ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Move Mbed TLS self tests to a separate configuration 

We potentially save flash space by not enabling Mbed TLS self-tests
by default. A new test config file, TESTS/configs/mbedtls.json, is
provided to enable self tests. This newly created JSON file also
enables timing in Mbed TLS so timing gets tested.
pull/14772/head
Lingkai Dong 2021-06-14 16:25:00 +01:00
parent d6f825ebf0
commit 49163f0f33
6 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
TESTS/configs/mbedtls.json Normal file
View File

@ -0,0 +1,7 @@
{
"macros": [
"MBEDTLS_SELF_TEST",
"MBEDTLS_TIMING_C",
"MBEDTLS_TIMING_ALT"
]
}

2
connectivity/mbedtls/include/mbedtls/config-no-entropy.h
View File

@ -48,7 +48,7 @@
#define MBEDTLS_PK_RSA_ALT_SUPPORT #define MBEDTLS_PK_RSA_ALT_SUPPORT
#define MBEDTLS_PKCS1_V15 #define MBEDTLS_PKCS1_V15
#define MBEDTLS_PKCS1_V21 #define MBEDTLS_PKCS1_V21
#define MBEDTLS_SELF_TEST //#define MBEDTLS_SELF_TEST
#define MBEDTLS_VERSION_FEATURES #define MBEDTLS_VERSION_FEATURES
#define MBEDTLS_X509_CHECK_KEY_USAGE #define MBEDTLS_X509_CHECK_KEY_USAGE
#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE

2
connectivity/mbedtls/include/mbedtls/config.h
View File

@ -1396,7 +1396,7 @@
* *
* Enable the checkup functions (*_self_test). * Enable the checkup functions (*_self_test).
*/ */
#define MBEDTLS_SELF_TEST //#define MBEDTLS_SELF_TEST
/** /**
* \def MBEDTLS_SHA256_SMALLER * \def MBEDTLS_SHA256_SMALLER

4
connectivity/mbedtls/tests/TESTS/mbedtls/selftest/main.cpp
View File

@ -31,6 +31,10 @@ using namespace utest::v1;
#include MBEDTLS_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if !defined(MBEDTLS_SELF_TEST)
#error [NOT_SUPPORTED] MBEDTLS_SELF_TEST undefined
#endif
#include "mbedtls/sha256.h" #include "mbedtls/sha256.h"
#include "mbedtls/sha512.h" #include "mbedtls/sha512.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"

3
connectivity/mbedtls/tools/importer/adjust-config.sh
View File

@ -117,6 +117,9 @@ conf unset MBEDTLS_SSL_TRUNCATED_HMAC
conf unset MBEDTLS_PLATFORM_TIME_TYPE_MACRO conf unset MBEDTLS_PLATFORM_TIME_TYPE_MACRO
# potentially save flash space by not enabling self-tests by default
conf unset MBEDTLS_SELF_TEST
# The default size of MBEDTLS_MPI_MAX_SIZE is 1024 bytes. # The default size of MBEDTLS_MPI_MAX_SIZE is 1024 bytes.
# In some cases, this value is set to stack buffers. # In some cases, this value is set to stack buffers.
# Reduce the maximal MBEDTLS_MPI_MAX_SIZE to 512 bytes, # Reduce the maximal MBEDTLS_MPI_MAX_SIZE to 512 bytes,

3
connectivity/mbedtls/tools/importer/adjust-no-entropy-config.sh
View File

@ -37,3 +37,6 @@ add_code() {
conf set MBEDTLS_CMAC_C conf set MBEDTLS_CMAC_C
conf unset MBEDTLS_CIPHER_MODE_XTS conf unset MBEDTLS_CIPHER_MODE_XTS
# potentially save flash space by not enabling self-tests by default
conf unset MBEDTLS_SELF_TEST