From 8eea3ae8602ef623e57c2a801a7487710548e52b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 20 May 2020 10:34:25 +0200 Subject: [PATCH 1/2] Fix undeclared deps on MBEDTLS_CTR_DRBG in tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit While at it, declare deps on ENTROPY as well. A non-regression test will be added in a follow-up commit. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_rsa.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index d6daa2896..e895302c9 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1124,7 +1124,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ void mbedtls_rsa_validate_params( int radix_N, char *input_N, int radix_P, char *input_P, int radix_Q, char *input_Q, From c98fde5ca8389af3c5cec6fd403f14dfed30b6fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 28 May 2020 12:55:10 +0200 Subject: [PATCH 2/2] Add test for building without CTR_DRBG MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit People who prefer to rely on HMAC_DRBG (for example because they use it for deterministic ECDSA and don't want a second DRBG for code size reasons) should be able to build and run the tests suites without CTR_DRBG. Ideally we should make sure the level of testing (SSL) is the same regardless of which DRBG modules is enabled, but that's a more significant piece of work. For now, just ensure everything builds and `make test` passes. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c33fce614..d5fa23a4e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -784,6 +784,20 @@ component_test_rsa_no_crt () { if_build_succeeded tests/compat.sh -t RSA } +component_test_no_ctr_drbg () { + msg "build: Full minus CTR_DRBG" + scripts/config.pl full + scripts/config.pl unset MBEDTLS_CTR_DRBG_C + + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: no CTR_DRBG" + make test + + # no SSL tests as they all depend on CTR_DRBG so far +} + component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s scripts/config.pl full