removed additional references to USE_PSA in tests and comments
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 36bde20..201a788 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -9443,15 +9443,10 @@
-C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
-C "mbedtls_pk_sign.*\(4b00\|-248\)"
-# As part of resolving https://github.com/Mbed-TLS/mbedtls/issues/7294,
-# we will remove the "(USE_PSA)" test cases and run the "(no USE_PSA)" test
-# cases.
-
-# With USE_PSA disabled we expect full restartable behaviour.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled PSA_WANT_ECC_SECP_R1_256
skip_next_test
-run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \
+run_test "EC restart: TLS, max_ops=1000" \
"$P_SRV groups=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
@@ -9462,11 +9457,9 @@
-c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
-c "mbedtls_pk_sign.*\(4b00\|-248\)"
-# With USE_PSA enabled we expect only partial restartable behaviour:
-# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
-requires_config_enabled PSA_WANT_ECC_SECP_R1_256
-run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+run_test "EC restart: TLS, max_ops=1000" \
"$P_SRV groups=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
@@ -9477,8 +9470,7 @@
-C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
-c "mbedtls_pk_sign.*\(4b00\|-248\)"
-# This works the same with & without USE_PSA as we never get to ECDH:
-# we abort as soon as we determined the cert is bad.
+# We abort as soon as we determined the cert is bad.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled PSA_WANT_ECC_SECP_R1_256
run_test "EC restart: TLS, max_ops=1000, badsign" \
@@ -9497,11 +9489,10 @@
-c "! mbedtls_ssl_handshake returned" \
-c "X509 - Certificate verification failed"
-# With USE_PSA disabled we expect full restartable behaviour.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled PSA_WANT_ECC_SECP_R1_256
skip_next_test
-run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_PSA)" \
+run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
"$P_SRV groups=secp256r1 auth_mode=required \
crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
@@ -9517,11 +9508,11 @@
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
-# With USE_PSA enabled we expect only partial restartable behaviour:
+# We expect only partial restartable behaviour:
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
-requires_config_enabled PSA_WANT_ECC_SECP_R1_256
-run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA)" \
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
"$P_SRV groups=secp256r1 auth_mode=required \
crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
@@ -9537,11 +9528,10 @@
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
-# With USE_PSA disabled we expect full restartable behaviour.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled PSA_WANT_ECC_SECP_R1_256
skip_next_test
-run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)" \
+run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
"$P_SRV groups=secp256r1 auth_mode=required \
crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
@@ -9557,11 +9547,11 @@
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
-# With USE_PSA enabled we expect only partial restartable behaviour:
+# We expect only partial restartable behaviour:
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
-requires_config_enabled PSA_WANT_ECC_SECP_R1_256
-run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
"$P_SRV groups=secp256r1 auth_mode=required \
crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
@@ -9577,11 +9567,10 @@
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
-# With USE_PSA disabled we expect full restartable behaviour.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled PSA_WANT_ECC_SECP_R1_256
skip_next_test
-run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \
+run_test "EC restart: DTLS, max_ops=1000" \
"$P_SRV groups=secp256r1 auth_mode=required dtls=1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
@@ -9592,11 +9581,11 @@
-c "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
-c "mbedtls_pk_sign.*\(4b00\|-248\)"
-# With USE_PSA enabled we expect only partial restartable behaviour:
+# We expect only partial restartable behaviour:
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
-requires_config_enabled PSA_WANT_ECC_SECP_R1_256
-run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+run_test "EC restart: DTLS, max_ops=1000" \
"$P_SRV groups=secp256r1 auth_mode=required dtls=1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \
@@ -9607,11 +9596,10 @@
-C "mbedtls_ecdh_make_public.*\(4b00\|-248\)" \
-c "mbedtls_pk_sign.*\(4b00\|-248\)"
-# With USE_PSA disabled we expect full restartable behaviour.
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
requires_config_enabled PSA_WANT_ECC_SECP_R1_256
skip_next_test
-run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \
+run_test "EC restart: TLS, max_ops=1000 no client auth" \
"$P_SRV groups=secp256r1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
debug_level=1 ec_max_ops=1000" \
@@ -9622,11 +9610,11 @@
-C "mbedtls_pk_sign.*\(4b00\|-248\)"
-# With USE_PSA enabled we expect only partial restartable behaviour:
+# We expect only partial restartable behaviour:
# everything except ECDH (where TLS calls PSA directly).
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
-requires_config_enabled PSA_WANT_ECC_SECP_R1_256
-run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
+run_test "EC restart: TLS, max_ops=1000 no client auth" \
"$P_SRV groups=secp256r1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
debug_level=1 ec_max_ops=1000" \