lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-05 19:35:48 +03:00
Code Activity

test: fix test which are using accelerated ECC/DH keys

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
2023-08-15 17:10:47 +02:00
committed by Manuel Pégourié-Gonnard
parent dca8492043
commit b2fd673ec8
1 changed files with 78 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
tests/scripts/all.sh
View File

@@ -903,6 +903,47 @@ helper_libtestdriver1_adjust_config() {
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
} }
# When called with no parameter this function disables all builtin curves.
# The function optionally accepts 1 parameter with the list of the curves that
# should be kept enabled.
helper_disable_builtin_curves() {
allowed_list="${1:-}"
scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED"
for CURVE in $allowed_list; do
scripts/config.py set $CURVE
done
}
# Helper returning the list of supported elliptic curves from CRYPTO_CONFIG_H,
# without the "PSA_WANT_" prefix. This becomes handy for accelerating curves
# in the following helpers.
helper_get_psa_curve_list () {
loc_list=""
for ITEM in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do
loc_list="$loc_list $ITEM"
done
echo "$loc_list"
}
# Get the list of uncommented PSA_WANT_KEY_TYPE_xxx_ from CRYPTO_CONFIG_H. This
# is useful to easily get a list of key symbols accelerate.
# The function accepts a single argument which is the key type: ECC, DH, RSA.
helper_get_psa_keys_list() {
KEY_TYPE="$1"
loc_list=""
for ITEM in $(sed -n "s/^#define PSA_WANT_\(KEY_TYPE_${KEY_TYPE}_[0-9A-Z_a-z]*\).*/\1/p" <"$CRYPTO_CONFIG_H"); do
# Skip DERIVE for elliptic keys since there is no driver dispatch for
# it so it cannot be accelerated.
if [ "$ITEM" != "KEY_TYPE_ECC_KEY_PAIR_DERIVE" ]; then
loc_list="$loc_list $ITEM"
fi
done
echo "$loc_list"
}
# Build the drivers library libtestdriver1.a (with ASan). # Build the drivers library libtestdriver1.a (with ASan).
# #
# Parameters: # Parameters:
@@ -2297,11 +2338,9 @@ component_test_psa_crypto_config_accel_ecdsa () {
# Algorithms and key types to accelerate # Algorithms and key types to accelerate
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
KEY_TYPE_ECC_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "ECC")"
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
KEY_TYPE_ECC_KEY_PAIR_EXPORT \ loc_curve_list="$(helper_get_psa_curve_list)"
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY"
# Configure # Configure
# --------- # ---------
@@ -2343,11 +2382,9 @@ component_test_psa_crypto_config_accel_ecdh () {
# Algorithms and key types to accelerate # Algorithms and key types to accelerate
loc_accel_list="ALG_ECDH \ loc_accel_list="ALG_ECDH \
KEY_TYPE_ECC_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "ECC")"
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
KEY_TYPE_ECC_KEY_PAIR_EXPORT \ loc_curve_list="$(helper_get_psa_curve_list)"
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY"
# Configure # Configure
# --------- # ---------
@@ -2387,11 +2424,7 @@ component_test_psa_crypto_config_accel_ffdh () {
# Algorithms and key types to accelerate # Algorithms and key types to accelerate
loc_accel_list="ALG_FFDH \ loc_accel_list="ALG_FFDH \
KEY_TYPE_DH_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "DH")"
KEY_TYPE_DH_KEY_PAIR_IMPORT \
KEY_TYPE_DH_KEY_PAIR_EXPORT \
KEY_TYPE_DH_KEY_PAIR_GENERATE \
KEY_TYPE_DH_PUBLIC_KEY"
# Configure # Configure
# --------- # ---------
@@ -2512,11 +2545,11 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () {
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
ALG_ECDH \ ALG_ECDH \
ALG_JPAKE \ ALG_JPAKE \
KEY_TYPE_ECC_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "ECC")"
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
KEY_TYPE_ECC_KEY_PAIR_EXPORT \ echo "$loc_accel_list"
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY" loc_curve_list="$(helper_get_psa_curve_list)"
# Configure # Configure
# --------- # ---------
@@ -2524,6 +2557,10 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () {
# Use the same config as reference, only without built-in EC algs # Use the same config as reference, only without built-in EC algs
config_psa_crypto_config_ecp_light_only 1 config_psa_crypto_config_ecp_light_only 1
# Do not disable builtin curves because that support is rquired for:
# - MBEDTLS_PK_PARSE_EC_EXTENDED
# - MBEDTLS_PK_PARSE_EC_COMPRESSED
# Build # Build
# ----- # -----
@@ -2532,7 +2569,7 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () {
ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512"
helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list"
helper_libtestdriver1_make_main "$loc_accel_list" helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list"
# Make sure any built-in EC alg was not re-enabled by accident (additive config) # Make sure any built-in EC alg was not re-enabled by accident (additive config)
not grep mbedtls_ecdsa_ library/ecdsa.o not grep mbedtls_ecdsa_ library/ecdsa.o
@@ -2615,17 +2652,17 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () {
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
ALG_ECDH \ ALG_ECDH \
ALG_JPAKE \ ALG_JPAKE \
KEY_TYPE_ECC_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "ECC")"
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
KEY_TYPE_ECC_KEY_PAIR_EXPORT \ loc_curve_list="$(helper_get_psa_curve_list)"
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY"
# Configure # Configure
# --------- # ---------
# Set common configurations between library's and driver's builds # Set common configurations between library's and driver's builds
config_psa_crypto_no_ecp_at_all 1 config_psa_crypto_no_ecp_at_all 1
# Disable all the builtin curves. All the required algs are accelerated.
helper_disable_builtin_curves
# Build # Build
# ----- # -----
@@ -2637,13 +2674,13 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () {
helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list"
helper_libtestdriver1_make_main "$loc_accel_list" helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list"
# Make sure any built-in EC alg was not re-enabled by accident (additive config) # Make sure any built-in EC alg was not re-enabled by accident (additive config)
not grep mbedtls_ecdsa_ library/ecdsa.o not grep mbedtls_ecdsa_ library/ecdsa.o
not grep mbedtls_ecdh_ library/ecdh.o not grep mbedtls_ecdh_ library/ecdh.o
not grep mbedtls_ecjpake_ library/ecjpake.o not grep mbedtls_ecjpake_ library/ecjpake.o
# Also ensure that ECP or RSA modules were not re-enabled # Also ensure that ECP module was not re-enabled
not grep mbedtls_ecp_ library/ecp.o not grep mbedtls_ecp_ library/ecp.o
# Run the tests # Run the tests
@@ -2783,27 +2820,23 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () {
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
ALG_ECDH \ ALG_ECDH \
ALG_JPAKE \ ALG_JPAKE \
KEY_TYPE_ECC_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "ECC")"
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
KEY_TYPE_ECC_KEY_PAIR_EXPORT \
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY"
# Optionally we can also add DH to the list of accelerated items # Optionally we can also add DH to the list of accelerated items
if [ "$TEST_TARGET" = "ECC_DH" ]; then if [ "$TEST_TARGET" = "ECC_DH" ]; then
loc_accel_list="$loc_accel_list \ loc_accel_list="$loc_accel_list \
ALG_FFDH \ ALG_FFDH \
KEY_TYPE_DH_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "FFDH")"
KEY_TYPE_DH_KEY_PAIR_IMPORT \
KEY_TYPE_DH_KEY_PAIR_EXPORT \
KEY_TYPE_DH_KEY_PAIR_GENERATE \
KEY_TYPE_DH_PUBLIC_KEY"
fi fi
loc_curve_list="$(helper_get_psa_curve_list)"
# Configure # Configure
# --------- # ---------
# Set common configurations between library's and driver's builds # Set common configurations between library's and driver's builds
config_psa_crypto_config_accel_ecc_ffdh_no_bignum 1 "$TEST_TARGET" config_psa_crypto_config_accel_ecc_ffdh_no_bignum 1 "$TEST_TARGET"
# Disable all the builtin curves. All the required algs are accelerated.
helper_disable_builtin_curves
# Build # Build
# ----- # -----
@@ -2815,7 +2848,7 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () {
helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list"
helper_libtestdriver1_make_main "$loc_accel_list" helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list"
# Make sure any built-in EC alg was not re-enabled by accident (additive config) # Make sure any built-in EC alg was not re-enabled by accident (additive config)
not grep mbedtls_ecdsa_ library/ecdsa.o not grep mbedtls_ecdsa_ library/ecdsa.o
@@ -3002,11 +3035,7 @@ psa_crypto_config_accel_all_curves_except_one () {
loc_accel_list="ALG_ECDH \ loc_accel_list="ALG_ECDH \
ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
ALG_JPAKE \ ALG_JPAKE \
KEY_TYPE_ECC_KEY_PAIR_BASIC \ $(helper_get_psa_keys_list "ECC")"
KEY_TYPE_ECC_KEY_PAIR_IMPORT \
KEY_TYPE_ECC_KEY_PAIR_EXPORT \
KEY_TYPE_ECC_KEY_PAIR_GENERATE \
KEY_TYPE_ECC_PUBLIC_KEY"
# Configure # Configure
# --------- # ---------
@@ -3037,20 +3066,15 @@ psa_crypto_config_accel_all_curves_except_one () {
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
# Explicitly disable all SW implementation for elliptic curves # Explicitly disable all SW implementation for elliptic curves, keeping
scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" # only the requested one.
# Just leave SW implementation for the specified curve for allowing to helper_disable_builtin_curves $BUILTIN_CURVE
# build with ECP_C.
scripts/config.py set $BUILTIN_CURVE
# Accelerate all curves listed in "crypto_config.h" (skipping the ones that # Accelerate all curves listed in "crypto_config.h" (skipping the ones that
# are commented out). # are commented out).
# Note: Those are handled in a special way by the libtestdriver machinery, # Note: Those are handled in a special way by the libtestdriver machinery,
# so we only want to include them in the accel list when building the main # so we only want to include them in the accel list when building the main
# libraries, hence the use of a separate variable. # libraries, hence the use of a separate variable.
loc_curve_list="" loc_curve_list="$(helper_get_psa_curve_list)"
for CURVE in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do
loc_curve_list="$loc_curve_list $CURVE"
done
# Build # Build
# ----- # -----
@@ -3585,12 +3609,7 @@ component_build_psa_accel_key_type_ecc_key_pair() {
scripts/config.py full scripts/config.py full
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set-all "PSA_WANT_KEY_TYPE_ECC_[0-9A-Z_a-z]*"
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver # Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
} }