yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #8342 from yanesca/threading_test_pc

Browse source 
Threading test proof of concept and plan
This commit is contained in:
Gilles Peskine 2023-12-21 12:08:41 +00:00 committed by GitHub
commit 0e6fdc4f1d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 234 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
CMakeLists.txt
View file

@ -117,7 +117,7 @@ endif()
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg"
FORCE)
endif()
@ -212,6 +212,8 @@ if(CMAKE_COMPILER_IS_GNU)
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3")
set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_CHECK "-Os")
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
endif(CMAKE_COMPILER_IS_GNU)
@ -225,6 +227,8 @@ if(CMAKE_COMPILER_IS_CLANG)
set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3")
set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3")
set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
set(CMAKE_C_FLAGS_CHECK "-Os")
endif(CMAKE_COMPILER_IS_CLANG)

10
library/ssl_tls13_keys.c
View file

@ -1140,8 +1140,8 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl,
size_t hash_len;
unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE];
size_t transcript_len;
size_t key_len;
size_t iv_len;
size_t key_len = 0;
size_t iv_len = 0;
mbedtls_ssl_tls13_early_secrets tls13_early_secrets;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@ -1341,8 +1341,8 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
size_t hash_len;
unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE];
size_t transcript_len;
size_t key_len;
size_t iv_len;
size_t key_len = 0;
size_t iv_len = 0;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
@ -1592,7 +1592,7 @@ static int ssl_tls13_generate_application_keys(
size_t hash_len;
/* Variables relating to the cipher for the chosen ciphersuite. */
size_t key_len, iv_len;
size_t key_len = 0, iv_len = 0;
MBEDTLS_SSL_DEBUG_MSG(2, ("=> derive application traffic keys"));

2
programs/Makefile
View file

@ -139,7 +139,7 @@ APPS = \
x509/req_app \
# End of APPS
ifdef PTHREAD
ifeq ($(THREADING),pthread)
APPS += ssl/ssl_pthread_server
endif

6
programs/aes/crypt_and_hash.c
View file

@ -103,7 +103,11 @@ int main(int argc, char *argv[])
list = mbedtls_cipher_list();
while (*list) {
cipher_info = mbedtls_cipher_info_from_type(*list);
mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info));
const char *name = mbedtls_cipher_info_get_name(cipher_info);
if (name) {
mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info));
}
list++;
}

3
tests/CMakeLists.txt
View file

@ -1,5 +1,8 @@
find_package(Threads)
set(libs
${mbedtls_target}
${CMAKE_THREAD_LIBS_INIT}
)
# Set the project root directory if it's not already defined, as may happen if

4
tests/Makefile
View file

@ -57,6 +57,10 @@ else
DLEXT ?= so
EXEXT=
SHARED_SUFFIX=
ifeq ($(THREADING),pthread)
LOCAL_LDFLAGS += -lpthread
endif
endif
ifdef WINDOWS

182
tests/scripts/all.sh
View file

@ -216,6 +216,9 @@ pre_initialize_variables () {
esac
SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
done
# Option to enable linking with pthreads under make
MAKE_THREADING_FLAGS="THREADING=pthread"
}
# Test whether the component $1 is included in the command line patterns.
@ -930,7 +933,7 @@ helper_get_psa_key_type_list() {
# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed.
helper_libtestdriver1_make_drivers() {
loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# Build the main libraries, programs and tests,
@ -948,7 +951,7 @@ helper_libtestdriver1_make_main() {
# we need flags both with and without the LIBTESTDRIVER1_ prefix
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS "$@"
}
################################################################
@ -1443,7 +1446,7 @@ component_test_psa_external_rng_no_drbg_classic () {
# When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
# the SSL test programs don't have an RNG and can't work. Explicitly
# make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites"
make test
@ -1462,7 +1465,7 @@ component_test_psa_external_rng_no_drbg_use_psa () {
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
make test
@ -1477,7 +1480,7 @@ component_test_psa_external_rng_use_psa_crypto () {
scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_CTR_DRBG_C
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
make test
@ -1495,7 +1498,7 @@ component_test_psa_inject_entropy () {
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY"
make test
@ -1529,14 +1532,14 @@ component_test_crypto_full_md_light_only () {
# Note: MD-light is auto-enabled in build_info.h by modules that need it,
# which we haven't disabled, so no need to explicitly enable it.
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
# Make sure we don't have the HMAC functions, but the hashing functions
not grep mbedtls_md_hmac library/md.o
grep mbedtls_md library/md.o
msg "test: crypto_full with only the light subset of MD"
make test
make $MAKE_THREADING_FLAGS test
}
component_test_full_no_cipher () {
@ -1562,7 +1565,7 @@ component_test_full_no_cipher () {
scripts/config.py unset MBEDTLS_LMS_PRIVATE
msg "test: full no CIPHER no PSA_CRYPTO_C"
make test
make $MAKE_THREADING_FLAGS test
}
# This is a common configurator and test function that is used in:
@ -1611,7 +1614,7 @@ common_test_full_no_cipher_with_psa_crypto () {
scripts/config.py unset MBEDTLS_PKCS12_C
scripts/config.py unset MBEDTLS_PKCS5_C
make
make $MAKE_THREADING_FLAGS
# Ensure that CIPHER_C was not re-enabled
not grep mbedtls_cipher_init library/cipher.o
@ -1644,7 +1647,7 @@ component_test_full_no_ccm() {
# PSA_WANT_ALG_CCM to be re-enabled.
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM
make
make $MAKE_THREADING_FLAGS
msg "test: full no PSA_WANT_ALG_CCM"
make test
@ -1672,7 +1675,7 @@ component_test_full_no_ccm_star_no_tag() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7
make
make $MAKE_THREADING_FLAGS
# Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled
not grep mbedtls_psa_cipher library/psa_crypto_cipher.o
@ -1729,7 +1732,7 @@ component_test_full_no_bignum () {
scripts/config.py unset MBEDTLS_SSL_ASYNC_PRIVATE
scripts/config.py unset MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
make
make $MAKE_THREADING_FLAGS
msg "test: full minus bignum"
make test
@ -2007,7 +2010,7 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () {
component_test_psa_collect_statuses () {
msg "build+test: psa_collect_statuses" # ~30s
scripts/config.py full
tests/scripts/psa_collect_statuses.py
tests/scripts/psa_collect_statuses.py --make-vars="$MAKE_THREADING_FLAGS"
# Check that psa_crypto_init() succeeded at least once
grep -q '^0:psa_crypto_init:' tests/statuses.log
rm -f tests/statuses.log
@ -2159,6 +2162,19 @@ component_release_test_valgrind_constant_flow_psa () {
make memcheck
}
component_test_tsan () {
msg "build: TSan (clang)"
scripts/config.py full
scripts/config.py set MBEDTLS_THREADING_C
scripts/config.py set MBEDTLS_THREADING_PTHREAD
CC=clang cmake -D CMAKE_BUILD_TYPE:String=TSan .
make
msg "test: main suites (TSan)"
make test
}
component_test_default_no_deprecated () {
# Test that removing the deprecated features from the default
# configuration leaves something consistent.
@ -2173,7 +2189,7 @@ component_test_default_no_deprecated () {
component_test_full_no_deprecated () {
msg "build: make, full_no_deprecated config" # ~ 30s
scripts/config.py full_no_deprecated
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS
msg "test: make, full_no_deprecated config" # ~ 5s
make test
@ -2190,7 +2206,7 @@ component_test_full_no_deprecated_deprecated_warning () {
scripts/config.py full_no_deprecated
scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED
scripts/config.py set MBEDTLS_DEPRECATED_WARNING
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra'
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS
msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s
make test
@ -2210,7 +2226,7 @@ component_test_full_deprecated_warning () {
# By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set.
# Expect warnings from '#warning' directives in check_config.h and
# from the use of deprecated functions in test suites.
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests
make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' $MAKE_THREADING_FLAGS tests
msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s
make test
@ -2235,7 +2251,7 @@ component_build_crypto_default () {
component_build_crypto_full () {
msg "build: make, crypto only, full config"
scripts/config.py crypto_full
make CFLAGS='-O1 -Werror'
make CFLAGS='-O1 -Werror' $MAKE_THREADING_FLAGS
are_empty_libraries library/libmbedx509.* library/libmbedtls.*
}
@ -2295,73 +2311,73 @@ support_build_baremetal () {
# depends.py family of tests
component_test_depends_py_cipher_id () {
msg "test/build: depends.py cipher_id (gcc)"
tests/scripts/depends.py cipher_id --unset-use-psa
tests/scripts/depends.py cipher_id --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_chaining () {
msg "test/build: depends.py cipher_chaining (gcc)"
tests/scripts/depends.py cipher_chaining --unset-use-psa
tests/scripts/depends.py cipher_chaining --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_padding () {
msg "test/build: depends.py cipher_padding (gcc)"
tests/scripts/depends.py cipher_padding --unset-use-psa
tests/scripts/depends.py cipher_padding --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_curves () {
msg "test/build: depends.py curves (gcc)"
tests/scripts/depends.py curves --unset-use-psa
tests/scripts/depends.py curves --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_hashes () {
msg "test/build: depends.py hashes (gcc)"
tests/scripts/depends.py hashes --unset-use-psa
tests/scripts/depends.py hashes --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_kex () {
msg "test/build: depends.py kex (gcc)"
tests/scripts/depends.py kex --unset-use-psa
tests/scripts/depends.py kex --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_pkalgs () {
msg "test/build: depends.py pkalgs (gcc)"
tests/scripts/depends.py pkalgs --unset-use-psa
tests/scripts/depends.py pkalgs --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
# PSA equivalents of the depends.py tests
component_test_depends_py_cipher_id_psa () {
msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py cipher_id
tests/scripts/depends.py cipher_id --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_chaining_psa () {
msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py cipher_chaining
tests/scripts/depends.py cipher_chaining --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_padding_psa () {
msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py cipher_padding
tests/scripts/depends.py cipher_padding --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_curves_psa () {
msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py curves
tests/scripts/depends.py curves --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_hashes_psa () {
msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py hashes
tests/scripts/depends.py hashes --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_kex_psa () {
msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py kex
tests/scripts/depends.py kex --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_pkalgs_psa () {
msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
tests/scripts/depends.py pkalgs
tests/scripts/depends.py pkalgs --make-vars="$MAKE_THREADING_FLAGS"
}
component_build_no_pk_rsa_alt_support () {
@ -2373,7 +2389,7 @@ component_build_no_pk_rsa_alt_support () {
scripts/config.py set MBEDTLS_X509_CRT_WRITE_C
# Only compile - this is primarily to test for compile issues
make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy'
make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' $MAKE_THREADING_FLAGS
}
component_build_module_alt () {
@ -2587,7 +2603,7 @@ component_test_psa_crypto_config_reference_ffdh () {
# Disable things that are not supported
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
make
make $MAKE_THREADING_FLAGS
msg "test suites: full with non-accelerated FFDH alg"
make test
@ -2626,7 +2642,7 @@ component_test_psa_crypto_config_accel_pake() {
# -------------
msg "test: full with accelerated PAKE"
make test
make $MAKE_THREADING_FLAGS test
}
component_test_psa_crypto_config_accel_ecc_some_key_types () {
@ -2686,7 +2702,7 @@ component_test_psa_crypto_config_accel_ecc_some_key_types () {
# -------------
msg "test suites: full with accelerated EC algs and some key types"
make test
make $MAKE_THREADING_FLAGS test
}
# Run tests with only (non-)Weierstrass accelerated
@ -2885,7 +2901,7 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () {
# -------------
msg "test suites: full with accelerated EC algs"
make test
make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full with accelerated EC algs"
tests/ssl-opt.sh
@ -2897,7 +2913,7 @@ component_test_psa_crypto_config_reference_ecc_ecp_light_only () {
config_psa_crypto_config_ecp_light_only 0
make
make $MAKE_THREADING_FLAGS
msg "test suites: full with non-accelerated EC algs"
make test
@ -2990,7 +3006,7 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () {
# -------------
msg "test: full + accelerated EC algs - ECP"
make test
make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full + accelerated EC algs - ECP"
tests/ssl-opt.sh
@ -3004,7 +3020,7 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () {
config_psa_crypto_no_ecp_at_all 0
make
make $MAKE_THREADING_FLAGS
msg "test: full + non accelerated EC algs"
make test
@ -3167,7 +3183,7 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () {
msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM"
make test
make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM"
tests/ssl-opt.sh
@ -3198,7 +3214,7 @@ common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () {
config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$test_target"
make
make $MAKE_THREADING_FLAGS
msg "test suites: full + non accelerated EC algs + USE_PSA"
make test
@ -3317,7 +3333,7 @@ build_full_minus_something_and_test_tls () {
scripts/config.py unset $sym
done
make
make $MAKE_THREADING_FLAGS
msg "test: full minus something, test TLS"
( cd tests; ./test_suite_ssl )
@ -3356,7 +3372,7 @@ build_and_test_psa_want_key_pair_partial() {
# crypto_config.h so we just disable the one we don't want.
scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}"
make test
@ -3422,7 +3438,7 @@ component_test_psa_crypto_config_accel_rsa_crypto () {
# -------------
msg "test: crypto_full with accelerated RSA"
make test
make $MAKE_THREADING_FLAGS test
}
component_test_psa_crypto_config_reference_rsa_crypto () {
@ -3434,7 +3450,7 @@ component_test_psa_crypto_config_reference_rsa_crypto () {
# Build
# -----
make
make $MAKE_THREADING_FLAGS
# Run the tests
# -------------
@ -3636,7 +3652,7 @@ component_test_psa_crypto_config_reference_hash_use_psa() {
config_psa_crypto_hash_use_psa 0
make
make $MAKE_THREADING_FLAGS
msg "test: full without accelerated hashes"
make test
@ -3801,7 +3817,7 @@ component_test_psa_crypto_config_accel_cipher_aead () {
# -------------
msg "test: full config with accelerated cipher and AEAD"
make test
make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full config with accelerated cipher and AEAD"
tests/ssl-opt.sh
@ -3814,7 +3830,7 @@ component_test_psa_crypto_config_reference_cipher_aead () {
msg "build: full config with non-accelerated cipher and AEAD"
common_psa_crypto_config_accel_cipher_aead
make
make $MAKE_THREADING_FLAGS
msg "test: full config with non-accelerated cipher and AEAD"
make test
@ -3831,7 +3847,7 @@ component_test_aead_chachapoly_disabled() {
scripts/config.py full
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full minus CHACHAPOLY"
make test
@ -3844,7 +3860,7 @@ component_test_aead_only_ccm() {
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full minus CHACHAPOLY and GCM"
make test
@ -3875,7 +3891,7 @@ component_build_psa_accel_alg_ecdh() {
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test.
@ -3885,7 +3901,7 @@ component_build_psa_accel_alg_hmac() {
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test.
@ -3898,7 +3914,7 @@ component_build_psa_accel_alg_hkdf() {
# Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it.
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
@ -3917,7 +3933,7 @@ component_build_psa_accel_alg_md5() {
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test.
@ -3936,7 +3952,7 @@ component_build_psa_accel_alg_ripemd160() {
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test.
@ -3955,7 +3971,7 @@ component_build_psa_accel_alg_sha1() {
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test.
@ -3971,7 +3987,7 @@ component_build_psa_accel_alg_sha224() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test.
@ -3987,7 +4003,7 @@ component_build_psa_accel_alg_sha256() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test.
@ -4005,7 +4021,7 @@ component_build_psa_accel_alg_sha384() {
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test.
@ -4024,7 +4040,7 @@ component_build_psa_accel_alg_sha512() {
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@ -4038,7 +4054,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@ -4052,7 +4068,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@ -4066,7 +4082,7 @@ component_build_psa_accel_alg_rsa_oaep() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@ -4080,7 +4096,7 @@ component_build_psa_accel_alg_rsa_pss() {
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@ -4095,7 +4111,7 @@ component_build_psa_accel_key_type_rsa_key_pair() {
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@ -4107,7 +4123,7 @@ component_build_psa_accel_key_type_rsa_public_key() {
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
@ -4276,7 +4292,7 @@ component_test_no_platform () {
# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
# to re-enable platform integration features otherwise disabled in C99 builds
make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs
make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test
make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' $MAKE_THREADING_FLAGS test
}
component_build_no_std_function () {
@ -4294,14 +4310,14 @@ component_build_no_ssl_srv () {
msg "build: full config except SSL server, make, gcc" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_SSL_SRV_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS
}
component_build_no_ssl_cli () {
msg "build: full config except SSL client, make, gcc" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_SSL_CLI_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS
}
component_build_no_sockets () {
@ -4476,7 +4492,7 @@ component_test_platform_calloc_macro () {
component_test_malloc_0_null () {
msg "build: malloc(0) returns NULL (ASan+UBSan build)"
scripts/config.py full
make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: malloc(0) returns NULL (ASan+UBSan build)"
make test
@ -5088,7 +5104,7 @@ component_test_psa_crypto_drivers () {
loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
loc_cflags="${loc_cflags} -I../tests/include -O2"
make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full + test drivers dispatching to builtins"
make test
@ -5115,7 +5131,7 @@ test_build_opt () {
$cc --version
for opt in "$@"; do
msg "build/test: $cc $opt, $info" # ~ 30s
make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror"
make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" $MAKE_THREADING_FLAGS
# We're confident enough in compilers to not run _all_ the tests,
# but at least run the unit tests. In particular, runs with
# optimizations use inline assembly whereas runs with -O0
@ -5170,7 +5186,7 @@ component_build_mbedtls_config_file () {
msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s
scripts/config.py -w full_config.h full
echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H"
make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'"
make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" $MAKE_THREADING_FLAGS
# Make sure this feature is enabled. We'll disable it in the next phase.
programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
make clean
@ -5179,7 +5195,7 @@ component_build_mbedtls_config_file () {
# In the user config, disable one feature (for simplicity, pick a feature
# that nothing else depends on).
echo '#undef MBEDTLS_NIST_KW_C' >user_config.h
make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'"
make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" $MAKE_THREADING_FLAGS
not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
rm -f user_config.h full_config.h
@ -5238,7 +5254,7 @@ component_test_m32_no_asm () {
scripts/config.py unset MBEDTLS_HAVE_ASM
scripts/config.py unset MBEDTLS_PADLOCK_C
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: i386, make, gcc, no asm (ASan build)"
make test
@ -5256,7 +5272,7 @@ component_test_m32_o2 () {
msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: i386, make, gcc -O2 (ASan build)"
make test
@ -5291,7 +5307,7 @@ support_test_m32_everest () {
component_test_mx32 () {
msg "build: 64-bit ILP32, make, gcc" # ~ 30s
scripts/config.py full
make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32'
make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' $MAKE_THREADING_FLAGS
msg "test: 64-bit ILP32, make, gcc"
make test
@ -5355,7 +5371,7 @@ component_test_no_udbl_division () {
msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
scripts/config.py full
scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
make CFLAGS='-Werror -O1'
make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS
msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
make test
@ -5365,7 +5381,7 @@ component_test_no_64bit_multiplication () {
msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
scripts/config.py full
scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
make CFLAGS='-Werror -O1'
make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS
msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
make test
@ -5379,7 +5395,7 @@ component_test_no_strings () {
scripts/config.py unset MBEDTLS_ERROR_C
scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY
scripts/config.py unset MBEDTLS_VERSION_FEATURES
make CFLAGS='-Werror -Os'
make CFLAGS='-Werror -Os' $MAKE_THREADING_FLAGS
msg "test: no strings" # ~ 10s
make test
@ -5390,7 +5406,7 @@ component_test_no_x509_info () {
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl set MBEDTLS_X509_REMOVE_INFO
make CFLAGS='-Werror -O2'
make CFLAGS='-Werror -O2' $MAKE_THREADING_FLAGS
msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s
make test
@ -5993,7 +6009,7 @@ component_build_zeroize_checks () {
scripts/config.py full
# Only compile - we're looking for sizeof-pointer-memaccess warnings
make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" $MAKE_THREADING_FLAGS
}

5
tests/scripts/depends.py
View file

@ -381,7 +381,7 @@ class DomainData:
def __init__(self, options, conf):
"""Gather data about the library and establish a list of domains to test."""
build_command = [options.make_command, 'CFLAGS=-Werror']
build_command = [options.make_command] + options.make_vars.split(' ') + ['CFLAGS=-Werror']
build_and_test = [build_command, [options.make_command, 'test']]
self.all_config_symbols = set(conf.settings.keys())
# Find hash modules by name.
@ -526,6 +526,9 @@ def main():
parser.add_argument('--make-command', metavar='CMD',
help='Command to run instead of make (e.g. gmake)',
action='store', default='make')
parser.add_argument('--make-vars',
help='optional variable/value pairs to pass to make',
action='store', default='')
parser.add_argument('--unset-use-psa',
help='Unset MBEDTLS_USE_PSA_CRYPTO before any test',
action='store_true', dest='unset_use_psa')

14
tests/scripts/psa_collect_statuses.py
View file

@ -82,10 +82,15 @@ def collect_status_logs(options):
cwd='tests',
stdout=sys.stderr)
with open(os.devnull, 'w') as devnull:
make_q_ret = subprocess.call(['make', '-q', 'lib', 'tests'],
stdout=devnull, stderr=devnull)
build_command = ['make', '-q'] + options.make_vars.split(' ') + \
['lib', 'tests']
make_q_ret = subprocess.call(build_command, stdout=devnull,
stderr=devnull)
print("blagh")
if make_q_ret != 0:
subprocess.check_call(['make', 'RECORD_PSA_STATUS_COVERAGE_LOG=1'],
build_command = ['make'] + options.make_vars.split(' ') + \
['RECORD_PSA_STATUS_COVERAGE_LOG=1']
subprocess.check_call(build_command,
stdout=sys.stderr)
rebuilt = True
subprocess.check_call(['make', 'test'],
@ -112,6 +117,9 @@ def main():
help='Log file location (default: {})'.format(
DEFAULT_STATUS_LOG_FILE
))
parser.add_argument('--make-vars',
help='optional variable/value pairs to pass to make',
action='store', default='')
parser.add_argument('--psa-constant-names', metavar='PROGRAM',
default=DEFAULT_PSA_CONSTANT_NAMES,
help='Path to psa_constant_names (default: {})'.format(

7
tests/suites/test_suite_ctr_drbg.data
View file

@ -1096,5 +1096,12 @@ ctr_drbg_seed_file:"no_such_dir/file":MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR
CTR_DRBG Special Behaviours
ctr_drbg_special_behaviours:
CTR_DRBG Threads: no reseed
ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0:5
CTR_DRBG Threads: reseed
depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1:5
CTR_DRBG self test
ctr_drbg_selftest:

90
tests/suites/test_suite_ctr_drbg.function
View file

@ -3,6 +3,10 @@
#include "mbedtls/ctr_drbg.h"
#include "string.h"
#if defined(MBEDTLS_THREADING_PTHREAD)
#include "mbedtls/threading.h"
#endif
/* Modes for ctr_drbg_validate */
enum reseed_mode {
RESEED_NEVER, /* never reseed */
@ -90,6 +94,19 @@ exit:
mbedtls_ctr_drbg_free(&ctx);
}
static const int thread_random_reps = 10;
void *thread_random_function(void *ctx)
{
unsigned char out[16];
memset(out, 0, sizeof(out));
for (int i = 0; i < thread_random_reps; i++) {
TEST_EQUAL(mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context *) ctx, out, sizeof(out)), 0);
}
exit:
return NULL;
}
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@ -325,6 +342,79 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count)
{
size_t thread_count = (size_t) arg_thread_count;
pthread_t *threads = NULL;
unsigned char out[16];
unsigned char *entropy = NULL;
const size_t n_random_calls = thread_count * thread_random_reps + 1;
/* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */
const size_t entropy_len = 48;
AES_PSA_INIT();
TEST_CALLOC(threads, sizeof(pthread_t) * thread_count);
memset(out, 0, sizeof(out));
mbedtls_ctr_drbg_context ctx;
mbedtls_ctr_drbg_init(&ctx);
test_offset_idx = 0;
/* Need to do this, otherwise if we are forced into using SHA256 for
* whaever reason, output will differ. */
mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_len);
if (reseed == 0) {
mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF);
mbedtls_ctr_drbg_set_reseed_interval(&ctx, n_random_calls + 1);
TEST_CALLOC(entropy, entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN);
test_max_idx = entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
} else {
const size_t entropy_size = ((n_random_calls + 1) * entropy_len)
+ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON);
TEST_CALLOC(entropy, entropy_size);
test_max_idx = entropy_size;
}
TEST_EQUAL(
mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0),
0);
for (size_t i = 0; i < thread_count; i++) {
TEST_EQUAL(
pthread_create(&threads[i], NULL,
thread_random_function, (void *) &ctx),
0);
}
for (size_t i = 0; i < thread_count; i++) {
TEST_EQUAL(pthread_join(threads[i], NULL), 0);
}
/* Take a last output for comparing and thus verifying the DRBG state */
TEST_EQUAL(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)), 0);
TEST_MEMORY_COMPARE(out, sizeof(out), expected_result->x, expected_result->len);
exit:
mbedtls_ctr_drbg_free(&ctx);
mbedtls_free(entropy);
mbedtls_free(threads);
AES_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void ctr_drbg_seed_file(char *path, int ret)
{