From 7dccb66d4944bbcdec024303b7d597511964e6ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 12 Jun 2023 18:28:42 +0200 Subject: [PATCH] test: disable RSA support on the test ecc_no_bignum component MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 3 ++- library/pkparse.c | 2 +- library/pkwrite.h | 4 ++-- tests/scripts/all.sh | 23 +++++++++++++++++++++++ 4 files changed, 28 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 7a87971070..e503fdff5f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -425,7 +425,8 @@ #endif #if defined(MBEDTLS_PK_C) && \ - !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_LIGHT) + !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_LIGHT) && \ + !( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) #error "MBEDTLS_PK_C defined, but not all prerequisites" #endif diff --git a/library/pkparse.c b/library/pkparse.c index f03ace2610..78eb4bc62e 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -34,7 +34,7 @@ #include "mbedtls/rsa.h" #endif #include "mbedtls/ecp.h" -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "pkwrite.h" #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) diff --git a/library/pkwrite.h b/library/pkwrite.h index aa2f17b020..bc40437d54 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -85,7 +85,7 @@ * + 2 * ECP_MAX (coords) [1] * } */ -#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES) +#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * 66) /* * EC private keys: @@ -96,7 +96,7 @@ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES) +#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * 66) #else /* MBEDTLS_PK_HAVE_ECC_KEYS */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index bebad5a073..295c34ab5b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2681,6 +2681,29 @@ config_psa_crypto_config_accel_ecc_no_bignum() { scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + # RSA support is intentionally disabled on this test because RSA_C depends + # on BIGNUM_C. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + for ALG in $(sed -n 's/^#define \(PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + scripts/config.py -f include/psa/crypto_config.h unset $ALG + done + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + # Also disable key exchanges that depend on RSA + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + + # TODO: DHM and its reverse deps + # Restartable feature is not yet supported by PSA. Once it will in # the future, the following line could be removed (see issues # 6061, 6332 and following ones)