mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-01 04:20:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

test: remove previous tests for accelerated ECDSA/ECDH/ECJPAKE coverage analysis

Browse Source 
All these EC based algs are now tested all at once in
test_psa_crypto_config_[accel/reference]_all_ec_algs_use_psa()
functions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-03-20 16:59:15 +01:00
parent 1fa5c56863
commit 1c3de61ba8
1 changed files with 0 additions and 239 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

239
tests/scripts/all.sh
View File

@ -2171,245 +2171,6 @@ component_test_psa_crypto_config_accel_ecdsa_use_psa () {
tests/ssl-opt.sh tests/ssl-opt.sh
} }
# Keep in sync with component_test_psa_crypto_config_accel_ecdsa_use_psa.
# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
component_test_psa_crypto_config_reference_ecdsa_use_psa () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
# To be aligned with the accel component that needs this
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
config_psa_crypto_config_ecdsa_use_psa 0
make
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
make test
msg "test: ssl-opt.sh"
tests/ssl-opt.sh
}
component_test_psa_crypto_config_accel_ecdh () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH"
# Algorithms and key types to accelerate
loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
# Configure and build the test driver library
# -------------------------------------------
# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
# partial support for cipher operations in the driver test library.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
# Configure and build the main libraries
# --------------------------------------
# Start from default config (no USE_PSA or TLS 1.3) + driver support
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
# Disable the module that's accelerated
scripts/config.py unset MBEDTLS_ECDH_C
# Disable things that depend on it
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
# Build the main library
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
# Make sure this was not re-enabled by accident (additive config)
not grep mbedtls_ecdh_ library/ecdh.o
# Run the tests
# -------------
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH"
make test
}
# Auxiliary function to build config for ECDH with and without drivers.
#
# This is used by the two following components to ensure they always use the
# same config, except for the use of driver or built-in ECDH:
# - component_test_psa_crypto_config_accel_ecdh_use_psa;
# - component_test_psa_crypto_config_reference_ecdh_use_psa.
# This support comparing their test coverage with analyze_outcomes.py.
config_psa_crypto_config_ecdh_use_psa () {
DRIVER_ONLY="$1"
# start with config full for maximum coverage (also enables USE_PSA)
scripts/config.py full
# enable support for drivers and configuring PSA-only algorithms
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
if [ "$DRIVER_ONLY" -eq 1 ]; then
# Disable the module that's accelerated
scripts/config.py unset MBEDTLS_ECDH_C
fi
# Restartable feature is not yet supported by PSA. Once it will in
# the future, the following line could be removed (see issues
# 6061, 6332 and following ones)
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
}
# Keep in sync with component_test_psa_crypto_config_reference_ecdh_use_psa
component_test_psa_crypto_config_accel_ecdh_use_psa () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA"
# Algorithms and key types to accelerate
loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
# Configure and build the test driver library
# -------------------------------------------
# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
# partial support for cipher operations in the driver test library.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
# Configure and build the main libraries
# --------------------------------------
# Use the same config as reference, only without built-in ECDH
config_psa_crypto_config_ecdh_use_psa 1
# Build the main library
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
# Make sure this was not re-enabled by accident (additive config)
not grep mbedtls_ecdh_ library/ecdh.o
# Run the tests
# -------------
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA"
make test
msg "test: ssl-opt.sh"
tests/ssl-opt.sh
}
# Keep in sync with component_test_psa_crypto_config_accel_ecdh_use_psa.
# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
component_test_psa_crypto_config_reference_ecdh_use_psa () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA"
# To be aligned with the accel component that needs this
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
config_psa_crypto_config_ecdh_use_psa 0
make
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA"
make test
msg "test: ssl-opt.sh"
tests/ssl-opt.sh
}
# Auxiliary function to build config for EC JPAKE with and without drivers.
#
# This is used by the two following components to ensure they always use the
# same config, except for the use of driver or built-in ECJPAKE:
# - component_test_psa_crypto_config_accel_ecjpake_use_psa;
# - component_test_psa_crypto_config_reference_ecjpake_use_psa.
# This support comparing their test coverage with analyze_outcomes.py.
config_psa_crypto_config_ecjpake_use_psa () {
DRIVER_ONLY="$1"
# start with config full for maximum coverage (also enables USE_PSA)
scripts/config.py full
# enable support for drivers and configuring PSA-only algorithms
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
if [ "$DRIVER_ONLY" -eq 1 ]; then
# Disable the module that's accelerated
scripts/config.py unset MBEDTLS_ECJPAKE_C
fi
# Dynamic secure element support is a deprecated feature and needs to be disabled here.
# This is done to have the same form of psa_key_attributes_s for libdriver and library.
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
}
# Keep in sync with component_test_psa_crypto_config_reference_ecjpake_use_psa
component_test_psa_crypto_config_accel_ecjpake_use_psa () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECJPAKE + USE_PSA"
# Algorithms and key types to accelerate
loc_accel_list="ALG_JPAKE KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
# Configure and build the test driver library
# -------------------------------------------
# Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
# partial support for cipher operations in the driver test library.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
# Configure and build the main libraries
# --------------------------------------
# Use the same config as reference, only without built-in JPAKE
config_psa_crypto_config_ecjpake_use_psa 1
# Build the main library
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
# Make sure this was not re-enabled by accident (additive config)
not grep mbedtls_ecjpake_ library/ecjpake.o
# Run the tests
# -------------
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated JPAKE + USE_PSA"
make test
msg "test: ssl-opt.sh"
tests/ssl-opt.sh
}
# Keep in sync with component_test_psa_crypto_config_accel_ecjpake_use_psa.
# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
component_test_psa_crypto_config_reference_ecjpake_use_psa () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECJPAKE + USE_PSA"
# To be aligned with the accel component that needs this
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
config_psa_crypto_config_ecjpake_use_psa 0
make
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECJPAKE + USE_PSA"
make test
msg "test: ssl-opt.sh"
tests/ssl-opt.sh
}
# Auxiliary function to build config for all EC based algorithms (EC-JPAKE, # Auxiliary function to build config for all EC based algorithms (EC-JPAKE,
# ECDH, ECDSA) with and without drivers. # ECDH, ECDSA) with and without drivers.
# #