test: adding new components for testing and driver coverage analysis without BN
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
parent
2f12a29cdd
commit
abd00d0be8
2 changed files with 163 additions and 0 deletions
|
@ -2650,6 +2650,114 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () {
|
|||
tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
# This function is really similar to config_psa_crypto_no_ecp_at_all() above so
|
||||
# its description is basically the same. The main difference in this case is
|
||||
# that when the EC built-in implementation is disabled, then also Bignum module
|
||||
# and its dependencies are disabled as well.
|
||||
#
|
||||
# This is the common helper between:
|
||||
# - component_test_psa_crypto_config_accel_ecc_no_bignum
|
||||
# - component_test_psa_crypto_config_reference_ecc_no_bignum
|
||||
config_psa_crypto_config_accel_ecc_no_bignum() {
|
||||
DRIVER_ONLY="$1"
|
||||
# start with crypto_full config for maximum coverage (also enables USE_PSA),
|
||||
# but excluding X509, TLS and key exchanges
|
||||
helper_libtestdriver1_adjust_config "crypto_full"
|
||||
|
||||
# enable support for drivers and configuring PSA-only algorithms
|
||||
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
if [ "$DRIVER_ONLY" -eq 1 ]; then
|
||||
# Disable modules that are accelerated
|
||||
scripts/config.py unset MBEDTLS_ECDSA_C
|
||||
scripts/config.py unset MBEDTLS_ECDH_C
|
||||
scripts/config.py unset MBEDTLS_ECJPAKE_C
|
||||
# Disable ECP module (entirely)
|
||||
scripts/config.py unset MBEDTLS_ECP_C
|
||||
# TODO: bignum
|
||||
fi
|
||||
|
||||
# Disable all the features that auto-enable ECP_LIGHT (see build_info.h)
|
||||
scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED
|
||||
scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED
|
||||
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
|
||||
|
||||
# Restartable feature is not yet supported by PSA. Once it will in
|
||||
# the future, the following line could be removed (see issues
|
||||
# 6061, 6332 and following ones)
|
||||
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
|
||||
}
|
||||
|
||||
# Build and test a configuration where driver accelerates all EC algs while
|
||||
# all support and dependencies from ECP and ECP_LIGHT are removed on the library
|
||||
# side.
|
||||
#
|
||||
# Keep in sync with component_test_psa_crypto_config_reference_ecc_no_bignum()
|
||||
component_test_psa_crypto_config_accel_ecc_no_bignum () {
|
||||
msg "build: crypto_full + accelerated EC algs + USE_PSA - ECP"
|
||||
|
||||
# Algorithms and key types to accelerate
|
||||
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
|
||||
ALG_ECDH \
|
||||
ALG_JPAKE \
|
||||
KEY_TYPE_ECC_KEY_PAIR_BASIC \
|
||||
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
|
||||
KEY_TYPE_ECC_KEY_PAIR_EXPORT \
|
||||
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
|
||||
KEY_TYPE_ECC_PUBLIC_KEY"
|
||||
|
||||
# Configure
|
||||
# ---------
|
||||
|
||||
# Set common configurations between library's and driver's builds
|
||||
config_psa_crypto_config_accel_ecc_no_bignum 1
|
||||
|
||||
# Build
|
||||
# -----
|
||||
|
||||
# Things we wanted supported in libtestdriver1, but not accelerated in the main library:
|
||||
# SHA-1 and all SHA-2 variants, as they are used by ECDSA deterministic.
|
||||
loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512"
|
||||
|
||||
helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list"
|
||||
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure any built-in EC alg was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecjpake_ library/ecjpake.o
|
||||
# Also ensure that ECP or RSA modules were not re-enabled
|
||||
not grep mbedtls_ecp_ library/ecp.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
|
||||
msg "test suites: crypto_full + accelerated EC algs + USE_PSA - ECP"
|
||||
make test
|
||||
|
||||
# The following will be enabled in #7756
|
||||
#msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP"
|
||||
#tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
# Reference function used for driver's coverage analysis in analyze_outcomes.py
|
||||
# in conjunction with component_test_psa_crypto_config_accel_ecc_no_bignum().
|
||||
# Keep in sync with its accelerated counterpart.
|
||||
component_test_psa_crypto_config_reference_ecc_no_bignum () {
|
||||
msg "build: crypto_full + non accelerated EC algs + USE_PSA"
|
||||
|
||||
config_psa_crypto_config_accel_ecc_no_bignum 0
|
||||
|
||||
make
|
||||
|
||||
msg "test suites: crypto_full + non accelerated EC algs + USE_PSA"
|
||||
make test
|
||||
|
||||
# The following will be enabled in #7756
|
||||
#msg "ssl-opt: full + non accelerated EC algs + USE_PSA"
|
||||
#tests/ssl-opt.sh
|
||||
}
|
||||
|
||||
# Helper function used in:
|
||||
# - component_test_psa_crypto_config_accel_all_curves_except_p192
|
||||
# - component_test_psa_crypto_config_accel_all_curves_except_x25519
|
||||
|
|
|
@ -310,6 +310,61 @@ TASKS = {
|
|||
}
|
||||
}
|
||||
},
|
||||
'analyze_driver_vs_reference_no_bignum': {
|
||||
'test_function': do_analyze_driver_vs_reference,
|
||||
'args': {
|
||||
'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum',
|
||||
'component_driver': 'test_psa_crypto_config_accel_ecc_no_bignum',
|
||||
'ignored_suites': [
|
||||
# Ignore test suites for the modules that are disabled in the
|
||||
# accelerated test case.
|
||||
'ecp',
|
||||
'ecdsa',
|
||||
'ecdh',
|
||||
'ecjpake',
|
||||
],
|
||||
'ignored_tests': {
|
||||
'test_suite_random': [
|
||||
'PSA classic wrapper: ECDSA signature (SECP256R1)',
|
||||
],
|
||||
'test_suite_psa_crypto': [
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
|
||||
'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
|
||||
'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
|
||||
'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
|
||||
],
|
||||
'test_suite_pkparse': [
|
||||
# See the description provided above in the
|
||||
# analyze_driver_vs_reference_no_ecp_at_all component.
|
||||
'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
|
||||
'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
|
||||
'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
|
||||
'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
|
||||
'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
|
||||
'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
|
||||
'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
|
||||
'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
|
||||
'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
|
||||
'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
|
||||
'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
|
||||
'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
|
||||
'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
|
||||
'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
|
||||
'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
|
||||
'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
|
||||
],
|
||||
}
|
||||
}
|
||||
},
|
||||
'analyze_driver_vs_reference_ffdh_alg': {
|
||||
'test_function': do_analyze_driver_vs_reference,
|
||||
'args': {
|
||||
|
|
Loading…
Reference in a new issue