Add test for building without CTR_DRBG
People who prefer to rely on HMAC_DRBG (for example because they use it for
deterministic ECDSA and don't want a second DRBG for code size reasons) should
be able to build and run the tests suites without CTR_DRBG.
Ideally we should make sure the level of testing (SSL) is the same regardless
of which DRBG modules is enabled, but that's a more significant piece of work.
For now, just ensure everything builds and `make test` passes.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 5ea1c35..cbafe1d 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -819,6 +819,24 @@
if_build_succeeded tests/context-info.sh
}
+component_test_no_ctr_drbg () {
+ msg "build: Full minus CTR_DRBG"
+ scripts/config.py full
+ scripts/config.py unset MBEDTLS_CTR_DRBG_C
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C # requires PSA Crypto
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO # requires PSA Crypto
+
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: no CTR_DRBG"
+ make test
+
+ # no SSL tests as they all depend on CTR_DRBG so far
+}
+
component_test_new_ecdh_context () {
msg "build: new ECDH context (ASan build)" # ~ 6 min
scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT