diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index a06308490f..20cecdbdf8 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1521,6 +1521,7 @@ int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl, return 0; } +#if defined(PSA_WANT_ALG_FFDH) static psa_status_t mbedtls_ssl_get_psa_ffdh_info_from_tls_id( uint16_t tls_id, size_t *bits, psa_key_type_t *key_type) { @@ -1549,6 +1550,7 @@ static psa_status_t mbedtls_ssl_get_psa_ffdh_info_from_tls_id( return PSA_ERROR_NOT_SUPPORTED; } } +#endif /* PSA_WANT_ALG_FFDH */ int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( mbedtls_ssl_context *ssl, diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ed62b96068..ef3345e657 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2632,10 +2632,8 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { # - component_test_psa_crypto_config_reference_ecc_no_bignum config_psa_crypto_config_accel_ecc_no_bignum() { DRIVER_ONLY="$1" - # start with full config for maximum coverage (also enables USE_PSA), - # but keep TLS and key exchanges disabled + # start with full config for maximum coverage (also enables USE_PSA) helper_libtestdriver1_adjust_config "full" - scripts/config.py unset MBEDTLS_SSL_TLS_C if [ "$DRIVER_ONLY" -eq 1 ]; then # Disable modules that are accelerated @@ -2688,7 +2686,7 @@ config_psa_crypto_config_accel_ecc_no_bignum() { # # Keep in sync with component_test_psa_crypto_config_reference_ecc_no_bignum() component_test_psa_crypto_config_accel_ecc_no_bignum () { - msg "build: full + accelerated EC algs + USE_PSA - ECP" + msg "build: full + accelerated EC algs + USE_PSA - ECP - BIGNUM" # Algorithms and key types to accelerate loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ @@ -2730,12 +2728,12 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () { # Run the tests # ------------- - msg "test suites: full + accelerated EC algs + USE_PSA - ECP" + msg "test suites: full + accelerated EC algs + USE_PSA - ECP - BIGNUM" make test # The following will be enabled in #7756 - #msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP" - #tests/ssl-opt.sh + msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP - BIGNUM" + tests/ssl-opt.sh } # Reference function used for driver's coverage analysis in analyze_outcomes.py @@ -2752,8 +2750,8 @@ component_test_psa_crypto_config_reference_ecc_no_bignum () { make test # The following will be enabled in #7756 - #msg "ssl-opt: full + non accelerated EC algs + USE_PSA" - #tests/ssl-opt.sh + msg "ssl-opt: full + non accelerated EC algs + USE_PSA" + tests/ssl-opt.sh } # Helper function used in: diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index ee51513b73..c6891bb432 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -390,6 +390,16 @@ TASKS = { 'ASN.1 Write mpi, 255*8-1 bits', 'ASN.1 Write mpi, 256*8-1 bits', ], + 'test_suite_debug': [ + # Following tests depends on BIGNUM_C + 'Debug print mbedtls_mpi #2: 3 bits', + 'Debug print mbedtls_mpi: 0 (empty representation)', + 'Debug print mbedtls_mpi: 0 (non-empty representation)', + 'Debug print mbedtls_mpi: 49 bits', + 'Debug print mbedtls_mpi: 759 bits', + 'Debug print mbedtls_mpi: 764 bits #1', + 'Debug print mbedtls_mpi: 764 bits #2', + ], } } }, diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6113eeba94..0164b45cd5 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -435,6 +435,13 @@ detect_required_features() { ;; esac + case "$CMD_LINE" in + *server2*|\ + *server7*) + # server2 and server7 certificates use RSA encryption + requires_config_enabled "MBEDTLS_RSA_C" + esac + unset tmp }