From 19e83fa3a5219465b975188c8c78015654a174c0 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 17 Jan 2022 16:05:43 +0100 Subject: [PATCH] Restructure test-ref-configs to test with USE_PSA_CRYPTO turned on Run some of the test configs twice, enabling MBEDTLS_USE_PSA_CRYPTO and MBEDTLS_PSA_CRYPTO_C in one of the runs. Add relevant comments in these configs. Signed-off-by: Andrzej Kurek --- configs/config-ccm-psk-tls1_2.h | 5 +++++ configs/config-suite-b.h | 5 +++++ configs/config-thread.h | 5 +++++ tests/scripts/test-ref-configs.pl | 30 +++++++++++++++++++++++++++++- 4 files changed, 44 insertions(+), 1 deletion(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index c58d150d9..cbebf8c00 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -81,6 +81,11 @@ */ #define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 9cad38273..4097eb79e 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -109,6 +109,11 @@ */ #define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/configs/config-thread.h b/configs/config-thread.h index 8464fcb1b..de24158ae 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -86,6 +86,11 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index d34bbdef5..c7c06638e 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -30,6 +30,7 @@ use strict; my %configs = ( 'config-ccm-psk-tls1_2.h' => { 'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', + 'test_again_with_use_psa' => 1 }, 'config-mini-tls1_1.h' => { 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #' @@ -38,11 +39,14 @@ my %configs = ( }, 'config-suite-b.h' => { 'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", + 'test_again_with_use_psa' => 1, }, 'config-symmetric-only.h' => { + 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice }, 'config-thread.h' => { 'opt' => '-f ECJPAKE.*nolog', + 'test_again_with_use_psa' => 1, }, ); @@ -82,18 +86,33 @@ if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) { close SEEDFILE or die; } -while( my ($conf, $data) = each %configs ) { +sub perform_test { + my $conf = $_[0]; + my $data = $_[1]; + my $test_with_psa = $_[2]; + system( "cp $config_h.bak $config_h" ) and die; system( "make clean" ) and die; print "\n******************************************\n"; print "* Testing configuration: $conf\n"; + if ( $test_with_psa ) + { + print "* ENABLING MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO \n"; + } print "******************************************\n"; + $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf; system( "cp configs/$conf $config_h" ) and abort "Failed to activate $conf\n"; + if ( $test_with_psa ) + { + system( "scripts/config.py set MBEDTLS_PSA_CRYPTO_C" ); + system( "scripts/config.py set MBEDTLS_USE_PSA_CRYPTO" ); + } + system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n"; system( "make test" ) and abort "Failed test suite: $conf\n"; @@ -122,6 +141,15 @@ while( my ($conf, $data) = each %configs ) { } } +while( my ($conf, $data) = each %configs ) { + my $test_with_psa = $data->{'test_again_with_use_psa'}; + if ( $test_with_psa ) + { + perform_test( $conf, $data, $test_with_psa ); + } + perform_test( $conf, $data, 0 ); +} + system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; system( "make clean" ); exit 0;