From f2c6e340dee8a46d48212ec78b9078a8b7e81c5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 20 May 2020 10:34:25 +0200 Subject: [PATCH 1/2] Fix undeclared deps on MBEDTLS_CTR_DRBG in tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit While at it, declare deps on ENTROPY as well. A non-regression test will be added in a follow-up commit. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_rsa.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index d4acc2de2..9a3b5837c 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1506,7 +1506,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ void mbedtls_rsa_validate_params( int radix_N, char *input_N, int radix_P, char *input_P, int radix_Q, char *input_Q, From 014ff5b0d64a8f9dce1831599792222ab0ccd27d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 28 May 2020 12:55:10 +0200 Subject: [PATCH 2/2] Add test for building without CTR_DRBG MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit People who prefer to rely on HMAC_DRBG (for example because they use it for deterministic ECDSA and don't want a second DRBG for code size reasons) should be able to build and run the tests suites without CTR_DRBG. Ideally we should make sure the level of testing (SSL) is the same regardless of which DRBG modules is enabled, but that's a more significant piece of work. For now, just ensure everything builds and `make test` passes. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9c46e2c57..d8d46e9a7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -787,6 +787,20 @@ component_test_rsa_no_crt () { if_build_succeeded tests/compat.sh -t RSA } +component_test_no_ctr_drbg () { + msg "build: Full minus CTR_DRBG" + scripts/config.pl full + scripts/config.pl unset MBEDTLS_CTR_DRBG_C + + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: no CTR_DRBG" + make test + + # no SSL tests as they all depend on CTR_DRBG so far +} + component_test_small_ssl_out_content_len () { msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384