ssl-opt: remove redundant requires_config_enabled when force_ciphersuite is set

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-02-23 13:47:30 +01:00
parent d1f991c879
commit 3f2309fea6

View file

@ -2059,7 +2059,6 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_CCM_C requires_config_enabled MBEDTLS_CCM_C
run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
@ -2097,7 +2096,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs,
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
requires_hash_alg SHA_384 requires_hash_alg SHA_384
requires_config_disabled MBEDTLS_X509_REMOVE_INFO requires_config_disabled MBEDTLS_X509_REMOVE_INFO
run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \ run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \
@ -2118,7 +2116,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs,
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_hash_alg SHA_384 requires_hash_alg SHA_384
requires_config_enabled MBEDTLS_CCM_C requires_config_enabled MBEDTLS_CCM_C
requires_config_disabled MBEDTLS_X509_REMOVE_INFO requires_config_disabled MBEDTLS_X509_REMOVE_INFO
@ -9118,6 +9115,9 @@ run_test "SSL async private: error in resume then operate correctly" \
# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly # key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
# Note: the function "detect_required_features()" is not able to detect more than
# one "force_ciphersuite" per client/server and it only picks the 2nd one.
# Therefore the 1st one is added explicitly here
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
run_test "SSL async private: cancel after start then fall back to transparent key" \ run_test "SSL async private: cancel after start then fall back to transparent key" \
"$P_SRV \ "$P_SRV \
@ -9138,6 +9138,9 @@ run_test "SSL async private: cancel after start then fall back to transparent
# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly # key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
# Note: the function "detect_required_features()" is not able to detect more than
# one "force_ciphersuite" per client/server and it only picks the 2nd one.
# Therefore the 1st one is added explicitly here
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
run_test "SSL async private: sign, error in resume then fall back to transparent key" \ run_test "SSL async private: sign, error in resume then fall back to transparent key" \
"$P_SRV \ "$P_SRV \
@ -9234,7 +9237,6 @@ run_test "Force a non ECC ciphersuite in the server side" \
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Force an ECC ciphersuite in the client side" \ run_test "Force an ECC ciphersuite in the client side" \
"$P_SRV debug_level=3" \ "$P_SRV debug_level=3" \
@ -9248,7 +9250,6 @@ run_test "Force an ECC ciphersuite in the client side" \
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Force an ECC ciphersuite in the server side" \ run_test "Force an ECC ciphersuite in the server side" \
"$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
@ -9806,7 +9807,6 @@ run_test "DTLS fragmenting: both (MTU=1024)" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -9838,7 +9838,6 @@ run_test "DTLS fragmenting: both (MTU=512)" \
not_with_valgrind not_with_valgrind
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -9863,7 +9862,6 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
only_with_valgrind only_with_valgrind
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -9919,7 +9917,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
not_with_valgrind # spurious autoreduction due to timeout not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -9972,7 +9969,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
not_with_valgrind # spurious autoreduction due to timeout not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -10009,7 +10005,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
not_with_valgrind # spurious autoreduction due to timeout not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -10039,7 +10034,6 @@ not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_CHACHAPOLY_C requires_config_enabled MBEDTLS_CHACHAPOLY_C
requires_max_content_len 2048 requires_max_content_len 2048
@ -10071,7 +10065,6 @@ not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
@ -10104,7 +10097,6 @@ not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CCM_C requires_config_enabled MBEDTLS_CCM_C
@ -10137,7 +10129,6 @@ not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
@ -10171,7 +10162,6 @@ not_with_valgrind # spurious autoreduction due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256 requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
@ -10201,7 +10191,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
# Forcing ciphersuite for this test to fit the MTU of 512 with full config. # Forcing ciphersuite for this test to fit the MTU of 512 with full config.
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2 client_needs_more_time 2
@ -10226,7 +10215,6 @@ run_test "DTLS fragmenting: proxy MTU + 3d" \
# Forcing ciphersuite for this test to fit the MTU of 512 with full config. # Forcing ciphersuite for this test to fit the MTU of 512 with full config.
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2 client_needs_more_time 2