Add comparison of accel_ecdsa against reference
For now, ignore test suites that don't have parity even is they should.
The purpose is just to prepare the infrastructure and map the work.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c0c35a2..ff1efe7 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2013,6 +2013,25 @@
make test
}
+# Auxiliary function to build config for hashes with and without drivers
+config_psa_crypto_config_ecdsa_use_psa () {
+ DRIVER_ONLY="$1"
+ # start with config full for maximum coverage (also enables USE_PSA)
+ scripts/config.py full
+ # enable support for drivers and configuring PSA-only algorithms
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ if [ "$DRIVER_ONLY" -eq 1 ]; then
+ # Disable the module that's accelerated
+ scripts/config.py unset MBEDTLS_ECDSA_C
+ fi
+ # Disable things that depend on it
+ # TODO: make these work
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+}
+
+# Keep in sync with component_test_psa_crypto_config_reference_ecdsa_use_psa
component_test_psa_crypto_config_accel_ecdsa_use_psa () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
@@ -2037,17 +2056,8 @@
# Configure and build the test driver library
# -------------------------------------------
- # Start from full config (inc. USE_PSA + TLS 1.3) + driver support
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
-
- # Disable the module that's accelerated
- scripts/config.py unset MBEDTLS_ECDSA_C
-
- # Disable things that depend on it
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ # Use the same config as reference, only without built-in ECDSA
+ config_psa_crypto_config_ecdsa_use_psa 1
# Build the library
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
@@ -2061,6 +2071,28 @@
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
make test
+
+ # TODO: ssl-opt.sh (currently doesn't pass)
+ # TODO: is some subset of compat.sh needed?
+}
+
+# Keep in sync with component_test_psa_crypto_config_accel_ecdsa_use_psa.
+# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
+component_test_psa_crypto_config_reference_ecdsa_use_psa () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
+
+ # To be aligned with the accel component that needs this
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ config_psa_crypto_config_ecdsa_use_psa 0
+
+ make
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
+ make test
+
+ # TODO: ssl-opt.sh (when the accel component is ready)
}
component_test_psa_crypto_config_accel_ecdh () {
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index bb44396..b360431 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -138,15 +138,38 @@
TASKS = {
'analyze_coverage': {
'test_function': do_analyze_coverage,
- 'args': {}},
+ 'args': {}
+ },
+ # How to use analyze_driver_vs_reference_xxx locally:
+ # 1. tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
+ # 2. tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
'analyze_driver_vs_reference_hash': {
'test_function': do_analyze_driver_vs_reference,
'args': {
'component_ref': 'test_psa_crypto_config_reference_hash_use_psa',
'component_driver': 'test_psa_crypto_config_accel_hash_use_psa',
- 'ignored_suites': ['shax', 'mdx', # the software implementations that are being excluded
- 'md', # the legacy abstraction layer that's being excluded
- ]}}
+ 'ignored_suites': [
+ 'shax', 'mdx', # the software implementations that are being excluded
+ 'md', # the legacy abstraction layer that's being excluded
+ ]}},
+ 'analyze_driver_vs_reference_ecdsa': {
+ 'test_function': do_analyze_driver_vs_reference,
+ 'args': {
+ 'component_ref': 'test_psa_crypto_config_reference_ecdsa_use_psa',
+ 'component_driver': 'test_psa_crypto_config_accel_ecdsa_use_psa',
+ 'ignored_suites': [
+ 'ecdsa', # the software implementation that's excluded
+ # the following lines should not be needed,
+ # they will be removed by upcoming work
+ 'psa_crypto_se_driver_hal',
+ 'random',
+ 'ecp',
+ 'pk',
+ 'x509parse',
+ 'x509write',
+ 'debug',
+ 'ssl',
+ ]}},
}
def main():