From d3beca9e38637a6b3f395c476789eaa60997fd4d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Jul 2020 00:15:37 +0200 Subject: [PATCH] Test Everest with only Curve25519 enabled tests/scripts/curves.pl tests the library with a single curve enabled. This uses the legacy ECDH context and the default ECDH implementation. For Curve25519, there is an alternative implementation, which is Everest. Test this. This also tests the new ECDH context, which Everest requires. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ec61d1962..558016d04 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1001,6 +1001,25 @@ component_test_everest () { if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4' } +component_test_everest_curve25519_only () { + msg "build: Everest ECDH context, only Curve25519" # ~ 6 min + scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT + scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + # Disable all curves + for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do + scripts/config.py unset "$c" + done + scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED + + make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + + msg "test: Everest ECDH context, only Curve25519" # ~ 50s + make test +} + component_test_small_ssl_out_content_len () { msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384