1
0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-25 04:35:59 +08:00
Commit Graph

1115 Commits

Author SHA1 Message Date
Gilles Peskine
a686bf46f7 Merge pull request #5083 from mprse/issue_5065_2x
backport 2.x: backport only new test in all.sh from #5072
2021-10-18 17:51:53 +02:00
Przemyslaw Stekiel
7ce979a4f5 all.sh: tests/scripts/all.sh full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-18 11:47:32 +02:00
Przemyslaw Stekiel
d6ead7ca84 Address review comments
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-11 16:39:32 +02:00
Przemyslaw Stekiel
81be6e275c enerate_psa_tests.py fix format
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-08 15:40:16 +02:00
Przemyslaw Stekiel
330e460ef3 Addapt psa_generate_key() tests
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-10-08 12:56:45 +02:00
Gilles Peskine
85229acf04 Limit make parallelism to the number of CPUs
Don't default to unbridled -j, which causes a load spike and isn't really
faster.

"Number of CPUs" is implemented here as a reasonable compromise between
portability, correctness and simplicity. This is just a default that can be
overridden by setting MAKEFLAGS in the environment.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-06 17:21:57 +02:00
Gilles Peskine
f315d6a718 Merge pull request #4957 from gilles-peskine-arm/make-tests-v-2.2x
Backport 2.x: Facilitate reproducing unit tests from all.sh
2021-09-30 16:08:56 +02:00
Gilles Peskine
1c39975a27 Fix typo
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-28 10:13:45 +02:00
Gilles Peskine
ee20f3698a Remove check-names.sh and now-unused helper scripts
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 20:14:12 +02:00
Gilles Peskine
31da67beb7 Switch to the new Python implementation of check-names
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 20:13:00 +02:00
Gilles Peskine
d47f636a19 Adapt source file names from Mbed TLS 3.0 to 2.27
* There's no compat-2.x.h in Mbed TLS 2.x, but there's a compat-1.3.h which
  similarly needs to be excluded.
* mbedtls_config.h is called config.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 20:12:00 +02:00
Gilles Peskine
7bf5205581 More robust handling of excluded files
Don't try to enumerate excluded files. List included files, and remove names
from the list if they match an excluded-file pattern.

This resolves the problem that the script could get into an infinite loop
due to the use of recursive globbing. Unfortunately, Python's recursive
globs follows symbolic links to directories, which leads to an infinite loop
if a symbolic link points to an ancestor of the directory that contains it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 20:01:24 +02:00
Gilles Peskine
8266b5b0b4 Copy check_names.py and friends from development
Copy the following files:
    tests/scripts/check_names.py
    tests/scripts/list_internal_identifiers.py
    tests/scripts/list-identifiers.sh

Copy the version from b19be6b5f3, which is the
result of merging https://github.com/ARMmbed/mbedtls/pull/1638 into the
development branch.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 20:01:08 +02:00
Gilles Peskine
fe0acc6291 Move long -D lists from all.sh to a header file
To facilitate maintenance and to make it easier to reproduce all.sh builds
manually, remove the long, repeated list of -D options from
component_test_psa_crypto_config_basic and component_test_psa_crypto_drivers
and put it in a header file instead.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-21 09:40:02 +02:00
Gilles Peskine
c761d8f496 'make test': show failing test cases when cmake does
When building with make, `make test` runs `run-test-suites.pl` which has a
verbose mode that reports the failing test cases, but it didn't provide a
way to enable this verbose mode. With the present commit, you can run `make
test TEST_FLAGS=-v` to use verbose mode.

Base the default for verbose mode on the same environment variable that
`make test` uses when building with CMake: default off, but enabled if
`CTEST_OUTPUT_ON_FAILURE` is true. In particular, verbose mode will now be
on when building from `all.sh`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-21 09:36:07 +02:00
Mateusz Starzyk
b3d344c225 Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES option.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-09-06 12:18:53 +02:00
Manuel Pégourié-Gonnard
9a260a628a Fix missing dependency on Travis
Was getting errors like:

In file included from /usr/include/limits.h:25:0,
                 from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:168,
                 from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/syslimits.h:7,
                 from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:34,
                 from ../include/mbedtls/check_config.h:30,
                 from ../include/mbedtls/build_info.h:81,
                 from common.h:26,
                 from asn1write.c:20:
/usr/include/features.h:367:25: fatal error: sys/cdefs.h: No such file or directory

There are two packages to choose from: armhf or armel. Since the comment
in all.sh says we're trying to be close to Debian's "armel"
architecture, choose that, and fix a comment that was mentioning
gnueabihf for no apparent reason.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-08-09 12:09:41 +02:00
Manuel Pégourié-Gonnard
719301693d Add arm-linux-gnueabi-gcc build to all.sh
Currently it can't be mandatory, since we can't install the required toolchain
on Jenkins right away.

Also, while at it, remove `SHELL='sh -x'` from the other arm5vte component; it
was a leftover from debugging.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-08-09 12:08:39 +02:00
Gilles Peskine
eadd8ee250 Fix mixup about the directory containing the success indicator file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 19:45:12 +02:00
Gilles Peskine
5cf753ae02 More robust failure detection for the coverage report generation
The previous implementation was hard to understand and could in principle
fail to notice if there was a test case failure and the writing of the
line "Note: $TOTAL_FAIL failures." failed. KISS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 19:45:12 +02:00
Gilles Peskine
a2df615e21 Explain the final error checking
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 19:45:12 +02:00
Gilles Peskine
81786e4362 Save the coverage report to a file
Save the "Test Report Summary" to a file. This can help both CI scripts and
human readers who want the summary after the fact without having to copy the
console output.

Take care to exit with a nonzero status if there is a failure while
generating the test report summary.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 19:45:12 +02:00
Gilles Peskine
8e7414137d Show the udp_proxy seed in the console log
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 19:45:12 +02:00
Gilles Peskine
5a09a4a386 Only run an unbridled parallel make (make -j) if MAKEFLAGS is unset
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 19:45:12 +02:00
Gilles Peskine
3008c58df9 Speed up the generation of storage format test cases
Restore the optimization done in
 HEAD^{/Speed up the generation of storage format test cases}
which was lost during refactoring made when adding support for
implicit usage flags.

There are still more than one call to the C compiler, but the extra
calls are only for some key usage test cases.

This is an internal refactoring. This commit does not change the
output of generate_psa_tests.py

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-06 21:08:46 +02:00
Dave Rodgman
af9b4841fb Merge pull request #4605 from gabor-mezei-arm/3267_sign_verify_key_policies
[Backport 2.x] Key policy extension for PSA_KEY_USAGE_SIGN/VERIFY_HASH
2021-06-30 14:51:03 +01:00
gabor-mezei-arm
3ea27325c9 Fix pylint issue
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:21:21 +02:00
gabor-mezei-arm
ea840dea61 Return iterator instead of list
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:42:57 +02:00
gabor-mezei-arm
912eca3847 Rename function
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:39:56 +02:00
gabor-mezei-arm
e4b7499f74 Refactor handlibg of the key usage flags
Move implicit usage flags handling to the StorageKey class.
Create a subclass for test case data.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:29:24 +02:00
gabor-mezei-arm
805c735a8b Move key type validation to crypto_knowledge
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 21:36:58 +02:00
gabor-mezei-arm
5ea30377d3 Refactor key generation
Remove the key builder and use iterator instead of lists.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 21:36:58 +02:00
gabor-mezei-arm
acfcc18697 Rename variables and funcions
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 19:39:31 +02:00
gabor-mezei-arm
e84d321317 Use string in dict instead of Expr object
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 16:54:11 +02:00
gabor-mezei-arm
4781263704 Remove unnecessary test cases
It is enough only one test case for a key type, algorithm pair when
testing the implicit usage flags.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 16:41:36 +02:00
gabor-mezei-arm
927742ec71 Add better name for variables
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 16:41:35 +02:00
gabor-mezei-arm
705c452fd0 Simplify code
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 16:41:35 +02:00
gabor-mezei-arm
7d2ec9a223 Fix generated file modification
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:36 +02:00
gabor-mezei-arm
bce8527698 Fix test case duplication
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:36 +02:00
gabor-mezei-arm
b92d61b7e6 Fix pylint issues
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:36 +02:00
gabor-mezei-arm
044fefcdfb Add test case generation for usage extensions when loading keys
Add test cases validating that if a stored key only had the hash policy,
then after loading it psa_get_key_attributes reports that it also has the
message policy, and the key can be used with message functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:36 +02:00
gabor-mezei-arm
15c1f03f78 Add key usage policy extension support for key generation
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:28:34 +02:00
gabor-mezei-arm
4d9fb73c99 Use different subslasses for the test data files
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:27:55 +02:00
gabor-mezei-arm
8b0c91c91f Create a function for gather all the keys.
Prepare for using subclasses.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:27:55 +02:00
gabor-mezei-arm
d71659f447 Extend description generation
Add an extra optional parameter to generate a more detailed description
for test cases.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:27:55 +02:00
gabor-mezei-arm
0996080652 Use builder method pattern to generate a key
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 15:27:49 +02:00
Ronald Cron
132e8c3cab Merge pull request #4715 from gilles-peskine-arm/psa_crypto_spm-from_platform_h-2.x
Backport 2.x: Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
Straightforward backport from development to developement_2.x plus one trivial commit, only one approval is enough.
2021-06-25 09:00:58 +02:00
gabor-mezei-arm
9774dcf592 Convert iterators to lists to remove late binding
Remove late binding of iterators to enable the creation of an object
with an actual state of a variable.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-24 12:39:18 +02:00
gabor-mezei-arm
0bdb84e861 Add type annotations
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-24 12:37:08 +02:00
Gilles Peskine
99a3462785 In the SPM test build, fail if a symbol wasn't renamed
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 14:45:17 +02:00