Define (private) "light" subset of ECP #7410
Conversation
valeriosetti
added
enhancement
needs-review
|
|
Related: #6839 (comment) - initially I was thinking fully internal as it would be a temporary thing until we complete the 2c EPIC, but now I see reasons for keeping it beyond that. |
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Changes in test_suite_psa_crypto are to enforce the dependency on ECP_C which is mandatory for some key's derivation. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
…uild time Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Only some test cases are skipped for which ECP_C is mandatory, but the other ones are included. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
But that's not really the case now, is it? The only case where For |
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
valeriosetti
force-pushed
the
issue7390
branch
2 times, most recently
from
32c56e5
to
4e1d32e
Compare
| #if defined(MBEDTLS_ECP_C) | ||
| static unsigned long add_count, dbl_count; | ||
| #endif /* MBEDTLS_ECP_C */ | ||
| static unsigned long mul_count; | ||
| #endif |
There was a problem hiding this comment.
/* MBEDTLS_ECP_LIGHT */
| make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" | ||
| loc_symbols="-DPSA_CRYPTO_DRIVER_TEST \ | ||
| -DMBEDTLS_TEST_LIBTESTDRIVER1 \ | ||
| -DMBEDTLS_ECP_LIGHT" |
There was a problem hiding this comment.
Why is this passed as a CFLAGS option, not in the config file?
There was a problem hiding this comment.
Because we want to keep it private (mostly because it doesn't have well-defined semantics), so it can't appear in the config file.
Passing it in the CFLAGS is a temporary situation, though: in the future it will be auto-enabled based on options that need it, but we're going step by step.
| @@ -211,6 +210,44 @@ def do_analyze_driver_vs_reference(outcome_file, args): | |||
| 'test_suite_random': [ | |||
| 'PSA classic wrapper: ECDSA signature (SECP256R1)', | |||
| ], | |||
| # In the accelerated test ECP_C is not set (only ECP_LIGHT is) | |||
There was a problem hiding this comment.
Why can't we also only enable ECP_LIGHT in component_test_psa_crypto_config_reference_all_ec_algs_use_psa instead?
There was a problem hiding this comment.
For the same reason we're not disabling ECDSA_C in the reference component: we want the feature set of ECC-using modules (PK, X.509, TLS) with ECP_LIGHT && !ECP_C to be as close as possible to the feature set with ECP_C. That's why we're keeping ECP_C enabled in the component, and have an ignore list for test_suite_ecp. This is similar to how we have ECDSA_C in the reference but ignore the whole test_suite_ecdsa - except here we don't ignore the whole test_suite_ecp, just part of it.
| @@ -5360,7 +5360,6 @@ run_test "Authentication: server goodcert, client required, no trusted CA" \ | |||
| # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a | |||
| # different means to have the server ignoring the client's supported curve list. | |||
|
|
|||
There was a problem hiding this comment.
Shouldn't we require ECP_LIGHT here and below instead?
There was a problem hiding this comment.
Good question. I don't think we should require ECP_LIGHT here: we already auto-detect based on using server5 that ECDSA support is required. Now perhaps we need to reflect somewhere that PK only has support for ECDSA when ECP_LIGHT is present. Let me check.
There was a problem hiding this comment.
Ok, I checked and I think there are multiple sides to this:
- Definition of
MBEDTLS_PK_CAN_ECDSA_xxxmacros inpk.h. - Definition of
MBEDTLS_PK_HAVE_ECDSAhelper macro incheck_config.h. - Definition of
requires_pk_alg()inssl-opt.sh.
None of them are fully correct right now - that is, neither in this PR nor in development. Before this PR, in the USE_PSA case, we should require ECP_C in addition to PSA_WANT_ALG_ECDSA because without it, PK doesn't support ECC keys; after this PR it should be ECP_LIGHT.
Though since we don't want to make ECP_LIGHT public, again what we should do it not require it, but instead auto-enable it when needed, so for example PK_C && USE_PSA && PSA_WANT_ALG_ECDSA would auto-enable ECP_LIGHT and then I think all three of the above definitions would become correct.
AndrzejKurek
added
approved
The goal of this PR is to create a new symbol named
MBEDTLS_ECP_LIGHTwhich can be used in conjunction withMBEDTLS_ECP_Cto exclude some code from theecpmodule at build time.It basically works like this:
MBEDTLS_ECP_LIGHTonly -->ecpmodule is built without its internal arithmetic functionsMBEDTLS_ECP_LIGHT+MBEDTLS_ECP_C-->ecpmodule is built entirely as it has been until nowThis PR mimics the idea recently introduced by the
MBEDTLS_MD_LIGHTsymbol.Depends on #7393Resolves #7390
Gatekeeper checklist