Set the build type to Release (-O2) when running CPU-intensive tests (ssl-opt,
or unit tests with debug features). A build type of Check (-Os) would be best
when the main objective of the build is to check for build errors or warnings
and there aren't many tests to run; in this commit there are no such test
cases to change. Only use cmake with no build type (which results in not
passing a -O option, and thus missing some GCC warnings) when exercising cmake
features.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use Release mode (-O2) for component_test_full_cmake_clang which runs SSL
tests.
To have some coverage with Check mode (which enables more compiler warnings
but compiles with -Os), change a few other builds that only run unit tests
at most to Check mode.
Don't add any new builds, to keep the total build volume down. We don't need
extensive coverage of all combinations, just a reasonable set.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
SSL testing benefits from faster executables, so use -O2 rather than -O1.
Some builds use -O1, but that's intended for jobs that only run unit tests,
where the build takes longer than the tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't default to unbridled -j, which causes a load spike and isn't really
faster.
"Number of CPUs" is implemented here as a reasonable compromise between
portability, correctness and simplicity. This is just a default that can be
overridden by setting MAKEFLAGS in the environment.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When not using DEBUG_C, but using the DTLS CID feature -
a null pointer was accessed in ssl_tls.c.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Don't try to enumerate excluded files. List included files, and remove names
from the list if they match an excluded-file pattern.
This resolves the problem that the script could get into an infinite loop
due to the use of recursive globbing. Unfortunately, Python's recursive
globs follows symbolic links to directories, which leads to an infinite loop
if a symbolic link points to an ancestor of the directory that contains it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
To facilitate maintenance and to make it easier to reproduce all.sh builds
manually, remove the long, repeated list of -D options from
component_test_psa_crypto_config_basic and component_test_psa_crypto_drivers
and put it in a header file instead.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When building with make, `make test` runs `run-test-suites.pl` which has a
verbose mode that reports the failing test cases, but it didn't provide a
way to enable this verbose mode. With the present commit, you can run `make
test TEST_FLAGS=-v` to use verbose mode.
Base the default for verbose mode on the same environment variable that
`make test` uses when building with CMake: default off, but enabled if
`CTEST_OUTPUT_ON_FAILURE` is true. In particular, verbose mode will now be
on when building from `all.sh`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The list was trimmed previously according to code coverage, however
this did not really evalute all test cases, e.g in the case of re.sub
or m_cipher.replace. These lines are executed no matter what, so code
coverage is not suitable.
I have gone through each step in the translate functions and made sure
there is at least one ciphersuite per step
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
Having a list of every ciphersuite suggests that it should be maintained with
any new ciphersuites that are added in the future. This in turn almost defeats
the purpose of having translation functions to begin with
Instead, the unit test now only test a much smaller subset of ciphersuite names
that exercise each stage in the OpenSSL and GnuTLS translate functions.
In the future, if a new cipersuite is added that requires an extra stage in
translation, then that cipher can be added to the test suite, otherwise it
should not be necessary.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
As test_translate_ciphers_format.sh was made as a testing ground before
utilising translate_ciphers.py in compat.sh, once it was translated to
python code - as a unit test, it became redundant.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
Rather than having the tests seperated into different files, they were integrated
into translate_ciphers.py and can be run from root using:
`python -m unittest tests/scripts/translate_ciphers.py`
test_translate_ciphers_format.sh was originally made as a testing ground before
having the translation tool being implmented into compat.sh. Translating it to
python code makes it redundant and therefore it will be removed.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
test_translate_ciphers_names.py
- Combined m, o and g ciphers all into one a single list of tuples to
avoid needing to rely on indexes
test_translate_ciphers_format.sh
- Removed redundant test
- Added return errors
compat.sh
- Improved how translate_ciphers.py is called
translate_ciphers.py
- Improve regex and translation to be more intutive and efficient
- change how arguments are taken and handelled to be more reliable
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
To run test_translate_ciphers_names.py and _format.sh in the CI, include
it in all.sh component_check_generate_test_code.
Rename check_generate_test_code to check_test_helpers
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
After improving coding style, pylint suggeted using enumerate but
zip is more appropriate to avoid indexing
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
As per check-python-files.sh, added string documentation for
files and functions.
Modified for loops to use enumerate rather than range(len(
although as the same iteration index is used for multiple
lists it does not seem quite appropriate
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
In build_arm_none_eabi_gcc_m0plus, use baremetal_size instead of baremetal
as the configuration, i.e. exclude debugging features. This job is the only
one switching to baremetal_size because it's our primary point of reference
for code size evolution, and which is the only job where we display the code
size built with -Os so it's presumably the only job for which we really care
about a meaningful code size report.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
- Problem() is a parent abstract class that should only be used for
subclassing.
- With the help of ABC, implement abstract methods that force
subclasses to implement quiet and verbose outputs.
- The repeated logic of "if self.quiet" is consolidated in Problem.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
This reverts a previous change where line_no was removed and put into
a triple tuple. It was discovered that re.Match.span() conveniently
returns (start, end), so separating line_no again makes the code cleaner.
The legibility of the code heavily outweighs the issues pointed out by
Pylint (hence disabled).
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
The try/catch was used to catch Exceptions and exit with code 1,
a legacy from check_names.py which uses the pattern to exit with
code 2. But code 1 is the default for the Python runtime anyway,
so it is redundant and can be removed.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
- Instead of os.path.join, use glob patterns (supports Windows too)
- Instead of creating the lists beforehand (which adds messiness), pass glob
expessions to functions and let them memoise it.
- Add support for excluding based on glob patterns, which isn't used now but
could come in handy.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
This is the equivalent of `list-identifiers.sh --internal`, which is
useful for generating an exclusion file for ABI/API checking.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
glob is more flexible and simplifies the function arguments drastically.
It is also much more intuitive to extend in the future when the filepaths
need to be extended or changed.
setup_logger had to be called as the first thing after instantiation, so
this commit simplify makes it automatic.
Several clarification comments are added too.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
This is necessary to import check_names from other scripts, which
will inevitably happen in the next few commits to implement the equivalent
of `list-identifiers.sh --internal`.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
- Add documentation to all classes and functions that were
not self-explanatory.
- Fix the parsing of identifiers, so it now behaves identically
to the original shell script. Detects the same amount of identifiers.
- Fix macro parsing so MBEDTLS_PSA_ACCEL didn't error out
- Reformat output to be comprehensible
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
Otherwise $COMMAND_LINE_COMPONENTS would try to expand wildcard patterns
based on files in the current directory.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Was getting errors like:
In file included from /usr/include/limits.h:25:0,
from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:168,
from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/syslimits.h:7,
from /usr/lib/gcc-cross/arm-linux-gnueabi/5/include-fixed/limits.h:34,
from ../include/mbedtls/check_config.h:30,
from ../include/mbedtls/build_info.h:81,
from common.h:26,
from asn1write.c:20:
/usr/include/features.h:367:25: fatal error: sys/cdefs.h: No such file or directory
There are two packages to choose from: armhf or armel. Since the comment
in all.sh says we're trying to be close to Debian's "armel"
architecture, choose that, and fix a comment that was mentioning
gnueabihf for no apparent reason.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Currently it can't be mandatory, since we can't install the required toolchain
on Jenkins right away.
Also, while at it, remove `SHELL='sh -x'` from the other arm5vte component; it
was a leftover from debugging.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Have simpler patterns related to 'test' (the central objective being to keep
going if 'make test' or 'tests/...' fails, but not if 'make tests' fails).
Add 'cd' as a can't-keep-going command.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Count invocations from 1 to n instead of n to 1.
Explain how changing the loop variable would cause an error if the function
was not executed in a subshell.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The previous implementation was hard to understand and could in principle
fail to notice if there was a test case failure and the writing of the
line "Note: $TOTAL_FAIL failures." failed. KISS.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Save the "Test Report Summary" to a file. This can help both CI scripts and
human readers who want the summary after the fact without having to copy the
console output.
Take care to exit with a nonzero status if there is a failure while
generating the test report summary.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
all.sh restores **/Makefile from git in case the version in the worktree was
from doing a cmake in-tree build. Instead of doing this unconditionally, do
it only if the toplevel Makefile seems to have been automatically
generated (by cmake or otherwise, e.g. by mbedtls-prepare-build). This way
all.sh no longer silently wipes changes made to Makefile but not committed yet.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Back up the config files at the beginning of all.sh, rather than before each
component. In particular, create the backup before running cleanup for the
first time. This fixes#3139 (all.sh using a config.h.bak from a previous
job), and makes all.sh more robust against accidentally using a modified
config.h midway through because a component messed with the backup.
Use a different extension (*.all.bak rather than *.bak) for the backups.
This is necessary to ensure that auxiliary scripts such as depends*.pl that
make their own backup don't remove all.sh's backup, which the code from this
commit does not support.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Generate programs/test/cpp_dummy_build.cpp dynamically instead of
maintaining it manually. This removes the need to update it when the list of
headers changes.
Include all the headers unconditionally except for the ones that cannot be
included directly.
Support this dynamic generation both with make and with cmake.
Adapt all.sh accordingly. Remove the redundant C build from
component_build_default_make_gcc_and_cxx (it was also done in
component_test_default_out_of_box), leaving a component_test_make_cxx. Also
run the C++ program, because why not. Do this in the full configuration
which may catch a bit more problems in headers.
Fixes#2570 for good.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
redirect_out was no longer used and redirect_err was only used to
quiet dd. Change the dd invocation to only print diagnostics on
error (on platforms where this is possible).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is necessary to actually keep going and finish the
component-specific cleanup in component_test_cmake_out_of_source if
ssl-opt.err is non-empty.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In all.sh, when an explicit list of components is specified, error out
if one of the components is not known or not supported. Patterns that
happen to match zero components are still effectively ignored.
Fix#2783
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the `not` function, in keep-going mode, arrange to report the
failing command (rather than `"$@"`).
Note that the `!` keyword should not be used, because failures with
`!` are not reported properly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Remove the obsolete functions record_status and if_build_succeeded.
They didn't affect error detection, but they made error reporting
worse since $BASH_COMMAND would be the unexpanded "$@".
Keep the function definitions for the sake of pull requests using them
that may still be in flight.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Remove ssl-opt.err even if it's empty.
Call cat unconditionally: it'll have no visible effect if the file is
empty.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit completely rewrites keep-going mode. Instead of relying
solely on "set -e", which has some subtle limitations (such as being
off anywhere inside a conditional), use an ERR trap to record errors.
Run each component in a subshell. This way a component can set
environment variables, change the current directory, etc., without
affecting other components.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This will let us use bash features that are not found in some other sh
implementations, such as DEBUG and ERR traps, "set -o pipefail", etc.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Restore the optimization done in
HEAD^{/Speed up the generation of storage format test cases}
which was lost during refactoring made when adding support for
implicit usage flags.
There are still more than one call to the C compiler, but the extra
calls are only for some key usage test cases.
This is an internal refactoring. This commit does not change the
output of generate_psa_tests.py
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It is enough only one test case for a key type, algorithm pair when
testing the implicit usage flags.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Add test cases validating that if a stored key only had the hash policy,
then after loading it psa_get_key_attributes reports that it also has the
message policy, and the key can be used with message functions.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Remove late binding of iterators to enable the creation of an object
with an actual state of a variable.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Test keys with various persistence levels, enumerated from the
metadata tests.
For read-only keys, do not attempt to create or destroy the key
through the API, only to read a key that has been injected into
storage directly through filesystem access.
Do not test keys with a non-default location, since they require a
driver and we do not yet have a dependency mechanism to require the
presence of a driver for a specific location value.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It was used to remove the code used when mbedtls_ecp_mul() received a
NULL RNG parameter. This code is no longer relevant (as the RNG may no
longer be NULL) and will be unconditionally removed in the next commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
It would be possible to make SSL debugging compatible with MBEDTLS_DHM_ALT,
but too much low-priority work right now, so don't require it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
... unless the alt implementation defines a group structure that's mostly
compatible with the built-in one and supports partially filled group
structures in the same way.
It would be possible to rewrite the SpecifiedECDomain parsing code to avoid
requiring support for partially filled group structures, but that's too
complicated to do now.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use headers defining dummy context types.
The test does not pass yet. I plan to fix this in subsequent commits.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This change enables automatic detection and consumption of Mbed TLS
library targets from within other CMake projects. By generating an
`MbedTLSConfig.cmake` file, consuming projects receive a more complete
view of these targets, allowing them to be used as dependencies which
properly inherit the transitive dependencies of the libraries.
This is fairly fragile, as it seems Mbed TLS's libraries do not appear
to properly model their dependencies on other targets, including
third-party dependencies. It is, however, sufficient for building and
linking the compiled Mbed TLS libraries when there are no third-party
dependencies involved. Further work is needed for more complex
use-cases, but this will likely meet the needs of most projects.
Resolves#298. Probably useful for #2857.
Signed-off-by: Chris Kay <chris.kay@arm.com>
Commit removes the definition of
MBEDTLS_ECDH_LEGACY_CONTEXT from config.h.
Additionally removes the unset calls to
MBEDTLS_ECDH_LEGACY_CONTEXT in all.sh.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Remove tests related to NULL pointers,
keep tests related to invalid enum values.
Remove test code related to MBEDTLS_CHECK_PARAMS.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
The call to `tests/scripts/generate_psa_tests.py` added by the commit
"generate_psa_tests.py: allow generating each file independently"
assumed that the `check` function supports multiple file names, but in
fact it does not do so. When `generate_psa_tests.py` started generating
more than one file, `check-generated-files.sh` did not detect changes to
files other than the first one listed by `generate_psa_tests.py --list`.
Fix this: change `check` to support either a single directory (with
detection of added/removed files) or a list of files (which is assumed
to be static).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In macro_collector.py, base InputsForTest on PSAMacroEnumerator rather
than PSAMacroCollector. It didn't make much sense to use
PSAMacroCollector anymore since InputsForTest didn't use anything
other than the constructor.
psa_generate_tests now generates arguments for more macros.
In particular, it now collects macro arguments from
test_suite_psa_crypto_metadata. Algorithms with parameters are now
supported.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
First build a list of all keys, then construct all the corresponding
test cases. This allows all required information to be obtained in
one go, which is a significant performance gain as the information
includes numerical values obtained by compiling a C program.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In generate_psa_tests, use InputsForTest rather than PSAMacroCollector
to gather values. This way, the enumeration of values to test includes
values used in metadata tests in addition to constructors parsed from
header files. This allows greater coverage of values built from
constructors with arguments. This doesn't make a difference yet, but
it will once algorithm constructors with arguments are supported in
generate_psa_tests.
Make the injection of numerical values optional. They are useful for
test_psa_constant_names, so keep them there. Don't use them for
not-supported tests: they might make sense, but the current code
wouldn't work since it doesn't know how to make up fake key material
or what dependencies to generate. Don't use them for storage tests:
they only make sense for supported values.
Don't inject 'PSA_SUCCESS': that's superfluous.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
On space-constrained platforms, it is a useful configuration to be able
to import/export and perform RSA key pair operations, but to exclude RSA
key generation, potentially saving flash space. It is not possible to
express this with the PSA_WANT_ configuration system at the present
time. However, in previous versions of Mbed TLS (v2.24.0 and earlier) it
was possible to configure a software PSA implementation which was
capable of making RSA signatures but not capable of generating RSA keys.
To do this, one unset MBEDTLS_GENPRIME.
Since the addition of MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR, this
expressivity was lost. Expressing that you wanted to work with RSA key
pairs forced you to include the ability to generate key pairs as well.
Change psa_crypto_rsa.c to only call mbedtls_rsa_gen_key() if
MBEDTLS_GENPRIME is also set. This restores the configuration behavior
present in Mbed TLS v2.24.0 and earlier versions.
It left as a future exercise to add the ability to PSA to be able to
express a desire for a software or accelerator configuration that
includes RSA key pair operations, like signature, but excludes key pair
generation.
Without this change, linker errors will occur when attempts to call,
which doesn't exist when MBEDTLS_GENPRIME is unset.
psa_crypto_rsa.c.obj: in function `rsa_generate_key':
psa_crypto_rsa.c:320: undefined reference to `mbedtls_rsa_gen_key'
Fixes#4512
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Conflicts:
library/version_features.c
programs/test/query_config.c
Files were removed in development branch and modified by current branch.
Conflicts fixes by removing them.
Re-create a component check_generated_files. Unlike the old one, which checked
that the generated files were up-to-date, the job of the new one is to check
that tests/scripts/check-generated-files.sh works (at least to the extent of
not errorring out).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Ensure that the .c files that generate_visualc_files.pl enumerates are present
before it runs. Otherwise, depending on the order in which make builds
targets, running `make generated_files` from a fresh checkout could end up
missing `library/error.c` and `library/version_features.c`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
`check-generated-files -u` aborted if one of the generated files
didn't exist. Now it treats a missing file as an out-of-date file.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that generated source files are no longer checked in version
control, they must be generated before running any tests.
Do not check the generated files for freshness: it's no longer relevant.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Conflicts:
* configs/config-psa-crypto.h: modified here, removed in development
* tests/suites/test_suite_x509parse.data: all conflicts are in depends_on
lines where development made a change unrelated to MBEDTLS_SHAxxx and our
branch either changed `MBEDTLS_SHA256_C` to `MBEDTLS_SHA224_C` or
`MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384` to ``MBEDTLS_SHA384_C`, with
no change to what the test does. Pick the other branch's dependency
changes then apply our SHA dpeendency change.
Building the library without entropy sources negates any and all security
provided by the library.
This option was originally requested a relatively long time ago and it
does not provide any tangible benefit for users any more.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This configuration file was useful in the early days of PSA crypto
development. It stopped becoming relevant when MBEDTLS_PSA_CRYPTO_C entered
the default configuration. Remove it: better late than never.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Since SHA384 depends on SHA512, depends-hashes script
should not generate configuration where SHA384 is defined
without SHA512.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Although SHA512 is currently required to enable SHA384, this
is expected to change in the future. This commit is an
intermediate step towards fully separating SHA384 and SHA512.
check_config is the only module which enforces that SHA512 is
enabled together with SHA384.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
According to the design in psa-driver-interface.md. Compiles without
issue in test_psa_crypto_drivers.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Add library/*.h to the list of files scanned for enums in
list-enum-consts.sh, consistent with the changes made to
list-macros.sh.
This is needed to ensure that check-names.sh passes for the MPS
trace enums.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Add cipher accelerator compilation flags to
test_psa_crypto_drivers() all.sh component. The flags
are not necessary currently but may become.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Test cipher operations by a transparent driver in all.sh
test_psa_crypto_config_basic and
test_psa_crypto_drivers components.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Given the PSA_WANT_* config options added lately,
update set_psa_test_dependencies.py and run it
on test_suite_psa_crypto*.data files but the SE
and generated ones.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fine tune handling of policy negative tests when
setting automatically PSA crypto unit tests
dependencies.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
For the time being, it is not possible to determine
the size of ECC keys from the arguments of all test
cases thus treat them as dependencies that are not
systematic. Such dependencies are not generated nor
deleted by set_psa_test_dependencies.py.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Generate test cases for all algorithms without parameters. Only the encoding
of the algorithm in the key metadata is covered: the test keys are not of a
type that permits the algorithm to be used in an operation.
This commit only covers algorithms without parameters. A subsequent commit
will generate algorithms with parameters.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Generate test cases for all key types. These test cases cover the key
representation (checked with export) and the encoding of the key type and
the bit-size.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Start generating storage format test cases. This commit introduces two test
data files: test_suite_psa_crypto_storage_format.v0.data for reading keys in
storage format version 0 (the current version at this time), and
test_suite_psa_crypto_storage_format.current.data for saving keys in the
current format (version 0 at this time).
This commit kicks off the test case generation with test cases to exercise
the encoding of usage flags. Subsequent commits will cover other aspects of
keys.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Split out the code that enumerates constructors of a PSA crypto type
from the code used to populate the list of constructors for the
specific purpose of testing psa_constant_names.
This commit adds some documentation but otherwise strives to minimize
code changes.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Generating all files all the time makes debugging one specific target
harder. So support generating a selection of targets only.
As a bonus, it is now more apparent what files this script generates,
and check-generated-files.sh takes advantage of it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use separate classes for information gathering, for each kind of test
generation (currently just one: not-supported), and for writing output
files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Test hash algorithm functions when called through a transparent
driver in all.sh test_psa_crypto_config_basic and
test_psa_crypto_drivers components.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Test signature and signature verification by a transparent
driver in all.sh test_psa_crypto_config_basic and
test_psa_crypto_drivers components.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
A temporary hack: at the time of writing, not all dependency symbols
are implemented yet. Skip test cases for which the dependency symbols are
not available. Once all dependency symbols are available, this comit
should be reverted.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
PSA_KEY_TYPE_RAW_DATA and PSA_KEY_TYPE_DERIVE are always supported.
Make this explicit by declaring PSA_WANT_KEY_TYPE_RAW_DATA and
PSA_WANT_KEY_TYPE_DERIVE unconditionally. This makes it easier to
infer dependencies in a systematic way.
Don't generate not-supported test cases for those key types. They
would always be skipped, which is noise and would make it impossible
to eventually validate that all test cases pass in at least one
configuration over the whole CI.
Don't remove the exception in set_psa_test_dependencies.py for now, to
get less noise in dependencies. This may be revised later if it is
deemed more important to be systematic.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
ECC curve dependency symbols include the key size in addition to the
curve family. Tweak the dependencies once the key size is known.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This test data file is automatically generated. We could do that as
part of the build, since the only requirement is Python and we have a
requirement on Python to build tests anyway (to generate the .c file
from the .function file). However, committing the generating file into
the repository has less impact on build scripts, and will be necessary
for some of the files generated by generate_psa_tests.py (at least the
storage format stability tests, for which stability is guaranteed by
the fact that the generated file doesn't change). To keep things
simple, for now, let's commit all the files generated by
generate_psa_tests.py into the repository.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add support for ECC key types to the generation of not-supported test
cases in generate_psa_tests.py. For each curve, generate test cases
both for when ECC isn't supported and for when the curve isn't
supported.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For each declared key type, generate test cases for psa_import_key and
psa_generate_key when the corresponding type is not supported.
Some special cases:
* Public keys can never be generated.
* Omit key types that Mbed TLS does not support at all.
* ECC and FFDH, which depend on a curve/group, are not covered yet.
The generated test cases are written to
tests/suites/test_suite_psa_crypto_not_supported.generated.data .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit creates a script to generate test cases automatically
based on enumerating PSA key types, algorithms and other
classifications of cryptographic mechanisms.
Subsequent commits will implement the generation of test cases.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The point of having an external RNG is that you can disable all
built-in RNG functionality: both the entropy part and the DRBG part.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The SSL test programs can now use mbedtls_psa_get_random() rather than
entropy+DRBG as a random generator. This happens if
the configuration option MBEDTLS_USE_PSA_CRYPTO is enabled, or if
MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is set at build time.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Extend import/export/generate key through a PSA
transparent driver without software fallback
testing to RSA keys.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This brings them in line with PSA Crypto API 1.0.0
PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH -> PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG
PSA_ALG_AEAD_WITH_TAG_LENGTH -> PSA_ALG_AEAD_WITH_SHORTENED_TAG
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Whether MBEDTLS_USE_PSA_CRYPTO is enabled makes a significant
difference with respect to how random generators are used (and, for
no-HMAC_DRBG, how ECDSA signature is dispatched), so test both with
and without it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The compilation guards in key_management.c are now
accelerator compilation guards (MBEDTLS_PSA_ACCEL_KEY_TYPE_xyz).
As a consequence when running the PSA driver wrapper
tests as part of test_psa_crypto_config_basic
and test_psa_crypto_drivers all.sh components all
key management cryptographic operations were handled by
the software builtin fallback, and not by the test driver
as intended in the first place.
This commits fixes this issue by:
. declaring an accelerator for ECC key pairs in
test_psa_crypto_config_basic.
. declaring an accelerator for both ECC and RSA
key pairs in test_psa_crypto_drivers.
It is possible to declare an accelerator for both
ECC and RSA key pairs in test_psa_crypto_drivers
and not in test_psa_crypto_config_basic because
in the case of test_psa_crypto_drivers the new
PSA configuration is not activated. That way,
the builtin fallback software implementation
is present to supply the transparent test driver
when some support is missing in it (mainly
RSA key generation).
Note that the declaration of accelerators does
much more than just "fixing" the execution flow of
driver wrapper tests, it makes all import and public
key export cryptographic operations in all unit
tests being handled by the transparent test driver
(provided that it supports the key type).
One test case related to key generation is
partially disabled. This will be fixed with the
rework of psa_generate_key along the lines
described in psa-crypto-implementation-structure.md.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Storage format tests that only look at how the file is structured and
don't care about the format of the key material don't depend on any
cryptographic mechanisms.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The negative test cases for psa_copy_key() don't actually care whether
the target policy is supported. This is similar to _key_policy tests.
Add a similar rule.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It isn't a set of dependencies, it's a set of symbols. So give it a
name that describes the symbol rather than a name that pretends it's a
collection of dependencies.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The test function asymmetric_signature_key_policy combines positive
and negative tests inside the code, so it doesn't take a status as its
last argument.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It doesn't make much difference in practice, but to keep closer to
what the current code does, run negative key policy tests even if the
algorithm for the operation attempt is not supported.
In particular, this allows the following test cases to run:
* "PSA key policy: agreement + KDF, wrong agreement algorithm"
* "PSA key policy: raw agreement, wrong algorithm"
Without this exception, those two test cases would never run, because
they would depend on PSA_ALG_WANT_FFDH. Since FFDH is not implemented
yet, it isn't enabled in any configuration. There's no alternative to
FFDH for these particular test cases because ECDH is the only key
agreement that is implemented in Mbed TLS so far.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
PSA_xxx_CATEGORY_yyy is used in metadata tests where it doesn't
involve any particular support, and elsewhere it's used as a value
that is definitely not supported but is in a plausible range. Such
symbols do not require any dependency.
If a test case is expects PSA_ERROR_NOT_SUPPORTED, its
dependencies (often including one negative dependency) cannot be
determined automatically, so leave that test case alone.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Some symbols don't require a dependency symbol:
* Modifiers such as truncated MAC
* Always-on features such as the raw data key type
* Aliases or special values such as RSA PKCS#1v1.5 raw
I'm not convinced that all of these warrant special handling in the
script, rather than having the expected symbol defined somewhere. But
for now I prefer to minimize changes to the header files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't remove cipher-related dependencies because the corresponding
PSA_WANT_xxx dependencies are not implemented yet.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Remove any existing PSA_WANT_xxx dependency. Add PSA_WANT_xxx
dependencies based on the PSA_KEY_TYPE_xxx and PSA_ALG_xxx symbols
used in the test case arguments.
PSA_ECC_FAMILY_xxx and PSA_DH_GROUP_xxx are not implemented yet in the
PSA conditional inclusion mechanism in Mbed TLS, so this script
doesn't handle them yet.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Parse the existing dependencies. For now, just write them back.
Subsequent commits will implement the dependency processing that is
the goal of this program.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit only contains a framework to rewrite .data files. No
actual modification of the content is implemented yet.
For now, command line parsing is trivial: just a list of file names,
with no options.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
As indicated in the comments in the can_mypy function, we don't just
need a mypy executable to be present, we need it to work.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This reduces dependencies, doesn't require maintainers to know awk,
and makes the version parsing more robust.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that the script might additionally run mypy, it's more
user-friendly to indicate what's going on at the beginning as well.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In component_test_no_hmac_drbg, the fact that HMAC_DRBG is disabled
doesn't affect the SSL code, but the fact that deterministic ECDSA is
disabled does. So run some ECDSA-related SSL tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Support HMAC_DRBG in ssl_client2 and ssl_server2, in addition to
CTR_DRBG. CTR_DRBG is still used if present, but it's now possible to
run the SSL test programs with CTR_DRBG disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
With just the option --can-pylint or --can-mypy, check whether the
requisite tool is available with an acceptable version and exit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mypy automatically checks the modules when it encounters them as
imports. Don't make it check them twice, because it would complain
about encountering them through different paths (via the command line
as scripts/mbedtls_dev/*.py and via imports as just mbedtls_dev/*.py).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a directory mbedtls_dev intended to contain various Python
module for use by Python scripts located anywhere in the Mbed TLS
source tree.
Move get_c_expression_values and its auxiliary functions into a new
Python module mbedtls_dev.c_build_helper.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Generalize the very ad hoc run_c function into a function to generate
a C program to print the value of a list of expressions. Refactor the
code into several functions to make it more manageable.
No intended behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Allow Python scripts in tests/scripts to import modules located in the
scripts directory. To do this, use
```
import scripts_path # pylint: disable=unused-import
```
Declare the scripts directory to pylint and to mypy.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Since no typing stubs are available for mbed_host_tests.py, mypy
errors out on mbedtls_test.py with
error: Skipping analyzing 'mbed_host_tests': found module but no type hints or library stubs
Ignore this import to get at least some benefit from mypy without
spending significant effort to write stubs.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add enough type annotations to pass mypy 0.782 with Python 3.5. The
source code will still run normally under older Python versions.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Executable scripts must have shebang (#!) line to be effectively
executable on most Unix-like systems. Enforce this, and conversely
enforce that files with a shebang line are executable.
Check that the specified interperter is consistent with the file
extension.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
New tests have been added for all the hash algorithms to
confirm they compile correctly when using PSA_WANT and
accelerator guards.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Add two builds with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG to all.sh:
* full minus all DRBG (validates that PSA can work without any of the
DRBG modules).
* with MBEDTLS_USE_PSA_CRYPTO and no CTR_DRBG (validates that PSA can
work without CTR_DRBG, and that it works for USE_PSA_CRYPTO).
The goal is to exercise default/full, with/out USE_PSA_CRYPTO, and
with/out deterministic ECDSA (which requires HMAC_DRBG). The choice of
pairing is rather arbitrary.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Support using HMAC_DRBG instead of CTR_DRBG in the PSA subsystem.
Use HMAC_DRBG if CTR_DRBG is available. Choose between SHA-256 and
SHA-512 based on availability.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Moved new check_crypto_config.h file from include/psa to library
directory and the file is now included from *.c instead of the
crypto_config.h file. Fixed guards in PSA crypto library based
on review comments for new PSA crypto config features.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Revised the placement of various new MBEDTLS_PSA_BUILTIN_xxx
guards based on review comments. Corrected guards in psa
test driver to use _ACCEL version instead of _BUILTIN version.
Updated check_config_psa.h to include additional dependency checks
for more algorithms. Renamed some of the new tests to be a little
more clear on the purpose.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Code under MBEDTLS_USE_PSA_CRYPTO define is PSA client
code intended to use key identifiers of type psa_key_id_t.
Thus the MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
configuration option is incompatible with
MBEDTLS_USE_PSA_CRYPTO.
State this in config.h and check_config.h.
As a consequence:
. remove MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER from
the full configuration, as MBEDTLS_USE_PSA_CRYPTO is
part of it.
. add a new component in all.sh to keep testing the
library when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
is set.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Updated macros in config_psa.h that used ECC_xxx to use KEY_TYPE_ECC_xxx
per comments from review. Implemented a check_config_psa.h to help with
dependency checking of features enabled in config_psa.h. Added
check_config_psa.h to visual studio project.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
In order to pass existing tests like test_psa_crypto_config_basic
and test_psa_crypto_config_no_driver, all the new features need
to be enabled in the default crypto_config.h file. This change
enables those features by default and updates the other new
tests to compensate for everything being enabled by disabling
some features for some of the tests as needed.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Updated some of the test names to better reflect what they are testing.
Expanded the testing around RSA feature for PSA crypto config. Updated
the test script to support backing up and restoring the
include/psa/crypto_config.h file so that features can be individually
setup for each unique feature test.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
The KEY_TYPE_ECC_KEY_PAIR and KEY_TYPE_ECC_PUBLIC_KEY were previously
being guarded by MBEDTLS_ECP_C in the PSA crypto library code. This change
moves it to the new MBEDTLS_PSA_BUILTIN_xxx and separates KEY_PAIR
and PUBLIC_KEY as needed. Tests have also been added to validate the new
settings.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
This phase adds in support for the following features being
added to the list of features that can be configured in the
include/psa/crypto_config.h header file using the PSA_WANT_ALG_xxx
macros: ECDH, HMAC, HKDF, and RSA. These changes include changes to
the PSA crypto library to use the appropriate new guards that
will allow the feature to be compiled in or out either using
new PSA_WANT_ALG_xxx or the previous MBEDTLS_xxx macros.
For HKDF and HMAC, most of the PSA library code did not have a
specific matching MBEDTLS_xxx macro for that feature, but was instead
using the generic dependent MBEDTLS_MD_C macro. The ECDH and RSA
features more closely aligned with a direct replacement with a similar
macro.
The new tests for RSA, HMAC, and HKDF would normally unset additional
dependent macros, but when attempting to implement that level of
testing it required removal of too many core features like MD_C, PK_C,
ECP_C and other low level features. This may point to additional phases of
work to complete the transition of these features to the new model.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Add a build with MBEDTLS_ERROR_STRERROR_DUMMY but not MBEDTLS_ERROR_C.
Previously, both options were enabled by default, but
MBEDTLS_ERROR_STRERROR_DUMMY only matters when MBEDTLS_ERROR_C is
enabled, so its effect was not tested.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Two sample configuration file were not being tested:
config-no-entropy.h and config-psa-crypto.h. Add them.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Removed comment referencing test driver header path and the inclusion of
the test driver directory from the build since it is not required
for that test.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Changed the test name from test_ to build_ to better reflect
what the test is currently performing.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Added a new test to all.sh to confirm that using MBEDTLS_PSA_CRYPTO_CONFIG
with no test driver and the library is configured with normal configurations
that the test works.
Minor updates to other PSA crypto tests to cleanup msg output for consistency.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Updated the test_psa_want_ecdsa_disabled_software to enable and disable
the correct macros to accomplish the desired test. The previous version
left out the disabling of additional macros to ensure items related
to MBEDTLS_ECDSA_C were also unset. The test was also missing the setting
of the accelerators MBEDTLS_PSA_ACCEL_ALG_ECDSA and DETERMINISTIC_ECDSA.
With the accelerators enabled the test portion had to be temporarily
disabled until the accelerator code is completed so the test will work
properly.
Updated the signature driver source to fix a compiler warning when
MBEDTLS_ECDSA_C is unset.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
The psa crypto library was generically using PSA_WANT_ALG_xxx, but
should have been using the correct MBEDTLS_PSA_BUILTIN_ALG_xxx
definition since that code is the builtin version. There were also
a couple of spots that needed to ensure the code block was enabled
for either ECDSA or DETERMINISTIC_ECDSA, not just one of them.
Fixed all the new ALG_ECDSA_DETERMINISTIC names to be
ALG_DETERMINISTIC_ECDSA instead.
Fixed test to use correct definitions.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Need to make sure the new MBEDTLS_PSA_ACCEL_XXX defines are not checked
since they should be defined by the PSA driver. Updated the list-macros.sh
script to modify the instances of those found to match the corresponding
MBEDTLS_PSA_BUILTIN_XXX that are defined in config_psa.h
Fixed definition of MBEDTLS_PSA_BUILTIN_ALG_ECDSA_DETERMINISTIC, name was
incorrect. Also fixed a missing space in the comments of crypto_config.h
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Provided a clearer comment for the description for ignoring
MBEDTLS_PSA_CRYPTO_CONFIG for full build setting.
Updated message output for test_psa_crypto_config_basic and
test_psa_want_ecdsa_disabled_software so it is more clear and
concise in what the test is doing. Removed inclusion of the
MBEDTLS_PSA_ACCEL_ALG_ECDSA since it should not have been used
for that particular tests.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
With the introduction of new tests for PSA crypto config features
the test needs to now be able to set and unset values from the
psa/crypto_config.h file. This change updates from passing the defines
as a build arguement to modifying the header files using config.py.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Python should not be required for the build when the no_test target is
used. This commit adds the generated file to the source tree and the
check-generated-files script, and removes the generation from (c)make.
Fixes#3524
Signed-off-by: Cameron Nemo <cnemo@tutanota.com>
Initial changes to PSA crypto core to support configuration
of ECDSA algorithm using PSA crypto configuration mechanism.
Guards using MBEDTLS_ECDSA_C and MBEDTLS_ECDSA_DETERMINISTIC have
been changed to be based off PSA_WANT_ALG_ECDSA and
PSA_WANT_ALG_ECDSA_DETERMINISTIC. Added new tests to all.sh to
confirm new settings are working properly. Current code does not
pass the tests since built in signature verification is not in place.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Moved the new component_test_depends_pkalgs_psa to after the
component_test_depends_pkalgs test to be more consistent.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Needed to make additional fixes so that when MBEDTLS_USE_PSA_CRYPTO
is defined, the depends-hashes test will succeed. There are two
versions of the ecdsa_verify_wrap() function, one with
MBEDTLS_USE_PSA_CRYPTO and when when it is not enabled. The non PSA
version is not using the md_alg parameter since it is not required.
The PSA version was using that parameter to derive a different value
it needed for PSA_ALG_ECDSA. The arguement of PSA_ALG_ECDSA is
ignored for psa_sign_hash and psa_verify_hash. It is present because
it is used and must be a valid hash, not zero, for psa_sign_hash
(but not psa_verify_hash) with PSA_ALG_DETERMINISTIC_ECDSA, and it is
needed for psa_sign_message and psa_verify_message which are not
implemented yet. The local parameter now uses PSA_ALG_ECDSA_ANY for
the verify function to avoid using the md_alg parameter and avoids
returning incorrect error codes.
Fixes#3587
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Trying to compile in the PSA accelerator test driver under MBEDTLS_TEST_HOOKS
turned out to be awkward regarding existing builds. We'll put it under a
custom (not in config.h) define instead, since it's something that only
should happen in test.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
GCC up to 4.x defaults to C89. On our CI, we run the arm-none-eabi-gcc
version from Ubuntu 16.04 on Travis, and that's 4.9, so the gcc-arm
builds started failing on Travis when we introduced a C99 construct in
the configurations that we test on arm on Travis. Other builds, and
Jenkins CI, are not affected because they use GCC 5.x or newer.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix `printf "$foo"` which treats the value of `foo` as a printf format
rather than a string.
I used the following command to find potentially problematic lines:
```
git ls-files '*.sh' | xargs egrep 'printf +("?[^"]*|[^ ]*)\$'
```
The remaining ones are false positives for this regexp.
The errors only had minor consequences: the output of `ssl-opt.sh`
contained lines like
```
Renegotiation: gnutls server strict, client-initiated .................. ./tests/ssl-opt.sh: 741: printf: %S: invalid directive
PASS
```
and in case of failure the GnuTLS command containing a substring like
`--priority=NORMAL:%SAFE_RENEGOTIATION` was not included in the log
file. With the current tests, there was no risk of a test failure
going undetected.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add new test (test_depends_curves_psa) to all.sh to confirm
that test is passing when MBEDTLS_USE_PSA_CRYPTO is defined.
Fix#3294
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Add guards in pk_wrap.c to ensure if ECDSA is not defined, errors
are returned.
Remove warnings in pk.c for unused variables.
Add new test (test_depends_pkalgs_psa) to all.sh to confirm
when USE_PSA_CRYPTO is defined that features are working properly.
Fix#3294
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
* development:
Update copyright notices to use Linux Foundation guidance
Undef ASSERT before defining it to ensure that no previous definition has sneaked in through included files.
Add ChangeLog entry for X.509 CN-type vulnerability
Improve documentation of cn in x509_crt_verify()
Fix comparison between different name types
Add test: DNS names should not match IP addresses
Remove obsolete buildbot reference in compat.sh
Fix misuse of printf in shell script
Fix added proxy command when IPv6 is used
Simplify test syntax
Fix logic error in setting client port
ssl-opt.sh: include test name in log files
ssl-opt.sh: remove old buildbot-specific condition
ssl-opt.sh: add proxy to all DTLS tests
Signed-off-by: Dan Handley <dan.handley@arm.com>
Currently the new component in all.sh fails because
mbedtls_ssl_cf_memcpy_offset() is not actually constant flow - this is on
purpose to be able to verify that the new test works.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.
Also remove the now-redundant lines declaring that the files are part of
MbedTLS.
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '
# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I
# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
RFC5280 does not state that the `revocationDate` should be checked.
In addition, when no time source is available (i.e., when MBEDTLS_HAVE_TIME_DATE is not defined), `mbedtls_x509_time_is_past` always returns 0. This results in the CRL not being checked at all.
https://tools.ietf.org/html/rfc5280
Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com>
* development: (55 commits)
Log change as bugfix
Add changelog entry
Clarify updates to the persistent state in storage
With multiple applicable transparent drivers, the order is unspecified
Minor clarifications
Give some examples of purpsoses of pure-software transparent driver
Fix typos
Add a link to the PSA API specification
Explain locations vs lifetimes
Initialize key pointer in ecdh to NULL
Add buffer zeroization when ecp_write_key fails
Simplified key slot deletion
Style fixes
Use arc4random_buf instead of rand on NetBSD
Apply review feedback
Update open question section about public key storage
Remove the paragraph about declaring application needs
Change driver persistent data to a callback interface
Rework and expand key management in opaque drivers
Fix typos and copypasta
...
tests/scripts/curves.pl tests the library with a single curve enabled.
This uses the legacy ECDH context and the default ECDH implementation.
For Curve25519, there is an alternative implementation, which is
Everest. Test this. This also tests the new ECDH context, which
Everest requires.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Previously curves.pl tested with all elliptic curves enabled except
one, for each curve. This catches tests that are missing dependencies
on one of the curve that they use, but does not catch misplaced
conditional directives around parts of the library.
Now, we additionally test with a single curve, for each curve. This
catches missing or extraneous guards around code that is specific to
one particular curve or to a class of curves.
Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>
This option allows to test the constant-flow nature of selected code, using
MemSan and the fundamental observation behind ctgrind that the set of
operations allowed on undefined memory by dynamic analysers is the same as the
set of operations allowed on secret data to avoid leaking it to a local
attacker via side channels, namely, any operation except branching and
dereferencing.
(This isn't the full story, as on some CPUs some instructions have variable
execution depending on the inputs, most notably division and on some cores
multiplication. However, testing that no branch or memory access depends on
secret data is already a good start.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The test function now depends on MBEDTLS_TEST_HOOKS, which is enabled by
config.py full, and since there are already components in all.sh exercising
the full config, this test function is sill exercised even with this new
dependency.
Since this is the first time a test function depends on MBEDTLS_TEST_HOOKS,
fix a bug in check-names.sh that wasn't apparent so far: headers from
library/*.h were not considered when looking for macro definitions. This
became apparent because MBEDTLS_STATIC_TESTABLE is defined in library/common.h
and started being used in library/ssl_msg.c, so was flagged as a likely typo.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This makes the implementation of mbedtls_param_failed()
for testing purpose available to programs. Thus removing
the ad-hoc implementations in programs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Check that every available test case in the test suites and ssl-opt.sh
has been executed at least once.
For the time being, only report a warning, because our coverage is
incomplete. Once we've updated all.sh to have full coverage, this
warning should become an error.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is a new script designed to analyze test outcomes collected
during a whole CI run.
This commit introduces the script, the code to read the outcome file,
and a very simple framework to report errors. It does not perform any
actual analysis yet.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
With previous refactorings, some functions are now solely meant to be
called from other functions in a particular class. Move them into this
class.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Make the structure more Pythonic: use classes for abstraction and
refinement, rather than higher-order functions.
Convert walk(function, state, data) into instance.walk(data) where
instance has a method that implements function and state is a field of
instance.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Parametrize the code that iterates over test case descriptions by the
function to apply on each description.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Call all.sh for sanity checks, rather than maintain an explicit list.
This was done in .travis.yml in 3c7ffd7a40
Travis has diverged from basic-in-docker. This commit updates the
description of basic-in-docker to no longer refer to Travis. Alignment
with Travis may be desirable but that is beyond the scope of this commit.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find scripts
find -path './.git' -prune -o '(' -name '*.gdb' -o -name '*.pl' -o -name '*.py' -o -name '*.sh' ')' -print | xargs sed -i '
# Remove Mbed TLS declaration if it occurs before the copyright line
1,/Copyright.*Arm/I {
/This file is part of/,$ {
/Copyright.*Arm/I! d
}
}
# Convert non-standard header in scripts/abi_check.py to the format used in the other scripts
/"""/,/"""/ {
# Cut copyright declaration
/Copyright.*Arm/I {
h
N
d
}
# Paste copyright declaration
/"""/ {
x
/./ {
s/^/# / # Add #
x # Replace orignal buffer with Copyright declaration
p # Print original buffer, insert newline
i\
s/.*// # Clear original buffer
}
x
}
}
/Copyright.*Arm/I {
# Print copyright declaration
p
# Read the two lines immediately following the copyright declaration
N
N
# Insert Apache header if it is missing
/SPDX/! {
i\
# SPDX-License-Identifier: Apache-2.0\
#\
# Licensed under the Apache License, Version 2.0 (the "License"); you may\
# not use this file except in compliance with the License.\
# You may obtain a copy of the License at\
#\
# http://www.apache.org/licenses/LICENSE-2.0\
#\
# Unless required by applicable law or agreed to in writing, software\
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
# See the License for the specific language governing permissions and\
# limitations under the License.
# Insert Mbed TLS declaration if it is missing
/This file is part of/! i\
#\
# This file is part of Mbed TLS (https://tls.mbed.org)
}
# Clear copyright declaration from buffer
D
}
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Instead, we insert a comment containing GDB_BREAK_HERE in the line we
want to break at, and let the gdb script search for it.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
While pure sh doesn't have a concept of local variables, we can partially
emulate them by unsetting variables before we exit the function, and use the
convention of giving them lowercase names to distinguish from global
variables.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Since dd prints everything on stderr, both normal status update and actual
errors when they occur, redirecting that to /dev/null is a trade-off that's
acceptable in quiet mode (typically used on a developer's machine and the
developer will re-run in non-quiet mode if anything fails without sufficient
detail in the output), but not that much in non-quiet mode.
For example, if our dd invocation fails because the disk in full on a CI
machine, we want the error to be reported at the time we invoke dd, and not
later when a seemingly unrelated test fails due to an incorrect seedfile.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Currently we draw pseudo-random numbers at the beginning and end of the main
loop. With ECP_RESTARTABLE, it's possible that between those two occasions we
returned from the multiplication function, hence lost our internal DRBG
context that lives in this function's stack frame. This would result in the
same pseudo-random numbers being used for blinding in multiple places. While
it's not immediately clear that this would give rise to an attack, it's also
absolutely not clear that it doesn't. So let's avoid that by using a DRBG
context that lives inside the restart context and persists across
return/resume cycles. That way the RESTARTABLE case uses exactly the
same pseudo-random numbers as the non-restartable case.
Testing and compile-time options:
- The case ECP_RESTARTABLE && !ECP_NO_INTERNAL_RNG is already tested by
component_test_no_use_psa_crypto_full_cmake_asan.
- The case ECP_RESTARTABLE && ECP_NO_INTERNAL_RNG didn't have a pre-existing
test so a component is added.
Testing and runtime options: when ECP_RESTARTABLE is enabled, the test suites
already contain cases where restart happens and cases where it doesn't
(because the operation is short enough or because restart is disabled (NULL
restart context)).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
No effect so far, except on dependency checking, as the feature it's meant to
disable isn't implemented yet (so the descriptions in config.h and the
ChangeLog entry are anticipation for now).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Similarly to the recently-added tests for dependencies on CTR_DRBG:
constrained environments will probably want only one DRBG module, and we
should make sure that tests pass in such a configuration.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The primary purpose is to use it to run all.sh -k -q in the pre-push hook, but
this can be useful in any circumstance where you're not interested in the full
output from each component and just want a short summary of which components
were run (and if any failed).
Note that only stdout from components is suppressed, stderr is preserved so
that errors are reported. This means components should avoid printing to
stderr in normal usage (ie in the absence of errors).
Currently all the `check_*` components obey this convention except:
- check_generate_test_code: unittest prints progress to stderr
- check_test_cases: lots of non-fatal warnings printed to stderr
These components will be fixed in follow-up commits.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
People who prefer to rely on HMAC_DRBG (for example because they use it for
deterministic ECDSA and don't want a second DRBG for code size reasons) should
be able to build and run the tests suites without CTR_DRBG.
Ideally we should make sure the level of testing (SSL) is the same regardless
of which DRBG modules is enabled, but that's a more significant piece of work.
For now, just ensure everything builds and `make test` passes.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Enable branch coverage output in basic_build_test.sh. This
includes enabling branch coverage output to the lcov make target,
which is disabled by default.
Signed-off-by: Dan Handley <dan.handley@arm.com>
We're only interested in files that are committed and pushed to be
included in Mbed TLS, not in any other files that may be lying around.
So ask git for the list of file names.
This script is primarily intended to run on the CI, and there it runs
on a fresh Git checkout plus potentially some other checkouts or
leftovers from a previous part of the CI job. It should also run
reasonably well on developer machines, where there may be various
additional files. In both cases, git is available.
Ad hoc directory exclusions are no longer needed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Have an explicit list of exemptions for specific checks rather than
whitelisting files to check. Some checks, such as permissions, should
apply to all files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is supposed to be for GCC (or a compiler with a compatible
command line interface) targeting arm-none-eabi, so name it
accordingly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
