From 817e368dfd6897fcf21959f35e100205713e78a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 28 May 2020 12:55:10 +0200 Subject: [PATCH] Add test for building without CTR_DRBG MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit People who prefer to rely on HMAC_DRBG (for example because they use it for deterministic ECDSA and don't want a second DRBG for code size reasons) should be able to build and run the tests suites without CTR_DRBG. Ideally we should make sure the level of testing (SSL) is the same regardless of which DRBG modules is enabled, but that's a more significant piece of work. For now, just ensure everything builds and `make test` passes. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5ea1c35d1..cbafe1d05 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -819,6 +819,24 @@ component_test_rsa_no_crt () { if_build_succeeded tests/context-info.sh } +component_test_no_ctr_drbg () { + msg "build: Full minus CTR_DRBG" + scripts/config.py full + scripts/config.py unset MBEDTLS_CTR_DRBG_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG + scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto + scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C # requires PSA Crypto + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO # requires PSA Crypto + + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: no CTR_DRBG" + make test + + # no SSL tests as they all depend on CTR_DRBG so far +} + component_test_new_ecdh_context () { msg "build: new ECDH context (ASan build)" # ~ 6 min scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT