Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs

Resolve problems with reduced configs using USE_PSA_CRYPTO

tests/scripts/test-ref-configs.pl

@@ -30,16 +30,20 @@ use strict;
 my %configs = (
     'config-ccm-psk-tls1_2.h' => {
         'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
+        'test_again_with_use_psa' => 1
     },
     'config-no-entropy.h' => {
     },
     'config-suite-b.h' => {
         'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
+        'test_again_with_use_psa' => 1,
     },
     'config-symmetric-only.h' => {
+        'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
     },
     'config-thread.h' => {
         'opt' => '-f ECJPAKE.*nolog',
+        'test_again_with_use_psa' => 1,
     },
 );
 
@@ -79,18 +83,33 @@ if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) {
     close SEEDFILE or die;
 }
 
-while( my ($conf, $data) = each %configs ) {
+sub perform_test {
+    my $conf = $_[0];
+    my $data = $_[1];
+    my $test_with_psa = $_[2];
+
     system( "cp $config_h.bak $config_h" ) and die;
     system( "make clean" ) and die;
 
     print "\n******************************************\n";
     print "* Testing configuration: $conf\n";
+    if ( $test_with_psa )
+    {
+        print "* ENABLING MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO \n";
+    }
     print "******************************************\n";
+
     $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf;
 
     system( "cp configs/$conf $config_h" )
         and abort "Failed to activate $conf\n";
 
+    if ( $test_with_psa )
+    {
+        system( "scripts/config.py set MBEDTLS_PSA_CRYPTO_C" );
+        system( "scripts/config.py set MBEDTLS_USE_PSA_CRYPTO" );
+    }
+
     system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n";
     system( "make test" ) and abort "Failed test suite: $conf\n";
 
@@ -119,6 +138,15 @@ while( my ($conf, $data) = each %configs ) {
     }
 }
 
+while( my ($conf, $data) = each %configs ) {
+    my $test_with_psa = $data->{'test_again_with_use_psa'};
+    if ( $test_with_psa )
+    {
+        perform_test( $conf, $data, $test_with_psa );
+    }
+    perform_test( $conf, $data, 0 );
+}
+
 system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
 system( "make clean" );
 exit 0;

tests/src/psa_exercise_key.c

@@ -764,6 +764,7 @@ int mbedtls_test_psa_exported_key_sanity_check(
 #endif /* MBEDTLS_ECP_C */
 
     {
+        (void) exported;
         TEST_ASSERT( ! "Sanity check not implemented for this key type" );
     }
 

tests/suites/test_suite_psa_crypto.function

@@ -54,7 +54,7 @@ static int mem_is_char( void *buffer, unsigned char c, size_t size )
     }
     return( 1 );
 }
-
+#if defined(MBEDTLS_ASN1_WRITE_C)
 /* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
 static int asn1_write_10x( unsigned char **p,
                            unsigned char *start,
@@ -138,6 +138,7 @@ static int construct_fake_rsa_key( unsigned char *buffer,
     }
     return( len );
 }
+#endif /* MBEDTLS_ASN1_WRITE_C */
 
 int exercise_mac_setup( psa_key_type_t key_type,
                         const unsigned char *key_bytes,
@@ -758,7 +759,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C */
 void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
 {
     mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;