From 9a6c45b4367b2353b2cac60db212dffb86d23ac8 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Fri, 14 Jul 2023 12:30:00 +0100 Subject: [PATCH 01/24] Make all.sh PSA-crypto-friendly Introduce changes needed to run all.sh in the psa-crypto repo. Where behaviour must differ, detect that we are in the psa-crypto repo by checking for the 'core' directory. Signed-off-by: David Horstmann --- tests/scripts/all.sh | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8e978ac72..9f8bd0850 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -123,15 +123,23 @@ set -e -o pipefail -u # Enable ksh/bash extended file matching patterns shopt -s extglob +in_psa_crypto_repo () { + test -d core +} + pre_check_environment () { - if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + if [ \( -d library -o -d core \) -a -d include -a -d tests ]; then :; else + echo "Must be run from Mbed TLS root" >&2 exit 1 fi } pre_initialize_variables () { - CONFIG_H='include/mbedtls/mbedtls_config.h' + if in_psa_crypto_repo; then + CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' + else + CONFIG_H='include/mbedtls/mbedtls_config.h' + fi CRYPTO_CONFIG_H='include/psa/crypto_config.h' CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' @@ -141,8 +149,10 @@ pre_initialize_variables () { backup_suffix='.all.bak' # Files clobbered by config.py files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" - # Files clobbered by in-tree cmake - files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" + if ! in_psa_crypto_repo; then + # Files clobbered by in-tree cmake + files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" + fi append_outcome=0 MEMORY=0 @@ -299,7 +309,9 @@ EOF # Does not remove generated source files. cleanup() { - command make clean + if ! in_psa_crypto_repo; then + command make clean + fi # Remove CMake artefacts find . -name .git -prune -o \ @@ -556,7 +568,7 @@ pre_check_git () { fi if ! git diff --quiet "$CONFIG_H"; then - err_msg "Warning - the configuration file 'include/mbedtls/mbedtls_config.h' has been edited. " + err_msg "Warning - the configuration file '$CONFIG_H' has been edited. " echo "You can either delete or preserve your work, or force the test by rerunning the" echo "script as: $0 --force" exit 1 @@ -5264,7 +5276,9 @@ pre_prepare_outcome_file pre_print_configuration pre_check_tools cleanup -pre_generate_files +if ! in_psa_crypto_repo; then + pre_generate_files +fi # Run the requested tests. for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do From 795d8b523d8870954953cdd27b3770b4a1f21010 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 18 Jul 2023 17:03:03 +0100 Subject: [PATCH 02/24] Modify build_tree.py for the PSA Crypto repo When detecting the root dir, look both for PSA Crypto and Mbed TLS directories. Signed-off-by: David Horstmann --- scripts/mbedtls_dev/build_tree.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index f52b785d9..864085748 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -19,12 +19,19 @@ import os import inspect +def looks_like_psa_crypto_root(path: str) -> bool: + """Whether the given directory looks like the root of the PSA Crypto source tree.""" + return all(os.path.isdir(os.path.join(path, subdir)) + for subdir in ['include', 'core', 'tests']) def looks_like_mbedtls_root(path: str) -> bool: """Whether the given directory looks like the root of the Mbed TLS source tree.""" return all(os.path.isdir(os.path.join(path, subdir)) for subdir in ['include', 'library', 'programs', 'tests']) +def looks_like_root(path: str) -> bool: + return looks_like_psa_crypto_root(path) or looks_like_mbedtls_root(path) + def check_repo_path(): """ Check that the current working directory is the project root, and throw @@ -42,7 +49,7 @@ def chdir_to_root() -> None: for d in [os.path.curdir, os.path.pardir, os.path.join(os.path.pardir, os.path.pardir)]: - if looks_like_mbedtls_root(d): + if looks_like_root(d): os.chdir(d) return raise Exception('Mbed TLS source tree not found') @@ -62,6 +69,6 @@ def guess_mbedtls_root(): if d in dirs: continue dirs.add(d) - if looks_like_mbedtls_root(d): + if looks_like_root(d): return d raise Exception('Mbed TLS source tree not found') From 1d09184291fd5e05b93c8a8a2fc8b2813dda652d Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 18 Jul 2023 17:39:35 +0100 Subject: [PATCH 03/24] Modify test_psa_compliance.py for psa-crypto repo Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 92db4171a..a1a02603e 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -28,6 +28,9 @@ import shutil import subprocess import sys +import scripts_path +from mbedtls_dev import build_tree + # PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite) # The test numbers correspond to the numbers used by the console output of the test suite. # Test number 2xx corresponds to the files in the folder @@ -53,8 +56,11 @@ PSA_ARCH_TESTS_REF = 'fix-pr-5736' def main(): mbedtls_dir = os.getcwd() - if not os.path.exists('library/libmbedcrypto.a'): - subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a']) + is_psa_crypto = build_tree.looks_like_psa_crypto_root(mbedtls_dir) #type: bool + + if not is_psa_crypto: + if not os.path.exists('library/libmbedcrypto.a'): + subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a']) psa_arch_tests_dir = 'psa-arch-tests' os.makedirs(psa_arch_tests_dir, exist_ok=True) @@ -74,6 +80,15 @@ def main(): os.mkdir(build_dir) os.chdir(build_dir) + if is_psa_crypto: + psa_crypto_lib_filename = \ + 'mbedtls_out_of_source_build/core/libpsacrypto.a' + else: + psa_crypto_lib_filename = 'library/libmbedcrypto.a' + + extra_includes = (';{}/drivers/builtin/include'.format(mbedtls_dir) + if is_psa_crypto else '') + #pylint: disable=bad-continuation subprocess.check_call([ 'cmake', '..', @@ -81,8 +96,9 @@ def main(): '-DTARGET=tgt_dev_apis_stdc', '-DTOOLCHAIN=HOST_GCC', '-DSUITE=CRYPTO', - '-DPSA_CRYPTO_LIB_FILENAME={}/library/libmbedcrypto.a'.format(mbedtls_dir), - '-DPSA_INCLUDE_PATHS={}/include'.format(mbedtls_dir) + '-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(mbedtls_dir, + psa_crypto_lib_filename), + ('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(mbedtls_dir) ]) subprocess.check_call(['cmake', '--build', '.']) From 42f42f4394ed239fb14e289cb347db21638fdec0 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 18 Jul 2023 17:53:01 +0100 Subject: [PATCH 04/24] Support psa-crypto repo in psa_storage.py Signed-off-by: David Horstmann --- scripts/mbedtls_dev/psa_storage.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index bae99383d..a2e4c74a4 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -27,6 +27,7 @@ from typing import Dict, List, Optional, Set, Union import unittest from . import c_build_helper +from . import build_tree class Expr: @@ -51,13 +52,16 @@ class Expr: def update_cache(self) -> None: """Update `value_cache` for expressions registered in `unknown_values`.""" expressions = sorted(self.unknown_values) + includes = ['include'] + if build_tree.looks_like_psa_crypto_root('.'): + includes.append('drivers/builtin/include') values = c_build_helper.get_c_expression_values( 'unsigned long', '%lu', expressions, header=""" #include """, - include_path=['include']) #type: List[str] + include_path=includes) #type: List[str] for e, v in zip(expressions, values): self.value_cache[e] = int(v, 0) self.unknown_values.clear() From e31014a681f43bc0f16e097d6ed2d4f600919210 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 19 Jul 2023 11:43:27 +0100 Subject: [PATCH 05/24] Tweak test_psa_compliance pylint annotations Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index a1a02603e..225e37ceb 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -28,6 +28,7 @@ import shutil import subprocess import sys +#pylint: disable=unused-import import scripts_path from mbedtls_dev import build_tree @@ -52,11 +53,11 @@ EXPECTED_FAILURES = { PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git' PSA_ARCH_TESTS_REF = 'fix-pr-5736' -#pylint: disable=too-many-branches,too-many-statements +#pylint: disable=too-many-branches,too-many-statements,too-many-locals def main(): mbedtls_dir = os.getcwd() - is_psa_crypto = build_tree.looks_like_psa_crypto_root(mbedtls_dir) #type: bool + is_psa_crypto = build_tree.looks_like_psa_crypto_root(mbedtls_dir) if not is_psa_crypto: if not os.path.exists('library/libmbedcrypto.a'): From 76a77385378600c13d68b58458b39d32853a12be Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 17 Aug 2023 17:32:26 +0100 Subject: [PATCH 06/24] Invert logic for repo detection in all.sh Instead of: ! in_psa_crypto_repo() use in_mbedtls_repo() Signed-off-by: David Horstmann --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9f8bd0850..33bad3987 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -123,8 +123,8 @@ set -e -o pipefail -u # Enable ksh/bash extended file matching patterns shopt -s extglob -in_psa_crypto_repo () { - test -d core +in_mbedtls_repo () { + test ! -d core } pre_check_environment () { @@ -135,10 +135,10 @@ pre_check_environment () { } pre_initialize_variables () { - if in_psa_crypto_repo; then - CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' - else + if in_mbedtls_repo; then CONFIG_H='include/mbedtls/mbedtls_config.h' + else + CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' fi CRYPTO_CONFIG_H='include/psa/crypto_config.h' CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' @@ -149,7 +149,7 @@ pre_initialize_variables () { backup_suffix='.all.bak' # Files clobbered by config.py files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" - if ! in_psa_crypto_repo; then + if in_mbedtls_repo; then # Files clobbered by in-tree cmake files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" fi @@ -309,7 +309,7 @@ EOF # Does not remove generated source files. cleanup() { - if ! in_psa_crypto_repo; then + if in_mbedtls_repo; then command make clean fi @@ -5276,7 +5276,7 @@ pre_prepare_outcome_file pre_print_configuration pre_check_tools cleanup -if ! in_psa_crypto_repo; then +if in_mbedtls_repo; then pre_generate_files fi From 4dcddcfae2a14ef7debc23dd404dc3923751b355 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 17 Aug 2023 18:08:24 +0100 Subject: [PATCH 07/24] Parameterize out of source build directory Use CMake to build the library out-of-source (rather than make) in tests/scripts/test_psa_compliance.py and add a script argument for the out-of-source build directory. Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 30 +++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 225e37ceb..298745368 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -22,6 +22,7 @@ to help keep the list of known defects as up to date as possible. # See the License for the specific language governing permissions and # limitations under the License. +import argparse import os import re import shutil @@ -54,14 +55,18 @@ PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git' PSA_ARCH_TESTS_REF = 'fix-pr-5736' #pylint: disable=too-many-branches,too-many-statements,too-many-locals -def main(): +def main(library_build_dir: str): mbedtls_dir = os.getcwd() is_psa_crypto = build_tree.looks_like_psa_crypto_root(mbedtls_dir) - if not is_psa_crypto: - if not os.path.exists('library/libmbedcrypto.a'): - subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a']) + if not os.path.exists(library_build_dir + '/library/libmbedcrypto.a'): + subprocess.check_call([ + 'cmake', '.', + '-GUnix Makefiles', + '-B', library_build_dir + ]) + subprocess.check_call(['cmake', '--build', library_build_dir]) psa_arch_tests_dir = 'psa-arch-tests' os.makedirs(psa_arch_tests_dir, exist_ok=True) @@ -83,9 +88,9 @@ def main(): if is_psa_crypto: psa_crypto_lib_filename = \ - 'mbedtls_out_of_source_build/core/libpsacrypto.a' + library_build_dir + '/core/libpsacrypto.a' else: - psa_crypto_lib_filename = 'library/libmbedcrypto.a' + psa_crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' extra_includes = (';{}/drivers/builtin/include'.format(mbedtls_dir) if is_psa_crypto else '') @@ -156,4 +161,15 @@ def main(): os.chdir(mbedtls_dir) if __name__ == '__main__': - sys.exit(main()) + # Default build directory + library_build_dir = 'mbedtls_out_of_source_build' + + parser = argparse.ArgumentParser() + parser.add_argument('--build-dir', nargs=1, + help='path to Mbed TLS build directory') + args = parser.parse_args() + + if args.build_dir is not None: + library_build_dir = args.build_dir[0] + + sys.exit(main(library_build_dir)) From 7f93d22ad9cefaf5ffd84cf1faef8bfd40787e3a Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 23 Aug 2023 16:21:40 +0100 Subject: [PATCH 08/24] Rename psa_crypto_lib_filename to just crypto_lib_filename Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 298745368..abb179010 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -87,10 +87,10 @@ def main(library_build_dir: str): os.chdir(build_dir) if is_psa_crypto: - psa_crypto_lib_filename = \ + crypto_lib_filename = \ library_build_dir + '/core/libpsacrypto.a' else: - psa_crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' + crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' extra_includes = (';{}/drivers/builtin/include'.format(mbedtls_dir) if is_psa_crypto else '') @@ -103,7 +103,7 @@ def main(library_build_dir: str): '-DTOOLCHAIN=HOST_GCC', '-DSUITE=CRYPTO', '-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(mbedtls_dir, - psa_crypto_lib_filename), + crypto_lib_filename), ('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(mbedtls_dir) ]) subprocess.check_call(['cmake', '--build', '.']) From 0ac57ca6c6a73d33d2f2e616ce8c0d119b0f15fb Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 23 Aug 2023 16:24:55 +0100 Subject: [PATCH 09/24] Rename is_psa_crypto -> in_psa_crypto_repo (For consistency with all.sh) Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index abb179010..46d476360 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -58,7 +58,7 @@ PSA_ARCH_TESTS_REF = 'fix-pr-5736' def main(library_build_dir: str): mbedtls_dir = os.getcwd() - is_psa_crypto = build_tree.looks_like_psa_crypto_root(mbedtls_dir) + in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(mbedtls_dir) if not os.path.exists(library_build_dir + '/library/libmbedcrypto.a'): subprocess.check_call([ @@ -86,14 +86,14 @@ def main(library_build_dir: str): os.mkdir(build_dir) os.chdir(build_dir) - if is_psa_crypto: + if in_psa_crypto_repo: crypto_lib_filename = \ library_build_dir + '/core/libpsacrypto.a' else: crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' extra_includes = (';{}/drivers/builtin/include'.format(mbedtls_dir) - if is_psa_crypto else '') + if in_psa_crypto_repo else '') #pylint: disable=bad-continuation subprocess.check_call([ From 2fde99962de3a092cc8d7bf2d78e6f216666fd09 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 09:48:39 +0100 Subject: [PATCH 10/24] Improve directory coverage in PSA repo detection Check for the 'drivers' and 'programs' directories additionally to the ones that are already there. Signed-off-by: David Horstmann --- scripts/mbedtls_dev/build_tree.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 864085748..b48a27711 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -22,7 +22,7 @@ import inspect def looks_like_psa_crypto_root(path: str) -> bool: """Whether the given directory looks like the root of the PSA Crypto source tree.""" return all(os.path.isdir(os.path.join(path, subdir)) - for subdir in ['include', 'core', 'tests']) + for subdir in ['include', 'core', 'drivers', 'programs', 'tests']) def looks_like_mbedtls_root(path: str) -> bool: """Whether the given directory looks like the root of the Mbed TLS source tree.""" From d02b5f8f564a39af2c6f98f313a28ac71513406f Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 09:53:52 +0100 Subject: [PATCH 11/24] Separate directory discernment into 2 functions Have separate in_mbedtls_repo() and in_psa_crypto_repo() functions Signed-off-by: David Horstmann --- tests/scripts/all.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 33bad3987..36a20b309 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -124,7 +124,11 @@ set -e -o pipefail -u shopt -s extglob in_mbedtls_repo () { - test ! -d core + test -d include -a -d library -a -d programs -a -d tests +} + +in_psa_crypto_repo () { + test -d include -a -d core -a -d drivers -a -d programs -a -d tests } pre_check_environment () { From 58cf7c6c38556d8780ae6bbf6f4baf5091634f30 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 10:15:05 +0100 Subject: [PATCH 12/24] Use repo detection functions at start of all.sh Signed-off-by: David Horstmann --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 36a20b309..b9ff1fb56 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -132,7 +132,7 @@ in_psa_crypto_repo () { } pre_check_environment () { - if [ \( -d library -o -d core \) -a -d include -a -d tests ]; then :; else + if in_mbedtls_repo || in_psa_crypto_repo; then :; else echo "Must be run from Mbed TLS root" >&2 exit 1 fi From 98af198a3043c616c490da70b1d0f3c157f029ba Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 10:25:26 +0100 Subject: [PATCH 13/24] Correctly detect presence of the built library Use the repo-specific test not just the Mbed TLS specific one. Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 46d476360..ea171cb01 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -60,7 +60,13 @@ def main(library_build_dir: str): in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(mbedtls_dir) - if not os.path.exists(library_build_dir + '/library/libmbedcrypto.a'): + if in_psa_crypto_repo: + crypto_lib_filename = \ + library_build_dir + '/core/libpsacrypto.a' + else: + crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' + + if not os.path.exists(crypto_lib_filename): subprocess.check_call([ 'cmake', '.', '-GUnix Makefiles', @@ -86,12 +92,6 @@ def main(library_build_dir: str): os.mkdir(build_dir) os.chdir(build_dir) - if in_psa_crypto_repo: - crypto_lib_filename = \ - library_build_dir + '/core/libpsacrypto.a' - else: - crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' - extra_includes = (';{}/drivers/builtin/include'.format(mbedtls_dir) if in_psa_crypto_repo else '') From f757069269e736e557ebbe065bdd81c0196dcc7c Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 10:27:13 +0100 Subject: [PATCH 14/24] Rename 'mbedtls_dir' -> 'root_dir' This makes it more repo-agnostic Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index ea171cb01..e34940f81 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -56,9 +56,9 @@ PSA_ARCH_TESTS_REF = 'fix-pr-5736' #pylint: disable=too-many-branches,too-many-statements,too-many-locals def main(library_build_dir: str): - mbedtls_dir = os.getcwd() + root_dir = os.getcwd() - in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(mbedtls_dir) + in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(root_dir) if in_psa_crypto_repo: crypto_lib_filename = \ @@ -92,7 +92,7 @@ def main(library_build_dir: str): os.mkdir(build_dir) os.chdir(build_dir) - extra_includes = (';{}/drivers/builtin/include'.format(mbedtls_dir) + extra_includes = (';{}/drivers/builtin/include'.format(root_dir) if in_psa_crypto_repo else '') #pylint: disable=bad-continuation @@ -102,9 +102,9 @@ def main(library_build_dir: str): '-DTARGET=tgt_dev_apis_stdc', '-DTOOLCHAIN=HOST_GCC', '-DSUITE=CRYPTO', - '-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(mbedtls_dir, + '-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(root_dir, crypto_lib_filename), - ('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(mbedtls_dir) + ('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(root_dir) ]) subprocess.check_call(['cmake', '--build', '.']) @@ -158,7 +158,7 @@ def main(library_build_dir: str): print('SUCCESS') return 0 finally: - os.chdir(mbedtls_dir) + os.chdir(root_dir) if __name__ == '__main__': # Default build directory From 3b8984af5c055e14292b48a21e4dd89e4b041740 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 10:32:26 +0100 Subject: [PATCH 15/24] Remove or qualify references to Mbed TLS Either remove exclusive references to Mbed TLS or accompany them with references to "PSA Crypto". Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index e34940f81..c31722392 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -1,10 +1,10 @@ #!/usr/bin/env python3 """Run the PSA Crypto API compliance test suite. Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF, -then compile and run the test suite. The clone is stored at /psa-arch-tests. -Known defects in either the test suite or mbedtls - identified by their test number - are ignored, -while unexpected failures AND successes are reported as errors, -to help keep the list of known defects as up to date as possible. +then compile and run the test suite. The clone is stored at /psa-arch-tests. +Known defects in either the test suite or mbedtls / psa-crypto - identified by their test +number - are ignored, while unexpected failures AND successes are reported as errors, to help +keep the list of known defects as up to date as possible. """ # Copyright The Mbed TLS Contributors @@ -33,7 +33,8 @@ import sys import scripts_path from mbedtls_dev import build_tree -# PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite) +# PSA Compliance tests we expect to fail due to known defects in Mbed TLS / PSA Crypto +# (or the test suite). # The test numbers correspond to the numbers used by the console output of the test suite. # Test number 2xx corresponds to the files in the folder # psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx @@ -162,11 +163,11 @@ def main(library_build_dir: str): if __name__ == '__main__': # Default build directory - library_build_dir = 'mbedtls_out_of_source_build' + library_build_dir = 'out_of_source_build' parser = argparse.ArgumentParser() parser.add_argument('--build-dir', nargs=1, - help='path to Mbed TLS build directory') + help='path to Mbed TLS / PSA Crypto build directory') args = parser.parse_args() if args.build_dir is not None: From 2ba89bece60aed72a1409fe59d1585367bcb4424 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 10:37:29 +0100 Subject: [PATCH 16/24] Disable pylint error in CMake command Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index c31722392..8102a88aa 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -68,6 +68,7 @@ def main(library_build_dir: str): crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' if not os.path.exists(crypto_lib_filename): + #pylint: disable=bad-continuation subprocess.check_call([ 'cmake', '.', '-GUnix Makefiles', From c69074dcf6415e0fa07c9f13302efb298a45d093 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 13:46:11 +0100 Subject: [PATCH 17/24] Tidy up reference to Mbed TLS in help message Signed-off-by: David Horstmann --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b9ff1fb56..0abbcf5c6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -133,7 +133,7 @@ in_psa_crypto_repo () { pre_check_environment () { if in_mbedtls_repo || in_psa_crypto_repo; then :; else - echo "Must be run from Mbed TLS root" >&2 + echo "Must be run from Mbed TLS / psa-crypto root" >&2 exit 1 fi } From beaee2604f2deb449c509e01c55033030022822c Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 13:56:17 +0100 Subject: [PATCH 18/24] Test PSA compliance: Build only the crypto target Use CMake's -t option to build only the crypto target. Parameterize the crypto target to have the right name depending on whether this is Mbed TLS or PSA Crypto. Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 8102a88aa..4ba98dceb 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -62,10 +62,15 @@ def main(library_build_dir: str): in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(root_dir) if in_psa_crypto_repo: - crypto_lib_filename = \ - library_build_dir + '/core/libpsacrypto.a' + crypto_name = 'psacrypto' + library_subdir = 'core' else: - crypto_lib_filename = library_build_dir + '/library/libmbedcrypto.a' + crypto_name = 'mbedcrypto' + library_subdir = 'library' + + crypto_lib_filename = (library_build_dir + '/' + + library_subdir + '/' + + 'lib' + crypto_name + '.a') if not os.path.exists(crypto_lib_filename): #pylint: disable=bad-continuation @@ -74,7 +79,8 @@ def main(library_build_dir: str): '-GUnix Makefiles', '-B', library_build_dir ]) - subprocess.check_call(['cmake', '--build', library_build_dir]) + subprocess.check_call(['cmake', '--build', library_build_dir, + '-t', crypto_name]) psa_arch_tests_dir = 'psa-arch-tests' os.makedirs(psa_arch_tests_dir, exist_ok=True) From b48822c8165a80a456b2afa9fa242c4c1ebc7e77 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 14:12:53 +0100 Subject: [PATCH 19/24] Appease pylint by renaming variables Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 4ba98dceb..5df479df6 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -169,8 +169,7 @@ def main(library_build_dir: str): os.chdir(root_dir) if __name__ == '__main__': - # Default build directory - library_build_dir = 'out_of_source_build' + BUILD_DIR = 'out_of_source_build' parser = argparse.ArgumentParser() parser.add_argument('--build-dir', nargs=1, @@ -178,6 +177,6 @@ if __name__ == '__main__': args = parser.parse_args() if args.build_dir is not None: - library_build_dir = args.build_dir[0] + BUILD_DIR = args.build_dir[0] - sys.exit(main(library_build_dir)) + sys.exit(main(BUILD_DIR)) From 41c316d3b235b957dae0684ac7b60c421fac0a7b Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 14:57:23 +0100 Subject: [PATCH 20/24] Move -B switch into a single argument This will prevent CMake from mistaking the build directory for the source directory Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 5df479df6..4008a5cd9 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -77,7 +77,7 @@ def main(library_build_dir: str): subprocess.check_call([ 'cmake', '.', '-GUnix Makefiles', - '-B', library_build_dir + '-B' + library_build_dir ]) subprocess.check_call(['cmake', '--build', library_build_dir, '-t', crypto_name]) From fd9264e65b61cd814388a6328828052e7cf595cf Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 16:21:15 +0100 Subject: [PATCH 21/24] Fix pylint errors Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 4008a5cd9..a43428e87 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -125,8 +125,11 @@ def main(library_build_dir: str): ) test = -1 unexpected_successes = set(EXPECTED_FAILURES) - expected_failures = [] - unexpected_failures = [] + expected_failures = [] # type: List[int] + unexpected_failures = [] # type: List[int] + if proc.stdout is None: + return 1 + for line in proc.stdout: print(line, end='') match = test_re.match(line) From 9cc6b2f446cf789c9e7ff14da417482c456e0fcb Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 17:36:35 +0100 Subject: [PATCH 22/24] Add missing import in test_psa_compliance.py Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index a43428e87..53349b386 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -28,6 +28,7 @@ import re import shutil import subprocess import sys +from typing import List #pylint: disable=unused-import import scripts_path From 3ed1871920b07450e47376386218e25b21c3c790 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 29 Aug 2023 18:20:01 +0100 Subject: [PATCH 23/24] Disable pylint error for non-uppercase names Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 53349b386..47caa05da 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -175,6 +175,7 @@ def main(library_build_dir: str): if __name__ == '__main__': BUILD_DIR = 'out_of_source_build' + # pylint: disable=invalid-name parser = argparse.ArgumentParser() parser.add_argument('--build-dir', nargs=1, help='path to Mbed TLS / PSA Crypto build directory') From 8f3ec8ec9de9ebcca2781e3923f7a103f4169eee Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 30 Aug 2023 09:46:20 +0100 Subject: [PATCH 24/24] Use '--target' instead of shortened '-t' This enables compatibility with older versions of CMake that do not have the abbreviated switch. Signed-off-by: David Horstmann --- tests/scripts/test_psa_compliance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 47caa05da..359043620 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -81,7 +81,7 @@ def main(library_build_dir: str): '-B' + library_build_dir ]) subprocess.check_call(['cmake', '--build', library_build_dir, - '-t', crypto_name]) + '--target', crypto_name]) psa_arch_tests_dir = 'psa-arch-tests' os.makedirs(psa_arch_tests_dir, exist_ok=True)