - # Make sure this was not re-enabled by accident (additive config) - not grep mbedtls_ecdh_ library/ecdh.o - - # Run the tests - # ------------- - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA" - make test - - msg "test: ssl-opt.sh" - tests/ssl-opt.sh -} - -# Keep in sync with component_test_psa_crypto_config_accel_ecdh_use_psa. -# Used by tests/scripts/analyze_outcomes.py for comparison purposes. -component_test_psa_crypto_config_reference_ecdh_use_psa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA" - - # To be aligned with the accel component that needs this - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - config_psa_crypto_config_ecdh_use_psa 0 - - make - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA" - make test - - msg "test: ssl-opt.sh" - tests/ssl-opt.sh -} - -# Auxiliary function to build config for EC JPAKE with and without drivers. -# -# This is used by the two following components to ensure they always use the -# same config, except for the use of driver or built-in ECJPAKE: -# - component_test_psa_crypto_config_accel_ecjpake_use_psa; -# - component_test_psa_crypto_config_reference_ecjpake_use_psa. -# This support comparing their test coverage with analyze_outcomes.py. -config_psa_crypto_config_ecjpake_use_psa () { - DRIVER_ONLY="$1" - # start with config full for maximum coverage (also enables USE_PSA) - scripts/config.py full - # enable support for drivers and configuring PSA-only algorithms - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - if [ "$DRIVER_ONLY" -eq 1 ]; then - # Disable the module that's accelerated - scripts/config.py unset MBEDTLS_ECJPAKE_C - fi - - # Dynamic secure element support is a deprecated feature and needs to be disabled here. - # This is done to have the same form of psa_key_attributes_s for libdriver and library. - scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C -} - -# Keep in sync with component_test_psa_crypto_config_reference_ecjpake_use_psa -component_test_psa_crypto_config_accel_ecjpake_use_psa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECJPAKE + USE_PSA" - - # Algorithms and key types to accelerate - loc_accel_list="ALG_JPAKE KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" - - # Configure and build the test driver library - # ------------------------------------------- - - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" - - # Configure and build the main libraries - # -------------------------------------- - - # Use the same config as reference, only without built-in JPAKE - config_psa_crypto_config_ecjpake_use_psa 1 - - # Build the main library - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - - # Make sure this was not re-enabled by accident (additive config) - not grep mbedtls_ecjpake_ library/ecjpake.o - - # Run the tests - # ------------- - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated JPAKE + USE_PSA" - make test - - msg "test: ssl-opt.sh" - tests/ssl-opt.sh -} - -# Keep in sync with component_test_psa_crypto_config_accel_ecjpake_use_psa. -# Used by tests/scripts/analyze_outcomes.py for comparison purposes. -component_test_psa_crypto_config_reference_ecjpake_use_psa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECJPAKE + USE_PSA" - - # To be aligned with the accel component that needs this - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - - config_psa_crypto_config_ecjpake_use_psa 0 - - make - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECJPAKE + USE_PSA" - make test - - msg "test: ssl-opt.sh" - tests/ssl-opt.sh -} - # Auxiliary function to build config for all EC based algorithms (EC-JPAKE, # ECDH, ECDSA) with and without drivers. #