test: add component testing TFM configuration and P256M driver
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 2afc181..55ce05c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2780,6 +2780,77 @@
#tests/ssl-opt.sh
}
+component_test_tfm_config_p256m_driver_accel_ec () {
+ msg "build: TFM config + p256m driver + accel ECDH(E)/ECDSA"
+
+ # Replace "mbedtls_config.h" and "cypto_config.h" with TFM ones
+ cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
+ cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+
+ # Create a fake "mbedtls_entropy_nv_seed_config.h" which is required by
+ # the TFM configuration. It will be deleted on exit.
+ touch "include/mbedtls/mbedtls_entropy_nv_seed_config.h"
+
+ # Disable all the features that auto-enable ECP_LIGHT (see build_info.h)
+ scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
+
+ # Unset PSA_CRYPTO_SPM because test and sample programs aren't equipped
+ # for the modified names used when MBEDTLS_PSA_CRYPTO_SPM is active.
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_SPM
+ # Use our implementation of AES
+ scripts/config.py unset MBEDTLS_AES_DECRYPT_ALT
+ scripts/config.py unset MBEDTLS_AES_SETKEY_DEC_ALT
+ # Configure entropy support
+ scripts/config.py unset MBEDTLS_NO_PLATFORM_ENTROPY
+ scripts/config.py set MBEDTLS_ENTROPY_NV_SEED
+ # Enable crypto storage
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+ # Set the list of accelerated components in order to remove them from
+ # builtin support. We don't set IMPORT and EXPORT because P256M does not
+ # support these operations.
+ loc_accel_list="ALG_ECDSA \
+ ALG_ECDH \
+ KEY_TYPE_ECC_KEY_PAIR_BASIC \
+ KEY_TYPE_ECC_KEY_PAIR_GENERATE \
+ KEY_TYPE_ECC_PUBLIC_KEY"
+ loc_accel_flags="$( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ # Add missing symbols from "tfm_mbedcrypto_config_profile_medium.h". All of
+ # them fix missing items:
+ # - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS
+ # - FS_IO for the plaform + entropy modules
+ # - ECP_C and BIGNUM because P256M does not have support for import and export
+ # of keys so we need the builtin support for that
+ # - ASN1_[PARSE/WRITE]_C and OID_C found by check_config.h
+ cflags="-DMBEDTLS_USE_PSA_CRYPTO \
+ -DMBEDTLS_ASN1_PARSE_C \
+ -DMBEDTLS_ASN1_WRITE_C \
+ -DMBEDTLS_OID_C \
+ -DMBEDTLS_FS_IO \
+ -DMBEDTLS_ECP_C \
+ -DMBEDTLS_BIGNUM_C \
+ -DMBEDTLS_PSA_ITS_FILE_C"
+ # Build crypto library specifying we want to use P256M code for EC operations
+ make CFLAGS="$cflags $loc_accel_flags -DMBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED -O0 -g"
+
+ # Make sure any built-in EC alg was not re-enabled by accident (additive config)
+ #not grep mbedtls_ecdsa_ library/ecdsa.o # this is needed for deterministic ECDSA
+ not grep mbedtls_ecdh_ library/ecdh.o
+ not grep mbedtls_ecjpake_ library/ecjpake.o
+ # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled
+ #not grep mbedtls_ecp_ library/ecp.o # this is needed for import/export EC keys (explained above)
+ not grep mbedtls_rsa_ library/rsa.o
+ not grep mbedtls_dhm_ library/dhm.o
+ #not grep mbedtls_mpi_ library/bignum.o # this is needed from ECP module
+
+ # Run the tests
+ msg "test: TFM config + p256m driver + accel ECDH(E)/ECDSA"
+ make test
+
+ # Remove unnecessary files generated for the test
+ rm "include/mbedtls/mbedtls_entropy_nv_seed_config.h"
+}
+
# Helper function used in:
# - component_test_psa_crypto_config_accel_all_curves_except_p192
# - component_test_psa_crypto_config_accel_all_curves_except_x25519