Merge pull request #8008 from valeriosetti/issue7756

driver-only ECC: BN.TLS testing
2025-03-01 13:13:28 +00:00 · 2023-08-11 13:51:36 +00:00 · 2023-08-11 13:51:36 +00:00 · 963513dba5
commit 963513dba5
parent 5e678fd4d2 36344cecbd
4 changed files with 26 additions and 9 deletions
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@ -1521,6 +1521,7 @@ int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl,
    return 0;
 }
 #if defined(PSA_WANT_ALG_FFDH)
 static psa_status_t  mbedtls_ssl_get_psa_ffdh_info_from_tls_id(
    uint16_t tls_id, size_t *bits, psa_key_type_t *key_type)
 {
@ -1549,6 +1550,7 @@ static psa_status_t  mbedtls_ssl_get_psa_ffdh_info_from_tls_id(
            return PSA_ERROR_NOT_SUPPORTED;
    }
 }
 #endif /* PSA_WANT_ALG_FFDH */
 int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange(
    mbedtls_ssl_context *ssl,
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@ -2632,10 +2632,8 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () {
 # - component_test_psa_crypto_config_reference_ecc_no_bignum
 config_psa_crypto_config_accel_ecc_no_bignum() {
    DRIVER_ONLY="$1"
-    # start with full config for maximum coverage (also enables USE_PSA),
+    # start with full config for maximum coverage (also enables USE_PSA)
    # but keep TLS and key exchanges disabled
    helper_libtestdriver1_adjust_config "full"
    scripts/config.py unset MBEDTLS_SSL_TLS_C
    if [ "$DRIVER_ONLY" -eq 1 ]; then
        # Disable modules that are accelerated
@ -2688,7 +2686,7 @@ config_psa_crypto_config_accel_ecc_no_bignum() {
 #
 # Keep in sync with component_test_psa_crypto_config_reference_ecc_no_bignum()
 component_test_psa_crypto_config_accel_ecc_no_bignum () {
-    msg "build: full + accelerated EC algs + USE_PSA - ECP"
+    msg "build: full + accelerated EC algs + USE_PSA - ECP - BIGNUM"
    # Algorithms and key types to accelerate
    loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
@ -2730,12 +2728,12 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () {
    # Run the tests
    # -------------
-    msg "test suites: full + accelerated EC algs + USE_PSA - ECP"
+    msg "test suites: full + accelerated EC algs + USE_PSA - ECP - BIGNUM"
    make test
    # The following will be enabled in #7756
-    #msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP"
+    msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP - BIGNUM"
-    #tests/ssl-opt.sh
+    tests/ssl-opt.sh
 }
 # Reference function used for driver's coverage analysis in analyze_outcomes.py
@ -2752,8 +2750,8 @@ component_test_psa_crypto_config_reference_ecc_no_bignum () {
    make test
    # The following will be enabled in #7756
-    #msg "ssl-opt: full + non accelerated EC algs + USE_PSA"
+    msg "ssl-opt: full + non accelerated EC algs + USE_PSA"
-    #tests/ssl-opt.sh
+    tests/ssl-opt.sh
 }
 # Helper function used in:
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@ -390,6 +390,16 @@ TASKS = {
                    'ASN.1 Write mpi, 255*8-1 bits',
                    'ASN.1 Write mpi, 256*8-1 bits',
                ],
                'test_suite_debug': [
                    # Following tests depends on BIGNUM_C
                    'Debug print mbedtls_mpi #2: 3 bits',
                    'Debug print mbedtls_mpi: 0 (empty representation)',
                    'Debug print mbedtls_mpi: 0 (non-empty representation)',
                    'Debug print mbedtls_mpi: 49 bits',
                    'Debug print mbedtls_mpi: 759 bits',
                    'Debug print mbedtls_mpi: 764 bits #1',
                    'Debug print mbedtls_mpi: 764 bits #2',
                ],
            }
        }
    },
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -435,6 +435,13 @@ detect_required_features() {
            ;;
    esac
    case "$CMD_LINE" in
        *server2*|\
        *server7*)
            # server2 and server7 certificates use RSA encryption
            requires_config_enabled "MBEDTLS_RSA_C"
    esac
    unset tmp
 }