Move Mbed TLS self tests to a separate configuration

LDong-Arm · LDong-Arm · commit 49163f0f3373 · 2021-06-15T10:50:14.000+01:00
We potentially save flash space by not enabling Mbed TLS self-tests
by default. A new test config file, TESTS/configs/mbedtls.json, is
provided to enable self tests. This newly created JSON file also
enables timing in Mbed TLS so timing gets tested.
diff --git a/TESTS/configs/mbedtls.json b/TESTS/configs/mbedtls.json
@@ -0,0 +1,7 @@
+{
+    "macros": [
+        "MBEDTLS_SELF_TEST",
+        "MBEDTLS_TIMING_C",
+        "MBEDTLS_TIMING_ALT"
+    ]
+}
diff --git a/connectivity/mbedtls/include/mbedtls/config-no-entropy.h b/connectivity/mbedtls/include/mbedtls/config-no-entropy.h
@@ -48,7 +48,7 @@
 #define MBEDTLS_PK_RSA_ALT_SUPPORT
 #define MBEDTLS_PKCS1_V15
 #define MBEDTLS_PKCS1_V21
-#define MBEDTLS_SELF_TEST
+//#define MBEDTLS_SELF_TEST
 #define MBEDTLS_VERSION_FEATURES
 #define MBEDTLS_X509_CHECK_KEY_USAGE
 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
diff --git a/connectivity/mbedtls/include/mbedtls/config.h b/connectivity/mbedtls/include/mbedtls/config.h
@@ -1396,7 +1396,7 @@
  *
  * Enable the checkup functions (*_self_test).
  */
-#define MBEDTLS_SELF_TEST
+//#define MBEDTLS_SELF_TEST
 
 /**
  * \def MBEDTLS_SHA256_SMALLER
diff --git a/connectivity/mbedtls/tests/TESTS/mbedtls/selftest/main.cpp b/connectivity/mbedtls/tests/TESTS/mbedtls/selftest/main.cpp
@@ -31,6 +31,10 @@ using namespace utest::v1;
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#if !defined(MBEDTLS_SELF_TEST)
+#error [NOT_SUPPORTED] MBEDTLS_SELF_TEST undefined
+#endif
+
 #include "mbedtls/sha256.h"
 #include "mbedtls/sha512.h"
 #include "mbedtls/entropy.h"
diff --git a/connectivity/mbedtls/tools/importer/adjust-config.sh b/connectivity/mbedtls/tools/importer/adjust-config.sh
@@ -117,6 +117,9 @@ conf unset MBEDTLS_SSL_TRUNCATED_HMAC
 
 conf unset MBEDTLS_PLATFORM_TIME_TYPE_MACRO
 
+# potentially save flash space by not enabling self-tests by default
+conf unset MBEDTLS_SELF_TEST
+
 # The default size of MBEDTLS_MPI_MAX_SIZE is 1024 bytes.
 # In some cases, this value is set to stack buffers.
 # Reduce the maximal MBEDTLS_MPI_MAX_SIZE to 512 bytes,
diff --git a/connectivity/mbedtls/tools/importer/adjust-no-entropy-config.sh b/connectivity/mbedtls/tools/importer/adjust-no-entropy-config.sh
@@ -37,3 +37,6 @@ add_code() {
 
 conf set MBEDTLS_CMAC_C
 conf unset MBEDTLS_CIPHER_MODE_XTS
+
+# potentially save flash space by not enabling self-tests by default
+conf unset MBEDTLS_SELF_TEST

Original file line number	Diff line number	Diff line change
`@@ -1396,7 +1396,7 @@`
`1396`	`1396`	`*`
`1397`	`1397`	`* Enable the checkup functions (*_self_test).`
`1398`	`1398`	`*/`
`1399`		`-#define MBEDTLS_SELF_TEST`
	`1399`	`+//#define MBEDTLS_SELF_TEST`
`1400`	`1400`
`1401`	`1401`	`/**`
`1402`	`1402`	`* \def MBEDTLS_SHA256_SMALLER`