Remove ECJPAKE interoperability testing

We no longer have two (only partially distinct) implementations of ECJ-PAKE cipher suites in TLS, now that the non-MBEDTLS_USE_PSA_CRYPTO implementation is being removed. We may want to add this testing back in the future, but we'll have to use an old Mbed TLS instead of a differently-built one. https://github.com/Mbed-TLS/mbedtls/issues/9740 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-04-15 23:42:41 +00:00 · 2024-10-30 14:20:14 +01:00 · 2024-10-30 14:20:14 +01:00 · a1be1b8fbb
commit a1be1b8fbb
parent 8ed4d94166
1 changed files with 0 additions and 33 deletions
--- a/tests/scripts/components-configuration-tls.sh
+++ b/tests/scripts/components-configuration-tls.sh
@ -184,39 +184,6 @@ component_test_config_thread () {
    tests/ssl-opt.sh -f 'ECJPAKE.*nolog'
 }

-# We're not aware of any other (open source) implementation of EC J-PAKE in TLS
-# that we could use for interop testing. However, we now have sort of two
-# implementations ourselves: one using PSA, the other not. At least test that
-# these two interoperate with each other.
-component_test_tls1_2_ecjpake_compatibility () {
-    msg "build: TLS1.2 server+client w/ EC-JPAKE w/o USE_PSA"
-    scripts/config.py set MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-    # Explicitly make lib first to avoid a race condition:
-    # https://github.com/Mbed-TLS/mbedtls/issues/8229
-    make lib
-    make -C programs ssl/ssl_server2 ssl/ssl_client2
-    cp programs/ssl/ssl_server2 s2_no_use_psa
-    cp programs/ssl/ssl_client2 c2_no_use_psa
-
-    msg "build: TLS1.2 server+client w/ EC-JPAKE w/ USE_PSA"
-    scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
-    make clean
-    make lib
-    make -C programs ssl/ssl_server2 ssl/ssl_client2
-    make -C programs test/udp_proxy test/query_compile_time_config
-
-    msg "test: server w/o USE_PSA - client w/ USE_PSA, text password"
-    P_SRV=../s2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: working, TLS"
-    msg "test: server w/o USE_PSA - client w/ USE_PSA, opaque password"
-    P_SRV=../s2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: opaque password client only, working, TLS"
-    msg "test: client w/o USE_PSA - server w/ USE_PSA, text password"
-    P_CLI=../c2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: working, TLS"
-    msg "test: client w/o USE_PSA - server w/ USE_PSA, opaque password"
-    P_CLI=../c2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: opaque password server only, working, TLS"
-
-    rm s2_no_use_psa c2_no_use_psa
-}
-
 component_test_tls1_2_ccm_psk () {
    msg "build: configs/config-ccm-psk-tls1_2.h"
    cp configs/config-ccm-psk-tls1_2.h "$CONFIG_H"