- Embed input arguments inside the script so as to simplify the
calls in Makefiles/CMakeLists.
- add a new "--list-dependencies" command line option to print
out the list of dependencies.
- Modify tests/Makefile accordinlgy.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The previous commit had:
- one obvious mistake (-f NULL with default -e runs nothing)
- one unforeseen issue: OPENSSL_NEXT skips static ECDH
- arguably scope creep: the stated goal was to simplify the full
invocation (in particular, make it obvious that everything is run
without having to remember the default value of EXCLUDE), but it also
made an unrelated change: running most tests with OPENSSL_NEXT (hence
the previous point).
This commit should fix all this, in particular it switches back to
running most tests with OPENSSL and using OPENSSL_NEXT only when needed.
Hopefully in the future we'll do the opposite: most tests will run with
a recent OpenSSL, and only those that need an older one will use
something older. But that will be another PR.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
RSA needs ASN1 functions to parse/write private and public keys,
but there is no guards in the code for that. So we need to enable
ASN1 support whenever RSA is enabled.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Prepare this component for PSA_CRYPTO_CONFIG to be on by default.
Rename it so that the name is still accurate when we remove legacy symbols
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
We actually only need two invocations.
This also moves all the default tests to OPENSSL_NEXT, which is good
because OPENSSL is ancient.
I have no idea why NULL doesn't work with OPENSSL_NEXT (1.1.1a) server,
because according to the manpage [1], "ALL,COMPLEMENTOFALL" (which is
what we are using) should do it, and indeed
$OPENSSL_NEXT ciphers "ALL,COMPLEMENTOFALL" | tr ':' '\n'
lists NULL ciphersuites, and also they work client-side with
OPENSSL_NEXT...
[1] https://www.openssl.org/docs/man1.1.1/man1/ciphers.html
Also, while at it, remove partial invocation (only non-default) from one
component, as we already have a full invocation in the same config (plus
ASan) in another component.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
- MBEDTLS_GENPRIME is removed because now we rely on predefined
RSA keys.
- MBEDTLS_RSA_GEN_KEY_MIN_BITS is replaced with RSA_KEY_SIZE which
is set on top of test_suite_pk to a value which is supported
in the predefined_keys[] array.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Remove static declaration of look-up table from test_suite_pk
and generate it automatically with Python.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is to manage RSA and EC keys in the same way in order to
prepare for the following commits.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
