alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 20:56:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

ci: Enable custom certificate bundle test for ESP32-S3

Browse Source 
- Increase leakage limit for `test performance RSA key operations`
  UT by 64 bytes
This commit is contained in:
Laukik Hase 2022-06-20 10:40:10 +05:30
parent e114850dda
commit 9e2369cb79
No known key found for this signature in database
GPG Key ID: 11C571361F51A199
2 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
components/mbedtls/test/test_esp_crt_bundle.c
View File

@ -83,9 +83,6 @@ typedef enum {
int esp_crt_verify_callback(void *buf, mbedtls_x509_crt *crt, int data, uint32_t *flags);
#if !TEMPORARY_DISABLED_FOR_TARGETS(ESP32S3)
// TODO ESP32-S3 IDF-1878
static const char *TAG = "cert_bundle_test";
static volatile bool exit_flag;
@ -298,6 +295,12 @@ int client_task(const uint8_t *bundle, size_t bundle_size, esp_crt_validate_res_
*res = (ret == 0) ? ESP_CRT_VALIDATE_OK : ESP_CRT_VALIDATE_FAIL;
if (*res == ESP_CRT_VALIDATE_OK) {
ESP_LOGI(TAG, "Certificate verification passed!");
} else {
ESP_LOGE(TAG, "Certificate verification failed!");
}
// Reset session before new connection
mbedtls_ssl_close_notify(&client.ssl);
@ -349,8 +352,6 @@ TEST_CASE("custom certificate bundle", "[mbedtls]")
vSemaphoreDelete(signal_sem);
}
#endif //!TEMPORARY_DISABLED_FOR_TARGETS(ESP32S3)
TEST_CASE("custom certificate bundle - weak hash", "[mbedtls]")
{
/* A weak signature hash on the trusted certificate should not stop

13
components/mbedtls/test/test_rsa.c
View File

@ -415,7 +415,18 @@ static void print_rsa_details(mbedtls_rsa_context *rsa)
}
#endif
TEST_CASE("test performance RSA key operations", "[bignum]")
/** NOTE:
* For ESP32-S3, CONFIG_ESP_CONSOLE_SECONDARY_USB_SERIAL_JTAG is enabled
* by default; allocating a lock of 92 bytes, which is never freed.
*
* MR !18574 adds the MPI crypto lock for S3 increasing the leakage by
* 92 bytes. This caused the RSA UT to fail with a leakage more than
* 1024 bytes.
*
* The allocations made by ESP32-S2 (944 bytes) and ESP32-S3 are the same,
* except for the JTAG lock (92 + 944 > 1024).
*/
TEST_CASE("test performance RSA key operations", "[bignum][leaks=1088]")
{
for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) {
rsa_key_operations(keysize, true, false, false);