mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-26 03:35:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Optimize one cipher only components and adapt nemes

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-09-29 08:32:25 +02:00
parent 0cc3466c9e
commit 68db0d2f67
1 changed files with 38 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
tests/scripts/all.sh
View File

@ -1274,24 +1274,19 @@ component_test_crypto_full_no_cipher () {
make test
}
component_test_crypto_default_stream_cipher_only () {
component_test_tls1_2_default_stream_cipher_only () {
msg "build: default with only stream cipher"
# Disable all ciphers
# AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
# Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_AES_C
scripts/config.py unset MBEDTLS_CAMELLIA_C
scripts/config.py unset MBEDTLS_ARIA_C
scripts/config.py unset MBEDTLS_DES_C
# CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
# Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
# stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
# Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
# Indirect dependencies
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_CMAC_C
@ -1299,33 +1294,26 @@ component_test_crypto_default_stream_cipher_only () {
scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
# Enable stream(null) cipher only
scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
make
msg "test: default with only stream cipher"
make test
}
component_test_crypto_default_stream_cipher_only_use_psa () {
component_test_tls1_2_default_stream_cipher_only_use_psa () {
msg "build: deafult with only stream cipher use psa"
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
# Disable all ciphers
# AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
# Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_AES_C
scripts/config.py unset MBEDTLS_CAMELLIA_C
scripts/config.py unset MBEDTLS_ARIA_C
scripts/config.py unset MBEDTLS_DES_C
# CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
# Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
# stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
# Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
# Indirect dependencies
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_CMAC_C
@ -1333,31 +1321,24 @@ component_test_crypto_default_stream_cipher_only_use_psa () {
scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
# Enable stream(null) cipher only
scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
make
msg "test: deafult with only stream cipher use psa"
make test
}
component_test_crypto_default_cbc_legacy_cipher_only () {
component_test_tls1_2_default_cbc_legacy_cipher_only () {
msg "build: default with only CBC-legacy cipher"
# Disable all ciphers
# AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_AES_C
scripts/config.py unset MBEDTLS_CAMELLIA_C
scripts/config.py unset MBEDTLS_ARIA_C
scripts/config.py unset MBEDTLS_DES_C
# CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
# Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
# Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
# stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)
# Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
# Indirect dependencies
scripts/config.py unset MBEDTLS_CTR_DRBG_C
@ -1366,33 +1347,25 @@ component_test_crypto_default_cbc_legacy_cipher_only () {
scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
# Enable CBC-legacy cipher only
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
scripts/config.py set MBEDTLS_AES_C
make
msg "test: default with only CBC-legacy cipher"
make test
}
component_test_crypto_deafult_cbc_legacy_cipher_only_use_psa () {
component_test_tls1_2_deafult_cbc_legacy_cipher_only_use_psa () {
msg "build: default with only CBC-legacy cipher use psa"
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
# Disable all ciphers
# AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_AES_C
scripts/config.py unset MBEDTLS_CAMELLIA_C
scripts/config.py unset MBEDTLS_ARIA_C
scripts/config.py unset MBEDTLS_DES_C
# CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
# Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
# Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
# stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)
# Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
# Indirect dependencies
scripts/config.py unset MBEDTLS_CTR_DRBG_C
@ -1401,32 +1374,24 @@ component_test_crypto_deafult_cbc_legacy_cipher_only_use_psa () {
scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
# Enable CBC-legacy cipher only
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
scripts/config.py set MBEDTLS_AES_C
make
msg "test: default with only CBC-legacy cipher use psa"
make test
}
component_test_crypto_default_cbc_legacy_cbc_etm_cipher_only () {
component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only () {
msg "build: default with only CBC-legacy and CBC-EtM ciphers"
# Disable all ciphers
# AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_AES_C
scripts/config.py unset MBEDTLS_CAMELLIA_C
scripts/config.py unset MBEDTLS_ARIA_C
scripts/config.py unset MBEDTLS_DES_C
# CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
# stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)
# Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
# Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
# Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
# Indirect dependencies
scripts/config.py unset MBEDTLS_CTR_DRBG_C
@ -1435,35 +1400,25 @@ component_test_crypto_default_cbc_legacy_cbc_etm_cipher_only () {
scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
# Enable CBC-legacy cipher only
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
scripts/config.py set MBEDTLS_AES_C
scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
make
msg "test: default with only CBC-legacy and CBC-EtM ciphers"
make test
}
component_test_crypto_full_cbc_legacy_cbc_etm_cipher_only_use_psa () {
component_test_tls1_2_full_cbc_legacy_cbc_etm_cipher_only_use_psa () {
msg "build: full with only CBC-legacy and CBC-EtM ciphers use psa"
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
# Disable all ciphers
# AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C
# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py unset MBEDTLS_CCM_C
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
# CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_AES_C
scripts/config.py unset MBEDTLS_CAMELLIA_C
scripts/config.py unset MBEDTLS_ARIA_C
scripts/config.py unset MBEDTLS_DES_C
# CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
# stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)
# Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
# Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
# Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
# Indirect dependencies
scripts/config.py unset MBEDTLS_CTR_DRBG_C
@ -1472,11 +1427,6 @@ component_test_crypto_full_cbc_legacy_cbc_etm_cipher_only_use_psa () {
scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
# Enable CBC-legacy cipher only
scripts/config.py set MBEDTLS_CIPHER_MODE_CBC
scripts/config.py set MBEDTLS_AES_C
scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
make
msg "test: full with only CBC-legacy and CBC-EtM ciphers use psa"