Merge remote-tracking branch 'origin/development' into adjust_tfm_configs
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index d15bb0b..a070b01 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -95,9 +95,21 @@
else:
results.warning('Allow listed test case was executed: {}', key)
+def name_matches_pattern(name, str_or_re):
+ """Check if name matches a pattern, that may be a string or regex.
+ - If the pattern is a string, name must be equal to match.
+ - If the pattern is a regex, name must fully match.
+ """
+ # The CI's python is too old for re.Pattern
+ #if isinstance(str_or_re, re.Pattern):
+ if not isinstance(str_or_re, str):
+ return str_or_re.fullmatch(name)
+ else:
+ return str_or_re == name
+
def analyze_driver_vs_reference(results: Results, outcomes,
component_ref, component_driver,
- ignored_suites, ignored_test=None):
+ ignored_suites, ignored_tests=None):
"""Check that all tests executed in the reference component are also
executed in the corresponding driver component.
Skip:
@@ -105,22 +117,25 @@
- only some specific test inside a test suite, for which the corresponding
output string is provided
"""
- available = check_test_cases.collect_available_test_cases()
-
- for key in available:
- # Continue if test was not executed by any component
- hits = outcomes[key].hits() if key in outcomes else 0
- if hits == 0:
- continue
- # Skip ignored test suites
- full_test_suite = key.split(';')[0] # retrieve full test suite name
- test_string = key.split(';')[1] # retrieve the text string of this test
+ seen_reference_passing = False
+ for key in outcomes:
+ # key is like "test_suite_foo.bar;Description of test case"
+ (full_test_suite, test_string) = key.split(';')
test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name
+
+ # Immediately skip fully-ignored test suites
if test_suite in ignored_suites or full_test_suite in ignored_suites:
continue
- if ((full_test_suite in ignored_test) and
- (test_string in ignored_test[full_test_suite])):
- continue
+
+ # For ignored test cases inside test suites, just remember and:
+ # don't issue an error if they're skipped with drivers,
+ # but issue an error if they're not (means we have a bad entry).
+ ignored = False
+ if full_test_suite in ignored_tests:
+ for str_or_re in ignored_tests[test_suite]:
+ if name_matches_pattern(test_string, str_or_re):
+ ignored = True
+
# Search for tests that run in reference component and not in driver component
driver_test_passed = False
reference_test_passed = False
@@ -129,8 +144,14 @@
driver_test_passed = True
if component_ref in entry:
reference_test_passed = True
- if(reference_test_passed and not driver_test_passed):
- results.error("Did not pass with driver: {}", key)
+ seen_reference_passing = True
+ if reference_test_passed and not driver_test_passed and not ignored:
+ results.error("PASS -> SKIP/FAIL: {}", key)
+ if ignored and driver_test_passed:
+ results.error("uselessly ignored: {}", key)
+
+ if not seen_reference_passing:
+ results.error("no passing test in reference component: bad outcome file?")
def analyze_outcomes(results: Results, outcomes, args):
"""Run all analyses on the given outcome collection."""
@@ -214,17 +235,71 @@
}
}
},
+ 'analyze_driver_vs_reference_cipher_aead': {
+ 'test_function': do_analyze_driver_vs_reference,
+ 'args': {
+ 'component_ref': 'test_psa_crypto_config_reference_cipher_aead',
+ 'component_driver': 'test_psa_crypto_config_accel_cipher_aead',
+ # Modules replaced by drivers.
+ 'ignored_suites': [
+ # low-level (block/stream) cipher modules
+ 'aes', 'aria', 'camellia', 'des', 'chacha20',
+ # AEAD modes
+ 'ccm', 'chachapoly', 'cmac', 'gcm',
+ # The Cipher abstraction layer
+ 'cipher',
+ ],
+ 'ignored_tests': {
+ # PEM decryption is not supported so far.
+ # The rest of PEM (write, unencrypted read) works though.
+ 'test_suite_pem': [
+ re.compile(r'PEM read .*(AES|DES|\bencrypt).*'),
+ ],
+ # Following tests depend on AES_C/DES_C but are not about
+ # them really, just need to know some error code is there.
+ 'test_suite_error': [
+ 'Low and high error',
+ 'Single low error'
+ ],
+ # Similar to test_suite_error above.
+ 'test_suite_version': [
+ 'Check for MBEDTLS_AES_C when already present',
+ ],
+ # The en/decryption part of PKCS#12 is not supported so far.
+ # The rest of PKCS#12 (key derivation) works though.
+ 'test_suite_pkcs12': [
+ re.compile(r'PBE Encrypt, .*'),
+ re.compile(r'PBE Decrypt, .*'),
+ ],
+ # The en/decryption part of PKCS#5 is not supported so far.
+ # The rest of PKCS#5 (PBKDF2) works though.
+ 'test_suite_pkcs5': [
+ re.compile(r'PBES2 Encrypt, .*'),
+ re.compile(r'PBES2 Decrypt .*'),
+ ],
+ # Encrypted keys are not supported so far.
+ # pylint: disable=line-too-long
+ 'test_suite_pkparse': [
+ 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)',
+ 'Key ASN1 (Encrypted key PKCS5, trailing garbage data)',
+ re.compile(r'Parse RSA Key .*\(PKCS#8 encrypted .*\)'),
+ ],
+ }
+ }
+ },
'analyze_driver_vs_reference_ecp_light_only': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_config_reference_ecc_ecp_light_only',
'component_driver': 'test_psa_crypto_config_accel_ecc_ecp_light_only',
'ignored_suites': [
- 'ecdsa',
- 'ecdh',
- 'ecjpake',
+ # Modules replaced by drivers
+ 'ecdsa', 'ecdh', 'ecjpake',
],
'ignored_tests': {
+ # This test wants a legacy function that takes f_rng, p_rng
+ # arguments, and uses legacy ECDSA for that. The test is
+ # really about the wrapper around the PSA RNG, not ECDSA.
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
@@ -232,49 +307,14 @@
# so we must ignore disparities in the tests for which ECP_C
# is required.
'test_suite_ecp': [
- 'ECP check public-private #1 (OK)',
- 'ECP check public-private #2 (group none)',
- 'ECP check public-private #3 (group mismatch)',
- 'ECP check public-private #4 (Qx mismatch)',
- 'ECP check public-private #5 (Qy mismatch)',
- 'ECP check public-private #6 (wrong Qx)',
- 'ECP check public-private #7 (wrong Qy)',
- 'ECP gen keypair [#1]',
- 'ECP gen keypair [#2]',
- 'ECP gen keypair [#3]',
- 'ECP gen keypair wrapper',
- 'ECP point muladd secp256r1 #1',
- 'ECP point muladd secp256r1 #2',
- 'ECP point multiplication Curve25519 (element of order 2: origin) #3',
- 'ECP point multiplication Curve25519 (element of order 4: 1) #4',
- 'ECP point multiplication Curve25519 (element of order 8) #5',
- 'ECP point multiplication Curve25519 (normalized) #1',
- 'ECP point multiplication Curve25519 (not normalized) #2',
- 'ECP point multiplication rng fail Curve25519',
- 'ECP point multiplication rng fail secp256r1',
- 'ECP test vectors Curve25519',
- 'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)',
- 'ECP test vectors brainpoolP256r1 rfc 7027',
- 'ECP test vectors brainpoolP384r1 rfc 7027',
- 'ECP test vectors brainpoolP512r1 rfc 7027',
- 'ECP test vectors secp192k1',
- 'ECP test vectors secp192r1 rfc 5114',
- 'ECP test vectors secp224k1',
- 'ECP test vectors secp224r1 rfc 5114',
- 'ECP test vectors secp256k1',
- 'ECP test vectors secp256r1 rfc 5114',
- 'ECP test vectors secp384r1 rfc 5114',
- 'ECP test vectors secp521r1 rfc 5114',
- ],
- 'test_suite_psa_crypto': [
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
+ re.compile(r'ECP check public-private .*'),
+ re.compile(r'ECP gen keypair .*'),
+ re.compile(r'ECP point muladd .*'),
+ re.compile(r'ECP point multiplication .*'),
+ re.compile(r'ECP test vectors .*'),
],
'test_suite_ssl': [
+ # This deprecated function is only present when ECP_C is On.
'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()',
],
}
@@ -286,32 +326,14 @@
'component_ref': 'test_psa_crypto_config_reference_ecc_no_ecp_at_all',
'component_driver': 'test_psa_crypto_config_accel_ecc_no_ecp_at_all',
'ignored_suites': [
- # Ignore test suites for the modules that are disabled in the
- # accelerated test case.
- 'ecp',
- 'ecdsa',
- 'ecdh',
- 'ecjpake',
+ # Modules replaced by drivers
+ 'ecp', 'ecdsa', 'ecdh', 'ecjpake',
],
'ignored_tests': {
+ # See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
- 'test_suite_psa_crypto': [
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
- 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
- ],
'test_suite_pkparse': [
# When PK_PARSE_C and ECP_C are defined then PK_PARSE_EC_COMPRESSED
# is automatically enabled in build_info.h (backward compatibility)
@@ -319,23 +341,10 @@
# consequence compressed points are supported in the reference
# component but not in the accelerated one, so they should be skipped
# while checking driver's coverage.
- 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
- 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
- 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
- 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
- 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
- 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
- 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
- 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
- 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
- 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
- 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
- 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
- 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
- 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
- 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
- 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
+ re.compile(r'Parse EC Key .*compressed\)'),
+ re.compile(r'Parse Public EC Key .*compressed\)'),
],
+ # See ecp_light_only
'test_suite_ssl': [
'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()',
],
@@ -348,90 +357,31 @@
'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum',
'component_driver': 'test_psa_crypto_config_accel_ecc_no_bignum',
'ignored_suites': [
- # Ignore test suites for the modules that are disabled in the
- # accelerated test case.
- 'ecp',
- 'ecdsa',
- 'ecdh',
- 'ecjpake',
- 'bignum_core',
- 'bignum_random',
- 'bignum_mod',
- 'bignum_mod_raw',
- 'bignum.generated',
- 'bignum.misc',
+ # Modules replaced by drivers
+ 'ecp', 'ecdsa', 'ecdh', 'ecjpake',
+ 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
+ 'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
+ # See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
- 'test_suite_psa_crypto': [
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
- 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
- ],
+ # See no_ecp_at_all
'test_suite_pkparse': [
- # See the description provided above in the
- # analyze_driver_vs_reference_no_ecp_at_all component.
- 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
- 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
- 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
- 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
- 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
- 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
- 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
- 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
- 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
- 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
- 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
- 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
- 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
- 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
- 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
- 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
+ re.compile(r'Parse EC Key .*compressed\)'),
+ re.compile(r'Parse Public EC Key .*compressed\)'),
],
'test_suite_asn1parse': [
- # This test depends on BIGNUM_C
'INTEGER too large for mpi',
],
'test_suite_asn1write': [
- # Following tests depends on BIGNUM_C
- 'ASN.1 Write mpi 0 (1 limb)',
- 'ASN.1 Write mpi 0 (null)',
- 'ASN.1 Write mpi 0x100',
- 'ASN.1 Write mpi 0x7f',
- 'ASN.1 Write mpi 0x7f with leading 0 limb',
- 'ASN.1 Write mpi 0x80',
- 'ASN.1 Write mpi 0x80 with leading 0 limb',
- 'ASN.1 Write mpi 0xff',
- 'ASN.1 Write mpi 1',
- 'ASN.1 Write mpi, 127*8 bits',
- 'ASN.1 Write mpi, 127*8+1 bits',
- 'ASN.1 Write mpi, 127*8-1 bits',
- 'ASN.1 Write mpi, 255*8 bits',
- 'ASN.1 Write mpi, 255*8-1 bits',
- 'ASN.1 Write mpi, 256*8-1 bits',
+ re.compile(r'ASN.1 Write mpi.*'),
],
'test_suite_debug': [
- # Following tests depends on BIGNUM_C
- 'Debug print mbedtls_mpi #2: 3 bits',
- 'Debug print mbedtls_mpi: 0 (empty representation)',
- 'Debug print mbedtls_mpi: 0 (non-empty representation)',
- 'Debug print mbedtls_mpi: 49 bits',
- 'Debug print mbedtls_mpi: 759 bits',
- 'Debug print mbedtls_mpi: 764 bits #1',
- 'Debug print mbedtls_mpi: 764 bits #2',
+ re.compile(r'Debug print mbedtls_mpi.*'),
],
+ # See ecp_light_only
'test_suite_ssl': [
'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()',
],
@@ -444,91 +394,31 @@
'component_ref': 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum',
'component_driver': 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum',
'ignored_suites': [
- # Ignore test suites for the modules that are disabled in the
- # accelerated test case.
- 'ecp',
- 'ecdsa',
- 'ecdh',
- 'ecjpake',
- 'bignum_core',
- 'bignum_random',
- 'bignum_mod',
- 'bignum_mod_raw',
- 'bignum.generated',
- 'bignum.misc',
- 'dhm',
+ # Modules replaced by drivers
+ 'ecp', 'ecdsa', 'ecdh', 'ecjpake', 'dhm',
+ 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
+ 'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
+ # See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
- 'test_suite_psa_crypto': [
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1',
- 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
- ],
+ # See no_ecp_at_all
'test_suite_pkparse': [
- # See the description provided above in the
- # analyze_driver_vs_reference_no_ecp_at_all component.
- 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)',
- 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)',
- 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)',
- 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)',
- 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)',
- 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)',
- 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)',
- 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)',
- 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)',
- 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)',
- 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)',
- 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)',
- 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)',
- 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)',
- 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)',
- 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)',
+ re.compile(r'Parse EC Key .*compressed\)'),
+ re.compile(r'Parse Public EC Key .*compressed\)'),
],
'test_suite_asn1parse': [
- # This test depends on BIGNUM_C
'INTEGER too large for mpi',
],
'test_suite_asn1write': [
- # Following tests depends on BIGNUM_C
- 'ASN.1 Write mpi 0 (1 limb)',
- 'ASN.1 Write mpi 0 (null)',
- 'ASN.1 Write mpi 0x100',
- 'ASN.1 Write mpi 0x7f',
- 'ASN.1 Write mpi 0x7f with leading 0 limb',
- 'ASN.1 Write mpi 0x80',
- 'ASN.1 Write mpi 0x80 with leading 0 limb',
- 'ASN.1 Write mpi 0xff',
- 'ASN.1 Write mpi 1',
- 'ASN.1 Write mpi, 127*8 bits',
- 'ASN.1 Write mpi, 127*8+1 bits',
- 'ASN.1 Write mpi, 127*8-1 bits',
- 'ASN.1 Write mpi, 255*8 bits',
- 'ASN.1 Write mpi, 255*8-1 bits',
- 'ASN.1 Write mpi, 256*8-1 bits',
+ re.compile(r'ASN.1 Write mpi.*'),
],
'test_suite_debug': [
- # Following tests depends on BIGNUM_C
- 'Debug print mbedtls_mpi #2: 3 bits',
- 'Debug print mbedtls_mpi: 0 (empty representation)',
- 'Debug print mbedtls_mpi: 0 (non-empty representation)',
- 'Debug print mbedtls_mpi: 49 bits',
- 'Debug print mbedtls_mpi: 759 bits',
- 'Debug print mbedtls_mpi: 764 bits #1',
- 'Debug print mbedtls_mpi: 764 bits #2',
+ re.compile(r'Debug print mbedtls_mpi.*'),
],
+ # See ecp_light_only
'test_suite_ssl': [
'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()',
],
@@ -550,73 +440,17 @@
'component_ref': 'test_tfm_config',
'component_driver': 'test_tfm_config_p256m_driver_accel_ec',
'ignored_suites': [
- # Ignore test suites for the modules that are disabled in the
- # accelerated test case.
- 'asn1parse',
- 'asn1write',
- 'ecp',
- 'ecdsa',
- 'ecdh',
- 'ecjpake',
- 'bignum_core',
- 'bignum_random',
- 'bignum_mod',
- 'bignum_mod_raw',
- 'bignum.generated',
- 'bignum.misc',
+ # Modules replaced by drivers
+ 'asn1parse', 'asn1write',
+ 'ecp', 'ecdsa', 'ecdh', 'ecjpake',
+ 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
+ 'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
- # Ignore all tests that require DERIVE support which is disabled
- # in the driver version
- 'test_suite_psa_crypto': [
- 'PSA key agreement setup: ECDH + HKDF-SHA-256: good',
- ('PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader '
- 'than required'),
- 'PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve',
- 'PSA key agreement setup: KDF instead of a key agreement algorithm',
- 'PSA key agreement setup: bad key agreement algorithm',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32',
- 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0',
- 'PSA key derivation: ECDH on P256 with HKDF-SHA256, info first',
- 'PSA key derivation: ECDH on P256 with HKDF-SHA256, key output',
- 'PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info',
- 'PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt',
- 'PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output',
- 'PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret',
- 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case',
- 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label',
- 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret',
- 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)',
- 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA',
- 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 0+48, ka',
- 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 24+24, ka',
- 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 48+0, ka',
- 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #1, ka',
- 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #3, ka',
- 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #4, ka',
- 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)',
- 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)',
- 'PSA raw key agreement: ECDH SECP256R1 (RFC 5903)',
- ],
+ # See ecp_light_only
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
- 'test_suite_psa_crypto_pake': [
- 'PSA PAKE: ecjpake size macros',
- ],
}
}
}
@@ -654,7 +488,7 @@
tasks_list = re.split(r'[, ]+', options.specified_tasks)
for task in tasks_list:
if task not in KNOWN_TASKS:
- sys.stderr.write('invalid task: {}'.format(task))
+ sys.stderr.write('invalid task: {}\n'.format(task))
sys.exit(2)
KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage