From b434192dcb7e24254d18cb7fac4ea5a395c1202a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 24 Oct 2024 20:43:01 +0200 Subject: [PATCH] Remove explicit setting of MBEDTLS_USE_PSA_CRYPTO Now that it's always on, this is no longer necessary. Also this is a step towards no longer being able to set it, because it soon won't be a selectable configuration option anymore. Signed-off-by: Gilles Peskine --- tests/scripts/components-configuration-crypto.sh | 11 ----------- tests/scripts/components-configuration-tls.sh | 3 --- 2 files changed, 14 deletions(-) diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 6ee0f919d7..eaa0bcab99 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -187,7 +187,6 @@ component_test_no_ctr_drbg_use_psa () { msg "build: Full minus CTR_DRBG, PSA crypto in TLS" scripts/config.py full scripts/config.py unset MBEDTLS_CTR_DRBG_C - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -210,7 +209,6 @@ component_test_no_hmac_drbg_use_psa () { scripts/config.py full scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -255,7 +253,6 @@ component_test_psa_external_rng_use_psa_crypto () { msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_CTR_DRBG_C make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" @@ -656,8 +653,6 @@ component_test_psa_crypto_config_accel_ecdsa () { # Start from default config + TLS 1.3 helper_libtestdriver1_adjust_config "default" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - # Disable the module that's accelerated scripts/config.py unset MBEDTLS_ECDSA_C @@ -1428,12 +1423,6 @@ common_tfm_config () { echo "#undef MBEDTLS_PSA_CRYPTO_CONFIG_FILE" >> "$CONFIG_H" cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" - # Other config adjustment to make the tests pass. - # This should probably be adopted upstream. - # - # - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS - echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H" - # Config adjustment for better test coverage in our environment. # This is not needed just to build and pass tests. # diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh index e01a5989df..077d0a076c 100644 --- a/tests/scripts/components-configuration-tls.sh +++ b/tests/scripts/components-configuration-tls.sh @@ -57,7 +57,6 @@ component_test_no_renegotiation () { component_test_tls1_2_default_stream_cipher_only () { msg "build: default with only stream cipher use psa" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM @@ -95,7 +94,6 @@ component_test_tls1_2_default_stream_cipher_only () { component_test_tls1_2_default_cbc_legacy_cipher_only () { msg "build: default with only CBC-legacy cipher use psa" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM @@ -130,7 +128,6 @@ component_test_tls1_2_default_cbc_legacy_cipher_only () { component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only () { msg "build: default with only CBC-legacy and CBC-EtM ciphers use psa" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM