Make cf_hmac() STATIC_TESTABLE

The test function now depends on MBEDTLS_TEST_HOOKS, which is enabled by config.py full, and since there are already components in all.sh exercising the full config, this test function is sill exercised even with this new dependency. Since this is the first time a test function depends on MBEDTLS_TEST_HOOKS, fix a bug in check-names.sh that wasn't apparent so far: headers from library/*.h were not considered when looking for macro definitions. This became apparent because MBEDTLS_STATIC_TESTABLE is defined in library/common.h and started being used in library/ssl_msg.c, so was flagged as a likely typo. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-07-09 09:52:17 +02:00 · 2020-07-09 09:52:17 +02:00 · 65a6fa3e26
commit 65a6fa3e26
parent 8aa29e382f
5 changed files with 7 additions and 4 deletions
--- a/library/ssl_invasive.h
+++ b/library/ssl_invasive.h
@ -31,7 +31,8 @@
 #include "common.h"
 #include "mbedtls/md.h"

-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
+#if defined(MBEDTLS_TEST_HOOKS) &&              \
+    defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
    ( defined(MBEDTLS_SSL_PROTO_TLS1) ||        \
      defined(MBEDTLS_SSL_PROTO_TLS1_1) |       \
      defined(MBEDTLS_SSL_PROTO_TLS1_2) )
@ -73,6 +74,6 @@ int mbedtls_ssl_cf_hmac(
        const unsigned char *data, size_t data_len_secret,
        size_t min_data_len, size_t max_data_len,
        unsigned char *output );
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC && TLS 1.0-1.2 */
+#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_SSL_SOME_SUITES_USE_CBC && TLS 1.0-1.2 */

 #endif /* MBEDTLS_SSL_INVASIVE_H */
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -1073,7 +1073,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
 /*
 * Compute HMAC of variable-length data with constant flow.
 */
-int mbedtls_ssl_cf_hmac(
+MBEDTLS_STATIC_TESTABLE int mbedtls_ssl_cf_hmac(
        mbedtls_md_context_t *ctx,
        const unsigned char *add_data, size_t add_data_len,
        const unsigned char *data, size_t data_len_secret,
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@ -98,6 +98,7 @@ done
 printf "Likely typos: "
 sort -u actual-macros enum-consts > _caps
 HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS="$HEADERS library/*.h"
 HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
 LIBRARY="$( ls library/*.c )"
 LIBRARY="$LIBRARY 3rdparty/everest/library/everest.c 3rdparty/everest/library/x25519.c"
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@ -25,6 +25,7 @@ if [ -d include/mbedtls ]; then :; else
 fi

 HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS="$HEADERS library/*.h"
 HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"

 sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@ -4053,7 +4053,7 @@ void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation,
 }
 /* END_CASE */

-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */
+/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_TEST_HOOKS */
 void ssl_cf_hmac( int hash )
 {
    /*