mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-07 06:45:34 +00:00
Test SSL with non-deterministic ECDSA
In component_test_no_hmac_drbg, the fact that HMAC_DRBG is disabled doesn't affect the SSL code, but the fact that deterministic ECDSA is disabled does. So run some ECDSA-related SSL tests. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
15c39e53e5
commit
629fd9362c
|
@ -890,11 +890,21 @@ component_test_no_hmac_drbg () {
|
||||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
make
|
make
|
||||||
|
|
||||||
msg "test: no HMAC_DRBG"
|
msg "test: Full minus HMAC_DRBG - main suites"
|
||||||
make test
|
make test
|
||||||
|
|
||||||
# No ssl-opt.sh/compat.sh as they never use HMAC_DRBG so far,
|
# Normally our ECDSA implementation uses deterministic ECDSA. But since
|
||||||
# so there's little value in running those lengthy tests here.
|
# HMAC_DRBG is disabled in this configuration, randomized ECDSA is used
|
||||||
|
# instead.
|
||||||
|
# Test SSL with non-deterministic ECDSA. Only test features that
|
||||||
|
# might be affected by how ECDSA signature is performed.
|
||||||
|
msg "test: Full minus HMAC_DRBG - ssl-opt.sh (subset)"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign'
|
||||||
|
|
||||||
|
# To save time, only test one protocol version, since this part of
|
||||||
|
# the protocol is identical in (D)TLS up to 1.2.
|
||||||
|
msg "test: Full minus HMAC_DRBG - compat.sh (ECDSA)"
|
||||||
|
if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA'
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_no_drbg_all_hashes () {
|
component_test_no_drbg_all_hashes () {
|
||||||
|
|
Loading…
Reference in a new issue