diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index 90d51b7835..e5b8d74416 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -66,8 +66,7 @@ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY #endif diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 514682136e..34b3107815 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -671,9 +671,6 @@ component_test_psa_crypto_config_accel_ffdh () { # Disable the module that's accelerated scripts/config.py unset MBEDTLS_DHM_C - # Disable things that depend on it - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - # Build # ----- @@ -700,8 +697,6 @@ component_test_psa_crypto_config_reference_ffdh () { # Start with full (USE_PSA and TLS 1.3) helper_libtestdriver1_adjust_config "full" - # Disable things that are not supported - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED make msg "test suites: full with non-accelerated FFDH alg" @@ -1174,24 +1169,20 @@ config_psa_crypto_config_accel_ecc_ffdh_no_bignum () { scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT # Also disable key exchanges that depend on RSA scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED if [ "$test_target" = "ECC" ]; then # When testing ECC only, we disable FFDH support, both from builtin and - # PSA sides, and also disable the key exchanges that depend on DHM. + # PSA sides. scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_FFDH scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_DH_RFC7919_[0-9]*" scripts/config.py unset MBEDTLS_DHM_C - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED else - # When testing ECC and DH instead, we disable DHM and depending key - # exchanges only in the accelerated build + # When testing ECC and DH instead, we disable DHM. if [ "$driver_only" -eq 1 ]; then scripts/config.py unset MBEDTLS_DHM_C - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED fi fi @@ -1543,7 +1534,6 @@ component_test_new_psa_want_key_pair_symbol () { # Remove RSA support and its dependencies scripts/config.py unset MBEDTLS_PKCS1_V15 scripts/config.py unset MBEDTLS_PKCS1_V21 - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 2e8df33b58..a08ede54a5 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -314,8 +314,7 @@ REVERSE_DEPENDENCIES = { 'MBEDTLS_PKCS1_V21': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT', 'PSA_WANT_ALG_RSA_OAEP', 'PSA_WANT_ALG_RSA_PSS'], - 'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED', 'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT', 'PSA_WANT_ALG_RSA_PKCS1V15_SIGN'],