test: Add an MbedTLS vs TinyCrypt comparison on secp256r1

Add a simple test to compare the footprint of MbedTLS vs
TinyCrypt for the secp256r1 curve. On the MbedTLS side
the test uses the P256M driver developed by the MbedTLS
team. This is an optimized implementation which targets
the secp256r1 curve.

The example itself is pretty easy:
- generate 2 EC keys
- perform key agreement

Signed-off-by: Valerio Setti <vsetti@baylibre.com>

tests/crypto/secp256r1/CMakeLists.txt

@@ -0,0 +1,10 @@
+# Copyright (c) 2024 Nordic Semiconductor ASA
+# SPDX-License-Identifier: Apache-2.0
+
+
+cmake_minimum_required(VERSION 3.20.0)
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+project(mbedtls)
+
+FILE(GLOB app_sources src/*.c)
+target_sources(app PRIVATE ${app_sources})

tests/crypto/secp256r1/mbedtls.conf

@@ -0,0 +1,15 @@
+CONFIG_MBEDTLS=y
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED=y
+
+CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC=y
+CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y
+CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT=y
+CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y
+CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE=y
+CONFIG_PSA_WANT_ECC_SECP_R1_256=y
+CONFIG_PSA_WANT_ALG_ECDH=y
+CONFIG_PSA_WANT_ALG_ECDSA=y
+
+CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
+CONFIG_ENTROPY_GENERATOR=y

tests/crypto/secp256r1/prj.conf

@@ -0,0 +1,2 @@
+CONFIG_ZTEST_STACK_SIZE=8192
+CONFIG_ZTEST=y

tests/crypto/secp256r1/src/main.c

@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2024 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/*
+ * Simple test to show support for secp256r1 curve with either MbedTLS and
+ * TinyCrypt. Operations are pretty simple:
+ * - generate 2 keys
+ * - perform key agreement.
+ * The idea is to provide a way to compare memory footprint for the very
+ * same kind of implemented feature between the 2 crypto libraries.
+ */
+
+#include <zephyr/ztest.h>
+
+#if defined(CONFIG_MBEDTLS)
+#include "psa/crypto.h"
+#else
+#include "zephyr/random/random.h"
+#include "tinycrypt/constants.h"
+#include "tinycrypt/ecc.h"
+#include "tinycrypt/ecc_dh.h"
+#endif
+
+#if defined(CONFIG_MBEDTLS)
+ZTEST_USER(test_fn, test_mbedtls)
+{
+	psa_status_t status;
+	psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
+	mbedtls_svc_key_id_t key_id_1 = MBEDTLS_SVC_KEY_ID_INIT;
+	mbedtls_svc_key_id_t key_id_2 = MBEDTLS_SVC_KEY_ID_INIT;
+	uint8_t public_key_2[65];
+	size_t public_key_2_len;
+	uint8_t secret[32];
+	size_t secret_len;
+
+	psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
+	psa_set_key_bits(&key_attr, 256);
+	psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE);
+	psa_set_key_algorithm(&key_attr, PSA_ALG_ECDH);
+
+	status = psa_generate_key(&key_attr, &key_id_1);
+	zassert_equal(status, PSA_SUCCESS, "Unable to generate 1st EC key (%d)", status);
+
+	status = psa_generate_key(&key_attr, &key_id_2);
+	zassert_equal(status, PSA_SUCCESS, "Unable to generate 1st EC key (%d)", status);
+
+	status = psa_export_public_key(key_id_2, public_key_2, sizeof(public_key_2),
+					&public_key_2_len);
+	zassert_equal(status, PSA_SUCCESS, "Unable to export public key (%d)", status);
+
+	status = psa_raw_key_agreement(PSA_ALG_ECDH, key_id_1, public_key_2, public_key_2_len,
+					secret, sizeof(secret), &secret_len);
+	zassert_equal(status, PSA_SUCCESS, "Unable to compute shared secret (%d)", status);
+}
+#else /* CONFIG_TINYCRYPT */
+ZTEST_USER(test_fn, test_tinycrypt)
+{
+	uint8_t public_key_1[64], public_key_2[64];
+	uint8_t private_key_1[32], private_key_2[32];
+	uint8_t secret[32];
+	int ret;
+
+	ret = uECC_make_key(public_key_1, private_key_1, &curve_secp256r1);
+	zassert_equal(ret, TC_CRYPTO_SUCCESS, "Unable to generate 1st EC key (%d)", ret);
+
+	ret = uECC_make_key(public_key_2, private_key_2, &curve_secp256r1);
+	zassert_equal(ret, TC_CRYPTO_SUCCESS, "Unable to generate 2nd EC key (%d)", ret);
+
+	ret = uECC_valid_public_key(public_key_2, &curve_secp256r1);
+	zassert_equal(ret, 0, "Invalid public key (%d)", ret);
+
+	ret = uECC_shared_secret(public_key_2, private_key_1, secret, &curve_secp256r1);
+	zassert_equal(ret, TC_CRYPTO_SUCCESS, "Unable to compute the shared secret (%d)", ret);
+}
+
+int default_CSPRNG(uint8_t *dst, unsigned int len)
+{
+	return (sys_csrand_get(dst, len) == 0);
+}
+#endif /* CONFIG_TINYCRYPT */
+
+ZTEST_SUITE(test_fn, NULL, NULL, NULL, NULL, NULL);

tests/crypto/secp256r1/testcase.yaml

@@ -0,0 +1,15 @@
+common:
+  filter: dt_chosen_enabled("zephyr,entropy") and
+          CONFIG_CSPRNG_ENABLED and
+          CONFIG_HARDWARE_DEVICE_CS_GENERATOR and
+          not CONFIG_BUILD_WITH_TFM and
+          not (CONFIG_MBEDTLS and CONFIG_TINYCRYPT)
+  tags:
+    - mbedtls
+    - tinycrypt
+    - p256-m
+tests:
+  crypto.secp256r1.mbedtls:
+    extra_args: OVERLAY_CONFIG=mbedtls.conf
+  crypto.secp256r1.tinycrypt:
+    extra_args: OVERLAY_CONFIG=tinycrypt.conf

tests/crypto/secp256r1/tinycrypt.conf

@@ -0,0 +1,5 @@
+CONFIG_TINYCRYPT=y
+CONFIG_TINYCRYPT_ECC_DH=y
+CONFIG_TINYCRYPT_ECC_DSA=y
+
+CONFIG_ENTROPY_GENERATOR=y