Don't use an all.sh component because there isn't one that does what we
want (modern Clang with ASan, and test everything).
* We need to set CC explicitly or tweak PATH, because clang in $PATH on
Travis focal instances is Clang 7 which is too old (we want Clang 10).
* Travis lacks the array of versions of openssl and gnutls that we normally
use for testing, so we need to exclude some tests (or build our
own multiple versions of openssl and gnutls).
The SSL test exclusions are ad hoc and based on what currently works.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
OpenSSL may be configured to support features such as cipher suites or
protocol versions that are disabled by default. Enable them all: we're
testing, we don't care about enabling insecure stuff. This is not needed
with the builds of OpenSSL that we're currently using on the Jenkins CI, but
it's needed with more recent versions such as typically found on developer
machines, and with future CI additions.
The syntax to do that was only introduced in OpenSSL 1.1.0; fortunately we
don't need to do anything special with earlier versions.
With OpenSSL 1.1.1f on Ubuntu 20.04, this allows SHA-1 in certificates,
which is still needed for a few test cases in ssl-opt.sh. Curiously, this is
also needed for the cipher suite TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 (and
no other, including other DHE-PSK or ARIA cipher suites).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Having multiple definitions was cumbersome, and meant we might forget the
definition when adding an inline definition to a file that didn't have one
before (as I did when I added an inline definition in common.h).
Resolves#6649.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Eventually we want it to be enabled by default
when TLS 1.3 is enabled but currently the
feature is on development thus it should not be
enabled by default.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Normally we need all the combinations, unique combinations make sense
only if the operation is commutative.
No changes to generated tests.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Remove old dataset that was overriding the defaults in bignum_core. This
will change the datasets for core_sub and core_add to the default
inherited from bignum_common.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add data for small values, 192 bit and 1024 bit values, primes,
non-primes odd, even, and some typical corner cases.
All subclasses override this for the time being so there are no changes
to the test cases.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The goal of this commit is to add some constants that can be used to
define datasets and add test data in a more readable and reusable
manner.
All platforms using ECC need to support calculations with at least 192
bits, therefore constants for this length are added. We are not using a
curve prime as those will be tested elsewhere and it is better not to
play favourites.
All platforms using RSA or FFDH need to support calculations with at
least 1024 bits, therefore numbers of this size are added too.
A safe prime is added for both sizes as it makes all elements generators
(except 0 and 1 of course), which in turn makes some tests more
effective.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Only fixed width input_style uses the default value of the bits_in_limb
parameter, so set it to 32 in order to have less leading zeroes.
Signed-off-by: Janos Follath <janos.follath@arm.com>
There are no intended changes to generated tests. (The ordering of tests
in the mod_raw module has changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The special case list type depends on the arity and the subclass. Remove
type restriction to make defining special case lists more flexible and natural.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Sometimes we don't want all possible combinations of the input data and
sometimes not all combinations make sense. We are adding a convenient
way to decide on a case by case basis. Now child classes only need to
implement the is_valid method and the invalid cases will be filtered out
automatically.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Having int_ variants as an attribute has the advantage of the input
being validated when the object is instantiated. In theory otherwise if
a particular int_ attribute is not accessed, then the invalid argument
is passed to the tests as it is. (This would in all likelihood detected
by the actual test cases, still, it is more robust like this.)
There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
Before arg_ attributes were the arguments as they were defined in the
python script. Turning these into properties and having them take the
form respect the style set in input_style makes the class easier to use
and more consistent.
This change makes the hex_ properties redundant and therefore they are
removed.
There are no semantic changes to the generated test cases. (The order
of appearance of 64 and 32 bit mpi_core_add_and_add_if test cases has
changed.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
The ArchSplit functionality was duplicated and moved to OperationCommon
from the other copy. The remnants of the functionality is moved to the
only subclass using this.
There is no semantic change to the generated tests. The order has
changed however: core_add tests have been moved before core_mla tests
and the order of the 64 and 32 bit versions have been swapped.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The functionality of ModOperationCommonArchSplit is needed in several
subclasses, therefore moving it to a superclass.
There is another, redundant ArchSplit class, which will be removed in a
later commit.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BignumModRawOperationArchSplit has functionality that are
needed in other modules, therefore moving it to bignum_common.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The class BignumModRawOperation implements functionality that are needed
in other modules, therefore we move it to common.
No intended changes to test cases. The order of add_and_add_if and sub tests
have been switched.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We need arch split tests in different modules, moving it to the common
module makes it reusable.
No intended changes in the generated tests. (The position of the
core_add_if tests changed, but they are still all there.)
Signed-off-by: Janos Follath <janos.follath@arm.com>