Commit graph

15854 commits

Author SHA1 Message Date
Bence Szépkúti
7c18550383 Remove object file in finally
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
46d894925d Move object file handling out of create_c_file()
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
0671dd3107 Add notice of caching whether the compiler is MSVC
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
24c29fe7c3 Clean up object files produced by MSVC
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
fa6bf1e588 Detect MSVC without relying on compiler filename
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
b32966dd92 In update mode, create the files if they don't exist
`check-generated-files -u` aborted if one of the generated files
didn't exist. Now it treats a missing file as an out-of-date file.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
e151e21ae3 Explicitly use UTF-8 in assemble_changelog
Changelog contents should be UTF-8 text files. So explicitly open all files as
UTF-8. This makes the script independent of the ambient locale (except with
respect to exception messages, but we can live with that).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
7261fff37b Switch assemble_changelog to using text strings
Changelog contents should be UTF-8 text files. There's no need to be
binary-safe. So switch to using text strings in Python (str, not bytes). This
commit makes the following changes:
* Bytes literals (b'…') to string literals ('…').
* Subprocess output (which is all git information) is decoded as ascii.
* Inject text directly in exceptions rather than calling a decode method.

This is enough to make the script work as desired in a UTF-8 locale.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
383339c1f1 Changelog entry for the requirement to generate source files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
d05a588f19 Document how to build the generated source files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
3bd51b0bb1 Improve MSVC detection
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
9e84ec7711 Always use posix semantics when joining paths
The backslashes were causing issues with Makefile rules.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
cabae3d29e Specify output name for MSVC as well
The output file was being created in the working directory, instead of
the temp directory.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
d2968bd122 Explicitly specify exit code for "exit /b"
"exit /b" without an explicit exit value doesn't copy the value of the
last command executed, causing issues on Jenkins.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
9d1edb6224 If $CC looks like MSVC, use a compatible command line syntax
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
a4d3273fc7 Accept Windows line endings on inputs on any platform
Accept Windows line endings in input files on any platform. This makes
the scripts work even when running a Unix perl with a source tree that
has Windows line endings, as happens for example on our Travis Windows
instances. This change is harmless in the common case where the input
has the platform's default line endings.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
6e245c6e95 Simplify line ending management and make it work on Windows
Instead of manipulating CR explicitly to cope with CRLF (Windows) line
endings in input and produce output with CRLF line endings, just
convert files from/to CRLF line endings when reading/writing.

The minimum required Perl version remains 5.8, since this both the
version that introduced Digest::MD5 (which was used before this patch)
and the version that introduced open "<:crlf" (which this patch
introduces).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
b0fa9d209d Don't require make to generate visualc files
Don't run `make list` to obtain the list of programs in
generate_visualc_files.pl. This doesn't work on Windows when a `make`
command is not available. Instead, read the makefile.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
1411c7c0d6 Don't make configuration-independent files depend on config.h
Don't regenerate configuration-independent files when config.h or
crypto_config.h changes. These files only depend on the set of symbols
present in the headers and not on which symbols are enabled. To avoid
rebuilding the generated files whenever the configuration changes,
don't declare the configuration as a dependency.

In the rare event that a maintainer makes an edit to *config.h that
affects the generated files, they'll have to remove the generated files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
de7f1e0bc4 Generate source files before doing builds on Travis
On Linux, all.sh takes care of it. On Windows, run
make_generated_files.bat.

Perl is now required on Windows.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
0da63bec88 Script to generate source files on Windows
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
1570b59bcc Generate source files before running any components
Now that generated source files are no longer checked in version
control, they must be generated before running any tests.

Do not check the generated files for freshness: it's no longer relevant.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
76c5185dcd Move VS2010 Git ignore list to the VS2010 directory
The main benefit is that this ensures that the directory always exists in a
Git checkout. This way the maintenance scripts don't have to worry about the
case where the directory doesn't exist.

Also it unclutters `/.gitignore`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
b5e08637ad Ignore generated source files that are no longer checked in
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Mateusz Starzyk
1af28f9b47 Fix SHA224 documentation in default config.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-20 10:36:15 +02:00
Manuel Pégourié-Gonnard
729fa5be88
Merge pull request #4450 from mstarzyk-mobica/remove_null_entropy
Remove MBEDTLS_TEST_NULL_ENTROPY config option.
2021-05-20 09:19:55 +02:00
Gilles Peskine
1905a24488 Fix missing compilation guard around psa_crypto_driver_wrappers.c
Fix #4411.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-19 21:06:01 +02:00
Shawn Carey
03092f5821 avoid -Wmaybe-uninitialized when buiding with gcc11
Signed-off-by: Shawn Carey <shawn.carey@netfoundry.io>
2021-05-19 11:39:02 -04:00
Shawn Carey
aa13e93941 avoid "maybe-uninitialized" and "free-nonheap-object" errors/warnings with gcc11
Signed-off-by: Shawn Carey <shawn.carey@netfoundry.io>
2021-05-19 11:31:37 -04:00
Mateusz Starzyk
2396b21f80 Provide more in-depth migration guide after removal of null entropy.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 16:35:51 +02:00
Mateusz Starzyk
c6d94aba50 Fix remaining SHA384 dependencies and ifdef blocks.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 16:23:47 +02:00
Manuel Pégourié-Gonnard
2213871654
Merge pull request #4489 from TRodziewicz/Remove__SSL_RECORD_CHECKING
Remove  ssl record checking
2021-05-19 13:57:51 +02:00
Mateusz Starzyk
44085de5f7 Add migration guide for SHA384 and SHA224 options.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 13:22:53 +02:00
Dave Rodgman
9cf91affa2
Merge pull request #4536 from daverodgman/padlock-docs-fix
Fix docs for mbedtls_padlock_has_support
2021-05-19 12:12:14 +01:00
Ronald Cron
0e3ec27598
Merge pull request #4506 from gilles-peskine-arm/array-parameters-to-pointers-sha512
Change sha256 and sha512 output type from an array to a pointer
2021-05-19 12:37:17 +02:00
Mateusz Starzyk
d9a4c73c99 Add changelog entries for MBEDTLS_SHA224_C and MBEDTLS_SHA384_C.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 12:36:24 +02:00
Gilles Peskine
af5b26aeaa Fix parameter names in documentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-19 12:24:33 +02:00
Gilles Peskine
fe561fe717 Doxygen: use \p for parameter names
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-19 12:21:53 +02:00
Gilles Peskine
f09a66dd78
Merge pull request #4526 from gilles-peskine-arm/pr_4510-changelog
Add changelog entry for #4510
2021-05-19 11:58:03 +02:00
Mateusz Starzyk
86ead6aba3 Add changelog entries for SHA1 and SHA384 ciphersuites bugfixes.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:56:06 +02:00
Mateusz Starzyk
9d2d6c9ea0 Clarfiy SHA224 and SHA256 documentation
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:48:52 +02:00
Mateusz Starzyk
c722ebb7d9 Update SHA-224 documentation.
Rephrase config.h documentation and add a note to template
configs.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:02 +02:00
Mateusz Starzyk
6848537eab Remove obsolete config requirements for SHA384 in ssl-opt.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:01 +02:00
Mateusz Starzyk
a309e0ec07 Remove redundant SHA384 if defined block.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:01 +02:00
Mateusz Starzyk
3ea8e2d5ad Restore alphabetical order of SHA definitions
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:01 +02:00
Mateusz Starzyk
4228f895c0 Merge branch 'development' into convert_NO_SHA384_to_positive
Conflicts:
* configs/config-psa-crypto.h: modified here, removed in development
* tests/suites/test_suite_x509parse.data: all conflicts are in depends_on
  lines where development made a change unrelated to MBEDTLS_SHAxxx and our
  branch either changed `MBEDTLS_SHA256_C` to `MBEDTLS_SHA224_C` or
  `MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384` to ``MBEDTLS_SHA384_C`, with
  no change to what the test does. Pick the other branch's dependency
  changes then apply our SHA dpeendency change.
2021-05-19 11:37:49 +02:00
Gilles Peskine
b7bb0687f7 Rework and reword the guarantees on output_size
To simplify the documentation, and because there are only two realistic
behaviors in practice, only allow two behaviors for multipart output:
immediate output, or buffering of the last partial block.

State some simple rules that applications can follow if they don't care about
the details.

Explicitly state how much output is needed for finish(). Only require the
buffer size to be the size of the actual output, not the size of the potential
output in the worst case. Rename the parameter from output_len to output_size
since it's a buffer size and not necessarily the length of the data.

No longer guarantee that the built-in implementation produces immediate
output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-18 23:15:40 +02:00
Gilles Peskine
d9380b5270 Document reasons for MBEDTLS_ERR_GCM_BAD_INPUT in update and finish
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-18 21:02:52 +02:00
Gilles Peskine
8e8cdd150a Add some information about the multipart calling sequence
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-18 21:02:13 +02:00
Gilles Peskine
518fdb00e8 Fix size/length confusion in documentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-18 20:43:31 +02:00