1*62c56f98SSadaf Ebrahimi#! /usr/bin/env bash 2*62c56f98SSadaf Ebrahimi 3*62c56f98SSadaf Ebrahimi# all.sh 4*62c56f98SSadaf Ebrahimi# 5*62c56f98SSadaf Ebrahimi# Copyright The Mbed TLS Contributors 6*62c56f98SSadaf Ebrahimi# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7*62c56f98SSadaf Ebrahimi 8*62c56f98SSadaf Ebrahimi 9*62c56f98SSadaf Ebrahimi 10*62c56f98SSadaf Ebrahimi################################################################ 11*62c56f98SSadaf Ebrahimi#### Documentation 12*62c56f98SSadaf Ebrahimi################################################################ 13*62c56f98SSadaf Ebrahimi 14*62c56f98SSadaf Ebrahimi# Purpose 15*62c56f98SSadaf Ebrahimi# ------- 16*62c56f98SSadaf Ebrahimi# 17*62c56f98SSadaf Ebrahimi# To run all tests possible or available on the platform. 18*62c56f98SSadaf Ebrahimi# 19*62c56f98SSadaf Ebrahimi# Notes for users 20*62c56f98SSadaf Ebrahimi# --------------- 21*62c56f98SSadaf Ebrahimi# 22*62c56f98SSadaf Ebrahimi# Warning: the test is destructive. It includes various build modes and 23*62c56f98SSadaf Ebrahimi# configurations, and can and will arbitrarily change the current CMake 24*62c56f98SSadaf Ebrahimi# configuration. The following files must be committed into git: 25*62c56f98SSadaf Ebrahimi# * include/mbedtls/mbedtls_config.h 26*62c56f98SSadaf Ebrahimi# * Makefile, library/Makefile, programs/Makefile, tests/Makefile, 27*62c56f98SSadaf Ebrahimi# programs/fuzz/Makefile 28*62c56f98SSadaf Ebrahimi# After running this script, the CMake cache will be lost and CMake 29*62c56f98SSadaf Ebrahimi# will no longer be initialised. 30*62c56f98SSadaf Ebrahimi# 31*62c56f98SSadaf Ebrahimi# The script assumes the presence of a number of tools: 32*62c56f98SSadaf Ebrahimi# * Basic Unix tools (Windows users note: a Unix-style find must be before 33*62c56f98SSadaf Ebrahimi# the Windows find in the PATH) 34*62c56f98SSadaf Ebrahimi# * Perl 35*62c56f98SSadaf Ebrahimi# * GNU Make 36*62c56f98SSadaf Ebrahimi# * CMake 37*62c56f98SSadaf Ebrahimi# * GCC and Clang (recent enough for using ASan with gcc and MemSan with clang, or valgrind) 38*62c56f98SSadaf Ebrahimi# * G++ 39*62c56f98SSadaf Ebrahimi# * arm-gcc and mingw-gcc 40*62c56f98SSadaf Ebrahimi# * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc 41*62c56f98SSadaf Ebrahimi# * OpenSSL and GnuTLS command line tools, recent enough for the 42*62c56f98SSadaf Ebrahimi# interoperability tests. If they don't support old features which we want 43*62c56f98SSadaf Ebrahimi# to test, then a legacy version of these tools must be present as well 44*62c56f98SSadaf Ebrahimi# (search for LEGACY below). 45*62c56f98SSadaf Ebrahimi# See the invocation of check_tools below for details. 46*62c56f98SSadaf Ebrahimi# 47*62c56f98SSadaf Ebrahimi# This script must be invoked from the toplevel directory of a git 48*62c56f98SSadaf Ebrahimi# working copy of Mbed TLS. 49*62c56f98SSadaf Ebrahimi# 50*62c56f98SSadaf Ebrahimi# The behavior on an error depends on whether --keep-going (alias -k) 51*62c56f98SSadaf Ebrahimi# is in effect. 52*62c56f98SSadaf Ebrahimi# * Without --keep-going: the script stops on the first error without 53*62c56f98SSadaf Ebrahimi# cleaning up. This lets you work in the configuration of the failing 54*62c56f98SSadaf Ebrahimi# component. 55*62c56f98SSadaf Ebrahimi# * With --keep-going: the script runs all requested components and 56*62c56f98SSadaf Ebrahimi# reports failures at the end. In particular the script always cleans 57*62c56f98SSadaf Ebrahimi# up on exit. 58*62c56f98SSadaf Ebrahimi# 59*62c56f98SSadaf Ebrahimi# Note that the output is not saved. You may want to run 60*62c56f98SSadaf Ebrahimi# script -c tests/scripts/all.sh 61*62c56f98SSadaf Ebrahimi# or 62*62c56f98SSadaf Ebrahimi# tests/scripts/all.sh >all.log 2>&1 63*62c56f98SSadaf Ebrahimi# 64*62c56f98SSadaf Ebrahimi# Notes for maintainers 65*62c56f98SSadaf Ebrahimi# --------------------- 66*62c56f98SSadaf Ebrahimi# 67*62c56f98SSadaf Ebrahimi# The bulk of the code is organized into functions that follow one of the 68*62c56f98SSadaf Ebrahimi# following naming conventions: 69*62c56f98SSadaf Ebrahimi# * pre_XXX: things to do before running the tests, in order. 70*62c56f98SSadaf Ebrahimi# * component_XXX: independent components. They can be run in any order. 71*62c56f98SSadaf Ebrahimi# * component_check_XXX: quick tests that aren't worth parallelizing. 72*62c56f98SSadaf Ebrahimi# * component_build_XXX: build things but don't run them. 73*62c56f98SSadaf Ebrahimi# * component_test_XXX: build and test. 74*62c56f98SSadaf Ebrahimi# * support_XXX: if support_XXX exists and returns false then 75*62c56f98SSadaf Ebrahimi# component_XXX is not run by default. 76*62c56f98SSadaf Ebrahimi# * post_XXX: things to do after running the tests. 77*62c56f98SSadaf Ebrahimi# * other: miscellaneous support functions. 78*62c56f98SSadaf Ebrahimi# 79*62c56f98SSadaf Ebrahimi# Each component must start by invoking `msg` with a short informative message. 80*62c56f98SSadaf Ebrahimi# 81*62c56f98SSadaf Ebrahimi# Warning: due to the way bash detects errors, the failure of a command 82*62c56f98SSadaf Ebrahimi# inside 'if' or '!' is not detected. Use the 'not' function instead of '!'. 83*62c56f98SSadaf Ebrahimi# 84*62c56f98SSadaf Ebrahimi# Each component is executed in a separate shell process. The component 85*62c56f98SSadaf Ebrahimi# fails if any command in it returns a non-zero status. 86*62c56f98SSadaf Ebrahimi# 87*62c56f98SSadaf Ebrahimi# The framework performs some cleanup tasks after each component. This 88*62c56f98SSadaf Ebrahimi# means that components can assume that the working directory is in a 89*62c56f98SSadaf Ebrahimi# cleaned-up state, and don't need to perform the cleanup themselves. 90*62c56f98SSadaf Ebrahimi# * Run `make clean`. 91*62c56f98SSadaf Ebrahimi# * Restore `include/mbedtls/mbedtls_config.h` from a backup made before running 92*62c56f98SSadaf Ebrahimi# the component. 93*62c56f98SSadaf Ebrahimi# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`, 94*62c56f98SSadaf Ebrahimi# `tests/Makefile` and `programs/fuzz/Makefile` from git. 95*62c56f98SSadaf Ebrahimi# This cleans up after an in-tree use of CMake. 96*62c56f98SSadaf Ebrahimi# 97*62c56f98SSadaf Ebrahimi# The tests are roughly in order from fastest to slowest. This doesn't 98*62c56f98SSadaf Ebrahimi# have to be exact, but in general you should add slower tests towards 99*62c56f98SSadaf Ebrahimi# the end and fast checks near the beginning. 100*62c56f98SSadaf Ebrahimi 101*62c56f98SSadaf Ebrahimi 102*62c56f98SSadaf Ebrahimi 103*62c56f98SSadaf Ebrahimi################################################################ 104*62c56f98SSadaf Ebrahimi#### Initialization and command line parsing 105*62c56f98SSadaf Ebrahimi################################################################ 106*62c56f98SSadaf Ebrahimi 107*62c56f98SSadaf Ebrahimi# Abort on errors (even on the left-hand side of a pipe). 108*62c56f98SSadaf Ebrahimi# Treat uninitialised variables as errors. 109*62c56f98SSadaf Ebrahimiset -e -o pipefail -u 110*62c56f98SSadaf Ebrahimi 111*62c56f98SSadaf Ebrahimi# Enable ksh/bash extended file matching patterns 112*62c56f98SSadaf Ebrahimishopt -s extglob 113*62c56f98SSadaf Ebrahimi 114*62c56f98SSadaf Ebrahimiin_mbedtls_repo () { 115*62c56f98SSadaf Ebrahimi test -d include -a -d library -a -d programs -a -d tests 116*62c56f98SSadaf Ebrahimi} 117*62c56f98SSadaf Ebrahimi 118*62c56f98SSadaf Ebrahimiin_psa_crypto_repo () { 119*62c56f98SSadaf Ebrahimi test -d include -a -d core -a -d drivers -a -d programs -a -d tests 120*62c56f98SSadaf Ebrahimi} 121*62c56f98SSadaf Ebrahimi 122*62c56f98SSadaf Ebrahimipre_check_environment () { 123*62c56f98SSadaf Ebrahimi if in_mbedtls_repo || in_psa_crypto_repo; then :; else 124*62c56f98SSadaf Ebrahimi echo "Must be run from Mbed TLS / psa-crypto root" >&2 125*62c56f98SSadaf Ebrahimi exit 1 126*62c56f98SSadaf Ebrahimi fi 127*62c56f98SSadaf Ebrahimi} 128*62c56f98SSadaf Ebrahimi 129*62c56f98SSadaf Ebrahimipre_initialize_variables () { 130*62c56f98SSadaf Ebrahimi if in_mbedtls_repo; then 131*62c56f98SSadaf Ebrahimi CONFIG_H='include/mbedtls/mbedtls_config.h' 132*62c56f98SSadaf Ebrahimi else 133*62c56f98SSadaf Ebrahimi CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' 134*62c56f98SSadaf Ebrahimi fi 135*62c56f98SSadaf Ebrahimi CRYPTO_CONFIG_H='include/psa/crypto_config.h' 136*62c56f98SSadaf Ebrahimi CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' 137*62c56f98SSadaf Ebrahimi 138*62c56f98SSadaf Ebrahimi # Files that are clobbered by some jobs will be backed up. Use a different 139*62c56f98SSadaf Ebrahimi # suffix from auxiliary scripts so that all.sh and auxiliary scripts can 140*62c56f98SSadaf Ebrahimi # independently decide when to remove the backup file. 141*62c56f98SSadaf Ebrahimi backup_suffix='.all.bak' 142*62c56f98SSadaf Ebrahimi # Files clobbered by config.py 143*62c56f98SSadaf Ebrahimi files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" 144*62c56f98SSadaf Ebrahimi if in_mbedtls_repo; then 145*62c56f98SSadaf Ebrahimi # Files clobbered by in-tree cmake 146*62c56f98SSadaf Ebrahimi files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" 147*62c56f98SSadaf Ebrahimi fi 148*62c56f98SSadaf Ebrahimi 149*62c56f98SSadaf Ebrahimi append_outcome=0 150*62c56f98SSadaf Ebrahimi MEMORY=0 151*62c56f98SSadaf Ebrahimi FORCE=0 152*62c56f98SSadaf Ebrahimi QUIET=0 153*62c56f98SSadaf Ebrahimi KEEP_GOING=0 154*62c56f98SSadaf Ebrahimi 155*62c56f98SSadaf Ebrahimi # Seed value used with the --release-test option. 156*62c56f98SSadaf Ebrahimi # 157*62c56f98SSadaf Ebrahimi # See also RELEASE_SEED in basic-build-test.sh. Debugging is easier if 158*62c56f98SSadaf Ebrahimi # both values are kept in sync. If you change the value here because it 159*62c56f98SSadaf Ebrahimi # breaks some tests, you'll definitely want to change it in 160*62c56f98SSadaf Ebrahimi # basic-build-test.sh as well. 161*62c56f98SSadaf Ebrahimi RELEASE_SEED=1 162*62c56f98SSadaf Ebrahimi 163*62c56f98SSadaf Ebrahimi : ${MBEDTLS_TEST_OUTCOME_FILE=} 164*62c56f98SSadaf Ebrahimi : ${MBEDTLS_TEST_PLATFORM="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} 165*62c56f98SSadaf Ebrahimi export MBEDTLS_TEST_OUTCOME_FILE 166*62c56f98SSadaf Ebrahimi export MBEDTLS_TEST_PLATFORM 167*62c56f98SSadaf Ebrahimi 168*62c56f98SSadaf Ebrahimi # Default commands, can be overridden by the environment 169*62c56f98SSadaf Ebrahimi : ${OPENSSL:="openssl"} 170*62c56f98SSadaf Ebrahimi : ${OPENSSL_LEGACY:="$OPENSSL"} 171*62c56f98SSadaf Ebrahimi : ${OPENSSL_NEXT:="$OPENSSL"} 172*62c56f98SSadaf Ebrahimi : ${GNUTLS_CLI:="gnutls-cli"} 173*62c56f98SSadaf Ebrahimi : ${GNUTLS_SERV:="gnutls-serv"} 174*62c56f98SSadaf Ebrahimi : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} 175*62c56f98SSadaf Ebrahimi : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} 176*62c56f98SSadaf Ebrahimi : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} 177*62c56f98SSadaf Ebrahimi : ${ARMC5_BIN_DIR:=/usr/bin} 178*62c56f98SSadaf Ebrahimi : ${ARMC6_BIN_DIR:=/usr/bin} 179*62c56f98SSadaf Ebrahimi : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} 180*62c56f98SSadaf Ebrahimi : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-} 181*62c56f98SSadaf Ebrahimi : ${CLANG_LATEST:="clang-latest"} 182*62c56f98SSadaf Ebrahimi : ${CLANG_EARLIEST:="clang-earliest"} 183*62c56f98SSadaf Ebrahimi : ${GCC_LATEST:="gcc-latest"} 184*62c56f98SSadaf Ebrahimi : ${GCC_EARLIEST:="gcc-earliest"} 185*62c56f98SSadaf Ebrahimi # if MAKEFLAGS is not set add the -j option to speed up invocations of make 186*62c56f98SSadaf Ebrahimi if [ -z "${MAKEFLAGS+set}" ]; then 187*62c56f98SSadaf Ebrahimi export MAKEFLAGS="-j$(all_sh_nproc)" 188*62c56f98SSadaf Ebrahimi fi 189*62c56f98SSadaf Ebrahimi 190*62c56f98SSadaf Ebrahimi # Include more verbose output for failing tests run by CMake or make 191*62c56f98SSadaf Ebrahimi export CTEST_OUTPUT_ON_FAILURE=1 192*62c56f98SSadaf Ebrahimi 193*62c56f98SSadaf Ebrahimi # CFLAGS and LDFLAGS for Asan builds that don't use CMake 194*62c56f98SSadaf Ebrahimi # default to -O2, use -Ox _after_ this if you want another level 195*62c56f98SSadaf Ebrahimi ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' 196*62c56f98SSadaf Ebrahimi 197*62c56f98SSadaf Ebrahimi # Platform tests have an allocation that returns null 198*62c56f98SSadaf Ebrahimi export ASAN_OPTIONS="allocator_may_return_null=1" 199*62c56f98SSadaf Ebrahimi export MSAN_OPTIONS="allocator_may_return_null=1" 200*62c56f98SSadaf Ebrahimi 201*62c56f98SSadaf Ebrahimi # Gather the list of available components. These are the functions 202*62c56f98SSadaf Ebrahimi # defined in this script whose name starts with "component_". 203*62c56f98SSadaf Ebrahimi ALL_COMPONENTS=$(compgen -A function component_ | sed 's/component_//') 204*62c56f98SSadaf Ebrahimi 205*62c56f98SSadaf Ebrahimi # Exclude components that are not supported on this platform. 206*62c56f98SSadaf Ebrahimi SUPPORTED_COMPONENTS= 207*62c56f98SSadaf Ebrahimi for component in $ALL_COMPONENTS; do 208*62c56f98SSadaf Ebrahimi case $(type "support_$component" 2>&1) in 209*62c56f98SSadaf Ebrahimi *' function'*) 210*62c56f98SSadaf Ebrahimi if ! support_$component; then continue; fi;; 211*62c56f98SSadaf Ebrahimi esac 212*62c56f98SSadaf Ebrahimi SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" 213*62c56f98SSadaf Ebrahimi done 214*62c56f98SSadaf Ebrahimi} 215*62c56f98SSadaf Ebrahimi 216*62c56f98SSadaf Ebrahimi# Test whether the component $1 is included in the command line patterns. 217*62c56f98SSadaf Ebrahimiis_component_included() 218*62c56f98SSadaf Ebrahimi{ 219*62c56f98SSadaf Ebrahimi # Temporarily disable wildcard expansion so that $COMMAND_LINE_COMPONENTS 220*62c56f98SSadaf Ebrahimi # only does word splitting. 221*62c56f98SSadaf Ebrahimi set -f 222*62c56f98SSadaf Ebrahimi for pattern in $COMMAND_LINE_COMPONENTS; do 223*62c56f98SSadaf Ebrahimi set +f 224*62c56f98SSadaf Ebrahimi case ${1#component_} in $pattern) return 0;; esac 225*62c56f98SSadaf Ebrahimi done 226*62c56f98SSadaf Ebrahimi set +f 227*62c56f98SSadaf Ebrahimi return 1 228*62c56f98SSadaf Ebrahimi} 229*62c56f98SSadaf Ebrahimi 230*62c56f98SSadaf Ebrahimiusage() 231*62c56f98SSadaf Ebrahimi{ 232*62c56f98SSadaf Ebrahimi cat <<EOF 233*62c56f98SSadaf EbrahimiUsage: $0 [OPTION]... [COMPONENT]... 234*62c56f98SSadaf EbrahimiRun mbedtls release validation tests. 235*62c56f98SSadaf EbrahimiBy default, run all tests. With one or more COMPONENT, run only those. 236*62c56f98SSadaf EbrahimiCOMPONENT can be the name of a component or a shell wildcard pattern. 237*62c56f98SSadaf Ebrahimi 238*62c56f98SSadaf EbrahimiExamples: 239*62c56f98SSadaf Ebrahimi $0 "check_*" 240*62c56f98SSadaf Ebrahimi Run all sanity checks. 241*62c56f98SSadaf Ebrahimi $0 --no-armcc --except test_memsan 242*62c56f98SSadaf Ebrahimi Run everything except builds that require armcc and MemSan. 243*62c56f98SSadaf Ebrahimi 244*62c56f98SSadaf EbrahimiSpecial options: 245*62c56f98SSadaf Ebrahimi -h|--help Print this help and exit. 246*62c56f98SSadaf Ebrahimi --list-all-components List all available test components and exit. 247*62c56f98SSadaf Ebrahimi --list-components List components supported on this platform and exit. 248*62c56f98SSadaf Ebrahimi 249*62c56f98SSadaf EbrahimiGeneral options: 250*62c56f98SSadaf Ebrahimi -q|--quiet Only output component names, and errors if any. 251*62c56f98SSadaf Ebrahimi -f|--force Force the tests to overwrite any modified files. 252*62c56f98SSadaf Ebrahimi -k|--keep-going Run all tests and report errors at the end. 253*62c56f98SSadaf Ebrahimi -m|--memory Additional optional memory tests. 254*62c56f98SSadaf Ebrahimi --append-outcome Append to the outcome file (if used). 255*62c56f98SSadaf Ebrahimi --arm-none-eabi-gcc-prefix=<string> 256*62c56f98SSadaf Ebrahimi Prefix for a cross-compiler for arm-none-eabi 257*62c56f98SSadaf Ebrahimi (default: "${ARM_NONE_EABI_GCC_PREFIX}") 258*62c56f98SSadaf Ebrahimi --arm-linux-gnueabi-gcc-prefix=<string> 259*62c56f98SSadaf Ebrahimi Prefix for a cross-compiler for arm-linux-gnueabi 260*62c56f98SSadaf Ebrahimi (default: "${ARM_LINUX_GNUEABI_GCC_PREFIX}") 261*62c56f98SSadaf Ebrahimi --armcc Run ARM Compiler builds (on by default). 262*62c56f98SSadaf Ebrahimi --restore First clean up the build tree, restoring backed up 263*62c56f98SSadaf Ebrahimi files. Do not run any components unless they are 264*62c56f98SSadaf Ebrahimi explicitly specified. 265*62c56f98SSadaf Ebrahimi --error-test Error test mode: run a failing function in addition 266*62c56f98SSadaf Ebrahimi to any specified component. May be repeated. 267*62c56f98SSadaf Ebrahimi --except Exclude the COMPONENTs listed on the command line, 268*62c56f98SSadaf Ebrahimi instead of running only those. 269*62c56f98SSadaf Ebrahimi --no-append-outcome Write a new outcome file and analyze it (default). 270*62c56f98SSadaf Ebrahimi --no-armcc Skip ARM Compiler builds. 271*62c56f98SSadaf Ebrahimi --no-force Refuse to overwrite modified files (default). 272*62c56f98SSadaf Ebrahimi --no-keep-going Stop at the first error (default). 273*62c56f98SSadaf Ebrahimi --no-memory No additional memory tests (default). 274*62c56f98SSadaf Ebrahimi --no-quiet Print full output from components. 275*62c56f98SSadaf Ebrahimi --out-of-source-dir=<path> Directory used for CMake out-of-source build tests. 276*62c56f98SSadaf Ebrahimi --outcome-file=<path> File where test outcomes are written (not done if 277*62c56f98SSadaf Ebrahimi empty; default: \$MBEDTLS_TEST_OUTCOME_FILE). 278*62c56f98SSadaf Ebrahimi --random-seed Use a random seed value for randomized tests (default). 279*62c56f98SSadaf Ebrahimi -r|--release-test Run this script in release mode. This fixes the seed value to ${RELEASE_SEED}. 280*62c56f98SSadaf Ebrahimi -s|--seed Integer seed value to use for this test run. 281*62c56f98SSadaf Ebrahimi 282*62c56f98SSadaf EbrahimiTool path options: 283*62c56f98SSadaf Ebrahimi --armc5-bin-dir=<ARMC5_bin_dir_path> ARM Compiler 5 bin directory. 284*62c56f98SSadaf Ebrahimi --armc6-bin-dir=<ARMC6_bin_dir_path> ARM Compiler 6 bin directory. 285*62c56f98SSadaf Ebrahimi --clang-earliest=<Clang_earliest_path> Earliest version of clang available 286*62c56f98SSadaf Ebrahimi --clang-latest=<Clang_latest_path> Latest version of clang available 287*62c56f98SSadaf Ebrahimi --gcc-earliest=<GCC_earliest_path> Earliest version of GCC available 288*62c56f98SSadaf Ebrahimi --gcc-latest=<GCC_latest_path> Latest version of GCC available 289*62c56f98SSadaf Ebrahimi --gnutls-cli=<GnuTLS_cli_path> GnuTLS client executable to use for most tests. 290*62c56f98SSadaf Ebrahimi --gnutls-serv=<GnuTLS_serv_path> GnuTLS server executable to use for most tests. 291*62c56f98SSadaf Ebrahimi --gnutls-legacy-cli=<GnuTLS_cli_path> GnuTLS client executable to use for legacy tests. 292*62c56f98SSadaf Ebrahimi --gnutls-legacy-serv=<GnuTLS_serv_path> GnuTLS server executable to use for legacy tests. 293*62c56f98SSadaf Ebrahimi --openssl=<OpenSSL_path> OpenSSL executable to use for most tests. 294*62c56f98SSadaf Ebrahimi --openssl-legacy=<OpenSSL_path> OpenSSL executable to use for legacy tests.. 295*62c56f98SSadaf Ebrahimi --openssl-next=<OpenSSL_path> OpenSSL executable to use for recent things like ARIA 296*62c56f98SSadaf EbrahimiEOF 297*62c56f98SSadaf Ebrahimi} 298*62c56f98SSadaf Ebrahimi 299*62c56f98SSadaf Ebrahimi# Cleanup before/after running a component. 300*62c56f98SSadaf Ebrahimi# Remove built files as well as the cmake cache/config. 301*62c56f98SSadaf Ebrahimi# Does not remove generated source files. 302*62c56f98SSadaf Ebrahimicleanup() 303*62c56f98SSadaf Ebrahimi{ 304*62c56f98SSadaf Ebrahimi if in_mbedtls_repo; then 305*62c56f98SSadaf Ebrahimi command make clean 306*62c56f98SSadaf Ebrahimi fi 307*62c56f98SSadaf Ebrahimi 308*62c56f98SSadaf Ebrahimi # Remove CMake artefacts 309*62c56f98SSadaf Ebrahimi find . -name .git -prune -o \ 310*62c56f98SSadaf Ebrahimi -iname CMakeFiles -exec rm -rf {} \+ -o \ 311*62c56f98SSadaf Ebrahimi \( -iname cmake_install.cmake -o \ 312*62c56f98SSadaf Ebrahimi -iname CTestTestfile.cmake -o \ 313*62c56f98SSadaf Ebrahimi -iname CMakeCache.txt -o \ 314*62c56f98SSadaf Ebrahimi -path './cmake/*.cmake' \) -exec rm -f {} \+ 315*62c56f98SSadaf Ebrahimi # Recover files overwritten by in-tree CMake builds 316*62c56f98SSadaf Ebrahimi rm -f include/Makefile include/mbedtls/Makefile programs/!(fuzz)/Makefile 317*62c56f98SSadaf Ebrahimi 318*62c56f98SSadaf Ebrahimi # Remove any artifacts from the component_test_cmake_as_subdirectory test. 319*62c56f98SSadaf Ebrahimi rm -rf programs/test/cmake_subproject/build 320*62c56f98SSadaf Ebrahimi rm -f programs/test/cmake_subproject/Makefile 321*62c56f98SSadaf Ebrahimi rm -f programs/test/cmake_subproject/cmake_subproject 322*62c56f98SSadaf Ebrahimi 323*62c56f98SSadaf Ebrahimi # Remove any artifacts from the component_test_cmake_as_package test. 324*62c56f98SSadaf Ebrahimi rm -rf programs/test/cmake_package/build 325*62c56f98SSadaf Ebrahimi rm -f programs/test/cmake_package/Makefile 326*62c56f98SSadaf Ebrahimi rm -f programs/test/cmake_package/cmake_package 327*62c56f98SSadaf Ebrahimi 328*62c56f98SSadaf Ebrahimi # Remove any artifacts from the component_test_cmake_as_installed_package test. 329*62c56f98SSadaf Ebrahimi rm -rf programs/test/cmake_package_install/build 330*62c56f98SSadaf Ebrahimi rm -f programs/test/cmake_package_install/Makefile 331*62c56f98SSadaf Ebrahimi rm -f programs/test/cmake_package_install/cmake_package_install 332*62c56f98SSadaf Ebrahimi 333*62c56f98SSadaf Ebrahimi # Restore files that may have been clobbered by the job 334*62c56f98SSadaf Ebrahimi for x in $files_to_back_up; do 335*62c56f98SSadaf Ebrahimi if [[ -e "$x$backup_suffix" ]]; then 336*62c56f98SSadaf Ebrahimi cp -p "$x$backup_suffix" "$x" 337*62c56f98SSadaf Ebrahimi fi 338*62c56f98SSadaf Ebrahimi done 339*62c56f98SSadaf Ebrahimi} 340*62c56f98SSadaf Ebrahimi 341*62c56f98SSadaf Ebrahimi# Final cleanup when this script exits (except when exiting on a failure 342*62c56f98SSadaf Ebrahimi# in non-keep-going mode). 343*62c56f98SSadaf Ebrahimifinal_cleanup () { 344*62c56f98SSadaf Ebrahimi cleanup 345*62c56f98SSadaf Ebrahimi 346*62c56f98SSadaf Ebrahimi for x in $files_to_back_up; do 347*62c56f98SSadaf Ebrahimi rm -f "$x$backup_suffix" 348*62c56f98SSadaf Ebrahimi done 349*62c56f98SSadaf Ebrahimi} 350*62c56f98SSadaf Ebrahimi 351*62c56f98SSadaf Ebrahimi# Executed on exit. May be redefined depending on command line options. 352*62c56f98SSadaf Ebrahimifinal_report () { 353*62c56f98SSadaf Ebrahimi : 354*62c56f98SSadaf Ebrahimi} 355*62c56f98SSadaf Ebrahimi 356*62c56f98SSadaf Ebrahimifatal_signal () { 357*62c56f98SSadaf Ebrahimi final_cleanup 358*62c56f98SSadaf Ebrahimi final_report $1 359*62c56f98SSadaf Ebrahimi trap - $1 360*62c56f98SSadaf Ebrahimi kill -$1 $$ 361*62c56f98SSadaf Ebrahimi} 362*62c56f98SSadaf Ebrahimi 363*62c56f98SSadaf Ebrahimitrap 'fatal_signal HUP' HUP 364*62c56f98SSadaf Ebrahimitrap 'fatal_signal INT' INT 365*62c56f98SSadaf Ebrahimitrap 'fatal_signal TERM' TERM 366*62c56f98SSadaf Ebrahimi 367*62c56f98SSadaf Ebrahimi# Number of processors on this machine. Used as the default setting 368*62c56f98SSadaf Ebrahimi# for parallel make. 369*62c56f98SSadaf Ebrahimiall_sh_nproc () 370*62c56f98SSadaf Ebrahimi{ 371*62c56f98SSadaf Ebrahimi { 372*62c56f98SSadaf Ebrahimi nproc || # Linux 373*62c56f98SSadaf Ebrahimi sysctl -n hw.ncpuonline || # NetBSD, OpenBSD 374*62c56f98SSadaf Ebrahimi sysctl -n hw.ncpu || # FreeBSD 375*62c56f98SSadaf Ebrahimi echo 1 376*62c56f98SSadaf Ebrahimi } 2>/dev/null 377*62c56f98SSadaf Ebrahimi} 378*62c56f98SSadaf Ebrahimi 379*62c56f98SSadaf Ebrahimimsg() 380*62c56f98SSadaf Ebrahimi{ 381*62c56f98SSadaf Ebrahimi if [ -n "${current_component:-}" ]; then 382*62c56f98SSadaf Ebrahimi current_section="${current_component#component_}: $1" 383*62c56f98SSadaf Ebrahimi else 384*62c56f98SSadaf Ebrahimi current_section="$1" 385*62c56f98SSadaf Ebrahimi fi 386*62c56f98SSadaf Ebrahimi 387*62c56f98SSadaf Ebrahimi if [ $QUIET -eq 1 ]; then 388*62c56f98SSadaf Ebrahimi return 389*62c56f98SSadaf Ebrahimi fi 390*62c56f98SSadaf Ebrahimi 391*62c56f98SSadaf Ebrahimi echo "" 392*62c56f98SSadaf Ebrahimi echo "******************************************************************" 393*62c56f98SSadaf Ebrahimi echo "* $current_section " 394*62c56f98SSadaf Ebrahimi printf "* "; date 395*62c56f98SSadaf Ebrahimi echo "******************************************************************" 396*62c56f98SSadaf Ebrahimi} 397*62c56f98SSadaf Ebrahimi 398*62c56f98SSadaf Ebrahimiarmc6_build_test() 399*62c56f98SSadaf Ebrahimi{ 400*62c56f98SSadaf Ebrahimi FLAGS="$1" 401*62c56f98SSadaf Ebrahimi 402*62c56f98SSadaf Ebrahimi msg "build: ARM Compiler 6 ($FLAGS)" 403*62c56f98SSadaf Ebrahimi ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ 404*62c56f98SSadaf Ebrahimi WARNING_CFLAGS='-Werror -xc -std=c99' make lib 405*62c56f98SSadaf Ebrahimi 406*62c56f98SSadaf Ebrahimi msg "size: ARM Compiler 6 ($FLAGS)" 407*62c56f98SSadaf Ebrahimi "$ARMC6_FROMELF" -z library/*.o 408*62c56f98SSadaf Ebrahimi 409*62c56f98SSadaf Ebrahimi make clean 410*62c56f98SSadaf Ebrahimi} 411*62c56f98SSadaf Ebrahimi 412*62c56f98SSadaf Ebrahimierr_msg() 413*62c56f98SSadaf Ebrahimi{ 414*62c56f98SSadaf Ebrahimi echo "$1" >&2 415*62c56f98SSadaf Ebrahimi} 416*62c56f98SSadaf Ebrahimi 417*62c56f98SSadaf Ebrahimicheck_tools() 418*62c56f98SSadaf Ebrahimi{ 419*62c56f98SSadaf Ebrahimi for tool in "$@"; do 420*62c56f98SSadaf Ebrahimi if ! `type "$tool" >/dev/null 2>&1`; then 421*62c56f98SSadaf Ebrahimi err_msg "$tool not found!" 422*62c56f98SSadaf Ebrahimi exit 1 423*62c56f98SSadaf Ebrahimi fi 424*62c56f98SSadaf Ebrahimi done 425*62c56f98SSadaf Ebrahimi} 426*62c56f98SSadaf Ebrahimi 427*62c56f98SSadaf Ebrahimipre_parse_command_line_for_dirs () { 428*62c56f98SSadaf Ebrahimi # Make an early pass through the options given, so we can set directories 429*62c56f98SSadaf Ebrahimi # for Arm compilers, before SUPPORTED_COMPONENTS is determined. 430*62c56f98SSadaf Ebrahimi while [ $# -gt 0 ]; do 431*62c56f98SSadaf Ebrahimi case "$1" in 432*62c56f98SSadaf Ebrahimi --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; 433*62c56f98SSadaf Ebrahimi --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; 434*62c56f98SSadaf Ebrahimi esac 435*62c56f98SSadaf Ebrahimi shift 436*62c56f98SSadaf Ebrahimi done 437*62c56f98SSadaf Ebrahimi} 438*62c56f98SSadaf Ebrahimi 439*62c56f98SSadaf Ebrahimipre_parse_command_line () { 440*62c56f98SSadaf Ebrahimi COMMAND_LINE_COMPONENTS= 441*62c56f98SSadaf Ebrahimi all_except=0 442*62c56f98SSadaf Ebrahimi error_test=0 443*62c56f98SSadaf Ebrahimi restore_first=0 444*62c56f98SSadaf Ebrahimi no_armcc= 445*62c56f98SSadaf Ebrahimi 446*62c56f98SSadaf Ebrahimi # Note that legacy options are ignored instead of being omitted from this 447*62c56f98SSadaf Ebrahimi # list of options, so invocations that worked with previous version of 448*62c56f98SSadaf Ebrahimi # all.sh will still run and work properly. 449*62c56f98SSadaf Ebrahimi while [ $# -gt 0 ]; do 450*62c56f98SSadaf Ebrahimi case "$1" in 451*62c56f98SSadaf Ebrahimi --append-outcome) append_outcome=1;; 452*62c56f98SSadaf Ebrahimi --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; 453*62c56f98SSadaf Ebrahimi --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";; 454*62c56f98SSadaf Ebrahimi --armcc) no_armcc=;; 455*62c56f98SSadaf Ebrahimi --armc5-bin-dir) shift; ;; # assignment to ARMC5_BIN_DIR done in pre_parse_command_line_for_dirs 456*62c56f98SSadaf Ebrahimi --armc6-bin-dir) shift; ;; # assignment to ARMC6_BIN_DIR done in pre_parse_command_line_for_dirs 457*62c56f98SSadaf Ebrahimi --clang-earliest) shift; CLANG_EARLIEST="$1";; 458*62c56f98SSadaf Ebrahimi --clang-latest) shift; CLANG_LATEST="$1";; 459*62c56f98SSadaf Ebrahimi --error-test) error_test=$((error_test + 1));; 460*62c56f98SSadaf Ebrahimi --except) all_except=1;; 461*62c56f98SSadaf Ebrahimi --force|-f) FORCE=1;; 462*62c56f98SSadaf Ebrahimi --gcc-earliest) shift; GCC_EARLIEST="$1";; 463*62c56f98SSadaf Ebrahimi --gcc-latest) shift; GCC_LATEST="$1";; 464*62c56f98SSadaf Ebrahimi --gnutls-cli) shift; GNUTLS_CLI="$1";; 465*62c56f98SSadaf Ebrahimi --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; 466*62c56f98SSadaf Ebrahimi --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; 467*62c56f98SSadaf Ebrahimi --gnutls-serv) shift; GNUTLS_SERV="$1";; 468*62c56f98SSadaf Ebrahimi --help|-h) usage; exit;; 469*62c56f98SSadaf Ebrahimi --keep-going|-k) KEEP_GOING=1;; 470*62c56f98SSadaf Ebrahimi --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; 471*62c56f98SSadaf Ebrahimi --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; 472*62c56f98SSadaf Ebrahimi --memory|-m) MEMORY=1;; 473*62c56f98SSadaf Ebrahimi --no-append-outcome) append_outcome=0;; 474*62c56f98SSadaf Ebrahimi --no-armcc) no_armcc=1;; 475*62c56f98SSadaf Ebrahimi --no-force) FORCE=0;; 476*62c56f98SSadaf Ebrahimi --no-keep-going) KEEP_GOING=0;; 477*62c56f98SSadaf Ebrahimi --no-memory) MEMORY=0;; 478*62c56f98SSadaf Ebrahimi --no-quiet) QUIET=0;; 479*62c56f98SSadaf Ebrahimi --openssl) shift; OPENSSL="$1";; 480*62c56f98SSadaf Ebrahimi --openssl-legacy) shift; OPENSSL_LEGACY="$1";; 481*62c56f98SSadaf Ebrahimi --openssl-next) shift; OPENSSL_NEXT="$1";; 482*62c56f98SSadaf Ebrahimi --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";; 483*62c56f98SSadaf Ebrahimi --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; 484*62c56f98SSadaf Ebrahimi --quiet|-q) QUIET=1;; 485*62c56f98SSadaf Ebrahimi --random-seed) unset SEED;; 486*62c56f98SSadaf Ebrahimi --release-test|-r) SEED=$RELEASE_SEED;; 487*62c56f98SSadaf Ebrahimi --restore) restore_first=1;; 488*62c56f98SSadaf Ebrahimi --seed|-s) shift; SEED="$1";; 489*62c56f98SSadaf Ebrahimi -*) 490*62c56f98SSadaf Ebrahimi echo >&2 "Unknown option: $1" 491*62c56f98SSadaf Ebrahimi echo >&2 "Run $0 --help for usage." 492*62c56f98SSadaf Ebrahimi exit 120 493*62c56f98SSadaf Ebrahimi ;; 494*62c56f98SSadaf Ebrahimi *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";; 495*62c56f98SSadaf Ebrahimi esac 496*62c56f98SSadaf Ebrahimi shift 497*62c56f98SSadaf Ebrahimi done 498*62c56f98SSadaf Ebrahimi 499*62c56f98SSadaf Ebrahimi # With no list of components, run everything. 500*62c56f98SSadaf Ebrahimi if [ -z "$COMMAND_LINE_COMPONENTS" ] && [ $restore_first -eq 0 ]; then 501*62c56f98SSadaf Ebrahimi all_except=1 502*62c56f98SSadaf Ebrahimi fi 503*62c56f98SSadaf Ebrahimi 504*62c56f98SSadaf Ebrahimi # --no-armcc is a legacy option. The modern way is --except '*_armcc*'. 505*62c56f98SSadaf Ebrahimi # Ignore it if components are listed explicitly on the command line. 506*62c56f98SSadaf Ebrahimi if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then 507*62c56f98SSadaf Ebrahimi COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*" 508*62c56f98SSadaf Ebrahimi fi 509*62c56f98SSadaf Ebrahimi 510*62c56f98SSadaf Ebrahimi # Error out if an explicitly requested component doesn't exist. 511*62c56f98SSadaf Ebrahimi if [ $all_except -eq 0 ]; then 512*62c56f98SSadaf Ebrahimi unsupported=0 513*62c56f98SSadaf Ebrahimi # Temporarily disable wildcard expansion so that $COMMAND_LINE_COMPONENTS 514*62c56f98SSadaf Ebrahimi # only does word splitting. 515*62c56f98SSadaf Ebrahimi set -f 516*62c56f98SSadaf Ebrahimi for component in $COMMAND_LINE_COMPONENTS; do 517*62c56f98SSadaf Ebrahimi set +f 518*62c56f98SSadaf Ebrahimi # If the requested name includes a wildcard character, don't 519*62c56f98SSadaf Ebrahimi # check it. Accept wildcard patterns that don't match anything. 520*62c56f98SSadaf Ebrahimi case $component in 521*62c56f98SSadaf Ebrahimi *[*?\[]*) continue;; 522*62c56f98SSadaf Ebrahimi esac 523*62c56f98SSadaf Ebrahimi case " $SUPPORTED_COMPONENTS " in 524*62c56f98SSadaf Ebrahimi *" $component "*) :;; 525*62c56f98SSadaf Ebrahimi *) 526*62c56f98SSadaf Ebrahimi echo >&2 "Component $component was explicitly requested, but is not known or not supported." 527*62c56f98SSadaf Ebrahimi unsupported=$((unsupported + 1));; 528*62c56f98SSadaf Ebrahimi esac 529*62c56f98SSadaf Ebrahimi done 530*62c56f98SSadaf Ebrahimi set +f 531*62c56f98SSadaf Ebrahimi if [ $unsupported -ne 0 ]; then 532*62c56f98SSadaf Ebrahimi exit 2 533*62c56f98SSadaf Ebrahimi fi 534*62c56f98SSadaf Ebrahimi fi 535*62c56f98SSadaf Ebrahimi 536*62c56f98SSadaf Ebrahimi # Build the list of components to run. 537*62c56f98SSadaf Ebrahimi RUN_COMPONENTS= 538*62c56f98SSadaf Ebrahimi for component in $SUPPORTED_COMPONENTS; do 539*62c56f98SSadaf Ebrahimi if is_component_included "$component"; [ $? -eq $all_except ]; then 540*62c56f98SSadaf Ebrahimi RUN_COMPONENTS="$RUN_COMPONENTS $component" 541*62c56f98SSadaf Ebrahimi fi 542*62c56f98SSadaf Ebrahimi done 543*62c56f98SSadaf Ebrahimi 544*62c56f98SSadaf Ebrahimi unset all_except 545*62c56f98SSadaf Ebrahimi unset no_armcc 546*62c56f98SSadaf Ebrahimi} 547*62c56f98SSadaf Ebrahimi 548*62c56f98SSadaf Ebrahimipre_check_git () { 549*62c56f98SSadaf Ebrahimi if [ $FORCE -eq 1 ]; then 550*62c56f98SSadaf Ebrahimi rm -rf "$OUT_OF_SOURCE_DIR" 551*62c56f98SSadaf Ebrahimi git checkout-index -f -q $CONFIG_H 552*62c56f98SSadaf Ebrahimi cleanup 553*62c56f98SSadaf Ebrahimi else 554*62c56f98SSadaf Ebrahimi 555*62c56f98SSadaf Ebrahimi if [ -d "$OUT_OF_SOURCE_DIR" ]; then 556*62c56f98SSadaf Ebrahimi echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2 557*62c56f98SSadaf Ebrahimi echo "You can either delete this directory manually, or force the test by rerunning" 558*62c56f98SSadaf Ebrahimi echo "the script as: $0 --force --out-of-source-dir $OUT_OF_SOURCE_DIR" 559*62c56f98SSadaf Ebrahimi exit 1 560*62c56f98SSadaf Ebrahimi fi 561*62c56f98SSadaf Ebrahimi 562*62c56f98SSadaf Ebrahimi if ! git diff --quiet "$CONFIG_H"; then 563*62c56f98SSadaf Ebrahimi err_msg "Warning - the configuration file '$CONFIG_H' has been edited. " 564*62c56f98SSadaf Ebrahimi echo "You can either delete or preserve your work, or force the test by rerunning the" 565*62c56f98SSadaf Ebrahimi echo "script as: $0 --force" 566*62c56f98SSadaf Ebrahimi exit 1 567*62c56f98SSadaf Ebrahimi fi 568*62c56f98SSadaf Ebrahimi fi 569*62c56f98SSadaf Ebrahimi} 570*62c56f98SSadaf Ebrahimi 571*62c56f98SSadaf Ebrahimipre_restore_files () { 572*62c56f98SSadaf Ebrahimi # If the makefiles have been generated by a framework such as cmake, 573*62c56f98SSadaf Ebrahimi # restore them from git. If the makefiles look like modifications from 574*62c56f98SSadaf Ebrahimi # the ones checked into git, take care not to modify them. Whatever 575*62c56f98SSadaf Ebrahimi # this function leaves behind is what the script will restore before 576*62c56f98SSadaf Ebrahimi # each component. 577*62c56f98SSadaf Ebrahimi case "$(head -n1 Makefile)" in 578*62c56f98SSadaf Ebrahimi *[Gg]enerated*) 579*62c56f98SSadaf Ebrahimi git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile 580*62c56f98SSadaf Ebrahimi git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile 581*62c56f98SSadaf Ebrahimi ;; 582*62c56f98SSadaf Ebrahimi esac 583*62c56f98SSadaf Ebrahimi} 584*62c56f98SSadaf Ebrahimi 585*62c56f98SSadaf Ebrahimipre_back_up () { 586*62c56f98SSadaf Ebrahimi for x in $files_to_back_up; do 587*62c56f98SSadaf Ebrahimi cp -p "$x" "$x$backup_suffix" 588*62c56f98SSadaf Ebrahimi done 589*62c56f98SSadaf Ebrahimi} 590*62c56f98SSadaf Ebrahimi 591*62c56f98SSadaf Ebrahimipre_setup_keep_going () { 592*62c56f98SSadaf Ebrahimi failure_count=0 # Number of failed components 593*62c56f98SSadaf Ebrahimi last_failure_status=0 # Last failure status in this component 594*62c56f98SSadaf Ebrahimi 595*62c56f98SSadaf Ebrahimi # See err_trap 596*62c56f98SSadaf Ebrahimi previous_failure_status=0 597*62c56f98SSadaf Ebrahimi previous_failed_command= 598*62c56f98SSadaf Ebrahimi previous_failure_funcall_depth=0 599*62c56f98SSadaf Ebrahimi unset report_failed_command 600*62c56f98SSadaf Ebrahimi 601*62c56f98SSadaf Ebrahimi start_red= 602*62c56f98SSadaf Ebrahimi end_color= 603*62c56f98SSadaf Ebrahimi if [ -t 1 ]; then 604*62c56f98SSadaf Ebrahimi case "${TERM:-}" in 605*62c56f98SSadaf Ebrahimi *color*|cygwin|linux|rxvt*|screen|[Eex]term*) 606*62c56f98SSadaf Ebrahimi start_red=$(printf '\033[31m') 607*62c56f98SSadaf Ebrahimi end_color=$(printf '\033[0m') 608*62c56f98SSadaf Ebrahimi ;; 609*62c56f98SSadaf Ebrahimi esac 610*62c56f98SSadaf Ebrahimi fi 611*62c56f98SSadaf Ebrahimi 612*62c56f98SSadaf Ebrahimi # Keep a summary of failures in a file. We'll print it out at the end. 613*62c56f98SSadaf Ebrahimi failure_summary_file=$PWD/all-sh-failures-$$.log 614*62c56f98SSadaf Ebrahimi : >"$failure_summary_file" 615*62c56f98SSadaf Ebrahimi 616*62c56f98SSadaf Ebrahimi # Whether it makes sense to keep a component going after the specified 617*62c56f98SSadaf Ebrahimi # command fails (test command) or not (configure or build). 618*62c56f98SSadaf Ebrahimi # This function normally receives the failing simple command 619*62c56f98SSadaf Ebrahimi # ($BASH_COMMAND) as an argument, but if $report_failed_command is set, 620*62c56f98SSadaf Ebrahimi # this is passed instead. 621*62c56f98SSadaf Ebrahimi # This doesn't have to be 100% accurate: all failures are recorded anyway. 622*62c56f98SSadaf Ebrahimi # False positives result in running things that can't be expected to 623*62c56f98SSadaf Ebrahimi # work. False negatives result in things not running after something else 624*62c56f98SSadaf Ebrahimi # failed even though they might have given useful feedback. 625*62c56f98SSadaf Ebrahimi can_keep_going_after_failure () { 626*62c56f98SSadaf Ebrahimi case "$1" in 627*62c56f98SSadaf Ebrahimi "msg "*) false;; 628*62c56f98SSadaf Ebrahimi "cd "*) false;; 629*62c56f98SSadaf Ebrahimi *make*[\ /]tests*) false;; # make tests, make CFLAGS=-I../tests, ... 630*62c56f98SSadaf Ebrahimi *test*) true;; # make test, tests/stuff, env V=v tests/stuff, ... 631*62c56f98SSadaf Ebrahimi *make*check*) true;; 632*62c56f98SSadaf Ebrahimi "grep "*) true;; 633*62c56f98SSadaf Ebrahimi "[ "*) true;; 634*62c56f98SSadaf Ebrahimi "! "*) true;; 635*62c56f98SSadaf Ebrahimi *) false;; 636*62c56f98SSadaf Ebrahimi esac 637*62c56f98SSadaf Ebrahimi } 638*62c56f98SSadaf Ebrahimi 639*62c56f98SSadaf Ebrahimi # This function runs if there is any error in a component. 640*62c56f98SSadaf Ebrahimi # It must either exit with a nonzero status, or set 641*62c56f98SSadaf Ebrahimi # last_failure_status to a nonzero value. 642*62c56f98SSadaf Ebrahimi err_trap () { 643*62c56f98SSadaf Ebrahimi # Save $? (status of the failing command). This must be the very 644*62c56f98SSadaf Ebrahimi # first thing, before $? is overridden. 645*62c56f98SSadaf Ebrahimi last_failure_status=$? 646*62c56f98SSadaf Ebrahimi failed_command=${report_failed_command-$BASH_COMMAND} 647*62c56f98SSadaf Ebrahimi 648*62c56f98SSadaf Ebrahimi if [[ $last_failure_status -eq $previous_failure_status && 649*62c56f98SSadaf Ebrahimi "$failed_command" == "$previous_failed_command" && 650*62c56f98SSadaf Ebrahimi ${#FUNCNAME[@]} == $((previous_failure_funcall_depth - 1)) ]] 651*62c56f98SSadaf Ebrahimi then 652*62c56f98SSadaf Ebrahimi # The same command failed twice in a row, but this time one level 653*62c56f98SSadaf Ebrahimi # less deep in the function call stack. This happens when the last 654*62c56f98SSadaf Ebrahimi # command of a function returns a nonzero status, and the function 655*62c56f98SSadaf Ebrahimi # returns that same status. Ignore the second failure. 656*62c56f98SSadaf Ebrahimi previous_failure_funcall_depth=${#FUNCNAME[@]} 657*62c56f98SSadaf Ebrahimi return 658*62c56f98SSadaf Ebrahimi fi 659*62c56f98SSadaf Ebrahimi previous_failure_status=$last_failure_status 660*62c56f98SSadaf Ebrahimi previous_failed_command=$failed_command 661*62c56f98SSadaf Ebrahimi previous_failure_funcall_depth=${#FUNCNAME[@]} 662*62c56f98SSadaf Ebrahimi 663*62c56f98SSadaf Ebrahimi text="$current_section: $failed_command -> $last_failure_status" 664*62c56f98SSadaf Ebrahimi echo "${start_red}^^^^$text^^^^${end_color}" >&2 665*62c56f98SSadaf Ebrahimi echo "$text" >>"$failure_summary_file" 666*62c56f98SSadaf Ebrahimi 667*62c56f98SSadaf Ebrahimi # If the command is fatal (configure or build command), stop this 668*62c56f98SSadaf Ebrahimi # component. Otherwise (test command) keep the component running 669*62c56f98SSadaf Ebrahimi # (run more tests from the same build). 670*62c56f98SSadaf Ebrahimi if ! can_keep_going_after_failure "$failed_command"; then 671*62c56f98SSadaf Ebrahimi exit $last_failure_status 672*62c56f98SSadaf Ebrahimi fi 673*62c56f98SSadaf Ebrahimi } 674*62c56f98SSadaf Ebrahimi 675*62c56f98SSadaf Ebrahimi final_report () { 676*62c56f98SSadaf Ebrahimi if [ $failure_count -gt 0 ]; then 677*62c56f98SSadaf Ebrahimi echo 678*62c56f98SSadaf Ebrahimi echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" 679*62c56f98SSadaf Ebrahimi echo "${start_red}FAILED: $failure_count components${end_color}" 680*62c56f98SSadaf Ebrahimi cat "$failure_summary_file" 681*62c56f98SSadaf Ebrahimi echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" 682*62c56f98SSadaf Ebrahimi elif [ -z "${1-}" ]; then 683*62c56f98SSadaf Ebrahimi echo "SUCCESS :)" 684*62c56f98SSadaf Ebrahimi fi 685*62c56f98SSadaf Ebrahimi if [ -n "${1-}" ]; then 686*62c56f98SSadaf Ebrahimi echo "Killed by SIG$1." 687*62c56f98SSadaf Ebrahimi fi 688*62c56f98SSadaf Ebrahimi rm -f "$failure_summary_file" 689*62c56f98SSadaf Ebrahimi if [ $failure_count -gt 0 ]; then 690*62c56f98SSadaf Ebrahimi exit 1 691*62c56f98SSadaf Ebrahimi fi 692*62c56f98SSadaf Ebrahimi } 693*62c56f98SSadaf Ebrahimi} 694*62c56f98SSadaf Ebrahimi 695*62c56f98SSadaf Ebrahimi# record_status() and if_build_succeeded() are kept temporarily for backward 696*62c56f98SSadaf Ebrahimi# compatibility. Don't use them in new components. 697*62c56f98SSadaf Ebrahimirecord_status () { 698*62c56f98SSadaf Ebrahimi "$@" 699*62c56f98SSadaf Ebrahimi} 700*62c56f98SSadaf Ebrahimiif_build_succeeded () { 701*62c56f98SSadaf Ebrahimi "$@" 702*62c56f98SSadaf Ebrahimi} 703*62c56f98SSadaf Ebrahimi 704*62c56f98SSadaf Ebrahimi# '! true' does not trigger the ERR trap. Arrange to trigger it, with 705*62c56f98SSadaf Ebrahimi# a reasonably informative error message (not just "$@"). 706*62c56f98SSadaf Ebrahiminot () { 707*62c56f98SSadaf Ebrahimi if "$@"; then 708*62c56f98SSadaf Ebrahimi report_failed_command="! $*" 709*62c56f98SSadaf Ebrahimi false 710*62c56f98SSadaf Ebrahimi unset report_failed_command 711*62c56f98SSadaf Ebrahimi fi 712*62c56f98SSadaf Ebrahimi} 713*62c56f98SSadaf Ebrahimi 714*62c56f98SSadaf Ebrahimipre_prepare_outcome_file () { 715*62c56f98SSadaf Ebrahimi case "$MBEDTLS_TEST_OUTCOME_FILE" in 716*62c56f98SSadaf Ebrahimi [!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";; 717*62c56f98SSadaf Ebrahimi esac 718*62c56f98SSadaf Ebrahimi if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ] && [ "$append_outcome" -eq 0 ]; then 719*62c56f98SSadaf Ebrahimi rm -f "$MBEDTLS_TEST_OUTCOME_FILE" 720*62c56f98SSadaf Ebrahimi fi 721*62c56f98SSadaf Ebrahimi} 722*62c56f98SSadaf Ebrahimi 723*62c56f98SSadaf Ebrahimipre_print_configuration () { 724*62c56f98SSadaf Ebrahimi if [ $QUIET -eq 1 ]; then 725*62c56f98SSadaf Ebrahimi return 726*62c56f98SSadaf Ebrahimi fi 727*62c56f98SSadaf Ebrahimi 728*62c56f98SSadaf Ebrahimi msg "info: $0 configuration" 729*62c56f98SSadaf Ebrahimi echo "MEMORY: $MEMORY" 730*62c56f98SSadaf Ebrahimi echo "FORCE: $FORCE" 731*62c56f98SSadaf Ebrahimi echo "MBEDTLS_TEST_OUTCOME_FILE: ${MBEDTLS_TEST_OUTCOME_FILE:-(none)}" 732*62c56f98SSadaf Ebrahimi echo "SEED: ${SEED-"UNSET"}" 733*62c56f98SSadaf Ebrahimi echo 734*62c56f98SSadaf Ebrahimi echo "OPENSSL: $OPENSSL" 735*62c56f98SSadaf Ebrahimi echo "OPENSSL_LEGACY: $OPENSSL_LEGACY" 736*62c56f98SSadaf Ebrahimi echo "OPENSSL_NEXT: $OPENSSL_NEXT" 737*62c56f98SSadaf Ebrahimi echo "GNUTLS_CLI: $GNUTLS_CLI" 738*62c56f98SSadaf Ebrahimi echo "GNUTLS_SERV: $GNUTLS_SERV" 739*62c56f98SSadaf Ebrahimi echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" 740*62c56f98SSadaf Ebrahimi echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" 741*62c56f98SSadaf Ebrahimi echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" 742*62c56f98SSadaf Ebrahimi echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" 743*62c56f98SSadaf Ebrahimi} 744*62c56f98SSadaf Ebrahimi 745*62c56f98SSadaf Ebrahimi# Make sure the tools we need are available. 746*62c56f98SSadaf Ebrahimipre_check_tools () { 747*62c56f98SSadaf Ebrahimi # Build the list of variables to pass to output_env.sh. 748*62c56f98SSadaf Ebrahimi set env 749*62c56f98SSadaf Ebrahimi 750*62c56f98SSadaf Ebrahimi case " $RUN_COMPONENTS " in 751*62c56f98SSadaf Ebrahimi # Require OpenSSL and GnuTLS if running any tests (as opposed to 752*62c56f98SSadaf Ebrahimi # only doing builds). Not all tests run OpenSSL and GnuTLS, but this 753*62c56f98SSadaf Ebrahimi # is a good enough approximation in practice. 754*62c56f98SSadaf Ebrahimi *" test_"*) 755*62c56f98SSadaf Ebrahimi # To avoid setting OpenSSL and GnuTLS for each call to compat.sh 756*62c56f98SSadaf Ebrahimi # and ssl-opt.sh, we just export the variables they require. 757*62c56f98SSadaf Ebrahimi export OPENSSL="$OPENSSL" 758*62c56f98SSadaf Ebrahimi export GNUTLS_CLI="$GNUTLS_CLI" 759*62c56f98SSadaf Ebrahimi export GNUTLS_SERV="$GNUTLS_SERV" 760*62c56f98SSadaf Ebrahimi # Avoid passing --seed flag in every call to ssl-opt.sh 761*62c56f98SSadaf Ebrahimi if [ -n "${SEED-}" ]; then 762*62c56f98SSadaf Ebrahimi export SEED 763*62c56f98SSadaf Ebrahimi fi 764*62c56f98SSadaf Ebrahimi set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" 765*62c56f98SSadaf Ebrahimi set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" 766*62c56f98SSadaf Ebrahimi set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" 767*62c56f98SSadaf Ebrahimi set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" 768*62c56f98SSadaf Ebrahimi check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ 769*62c56f98SSadaf Ebrahimi "$GNUTLS_CLI" "$GNUTLS_SERV" \ 770*62c56f98SSadaf Ebrahimi "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" 771*62c56f98SSadaf Ebrahimi ;; 772*62c56f98SSadaf Ebrahimi esac 773*62c56f98SSadaf Ebrahimi 774*62c56f98SSadaf Ebrahimi case " $RUN_COMPONENTS " in 775*62c56f98SSadaf Ebrahimi *_doxygen[_\ ]*) check_tools "doxygen" "dot";; 776*62c56f98SSadaf Ebrahimi esac 777*62c56f98SSadaf Ebrahimi 778*62c56f98SSadaf Ebrahimi case " $RUN_COMPONENTS " in 779*62c56f98SSadaf Ebrahimi *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_NONE_EABI_GCC_PREFIX}gcc";; 780*62c56f98SSadaf Ebrahimi esac 781*62c56f98SSadaf Ebrahimi 782*62c56f98SSadaf Ebrahimi case " $RUN_COMPONENTS " in 783*62c56f98SSadaf Ebrahimi *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";; 784*62c56f98SSadaf Ebrahimi esac 785*62c56f98SSadaf Ebrahimi 786*62c56f98SSadaf Ebrahimi case " $RUN_COMPONENTS " in 787*62c56f98SSadaf Ebrahimi *" test_zeroize "*) check_tools "gdb";; 788*62c56f98SSadaf Ebrahimi esac 789*62c56f98SSadaf Ebrahimi 790*62c56f98SSadaf Ebrahimi case " $RUN_COMPONENTS " in 791*62c56f98SSadaf Ebrahimi *_armcc*) 792*62c56f98SSadaf Ebrahimi ARMC5_CC="$ARMC5_BIN_DIR/armcc" 793*62c56f98SSadaf Ebrahimi ARMC5_AR="$ARMC5_BIN_DIR/armar" 794*62c56f98SSadaf Ebrahimi ARMC5_FROMELF="$ARMC5_BIN_DIR/fromelf" 795*62c56f98SSadaf Ebrahimi ARMC6_CC="$ARMC6_BIN_DIR/armclang" 796*62c56f98SSadaf Ebrahimi ARMC6_AR="$ARMC6_BIN_DIR/armar" 797*62c56f98SSadaf Ebrahimi ARMC6_FROMELF="$ARMC6_BIN_DIR/fromelf" 798*62c56f98SSadaf Ebrahimi check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC5_FROMELF" \ 799*62c56f98SSadaf Ebrahimi "$ARMC6_CC" "$ARMC6_AR" "$ARMC6_FROMELF";; 800*62c56f98SSadaf Ebrahimi esac 801*62c56f98SSadaf Ebrahimi 802*62c56f98SSadaf Ebrahimi # past this point, no call to check_tool, only printing output 803*62c56f98SSadaf Ebrahimi if [ $QUIET -eq 1 ]; then 804*62c56f98SSadaf Ebrahimi return 805*62c56f98SSadaf Ebrahimi fi 806*62c56f98SSadaf Ebrahimi 807*62c56f98SSadaf Ebrahimi msg "info: output_env.sh" 808*62c56f98SSadaf Ebrahimi case $RUN_COMPONENTS in 809*62c56f98SSadaf Ebrahimi *_armcc*) 810*62c56f98SSadaf Ebrahimi set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; 811*62c56f98SSadaf Ebrahimi *) set "$@" RUN_ARMCC=0;; 812*62c56f98SSadaf Ebrahimi esac 813*62c56f98SSadaf Ebrahimi "$@" scripts/output_env.sh 814*62c56f98SSadaf Ebrahimi} 815*62c56f98SSadaf Ebrahimi 816*62c56f98SSadaf Ebrahimipre_generate_files() { 817*62c56f98SSadaf Ebrahimi # since make doesn't have proper dependencies, remove any possibly outdate 818*62c56f98SSadaf Ebrahimi # file that might be around before generating fresh ones 819*62c56f98SSadaf Ebrahimi make neat 820*62c56f98SSadaf Ebrahimi if [ $QUIET -eq 1 ]; then 821*62c56f98SSadaf Ebrahimi make generated_files >/dev/null 822*62c56f98SSadaf Ebrahimi else 823*62c56f98SSadaf Ebrahimi make generated_files 824*62c56f98SSadaf Ebrahimi fi 825*62c56f98SSadaf Ebrahimi} 826*62c56f98SSadaf Ebrahimi 827*62c56f98SSadaf Ebrahimi################################################################ 828*62c56f98SSadaf Ebrahimi#### Helpers for components using libtestdriver1 829*62c56f98SSadaf Ebrahimi################################################################ 830*62c56f98SSadaf Ebrahimi 831*62c56f98SSadaf Ebrahimi# How to use libtestdriver1 832*62c56f98SSadaf Ebrahimi# ------------------------- 833*62c56f98SSadaf Ebrahimi# 834*62c56f98SSadaf Ebrahimi# 1. Define the list algorithms and key types to accelerate, 835*62c56f98SSadaf Ebrahimi# designated the same way as PSA_WANT_ macros but without PSA_WANT_. 836*62c56f98SSadaf Ebrahimi# Examples: 837*62c56f98SSadaf Ebrahimi# - loc_accel_list="ALG_JPAKE" 838*62c56f98SSadaf Ebrahimi# - loc_accel_list="ALG_FFDH KEY_TYPE_DH_KEY_PAIR KEY_TYPE_DH_PUBLIC_KEY" 839*62c56f98SSadaf Ebrahimi# 2. Make configurations changes for the driver and/or main libraries. 840*62c56f98SSadaf Ebrahimi# 2a. Call helper_libtestdriver1_adjust_config <base>, where the argument 841*62c56f98SSadaf Ebrahimi# can be either "default" to start with the default config, or a name 842*62c56f98SSadaf Ebrahimi# supported by scripts/config.py (for example, "full"). This selects 843*62c56f98SSadaf Ebrahimi# the base to use, and makes common adjustments. 844*62c56f98SSadaf Ebrahimi# 2b. If desired, adjust the PSA_WANT symbols in psa/crypto_config.h. 845*62c56f98SSadaf Ebrahimi# These changes affect both the driver and the main libraries. 846*62c56f98SSadaf Ebrahimi# (Note: they need to have the same set of PSA_WANT symbols, as that 847*62c56f98SSadaf Ebrahimi# determines the ABI between them.) 848*62c56f98SSadaf Ebrahimi# 2c. Adjust MBEDTLS_ symbols in mbedtls_config.h. This only affects the 849*62c56f98SSadaf Ebrahimi# main libraries. Typically, you want to disable the module(s) that are 850*62c56f98SSadaf Ebrahimi# being accelerated. You may need to also disable modules that depend 851*62c56f98SSadaf Ebrahimi# on them or options that are not supported with drivers. 852*62c56f98SSadaf Ebrahimi# 2d. On top of psa/crypto_config.h, the driver library uses its own config 853*62c56f98SSadaf Ebrahimi# file: tests/include/test/drivers/config_test_driver.h. You usually 854*62c56f98SSadaf Ebrahimi# don't need to edit it: using loc_extra_list (see below) is preferred. 855*62c56f98SSadaf Ebrahimi# However, when there's no PSA symbol for what you want to enable, 856*62c56f98SSadaf Ebrahimi# calling scripts/config.py on this file remains the only option. 857*62c56f98SSadaf Ebrahimi# 3. Build the driver library, then the main libraries, test, and programs. 858*62c56f98SSadaf Ebrahimi# 3a. Call helper_libtestdriver1_make_drivers "$loc_accel_list". You may 859*62c56f98SSadaf Ebrahimi# need to enable more algorithms here, typically hash algorithms when 860*62c56f98SSadaf Ebrahimi# accelerating some signature algorithms (ECDSA, RSAv2). This is done 861*62c56f98SSadaf Ebrahimi# by passing a 2nd argument listing the extra algorithms. 862*62c56f98SSadaf Ebrahimi# Example: 863*62c56f98SSadaf Ebrahimi# loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" 864*62c56f98SSadaf Ebrahimi# helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 865*62c56f98SSadaf Ebrahimi# 4b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any 866*62c56f98SSadaf Ebrahimi# additional arguments will be passed to make: this can be useful if 867*62c56f98SSadaf Ebrahimi# you don't want to build everything when iterating during development. 868*62c56f98SSadaf Ebrahimi# Example: 869*62c56f98SSadaf Ebrahimi# helper_libtestdriver1_make_main "$loc_accel_list" -C tests test_suite_foo 870*62c56f98SSadaf Ebrahimi# 4. Run the tests you want. 871*62c56f98SSadaf Ebrahimi 872*62c56f98SSadaf Ebrahimi# Adjust the configuration - for both libtestdriver1 and main library, 873*62c56f98SSadaf Ebrahimi# as they should have the same PSA_WANT macros. 874*62c56f98SSadaf Ebrahimihelper_libtestdriver1_adjust_config() { 875*62c56f98SSadaf Ebrahimi base_config=$1 876*62c56f98SSadaf Ebrahimi # Select the base configuration 877*62c56f98SSadaf Ebrahimi if [ "$base_config" != "default" ]; then 878*62c56f98SSadaf Ebrahimi scripts/config.py "$base_config" 879*62c56f98SSadaf Ebrahimi fi 880*62c56f98SSadaf Ebrahimi 881*62c56f98SSadaf Ebrahimi # Enable PSA-based config (necessary to use drivers) 882*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG 883*62c56f98SSadaf Ebrahimi 884*62c56f98SSadaf Ebrahimi # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having 885*62c56f98SSadaf Ebrahimi # partial support for cipher operations in the driver test library. 886*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER 887*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING 888*62c56f98SSadaf Ebrahimi 889*62c56f98SSadaf Ebrahimi # Dynamic secure element support is a deprecated feature and needs to be disabled here. 890*62c56f98SSadaf Ebrahimi # This is done to have the same form of psa_key_attributes_s for libdriver and library. 891*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C 892*62c56f98SSadaf Ebrahimi} 893*62c56f98SSadaf Ebrahimi 894*62c56f98SSadaf Ebrahimi# When called with no parameter this function disables all builtin curves. 895*62c56f98SSadaf Ebrahimi# The function optionally accepts 1 parameter: a space-separated list of the 896*62c56f98SSadaf Ebrahimi# curves that should be kept enabled. 897*62c56f98SSadaf Ebrahimihelper_disable_builtin_curves() { 898*62c56f98SSadaf Ebrahimi allowed_list="${1:-}" 899*62c56f98SSadaf Ebrahimi scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" 900*62c56f98SSadaf Ebrahimi 901*62c56f98SSadaf Ebrahimi for curve in $allowed_list; do 902*62c56f98SSadaf Ebrahimi scripts/config.py set $curve 903*62c56f98SSadaf Ebrahimi done 904*62c56f98SSadaf Ebrahimi} 905*62c56f98SSadaf Ebrahimi 906*62c56f98SSadaf Ebrahimi# Helper returning the list of supported elliptic curves from CRYPTO_CONFIG_H, 907*62c56f98SSadaf Ebrahimi# without the "PSA_WANT_" prefix. This becomes handy for accelerating curves 908*62c56f98SSadaf Ebrahimi# in the following helpers. 909*62c56f98SSadaf Ebrahimihelper_get_psa_curve_list () { 910*62c56f98SSadaf Ebrahimi loc_list="" 911*62c56f98SSadaf Ebrahimi for item in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do 912*62c56f98SSadaf Ebrahimi loc_list="$loc_list $item" 913*62c56f98SSadaf Ebrahimi done 914*62c56f98SSadaf Ebrahimi 915*62c56f98SSadaf Ebrahimi echo "$loc_list" 916*62c56f98SSadaf Ebrahimi} 917*62c56f98SSadaf Ebrahimi 918*62c56f98SSadaf Ebrahimi# Get the list of uncommented PSA_WANT_KEY_TYPE_xxx_ from CRYPTO_CONFIG_H. This 919*62c56f98SSadaf Ebrahimi# is useful to easily get a list of key type symbols to accelerate. 920*62c56f98SSadaf Ebrahimi# The function accepts a single argument which is the key type: ECC, DH, RSA. 921*62c56f98SSadaf Ebrahimihelper_get_psa_key_type_list() { 922*62c56f98SSadaf Ebrahimi key_type="$1" 923*62c56f98SSadaf Ebrahimi loc_list="" 924*62c56f98SSadaf Ebrahimi for item in $(sed -n "s/^#define PSA_WANT_\(KEY_TYPE_${key_type}_[0-9A-Z_a-z]*\).*/\1/p" <"$CRYPTO_CONFIG_H"); do 925*62c56f98SSadaf Ebrahimi # Skip DERIVE for elliptic keys since there is no driver dispatch for 926*62c56f98SSadaf Ebrahimi # it so it cannot be accelerated. 927*62c56f98SSadaf Ebrahimi if [ "$item" != "KEY_TYPE_ECC_KEY_PAIR_DERIVE" ]; then 928*62c56f98SSadaf Ebrahimi loc_list="$loc_list $item" 929*62c56f98SSadaf Ebrahimi fi 930*62c56f98SSadaf Ebrahimi done 931*62c56f98SSadaf Ebrahimi 932*62c56f98SSadaf Ebrahimi echo "$loc_list" 933*62c56f98SSadaf Ebrahimi} 934*62c56f98SSadaf Ebrahimi 935*62c56f98SSadaf Ebrahimi# Build the drivers library libtestdriver1.a (with ASan). 936*62c56f98SSadaf Ebrahimi# 937*62c56f98SSadaf Ebrahimi# Parameters: 938*62c56f98SSadaf Ebrahimi# 1. a space-separated list of things to accelerate; 939*62c56f98SSadaf Ebrahimi# 2. optional: a space-separate list of things to also support. 940*62c56f98SSadaf Ebrahimi# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. 941*62c56f98SSadaf Ebrahimihelper_libtestdriver1_make_drivers() { 942*62c56f98SSadaf Ebrahimi loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) 943*62c56f98SSadaf Ebrahimi make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" 944*62c56f98SSadaf Ebrahimi} 945*62c56f98SSadaf Ebrahimi 946*62c56f98SSadaf Ebrahimi# Build the main libraries, programs and tests, 947*62c56f98SSadaf Ebrahimi# linking to the drivers library (with ASan). 948*62c56f98SSadaf Ebrahimi# 949*62c56f98SSadaf Ebrahimi# Parameters: 950*62c56f98SSadaf Ebrahimi# 1. a space-separated list of things to accelerate; 951*62c56f98SSadaf Ebrahimi# *. remaining arguments if any are passed directly to make 952*62c56f98SSadaf Ebrahimi# (examples: lib, -C tests test_suite_xxx, etc.) 953*62c56f98SSadaf Ebrahimi# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. 954*62c56f98SSadaf Ebrahimihelper_libtestdriver1_make_main() { 955*62c56f98SSadaf Ebrahimi loc_accel_list=$1 956*62c56f98SSadaf Ebrahimi shift 957*62c56f98SSadaf Ebrahimi 958*62c56f98SSadaf Ebrahimi # we need flags both with and without the LIBTESTDRIVER1_ prefix 959*62c56f98SSadaf Ebrahimi loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) 960*62c56f98SSadaf Ebrahimi loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" 961*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" 962*62c56f98SSadaf Ebrahimi} 963*62c56f98SSadaf Ebrahimi 964*62c56f98SSadaf Ebrahimi################################################################ 965*62c56f98SSadaf Ebrahimi#### Basic checks 966*62c56f98SSadaf Ebrahimi################################################################ 967*62c56f98SSadaf Ebrahimi 968*62c56f98SSadaf Ebrahimi# 969*62c56f98SSadaf Ebrahimi# Test Suites to be executed 970*62c56f98SSadaf Ebrahimi# 971*62c56f98SSadaf Ebrahimi# The test ordering tries to optimize for the following criteria: 972*62c56f98SSadaf Ebrahimi# 1. Catch possible problems early, by running first tests that run quickly 973*62c56f98SSadaf Ebrahimi# and/or are more likely to fail than others (eg I use Clang most of the 974*62c56f98SSadaf Ebrahimi# time, so start with a GCC build). 975*62c56f98SSadaf Ebrahimi# 2. Minimize total running time, by avoiding useless rebuilds 976*62c56f98SSadaf Ebrahimi# 977*62c56f98SSadaf Ebrahimi# Indicative running times are given for reference. 978*62c56f98SSadaf Ebrahimi 979*62c56f98SSadaf Ebrahimicomponent_check_recursion () { 980*62c56f98SSadaf Ebrahimi msg "Check: recursion.pl" # < 1s 981*62c56f98SSadaf Ebrahimi tests/scripts/recursion.pl library/*.c 982*62c56f98SSadaf Ebrahimi} 983*62c56f98SSadaf Ebrahimi 984*62c56f98SSadaf Ebrahimicomponent_check_generated_files () { 985*62c56f98SSadaf Ebrahimi msg "Check: check-generated-files, files generated with make" # 2s 986*62c56f98SSadaf Ebrahimi make generated_files 987*62c56f98SSadaf Ebrahimi tests/scripts/check-generated-files.sh 988*62c56f98SSadaf Ebrahimi 989*62c56f98SSadaf Ebrahimi msg "Check: check-generated-files -u, files present" # 2s 990*62c56f98SSadaf Ebrahimi tests/scripts/check-generated-files.sh -u 991*62c56f98SSadaf Ebrahimi # Check that the generated files are considered up to date. 992*62c56f98SSadaf Ebrahimi tests/scripts/check-generated-files.sh 993*62c56f98SSadaf Ebrahimi 994*62c56f98SSadaf Ebrahimi msg "Check: check-generated-files -u, files absent" # 2s 995*62c56f98SSadaf Ebrahimi command make neat 996*62c56f98SSadaf Ebrahimi tests/scripts/check-generated-files.sh -u 997*62c56f98SSadaf Ebrahimi # Check that the generated files are considered up to date. 998*62c56f98SSadaf Ebrahimi tests/scripts/check-generated-files.sh 999*62c56f98SSadaf Ebrahimi 1000*62c56f98SSadaf Ebrahimi # This component ends with the generated files present in the source tree. 1001*62c56f98SSadaf Ebrahimi # This is necessary for subsequent components! 1002*62c56f98SSadaf Ebrahimi} 1003*62c56f98SSadaf Ebrahimi 1004*62c56f98SSadaf Ebrahimicomponent_check_doxy_blocks () { 1005*62c56f98SSadaf Ebrahimi msg "Check: doxygen markup outside doxygen blocks" # < 1s 1006*62c56f98SSadaf Ebrahimi tests/scripts/check-doxy-blocks.pl 1007*62c56f98SSadaf Ebrahimi} 1008*62c56f98SSadaf Ebrahimi 1009*62c56f98SSadaf Ebrahimicomponent_check_files () { 1010*62c56f98SSadaf Ebrahimi msg "Check: file sanity checks (permissions, encodings)" # < 1s 1011*62c56f98SSadaf Ebrahimi tests/scripts/check_files.py 1012*62c56f98SSadaf Ebrahimi} 1013*62c56f98SSadaf Ebrahimi 1014*62c56f98SSadaf Ebrahimicomponent_check_changelog () { 1015*62c56f98SSadaf Ebrahimi msg "Check: changelog entries" # < 1s 1016*62c56f98SSadaf Ebrahimi rm -f ChangeLog.new 1017*62c56f98SSadaf Ebrahimi scripts/assemble_changelog.py -o ChangeLog.new 1018*62c56f98SSadaf Ebrahimi if [ -e ChangeLog.new ]; then 1019*62c56f98SSadaf Ebrahimi # Show the diff for information. It isn't an error if the diff is 1020*62c56f98SSadaf Ebrahimi # non-empty. 1021*62c56f98SSadaf Ebrahimi diff -u ChangeLog ChangeLog.new || true 1022*62c56f98SSadaf Ebrahimi rm ChangeLog.new 1023*62c56f98SSadaf Ebrahimi fi 1024*62c56f98SSadaf Ebrahimi} 1025*62c56f98SSadaf Ebrahimi 1026*62c56f98SSadaf Ebrahimicomponent_check_names () { 1027*62c56f98SSadaf Ebrahimi msg "Check: declared and exported names (builds the library)" # < 3s 1028*62c56f98SSadaf Ebrahimi tests/scripts/check_names.py -v 1029*62c56f98SSadaf Ebrahimi} 1030*62c56f98SSadaf Ebrahimi 1031*62c56f98SSadaf Ebrahimicomponent_check_test_cases () { 1032*62c56f98SSadaf Ebrahimi msg "Check: test case descriptions" # < 1s 1033*62c56f98SSadaf Ebrahimi if [ $QUIET -eq 1 ]; then 1034*62c56f98SSadaf Ebrahimi opt='--quiet' 1035*62c56f98SSadaf Ebrahimi else 1036*62c56f98SSadaf Ebrahimi opt='' 1037*62c56f98SSadaf Ebrahimi fi 1038*62c56f98SSadaf Ebrahimi tests/scripts/check_test_cases.py -q $opt 1039*62c56f98SSadaf Ebrahimi unset opt 1040*62c56f98SSadaf Ebrahimi} 1041*62c56f98SSadaf Ebrahimi 1042*62c56f98SSadaf Ebrahimicomponent_check_doxygen_warnings () { 1043*62c56f98SSadaf Ebrahimi msg "Check: doxygen warnings (builds the documentation)" # ~ 3s 1044*62c56f98SSadaf Ebrahimi tests/scripts/doxygen.sh 1045*62c56f98SSadaf Ebrahimi} 1046*62c56f98SSadaf Ebrahimi 1047*62c56f98SSadaf Ebrahimi 1048*62c56f98SSadaf Ebrahimi 1049*62c56f98SSadaf Ebrahimi################################################################ 1050*62c56f98SSadaf Ebrahimi#### Build and test many configurations and targets 1051*62c56f98SSadaf Ebrahimi################################################################ 1052*62c56f98SSadaf Ebrahimi 1053*62c56f98SSadaf Ebrahimicomponent_test_default_out_of_box () { 1054*62c56f98SSadaf Ebrahimi msg "build: make, default config (out-of-box)" # ~1min 1055*62c56f98SSadaf Ebrahimi make 1056*62c56f98SSadaf Ebrahimi # Disable fancy stuff 1057*62c56f98SSadaf Ebrahimi unset MBEDTLS_TEST_OUTCOME_FILE 1058*62c56f98SSadaf Ebrahimi 1059*62c56f98SSadaf Ebrahimi msg "test: main suites make, default config (out-of-box)" # ~10s 1060*62c56f98SSadaf Ebrahimi make test 1061*62c56f98SSadaf Ebrahimi 1062*62c56f98SSadaf Ebrahimi msg "selftest: make, default config (out-of-box)" # ~10s 1063*62c56f98SSadaf Ebrahimi programs/test/selftest 1064*62c56f98SSadaf Ebrahimi} 1065*62c56f98SSadaf Ebrahimi 1066*62c56f98SSadaf Ebrahimicomponent_test_default_cmake_gcc_asan () { 1067*62c56f98SSadaf Ebrahimi msg "build: cmake, gcc, ASan" # ~ 1 min 50s 1068*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1069*62c56f98SSadaf Ebrahimi make 1070*62c56f98SSadaf Ebrahimi 1071*62c56f98SSadaf Ebrahimi msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 1072*62c56f98SSadaf Ebrahimi make test 1073*62c56f98SSadaf Ebrahimi 1074*62c56f98SSadaf Ebrahimi msg "test: selftest (ASan build)" # ~ 10s 1075*62c56f98SSadaf Ebrahimi programs/test/selftest 1076*62c56f98SSadaf Ebrahimi 1077*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 1078*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 1079*62c56f98SSadaf Ebrahimi 1080*62c56f98SSadaf Ebrahimi msg "test: compat.sh (ASan build)" # ~ 6 min 1081*62c56f98SSadaf Ebrahimi tests/compat.sh 1082*62c56f98SSadaf Ebrahimi 1083*62c56f98SSadaf Ebrahimi msg "test: context-info.sh (ASan build)" # ~ 15 sec 1084*62c56f98SSadaf Ebrahimi tests/context-info.sh 1085*62c56f98SSadaf Ebrahimi} 1086*62c56f98SSadaf Ebrahimi 1087*62c56f98SSadaf Ebrahimicomponent_test_default_cmake_gcc_asan_new_bignum () { 1088*62c56f98SSadaf Ebrahimi msg "build: cmake, gcc, ASan" # ~ 1 min 50s 1089*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 1090*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1091*62c56f98SSadaf Ebrahimi make 1092*62c56f98SSadaf Ebrahimi 1093*62c56f98SSadaf Ebrahimi msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 1094*62c56f98SSadaf Ebrahimi make test 1095*62c56f98SSadaf Ebrahimi 1096*62c56f98SSadaf Ebrahimi msg "test: selftest (ASan build)" # ~ 10s 1097*62c56f98SSadaf Ebrahimi programs/test/selftest 1098*62c56f98SSadaf Ebrahimi 1099*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 1100*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 1101*62c56f98SSadaf Ebrahimi 1102*62c56f98SSadaf Ebrahimi msg "test: compat.sh (ASan build)" # ~ 6 min 1103*62c56f98SSadaf Ebrahimi tests/compat.sh 1104*62c56f98SSadaf Ebrahimi 1105*62c56f98SSadaf Ebrahimi msg "test: context-info.sh (ASan build)" # ~ 15 sec 1106*62c56f98SSadaf Ebrahimi tests/context-info.sh 1107*62c56f98SSadaf Ebrahimi} 1108*62c56f98SSadaf Ebrahimi 1109*62c56f98SSadaf Ebrahimicomponent_test_full_cmake_gcc_asan () { 1110*62c56f98SSadaf Ebrahimi msg "build: full config, cmake, gcc, ASan" 1111*62c56f98SSadaf Ebrahimi scripts/config.py full 1112*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1113*62c56f98SSadaf Ebrahimi make 1114*62c56f98SSadaf Ebrahimi 1115*62c56f98SSadaf Ebrahimi msg "test: main suites (inc. selftests) (full config, ASan build)" 1116*62c56f98SSadaf Ebrahimi make test 1117*62c56f98SSadaf Ebrahimi 1118*62c56f98SSadaf Ebrahimi msg "test: selftest (ASan build)" # ~ 10s 1119*62c56f98SSadaf Ebrahimi programs/test/selftest 1120*62c56f98SSadaf Ebrahimi 1121*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh (full config, ASan build)" 1122*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 1123*62c56f98SSadaf Ebrahimi 1124*62c56f98SSadaf Ebrahimi msg "test: compat.sh (full config, ASan build)" 1125*62c56f98SSadaf Ebrahimi tests/compat.sh 1126*62c56f98SSadaf Ebrahimi 1127*62c56f98SSadaf Ebrahimi msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec 1128*62c56f98SSadaf Ebrahimi tests/context-info.sh 1129*62c56f98SSadaf Ebrahimi} 1130*62c56f98SSadaf Ebrahimi 1131*62c56f98SSadaf Ebrahimi 1132*62c56f98SSadaf Ebrahimicomponent_test_full_cmake_gcc_asan_new_bignum () { 1133*62c56f98SSadaf Ebrahimi msg "build: full config, cmake, gcc, ASan" 1134*62c56f98SSadaf Ebrahimi scripts/config.py full 1135*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 1136*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1137*62c56f98SSadaf Ebrahimi make 1138*62c56f98SSadaf Ebrahimi 1139*62c56f98SSadaf Ebrahimi msg "test: main suites (inc. selftests) (full config, ASan build)" 1140*62c56f98SSadaf Ebrahimi make test 1141*62c56f98SSadaf Ebrahimi 1142*62c56f98SSadaf Ebrahimi msg "test: selftest (ASan build)" # ~ 10s 1143*62c56f98SSadaf Ebrahimi programs/test/selftest 1144*62c56f98SSadaf Ebrahimi 1145*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh (full config, ASan build)" 1146*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 1147*62c56f98SSadaf Ebrahimi 1148*62c56f98SSadaf Ebrahimi msg "test: compat.sh (full config, ASan build)" 1149*62c56f98SSadaf Ebrahimi tests/compat.sh 1150*62c56f98SSadaf Ebrahimi 1151*62c56f98SSadaf Ebrahimi msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec 1152*62c56f98SSadaf Ebrahimi tests/context-info.sh 1153*62c56f98SSadaf Ebrahimi} 1154*62c56f98SSadaf Ebrahimi 1155*62c56f98SSadaf Ebrahimicomponent_test_full_cmake_gcc_asan_new_bignum_test_hooks () { 1156*62c56f98SSadaf Ebrahimi msg "build: full config, cmake, gcc, ASan" 1157*62c56f98SSadaf Ebrahimi scripts/config.py full 1158*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_HOOKS 1159*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 1160*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1161*62c56f98SSadaf Ebrahimi make 1162*62c56f98SSadaf Ebrahimi 1163*62c56f98SSadaf Ebrahimi msg "test: main suites (inc. selftests) (full config, ASan build)" 1164*62c56f98SSadaf Ebrahimi make test 1165*62c56f98SSadaf Ebrahimi 1166*62c56f98SSadaf Ebrahimi msg "test: selftest (ASan build)" # ~ 10s 1167*62c56f98SSadaf Ebrahimi programs/test/selftest 1168*62c56f98SSadaf Ebrahimi} 1169*62c56f98SSadaf Ebrahimi 1170*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_key_id_encodes_owner () { 1171*62c56f98SSadaf Ebrahimi msg "build: full config + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan" 1172*62c56f98SSadaf Ebrahimi scripts/config.py full 1173*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1174*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1175*62c56f98SSadaf Ebrahimi make 1176*62c56f98SSadaf Ebrahimi 1177*62c56f98SSadaf Ebrahimi msg "test: full config - USE_PSA_CRYPTO + PSA_CRYPTO_KEY_ID_ENCODES_OWNER, cmake, gcc, ASan" 1178*62c56f98SSadaf Ebrahimi make test 1179*62c56f98SSadaf Ebrahimi} 1180*62c56f98SSadaf Ebrahimi 1181*62c56f98SSadaf Ebrahimi# check_renamed_symbols HEADER LIB 1182*62c56f98SSadaf Ebrahimi# Check that if HEADER contains '#define MACRO ...' then MACRO is not a symbol 1183*62c56f98SSadaf Ebrahimi# name is LIB. 1184*62c56f98SSadaf Ebrahimicheck_renamed_symbols () { 1185*62c56f98SSadaf Ebrahimi ! nm "$2" | sed 's/.* //' | 1186*62c56f98SSadaf Ebrahimi grep -x -F "$(sed -n 's/^ *# *define *\([A-Z_a-z][0-9A-Z_a-z]*\)..*/\1/p' "$1")" 1187*62c56f98SSadaf Ebrahimi} 1188*62c56f98SSadaf Ebrahimi 1189*62c56f98SSadaf Ebrahimicomponent_build_psa_crypto_spm () { 1190*62c56f98SSadaf Ebrahimi msg "build: full config + PSA_CRYPTO_KEY_ID_ENCODES_OWNER + PSA_CRYPTO_SPM, make, gcc" 1191*62c56f98SSadaf Ebrahimi scripts/config.py full 1192*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1193*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1194*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM 1195*62c56f98SSadaf Ebrahimi # We can only compile, not link, since our test and sample programs 1196*62c56f98SSadaf Ebrahimi # aren't equipped for the modified names used when MBEDTLS_PSA_CRYPTO_SPM 1197*62c56f98SSadaf Ebrahimi # is active. 1198*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' lib 1199*62c56f98SSadaf Ebrahimi 1200*62c56f98SSadaf Ebrahimi # Check that if a symbol is renamed by crypto_spe.h, the non-renamed 1201*62c56f98SSadaf Ebrahimi # version is not present. 1202*62c56f98SSadaf Ebrahimi echo "Checking for renamed symbols in the library" 1203*62c56f98SSadaf Ebrahimi check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a 1204*62c56f98SSadaf Ebrahimi} 1205*62c56f98SSadaf Ebrahimi 1206*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_client () { 1207*62c56f98SSadaf Ebrahimi msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make" 1208*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_C 1209*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 1210*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_CLIENT 1211*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 1212*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 1213*62c56f98SSadaf Ebrahimi make 1214*62c56f98SSadaf Ebrahimi 1215*62c56f98SSadaf Ebrahimi msg "test: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make" 1216*62c56f98SSadaf Ebrahimi make test 1217*62c56f98SSadaf Ebrahimi} 1218*62c56f98SSadaf Ebrahimi 1219*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_rsa_no_genprime() { 1220*62c56f98SSadaf Ebrahimi msg "build: default config minus MBEDTLS_GENPRIME" 1221*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GENPRIME 1222*62c56f98SSadaf Ebrahimi make 1223*62c56f98SSadaf Ebrahimi 1224*62c56f98SSadaf Ebrahimi msg "test: default config minus MBEDTLS_GENPRIME" 1225*62c56f98SSadaf Ebrahimi make test 1226*62c56f98SSadaf Ebrahimi} 1227*62c56f98SSadaf Ebrahimi 1228*62c56f98SSadaf Ebrahimicomponent_test_ref_configs () { 1229*62c56f98SSadaf Ebrahimi msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s 1230*62c56f98SSadaf Ebrahimi # test-ref-configs works by overwriting mbedtls_config.h; this makes cmake 1231*62c56f98SSadaf Ebrahimi # want to re-generate generated files that depend on it, quite correctly. 1232*62c56f98SSadaf Ebrahimi # However this doesn't work as the generation script expects a specific 1233*62c56f98SSadaf Ebrahimi # format for mbedtls_config.h, which the other files don't follow. Also, 1234*62c56f98SSadaf Ebrahimi # cmake can't know this, but re-generation is actually not necessary as 1235*62c56f98SSadaf Ebrahimi # the generated files only depend on the list of available options, not 1236*62c56f98SSadaf Ebrahimi # whether they're on or off. So, disable cmake's (over-sensitive here) 1237*62c56f98SSadaf Ebrahimi # dependency resolution for generated files and just rely on them being 1238*62c56f98SSadaf Ebrahimi # present (thanks to pre_generate_files) by turning GEN_FILES off. 1239*62c56f98SSadaf Ebrahimi CC=gcc cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan . 1240*62c56f98SSadaf Ebrahimi tests/scripts/test-ref-configs.pl 1241*62c56f98SSadaf Ebrahimi} 1242*62c56f98SSadaf Ebrahimi 1243*62c56f98SSadaf Ebrahimicomponent_test_no_renegotiation () { 1244*62c56f98SSadaf Ebrahimi msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min 1245*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION 1246*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1247*62c56f98SSadaf Ebrahimi make 1248*62c56f98SSadaf Ebrahimi 1249*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s 1250*62c56f98SSadaf Ebrahimi make test 1251*62c56f98SSadaf Ebrahimi 1252*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min 1253*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 1254*62c56f98SSadaf Ebrahimi} 1255*62c56f98SSadaf Ebrahimi 1256*62c56f98SSadaf Ebrahimicomponent_test_no_pem_no_fs () { 1257*62c56f98SSadaf Ebrahimi msg "build: Default + !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO (ASan build)" 1258*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PEM_PARSE_C 1259*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_FS_IO 1260*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem 1261*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS 1262*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1263*62c56f98SSadaf Ebrahimi make 1264*62c56f98SSadaf Ebrahimi 1265*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - main suites (inc. selftests) (ASan build)" # ~ 50s 1266*62c56f98SSadaf Ebrahimi make test 1267*62c56f98SSadaf Ebrahimi 1268*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - ssl-opt.sh (ASan build)" # ~ 6 min 1269*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 1270*62c56f98SSadaf Ebrahimi} 1271*62c56f98SSadaf Ebrahimi 1272*62c56f98SSadaf Ebrahimicomponent_test_rsa_no_crt () { 1273*62c56f98SSadaf Ebrahimi msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min 1274*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_RSA_NO_CRT 1275*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1276*62c56f98SSadaf Ebrahimi make 1277*62c56f98SSadaf Ebrahimi 1278*62c56f98SSadaf Ebrahimi msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s 1279*62c56f98SSadaf Ebrahimi make test 1280*62c56f98SSadaf Ebrahimi 1281*62c56f98SSadaf Ebrahimi msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s 1282*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f RSA 1283*62c56f98SSadaf Ebrahimi 1284*62c56f98SSadaf Ebrahimi msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min 1285*62c56f98SSadaf Ebrahimi tests/compat.sh -t RSA 1286*62c56f98SSadaf Ebrahimi 1287*62c56f98SSadaf Ebrahimi msg "test: RSA_NO_CRT - RSA-related part of context-info.sh (ASan build)" # ~ 15 sec 1288*62c56f98SSadaf Ebrahimi tests/context-info.sh 1289*62c56f98SSadaf Ebrahimi} 1290*62c56f98SSadaf Ebrahimi 1291*62c56f98SSadaf Ebrahimicomponent_test_no_ctr_drbg_classic () { 1292*62c56f98SSadaf Ebrahimi msg "build: Full minus CTR_DRBG, classic crypto in TLS" 1293*62c56f98SSadaf Ebrahimi scripts/config.py full 1294*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CTR_DRBG_C 1295*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 1296*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 1297*62c56f98SSadaf Ebrahimi 1298*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1299*62c56f98SSadaf Ebrahimi make 1300*62c56f98SSadaf Ebrahimi 1301*62c56f98SSadaf Ebrahimi msg "test: Full minus CTR_DRBG, classic crypto - main suites" 1302*62c56f98SSadaf Ebrahimi make test 1303*62c56f98SSadaf Ebrahimi 1304*62c56f98SSadaf Ebrahimi # In this configuration, the TLS test programs use HMAC_DRBG. 1305*62c56f98SSadaf Ebrahimi # The SSL tests are slow, so run a small subset, just enough to get 1306*62c56f98SSadaf Ebrahimi # confidence that the SSL code copes with HMAC_DRBG. 1307*62c56f98SSadaf Ebrahimi msg "test: Full minus CTR_DRBG, classic crypto - ssl-opt.sh (subset)" 1308*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' 1309*62c56f98SSadaf Ebrahimi 1310*62c56f98SSadaf Ebrahimi msg "test: Full minus CTR_DRBG, classic crypto - compat.sh (subset)" 1311*62c56f98SSadaf Ebrahimi tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL 1312*62c56f98SSadaf Ebrahimi} 1313*62c56f98SSadaf Ebrahimi 1314*62c56f98SSadaf Ebrahimicomponent_test_no_ctr_drbg_use_psa () { 1315*62c56f98SSadaf Ebrahimi msg "build: Full minus CTR_DRBG, PSA crypto in TLS" 1316*62c56f98SSadaf Ebrahimi scripts/config.py full 1317*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CTR_DRBG_C 1318*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1319*62c56f98SSadaf Ebrahimi 1320*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1321*62c56f98SSadaf Ebrahimi make 1322*62c56f98SSadaf Ebrahimi 1323*62c56f98SSadaf Ebrahimi msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - main suites" 1324*62c56f98SSadaf Ebrahimi make test 1325*62c56f98SSadaf Ebrahimi 1326*62c56f98SSadaf Ebrahimi # In this configuration, the TLS test programs use HMAC_DRBG. 1327*62c56f98SSadaf Ebrahimi # The SSL tests are slow, so run a small subset, just enough to get 1328*62c56f98SSadaf Ebrahimi # confidence that the SSL code copes with HMAC_DRBG. 1329*62c56f98SSadaf Ebrahimi msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)" 1330*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server' 1331*62c56f98SSadaf Ebrahimi 1332*62c56f98SSadaf Ebrahimi msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - compat.sh (subset)" 1333*62c56f98SSadaf Ebrahimi tests/compat.sh -m tls12 -t 'ECDSA PSK' -V NO -p OpenSSL 1334*62c56f98SSadaf Ebrahimi} 1335*62c56f98SSadaf Ebrahimi 1336*62c56f98SSadaf Ebrahimicomponent_test_no_hmac_drbg_classic () { 1337*62c56f98SSadaf Ebrahimi msg "build: Full minus HMAC_DRBG, classic crypto in TLS" 1338*62c56f98SSadaf Ebrahimi scripts/config.py full 1339*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HMAC_DRBG_C 1340*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 1341*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 1342*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 1343*62c56f98SSadaf Ebrahimi 1344*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1345*62c56f98SSadaf Ebrahimi make 1346*62c56f98SSadaf Ebrahimi 1347*62c56f98SSadaf Ebrahimi msg "test: Full minus HMAC_DRBG, classic crypto - main suites" 1348*62c56f98SSadaf Ebrahimi make test 1349*62c56f98SSadaf Ebrahimi 1350*62c56f98SSadaf Ebrahimi # Normally our ECDSA implementation uses deterministic ECDSA. But since 1351*62c56f98SSadaf Ebrahimi # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used 1352*62c56f98SSadaf Ebrahimi # instead. 1353*62c56f98SSadaf Ebrahimi # Test SSL with non-deterministic ECDSA. Only test features that 1354*62c56f98SSadaf Ebrahimi # might be affected by how ECDSA signature is performed. 1355*62c56f98SSadaf Ebrahimi msg "test: Full minus HMAC_DRBG, classic crypto - ssl-opt.sh (subset)" 1356*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|SSL async private: sign' 1357*62c56f98SSadaf Ebrahimi 1358*62c56f98SSadaf Ebrahimi # To save time, only test one protocol version, since this part of 1359*62c56f98SSadaf Ebrahimi # the protocol is identical in (D)TLS up to 1.2. 1360*62c56f98SSadaf Ebrahimi msg "test: Full minus HMAC_DRBG, classic crypto - compat.sh (ECDSA)" 1361*62c56f98SSadaf Ebrahimi tests/compat.sh -m tls12 -t 'ECDSA' 1362*62c56f98SSadaf Ebrahimi} 1363*62c56f98SSadaf Ebrahimi 1364*62c56f98SSadaf Ebrahimicomponent_test_no_hmac_drbg_use_psa () { 1365*62c56f98SSadaf Ebrahimi msg "build: Full minus HMAC_DRBG, PSA crypto in TLS" 1366*62c56f98SSadaf Ebrahimi scripts/config.py full 1367*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HMAC_DRBG_C 1368*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 1369*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1370*62c56f98SSadaf Ebrahimi 1371*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1372*62c56f98SSadaf Ebrahimi make 1373*62c56f98SSadaf Ebrahimi 1374*62c56f98SSadaf Ebrahimi msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - main suites" 1375*62c56f98SSadaf Ebrahimi make test 1376*62c56f98SSadaf Ebrahimi 1377*62c56f98SSadaf Ebrahimi # Normally our ECDSA implementation uses deterministic ECDSA. But since 1378*62c56f98SSadaf Ebrahimi # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used 1379*62c56f98SSadaf Ebrahimi # instead. 1380*62c56f98SSadaf Ebrahimi # Test SSL with non-deterministic ECDSA. Only test features that 1381*62c56f98SSadaf Ebrahimi # might be affected by how ECDSA signature is performed. 1382*62c56f98SSadaf Ebrahimi msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - ssl-opt.sh (subset)" 1383*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|SSL async private: sign' 1384*62c56f98SSadaf Ebrahimi 1385*62c56f98SSadaf Ebrahimi # To save time, only test one protocol version, since this part of 1386*62c56f98SSadaf Ebrahimi # the protocol is identical in (D)TLS up to 1.2. 1387*62c56f98SSadaf Ebrahimi msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - compat.sh (ECDSA)" 1388*62c56f98SSadaf Ebrahimi tests/compat.sh -m tls12 -t 'ECDSA' 1389*62c56f98SSadaf Ebrahimi} 1390*62c56f98SSadaf Ebrahimi 1391*62c56f98SSadaf Ebrahimicomponent_test_psa_external_rng_no_drbg_classic () { 1392*62c56f98SSadaf Ebrahimi msg "build: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto in TLS" 1393*62c56f98SSadaf Ebrahimi scripts/config.py full 1394*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 1395*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 1396*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1397*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ENTROPY_C 1398*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED 1399*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT 1400*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CTR_DRBG_C 1401*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HMAC_DRBG_C 1402*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 1403*62c56f98SSadaf Ebrahimi # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG, 1404*62c56f98SSadaf Ebrahimi # the SSL test programs don't have an RNG and can't work. Explicitly 1405*62c56f98SSadaf Ebrahimi # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG. 1406*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS -O2 -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" 1407*62c56f98SSadaf Ebrahimi 1408*62c56f98SSadaf Ebrahimi msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites" 1409*62c56f98SSadaf Ebrahimi make test 1410*62c56f98SSadaf Ebrahimi 1411*62c56f98SSadaf Ebrahimi msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - ssl-opt.sh (subset)" 1412*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default' 1413*62c56f98SSadaf Ebrahimi} 1414*62c56f98SSadaf Ebrahimi 1415*62c56f98SSadaf Ebrahimicomponent_test_psa_external_rng_no_drbg_use_psa () { 1416*62c56f98SSadaf Ebrahimi msg "build: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto in TLS" 1417*62c56f98SSadaf Ebrahimi scripts/config.py full 1418*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1419*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ENTROPY_C 1420*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED 1421*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT 1422*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CTR_DRBG_C 1423*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HMAC_DRBG_C 1424*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 1425*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" 1426*62c56f98SSadaf Ebrahimi 1427*62c56f98SSadaf Ebrahimi msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites" 1428*62c56f98SSadaf Ebrahimi make test 1429*62c56f98SSadaf Ebrahimi 1430*62c56f98SSadaf Ebrahimi msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - ssl-opt.sh (subset)" 1431*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|opaque' 1432*62c56f98SSadaf Ebrahimi} 1433*62c56f98SSadaf Ebrahimi 1434*62c56f98SSadaf Ebrahimicomponent_test_psa_external_rng_use_psa_crypto () { 1435*62c56f98SSadaf Ebrahimi msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" 1436*62c56f98SSadaf Ebrahimi scripts/config.py full 1437*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1438*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1439*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CTR_DRBG_C 1440*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" 1441*62c56f98SSadaf Ebrahimi 1442*62c56f98SSadaf Ebrahimi msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" 1443*62c56f98SSadaf Ebrahimi make test 1444*62c56f98SSadaf Ebrahimi 1445*62c56f98SSadaf Ebrahimi msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" 1446*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|opaque' 1447*62c56f98SSadaf Ebrahimi} 1448*62c56f98SSadaf Ebrahimi 1449*62c56f98SSadaf Ebrahimicomponent_test_psa_inject_entropy () { 1450*62c56f98SSadaf Ebrahimi msg "build: full + MBEDTLS_PSA_INJECT_ENTROPY" 1451*62c56f98SSadaf Ebrahimi scripts/config.py full 1452*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_INJECT_ENTROPY 1453*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ENTROPY_NV_SEED 1454*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1455*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT 1456*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ 1457*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE 1458*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" 1459*62c56f98SSadaf Ebrahimi 1460*62c56f98SSadaf Ebrahimi msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" 1461*62c56f98SSadaf Ebrahimi make test 1462*62c56f98SSadaf Ebrahimi} 1463*62c56f98SSadaf Ebrahimi 1464*62c56f98SSadaf Ebrahimicomponent_test_sw_inet_pton () { 1465*62c56f98SSadaf Ebrahimi msg "build: default plus MBEDTLS_TEST_SW_INET_PTON" 1466*62c56f98SSadaf Ebrahimi 1467*62c56f98SSadaf Ebrahimi # MBEDTLS_TEST_HOOKS required for x509_crt_parse_cn_inet_pton 1468*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_HOOKS 1469*62c56f98SSadaf Ebrahimi make CFLAGS="-DMBEDTLS_TEST_SW_INET_PTON" 1470*62c56f98SSadaf Ebrahimi 1471*62c56f98SSadaf Ebrahimi msg "test: default plus MBEDTLS_TEST_SW_INET_PTON" 1472*62c56f98SSadaf Ebrahimi make test 1473*62c56f98SSadaf Ebrahimi} 1474*62c56f98SSadaf Ebrahimi 1475*62c56f98SSadaf Ebrahimicomponent_test_crypto_full_md_light_only () { 1476*62c56f98SSadaf Ebrahimi msg "build: crypto_full with only the light subset of MD" 1477*62c56f98SSadaf Ebrahimi scripts/config.py crypto_full 1478*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG 1479*62c56f98SSadaf Ebrahimi # Disable MD 1480*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MD_C 1481*62c56f98SSadaf Ebrahimi # Disable direct dependencies of MD_C 1482*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HKDF_C 1483*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HMAC_DRBG_C 1484*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS7_C 1485*62c56f98SSadaf Ebrahimi # Disable indirect dependencies of MD_C 1486*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG 1487*62c56f98SSadaf Ebrahimi # Disable things that would auto-enable MD_C 1488*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS5_C 1489*62c56f98SSadaf Ebrahimi 1490*62c56f98SSadaf Ebrahimi # Note: MD-light is auto-enabled in build_info.h by modules that need it, 1491*62c56f98SSadaf Ebrahimi # which we haven't disabled, so no need to explicitly enable it. 1492*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" 1493*62c56f98SSadaf Ebrahimi 1494*62c56f98SSadaf Ebrahimi # Make sure we don't have the HMAC functions, but the hashing functions 1495*62c56f98SSadaf Ebrahimi not grep mbedtls_md_hmac library/md.o 1496*62c56f98SSadaf Ebrahimi grep mbedtls_md library/md.o 1497*62c56f98SSadaf Ebrahimi 1498*62c56f98SSadaf Ebrahimi msg "test: crypto_full with only the light subset of MD" 1499*62c56f98SSadaf Ebrahimi make test 1500*62c56f98SSadaf Ebrahimi} 1501*62c56f98SSadaf Ebrahimi 1502*62c56f98SSadaf Ebrahimicomponent_test_full_no_cipher () { 1503*62c56f98SSadaf Ebrahimi msg "build: full minus CIPHER" 1504*62c56f98SSadaf Ebrahimi scripts/config.py full 1505*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_C 1506*62c56f98SSadaf Ebrahimi # Don't pull in cipher via PSA mechanisms 1507*62c56f98SSadaf Ebrahimi # (currently ignored anyway because we completely disable PSA) 1508*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG 1509*62c56f98SSadaf Ebrahimi # Direct dependencies 1510*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1511*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CMAC_C 1512*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1513*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_NIST_KW_C 1514*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS12_C 1515*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS5_C 1516*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_C 1517*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS_C 1518*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1519*62c56f98SSadaf Ebrahimi # Indirect dependencies 1520*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CLI_C 1521*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C 1522*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 1523*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_DTLS_ANTI_REPLAY 1524*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID 1525*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1526*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 1527*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SRV_C 1528*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 1529*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 1530*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 1531*62c56f98SSadaf Ebrahimi make 1532*62c56f98SSadaf Ebrahimi 1533*62c56f98SSadaf Ebrahimi msg "test: full minus CIPHER" 1534*62c56f98SSadaf Ebrahimi make test 1535*62c56f98SSadaf Ebrahimi} 1536*62c56f98SSadaf Ebrahimi 1537*62c56f98SSadaf Ebrahimicomponent_test_full_no_bignum () { 1538*62c56f98SSadaf Ebrahimi msg "build: full minus bignum" 1539*62c56f98SSadaf Ebrahimi scripts/config.py full 1540*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_BIGNUM_C 1541*62c56f98SSadaf Ebrahimi # Direct dependencies of bignum 1542*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_C 1543*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RSA_C 1544*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DHM_C 1545*62c56f98SSadaf Ebrahimi # Direct dependencies of ECP 1546*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 1547*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 1548*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 1549*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 1550*62c56f98SSadaf Ebrahimi # Disable what auto-enables ECP_LIGHT 1551*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED 1552*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED 1553*62c56f98SSadaf Ebrahimi # Indirect dependencies of ECP 1554*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1555*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1556*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 1557*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1558*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1559*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1560*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1561*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1562*62c56f98SSadaf Ebrahimi # Direct dependencies of DHM 1563*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 1564*62c56f98SSadaf Ebrahimi # Direct dependencies of RSA 1565*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 1566*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 1567*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 1568*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 1569*62c56f98SSadaf Ebrahimi # PK and its dependencies 1570*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_C 1571*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_C 1572*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_WRITE_C 1573*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_USE_C 1574*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C 1575*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRL_PARSE_C 1576*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CSR_PARSE_C 1577*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CREATE_C 1578*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRT_WRITE_C 1579*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CSR_WRITE_C 1580*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS7_C 1581*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION 1582*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_ASYNC_PRIVATE 1583*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 1584*62c56f98SSadaf Ebrahimi 1585*62c56f98SSadaf Ebrahimi make 1586*62c56f98SSadaf Ebrahimi 1587*62c56f98SSadaf Ebrahimi msg "test: full minus bignum" 1588*62c56f98SSadaf Ebrahimi make test 1589*62c56f98SSadaf Ebrahimi} 1590*62c56f98SSadaf Ebrahimi 1591*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_default_stream_cipher_only () { 1592*62c56f98SSadaf Ebrahimi msg "build: default with only stream cipher" 1593*62c56f98SSadaf Ebrahimi 1594*62c56f98SSadaf Ebrahimi # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C 1595*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1596*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1597*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 1598*62c56f98SSadaf Ebrahimi # Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) 1599*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC 1600*62c56f98SSadaf Ebrahimi # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) 1601*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC 1602*62c56f98SSadaf Ebrahimi # Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) 1603*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER 1604*62c56f98SSadaf Ebrahimi # Modules that depend on AEAD 1605*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 1606*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1607*62c56f98SSadaf Ebrahimi 1608*62c56f98SSadaf Ebrahimi make 1609*62c56f98SSadaf Ebrahimi 1610*62c56f98SSadaf Ebrahimi msg "test: default with only stream cipher" 1611*62c56f98SSadaf Ebrahimi make test 1612*62c56f98SSadaf Ebrahimi 1613*62c56f98SSadaf Ebrahimi # Not running ssl-opt.sh because most tests require a non-NULL ciphersuite. 1614*62c56f98SSadaf Ebrahimi} 1615*62c56f98SSadaf Ebrahimi 1616*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_default_stream_cipher_only_use_psa () { 1617*62c56f98SSadaf Ebrahimi msg "build: default with only stream cipher use psa" 1618*62c56f98SSadaf Ebrahimi 1619*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1620*62c56f98SSadaf Ebrahimi # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) 1621*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1622*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1623*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 1624*62c56f98SSadaf Ebrahimi # Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) 1625*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC 1626*62c56f98SSadaf Ebrahimi # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) 1627*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC 1628*62c56f98SSadaf Ebrahimi # Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) 1629*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER 1630*62c56f98SSadaf Ebrahimi # Modules that depend on AEAD 1631*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 1632*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1633*62c56f98SSadaf Ebrahimi 1634*62c56f98SSadaf Ebrahimi make 1635*62c56f98SSadaf Ebrahimi 1636*62c56f98SSadaf Ebrahimi msg "test: default with only stream cipher use psa" 1637*62c56f98SSadaf Ebrahimi make test 1638*62c56f98SSadaf Ebrahimi 1639*62c56f98SSadaf Ebrahimi # Not running ssl-opt.sh because most tests require a non-NULL ciphersuite. 1640*62c56f98SSadaf Ebrahimi} 1641*62c56f98SSadaf Ebrahimi 1642*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_default_cbc_legacy_cipher_only () { 1643*62c56f98SSadaf Ebrahimi msg "build: default with only CBC-legacy cipher" 1644*62c56f98SSadaf Ebrahimi 1645*62c56f98SSadaf Ebrahimi # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) 1646*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1647*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1648*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 1649*62c56f98SSadaf Ebrahimi # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) 1650*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CIPHER_MODE_CBC 1651*62c56f98SSadaf Ebrahimi # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) 1652*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC 1653*62c56f98SSadaf Ebrahimi # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) 1654*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER 1655*62c56f98SSadaf Ebrahimi # Modules that depend on AEAD 1656*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 1657*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1658*62c56f98SSadaf Ebrahimi 1659*62c56f98SSadaf Ebrahimi make 1660*62c56f98SSadaf Ebrahimi 1661*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy cipher" 1662*62c56f98SSadaf Ebrahimi make test 1663*62c56f98SSadaf Ebrahimi 1664*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy cipher - ssl-opt.sh (subset)" 1665*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "TLS 1.2" 1666*62c56f98SSadaf Ebrahimi} 1667*62c56f98SSadaf Ebrahimi 1668*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_deafult_cbc_legacy_cipher_only_use_psa () { 1669*62c56f98SSadaf Ebrahimi msg "build: default with only CBC-legacy cipher use psa" 1670*62c56f98SSadaf Ebrahimi 1671*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1672*62c56f98SSadaf Ebrahimi # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) 1673*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1674*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1675*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 1676*62c56f98SSadaf Ebrahimi # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) 1677*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CIPHER_MODE_CBC 1678*62c56f98SSadaf Ebrahimi # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) 1679*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC 1680*62c56f98SSadaf Ebrahimi # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) 1681*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER 1682*62c56f98SSadaf Ebrahimi # Modules that depend on AEAD 1683*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 1684*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1685*62c56f98SSadaf Ebrahimi 1686*62c56f98SSadaf Ebrahimi make 1687*62c56f98SSadaf Ebrahimi 1688*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy cipher use psa" 1689*62c56f98SSadaf Ebrahimi make test 1690*62c56f98SSadaf Ebrahimi 1691*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy cipher use psa - ssl-opt.sh (subset)" 1692*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "TLS 1.2" 1693*62c56f98SSadaf Ebrahimi} 1694*62c56f98SSadaf Ebrahimi 1695*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only () { 1696*62c56f98SSadaf Ebrahimi msg "build: default with only CBC-legacy and CBC-EtM ciphers" 1697*62c56f98SSadaf Ebrahimi 1698*62c56f98SSadaf Ebrahimi # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) 1699*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1700*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1701*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 1702*62c56f98SSadaf Ebrahimi # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) 1703*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CIPHER_MODE_CBC 1704*62c56f98SSadaf Ebrahimi # Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) 1705*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC 1706*62c56f98SSadaf Ebrahimi # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) 1707*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER 1708*62c56f98SSadaf Ebrahimi # Modules that depend on AEAD 1709*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 1710*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1711*62c56f98SSadaf Ebrahimi 1712*62c56f98SSadaf Ebrahimi make 1713*62c56f98SSadaf Ebrahimi 1714*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy and CBC-EtM ciphers" 1715*62c56f98SSadaf Ebrahimi make test 1716*62c56f98SSadaf Ebrahimi 1717*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy and CBC-EtM ciphers - ssl-opt.sh (subset)" 1718*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "TLS 1.2" 1719*62c56f98SSadaf Ebrahimi} 1720*62c56f98SSadaf Ebrahimi 1721*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only_use_psa () { 1722*62c56f98SSadaf Ebrahimi msg "build: default with only CBC-legacy and CBC-EtM ciphers use psa" 1723*62c56f98SSadaf Ebrahimi 1724*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1725*62c56f98SSadaf Ebrahimi # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) 1726*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 1727*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 1728*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 1729*62c56f98SSadaf Ebrahimi # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) 1730*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CIPHER_MODE_CBC 1731*62c56f98SSadaf Ebrahimi # Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) 1732*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC 1733*62c56f98SSadaf Ebrahimi # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) 1734*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER 1735*62c56f98SSadaf Ebrahimi # Modules that depend on AEAD 1736*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 1737*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 1738*62c56f98SSadaf Ebrahimi 1739*62c56f98SSadaf Ebrahimi make 1740*62c56f98SSadaf Ebrahimi 1741*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa" 1742*62c56f98SSadaf Ebrahimi make test 1743*62c56f98SSadaf Ebrahimi 1744*62c56f98SSadaf Ebrahimi msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa - ssl-opt.sh (subset)" 1745*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "TLS 1.2" 1746*62c56f98SSadaf Ebrahimi} 1747*62c56f98SSadaf Ebrahimi 1748*62c56f98SSadaf Ebrahimi# We're not aware of any other (open source) implementation of EC J-PAKE in TLS 1749*62c56f98SSadaf Ebrahimi# that we could use for interop testing. However, we now have sort of two 1750*62c56f98SSadaf Ebrahimi# implementations ourselves: one using PSA, the other not. At least test that 1751*62c56f98SSadaf Ebrahimi# these two interoperate with each other. 1752*62c56f98SSadaf Ebrahimicomponent_test_tls1_2_ecjpake_compatibility() { 1753*62c56f98SSadaf Ebrahimi msg "build: TLS1.2 server+client w/ EC-JPAKE w/o USE_PSA" 1754*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1755*62c56f98SSadaf Ebrahimi # Explicitly make lib first to avoid a race condition: 1756*62c56f98SSadaf Ebrahimi # https://github.com/Mbed-TLS/mbedtls/issues/8229 1757*62c56f98SSadaf Ebrahimi make lib 1758*62c56f98SSadaf Ebrahimi make -C programs ssl/ssl_server2 ssl/ssl_client2 1759*62c56f98SSadaf Ebrahimi cp programs/ssl/ssl_server2 s2_no_use_psa 1760*62c56f98SSadaf Ebrahimi cp programs/ssl/ssl_client2 c2_no_use_psa 1761*62c56f98SSadaf Ebrahimi 1762*62c56f98SSadaf Ebrahimi msg "build: TLS1.2 server+client w/ EC-JPAKE w/ USE_PSA" 1763*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_USE_PSA_CRYPTO 1764*62c56f98SSadaf Ebrahimi make clean 1765*62c56f98SSadaf Ebrahimi make lib 1766*62c56f98SSadaf Ebrahimi make -C programs ssl/ssl_server2 ssl/ssl_client2 1767*62c56f98SSadaf Ebrahimi make -C programs test/udp_proxy test/query_compile_time_config 1768*62c56f98SSadaf Ebrahimi 1769*62c56f98SSadaf Ebrahimi msg "test: server w/o USE_PSA - client w/ USE_PSA, text password" 1770*62c56f98SSadaf Ebrahimi P_SRV=../s2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: working, TLS" 1771*62c56f98SSadaf Ebrahimi msg "test: server w/o USE_PSA - client w/ USE_PSA, opaque password" 1772*62c56f98SSadaf Ebrahimi P_SRV=../s2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: opaque password client only, working, TLS" 1773*62c56f98SSadaf Ebrahimi msg "test: client w/o USE_PSA - server w/ USE_PSA, text password" 1774*62c56f98SSadaf Ebrahimi P_CLI=../c2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: working, TLS" 1775*62c56f98SSadaf Ebrahimi msg "test: client w/o USE_PSA - server w/ USE_PSA, opaque password" 1776*62c56f98SSadaf Ebrahimi P_CLI=../c2_no_use_psa tests/ssl-opt.sh -f "ECJPAKE: opaque password server only, working, TLS" 1777*62c56f98SSadaf Ebrahimi 1778*62c56f98SSadaf Ebrahimi rm s2_no_use_psa c2_no_use_psa 1779*62c56f98SSadaf Ebrahimi} 1780*62c56f98SSadaf Ebrahimi 1781*62c56f98SSadaf Ebrahimicomponent_test_everest () { 1782*62c56f98SSadaf Ebrahimi msg "build: Everest ECDH context (ASan build)" # ~ 6 min 1783*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 1784*62c56f98SSadaf Ebrahimi CC=clang cmake -D CMAKE_BUILD_TYPE:String=Asan . 1785*62c56f98SSadaf Ebrahimi make 1786*62c56f98SSadaf Ebrahimi 1787*62c56f98SSadaf Ebrahimi msg "test: Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s 1788*62c56f98SSadaf Ebrahimi make test 1789*62c56f98SSadaf Ebrahimi 1790*62c56f98SSadaf Ebrahimi msg "test: Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s 1791*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f ECDH 1792*62c56f98SSadaf Ebrahimi 1793*62c56f98SSadaf Ebrahimi msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min 1794*62c56f98SSadaf Ebrahimi # Exclude some symmetric ciphers that are redundant here to gain time. 1795*62c56f98SSadaf Ebrahimi tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA' 1796*62c56f98SSadaf Ebrahimi} 1797*62c56f98SSadaf Ebrahimi 1798*62c56f98SSadaf Ebrahimicomponent_test_everest_curve25519_only () { 1799*62c56f98SSadaf Ebrahimi msg "build: Everest ECDH context, only Curve25519" # ~ 6 min 1800*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 1801*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 1802*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1803*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1804*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 1805*62c56f98SSadaf Ebrahimi # Disable all curves 1806*62c56f98SSadaf Ebrahimi scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" 1807*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED 1808*62c56f98SSadaf Ebrahimi 1809*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" 1810*62c56f98SSadaf Ebrahimi 1811*62c56f98SSadaf Ebrahimi msg "test: Everest ECDH context, only Curve25519" # ~ 50s 1812*62c56f98SSadaf Ebrahimi make test 1813*62c56f98SSadaf Ebrahimi} 1814*62c56f98SSadaf Ebrahimi 1815*62c56f98SSadaf Ebrahimicomponent_test_small_ssl_out_content_len () { 1816*62c56f98SSadaf Ebrahimi msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" 1817*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384 1818*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 1819*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1820*62c56f98SSadaf Ebrahimi make 1821*62c56f98SSadaf Ebrahimi 1822*62c56f98SSadaf Ebrahimi msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests" 1823*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "Max fragment\|Large packet" 1824*62c56f98SSadaf Ebrahimi} 1825*62c56f98SSadaf Ebrahimi 1826*62c56f98SSadaf Ebrahimicomponent_test_small_ssl_in_content_len () { 1827*62c56f98SSadaf Ebrahimi msg "build: small SSL_IN_CONTENT_LEN (ASan build)" 1828*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096 1829*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 1830*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1831*62c56f98SSadaf Ebrahimi make 1832*62c56f98SSadaf Ebrahimi 1833*62c56f98SSadaf Ebrahimi msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests" 1834*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "Max fragment" 1835*62c56f98SSadaf Ebrahimi} 1836*62c56f98SSadaf Ebrahimi 1837*62c56f98SSadaf Ebrahimicomponent_test_small_ssl_dtls_max_buffering () { 1838*62c56f98SSadaf Ebrahimi msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" 1839*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 1840*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1841*62c56f98SSadaf Ebrahimi make 1842*62c56f98SSadaf Ebrahimi 1843*62c56f98SSadaf Ebrahimi msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test" 1844*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" 1845*62c56f98SSadaf Ebrahimi} 1846*62c56f98SSadaf Ebrahimi 1847*62c56f98SSadaf Ebrahimicomponent_test_small_mbedtls_ssl_dtls_max_buffering () { 1848*62c56f98SSadaf Ebrahimi msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" 1849*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 190 1850*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1851*62c56f98SSadaf Ebrahimi make 1852*62c56f98SSadaf Ebrahimi 1853*62c56f98SSadaf Ebrahimi msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test" 1854*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" 1855*62c56f98SSadaf Ebrahimi} 1856*62c56f98SSadaf Ebrahimi 1857*62c56f98SSadaf Ebrahimicomponent_test_psa_collect_statuses () { 1858*62c56f98SSadaf Ebrahimi msg "build+test: psa_collect_statuses" # ~30s 1859*62c56f98SSadaf Ebrahimi scripts/config.py full 1860*62c56f98SSadaf Ebrahimi tests/scripts/psa_collect_statuses.py 1861*62c56f98SSadaf Ebrahimi # Check that psa_crypto_init() succeeded at least once 1862*62c56f98SSadaf Ebrahimi grep -q '^0:psa_crypto_init:' tests/statuses.log 1863*62c56f98SSadaf Ebrahimi rm -f tests/statuses.log 1864*62c56f98SSadaf Ebrahimi} 1865*62c56f98SSadaf Ebrahimi 1866*62c56f98SSadaf Ebrahimicomponent_test_full_cmake_clang () { 1867*62c56f98SSadaf Ebrahimi msg "build: cmake, full config, clang" # ~ 50s 1868*62c56f98SSadaf Ebrahimi scripts/config.py full 1869*62c56f98SSadaf Ebrahimi CC=clang CXX=clang cmake -D CMAKE_BUILD_TYPE:String=Release -D ENABLE_TESTING=On -D TEST_CPP=1 . 1870*62c56f98SSadaf Ebrahimi make 1871*62c56f98SSadaf Ebrahimi 1872*62c56f98SSadaf Ebrahimi msg "test: main suites (full config, clang)" # ~ 5s 1873*62c56f98SSadaf Ebrahimi make test 1874*62c56f98SSadaf Ebrahimi 1875*62c56f98SSadaf Ebrahimi msg "test: cpp_dummy_build (full config, clang)" # ~ 1s 1876*62c56f98SSadaf Ebrahimi programs/test/cpp_dummy_build 1877*62c56f98SSadaf Ebrahimi 1878*62c56f98SSadaf Ebrahimi msg "test: psa_constant_names (full config, clang)" # ~ 1s 1879*62c56f98SSadaf Ebrahimi tests/scripts/test_psa_constant_names.py 1880*62c56f98SSadaf Ebrahimi 1881*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s 1882*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' 1883*62c56f98SSadaf Ebrahimi 1884*62c56f98SSadaf Ebrahimi msg "test: compat.sh NULL (full config)" # ~ 2 min 1885*62c56f98SSadaf Ebrahimi env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL' 1886*62c56f98SSadaf Ebrahimi 1887*62c56f98SSadaf Ebrahimi msg "test: compat.sh ARIA + ChachaPoly" 1888*62c56f98SSadaf Ebrahimi env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 1889*62c56f98SSadaf Ebrahimi} 1890*62c56f98SSadaf Ebrahimi 1891*62c56f98SSadaf Ebrahimiskip_suites_without_constant_flow () { 1892*62c56f98SSadaf Ebrahimi # Skip the test suites that don't have any constant-flow annotations. 1893*62c56f98SSadaf Ebrahimi # This will need to be adjusted if we ever start declaring things as 1894*62c56f98SSadaf Ebrahimi # secret from macros or functions inside tests/include or tests/src. 1895*62c56f98SSadaf Ebrahimi SKIP_TEST_SUITES=$( 1896*62c56f98SSadaf Ebrahimi git -C tests/suites grep -L TEST_CF_ 'test_suite_*.function' | 1897*62c56f98SSadaf Ebrahimi sed 's/test_suite_//; s/\.function$//' | 1898*62c56f98SSadaf Ebrahimi tr '\n' ,) 1899*62c56f98SSadaf Ebrahimi export SKIP_TEST_SUITES 1900*62c56f98SSadaf Ebrahimi} 1901*62c56f98SSadaf Ebrahimi 1902*62c56f98SSadaf Ebrahimiskip_all_except_given_suite () { 1903*62c56f98SSadaf Ebrahimi # Skip all but the given test suite 1904*62c56f98SSadaf Ebrahimi SKIP_TEST_SUITES=$( 1905*62c56f98SSadaf Ebrahimi ls -1 tests/suites/test_suite_*.function | 1906*62c56f98SSadaf Ebrahimi grep -v $1.function | 1907*62c56f98SSadaf Ebrahimi sed 's/tests.suites.test_suite_//; s/\.function$//' | 1908*62c56f98SSadaf Ebrahimi tr '\n' ,) 1909*62c56f98SSadaf Ebrahimi export SKIP_TEST_SUITES 1910*62c56f98SSadaf Ebrahimi} 1911*62c56f98SSadaf Ebrahimi 1912*62c56f98SSadaf Ebrahimicomponent_test_memsan_constant_flow () { 1913*62c56f98SSadaf Ebrahimi # This tests both (1) accesses to undefined memory, and (2) branches or 1914*62c56f98SSadaf Ebrahimi # memory access depending on secret values. To distinguish between those: 1915*62c56f98SSadaf Ebrahimi # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist? 1916*62c56f98SSadaf Ebrahimi # - or alternatively, change the build type to MemSanDbg, which enables 1917*62c56f98SSadaf Ebrahimi # origin tracking and nicer stack traces (which are useful for debugging 1918*62c56f98SSadaf Ebrahimi # anyway), and check if the origin was TEST_CF_SECRET() or something else. 1919*62c56f98SSadaf Ebrahimi msg "build: cmake MSan (clang), full config minus MBEDTLS_USE_PSA_CRYPTO with constant flow testing" 1920*62c56f98SSadaf Ebrahimi scripts/config.py full 1921*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1922*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 1923*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm 1924*62c56f98SSadaf Ebrahimi CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . 1925*62c56f98SSadaf Ebrahimi make 1926*62c56f98SSadaf Ebrahimi 1927*62c56f98SSadaf Ebrahimi msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO, Msan + constant flow)" 1928*62c56f98SSadaf Ebrahimi make test 1929*62c56f98SSadaf Ebrahimi} 1930*62c56f98SSadaf Ebrahimi 1931*62c56f98SSadaf Ebrahimicomponent_test_memsan_constant_flow_psa () { 1932*62c56f98SSadaf Ebrahimi # This tests both (1) accesses to undefined memory, and (2) branches or 1933*62c56f98SSadaf Ebrahimi # memory access depending on secret values. To distinguish between those: 1934*62c56f98SSadaf Ebrahimi # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist? 1935*62c56f98SSadaf Ebrahimi # - or alternatively, change the build type to MemSanDbg, which enables 1936*62c56f98SSadaf Ebrahimi # origin tracking and nicer stack traces (which are useful for debugging 1937*62c56f98SSadaf Ebrahimi # anyway), and check if the origin was TEST_CF_SECRET() or something else. 1938*62c56f98SSadaf Ebrahimi msg "build: cmake MSan (clang), full config with constant flow testing" 1939*62c56f98SSadaf Ebrahimi scripts/config.py full 1940*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1941*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm 1942*62c56f98SSadaf Ebrahimi CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . 1943*62c56f98SSadaf Ebrahimi make 1944*62c56f98SSadaf Ebrahimi 1945*62c56f98SSadaf Ebrahimi msg "test: main suites (Msan + constant flow)" 1946*62c56f98SSadaf Ebrahimi make test 1947*62c56f98SSadaf Ebrahimi} 1948*62c56f98SSadaf Ebrahimi 1949*62c56f98SSadaf Ebrahimicomponent_test_valgrind_constant_flow () { 1950*62c56f98SSadaf Ebrahimi # This tests both (1) everything that valgrind's memcheck usually checks 1951*62c56f98SSadaf Ebrahimi # (heap buffer overflows, use of uninitialized memory, use-after-free, 1952*62c56f98SSadaf Ebrahimi # etc.) and (2) branches or memory access depending on secret values, 1953*62c56f98SSadaf Ebrahimi # which will be reported as uninitialized memory. To distinguish between 1954*62c56f98SSadaf Ebrahimi # secret and actually uninitialized: 1955*62c56f98SSadaf Ebrahimi # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist? 1956*62c56f98SSadaf Ebrahimi # - or alternatively, build with debug info and manually run the offending 1957*62c56f98SSadaf Ebrahimi # test suite with valgrind --track-origins=yes, then check if the origin 1958*62c56f98SSadaf Ebrahimi # was TEST_CF_SECRET() or something else. 1959*62c56f98SSadaf Ebrahimi msg "build: cmake release GCC, full config minus MBEDTLS_USE_PSA_CRYPTO with constant flow testing" 1960*62c56f98SSadaf Ebrahimi scripts/config.py full 1961*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1962*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 1963*62c56f98SSadaf Ebrahimi skip_suites_without_constant_flow 1964*62c56f98SSadaf Ebrahimi cmake -D CMAKE_BUILD_TYPE:String=Release . 1965*62c56f98SSadaf Ebrahimi make 1966*62c56f98SSadaf Ebrahimi 1967*62c56f98SSadaf Ebrahimi # this only shows a summary of the results (how many of each type) 1968*62c56f98SSadaf Ebrahimi # details are left in Testing/<date>/DynamicAnalysis.xml 1969*62c56f98SSadaf Ebrahimi msg "test: some suites (full minus MBEDTLS_USE_PSA_CRYPTO, valgrind + constant flow)" 1970*62c56f98SSadaf Ebrahimi make memcheck 1971*62c56f98SSadaf Ebrahimi 1972*62c56f98SSadaf Ebrahimi # Test asm path in constant time module - by default, it will test the plain C 1973*62c56f98SSadaf Ebrahimi # path under Valgrind or Memsan. Running only the constant_time tests is fast (<1s) 1974*62c56f98SSadaf Ebrahimi msg "test: valgrind asm constant_time" 1975*62c56f98SSadaf Ebrahimi scripts/config.py --force set MBEDTLS_TEST_CONSTANT_FLOW_ASM 1976*62c56f98SSadaf Ebrahimi skip_all_except_given_suite test_suite_constant_time 1977*62c56f98SSadaf Ebrahimi cmake -D CMAKE_BUILD_TYPE:String=Release . 1978*62c56f98SSadaf Ebrahimi make clean 1979*62c56f98SSadaf Ebrahimi make 1980*62c56f98SSadaf Ebrahimi make memcheck 1981*62c56f98SSadaf Ebrahimi} 1982*62c56f98SSadaf Ebrahimi 1983*62c56f98SSadaf Ebrahimicomponent_test_valgrind_constant_flow_psa () { 1984*62c56f98SSadaf Ebrahimi # This tests both (1) everything that valgrind's memcheck usually checks 1985*62c56f98SSadaf Ebrahimi # (heap buffer overflows, use of uninitialized memory, use-after-free, 1986*62c56f98SSadaf Ebrahimi # etc.) and (2) branches or memory access depending on secret values, 1987*62c56f98SSadaf Ebrahimi # which will be reported as uninitialized memory. To distinguish between 1988*62c56f98SSadaf Ebrahimi # secret and actually uninitialized: 1989*62c56f98SSadaf Ebrahimi # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist? 1990*62c56f98SSadaf Ebrahimi # - or alternatively, build with debug info and manually run the offending 1991*62c56f98SSadaf Ebrahimi # test suite with valgrind --track-origins=yes, then check if the origin 1992*62c56f98SSadaf Ebrahimi # was TEST_CF_SECRET() or something else. 1993*62c56f98SSadaf Ebrahimi msg "build: cmake release GCC, full config with constant flow testing" 1994*62c56f98SSadaf Ebrahimi scripts/config.py full 1995*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1996*62c56f98SSadaf Ebrahimi skip_suites_without_constant_flow 1997*62c56f98SSadaf Ebrahimi cmake -D CMAKE_BUILD_TYPE:String=Release . 1998*62c56f98SSadaf Ebrahimi make 1999*62c56f98SSadaf Ebrahimi 2000*62c56f98SSadaf Ebrahimi # this only shows a summary of the results (how many of each type) 2001*62c56f98SSadaf Ebrahimi # details are left in Testing/<date>/DynamicAnalysis.xml 2002*62c56f98SSadaf Ebrahimi msg "test: some suites (valgrind + constant flow)" 2003*62c56f98SSadaf Ebrahimi make memcheck 2004*62c56f98SSadaf Ebrahimi} 2005*62c56f98SSadaf Ebrahimi 2006*62c56f98SSadaf Ebrahimicomponent_test_default_no_deprecated () { 2007*62c56f98SSadaf Ebrahimi # Test that removing the deprecated features from the default 2008*62c56f98SSadaf Ebrahimi # configuration leaves something consistent. 2009*62c56f98SSadaf Ebrahimi msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s 2010*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_DEPRECATED_REMOVED 2011*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' 2012*62c56f98SSadaf Ebrahimi 2013*62c56f98SSadaf Ebrahimi msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s 2014*62c56f98SSadaf Ebrahimi make test 2015*62c56f98SSadaf Ebrahimi} 2016*62c56f98SSadaf Ebrahimi 2017*62c56f98SSadaf Ebrahimicomponent_test_full_no_deprecated () { 2018*62c56f98SSadaf Ebrahimi msg "build: make, full_no_deprecated config" # ~ 30s 2019*62c56f98SSadaf Ebrahimi scripts/config.py full_no_deprecated 2020*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' 2021*62c56f98SSadaf Ebrahimi 2022*62c56f98SSadaf Ebrahimi msg "test: make, full_no_deprecated config" # ~ 5s 2023*62c56f98SSadaf Ebrahimi make test 2024*62c56f98SSadaf Ebrahimi 2025*62c56f98SSadaf Ebrahimi msg "test: ensure that X509 has no direct dependency on BIGNUM_C" 2026*62c56f98SSadaf Ebrahimi not grep mbedtls_mpi library/libmbedx509.a 2027*62c56f98SSadaf Ebrahimi} 2028*62c56f98SSadaf Ebrahimi 2029*62c56f98SSadaf Ebrahimicomponent_test_full_no_deprecated_deprecated_warning () { 2030*62c56f98SSadaf Ebrahimi # Test that there is nothing deprecated in "full_no_deprecated". 2031*62c56f98SSadaf Ebrahimi # A deprecated feature would trigger a warning (made fatal) from 2032*62c56f98SSadaf Ebrahimi # MBEDTLS_DEPRECATED_WARNING. 2033*62c56f98SSadaf Ebrahimi msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s 2034*62c56f98SSadaf Ebrahimi scripts/config.py full_no_deprecated 2035*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED 2036*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_DEPRECATED_WARNING 2037*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' 2038*62c56f98SSadaf Ebrahimi 2039*62c56f98SSadaf Ebrahimi msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s 2040*62c56f98SSadaf Ebrahimi make test 2041*62c56f98SSadaf Ebrahimi} 2042*62c56f98SSadaf Ebrahimi 2043*62c56f98SSadaf Ebrahimicomponent_test_full_deprecated_warning () { 2044*62c56f98SSadaf Ebrahimi # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes 2045*62c56f98SSadaf Ebrahimi # with only certain whitelisted types of warnings. 2046*62c56f98SSadaf Ebrahimi msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s 2047*62c56f98SSadaf Ebrahimi scripts/config.py full 2048*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_DEPRECATED_WARNING 2049*62c56f98SSadaf Ebrahimi # Expect warnings from '#warning' directives in check_config.h. 2050*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs 2051*62c56f98SSadaf Ebrahimi 2052*62c56f98SSadaf Ebrahimi msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s 2053*62c56f98SSadaf Ebrahimi # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features. 2054*62c56f98SSadaf Ebrahimi # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. 2055*62c56f98SSadaf Ebrahimi # Expect warnings from '#warning' directives in check_config.h and 2056*62c56f98SSadaf Ebrahimi # from the use of deprecated functions in test suites. 2057*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests 2058*62c56f98SSadaf Ebrahimi 2059*62c56f98SSadaf Ebrahimi msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s 2060*62c56f98SSadaf Ebrahimi make test 2061*62c56f98SSadaf Ebrahimi} 2062*62c56f98SSadaf Ebrahimi 2063*62c56f98SSadaf Ebrahimi# Check that the specified libraries exist and are empty. 2064*62c56f98SSadaf Ebrahimiare_empty_libraries () { 2065*62c56f98SSadaf Ebrahimi nm "$@" >/dev/null 2>/dev/null 2066*62c56f98SSadaf Ebrahimi ! nm "$@" 2>/dev/null | grep -v ':$' | grep . 2067*62c56f98SSadaf Ebrahimi} 2068*62c56f98SSadaf Ebrahimi 2069*62c56f98SSadaf Ebrahimicomponent_build_crypto_default () { 2070*62c56f98SSadaf Ebrahimi msg "build: make, crypto only" 2071*62c56f98SSadaf Ebrahimi scripts/config.py crypto 2072*62c56f98SSadaf Ebrahimi make CFLAGS='-O1 -Werror' 2073*62c56f98SSadaf Ebrahimi are_empty_libraries library/libmbedx509.* library/libmbedtls.* 2074*62c56f98SSadaf Ebrahimi} 2075*62c56f98SSadaf Ebrahimi 2076*62c56f98SSadaf Ebrahimicomponent_build_crypto_full () { 2077*62c56f98SSadaf Ebrahimi msg "build: make, crypto only, full config" 2078*62c56f98SSadaf Ebrahimi scripts/config.py crypto_full 2079*62c56f98SSadaf Ebrahimi make CFLAGS='-O1 -Werror' 2080*62c56f98SSadaf Ebrahimi are_empty_libraries library/libmbedx509.* library/libmbedtls.* 2081*62c56f98SSadaf Ebrahimi} 2082*62c56f98SSadaf Ebrahimi 2083*62c56f98SSadaf Ebrahimicomponent_test_crypto_for_psa_service () { 2084*62c56f98SSadaf Ebrahimi msg "build: make, config for PSA crypto service" 2085*62c56f98SSadaf Ebrahimi scripts/config.py crypto 2086*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 2087*62c56f98SSadaf Ebrahimi # Disable things that are not needed for just cryptography, to 2088*62c56f98SSadaf Ebrahimi # reach a configuration that would be typical for a PSA cryptography 2089*62c56f98SSadaf Ebrahimi # service providing all implemented PSA algorithms. 2090*62c56f98SSadaf Ebrahimi # System stuff 2091*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ERROR_C 2092*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_TIMING_C 2093*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_VERSION_FEATURES 2094*62c56f98SSadaf Ebrahimi # Crypto stuff with no PSA interface 2095*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_BASE64_C 2096*62c56f98SSadaf Ebrahimi # Keep MBEDTLS_CIPHER_C because psa_crypto_cipher, CCM and GCM need it. 2097*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HKDF_C # PSA's HKDF is independent 2098*62c56f98SSadaf Ebrahimi # Keep MBEDTLS_MD_C because deterministic ECDSA needs it for HMAC_DRBG. 2099*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_NIST_KW_C 2100*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PEM_PARSE_C 2101*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PEM_WRITE_C 2102*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS12_C 2103*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS5_C 2104*62c56f98SSadaf Ebrahimi # MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C are actually currently needed 2105*62c56f98SSadaf Ebrahimi # in PSA code to work with RSA keys. We don't require users to set those: 2106*62c56f98SSadaf Ebrahimi # they will be reenabled in build_info.h. 2107*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_C 2108*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_C 2109*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_WRITE_C 2110*62c56f98SSadaf Ebrahimi make CFLAGS='-O1 -Werror' all test 2111*62c56f98SSadaf Ebrahimi are_empty_libraries library/libmbedx509.* library/libmbedtls.* 2112*62c56f98SSadaf Ebrahimi} 2113*62c56f98SSadaf Ebrahimi 2114*62c56f98SSadaf Ebrahimicomponent_build_crypto_baremetal () { 2115*62c56f98SSadaf Ebrahimi msg "build: make, crypto only, baremetal config" 2116*62c56f98SSadaf Ebrahimi scripts/config.py crypto_baremetal 2117*62c56f98SSadaf Ebrahimi make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" 2118*62c56f98SSadaf Ebrahimi are_empty_libraries library/libmbedx509.* library/libmbedtls.* 2119*62c56f98SSadaf Ebrahimi} 2120*62c56f98SSadaf Ebrahimisupport_build_crypto_baremetal () { 2121*62c56f98SSadaf Ebrahimi support_build_baremetal "$@" 2122*62c56f98SSadaf Ebrahimi} 2123*62c56f98SSadaf Ebrahimi 2124*62c56f98SSadaf Ebrahimicomponent_build_baremetal () { 2125*62c56f98SSadaf Ebrahimi msg "build: make, baremetal config" 2126*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 2127*62c56f98SSadaf Ebrahimi make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" 2128*62c56f98SSadaf Ebrahimi} 2129*62c56f98SSadaf Ebrahimisupport_build_baremetal () { 2130*62c56f98SSadaf Ebrahimi # Older Glibc versions include time.h from other headers such as stdlib.h, 2131*62c56f98SSadaf Ebrahimi # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this 2132*62c56f98SSadaf Ebrahimi # problem, Ubuntu 18.04 is ok. 2133*62c56f98SSadaf Ebrahimi ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h 2134*62c56f98SSadaf Ebrahimi} 2135*62c56f98SSadaf Ebrahimi 2136*62c56f98SSadaf Ebrahimi# depends.py family of tests 2137*62c56f98SSadaf Ebrahimicomponent_test_depends_py_cipher_id () { 2138*62c56f98SSadaf Ebrahimi msg "test/build: depends.py cipher_id (gcc)" 2139*62c56f98SSadaf Ebrahimi tests/scripts/depends.py cipher_id --unset-use-psa 2140*62c56f98SSadaf Ebrahimi} 2141*62c56f98SSadaf Ebrahimi 2142*62c56f98SSadaf Ebrahimicomponent_test_depends_py_cipher_chaining () { 2143*62c56f98SSadaf Ebrahimi msg "test/build: depends.py cipher_chaining (gcc)" 2144*62c56f98SSadaf Ebrahimi tests/scripts/depends.py cipher_chaining --unset-use-psa 2145*62c56f98SSadaf Ebrahimi} 2146*62c56f98SSadaf Ebrahimi 2147*62c56f98SSadaf Ebrahimicomponent_test_depends_py_cipher_padding () { 2148*62c56f98SSadaf Ebrahimi msg "test/build: depends.py cipher_padding (gcc)" 2149*62c56f98SSadaf Ebrahimi tests/scripts/depends.py cipher_padding --unset-use-psa 2150*62c56f98SSadaf Ebrahimi} 2151*62c56f98SSadaf Ebrahimi 2152*62c56f98SSadaf Ebrahimicomponent_test_depends_py_curves () { 2153*62c56f98SSadaf Ebrahimi msg "test/build: depends.py curves (gcc)" 2154*62c56f98SSadaf Ebrahimi tests/scripts/depends.py curves --unset-use-psa 2155*62c56f98SSadaf Ebrahimi} 2156*62c56f98SSadaf Ebrahimi 2157*62c56f98SSadaf Ebrahimicomponent_test_depends_py_hashes () { 2158*62c56f98SSadaf Ebrahimi msg "test/build: depends.py hashes (gcc)" 2159*62c56f98SSadaf Ebrahimi tests/scripts/depends.py hashes --unset-use-psa 2160*62c56f98SSadaf Ebrahimi} 2161*62c56f98SSadaf Ebrahimi 2162*62c56f98SSadaf Ebrahimicomponent_test_depends_py_kex () { 2163*62c56f98SSadaf Ebrahimi msg "test/build: depends.py kex (gcc)" 2164*62c56f98SSadaf Ebrahimi tests/scripts/depends.py kex --unset-use-psa 2165*62c56f98SSadaf Ebrahimi} 2166*62c56f98SSadaf Ebrahimi 2167*62c56f98SSadaf Ebrahimicomponent_test_depends_py_pkalgs () { 2168*62c56f98SSadaf Ebrahimi msg "test/build: depends.py pkalgs (gcc)" 2169*62c56f98SSadaf Ebrahimi tests/scripts/depends.py pkalgs --unset-use-psa 2170*62c56f98SSadaf Ebrahimi} 2171*62c56f98SSadaf Ebrahimi 2172*62c56f98SSadaf Ebrahimi# PSA equivalents of the depends.py tests 2173*62c56f98SSadaf Ebrahimicomponent_test_depends_py_cipher_id_psa () { 2174*62c56f98SSadaf Ebrahimi msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2175*62c56f98SSadaf Ebrahimi tests/scripts/depends.py cipher_id 2176*62c56f98SSadaf Ebrahimi} 2177*62c56f98SSadaf Ebrahimi 2178*62c56f98SSadaf Ebrahimicomponent_test_depends_py_cipher_chaining_psa () { 2179*62c56f98SSadaf Ebrahimi msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2180*62c56f98SSadaf Ebrahimi tests/scripts/depends.py cipher_chaining 2181*62c56f98SSadaf Ebrahimi} 2182*62c56f98SSadaf Ebrahimi 2183*62c56f98SSadaf Ebrahimicomponent_test_depends_py_cipher_padding_psa () { 2184*62c56f98SSadaf Ebrahimi msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2185*62c56f98SSadaf Ebrahimi tests/scripts/depends.py cipher_padding 2186*62c56f98SSadaf Ebrahimi} 2187*62c56f98SSadaf Ebrahimi 2188*62c56f98SSadaf Ebrahimicomponent_test_depends_py_curves_psa () { 2189*62c56f98SSadaf Ebrahimi msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2190*62c56f98SSadaf Ebrahimi tests/scripts/depends.py curves 2191*62c56f98SSadaf Ebrahimi} 2192*62c56f98SSadaf Ebrahimi 2193*62c56f98SSadaf Ebrahimicomponent_test_depends_py_hashes_psa () { 2194*62c56f98SSadaf Ebrahimi msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2195*62c56f98SSadaf Ebrahimi tests/scripts/depends.py hashes 2196*62c56f98SSadaf Ebrahimi} 2197*62c56f98SSadaf Ebrahimi 2198*62c56f98SSadaf Ebrahimicomponent_test_depends_py_kex_psa () { 2199*62c56f98SSadaf Ebrahimi msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2200*62c56f98SSadaf Ebrahimi tests/scripts/depends.py kex 2201*62c56f98SSadaf Ebrahimi} 2202*62c56f98SSadaf Ebrahimi 2203*62c56f98SSadaf Ebrahimicomponent_test_depends_py_pkalgs_psa () { 2204*62c56f98SSadaf Ebrahimi msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" 2205*62c56f98SSadaf Ebrahimi tests/scripts/depends.py pkalgs 2206*62c56f98SSadaf Ebrahimi} 2207*62c56f98SSadaf Ebrahimi 2208*62c56f98SSadaf Ebrahimicomponent_build_no_pk_rsa_alt_support () { 2209*62c56f98SSadaf Ebrahimi msg "build: !MBEDTLS_PK_RSA_ALT_SUPPORT" # ~30s 2210*62c56f98SSadaf Ebrahimi 2211*62c56f98SSadaf Ebrahimi scripts/config.py full 2212*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_RSA_ALT_SUPPORT 2213*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_RSA_C 2214*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_X509_CRT_WRITE_C 2215*62c56f98SSadaf Ebrahimi 2216*62c56f98SSadaf Ebrahimi # Only compile - this is primarily to test for compile issues 2217*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' 2218*62c56f98SSadaf Ebrahimi} 2219*62c56f98SSadaf Ebrahimi 2220*62c56f98SSadaf Ebrahimicomponent_build_module_alt () { 2221*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_XXX_ALT" # ~30s 2222*62c56f98SSadaf Ebrahimi scripts/config.py full 2223*62c56f98SSadaf Ebrahimi 2224*62c56f98SSadaf Ebrahimi # Disable options that are incompatible with some ALT implementations: 2225*62c56f98SSadaf Ebrahimi # aesni.c and padlock.c reference mbedtls_aes_context fields directly. 2226*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 2227*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 2228*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESCE_C 2229*62c56f98SSadaf Ebrahimi # MBEDTLS_ECP_RESTARTABLE is documented as incompatible. 2230*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 2231*62c56f98SSadaf Ebrahimi # You can only have one threading implementation: alt or pthread, not both. 2232*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_THREADING_PTHREAD 2233*62c56f98SSadaf Ebrahimi # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields 2234*62c56f98SSadaf Ebrahimi # directly and assumes the implementation works with partial groups. 2235*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED 2236*62c56f98SSadaf Ebrahimi # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_* 2237*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 2238*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 2239*62c56f98SSadaf Ebrahimi # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* 2240*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 2241*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 2242*62c56f98SSadaf Ebrahimi 2243*62c56f98SSadaf Ebrahimi # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable 2244*62c56f98SSadaf Ebrahimi # MBEDTLS_XXX_YYY_ALT which are for single functions. 2245*62c56f98SSadaf Ebrahimi scripts/config.py set-all 'MBEDTLS_([A-Z0-9]*|NIST_KW)_ALT' 2246*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DHM_ALT #incompatible with MBEDTLS_DEBUG_C 2247*62c56f98SSadaf Ebrahimi 2248*62c56f98SSadaf Ebrahimi # We can only compile, not link, since we don't have any implementations 2249*62c56f98SSadaf Ebrahimi # suitable for testing with the dummy alt headers. 2250*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib 2251*62c56f98SSadaf Ebrahimi} 2252*62c56f98SSadaf Ebrahimi 2253*62c56f98SSadaf Ebrahimicomponent_build_dhm_alt () { 2254*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_DHM_ALT" # ~30s 2255*62c56f98SSadaf Ebrahimi scripts/config.py full 2256*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_DHM_ALT 2257*62c56f98SSadaf Ebrahimi # debug.c currently references mbedtls_dhm_context fields directly. 2258*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DEBUG_C 2259*62c56f98SSadaf Ebrahimi # We can only compile, not link, since we don't have any implementations 2260*62c56f98SSadaf Ebrahimi # suitable for testing with the dummy alt headers. 2261*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib 2262*62c56f98SSadaf Ebrahimi} 2263*62c56f98SSadaf Ebrahimi 2264*62c56f98SSadaf Ebrahimicomponent_test_no_use_psa_crypto_full_cmake_asan() { 2265*62c56f98SSadaf Ebrahimi # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh 2266*62c56f98SSadaf Ebrahimi msg "build: cmake, full config minus MBEDTLS_USE_PSA_CRYPTO, ASan" 2267*62c56f98SSadaf Ebrahimi scripts/config.py full 2268*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_C 2269*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 2270*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 2271*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C 2272*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C 2273*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 2274*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 2275*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 2276*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 2277*62c56f98SSadaf Ebrahimi make 2278*62c56f98SSadaf Ebrahimi 2279*62c56f98SSadaf Ebrahimi msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)" 2280*62c56f98SSadaf Ebrahimi make test 2281*62c56f98SSadaf Ebrahimi 2282*62c56f98SSadaf Ebrahimi # Note: ssl-opt.sh has some test cases that depend on 2283*62c56f98SSadaf Ebrahimi # MBEDTLS_ECP_RESTARTABLE && !MBEDTLS_USE_PSA_CRYPTO 2284*62c56f98SSadaf Ebrahimi # This is the only component where those tests are not skipped. 2285*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh (full minus MBEDTLS_USE_PSA_CRYPTO)" 2286*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 2287*62c56f98SSadaf Ebrahimi 2288*62c56f98SSadaf Ebrahimi msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)" 2289*62c56f98SSadaf Ebrahimi tests/compat.sh 2290*62c56f98SSadaf Ebrahimi 2291*62c56f98SSadaf Ebrahimi msg "test: compat.sh NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" 2292*62c56f98SSadaf Ebrahimi env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -f 'NULL' 2293*62c56f98SSadaf Ebrahimi 2294*62c56f98SSadaf Ebrahimi msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" 2295*62c56f98SSadaf Ebrahimi env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 2296*62c56f98SSadaf Ebrahimi} 2297*62c56f98SSadaf Ebrahimi 2298*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecdsa () { 2299*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" 2300*62c56f98SSadaf Ebrahimi 2301*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2302*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ 2303*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2304*62c56f98SSadaf Ebrahimi 2305*62c56f98SSadaf Ebrahimi # Note: Those are handled in a special way by the libtestdriver machinery, 2306*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2307*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2308*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 2309*62c56f98SSadaf Ebrahimi 2310*62c56f98SSadaf Ebrahimi # Configure 2311*62c56f98SSadaf Ebrahimi # --------- 2312*62c56f98SSadaf Ebrahimi 2313*62c56f98SSadaf Ebrahimi # Start from default config (no USE_PSA) + TLS 1.3 2314*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 2315*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3 2316*62c56f98SSadaf Ebrahimi 2317*62c56f98SSadaf Ebrahimi # Disable the module that's accelerated 2318*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 2319*62c56f98SSadaf Ebrahimi 2320*62c56f98SSadaf Ebrahimi # Disable things that depend on it 2321*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 2322*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 2323*62c56f98SSadaf Ebrahimi 2324*62c56f98SSadaf Ebrahimi # Build 2325*62c56f98SSadaf Ebrahimi # ----- 2326*62c56f98SSadaf Ebrahimi 2327*62c56f98SSadaf Ebrahimi # These hashes are needed for some ECDSA signature tests. 2328*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 2329*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 2330*62c56f98SSadaf Ebrahimi 2331*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 2332*62c56f98SSadaf Ebrahimi 2333*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2334*62c56f98SSadaf Ebrahimi 2335*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 2336*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa_ library/ecdsa.o 2337*62c56f98SSadaf Ebrahimi 2338*62c56f98SSadaf Ebrahimi # Run the tests 2339*62c56f98SSadaf Ebrahimi # ------------- 2340*62c56f98SSadaf Ebrahimi 2341*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" 2342*62c56f98SSadaf Ebrahimi make test 2343*62c56f98SSadaf Ebrahimi} 2344*62c56f98SSadaf Ebrahimi 2345*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecdh () { 2346*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" 2347*62c56f98SSadaf Ebrahimi 2348*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2349*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDH \ 2350*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2351*62c56f98SSadaf Ebrahimi 2352*62c56f98SSadaf Ebrahimi # Note: Those are handled in a special way by the libtestdriver machinery, 2353*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2354*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2355*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 2356*62c56f98SSadaf Ebrahimi 2357*62c56f98SSadaf Ebrahimi # Configure 2358*62c56f98SSadaf Ebrahimi # --------- 2359*62c56f98SSadaf Ebrahimi 2360*62c56f98SSadaf Ebrahimi # Start from default config (no TLS 1.3, no USE_PSA) 2361*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 2362*62c56f98SSadaf Ebrahimi 2363*62c56f98SSadaf Ebrahimi # Disable the module that's accelerated 2364*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 2365*62c56f98SSadaf Ebrahimi 2366*62c56f98SSadaf Ebrahimi # Disable things that depend on it 2367*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 2368*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 2369*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 2370*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 2371*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 2372*62c56f98SSadaf Ebrahimi 2373*62c56f98SSadaf Ebrahimi # Build 2374*62c56f98SSadaf Ebrahimi # ----- 2375*62c56f98SSadaf Ebrahimi 2376*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 2377*62c56f98SSadaf Ebrahimi 2378*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2379*62c56f98SSadaf Ebrahimi 2380*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 2381*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdh_ library/ecdh.o 2382*62c56f98SSadaf Ebrahimi 2383*62c56f98SSadaf Ebrahimi # Run the tests 2384*62c56f98SSadaf Ebrahimi # ------------- 2385*62c56f98SSadaf Ebrahimi 2386*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" 2387*62c56f98SSadaf Ebrahimi make test 2388*62c56f98SSadaf Ebrahimi} 2389*62c56f98SSadaf Ebrahimi 2390*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ffdh () { 2391*62c56f98SSadaf Ebrahimi msg "build: full with accelerated FFDH" 2392*62c56f98SSadaf Ebrahimi 2393*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2394*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_FFDH \ 2395*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "DH")" 2396*62c56f98SSadaf Ebrahimi 2397*62c56f98SSadaf Ebrahimi # Configure 2398*62c56f98SSadaf Ebrahimi # --------- 2399*62c56f98SSadaf Ebrahimi 2400*62c56f98SSadaf Ebrahimi # start with full (USE_PSA and TLS 1.3) 2401*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2402*62c56f98SSadaf Ebrahimi 2403*62c56f98SSadaf Ebrahimi # Disable the module that's accelerated 2404*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DHM_C 2405*62c56f98SSadaf Ebrahimi 2406*62c56f98SSadaf Ebrahimi # Disable things that depend on it 2407*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 2408*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 2409*62c56f98SSadaf Ebrahimi 2410*62c56f98SSadaf Ebrahimi # Build 2411*62c56f98SSadaf Ebrahimi # ----- 2412*62c56f98SSadaf Ebrahimi 2413*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 2414*62c56f98SSadaf Ebrahimi 2415*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 2416*62c56f98SSadaf Ebrahimi 2417*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 2418*62c56f98SSadaf Ebrahimi not grep mbedtls_dhm_ library/dhm.o 2419*62c56f98SSadaf Ebrahimi 2420*62c56f98SSadaf Ebrahimi # Run the tests 2421*62c56f98SSadaf Ebrahimi # ------------- 2422*62c56f98SSadaf Ebrahimi 2423*62c56f98SSadaf Ebrahimi msg "test: full with accelerated FFDH" 2424*62c56f98SSadaf Ebrahimi make test 2425*62c56f98SSadaf Ebrahimi 2426*62c56f98SSadaf Ebrahimi msg "ssl-opt: full with accelerated FFDH alg" 2427*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "ffdh" 2428*62c56f98SSadaf Ebrahimi} 2429*62c56f98SSadaf Ebrahimi 2430*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_reference_ffdh () { 2431*62c56f98SSadaf Ebrahimi msg "build: full with non-accelerated FFDH" 2432*62c56f98SSadaf Ebrahimi 2433*62c56f98SSadaf Ebrahimi # Start with full (USE_PSA and TLS 1.3) 2434*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2435*62c56f98SSadaf Ebrahimi 2436*62c56f98SSadaf Ebrahimi # Disable things that are not supported 2437*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 2438*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 2439*62c56f98SSadaf Ebrahimi make 2440*62c56f98SSadaf Ebrahimi 2441*62c56f98SSadaf Ebrahimi msg "test suites: full with non-accelerated FFDH alg" 2442*62c56f98SSadaf Ebrahimi make test 2443*62c56f98SSadaf Ebrahimi 2444*62c56f98SSadaf Ebrahimi msg "ssl-opt: full with non-accelerated FFDH alg" 2445*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "ffdh" 2446*62c56f98SSadaf Ebrahimi} 2447*62c56f98SSadaf Ebrahimi 2448*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_pake() { 2449*62c56f98SSadaf Ebrahimi msg "build: full with accelerated PAKE" 2450*62c56f98SSadaf Ebrahimi 2451*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_JPAKE \ 2452*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2453*62c56f98SSadaf Ebrahimi 2454*62c56f98SSadaf Ebrahimi # Note: Those are handled in a special way by the libtestdriver machinery, 2455*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2456*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2457*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 2458*62c56f98SSadaf Ebrahimi 2459*62c56f98SSadaf Ebrahimi # Configure 2460*62c56f98SSadaf Ebrahimi # --------- 2461*62c56f98SSadaf Ebrahimi 2462*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2463*62c56f98SSadaf Ebrahimi 2464*62c56f98SSadaf Ebrahimi # Make built-in fallback not available 2465*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 2466*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 2467*62c56f98SSadaf Ebrahimi 2468*62c56f98SSadaf Ebrahimi # Build 2469*62c56f98SSadaf Ebrahimi # ----- 2470*62c56f98SSadaf Ebrahimi 2471*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 2472*62c56f98SSadaf Ebrahimi 2473*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2474*62c56f98SSadaf Ebrahimi 2475*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 2476*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake_init library/ecjpake.o 2477*62c56f98SSadaf Ebrahimi 2478*62c56f98SSadaf Ebrahimi # Run the tests 2479*62c56f98SSadaf Ebrahimi # ------------- 2480*62c56f98SSadaf Ebrahimi 2481*62c56f98SSadaf Ebrahimi msg "test: full with accelerated PAKE" 2482*62c56f98SSadaf Ebrahimi make test 2483*62c56f98SSadaf Ebrahimi} 2484*62c56f98SSadaf Ebrahimi 2485*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_some_key_types () { 2486*62c56f98SSadaf Ebrahimi msg "build: full with accelerated EC algs and some key types" 2487*62c56f98SSadaf Ebrahimi 2488*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2489*62c56f98SSadaf Ebrahimi # For key types, use an explicitly list to omit GENERATE (and DERIVE) 2490*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ 2491*62c56f98SSadaf Ebrahimi ALG_ECDH \ 2492*62c56f98SSadaf Ebrahimi ALG_JPAKE \ 2493*62c56f98SSadaf Ebrahimi KEY_TYPE_ECC_PUBLIC_KEY \ 2494*62c56f98SSadaf Ebrahimi KEY_TYPE_ECC_KEY_PAIR_BASIC \ 2495*62c56f98SSadaf Ebrahimi KEY_TYPE_ECC_KEY_PAIR_IMPORT \ 2496*62c56f98SSadaf Ebrahimi KEY_TYPE_ECC_KEY_PAIR_EXPORT" 2497*62c56f98SSadaf Ebrahimi 2498*62c56f98SSadaf Ebrahimi # Note: Curves are handled in a special way by the libtestdriver machinery, 2499*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2500*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2501*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 2502*62c56f98SSadaf Ebrahimi 2503*62c56f98SSadaf Ebrahimi # Configure 2504*62c56f98SSadaf Ebrahimi # --------- 2505*62c56f98SSadaf Ebrahimi 2506*62c56f98SSadaf Ebrahimi # start with config full for maximum coverage (also enables USE_PSA) 2507*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2508*62c56f98SSadaf Ebrahimi 2509*62c56f98SSadaf Ebrahimi # Disable modules that are accelerated - some will be re-enabled 2510*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 2511*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 2512*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 2513*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_C 2514*62c56f98SSadaf Ebrahimi 2515*62c56f98SSadaf Ebrahimi # Disable all curves - those that aren't accelerated should be re-enabled 2516*62c56f98SSadaf Ebrahimi helper_disable_builtin_curves 2517*62c56f98SSadaf Ebrahimi 2518*62c56f98SSadaf Ebrahimi # Restartable feature is not yet supported by PSA. Once it will in 2519*62c56f98SSadaf Ebrahimi # the future, the following line could be removed (see issues 2520*62c56f98SSadaf Ebrahimi # 6061, 6332 and following ones) 2521*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 2522*62c56f98SSadaf Ebrahimi 2523*62c56f98SSadaf Ebrahimi # this is not supported by the driver API yet 2524*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 2525*62c56f98SSadaf Ebrahimi 2526*62c56f98SSadaf Ebrahimi # Build 2527*62c56f98SSadaf Ebrahimi # ----- 2528*62c56f98SSadaf Ebrahimi 2529*62c56f98SSadaf Ebrahimi # These hashes are needed for some ECDSA signature tests. 2530*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 2531*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 2532*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 2533*62c56f98SSadaf Ebrahimi 2534*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2535*62c56f98SSadaf Ebrahimi 2536*62c56f98SSadaf Ebrahimi # ECP should be re-enabled but not the others 2537*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdh_ library/ecdh.o 2538*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa library/ecdsa.o 2539*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake library/ecjpake.o 2540*62c56f98SSadaf Ebrahimi grep mbedtls_ecp library/ecp.o 2541*62c56f98SSadaf Ebrahimi 2542*62c56f98SSadaf Ebrahimi # Run the tests 2543*62c56f98SSadaf Ebrahimi # ------------- 2544*62c56f98SSadaf Ebrahimi 2545*62c56f98SSadaf Ebrahimi msg "test suites: full with accelerated EC algs and some key types" 2546*62c56f98SSadaf Ebrahimi make test 2547*62c56f98SSadaf Ebrahimi} 2548*62c56f98SSadaf Ebrahimi 2549*62c56f98SSadaf Ebrahimi# Run tests with only (non-)Weierstrass accelerated 2550*62c56f98SSadaf Ebrahimi# Common code used in: 2551*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_weierstrass_curves 2552*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_non_weierstrass_curves 2553*62c56f98SSadaf Ebrahimicommon_test_psa_crypto_config_accel_ecc_some_curves () { 2554*62c56f98SSadaf Ebrahimi weierstrass=$1 2555*62c56f98SSadaf Ebrahimi if [ $weierstrass -eq 1 ]; then 2556*62c56f98SSadaf Ebrahimi desc="Weierstrass" 2557*62c56f98SSadaf Ebrahimi else 2558*62c56f98SSadaf Ebrahimi desc="non-Weierstrass" 2559*62c56f98SSadaf Ebrahimi fi 2560*62c56f98SSadaf Ebrahimi 2561*62c56f98SSadaf Ebrahimi msg "build: crypto_full minus PK with accelerated EC algs and $desc curves" 2562*62c56f98SSadaf Ebrahimi 2563*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2564*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ 2565*62c56f98SSadaf Ebrahimi ALG_ECDH \ 2566*62c56f98SSadaf Ebrahimi ALG_JPAKE \ 2567*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2568*62c56f98SSadaf Ebrahimi 2569*62c56f98SSadaf Ebrahimi # Note: Curves are handled in a special way by the libtestdriver machinery, 2570*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2571*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2572*62c56f98SSadaf Ebrahimi # Note: the following loop is a modified version of 2573*62c56f98SSadaf Ebrahimi # helper_get_psa_curve_list that only keeps Weierstrass families. 2574*62c56f98SSadaf Ebrahimi loc_weierstrass_list="" 2575*62c56f98SSadaf Ebrahimi loc_non_weierstrass_list="" 2576*62c56f98SSadaf Ebrahimi for item in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do 2577*62c56f98SSadaf Ebrahimi case $item in 2578*62c56f98SSadaf Ebrahimi ECC_BRAINPOOL*|ECC_SECP*) 2579*62c56f98SSadaf Ebrahimi loc_weierstrass_list="$loc_weierstrass_list $item" 2580*62c56f98SSadaf Ebrahimi ;; 2581*62c56f98SSadaf Ebrahimi *) 2582*62c56f98SSadaf Ebrahimi loc_non_weierstrass_list="$loc_non_weierstrass_list $item" 2583*62c56f98SSadaf Ebrahimi ;; 2584*62c56f98SSadaf Ebrahimi esac 2585*62c56f98SSadaf Ebrahimi done 2586*62c56f98SSadaf Ebrahimi if [ $weierstrass -eq 1 ]; then 2587*62c56f98SSadaf Ebrahimi loc_curve_list=$loc_weierstrass_list 2588*62c56f98SSadaf Ebrahimi else 2589*62c56f98SSadaf Ebrahimi loc_curve_list=$loc_non_weierstrass_list 2590*62c56f98SSadaf Ebrahimi fi 2591*62c56f98SSadaf Ebrahimi 2592*62c56f98SSadaf Ebrahimi # Configure 2593*62c56f98SSadaf Ebrahimi # --------- 2594*62c56f98SSadaf Ebrahimi 2595*62c56f98SSadaf Ebrahimi # Start with config crypto_full and remove PK_C: 2596*62c56f98SSadaf Ebrahimi # that's what's supported now, see docs/driver-only-builds.md. 2597*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "crypto_full" 2598*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_C 2599*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_C 2600*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_WRITE_C 2601*62c56f98SSadaf Ebrahimi # We need to disable RSA too or PK will be re-enabled. 2602*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" 2603*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" 2604*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RSA_C 2605*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V15 2606*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 2607*62c56f98SSadaf Ebrahimi 2608*62c56f98SSadaf Ebrahimi # Disable modules that are accelerated - some will be re-enabled 2609*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 2610*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 2611*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 2612*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_C 2613*62c56f98SSadaf Ebrahimi 2614*62c56f98SSadaf Ebrahimi # Disable all curves - those that aren't accelerated should be re-enabled 2615*62c56f98SSadaf Ebrahimi helper_disable_builtin_curves 2616*62c56f98SSadaf Ebrahimi 2617*62c56f98SSadaf Ebrahimi # Restartable feature is not yet supported by PSA. Once it will in 2618*62c56f98SSadaf Ebrahimi # the future, the following line could be removed (see issues 2619*62c56f98SSadaf Ebrahimi # 6061, 6332 and following ones) 2620*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 2621*62c56f98SSadaf Ebrahimi 2622*62c56f98SSadaf Ebrahimi # this is not supported by the driver API yet 2623*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 2624*62c56f98SSadaf Ebrahimi 2625*62c56f98SSadaf Ebrahimi # Build 2626*62c56f98SSadaf Ebrahimi # ----- 2627*62c56f98SSadaf Ebrahimi 2628*62c56f98SSadaf Ebrahimi # These hashes are needed for some ECDSA signature tests. 2629*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 2630*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 2631*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 2632*62c56f98SSadaf Ebrahimi 2633*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2634*62c56f98SSadaf Ebrahimi 2635*62c56f98SSadaf Ebrahimi # We expect ECDH to be re-enabled for the missing curves 2636*62c56f98SSadaf Ebrahimi grep mbedtls_ecdh_ library/ecdh.o 2637*62c56f98SSadaf Ebrahimi # We expect ECP to be re-enabled, however the parts specific to the 2638*62c56f98SSadaf Ebrahimi # families of curves that are accelerated should be ommited. 2639*62c56f98SSadaf Ebrahimi # - functions with mxz in the name are specific to Montgomery curves 2640*62c56f98SSadaf Ebrahimi # - ecp_muladd is specific to Weierstrass curves 2641*62c56f98SSadaf Ebrahimi ##nm library/ecp.o | tee ecp.syms 2642*62c56f98SSadaf Ebrahimi if [ $weierstrass -eq 1 ]; then 2643*62c56f98SSadaf Ebrahimi not grep mbedtls_ecp_muladd library/ecp.o 2644*62c56f98SSadaf Ebrahimi grep mxz library/ecp.o 2645*62c56f98SSadaf Ebrahimi else 2646*62c56f98SSadaf Ebrahimi grep mbedtls_ecp_muladd library/ecp.o 2647*62c56f98SSadaf Ebrahimi not grep mxz library/ecp.o 2648*62c56f98SSadaf Ebrahimi fi 2649*62c56f98SSadaf Ebrahimi # We expect ECDSA and ECJPAKE to be re-enabled only when 2650*62c56f98SSadaf Ebrahimi # Weierstrass curves are not accelerated 2651*62c56f98SSadaf Ebrahimi if [ $weierstrass -eq 1 ]; then 2652*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa library/ecdsa.o 2653*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake library/ecjpake.o 2654*62c56f98SSadaf Ebrahimi else 2655*62c56f98SSadaf Ebrahimi grep mbedtls_ecdsa library/ecdsa.o 2656*62c56f98SSadaf Ebrahimi grep mbedtls_ecjpake library/ecjpake.o 2657*62c56f98SSadaf Ebrahimi fi 2658*62c56f98SSadaf Ebrahimi 2659*62c56f98SSadaf Ebrahimi # Run the tests 2660*62c56f98SSadaf Ebrahimi # ------------- 2661*62c56f98SSadaf Ebrahimi 2662*62c56f98SSadaf Ebrahimi msg "test suites: crypto_full minus PK with accelerated EC algs and $desc curves" 2663*62c56f98SSadaf Ebrahimi make test 2664*62c56f98SSadaf Ebrahimi} 2665*62c56f98SSadaf Ebrahimi 2666*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_weierstrass_curves () { 2667*62c56f98SSadaf Ebrahimi common_test_psa_crypto_config_accel_ecc_some_curves 1 2668*62c56f98SSadaf Ebrahimi} 2669*62c56f98SSadaf Ebrahimi 2670*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_non_weierstrass_curves () { 2671*62c56f98SSadaf Ebrahimi common_test_psa_crypto_config_accel_ecc_some_curves 0 2672*62c56f98SSadaf Ebrahimi} 2673*62c56f98SSadaf Ebrahimi 2674*62c56f98SSadaf Ebrahimi# Auxiliary function to build config for all EC based algorithms (EC-JPAKE, 2675*62c56f98SSadaf Ebrahimi# ECDH, ECDSA) with and without drivers. 2676*62c56f98SSadaf Ebrahimi# The input parameter is a boolean value which indicates: 2677*62c56f98SSadaf Ebrahimi# - 0 keep built-in EC algs, 2678*62c56f98SSadaf Ebrahimi# - 1 exclude built-in EC algs (driver only). 2679*62c56f98SSadaf Ebrahimi# 2680*62c56f98SSadaf Ebrahimi# This is used by the two following components to ensure they always use the 2681*62c56f98SSadaf Ebrahimi# same config, except for the use of driver or built-in EC algorithms: 2682*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_ecp_light_only; 2683*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_reference_ecc_ecp_light_only. 2684*62c56f98SSadaf Ebrahimi# This supports comparing their test coverage with analyze_outcomes.py. 2685*62c56f98SSadaf Ebrahimiconfig_psa_crypto_config_ecp_light_only () { 2686*62c56f98SSadaf Ebrahimi driver_only="$1" 2687*62c56f98SSadaf Ebrahimi # start with config full for maximum coverage (also enables USE_PSA) 2688*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2689*62c56f98SSadaf Ebrahimi if [ "$driver_only" -eq 1 ]; then 2690*62c56f98SSadaf Ebrahimi # Disable modules that are accelerated 2691*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 2692*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 2693*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 2694*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_C 2695*62c56f98SSadaf Ebrahimi fi 2696*62c56f98SSadaf Ebrahimi 2697*62c56f98SSadaf Ebrahimi # Restartable feature is not yet supported by PSA. Once it will in 2698*62c56f98SSadaf Ebrahimi # the future, the following line could be removed (see issues 2699*62c56f98SSadaf Ebrahimi # 6061, 6332 and following ones) 2700*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 2701*62c56f98SSadaf Ebrahimi} 2702*62c56f98SSadaf Ebrahimi 2703*62c56f98SSadaf Ebrahimi# Keep in sync with component_test_psa_crypto_config_reference_ecc_ecp_light_only 2704*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_ecp_light_only () { 2705*62c56f98SSadaf Ebrahimi msg "build: full with accelerated EC algs" 2706*62c56f98SSadaf Ebrahimi 2707*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2708*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ 2709*62c56f98SSadaf Ebrahimi ALG_ECDH \ 2710*62c56f98SSadaf Ebrahimi ALG_JPAKE \ 2711*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2712*62c56f98SSadaf Ebrahimi 2713*62c56f98SSadaf Ebrahimi # Note: Those are handled in a special way by the libtestdriver machinery, 2714*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2715*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2716*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 2717*62c56f98SSadaf Ebrahimi 2718*62c56f98SSadaf Ebrahimi # Configure 2719*62c56f98SSadaf Ebrahimi # --------- 2720*62c56f98SSadaf Ebrahimi 2721*62c56f98SSadaf Ebrahimi # Use the same config as reference, only without built-in EC algs 2722*62c56f98SSadaf Ebrahimi config_psa_crypto_config_ecp_light_only 1 2723*62c56f98SSadaf Ebrahimi 2724*62c56f98SSadaf Ebrahimi # Do not disable builtin curves because that support is required for: 2725*62c56f98SSadaf Ebrahimi # - MBEDTLS_PK_PARSE_EC_EXTENDED 2726*62c56f98SSadaf Ebrahimi # - MBEDTLS_PK_PARSE_EC_COMPRESSED 2727*62c56f98SSadaf Ebrahimi 2728*62c56f98SSadaf Ebrahimi # Build 2729*62c56f98SSadaf Ebrahimi # ----- 2730*62c56f98SSadaf Ebrahimi 2731*62c56f98SSadaf Ebrahimi # These hashes are needed for some ECDSA signature tests. 2732*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 2733*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 2734*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 2735*62c56f98SSadaf Ebrahimi 2736*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2737*62c56f98SSadaf Ebrahimi 2738*62c56f98SSadaf Ebrahimi # Make sure any built-in EC alg was not re-enabled by accident (additive config) 2739*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa_ library/ecdsa.o 2740*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdh_ library/ecdh.o 2741*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake_ library/ecjpake.o 2742*62c56f98SSadaf Ebrahimi not grep mbedtls_ecp_mul library/ecp.o 2743*62c56f98SSadaf Ebrahimi 2744*62c56f98SSadaf Ebrahimi # Run the tests 2745*62c56f98SSadaf Ebrahimi # ------------- 2746*62c56f98SSadaf Ebrahimi 2747*62c56f98SSadaf Ebrahimi msg "test suites: full with accelerated EC algs" 2748*62c56f98SSadaf Ebrahimi make test 2749*62c56f98SSadaf Ebrahimi 2750*62c56f98SSadaf Ebrahimi msg "ssl-opt: full with accelerated EC algs" 2751*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 2752*62c56f98SSadaf Ebrahimi} 2753*62c56f98SSadaf Ebrahimi 2754*62c56f98SSadaf Ebrahimi# Keep in sync with component_test_psa_crypto_config_accel_ecc_ecp_light_only 2755*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_reference_ecc_ecp_light_only () { 2756*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with non-accelerated EC algs" 2757*62c56f98SSadaf Ebrahimi 2758*62c56f98SSadaf Ebrahimi config_psa_crypto_config_ecp_light_only 0 2759*62c56f98SSadaf Ebrahimi 2760*62c56f98SSadaf Ebrahimi make 2761*62c56f98SSadaf Ebrahimi 2762*62c56f98SSadaf Ebrahimi msg "test suites: full with non-accelerated EC algs" 2763*62c56f98SSadaf Ebrahimi make test 2764*62c56f98SSadaf Ebrahimi 2765*62c56f98SSadaf Ebrahimi msg "ssl-opt: full with non-accelerated EC algs" 2766*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 2767*62c56f98SSadaf Ebrahimi} 2768*62c56f98SSadaf Ebrahimi 2769*62c56f98SSadaf Ebrahimi# This helper function is used by: 2770*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_no_ecp_at_all() 2771*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_reference_ecc_no_ecp_at_all() 2772*62c56f98SSadaf Ebrahimi# to ensure that both tests use the same underlying configuration when testing 2773*62c56f98SSadaf Ebrahimi# driver's coverage with analyze_outcomes.py. 2774*62c56f98SSadaf Ebrahimi# 2775*62c56f98SSadaf Ebrahimi# This functions accepts 1 boolean parameter as follows: 2776*62c56f98SSadaf Ebrahimi# - 1: building with accelerated EC algorithms (ECDSA, ECDH, ECJPAKE), therefore 2777*62c56f98SSadaf Ebrahimi# excluding their built-in implementation as well as ECP_C & ECP_LIGHT 2778*62c56f98SSadaf Ebrahimi# - 0: include built-in implementation of EC algorithms. 2779*62c56f98SSadaf Ebrahimi# 2780*62c56f98SSadaf Ebrahimi# PK_C and RSA_C are always disabled to ensure there is no remaining dependency 2781*62c56f98SSadaf Ebrahimi# on the ECP module. 2782*62c56f98SSadaf Ebrahimiconfig_psa_crypto_no_ecp_at_all () { 2783*62c56f98SSadaf Ebrahimi driver_only="$1" 2784*62c56f98SSadaf Ebrahimi # start with full config for maximum coverage (also enables USE_PSA) 2785*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2786*62c56f98SSadaf Ebrahimi 2787*62c56f98SSadaf Ebrahimi if [ "$driver_only" -eq 1 ]; then 2788*62c56f98SSadaf Ebrahimi # Disable modules that are accelerated 2789*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 2790*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 2791*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 2792*62c56f98SSadaf Ebrahimi # Disable ECP module (entirely) 2793*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_C 2794*62c56f98SSadaf Ebrahimi fi 2795*62c56f98SSadaf Ebrahimi 2796*62c56f98SSadaf Ebrahimi # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) 2797*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED 2798*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED 2799*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 2800*62c56f98SSadaf Ebrahimi 2801*62c56f98SSadaf Ebrahimi # Restartable feature is not yet supported by PSA. Once it will in 2802*62c56f98SSadaf Ebrahimi # the future, the following line could be removed (see issues 2803*62c56f98SSadaf Ebrahimi # 6061, 6332 and following ones) 2804*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 2805*62c56f98SSadaf Ebrahimi} 2806*62c56f98SSadaf Ebrahimi 2807*62c56f98SSadaf Ebrahimi# Build and test a configuration where driver accelerates all EC algs while 2808*62c56f98SSadaf Ebrahimi# all support and dependencies from ECP and ECP_LIGHT are removed on the library 2809*62c56f98SSadaf Ebrahimi# side. 2810*62c56f98SSadaf Ebrahimi# 2811*62c56f98SSadaf Ebrahimi# Keep in sync with component_test_psa_crypto_config_reference_ecc_no_ecp_at_all() 2812*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_no_ecp_at_all () { 2813*62c56f98SSadaf Ebrahimi msg "build: full + accelerated EC algs - ECP" 2814*62c56f98SSadaf Ebrahimi 2815*62c56f98SSadaf Ebrahimi # Algorithms and key types to accelerate 2816*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ 2817*62c56f98SSadaf Ebrahimi ALG_ECDH \ 2818*62c56f98SSadaf Ebrahimi ALG_JPAKE \ 2819*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2820*62c56f98SSadaf Ebrahimi 2821*62c56f98SSadaf Ebrahimi # Note: Those are handled in a special way by the libtestdriver machinery, 2822*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 2823*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 2824*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 2825*62c56f98SSadaf Ebrahimi 2826*62c56f98SSadaf Ebrahimi # Configure 2827*62c56f98SSadaf Ebrahimi # --------- 2828*62c56f98SSadaf Ebrahimi 2829*62c56f98SSadaf Ebrahimi # Set common configurations between library's and driver's builds 2830*62c56f98SSadaf Ebrahimi config_psa_crypto_no_ecp_at_all 1 2831*62c56f98SSadaf Ebrahimi # Disable all the builtin curves. All the required algs are accelerated. 2832*62c56f98SSadaf Ebrahimi helper_disable_builtin_curves 2833*62c56f98SSadaf Ebrahimi 2834*62c56f98SSadaf Ebrahimi # Build 2835*62c56f98SSadaf Ebrahimi # ----- 2836*62c56f98SSadaf Ebrahimi 2837*62c56f98SSadaf Ebrahimi # Things we wanted supported in libtestdriver1, but not accelerated in the main library: 2838*62c56f98SSadaf Ebrahimi # SHA-1 and all SHA-2/3 variants, as they are used by ECDSA deterministic. 2839*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 2840*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 2841*62c56f98SSadaf Ebrahimi 2842*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 2843*62c56f98SSadaf Ebrahimi 2844*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 2845*62c56f98SSadaf Ebrahimi 2846*62c56f98SSadaf Ebrahimi # Make sure any built-in EC alg was not re-enabled by accident (additive config) 2847*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa_ library/ecdsa.o 2848*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdh_ library/ecdh.o 2849*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake_ library/ecjpake.o 2850*62c56f98SSadaf Ebrahimi # Also ensure that ECP module was not re-enabled 2851*62c56f98SSadaf Ebrahimi not grep mbedtls_ecp_ library/ecp.o 2852*62c56f98SSadaf Ebrahimi 2853*62c56f98SSadaf Ebrahimi # Run the tests 2854*62c56f98SSadaf Ebrahimi # ------------- 2855*62c56f98SSadaf Ebrahimi 2856*62c56f98SSadaf Ebrahimi msg "test: full + accelerated EC algs - ECP" 2857*62c56f98SSadaf Ebrahimi make test 2858*62c56f98SSadaf Ebrahimi 2859*62c56f98SSadaf Ebrahimi msg "ssl-opt: full + accelerated EC algs - ECP" 2860*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 2861*62c56f98SSadaf Ebrahimi} 2862*62c56f98SSadaf Ebrahimi 2863*62c56f98SSadaf Ebrahimi# Reference function used for driver's coverage analysis in analyze_outcomes.py 2864*62c56f98SSadaf Ebrahimi# in conjunction with component_test_psa_crypto_config_accel_ecc_no_ecp_at_all(). 2865*62c56f98SSadaf Ebrahimi# Keep in sync with its accelerated counterpart. 2866*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { 2867*62c56f98SSadaf Ebrahimi msg "build: full + non accelerated EC algs" 2868*62c56f98SSadaf Ebrahimi 2869*62c56f98SSadaf Ebrahimi config_psa_crypto_no_ecp_at_all 0 2870*62c56f98SSadaf Ebrahimi 2871*62c56f98SSadaf Ebrahimi make 2872*62c56f98SSadaf Ebrahimi 2873*62c56f98SSadaf Ebrahimi msg "test: full + non accelerated EC algs" 2874*62c56f98SSadaf Ebrahimi make test 2875*62c56f98SSadaf Ebrahimi 2876*62c56f98SSadaf Ebrahimi msg "ssl-opt: full + non accelerated EC algs" 2877*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 2878*62c56f98SSadaf Ebrahimi} 2879*62c56f98SSadaf Ebrahimi 2880*62c56f98SSadaf Ebrahimi# This is a common configuration helper used directly from: 2881*62c56f98SSadaf Ebrahimi# - common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum 2882*62c56f98SSadaf Ebrahimi# - common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum 2883*62c56f98SSadaf Ebrahimi# and indirectly from: 2884*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_no_bignum 2885*62c56f98SSadaf Ebrahimi# - accelerate all EC algs, disable RSA and FFDH 2886*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_reference_ecc_no_bignum 2887*62c56f98SSadaf Ebrahimi# - this is the reference component of the above 2888*62c56f98SSadaf Ebrahimi# - it still disables RSA and FFDH, but it uses builtin EC algs 2889*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum 2890*62c56f98SSadaf Ebrahimi# - accelerate all EC and FFDH algs, disable only RSA 2891*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum 2892*62c56f98SSadaf Ebrahimi# - this is the reference component of the above 2893*62c56f98SSadaf Ebrahimi# - it still disables RSA, but it uses builtin EC and FFDH algs 2894*62c56f98SSadaf Ebrahimi# 2895*62c56f98SSadaf Ebrahimi# This function accepts 2 parameters: 2896*62c56f98SSadaf Ebrahimi# $1: a boolean value which states if we are testing an accelerated scenario 2897*62c56f98SSadaf Ebrahimi# or not. 2898*62c56f98SSadaf Ebrahimi# $2: a string value which states which components are tested. Allowed values 2899*62c56f98SSadaf Ebrahimi# are "ECC" or "ECC_DH". 2900*62c56f98SSadaf Ebrahimiconfig_psa_crypto_config_accel_ecc_ffdh_no_bignum() { 2901*62c56f98SSadaf Ebrahimi driver_only="$1" 2902*62c56f98SSadaf Ebrahimi test_target="$2" 2903*62c56f98SSadaf Ebrahimi # start with full config for maximum coverage (also enables USE_PSA) 2904*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 2905*62c56f98SSadaf Ebrahimi 2906*62c56f98SSadaf Ebrahimi if [ "$driver_only" -eq 1 ]; then 2907*62c56f98SSadaf Ebrahimi # Disable modules that are accelerated 2908*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 2909*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 2910*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECJPAKE_C 2911*62c56f98SSadaf Ebrahimi # Disable ECP module (entirely) 2912*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_C 2913*62c56f98SSadaf Ebrahimi # Also disable bignum 2914*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_BIGNUM_C 2915*62c56f98SSadaf Ebrahimi fi 2916*62c56f98SSadaf Ebrahimi 2917*62c56f98SSadaf Ebrahimi # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) 2918*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED 2919*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED 2920*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 2921*62c56f98SSadaf Ebrahimi 2922*62c56f98SSadaf Ebrahimi # RSA support is intentionally disabled on this test because RSA_C depends 2923*62c56f98SSadaf Ebrahimi # on BIGNUM_C. 2924*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" 2925*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" 2926*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RSA_C 2927*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V15 2928*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 2929*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 2930*62c56f98SSadaf Ebrahimi # Also disable key exchanges that depend on RSA 2931*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 2932*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 2933*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 2934*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 2935*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 2936*62c56f98SSadaf Ebrahimi 2937*62c56f98SSadaf Ebrahimi if [ "$test_target" = "ECC" ]; then 2938*62c56f98SSadaf Ebrahimi # When testing ECC only, we disable FFDH support, both from builtin and 2939*62c56f98SSadaf Ebrahimi # PSA sides, and also disable the key exchanges that depend on DHM. 2940*62c56f98SSadaf Ebrahimi scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH 2941*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" 2942*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DHM_C 2943*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 2944*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 2945*62c56f98SSadaf Ebrahimi else 2946*62c56f98SSadaf Ebrahimi # When testing ECC and DH instead, we disable DHM and depending key 2947*62c56f98SSadaf Ebrahimi # exchanges only in the accelerated build 2948*62c56f98SSadaf Ebrahimi if [ "$driver_only" -eq 1 ]; then 2949*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DHM_C 2950*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 2951*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 2952*62c56f98SSadaf Ebrahimi fi 2953*62c56f98SSadaf Ebrahimi fi 2954*62c56f98SSadaf Ebrahimi 2955*62c56f98SSadaf Ebrahimi # Restartable feature is not yet supported by PSA. Once it will in 2956*62c56f98SSadaf Ebrahimi # the future, the following line could be removed (see issues 2957*62c56f98SSadaf Ebrahimi # 6061, 6332 and following ones) 2958*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECP_RESTARTABLE 2959*62c56f98SSadaf Ebrahimi} 2960*62c56f98SSadaf Ebrahimi 2961*62c56f98SSadaf Ebrahimi# Common helper used by: 2962*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_no_bignum 2963*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum 2964*62c56f98SSadaf Ebrahimi# 2965*62c56f98SSadaf Ebrahimi# The goal is to build and test accelerating either: 2966*62c56f98SSadaf Ebrahimi# - ECC only or 2967*62c56f98SSadaf Ebrahimi# - both ECC and FFDH 2968*62c56f98SSadaf Ebrahimi# 2969*62c56f98SSadaf Ebrahimi# It is meant to be used in conjunction with 2970*62c56f98SSadaf Ebrahimi# common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum() for drivers 2971*62c56f98SSadaf Ebrahimi# coverage analysis in the "analyze_outcomes.py" script. 2972*62c56f98SSadaf Ebrahimicommon_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { 2973*62c56f98SSadaf Ebrahimi test_target="$1" 2974*62c56f98SSadaf Ebrahimi 2975*62c56f98SSadaf Ebrahimi # This is an internal helper to simplify text message handling 2976*62c56f98SSadaf Ebrahimi if [ "$test_target" = "ECC_DH" ]; then 2977*62c56f98SSadaf Ebrahimi accel_text="ECC/FFDH" 2978*62c56f98SSadaf Ebrahimi removed_text="ECP - DH" 2979*62c56f98SSadaf Ebrahimi else 2980*62c56f98SSadaf Ebrahimi accel_text="ECC" 2981*62c56f98SSadaf Ebrahimi removed_text="ECP" 2982*62c56f98SSadaf Ebrahimi fi 2983*62c56f98SSadaf Ebrahimi 2984*62c56f98SSadaf Ebrahimi msg "build: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM" 2985*62c56f98SSadaf Ebrahimi 2986*62c56f98SSadaf Ebrahimi # By default we accelerate all EC keys/algs 2987*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ 2988*62c56f98SSadaf Ebrahimi ALG_ECDH \ 2989*62c56f98SSadaf Ebrahimi ALG_JPAKE \ 2990*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "ECC")" 2991*62c56f98SSadaf Ebrahimi # Optionally we can also add DH to the list of accelerated items 2992*62c56f98SSadaf Ebrahimi if [ "$test_target" = "ECC_DH" ]; then 2993*62c56f98SSadaf Ebrahimi loc_accel_list="$loc_accel_list \ 2994*62c56f98SSadaf Ebrahimi ALG_FFDH \ 2995*62c56f98SSadaf Ebrahimi $(helper_get_psa_key_type_list "DH")" 2996*62c56f98SSadaf Ebrahimi fi 2997*62c56f98SSadaf Ebrahimi 2998*62c56f98SSadaf Ebrahimi # Note: Those are handled in a special way by the libtestdriver machinery, 2999*62c56f98SSadaf Ebrahimi # so we only want to include them in the accel list when building the main 3000*62c56f98SSadaf Ebrahimi # libraries, hence the use of a separate variable. 3001*62c56f98SSadaf Ebrahimi loc_curve_list="$(helper_get_psa_curve_list)" 3002*62c56f98SSadaf Ebrahimi 3003*62c56f98SSadaf Ebrahimi # Configure 3004*62c56f98SSadaf Ebrahimi # --------- 3005*62c56f98SSadaf Ebrahimi 3006*62c56f98SSadaf Ebrahimi # Set common configurations between library's and driver's builds 3007*62c56f98SSadaf Ebrahimi config_psa_crypto_config_accel_ecc_ffdh_no_bignum 1 "$test_target" 3008*62c56f98SSadaf Ebrahimi # Disable all the builtin curves. All the required algs are accelerated. 3009*62c56f98SSadaf Ebrahimi helper_disable_builtin_curves 3010*62c56f98SSadaf Ebrahimi 3011*62c56f98SSadaf Ebrahimi # Build 3012*62c56f98SSadaf Ebrahimi # ----- 3013*62c56f98SSadaf Ebrahimi 3014*62c56f98SSadaf Ebrahimi # Things we wanted supported in libtestdriver1, but not accelerated in the main library: 3015*62c56f98SSadaf Ebrahimi # SHA-1 and all SHA-2/3 variants, as they are used by ECDSA deterministic. 3016*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 3017*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 3018*62c56f98SSadaf Ebrahimi 3019*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 3020*62c56f98SSadaf Ebrahimi 3021*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" 3022*62c56f98SSadaf Ebrahimi 3023*62c56f98SSadaf Ebrahimi # Make sure any built-in EC alg was not re-enabled by accident (additive config) 3024*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa_ library/ecdsa.o 3025*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdh_ library/ecdh.o 3026*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake_ library/ecjpake.o 3027*62c56f98SSadaf Ebrahimi # Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled 3028*62c56f98SSadaf Ebrahimi not grep mbedtls_ecp_ library/ecp.o 3029*62c56f98SSadaf Ebrahimi not grep mbedtls_rsa_ library/rsa.o 3030*62c56f98SSadaf Ebrahimi not grep mbedtls_mpi_ library/bignum.o 3031*62c56f98SSadaf Ebrahimi not grep mbedtls_dhm_ library/dhm.o 3032*62c56f98SSadaf Ebrahimi 3033*62c56f98SSadaf Ebrahimi # Run the tests 3034*62c56f98SSadaf Ebrahimi # ------------- 3035*62c56f98SSadaf Ebrahimi 3036*62c56f98SSadaf Ebrahimi msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM" 3037*62c56f98SSadaf Ebrahimi 3038*62c56f98SSadaf Ebrahimi make test 3039*62c56f98SSadaf Ebrahimi 3040*62c56f98SSadaf Ebrahimi msg "ssl-opt: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM" 3041*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 3042*62c56f98SSadaf Ebrahimi} 3043*62c56f98SSadaf Ebrahimi 3044*62c56f98SSadaf Ebrahimi# Common helper used by: 3045*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_reference_ecc_no_bignum 3046*62c56f98SSadaf Ebrahimi# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum 3047*62c56f98SSadaf Ebrahimi# 3048*62c56f98SSadaf Ebrahimi# The goal is to build and test a reference scenario (i.e. with builtin 3049*62c56f98SSadaf Ebrahimi# components) compared to the ones used in 3050*62c56f98SSadaf Ebrahimi# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() above. 3051*62c56f98SSadaf Ebrahimi# 3052*62c56f98SSadaf Ebrahimi# It is meant to be used in conjunction with 3053*62c56f98SSadaf Ebrahimi# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() for drivers' 3054*62c56f98SSadaf Ebrahimi# coverage analysis in "analyze_outcomes.py" script. 3055*62c56f98SSadaf Ebrahimicommon_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { 3056*62c56f98SSadaf Ebrahimi test_target="$1" 3057*62c56f98SSadaf Ebrahimi 3058*62c56f98SSadaf Ebrahimi # This is an internal helper to simplify text message handling 3059*62c56f98SSadaf Ebrahimi if [ "$test_target" = "ECC_DH" ]; then 3060*62c56f98SSadaf Ebrahimi accel_text="ECC/FFDH" 3061*62c56f98SSadaf Ebrahimi else 3062*62c56f98SSadaf Ebrahimi accel_text="ECC" 3063*62c56f98SSadaf Ebrahimi fi 3064*62c56f98SSadaf Ebrahimi 3065*62c56f98SSadaf Ebrahimi msg "build: full + non accelerated $accel_text algs + USE_PSA" 3066*62c56f98SSadaf Ebrahimi 3067*62c56f98SSadaf Ebrahimi config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$test_target" 3068*62c56f98SSadaf Ebrahimi 3069*62c56f98SSadaf Ebrahimi make 3070*62c56f98SSadaf Ebrahimi 3071*62c56f98SSadaf Ebrahimi msg "test suites: full + non accelerated EC algs + USE_PSA" 3072*62c56f98SSadaf Ebrahimi make test 3073*62c56f98SSadaf Ebrahimi 3074*62c56f98SSadaf Ebrahimi msg "ssl-opt: full + non accelerated $accel_text algs + USE_PSA" 3075*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 3076*62c56f98SSadaf Ebrahimi} 3077*62c56f98SSadaf Ebrahimi 3078*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_no_bignum () { 3079*62c56f98SSadaf Ebrahimi common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC" 3080*62c56f98SSadaf Ebrahimi} 3081*62c56f98SSadaf Ebrahimi 3082*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_reference_ecc_no_bignum () { 3083*62c56f98SSadaf Ebrahimi common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC" 3084*62c56f98SSadaf Ebrahimi} 3085*62c56f98SSadaf Ebrahimi 3086*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { 3087*62c56f98SSadaf Ebrahimi common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC_DH" 3088*62c56f98SSadaf Ebrahimi} 3089*62c56f98SSadaf Ebrahimi 3090*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { 3091*62c56f98SSadaf Ebrahimi common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC_DH" 3092*62c56f98SSadaf Ebrahimi} 3093*62c56f98SSadaf Ebrahimi 3094*62c56f98SSadaf Ebrahimi# Helper for setting common configurations between: 3095*62c56f98SSadaf Ebrahimi# - component_test_tfm_config_p256m_driver_accel_ec() 3096*62c56f98SSadaf Ebrahimi# - component_test_tfm_config() 3097*62c56f98SSadaf Ebrahimicommon_tfm_config () { 3098*62c56f98SSadaf Ebrahimi # Enable TF-M config 3099*62c56f98SSadaf Ebrahimi cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" 3100*62c56f98SSadaf Ebrahimi cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" 3101*62c56f98SSadaf Ebrahimi 3102*62c56f98SSadaf Ebrahimi # Adjust for the fact that we're building outside the TF-M environment. 3103*62c56f98SSadaf Ebrahimi # 3104*62c56f98SSadaf Ebrahimi # TF-M has separation, our build doesn't 3105*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_SPM 3106*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 3107*62c56f98SSadaf Ebrahimi # TF-M provdes its own (dummy) implemenation, from their tree 3108*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_DECRYPT_ALT 3109*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_SETKEY_DEC_ALT 3110*62c56f98SSadaf Ebrahimi # We have an OS that provides entropy, use it 3111*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_NO_PLATFORM_ENTROPY 3112*62c56f98SSadaf Ebrahimi 3113*62c56f98SSadaf Ebrahimi # Other config adjustments to make the tests pass. 3114*62c56f98SSadaf Ebrahimi # Those should probably be adopted upstream. 3115*62c56f98SSadaf Ebrahimi # 3116*62c56f98SSadaf Ebrahimi # - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS 3117*62c56f98SSadaf Ebrahimi echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H" 3118*62c56f98SSadaf Ebrahimi # pkparse.c and pkwrite.c fail to link without this 3119*62c56f98SSadaf Ebrahimi echo "#define MBEDTLS_OID_C" >> "$CONFIG_H" 3120*62c56f98SSadaf Ebrahimi # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite 3121*62c56f98SSadaf Ebrahimi echo "#define MBEDTLS_ASN1_PARSE_C" >> "$CONFIG_H" 3122*62c56f98SSadaf Ebrahimi echo "#define MBEDTLS_ASN1_WRITE_C" >> "$CONFIG_H" 3123*62c56f98SSadaf Ebrahimi # - MD_C for HKDF_C 3124*62c56f98SSadaf Ebrahimi echo "#define MBEDTLS_MD_C" >> "$CONFIG_H" 3125*62c56f98SSadaf Ebrahimi 3126*62c56f98SSadaf Ebrahimi # Config adjustments for better test coverage in our environment. 3127*62c56f98SSadaf Ebrahimi # These are not needed just to build and pass tests. 3128*62c56f98SSadaf Ebrahimi # 3129*62c56f98SSadaf Ebrahimi # Enable filesystem I/O for the benefit of PK parse/write tests. 3130*62c56f98SSadaf Ebrahimi echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H" 3131*62c56f98SSadaf Ebrahimi # Disable this for maximal ASan efficiency 3132*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C 3133*62c56f98SSadaf Ebrahimi 3134*62c56f98SSadaf Ebrahimi # Config adjustments for features that are not supported 3135*62c56f98SSadaf Ebrahimi # when using only drivers / by p256-m 3136*62c56f98SSadaf Ebrahimi # 3137*62c56f98SSadaf Ebrahimi # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) 3138*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 3139*62c56f98SSadaf Ebrahimi # Disable deterministic ECDSA as p256-m only does randomized 3140*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA 3141*62c56f98SSadaf Ebrahimi 3142*62c56f98SSadaf Ebrahimi} 3143*62c56f98SSadaf Ebrahimi 3144*62c56f98SSadaf Ebrahimi# Keep this in sync with component_test_tfm_config() as they are both meant 3145*62c56f98SSadaf Ebrahimi# to be used in analyze_outcomes.py for driver's coverage analysis. 3146*62c56f98SSadaf Ebrahimicomponent_test_tfm_config_p256m_driver_accel_ec () { 3147*62c56f98SSadaf Ebrahimi msg "build: TF-M config + p256m driver + accel ECDH(E)/ECDSA" 3148*62c56f98SSadaf Ebrahimi 3149*62c56f98SSadaf Ebrahimi common_tfm_config 3150*62c56f98SSadaf Ebrahimi 3151*62c56f98SSadaf Ebrahimi # Build crypto library specifying we want to use P256M code for EC operations 3152*62c56f98SSadaf Ebrahimi make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_PSA_P256M_DRIVER_ENABLED -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS" 3153*62c56f98SSadaf Ebrahimi 3154*62c56f98SSadaf Ebrahimi # Make sure any built-in EC alg was not re-enabled by accident (additive config) 3155*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdsa_ library/ecdsa.o 3156*62c56f98SSadaf Ebrahimi not grep mbedtls_ecdh_ library/ecdh.o 3157*62c56f98SSadaf Ebrahimi not grep mbedtls_ecjpake_ library/ecjpake.o 3158*62c56f98SSadaf Ebrahimi # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled 3159*62c56f98SSadaf Ebrahimi not grep mbedtls_ecp_ library/ecp.o 3160*62c56f98SSadaf Ebrahimi not grep mbedtls_rsa_ library/rsa.o 3161*62c56f98SSadaf Ebrahimi not grep mbedtls_dhm_ library/dhm.o 3162*62c56f98SSadaf Ebrahimi not grep mbedtls_mpi_ library/bignum.o 3163*62c56f98SSadaf Ebrahimi 3164*62c56f98SSadaf Ebrahimi # Run the tests 3165*62c56f98SSadaf Ebrahimi msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA" 3166*62c56f98SSadaf Ebrahimi make test 3167*62c56f98SSadaf Ebrahimi} 3168*62c56f98SSadaf Ebrahimi 3169*62c56f98SSadaf Ebrahimi# Keep this in sync with component_test_tfm_config_p256m_driver_accel_ec() as 3170*62c56f98SSadaf Ebrahimi# they are both meant to be used in analyze_outcomes.py for driver's coverage 3171*62c56f98SSadaf Ebrahimi# analysis. 3172*62c56f98SSadaf Ebrahimicomponent_test_tfm_config() { 3173*62c56f98SSadaf Ebrahimi common_tfm_config 3174*62c56f98SSadaf Ebrahimi 3175*62c56f98SSadaf Ebrahimi msg "build: TF-M config" 3176*62c56f98SSadaf Ebrahimi make CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' tests 3177*62c56f98SSadaf Ebrahimi 3178*62c56f98SSadaf Ebrahimi msg "test: TF-M config" 3179*62c56f98SSadaf Ebrahimi make test 3180*62c56f98SSadaf Ebrahimi} 3181*62c56f98SSadaf Ebrahimi 3182*62c56f98SSadaf Ebrahimi# Common helper for component_full_without_ecdhe_ecdsa() and 3183*62c56f98SSadaf Ebrahimi# component_full_without_ecdhe_ecdsa_and_tls13() which: 3184*62c56f98SSadaf Ebrahimi# - starts from the "full" configuration minus the list of symbols passed in 3185*62c56f98SSadaf Ebrahimi# as 1st parameter 3186*62c56f98SSadaf Ebrahimi# - build 3187*62c56f98SSadaf Ebrahimi# - test only TLS (i.e. test_suite_tls and ssl-opt) 3188*62c56f98SSadaf Ebrahimibuild_full_minus_something_and_test_tls () { 3189*62c56f98SSadaf Ebrahimi symbols_to_disable="$1" 3190*62c56f98SSadaf Ebrahimi 3191*62c56f98SSadaf Ebrahimi msg "build: full minus something, test TLS" 3192*62c56f98SSadaf Ebrahimi 3193*62c56f98SSadaf Ebrahimi scripts/config.py full 3194*62c56f98SSadaf Ebrahimi for sym in $symbols_to_disable; do 3195*62c56f98SSadaf Ebrahimi echo "Disabling $sym" 3196*62c56f98SSadaf Ebrahimi scripts/config.py unset $sym 3197*62c56f98SSadaf Ebrahimi done 3198*62c56f98SSadaf Ebrahimi 3199*62c56f98SSadaf Ebrahimi make 3200*62c56f98SSadaf Ebrahimi 3201*62c56f98SSadaf Ebrahimi msg "test: full minus something, test TLS" 3202*62c56f98SSadaf Ebrahimi ( cd tests; ./test_suite_ssl ) 3203*62c56f98SSadaf Ebrahimi 3204*62c56f98SSadaf Ebrahimi msg "ssl-opt: full minus something, test TLS" 3205*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 3206*62c56f98SSadaf Ebrahimi} 3207*62c56f98SSadaf Ebrahimi 3208*62c56f98SSadaf Ebrahimicomponent_full_without_ecdhe_ecdsa () { 3209*62c56f98SSadaf Ebrahimi build_full_minus_something_and_test_tls "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED" 3210*62c56f98SSadaf Ebrahimi} 3211*62c56f98SSadaf Ebrahimi 3212*62c56f98SSadaf Ebrahimicomponent_full_without_ecdhe_ecdsa_and_tls13 () { 3213*62c56f98SSadaf Ebrahimi build_full_minus_something_and_test_tls "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 3214*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_PROTO_TLS1_3" 3215*62c56f98SSadaf Ebrahimi} 3216*62c56f98SSadaf Ebrahimi 3217*62c56f98SSadaf Ebrahimi# This is an helper used by: 3218*62c56f98SSadaf Ebrahimi# - component_test_psa_ecc_key_pair_no_derive 3219*62c56f98SSadaf Ebrahimi# - component_test_psa_ecc_key_pair_no_generate 3220*62c56f98SSadaf Ebrahimi# The goal is to test with all PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy symbols 3221*62c56f98SSadaf Ebrahimi# enabled, but one. Input arguments are as follows: 3222*62c56f98SSadaf Ebrahimi# - $1 is the key type under test, i.e. ECC/RSA/DH 3223*62c56f98SSadaf Ebrahimi# - $2 is the key option to be unset (i.e. generate, derive, etc) 3224*62c56f98SSadaf Ebrahimibuild_and_test_psa_want_key_pair_partial() { 3225*62c56f98SSadaf Ebrahimi key_type=$1 3226*62c56f98SSadaf Ebrahimi unset_option=$2 3227*62c56f98SSadaf Ebrahimi disabled_psa_want="PSA_WANT_KEY_TYPE_${key_type}_KEY_PAIR_${unset_option}" 3228*62c56f98SSadaf Ebrahimi 3229*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" 3230*62c56f98SSadaf Ebrahimi scripts/config.py full 3231*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3232*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3233*62c56f98SSadaf Ebrahimi 3234*62c56f98SSadaf Ebrahimi # All the PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy are enabled by default in 3235*62c56f98SSadaf Ebrahimi # crypto_config.h so we just disable the one we don't want. 3236*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want" 3237*62c56f98SSadaf Ebrahimi 3238*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" 3239*62c56f98SSadaf Ebrahimi 3240*62c56f98SSadaf Ebrahimi msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" 3241*62c56f98SSadaf Ebrahimi make test 3242*62c56f98SSadaf Ebrahimi} 3243*62c56f98SSadaf Ebrahimi 3244*62c56f98SSadaf Ebrahimicomponent_test_psa_ecc_key_pair_no_derive() { 3245*62c56f98SSadaf Ebrahimi build_and_test_psa_want_key_pair_partial "ECC" "DERIVE" 3246*62c56f98SSadaf Ebrahimi} 3247*62c56f98SSadaf Ebrahimi 3248*62c56f98SSadaf Ebrahimicomponent_test_psa_ecc_key_pair_no_generate() { 3249*62c56f98SSadaf Ebrahimi build_and_test_psa_want_key_pair_partial "ECC" "GENERATE" 3250*62c56f98SSadaf Ebrahimi} 3251*62c56f98SSadaf Ebrahimi 3252*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_rsa_signature () { 3253*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" 3254*62c56f98SSadaf Ebrahimi 3255*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" 3256*62c56f98SSadaf Ebrahimi 3257*62c56f98SSadaf Ebrahimi # Configure 3258*62c56f98SSadaf Ebrahimi # --------- 3259*62c56f98SSadaf Ebrahimi 3260*62c56f98SSadaf Ebrahimi # Start from default config (no TLS 1.3, no USE_PSA) 3261*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 3262*62c56f98SSadaf Ebrahimi 3263*62c56f98SSadaf Ebrahimi # It seems it is not possible to remove only the support for RSA signature 3264*62c56f98SSadaf Ebrahimi # in the library. Thus we have to remove all RSA support (signature and 3265*62c56f98SSadaf Ebrahimi # encryption/decryption). AS there is no driver support for asymmetric 3266*62c56f98SSadaf Ebrahimi # encryption/decryption so far remove RSA encryption/decryption from the 3267*62c56f98SSadaf Ebrahimi # application algorithm list. 3268*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP 3269*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 3270*62c56f98SSadaf Ebrahimi 3271*62c56f98SSadaf Ebrahimi # Remove RSA support and its dependencies 3272*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RSA_C 3273*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V15 3274*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 3275*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 3276*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 3277*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 3278*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 3279*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 3280*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 3281*62c56f98SSadaf Ebrahimi 3282*62c56f98SSadaf Ebrahimi # Make sure both the library and the test library support the SHA hash 3283*62c56f98SSadaf Ebrahimi # algorithms and only those ones (SHA256 is included by default). That way: 3284*62c56f98SSadaf Ebrahimi # - the test library can compute the RSA signatures even in the case of a 3285*62c56f98SSadaf Ebrahimi # composite RSA signature algorithm based on a SHA hash (no other hash 3286*62c56f98SSadaf Ebrahimi # used in the unit tests). 3287*62c56f98SSadaf Ebrahimi # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is 3288*62c56f98SSadaf Ebrahimi # fulfilled as the hash SHA algorithm is supported by the library, and 3289*62c56f98SSadaf Ebrahimi # thus the tests are run, not skipped. 3290*62c56f98SSadaf Ebrahimi # - when testing a signature key with an algorithm wildcard built from 3291*62c56f98SSadaf Ebrahimi # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash 3292*62c56f98SSadaf Ebrahimi # algorithm based on the hashes supported by the library is also 3293*62c56f98SSadaf Ebrahimi # supported by the test library. 3294*62c56f98SSadaf Ebrahimi # Disable unwanted hashes here, we'll enable hashes we want in loc_extra_list. 3295*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3296*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160_C 3297*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MD5_C 3298*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RIPEMD160_C 3299*62c56f98SSadaf Ebrahimi 3300*62c56f98SSadaf Ebrahimi # We need PEM parsing in the test library as well to support the import 3301*62c56f98SSadaf Ebrahimi # of PEM encoded RSA keys. 3302*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_PEM_PARSE_C 3303*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_BASE64_C 3304*62c56f98SSadaf Ebrahimi 3305*62c56f98SSadaf Ebrahimi # Build 3306*62c56f98SSadaf Ebrahimi # ----- 3307*62c56f98SSadaf Ebrahimi 3308*62c56f98SSadaf Ebrahimi # These hashes are needed for some RSA-PSS signature tests. 3309*62c56f98SSadaf Ebrahimi loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 3310*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 3311*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" 3312*62c56f98SSadaf Ebrahimi 3313*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 3314*62c56f98SSadaf Ebrahimi 3315*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 3316*62c56f98SSadaf Ebrahimi not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o 3317*62c56f98SSadaf Ebrahimi not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o 3318*62c56f98SSadaf Ebrahimi 3319*62c56f98SSadaf Ebrahimi # Run the tests 3320*62c56f98SSadaf Ebrahimi # ------------- 3321*62c56f98SSadaf Ebrahimi 3322*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" 3323*62c56f98SSadaf Ebrahimi make test 3324*62c56f98SSadaf Ebrahimi} 3325*62c56f98SSadaf Ebrahimi 3326*62c56f98SSadaf Ebrahimi# This is a temporary test to verify that full RSA support is present even when 3327*62c56f98SSadaf Ebrahimi# only one single new symbols (PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) is defined. 3328*62c56f98SSadaf Ebrahimicomponent_test_new_psa_want_key_pair_symbol() { 3329*62c56f98SSadaf Ebrahimi msg "Build: crypto config - MBEDTLS_RSA_C + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" 3330*62c56f98SSadaf Ebrahimi 3331*62c56f98SSadaf Ebrahimi # Create a temporary output file unless there is already one set 3332*62c56f98SSadaf Ebrahimi if [ "$MBEDTLS_TEST_OUTCOME_FILE" ]; then 3333*62c56f98SSadaf Ebrahimi REMOVE_OUTCOME_ON_EXIT="no" 3334*62c56f98SSadaf Ebrahimi else 3335*62c56f98SSadaf Ebrahimi REMOVE_OUTCOME_ON_EXIT="yes" 3336*62c56f98SSadaf Ebrahimi MBEDTLS_TEST_OUTCOME_FILE="$PWD/out.csv" 3337*62c56f98SSadaf Ebrahimi export MBEDTLS_TEST_OUTCOME_FILE 3338*62c56f98SSadaf Ebrahimi fi 3339*62c56f98SSadaf Ebrahimi 3340*62c56f98SSadaf Ebrahimi # Start from crypto configuration 3341*62c56f98SSadaf Ebrahimi scripts/config.py crypto 3342*62c56f98SSadaf Ebrahimi 3343*62c56f98SSadaf Ebrahimi # Remove RSA support and its dependencies 3344*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V15 3345*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 3346*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 3347*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 3348*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 3349*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 3350*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 3351*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RSA_C 3352*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 3353*62c56f98SSadaf Ebrahimi 3354*62c56f98SSadaf Ebrahimi # Enable PSA support 3355*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG 3356*62c56f98SSadaf Ebrahimi 3357*62c56f98SSadaf Ebrahimi # Keep only PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC enabled in order to ensure 3358*62c56f98SSadaf Ebrahimi # that proper translations is done in crypto_legacy.h. 3359*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 3360*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 3361*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 3362*62c56f98SSadaf Ebrahimi 3363*62c56f98SSadaf Ebrahimi make 3364*62c56f98SSadaf Ebrahimi 3365*62c56f98SSadaf Ebrahimi msg "Test: crypto config - MBEDTLS_RSA_C + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" 3366*62c56f98SSadaf Ebrahimi make test 3367*62c56f98SSadaf Ebrahimi 3368*62c56f98SSadaf Ebrahimi # Parse only 1 relevant line from the outcome file, i.e. a test which is 3369*62c56f98SSadaf Ebrahimi # performing RSA signature. 3370*62c56f98SSadaf Ebrahimi msg "Verify that 'RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA)' is PASS" 3371*62c56f98SSadaf Ebrahimi cat $MBEDTLS_TEST_OUTCOME_FILE | grep 'RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA)' | grep -q "PASS" 3372*62c56f98SSadaf Ebrahimi 3373*62c56f98SSadaf Ebrahimi if [ "$REMOVE_OUTCOME_ON_EXIT" == "yes" ]; then 3374*62c56f98SSadaf Ebrahimi rm $MBEDTLS_TEST_OUTCOME_FILE 3375*62c56f98SSadaf Ebrahimi fi 3376*62c56f98SSadaf Ebrahimi} 3377*62c56f98SSadaf Ebrahimi 3378*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_hash () { 3379*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" 3380*62c56f98SSadaf Ebrahimi 3381*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \ 3382*62c56f98SSadaf Ebrahimi ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 3383*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 3384*62c56f98SSadaf Ebrahimi 3385*62c56f98SSadaf Ebrahimi # Configure 3386*62c56f98SSadaf Ebrahimi # --------- 3387*62c56f98SSadaf Ebrahimi 3388*62c56f98SSadaf Ebrahimi # Start from default config (no TLS 1.3, no USE_PSA) 3389*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 3390*62c56f98SSadaf Ebrahimi 3391*62c56f98SSadaf Ebrahimi # Disable the things that are being accelerated 3392*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MD5_C 3393*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RIPEMD160_C 3394*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA1_C 3395*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA224_C 3396*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_C 3397*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA384_C 3398*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_C 3399*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA3_C 3400*62c56f98SSadaf Ebrahimi 3401*62c56f98SSadaf Ebrahimi # Build 3402*62c56f98SSadaf Ebrahimi # ----- 3403*62c56f98SSadaf Ebrahimi 3404*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 3405*62c56f98SSadaf Ebrahimi 3406*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 3407*62c56f98SSadaf Ebrahimi 3408*62c56f98SSadaf Ebrahimi # There's a risk of something getting re-enabled via config_psa.h; 3409*62c56f98SSadaf Ebrahimi # make sure it did not happen. Note: it's OK for MD_C to be enabled. 3410*62c56f98SSadaf Ebrahimi not grep mbedtls_md5 library/md5.o 3411*62c56f98SSadaf Ebrahimi not grep mbedtls_sha1 library/sha1.o 3412*62c56f98SSadaf Ebrahimi not grep mbedtls_sha256 library/sha256.o 3413*62c56f98SSadaf Ebrahimi not grep mbedtls_sha512 library/sha512.o 3414*62c56f98SSadaf Ebrahimi not grep mbedtls_ripemd160 library/ripemd160.o 3415*62c56f98SSadaf Ebrahimi 3416*62c56f98SSadaf Ebrahimi # Run the tests 3417*62c56f98SSadaf Ebrahimi # ------------- 3418*62c56f98SSadaf Ebrahimi 3419*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" 3420*62c56f98SSadaf Ebrahimi make test 3421*62c56f98SSadaf Ebrahimi} 3422*62c56f98SSadaf Ebrahimi 3423*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_hash_keep_builtins () { 3424*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated+builtin hash" 3425*62c56f98SSadaf Ebrahimi # This component ensures that all the test cases for 3426*62c56f98SSadaf Ebrahimi # md_psa_dynamic_dispatch with legacy+driver in test_suite_md are run. 3427*62c56f98SSadaf Ebrahimi 3428*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \ 3429*62c56f98SSadaf Ebrahimi ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 3430*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 3431*62c56f98SSadaf Ebrahimi 3432*62c56f98SSadaf Ebrahimi # Start from default config (no TLS 1.3, no USE_PSA) 3433*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 3434*62c56f98SSadaf Ebrahimi 3435*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 3436*62c56f98SSadaf Ebrahimi 3437*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 3438*62c56f98SSadaf Ebrahimi 3439*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated+builtin hash" 3440*62c56f98SSadaf Ebrahimi make test 3441*62c56f98SSadaf Ebrahimi} 3442*62c56f98SSadaf Ebrahimi 3443*62c56f98SSadaf Ebrahimi# Auxiliary function to build config for hashes with and without drivers 3444*62c56f98SSadaf Ebrahimiconfig_psa_crypto_hash_use_psa () { 3445*62c56f98SSadaf Ebrahimi driver_only="$1" 3446*62c56f98SSadaf Ebrahimi # start with config full for maximum coverage (also enables USE_PSA) 3447*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "full" 3448*62c56f98SSadaf Ebrahimi if [ "$driver_only" -eq 1 ]; then 3449*62c56f98SSadaf Ebrahimi # disable the built-in implementation of hashes 3450*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MD5_C 3451*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_RIPEMD160_C 3452*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA1_C 3453*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA224_C 3454*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below 3455*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3456*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA384_C 3457*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_C 3458*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3459*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA3_C 3460*62c56f98SSadaf Ebrahimi fi 3461*62c56f98SSadaf Ebrahimi} 3462*62c56f98SSadaf Ebrahimi 3463*62c56f98SSadaf Ebrahimi# Note that component_test_psa_crypto_config_reference_hash_use_psa 3464*62c56f98SSadaf Ebrahimi# is related to this component and both components need to be kept in sync. 3465*62c56f98SSadaf Ebrahimi# For details please see comments for component_test_psa_crypto_config_reference_hash_use_psa. 3466*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_hash_use_psa () { 3467*62c56f98SSadaf Ebrahimi msg "test: full with accelerated hashes" 3468*62c56f98SSadaf Ebrahimi 3469*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \ 3470*62c56f98SSadaf Ebrahimi ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ 3471*62c56f98SSadaf Ebrahimi ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" 3472*62c56f98SSadaf Ebrahimi 3473*62c56f98SSadaf Ebrahimi # Configure 3474*62c56f98SSadaf Ebrahimi # --------- 3475*62c56f98SSadaf Ebrahimi 3476*62c56f98SSadaf Ebrahimi config_psa_crypto_hash_use_psa 1 3477*62c56f98SSadaf Ebrahimi 3478*62c56f98SSadaf Ebrahimi # Build 3479*62c56f98SSadaf Ebrahimi # ----- 3480*62c56f98SSadaf Ebrahimi 3481*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 3482*62c56f98SSadaf Ebrahimi 3483*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 3484*62c56f98SSadaf Ebrahimi 3485*62c56f98SSadaf Ebrahimi # There's a risk of something getting re-enabled via config_psa.h; 3486*62c56f98SSadaf Ebrahimi # make sure it did not happen. Note: it's OK for MD_C to be enabled. 3487*62c56f98SSadaf Ebrahimi not grep mbedtls_md5 library/md5.o 3488*62c56f98SSadaf Ebrahimi not grep mbedtls_sha1 library/sha1.o 3489*62c56f98SSadaf Ebrahimi not grep mbedtls_sha256 library/sha256.o 3490*62c56f98SSadaf Ebrahimi not grep mbedtls_sha512 library/sha512.o 3491*62c56f98SSadaf Ebrahimi not grep mbedtls_ripemd160 library/ripemd160.o 3492*62c56f98SSadaf Ebrahimi 3493*62c56f98SSadaf Ebrahimi # Run the tests 3494*62c56f98SSadaf Ebrahimi # ------------- 3495*62c56f98SSadaf Ebrahimi 3496*62c56f98SSadaf Ebrahimi msg "test: full with accelerated hashes" 3497*62c56f98SSadaf Ebrahimi make test 3498*62c56f98SSadaf Ebrahimi 3499*62c56f98SSadaf Ebrahimi # This is mostly useful so that we can later compare outcome files with 3500*62c56f98SSadaf Ebrahimi # the reference config in analyze_outcomes.py, to check that the 3501*62c56f98SSadaf Ebrahimi # dependency declarations in ssl-opt.sh and in TLS code are correct. 3502*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, full with accelerated hashes" 3503*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 3504*62c56f98SSadaf Ebrahimi 3505*62c56f98SSadaf Ebrahimi # This is to make sure all ciphersuites are exercised, but we don't need 3506*62c56f98SSadaf Ebrahimi # interop testing (besides, we already got some from ssl-opt.sh). 3507*62c56f98SSadaf Ebrahimi msg "test: compat.sh, full with accelerated hashes" 3508*62c56f98SSadaf Ebrahimi tests/compat.sh -p mbedTLS -V YES 3509*62c56f98SSadaf Ebrahimi} 3510*62c56f98SSadaf Ebrahimi 3511*62c56f98SSadaf Ebrahimi# This component provides reference configuration for test_psa_crypto_config_accel_hash_use_psa 3512*62c56f98SSadaf Ebrahimi# without accelerated hash. The outcome from both components are used by the analyze_outcomes.py 3513*62c56f98SSadaf Ebrahimi# script to find regression in test coverage when accelerated hash is used (tests and ssl-opt). 3514*62c56f98SSadaf Ebrahimi# Both components need to be kept in sync. 3515*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_reference_hash_use_psa() { 3516*62c56f98SSadaf Ebrahimi msg "test: full without accelerated hashes" 3517*62c56f98SSadaf Ebrahimi 3518*62c56f98SSadaf Ebrahimi config_psa_crypto_hash_use_psa 0 3519*62c56f98SSadaf Ebrahimi 3520*62c56f98SSadaf Ebrahimi make 3521*62c56f98SSadaf Ebrahimi 3522*62c56f98SSadaf Ebrahimi msg "test: full without accelerated hashes" 3523*62c56f98SSadaf Ebrahimi make test 3524*62c56f98SSadaf Ebrahimi 3525*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, full without accelerated hashes" 3526*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 3527*62c56f98SSadaf Ebrahimi} 3528*62c56f98SSadaf Ebrahimi 3529*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_cipher () { 3530*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" 3531*62c56f98SSadaf Ebrahimi 3532*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" 3533*62c56f98SSadaf Ebrahimi 3534*62c56f98SSadaf Ebrahimi # Configure 3535*62c56f98SSadaf Ebrahimi # --------- 3536*62c56f98SSadaf Ebrahimi 3537*62c56f98SSadaf Ebrahimi # Start from the default config (no TLS 1.3, no USE_PSA) 3538*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 3539*62c56f98SSadaf Ebrahimi 3540*62c56f98SSadaf Ebrahimi # There is no intended accelerator support for ALG CMAC. Therefore, asking 3541*62c56f98SSadaf Ebrahimi # for it in the build implies the inclusion of the Mbed TLS cipher 3542*62c56f98SSadaf Ebrahimi # operations. As we want to test here with cipher operations solely 3543*62c56f98SSadaf Ebrahimi # supported by accelerators, disabled this PSA configuration option. 3544*62c56f98SSadaf Ebrahimi # (Note: the same applies to STREAM_CIPHER and ECB_NO_PADDING, which are 3545*62c56f98SSadaf Ebrahimi # already disabled by helper_libtestdriver1_adjust_config above.) 3546*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC 3547*62c56f98SSadaf Ebrahimi 3548*62c56f98SSadaf Ebrahimi # Disable the things that are being accelerated 3549*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC 3550*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 3551*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR 3552*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_CFB 3553*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB 3554*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS 3555*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DES_C 3556*62c56f98SSadaf Ebrahimi 3557*62c56f98SSadaf Ebrahimi # Build 3558*62c56f98SSadaf Ebrahimi # ----- 3559*62c56f98SSadaf Ebrahimi 3560*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 3561*62c56f98SSadaf Ebrahimi 3562*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 3563*62c56f98SSadaf Ebrahimi 3564*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 3565*62c56f98SSadaf Ebrahimi not grep mbedtls_des* library/des.o 3566*62c56f98SSadaf Ebrahimi 3567*62c56f98SSadaf Ebrahimi # Run the tests 3568*62c56f98SSadaf Ebrahimi # ------------- 3569*62c56f98SSadaf Ebrahimi 3570*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" 3571*62c56f98SSadaf Ebrahimi make test 3572*62c56f98SSadaf Ebrahimi} 3573*62c56f98SSadaf Ebrahimi 3574*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_config_accel_aead () { 3575*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" 3576*62c56f98SSadaf Ebrahimi 3577*62c56f98SSadaf Ebrahimi loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" 3578*62c56f98SSadaf Ebrahimi 3579*62c56f98SSadaf Ebrahimi # Configure 3580*62c56f98SSadaf Ebrahimi # --------- 3581*62c56f98SSadaf Ebrahimi 3582*62c56f98SSadaf Ebrahimi # Start from default config (no TLS 1.3, no USE_PSA) 3583*62c56f98SSadaf Ebrahimi helper_libtestdriver1_adjust_config "default" 3584*62c56f98SSadaf Ebrahimi 3585*62c56f98SSadaf Ebrahimi # Disable things that are being accelerated 3586*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 3587*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CCM_C 3588*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 3589*62c56f98SSadaf Ebrahimi # Features that depend on AEAD 3590*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION 3591*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TICKET_C 3592*62c56f98SSadaf Ebrahimi 3593*62c56f98SSadaf Ebrahimi # Build 3594*62c56f98SSadaf Ebrahimi # ----- 3595*62c56f98SSadaf Ebrahimi 3596*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_drivers "$loc_accel_list" 3597*62c56f98SSadaf Ebrahimi 3598*62c56f98SSadaf Ebrahimi helper_libtestdriver1_make_main "$loc_accel_list" 3599*62c56f98SSadaf Ebrahimi 3600*62c56f98SSadaf Ebrahimi # Make sure this was not re-enabled by accident (additive config) 3601*62c56f98SSadaf Ebrahimi not grep mbedtls_ccm library/ccm.o 3602*62c56f98SSadaf Ebrahimi not grep mbedtls_gcm library/gcm.o 3603*62c56f98SSadaf Ebrahimi not grep mbedtls_chachapoly library/chachapoly.o 3604*62c56f98SSadaf Ebrahimi 3605*62c56f98SSadaf Ebrahimi # Run the tests 3606*62c56f98SSadaf Ebrahimi # ------------- 3607*62c56f98SSadaf Ebrahimi 3608*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" 3609*62c56f98SSadaf Ebrahimi make test 3610*62c56f98SSadaf Ebrahimi} 3611*62c56f98SSadaf Ebrahimi 3612*62c56f98SSadaf Ebrahimicomponent_test_aead_chachapoly_disabled() { 3613*62c56f98SSadaf Ebrahimi msg "build: full minus CHACHAPOLY" 3614*62c56f98SSadaf Ebrahimi scripts/config.py full 3615*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 3616*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 3617*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" 3618*62c56f98SSadaf Ebrahimi 3619*62c56f98SSadaf Ebrahimi msg "test: full minus CHACHAPOLY" 3620*62c56f98SSadaf Ebrahimi make test 3621*62c56f98SSadaf Ebrahimi} 3622*62c56f98SSadaf Ebrahimi 3623*62c56f98SSadaf Ebrahimicomponent_test_aead_only_ccm() { 3624*62c56f98SSadaf Ebrahimi msg "build: full minus CHACHAPOLY and GCM" 3625*62c56f98SSadaf Ebrahimi scripts/config.py full 3626*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CHACHAPOLY_C 3627*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_GCM_C 3628*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 3629*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM 3630*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" 3631*62c56f98SSadaf Ebrahimi 3632*62c56f98SSadaf Ebrahimi msg "test: full minus CHACHAPOLY and GCM" 3633*62c56f98SSadaf Ebrahimi make test 3634*62c56f98SSadaf Ebrahimi} 3635*62c56f98SSadaf Ebrahimi 3636*62c56f98SSadaf Ebrahimicomponent_test_ccm_aes_sha256() { 3637*62c56f98SSadaf Ebrahimi msg "build: CCM + AES + SHA256 configuration" 3638*62c56f98SSadaf Ebrahimi 3639*62c56f98SSadaf Ebrahimi cp "$CONFIG_TEST_DRIVER_H" "$CONFIG_H" 3640*62c56f98SSadaf Ebrahimi cp configs/crypto-config-ccm-aes-sha256.h "$CRYPTO_CONFIG_H" 3641*62c56f98SSadaf Ebrahimi 3642*62c56f98SSadaf Ebrahimi make CC=gcc 3643*62c56f98SSadaf Ebrahimi 3644*62c56f98SSadaf Ebrahimi msg "test: CCM + AES + SHA256 configuration" 3645*62c56f98SSadaf Ebrahimi make test 3646*62c56f98SSadaf Ebrahimi} 3647*62c56f98SSadaf Ebrahimi 3648*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator ECDH code is in place and ready to test. 3649*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_ecdh() { 3650*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C" 3651*62c56f98SSadaf Ebrahimi scripts/config.py full 3652*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3653*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3654*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 3655*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 3656*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 3657*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 3658*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 3659*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 3660*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3661*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3662*62c56f98SSadaf Ebrahimi} 3663*62c56f98SSadaf Ebrahimi 3664*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. 3665*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_hmac() { 3666*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HMAC" 3667*62c56f98SSadaf Ebrahimi scripts/config.py full 3668*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3669*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3670*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3671*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3672*62c56f98SSadaf Ebrahimi} 3673*62c56f98SSadaf Ebrahimi 3674*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. 3675*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_hkdf() { 3676*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C" 3677*62c56f98SSadaf Ebrahimi scripts/config.py full 3678*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3679*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3680*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HKDF_C 3681*62c56f98SSadaf Ebrahimi # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. 3682*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3683*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3684*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3685*62c56f98SSadaf Ebrahimi} 3686*62c56f98SSadaf Ebrahimi 3687*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. 3688*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_md5() { 3689*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD5 - other hashes" 3690*62c56f98SSadaf Ebrahimi scripts/config.py full 3691*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3692*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3693*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 3694*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 3695*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 3696*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 3697*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 3698*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 3699*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 3700*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 3701*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 3702*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3703*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3704*62c56f98SSadaf Ebrahimi} 3705*62c56f98SSadaf Ebrahimi 3706*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. 3707*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_ripemd160() { 3708*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RIPEMD160 - other hashes" 3709*62c56f98SSadaf Ebrahimi scripts/config.py full 3710*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3711*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3712*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3713*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 3714*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 3715*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 3716*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 3717*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 3718*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 3719*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 3720*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 3721*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3722*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3723*62c56f98SSadaf Ebrahimi} 3724*62c56f98SSadaf Ebrahimi 3725*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. 3726*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_sha1() { 3727*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_1 - other hashes" 3728*62c56f98SSadaf Ebrahimi scripts/config.py full 3729*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3730*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3731*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3732*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 3733*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 3734*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 3735*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 3736*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 3737*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 3738*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 3739*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 3740*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3741*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3742*62c56f98SSadaf Ebrahimi} 3743*62c56f98SSadaf Ebrahimi 3744*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. 3745*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_sha224() { 3746*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_224 - other hashes" 3747*62c56f98SSadaf Ebrahimi scripts/config.py full 3748*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3749*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3750*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3751*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 3752*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 3753*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 3754*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 3755*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 3756*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3757*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3758*62c56f98SSadaf Ebrahimi} 3759*62c56f98SSadaf Ebrahimi 3760*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. 3761*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_sha256() { 3762*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_256 - other hashes" 3763*62c56f98SSadaf Ebrahimi scripts/config.py full 3764*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3765*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3766*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3767*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 3768*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 3769*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 3770*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 3771*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 3772*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3773*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3774*62c56f98SSadaf Ebrahimi} 3775*62c56f98SSadaf Ebrahimi 3776*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. 3777*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_sha384() { 3778*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_384 - other hashes" 3779*62c56f98SSadaf Ebrahimi scripts/config.py full 3780*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3781*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3782*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3783*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 3784*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 3785*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 3786*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 3787*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 3788*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 3789*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 3790*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3791*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3792*62c56f98SSadaf Ebrahimi} 3793*62c56f98SSadaf Ebrahimi 3794*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. 3795*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_sha512() { 3796*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_512 - other hashes" 3797*62c56f98SSadaf Ebrahimi scripts/config.py full 3798*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3799*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3800*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 3801*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 3802*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 3803*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 3804*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 3805*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 3806*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 3807*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_C 3808*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_LMS_PRIVATE 3809*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3810*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3811*62c56f98SSadaf Ebrahimi} 3812*62c56f98SSadaf Ebrahimi 3813*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. 3814*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_rsa_pkcs1v15_crypt() { 3815*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" 3816*62c56f98SSadaf Ebrahimi scripts/config.py full 3817*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3818*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3819*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 3820*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN 3821*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP 3822*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS 3823*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3824*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3825*62c56f98SSadaf Ebrahimi} 3826*62c56f98SSadaf Ebrahimi 3827*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. 3828*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_rsa_pkcs1v15_sign() { 3829*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" 3830*62c56f98SSadaf Ebrahimi scripts/config.py full 3831*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3832*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3833*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 3834*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 3835*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP 3836*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS 3837*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3838*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3839*62c56f98SSadaf Ebrahimi} 3840*62c56f98SSadaf Ebrahimi 3841*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. 3842*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_rsa_oaep() { 3843*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" 3844*62c56f98SSadaf Ebrahimi scripts/config.py full 3845*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3846*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3847*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_OAEP 1 3848*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 3849*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN 3850*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS 3851*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3852*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3853*62c56f98SSadaf Ebrahimi} 3854*62c56f98SSadaf Ebrahimi 3855*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. 3856*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_alg_rsa_pss() { 3857*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" 3858*62c56f98SSadaf Ebrahimi scripts/config.py full 3859*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3860*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3861*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 3862*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 3863*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN 3864*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP 3865*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3866*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3867*62c56f98SSadaf Ebrahimi} 3868*62c56f98SSadaf Ebrahimi 3869*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. 3870*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_key_type_rsa_key_pair() { 3871*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_xxx + PSA_WANT_ALG_RSA_PSS" 3872*62c56f98SSadaf Ebrahimi scripts/config.py full 3873*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3874*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3875*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 3876*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 3877*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 3878*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 3879*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 3880*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3881*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3882*62c56f98SSadaf Ebrahimi} 3883*62c56f98SSadaf Ebrahimi 3884*62c56f98SSadaf Ebrahimi# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. 3885*62c56f98SSadaf Ebrahimicomponent_build_psa_accel_key_type_rsa_public_key() { 3886*62c56f98SSadaf Ebrahimi msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS" 3887*62c56f98SSadaf Ebrahimi scripts/config.py full 3888*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO 3889*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 3890*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 3891*62c56f98SSadaf Ebrahimi scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 3892*62c56f98SSadaf Ebrahimi # Need to define the correct symbol and include the test driver header path in order to build with the test driver 3893*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" 3894*62c56f98SSadaf Ebrahimi} 3895*62c56f98SSadaf Ebrahimi 3896*62c56f98SSadaf Ebrahimi 3897*62c56f98SSadaf Ebrahimisupport_build_tfm_armcc () { 3898*62c56f98SSadaf Ebrahimi armc6_cc="$ARMC6_BIN_DIR/armclang" 3899*62c56f98SSadaf Ebrahimi (check_tools "$armc6_cc" > /dev/null 2>&1) 3900*62c56f98SSadaf Ebrahimi} 3901*62c56f98SSadaf Ebrahimi 3902*62c56f98SSadaf Ebrahimicomponent_build_tfm_armcc() { 3903*62c56f98SSadaf Ebrahimi # test the TF-M configuration can build cleanly with various warning flags enabled 3904*62c56f98SSadaf Ebrahimi cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" 3905*62c56f98SSadaf Ebrahimi cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" 3906*62c56f98SSadaf Ebrahimi 3907*62c56f98SSadaf Ebrahimi msg "build: TF-M config, armclang armv7-m thumb2" 3908*62c56f98SSadaf Ebrahimi make clean 3909*62c56f98SSadaf Ebrahimi armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" 3910*62c56f98SSadaf Ebrahimi} 3911*62c56f98SSadaf Ebrahimi 3912*62c56f98SSadaf Ebrahimicomponent_build_tfm() { 3913*62c56f98SSadaf Ebrahimi # test the TF-M configuration can build cleanly with various warning flags enabled 3914*62c56f98SSadaf Ebrahimi cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" 3915*62c56f98SSadaf Ebrahimi cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" 3916*62c56f98SSadaf Ebrahimi 3917*62c56f98SSadaf Ebrahimi msg "build: TF-M config, clang, armv7-m thumb2" 3918*62c56f98SSadaf Ebrahimi make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" 3919*62c56f98SSadaf Ebrahimi 3920*62c56f98SSadaf Ebrahimi msg "build: TF-M config, gcc native build" 3921*62c56f98SSadaf Ebrahimi make clean 3922*62c56f98SSadaf Ebrahimi make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" 3923*62c56f98SSadaf Ebrahimi} 3924*62c56f98SSadaf Ebrahimi 3925*62c56f98SSadaf Ebrahimicomponent_build_aes_variations() { # ~45s 3926*62c56f98SSadaf Ebrahimi # aes.o has many #if defined(...) guards that intersect in complex ways. 3927*62c56f98SSadaf Ebrahimi # Test that all the combinations build cleanly. The most common issue is 3928*62c56f98SSadaf Ebrahimi # unused variables/functions, so ensure -Wunused is set. 3929*62c56f98SSadaf Ebrahimi 3930*62c56f98SSadaf Ebrahimi msg "build: aes.o for all combinations of relevant config options" 3931*62c56f98SSadaf Ebrahimi 3932*62c56f98SSadaf Ebrahimi for a in set unset; do 3933*62c56f98SSadaf Ebrahimi for b in set unset; do 3934*62c56f98SSadaf Ebrahimi for c in set unset; do 3935*62c56f98SSadaf Ebrahimi for d in set unset; do 3936*62c56f98SSadaf Ebrahimi for e in set unset; do 3937*62c56f98SSadaf Ebrahimi for f in set unset; do 3938*62c56f98SSadaf Ebrahimi for g in set unset; do 3939*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT 3940*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT 3941*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES 3942*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT 3943*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT 3944*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES 3945*62c56f98SSadaf Ebrahimi echo ./scripts/config.py $g MBEDTLS_PADLOCK_C 3946*62c56f98SSadaf Ebrahimi 3947*62c56f98SSadaf Ebrahimi ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT 3948*62c56f98SSadaf Ebrahimi ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT 3949*62c56f98SSadaf Ebrahimi ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES 3950*62c56f98SSadaf Ebrahimi ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT 3951*62c56f98SSadaf Ebrahimi ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT 3952*62c56f98SSadaf Ebrahimi ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES 3953*62c56f98SSadaf Ebrahimi ./scripts/config.py $g MBEDTLS_PADLOCK_C 3954*62c56f98SSadaf Ebrahimi 3955*62c56f98SSadaf Ebrahimi rm -f library/aes.o 3956*62c56f98SSadaf Ebrahimi make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" 3957*62c56f98SSadaf Ebrahimi done 3958*62c56f98SSadaf Ebrahimi done 3959*62c56f98SSadaf Ebrahimi done 3960*62c56f98SSadaf Ebrahimi done 3961*62c56f98SSadaf Ebrahimi done 3962*62c56f98SSadaf Ebrahimi done 3963*62c56f98SSadaf Ebrahimi done 3964*62c56f98SSadaf Ebrahimi} 3965*62c56f98SSadaf Ebrahimi 3966*62c56f98SSadaf Ebrahimicomponent_test_no_platform () { 3967*62c56f98SSadaf Ebrahimi # Full configuration build, without platform support, file IO and net sockets. 3968*62c56f98SSadaf Ebrahimi # This should catch missing mbedtls_printf definitions, and by disabling file 3969*62c56f98SSadaf Ebrahimi # IO, it should catch missing '#include <stdio.h>' 3970*62c56f98SSadaf Ebrahimi msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s 3971*62c56f98SSadaf Ebrahimi scripts/config.py full 3972*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_C 3973*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_NET_C 3974*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_MEMORY 3975*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT 3976*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT 3977*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT 3978*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_VSNPRINTF_ALT 3979*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT 3980*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT 3981*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_SETBUF_ALT 3982*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT 3983*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED 3984*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_FS_IO 3985*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C 3986*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C 3987*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C 3988*62c56f98SSadaf Ebrahimi # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, 3989*62c56f98SSadaf Ebrahimi # to re-enable platform integration features otherwise disabled in C99 builds 3990*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs 3991*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test 3992*62c56f98SSadaf Ebrahimi} 3993*62c56f98SSadaf Ebrahimi 3994*62c56f98SSadaf Ebrahimicomponent_build_no_std_function () { 3995*62c56f98SSadaf Ebrahimi # catch compile bugs in _uninit functions 3996*62c56f98SSadaf Ebrahimi msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s 3997*62c56f98SSadaf Ebrahimi scripts/config.py full 3998*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 3999*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED 4000*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT 4001*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check . 4002*62c56f98SSadaf Ebrahimi make 4003*62c56f98SSadaf Ebrahimi} 4004*62c56f98SSadaf Ebrahimi 4005*62c56f98SSadaf Ebrahimicomponent_build_no_ssl_srv () { 4006*62c56f98SSadaf Ebrahimi msg "build: full config except SSL server, make, gcc" # ~ 30s 4007*62c56f98SSadaf Ebrahimi scripts/config.py full 4008*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SRV_C 4009*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' 4010*62c56f98SSadaf Ebrahimi} 4011*62c56f98SSadaf Ebrahimi 4012*62c56f98SSadaf Ebrahimicomponent_build_no_ssl_cli () { 4013*62c56f98SSadaf Ebrahimi msg "build: full config except SSL client, make, gcc" # ~ 30s 4014*62c56f98SSadaf Ebrahimi scripts/config.py full 4015*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_CLI_C 4016*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' 4017*62c56f98SSadaf Ebrahimi} 4018*62c56f98SSadaf Ebrahimi 4019*62c56f98SSadaf Ebrahimicomponent_build_no_sockets () { 4020*62c56f98SSadaf Ebrahimi # Note, C99 compliance can also be tested with the sockets support disabled, 4021*62c56f98SSadaf Ebrahimi # as that requires a POSIX platform (which isn't the same as C99). 4022*62c56f98SSadaf Ebrahimi msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s 4023*62c56f98SSadaf Ebrahimi scripts/config.py full 4024*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. 4025*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux 4026*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -std=c99 -pedantic' lib 4027*62c56f98SSadaf Ebrahimi} 4028*62c56f98SSadaf Ebrahimi 4029*62c56f98SSadaf Ebrahimicomponent_test_memory_buffer_allocator_backtrace () { 4030*62c56f98SSadaf Ebrahimi msg "build: default config with memory buffer allocator and backtrace enabled" 4031*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 4032*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_MEMORY 4033*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MEMORY_BACKTRACE 4034*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MEMORY_DEBUG 4035*62c56f98SSadaf Ebrahimi CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release . 4036*62c56f98SSadaf Ebrahimi make 4037*62c56f98SSadaf Ebrahimi 4038*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" 4039*62c56f98SSadaf Ebrahimi make test 4040*62c56f98SSadaf Ebrahimi} 4041*62c56f98SSadaf Ebrahimi 4042*62c56f98SSadaf Ebrahimicomponent_test_memory_buffer_allocator () { 4043*62c56f98SSadaf Ebrahimi msg "build: default config with memory buffer allocator" 4044*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 4045*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_MEMORY 4046*62c56f98SSadaf Ebrahimi CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release . 4047*62c56f98SSadaf Ebrahimi make 4048*62c56f98SSadaf Ebrahimi 4049*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" 4050*62c56f98SSadaf Ebrahimi make test 4051*62c56f98SSadaf Ebrahimi 4052*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C" 4053*62c56f98SSadaf Ebrahimi # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out. 4054*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -e '^DTLS proxy' 4055*62c56f98SSadaf Ebrahimi} 4056*62c56f98SSadaf Ebrahimi 4057*62c56f98SSadaf Ebrahimicomponent_test_no_max_fragment_length () { 4058*62c56f98SSadaf Ebrahimi # Run max fragment length tests with MFL disabled 4059*62c56f98SSadaf Ebrahimi msg "build: default config except MFL extension (ASan build)" # ~ 30s 4060*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4061*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4062*62c56f98SSadaf Ebrahimi make 4063*62c56f98SSadaf Ebrahimi 4064*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, MFL-related tests" 4065*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "Max fragment length" 4066*62c56f98SSadaf Ebrahimi} 4067*62c56f98SSadaf Ebrahimi 4068*62c56f98SSadaf Ebrahimicomponent_test_asan_remove_peer_certificate () { 4069*62c56f98SSadaf Ebrahimi msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)" 4070*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 4071*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4072*62c56f98SSadaf Ebrahimi make 4073*62c56f98SSadaf Ebrahimi 4074*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" 4075*62c56f98SSadaf Ebrahimi make test 4076*62c56f98SSadaf Ebrahimi 4077*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" 4078*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4079*62c56f98SSadaf Ebrahimi 4080*62c56f98SSadaf Ebrahimi msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" 4081*62c56f98SSadaf Ebrahimi tests/compat.sh 4082*62c56f98SSadaf Ebrahimi 4083*62c56f98SSadaf Ebrahimi msg "test: context-info.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" 4084*62c56f98SSadaf Ebrahimi tests/context-info.sh 4085*62c56f98SSadaf Ebrahimi} 4086*62c56f98SSadaf Ebrahimi 4087*62c56f98SSadaf Ebrahimicomponent_test_no_max_fragment_length_small_ssl_out_content_len () { 4088*62c56f98SSadaf Ebrahimi msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)" 4089*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4090*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384 4091*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 4092*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4093*62c56f98SSadaf Ebrahimi make 4094*62c56f98SSadaf Ebrahimi 4095*62c56f98SSadaf Ebrahimi msg "test: MFL tests (disabled MFL extension case) & large packet tests" 4096*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "Max fragment length\|Large buffer" 4097*62c56f98SSadaf Ebrahimi 4098*62c56f98SSadaf Ebrahimi msg "test: context-info.sh (disabled MFL extension case)" 4099*62c56f98SSadaf Ebrahimi tests/context-info.sh 4100*62c56f98SSadaf Ebrahimi} 4101*62c56f98SSadaf Ebrahimi 4102*62c56f98SSadaf Ebrahimicomponent_test_variable_ssl_in_out_buffer_len () { 4103*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled (ASan build)" 4104*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 4105*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4106*62c56f98SSadaf Ebrahimi make 4107*62c56f98SSadaf Ebrahimi 4108*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled" 4109*62c56f98SSadaf Ebrahimi make test 4110*62c56f98SSadaf Ebrahimi 4111*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled" 4112*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4113*62c56f98SSadaf Ebrahimi 4114*62c56f98SSadaf Ebrahimi msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled" 4115*62c56f98SSadaf Ebrahimi tests/compat.sh 4116*62c56f98SSadaf Ebrahimi} 4117*62c56f98SSadaf Ebrahimi 4118*62c56f98SSadaf Ebrahimicomponent_test_dtls_cid_legacy () { 4119*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled (ASan build)" 4120*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1 4121*62c56f98SSadaf Ebrahimi 4122*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4123*62c56f98SSadaf Ebrahimi make 4124*62c56f98SSadaf Ebrahimi 4125*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy)" 4126*62c56f98SSadaf Ebrahimi make test 4127*62c56f98SSadaf Ebrahimi 4128*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled" 4129*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4130*62c56f98SSadaf Ebrahimi 4131*62c56f98SSadaf Ebrahimi msg "test: compat.sh, MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled" 4132*62c56f98SSadaf Ebrahimi tests/compat.sh 4133*62c56f98SSadaf Ebrahimi} 4134*62c56f98SSadaf Ebrahimi 4135*62c56f98SSadaf Ebrahimicomponent_test_ssl_alloc_buffer_and_mfl () { 4136*62c56f98SSadaf Ebrahimi msg "build: default config with memory buffer allocator and MFL extension" 4137*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C 4138*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_MEMORY 4139*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MEMORY_DEBUG 4140*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4141*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 4142*62c56f98SSadaf Ebrahimi CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release . 4143*62c56f98SSadaf Ebrahimi make 4144*62c56f98SSadaf Ebrahimi 4145*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH" 4146*62c56f98SSadaf Ebrahimi make test 4147*62c56f98SSadaf Ebrahimi 4148*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH" 4149*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "Handshake memory usage" 4150*62c56f98SSadaf Ebrahimi} 4151*62c56f98SSadaf Ebrahimi 4152*62c56f98SSadaf Ebrahimicomponent_test_when_no_ciphersuites_have_mac () { 4153*62c56f98SSadaf Ebrahimi msg "build: when no ciphersuites have MAC" 4154*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER 4155*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC 4156*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CMAC_C 4157*62c56f98SSadaf Ebrahimi make 4158*62c56f98SSadaf Ebrahimi 4159*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_SSL_SOME_MODES_USE_MAC" 4160*62c56f98SSadaf Ebrahimi make test 4161*62c56f98SSadaf Ebrahimi 4162*62c56f98SSadaf Ebrahimi msg "test ssl-opt.sh: !MBEDTLS_SSL_SOME_MODES_USE_MAC" 4163*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM' 4164*62c56f98SSadaf Ebrahimi} 4165*62c56f98SSadaf Ebrahimi 4166*62c56f98SSadaf Ebrahimicomponent_test_no_date_time () { 4167*62c56f98SSadaf Ebrahimi msg "build: default config without MBEDTLS_HAVE_TIME_DATE" 4168*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HAVE_TIME_DATE 4169*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check . 4170*62c56f98SSadaf Ebrahimi make 4171*62c56f98SSadaf Ebrahimi 4172*62c56f98SSadaf Ebrahimi msg "test: !MBEDTLS_HAVE_TIME_DATE - main suites" 4173*62c56f98SSadaf Ebrahimi make test 4174*62c56f98SSadaf Ebrahimi} 4175*62c56f98SSadaf Ebrahimi 4176*62c56f98SSadaf Ebrahimicomponent_test_platform_calloc_macro () { 4177*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" 4178*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_MEMORY 4179*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_CALLOC_MACRO calloc 4180*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PLATFORM_FREE_MACRO free 4181*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4182*62c56f98SSadaf Ebrahimi make 4183*62c56f98SSadaf Ebrahimi 4184*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" 4185*62c56f98SSadaf Ebrahimi make test 4186*62c56f98SSadaf Ebrahimi} 4187*62c56f98SSadaf Ebrahimi 4188*62c56f98SSadaf Ebrahimicomponent_test_malloc_0_null () { 4189*62c56f98SSadaf Ebrahimi msg "build: malloc(0) returns NULL (ASan+UBSan build)" 4190*62c56f98SSadaf Ebrahimi scripts/config.py full 4191*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" 4192*62c56f98SSadaf Ebrahimi 4193*62c56f98SSadaf Ebrahimi msg "test: malloc(0) returns NULL (ASan+UBSan build)" 4194*62c56f98SSadaf Ebrahimi make test 4195*62c56f98SSadaf Ebrahimi 4196*62c56f98SSadaf Ebrahimi msg "selftest: malloc(0) returns NULL (ASan+UBSan build)" 4197*62c56f98SSadaf Ebrahimi # Just the calloc selftest. "make test" ran the others as part of the 4198*62c56f98SSadaf Ebrahimi # test suites. 4199*62c56f98SSadaf Ebrahimi programs/test/selftest calloc 4200*62c56f98SSadaf Ebrahimi 4201*62c56f98SSadaf Ebrahimi msg "test ssl-opt.sh: malloc(0) returns NULL (ASan+UBSan build)" 4202*62c56f98SSadaf Ebrahimi # Run a subset of the tests. The choice is a balance between coverage 4203*62c56f98SSadaf Ebrahimi # and time (including time indirectly wasted due to flaky tests). 4204*62c56f98SSadaf Ebrahimi # The current choice is to skip tests whose description includes 4205*62c56f98SSadaf Ebrahimi # "proxy", which is an approximation of skipping tests that use the 4206*62c56f98SSadaf Ebrahimi # UDP proxy, which tend to be slower and flakier. 4207*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -e 'proxy' 4208*62c56f98SSadaf Ebrahimi} 4209*62c56f98SSadaf Ebrahimi 4210*62c56f98SSadaf Ebrahimisupport_test_aesni() { 4211*62c56f98SSadaf Ebrahimi # Check that gcc targets x86_64 (we can build AESNI), and check for 4212*62c56f98SSadaf Ebrahimi # AESNI support on the host (we can run AESNI). 4213*62c56f98SSadaf Ebrahimi # 4214*62c56f98SSadaf Ebrahimi # The name of this function is possibly slightly misleading, but needs to align 4215*62c56f98SSadaf Ebrahimi # with the name of the corresponding test, component_test_aesni. 4216*62c56f98SSadaf Ebrahimi # 4217*62c56f98SSadaf Ebrahimi # In principle 32-bit x86 can support AESNI, but our implementation does not 4218*62c56f98SSadaf Ebrahimi # support 32-bit x86, so we check for x86-64. 4219*62c56f98SSadaf Ebrahimi # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux 4220*62c56f98SSadaf Ebrahimi (gcc -v 2>&1 | grep Target | grep -q x86_64) && 4221*62c56f98SSadaf Ebrahimi [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] && 4222*62c56f98SSadaf Ebrahimi (lscpu | grep -qw aes) 4223*62c56f98SSadaf Ebrahimi} 4224*62c56f98SSadaf Ebrahimi 4225*62c56f98SSadaf Ebrahimicomponent_test_aesni () { # ~ 60s 4226*62c56f98SSadaf Ebrahimi # This tests the two AESNI implementations (intrinsics and assembly), and also the plain C 4227*62c56f98SSadaf Ebrahimi # fallback. It also tests the logic that is used to select which implementation(s) to build. 4228*62c56f98SSadaf Ebrahimi # 4229*62c56f98SSadaf Ebrahimi # This test does not require the host to have support for AESNI (if it doesn't, the run-time 4230*62c56f98SSadaf Ebrahimi # AESNI detection will fallback to the plain C implementation, so the tests will instead 4231*62c56f98SSadaf Ebrahimi # exercise the plain C impl). 4232*62c56f98SSadaf Ebrahimi 4233*62c56f98SSadaf Ebrahimi msg "build: default config with different AES implementations" 4234*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AESNI_C 4235*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY 4236*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_HAVE_ASM 4237*62c56f98SSadaf Ebrahimi 4238*62c56f98SSadaf Ebrahimi # test the intrinsics implementation 4239*62c56f98SSadaf Ebrahimi msg "AES tests, test intrinsics" 4240*62c56f98SSadaf Ebrahimi make clean 4241*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' 4242*62c56f98SSadaf Ebrahimi # check that we built intrinsics - this should be used by default when supported by the compiler 4243*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics" 4244*62c56f98SSadaf Ebrahimi 4245*62c56f98SSadaf Ebrahimi # test the asm implementation 4246*62c56f98SSadaf Ebrahimi msg "AES tests, test assembly" 4247*62c56f98SSadaf Ebrahimi make clean 4248*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' 4249*62c56f98SSadaf Ebrahimi # check that we built assembly - this should be built if the compiler does not support intrinsics 4250*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | grep "AESNI code" | grep -q "assembly" 4251*62c56f98SSadaf Ebrahimi 4252*62c56f98SSadaf Ebrahimi # test the plain C implementation 4253*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 4254*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY 4255*62c56f98SSadaf Ebrahimi msg "AES tests, plain C" 4256*62c56f98SSadaf Ebrahimi make clean 4257*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-O2 -Werror' 4258*62c56f98SSadaf Ebrahimi # check that there is no AESNI code present 4259*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | not grep -q "AESNI code" 4260*62c56f98SSadaf Ebrahimi not grep -q "AES note: using AESNI" ./programs/test/selftest 4261*62c56f98SSadaf Ebrahimi grep -q "AES note: built-in implementation." ./programs/test/selftest 4262*62c56f98SSadaf Ebrahimi 4263*62c56f98SSadaf Ebrahimi # test the intrinsics implementation 4264*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AESNI_C 4265*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY 4266*62c56f98SSadaf Ebrahimi msg "AES tests, test AESNI only" 4267*62c56f98SSadaf Ebrahimi make clean 4268*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' 4269*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | grep -q "AES note: using AESNI" 4270*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | not grep -q "AES note: built-in implementation." 4271*62c56f98SSadaf Ebrahimi grep -q "AES note: using AESNI" ./programs/test/selftest 4272*62c56f98SSadaf Ebrahimi not grep -q "AES note: built-in implementation." ./programs/test/selftest 4273*62c56f98SSadaf Ebrahimi} 4274*62c56f98SSadaf Ebrahimi 4275*62c56f98SSadaf Ebrahimi 4276*62c56f98SSadaf Ebrahimi 4277*62c56f98SSadaf Ebrahimisupport_test_aesni_m32() { 4278*62c56f98SSadaf Ebrahimi support_test_m32_o0 && (lscpu | grep -qw aes) 4279*62c56f98SSadaf Ebrahimi} 4280*62c56f98SSadaf Ebrahimi 4281*62c56f98SSadaf Ebrahimicomponent_test_aesni_m32 () { # ~ 60s 4282*62c56f98SSadaf Ebrahimi # This tests are duplicated from component_test_aesni for i386 target 4283*62c56f98SSadaf Ebrahimi # 4284*62c56f98SSadaf Ebrahimi # AESNI intrinsic code supports i386 and assembly code does not support it. 4285*62c56f98SSadaf Ebrahimi 4286*62c56f98SSadaf Ebrahimi msg "build: default config with different AES implementations" 4287*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AESNI_C 4288*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PADLOCK_C 4289*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY 4290*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_HAVE_ASM 4291*62c56f98SSadaf Ebrahimi 4292*62c56f98SSadaf Ebrahimi # test the intrinsics implementation 4293*62c56f98SSadaf Ebrahimi msg "AES tests, test intrinsics" 4294*62c56f98SSadaf Ebrahimi make clean 4295*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32' 4296*62c56f98SSadaf Ebrahimi # check that we built intrinsics - this should be used by default when supported by the compiler 4297*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics" 4298*62c56f98SSadaf Ebrahimi grep -q "AES note: using AESNI" ./programs/test/selftest 4299*62c56f98SSadaf Ebrahimi grep -q "AES note: built-in implementation." ./programs/test/selftest 4300*62c56f98SSadaf Ebrahimi grep -q "AES note: using VIA Padlock" ./programs/test/selftest 4301*62c56f98SSadaf Ebrahimi grep -q mbedtls_aesni_has_support ./programs/test/selftest 4302*62c56f98SSadaf Ebrahimi 4303*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AESNI_C 4304*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4305*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY 4306*62c56f98SSadaf Ebrahimi msg "AES tests, test AESNI only" 4307*62c56f98SSadaf Ebrahimi make clean 4308*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32' 4309*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | grep -q "AES note: using AESNI" 4310*62c56f98SSadaf Ebrahimi ./programs/test/selftest aes | not grep -q "AES note: built-in implementation." 4311*62c56f98SSadaf Ebrahimi grep -q "AES note: using AESNI" ./programs/test/selftest 4312*62c56f98SSadaf Ebrahimi not grep -q "AES note: built-in implementation." ./programs/test/selftest 4313*62c56f98SSadaf Ebrahimi not grep -q "AES note: using VIA Padlock" ./programs/test/selftest 4314*62c56f98SSadaf Ebrahimi not grep -q mbedtls_aesni_has_support ./programs/test/selftest 4315*62c56f98SSadaf Ebrahimi} 4316*62c56f98SSadaf Ebrahimi 4317*62c56f98SSadaf Ebrahimi# For timebeing, no aarch64 gcc available in CI and no arm64 CI node. 4318*62c56f98SSadaf Ebrahimicomponent_build_aes_aesce_armcc () { 4319*62c56f98SSadaf Ebrahimi msg "Build: AESCE test on arm64 platform without plain C." 4320*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4321*62c56f98SSadaf Ebrahimi 4322*62c56f98SSadaf Ebrahimi # armc[56] don't support SHA-512 intrinsics 4323*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 4324*62c56f98SSadaf Ebrahimi 4325*62c56f98SSadaf Ebrahimi # Stop armclang warning about feature detection for A64_CRYPTO. 4326*62c56f98SSadaf Ebrahimi # With this enabled, the library does build correctly under armclang, 4327*62c56f98SSadaf Ebrahimi # but in baremetal builds (as tested here), feature detection is 4328*62c56f98SSadaf Ebrahimi # unavailable, and the user is notified via a #warning. So enabling 4329*62c56f98SSadaf Ebrahimi # this feature would prevent us from building with -Werror on 4330*62c56f98SSadaf Ebrahimi # armclang. Tracked in #7198. 4331*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 4332*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_HAVE_ASM 4333*62c56f98SSadaf Ebrahimi 4334*62c56f98SSadaf Ebrahimi msg "AESCE, build with default configuration." 4335*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AESCE_C 4336*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY 4337*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" 4338*62c56f98SSadaf Ebrahimi 4339*62c56f98SSadaf Ebrahimi msg "AESCE, build AESCE only" 4340*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AESCE_C 4341*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY 4342*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" 4343*62c56f98SSadaf Ebrahimi} 4344*62c56f98SSadaf Ebrahimi 4345*62c56f98SSadaf Ebrahimi# For timebeing, no VIA Padlock platform available. 4346*62c56f98SSadaf Ebrahimicomponent_build_aes_via_padlock () { 4347*62c56f98SSadaf Ebrahimi 4348*62c56f98SSadaf Ebrahimi msg "AES:VIA PadLock, build with default configuration." 4349*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 4350*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PADLOCK_C 4351*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY 4352*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" 4353*62c56f98SSadaf Ebrahimi grep -q mbedtls_padlock_has_support ./programs/test/selftest 4354*62c56f98SSadaf Ebrahimi 4355*62c56f98SSadaf Ebrahimi} 4356*62c56f98SSadaf Ebrahimi 4357*62c56f98SSadaf Ebrahimisupport_build_aes_via_padlock_only () { 4358*62c56f98SSadaf Ebrahimi ( [ "$MBEDTLS_TEST_PLATFORM" == "Linux-x86_64" ] || \ 4359*62c56f98SSadaf Ebrahimi [ "$MBEDTLS_TEST_PLATFORM" == "Linux-amd64" ] ) && \ 4360*62c56f98SSadaf Ebrahimi [ "`dpkg --print-foreign-architectures`" == "i386" ] 4361*62c56f98SSadaf Ebrahimi} 4362*62c56f98SSadaf Ebrahimi 4363*62c56f98SSadaf Ebrahimisupport_build_aes_aesce_armcc () { 4364*62c56f98SSadaf Ebrahimi support_build_armcc 4365*62c56f98SSadaf Ebrahimi} 4366*62c56f98SSadaf Ebrahimi 4367*62c56f98SSadaf Ebrahimicomponent_test_aes_only_128_bit_keys () { 4368*62c56f98SSadaf Ebrahimi msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH" 4369*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 4370*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4371*62c56f98SSadaf Ebrahimi 4372*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra' 4373*62c56f98SSadaf Ebrahimi 4374*62c56f98SSadaf Ebrahimi msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH" 4375*62c56f98SSadaf Ebrahimi make test 4376*62c56f98SSadaf Ebrahimi} 4377*62c56f98SSadaf Ebrahimi 4378*62c56f98SSadaf Ebrahimicomponent_test_no_ctr_drbg_aes_only_128_bit_keys () { 4379*62c56f98SSadaf Ebrahimi msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH - CTR_DRBG_C" 4380*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 4381*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CTR_DRBG_C 4382*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4383*62c56f98SSadaf Ebrahimi 4384*62c56f98SSadaf Ebrahimi make CC=clang CFLAGS='-Werror -Wall -Wextra' 4385*62c56f98SSadaf Ebrahimi 4386*62c56f98SSadaf Ebrahimi msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - CTR_DRBG_C" 4387*62c56f98SSadaf Ebrahimi make test 4388*62c56f98SSadaf Ebrahimi} 4389*62c56f98SSadaf Ebrahimi 4390*62c56f98SSadaf Ebrahimicomponent_test_aes_only_128_bit_keys_have_builtins () { 4391*62c56f98SSadaf Ebrahimi msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" 4392*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 4393*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4394*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 4395*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESCE_C 4396*62c56f98SSadaf Ebrahimi 4397*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra' 4398*62c56f98SSadaf Ebrahimi 4399*62c56f98SSadaf Ebrahimi msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" 4400*62c56f98SSadaf Ebrahimi make test 4401*62c56f98SSadaf Ebrahimi 4402*62c56f98SSadaf Ebrahimi msg "selftest: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" 4403*62c56f98SSadaf Ebrahimi programs/test/selftest 4404*62c56f98SSadaf Ebrahimi} 4405*62c56f98SSadaf Ebrahimi 4406*62c56f98SSadaf Ebrahimicomponent_test_aes_fewer_tables () { 4407*62c56f98SSadaf Ebrahimi msg "build: default config with AES_FEWER_TABLES enabled" 4408*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_FEWER_TABLES 4409*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra' 4410*62c56f98SSadaf Ebrahimi 4411*62c56f98SSadaf Ebrahimi msg "test: AES_FEWER_TABLES" 4412*62c56f98SSadaf Ebrahimi make test 4413*62c56f98SSadaf Ebrahimi} 4414*62c56f98SSadaf Ebrahimi 4415*62c56f98SSadaf Ebrahimicomponent_test_aes_rom_tables () { 4416*62c56f98SSadaf Ebrahimi msg "build: default config with AES_ROM_TABLES enabled" 4417*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_ROM_TABLES 4418*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra' 4419*62c56f98SSadaf Ebrahimi 4420*62c56f98SSadaf Ebrahimi msg "test: AES_ROM_TABLES" 4421*62c56f98SSadaf Ebrahimi make test 4422*62c56f98SSadaf Ebrahimi} 4423*62c56f98SSadaf Ebrahimi 4424*62c56f98SSadaf Ebrahimicomponent_test_aes_fewer_tables_and_rom_tables () { 4425*62c56f98SSadaf Ebrahimi msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled" 4426*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_FEWER_TABLES 4427*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_AES_ROM_TABLES 4428*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra' 4429*62c56f98SSadaf Ebrahimi 4430*62c56f98SSadaf Ebrahimi msg "test: AES_FEWER_TABLES + AES_ROM_TABLES" 4431*62c56f98SSadaf Ebrahimi make test 4432*62c56f98SSadaf Ebrahimi} 4433*62c56f98SSadaf Ebrahimi 4434*62c56f98SSadaf Ebrahimicomponent_test_ctr_drbg_aes_256_sha_256 () { 4435*62c56f98SSadaf Ebrahimi msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" 4436*62c56f98SSadaf Ebrahimi scripts/config.py full 4437*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C 4438*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256 4439*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4440*62c56f98SSadaf Ebrahimi make 4441*62c56f98SSadaf Ebrahimi 4442*62c56f98SSadaf Ebrahimi msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" 4443*62c56f98SSadaf Ebrahimi make test 4444*62c56f98SSadaf Ebrahimi} 4445*62c56f98SSadaf Ebrahimi 4446*62c56f98SSadaf Ebrahimicomponent_test_ctr_drbg_aes_128_sha_512 () { 4447*62c56f98SSadaf Ebrahimi msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)" 4448*62c56f98SSadaf Ebrahimi scripts/config.py full 4449*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C 4450*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 4451*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4452*62c56f98SSadaf Ebrahimi make 4453*62c56f98SSadaf Ebrahimi 4454*62c56f98SSadaf Ebrahimi msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)" 4455*62c56f98SSadaf Ebrahimi make test 4456*62c56f98SSadaf Ebrahimi} 4457*62c56f98SSadaf Ebrahimi 4458*62c56f98SSadaf Ebrahimicomponent_test_ctr_drbg_aes_128_sha_256 () { 4459*62c56f98SSadaf Ebrahimi msg "build: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" 4460*62c56f98SSadaf Ebrahimi scripts/config.py full 4461*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C 4462*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 4463*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256 4464*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4465*62c56f98SSadaf Ebrahimi make 4466*62c56f98SSadaf Ebrahimi 4467*62c56f98SSadaf Ebrahimi msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" 4468*62c56f98SSadaf Ebrahimi make test 4469*62c56f98SSadaf Ebrahimi} 4470*62c56f98SSadaf Ebrahimi 4471*62c56f98SSadaf Ebrahimicomponent_test_se_default () { 4472*62c56f98SSadaf Ebrahimi msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C" 4473*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C 4474*62c56f98SSadaf Ebrahimi make CC=clang CFLAGS="$ASAN_CFLAGS -Os" LDFLAGS="$ASAN_CFLAGS" 4475*62c56f98SSadaf Ebrahimi 4476*62c56f98SSadaf Ebrahimi msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C" 4477*62c56f98SSadaf Ebrahimi make test 4478*62c56f98SSadaf Ebrahimi} 4479*62c56f98SSadaf Ebrahimi 4480*62c56f98SSadaf Ebrahimicomponent_test_psa_crypto_drivers () { 4481*62c56f98SSadaf Ebrahimi msg "build: full + test drivers dispatching to builtins" 4482*62c56f98SSadaf Ebrahimi scripts/config.py full 4483*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG 4484*62c56f98SSadaf Ebrahimi loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL" 4485*62c56f98SSadaf Ebrahimi loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" 4486*62c56f98SSadaf Ebrahimi loc_cflags="${loc_cflags} -I../tests/include -O2" 4487*62c56f98SSadaf Ebrahimi 4488*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" 4489*62c56f98SSadaf Ebrahimi 4490*62c56f98SSadaf Ebrahimi msg "test: full + test drivers dispatching to builtins" 4491*62c56f98SSadaf Ebrahimi make test 4492*62c56f98SSadaf Ebrahimi} 4493*62c56f98SSadaf Ebrahimi 4494*62c56f98SSadaf Ebrahimicomponent_test_make_shared () { 4495*62c56f98SSadaf Ebrahimi msg "build/test: make shared" # ~ 40s 4496*62c56f98SSadaf Ebrahimi make SHARED=1 all check 4497*62c56f98SSadaf Ebrahimi ldd programs/util/strerror | grep libmbedcrypto 4498*62c56f98SSadaf Ebrahimi programs/test/dlopen_demo.sh 4499*62c56f98SSadaf Ebrahimi} 4500*62c56f98SSadaf Ebrahimi 4501*62c56f98SSadaf Ebrahimicomponent_test_cmake_shared () { 4502*62c56f98SSadaf Ebrahimi msg "build/test: cmake shared" # ~ 2min 4503*62c56f98SSadaf Ebrahimi cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On . 4504*62c56f98SSadaf Ebrahimi make 4505*62c56f98SSadaf Ebrahimi ldd programs/util/strerror | grep libmbedcrypto 4506*62c56f98SSadaf Ebrahimi make test 4507*62c56f98SSadaf Ebrahimi programs/test/dlopen_demo.sh 4508*62c56f98SSadaf Ebrahimi} 4509*62c56f98SSadaf Ebrahimi 4510*62c56f98SSadaf Ebrahimitest_build_opt () { 4511*62c56f98SSadaf Ebrahimi info=$1 cc=$2; shift 2 4512*62c56f98SSadaf Ebrahimi $cc --version 4513*62c56f98SSadaf Ebrahimi for opt in "$@"; do 4514*62c56f98SSadaf Ebrahimi msg "build/test: $cc $opt, $info" # ~ 30s 4515*62c56f98SSadaf Ebrahimi make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" 4516*62c56f98SSadaf Ebrahimi # We're confident enough in compilers to not run _all_ the tests, 4517*62c56f98SSadaf Ebrahimi # but at least run the unit tests. In particular, runs with 4518*62c56f98SSadaf Ebrahimi # optimizations use inline assembly whereas runs with -O0 4519*62c56f98SSadaf Ebrahimi # skip inline assembly. 4520*62c56f98SSadaf Ebrahimi make test # ~30s 4521*62c56f98SSadaf Ebrahimi make clean 4522*62c56f98SSadaf Ebrahimi done 4523*62c56f98SSadaf Ebrahimi} 4524*62c56f98SSadaf Ebrahimi 4525*62c56f98SSadaf Ebrahimi# For FreeBSD we invoke the function by name so this condition is added 4526*62c56f98SSadaf Ebrahimi# to disable the existing test_clang_opt function for linux. 4527*62c56f98SSadaf Ebrahimiif [[ $(uname) != "Linux" ]]; then 4528*62c56f98SSadaf Ebrahimi component_test_clang_opt () { 4529*62c56f98SSadaf Ebrahimi scripts/config.py full 4530*62c56f98SSadaf Ebrahimi test_build_opt 'full config' clang -O0 -Os -O2 4531*62c56f98SSadaf Ebrahimi } 4532*62c56f98SSadaf Ebrahimifi 4533*62c56f98SSadaf Ebrahimi 4534*62c56f98SSadaf Ebrahimicomponent_test_clang_latest_opt () { 4535*62c56f98SSadaf Ebrahimi scripts/config.py full 4536*62c56f98SSadaf Ebrahimi test_build_opt 'full config' "$CLANG_LATEST" -O0 -Os -O2 4537*62c56f98SSadaf Ebrahimi} 4538*62c56f98SSadaf Ebrahimisupport_test_clang_latest_opt () { 4539*62c56f98SSadaf Ebrahimi type "$CLANG_LATEST" >/dev/null 2>/dev/null 4540*62c56f98SSadaf Ebrahimi} 4541*62c56f98SSadaf Ebrahimi 4542*62c56f98SSadaf Ebrahimicomponent_test_clang_earliest_opt () { 4543*62c56f98SSadaf Ebrahimi scripts/config.py full 4544*62c56f98SSadaf Ebrahimi test_build_opt 'full config' "$CLANG_EARLIEST" -O0 4545*62c56f98SSadaf Ebrahimi} 4546*62c56f98SSadaf Ebrahimisupport_test_clang_earliest_opt () { 4547*62c56f98SSadaf Ebrahimi type "$CLANG_EARLIEST" >/dev/null 2>/dev/null 4548*62c56f98SSadaf Ebrahimi} 4549*62c56f98SSadaf Ebrahimi 4550*62c56f98SSadaf Ebrahimicomponent_test_gcc_latest_opt () { 4551*62c56f98SSadaf Ebrahimi scripts/config.py full 4552*62c56f98SSadaf Ebrahimi test_build_opt 'full config' "$GCC_LATEST" -O0 -Os -O2 4553*62c56f98SSadaf Ebrahimi} 4554*62c56f98SSadaf Ebrahimisupport_test_gcc_latest_opt () { 4555*62c56f98SSadaf Ebrahimi type "$GCC_LATEST" >/dev/null 2>/dev/null 4556*62c56f98SSadaf Ebrahimi} 4557*62c56f98SSadaf Ebrahimi 4558*62c56f98SSadaf Ebrahimicomponent_test_gcc_earliest_opt () { 4559*62c56f98SSadaf Ebrahimi scripts/config.py full 4560*62c56f98SSadaf Ebrahimi test_build_opt 'full config' "$GCC_EARLIEST" -O0 4561*62c56f98SSadaf Ebrahimi} 4562*62c56f98SSadaf Ebrahimisupport_test_gcc_earliest_opt () { 4563*62c56f98SSadaf Ebrahimi type "$GCC_EARLIEST" >/dev/null 2>/dev/null 4564*62c56f98SSadaf Ebrahimi} 4565*62c56f98SSadaf Ebrahimi 4566*62c56f98SSadaf Ebrahimicomponent_build_mbedtls_config_file () { 4567*62c56f98SSadaf Ebrahimi msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s 4568*62c56f98SSadaf Ebrahimi scripts/config.py -w full_config.h full 4569*62c56f98SSadaf Ebrahimi echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" 4570*62c56f98SSadaf Ebrahimi make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" 4571*62c56f98SSadaf Ebrahimi # Make sure this feature is enabled. We'll disable it in the next phase. 4572*62c56f98SSadaf Ebrahimi programs/test/query_compile_time_config MBEDTLS_NIST_KW_C 4573*62c56f98SSadaf Ebrahimi make clean 4574*62c56f98SSadaf Ebrahimi 4575*62c56f98SSadaf Ebrahimi msg "build: make with MBEDTLS_CONFIG_FILE + MBEDTLS_USER_CONFIG_FILE" 4576*62c56f98SSadaf Ebrahimi # In the user config, disable one feature (for simplicity, pick a feature 4577*62c56f98SSadaf Ebrahimi # that nothing else depends on). 4578*62c56f98SSadaf Ebrahimi echo '#undef MBEDTLS_NIST_KW_C' >user_config.h 4579*62c56f98SSadaf Ebrahimi make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" 4580*62c56f98SSadaf Ebrahimi not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C 4581*62c56f98SSadaf Ebrahimi 4582*62c56f98SSadaf Ebrahimi rm -f user_config.h full_config.h 4583*62c56f98SSadaf Ebrahimi} 4584*62c56f98SSadaf Ebrahimi 4585*62c56f98SSadaf Ebrahimicomponent_build_psa_config_file () { 4586*62c56f98SSadaf Ebrahimi msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE" # ~40s 4587*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG 4588*62c56f98SSadaf Ebrahimi cp "$CRYPTO_CONFIG_H" psa_test_config.h 4589*62c56f98SSadaf Ebrahimi echo '#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H" 4590*62c56f98SSadaf Ebrahimi make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'" 4591*62c56f98SSadaf Ebrahimi # Make sure this feature is enabled. We'll disable it in the next phase. 4592*62c56f98SSadaf Ebrahimi programs/test/query_compile_time_config MBEDTLS_CMAC_C 4593*62c56f98SSadaf Ebrahimi make clean 4594*62c56f98SSadaf Ebrahimi 4595*62c56f98SSadaf Ebrahimi msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s 4596*62c56f98SSadaf Ebrahimi # In the user config, disable one feature, which will reflect on the 4597*62c56f98SSadaf Ebrahimi # mbedtls configuration so we can query it with query_compile_time_config. 4598*62c56f98SSadaf Ebrahimi echo '#undef PSA_WANT_ALG_CMAC' >psa_user_config.h 4599*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_CMAC_C 4600*62c56f98SSadaf Ebrahimi make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'" 4601*62c56f98SSadaf Ebrahimi not programs/test/query_compile_time_config MBEDTLS_CMAC_C 4602*62c56f98SSadaf Ebrahimi 4603*62c56f98SSadaf Ebrahimi rm -f psa_test_config.h psa_user_config.h 4604*62c56f98SSadaf Ebrahimi} 4605*62c56f98SSadaf Ebrahimi 4606*62c56f98SSadaf Ebrahimicomponent_build_psa_alt_headers () { 4607*62c56f98SSadaf Ebrahimi msg "build: make with PSA alt headers" # ~20s 4608*62c56f98SSadaf Ebrahimi 4609*62c56f98SSadaf Ebrahimi # Generate alternative versions of the substitutable headers with the 4610*62c56f98SSadaf Ebrahimi # same content except different include guards. 4611*62c56f98SSadaf Ebrahimi make -C tests include/alt-extra/psa/crypto_platform_alt.h include/alt-extra/psa/crypto_struct_alt.h 4612*62c56f98SSadaf Ebrahimi 4613*62c56f98SSadaf Ebrahimi # Build the library and some programs. 4614*62c56f98SSadaf Ebrahimi # Don't build the fuzzers to avoid having to go through hoops to set 4615*62c56f98SSadaf Ebrahimi # a correct include path for programs/fuzz/Makefile. 4616*62c56f98SSadaf Ebrahimi make CFLAGS="-I ../tests/include/alt-extra -DMBEDTLS_PSA_CRYPTO_PLATFORM_FILE='\"psa/crypto_platform_alt.h\"' -DMBEDTLS_PSA_CRYPTO_STRUCT_FILE='\"psa/crypto_struct_alt.h\"'" lib 4617*62c56f98SSadaf Ebrahimi make -C programs -o fuzz CFLAGS="-I ../tests/include/alt-extra -DMBEDTLS_PSA_CRYPTO_PLATFORM_FILE='\"psa/crypto_platform_alt.h\"' -DMBEDTLS_PSA_CRYPTO_STRUCT_FILE='\"psa/crypto_struct_alt.h\"'" 4618*62c56f98SSadaf Ebrahimi 4619*62c56f98SSadaf Ebrahimi # Check that we're getting the alternative include guards and not the 4620*62c56f98SSadaf Ebrahimi # original include guards. 4621*62c56f98SSadaf Ebrahimi programs/test/query_included_headers | grep -x PSA_CRYPTO_PLATFORM_ALT_H 4622*62c56f98SSadaf Ebrahimi programs/test/query_included_headers | grep -x PSA_CRYPTO_STRUCT_ALT_H 4623*62c56f98SSadaf Ebrahimi programs/test/query_included_headers | not grep -x PSA_CRYPTO_PLATFORM_H 4624*62c56f98SSadaf Ebrahimi programs/test/query_included_headers | not grep -x PSA_CRYPTO_STRUCT_H 4625*62c56f98SSadaf Ebrahimi} 4626*62c56f98SSadaf Ebrahimi 4627*62c56f98SSadaf Ebrahimicomponent_test_m32_o0 () { 4628*62c56f98SSadaf Ebrahimi # Build without optimization, so as to use portable C code (in a 32-bit 4629*62c56f98SSadaf Ebrahimi # build) and not the i386-specific inline assembly. 4630*62c56f98SSadaf Ebrahimi msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s 4631*62c56f98SSadaf Ebrahimi scripts/config.py full 4632*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers 4633*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" 4634*62c56f98SSadaf Ebrahimi 4635*62c56f98SSadaf Ebrahimi msg "test: i386, make, gcc -O0 (ASan build)" 4636*62c56f98SSadaf Ebrahimi make test 4637*62c56f98SSadaf Ebrahimi} 4638*62c56f98SSadaf Ebrahimisupport_test_m32_o0 () { 4639*62c56f98SSadaf Ebrahimi case $(uname -m) in 4640*62c56f98SSadaf Ebrahimi amd64|x86_64) true;; 4641*62c56f98SSadaf Ebrahimi *) false;; 4642*62c56f98SSadaf Ebrahimi esac 4643*62c56f98SSadaf Ebrahimi} 4644*62c56f98SSadaf Ebrahimi 4645*62c56f98SSadaf Ebrahimicomponent_test_m32_o2 () { 4646*62c56f98SSadaf Ebrahimi # Build with optimization, to use the i386 specific inline assembly 4647*62c56f98SSadaf Ebrahimi # and go faster for tests. 4648*62c56f98SSadaf Ebrahimi msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s 4649*62c56f98SSadaf Ebrahimi scripts/config.py full 4650*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers 4651*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" 4652*62c56f98SSadaf Ebrahimi 4653*62c56f98SSadaf Ebrahimi msg "test: i386, make, gcc -O2 (ASan build)" 4654*62c56f98SSadaf Ebrahimi make test 4655*62c56f98SSadaf Ebrahimi 4656*62c56f98SSadaf Ebrahimi msg "test ssl-opt.sh, i386, make, gcc-O2" 4657*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4658*62c56f98SSadaf Ebrahimi} 4659*62c56f98SSadaf Ebrahimisupport_test_m32_o2 () { 4660*62c56f98SSadaf Ebrahimi support_test_m32_o0 "$@" 4661*62c56f98SSadaf Ebrahimi} 4662*62c56f98SSadaf Ebrahimi 4663*62c56f98SSadaf Ebrahimicomponent_test_m32_everest () { 4664*62c56f98SSadaf Ebrahimi msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min 4665*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 4666*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers 4667*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" 4668*62c56f98SSadaf Ebrahimi 4669*62c56f98SSadaf Ebrahimi msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s 4670*62c56f98SSadaf Ebrahimi make test 4671*62c56f98SSadaf Ebrahimi 4672*62c56f98SSadaf Ebrahimi msg "test: i386, Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s 4673*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f ECDH 4674*62c56f98SSadaf Ebrahimi 4675*62c56f98SSadaf Ebrahimi msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min 4676*62c56f98SSadaf Ebrahimi # Exclude some symmetric ciphers that are redundant here to gain time. 4677*62c56f98SSadaf Ebrahimi tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA' 4678*62c56f98SSadaf Ebrahimi} 4679*62c56f98SSadaf Ebrahimisupport_test_m32_everest () { 4680*62c56f98SSadaf Ebrahimi support_test_m32_o0 "$@" 4681*62c56f98SSadaf Ebrahimi} 4682*62c56f98SSadaf Ebrahimi 4683*62c56f98SSadaf Ebrahimicomponent_test_mx32 () { 4684*62c56f98SSadaf Ebrahimi msg "build: 64-bit ILP32, make, gcc" # ~ 30s 4685*62c56f98SSadaf Ebrahimi scripts/config.py full 4686*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' 4687*62c56f98SSadaf Ebrahimi 4688*62c56f98SSadaf Ebrahimi msg "test: 64-bit ILP32, make, gcc" 4689*62c56f98SSadaf Ebrahimi make test 4690*62c56f98SSadaf Ebrahimi} 4691*62c56f98SSadaf Ebrahimisupport_test_mx32 () { 4692*62c56f98SSadaf Ebrahimi case $(uname -m) in 4693*62c56f98SSadaf Ebrahimi amd64|x86_64) true;; 4694*62c56f98SSadaf Ebrahimi *) false;; 4695*62c56f98SSadaf Ebrahimi esac 4696*62c56f98SSadaf Ebrahimi} 4697*62c56f98SSadaf Ebrahimi 4698*62c56f98SSadaf Ebrahimicomponent_test_min_mpi_window_size () { 4699*62c56f98SSadaf Ebrahimi msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s 4700*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_MPI_WINDOW_SIZE 1 4701*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 4702*62c56f98SSadaf Ebrahimi make 4703*62c56f98SSadaf Ebrahimi 4704*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s 4705*62c56f98SSadaf Ebrahimi make test 4706*62c56f98SSadaf Ebrahimi} 4707*62c56f98SSadaf Ebrahimi 4708*62c56f98SSadaf Ebrahimicomponent_test_have_int32 () { 4709*62c56f98SSadaf Ebrahimi msg "build: gcc, force 32-bit bignum limbs" 4710*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HAVE_ASM 4711*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 4712*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4713*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESCE_C 4714*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' 4715*62c56f98SSadaf Ebrahimi 4716*62c56f98SSadaf Ebrahimi msg "test: gcc, force 32-bit bignum limbs" 4717*62c56f98SSadaf Ebrahimi make test 4718*62c56f98SSadaf Ebrahimi} 4719*62c56f98SSadaf Ebrahimi 4720*62c56f98SSadaf Ebrahimicomponent_test_have_int64 () { 4721*62c56f98SSadaf Ebrahimi msg "build: gcc, force 64-bit bignum limbs" 4722*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HAVE_ASM 4723*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 4724*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4725*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESCE_C 4726*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' 4727*62c56f98SSadaf Ebrahimi 4728*62c56f98SSadaf Ebrahimi msg "test: gcc, force 64-bit bignum limbs" 4729*62c56f98SSadaf Ebrahimi make test 4730*62c56f98SSadaf Ebrahimi} 4731*62c56f98SSadaf Ebrahimi 4732*62c56f98SSadaf Ebrahimicomponent_test_have_int32_cmake_new_bignum () { 4733*62c56f98SSadaf Ebrahimi msg "build: gcc, force 32-bit bignum limbs, new bignum interface, test hooks (ASan build)" 4734*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_HAVE_ASM 4735*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C 4736*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PADLOCK_C 4737*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESCE_C 4738*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_TEST_HOOKS 4739*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT 4740*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="$ASAN_CFLAGS -Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32" LDFLAGS="$ASAN_CFLAGS" 4741*62c56f98SSadaf Ebrahimi 4742*62c56f98SSadaf Ebrahimi msg "test: gcc, force 32-bit bignum limbs, new bignum interface, test hooks (ASan build)" 4743*62c56f98SSadaf Ebrahimi make test 4744*62c56f98SSadaf Ebrahimi} 4745*62c56f98SSadaf Ebrahimi 4746*62c56f98SSadaf Ebrahimicomponent_test_no_udbl_division () { 4747*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s 4748*62c56f98SSadaf Ebrahimi scripts/config.py full 4749*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_NO_UDBL_DIVISION 4750*62c56f98SSadaf Ebrahimi make CFLAGS='-Werror -O1' 4751*62c56f98SSadaf Ebrahimi 4752*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s 4753*62c56f98SSadaf Ebrahimi make test 4754*62c56f98SSadaf Ebrahimi} 4755*62c56f98SSadaf Ebrahimi 4756*62c56f98SSadaf Ebrahimicomponent_test_no_64bit_multiplication () { 4757*62c56f98SSadaf Ebrahimi msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s 4758*62c56f98SSadaf Ebrahimi scripts/config.py full 4759*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION 4760*62c56f98SSadaf Ebrahimi make CFLAGS='-Werror -O1' 4761*62c56f98SSadaf Ebrahimi 4762*62c56f98SSadaf Ebrahimi msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s 4763*62c56f98SSadaf Ebrahimi make test 4764*62c56f98SSadaf Ebrahimi} 4765*62c56f98SSadaf Ebrahimi 4766*62c56f98SSadaf Ebrahimicomponent_test_no_strings () { 4767*62c56f98SSadaf Ebrahimi msg "build: no strings" # ~10s 4768*62c56f98SSadaf Ebrahimi scripts/config.py full 4769*62c56f98SSadaf Ebrahimi # Disable options that activate a large amount of string constants. 4770*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DEBUG_C 4771*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ERROR_C 4772*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY 4773*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_VERSION_FEATURES 4774*62c56f98SSadaf Ebrahimi make CFLAGS='-Werror -Os' 4775*62c56f98SSadaf Ebrahimi 4776*62c56f98SSadaf Ebrahimi msg "test: no strings" # ~ 10s 4777*62c56f98SSadaf Ebrahimi make test 4778*62c56f98SSadaf Ebrahimi} 4779*62c56f98SSadaf Ebrahimi 4780*62c56f98SSadaf Ebrahimicomponent_test_no_x509_info () { 4781*62c56f98SSadaf Ebrahimi msg "build: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s 4782*62c56f98SSadaf Ebrahimi scripts/config.pl full 4783*62c56f98SSadaf Ebrahimi scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests 4784*62c56f98SSadaf Ebrahimi scripts/config.pl set MBEDTLS_X509_REMOVE_INFO 4785*62c56f98SSadaf Ebrahimi make CFLAGS='-Werror -O2' 4786*62c56f98SSadaf Ebrahimi 4787*62c56f98SSadaf Ebrahimi msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s 4788*62c56f98SSadaf Ebrahimi make test 4789*62c56f98SSadaf Ebrahimi 4790*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh, full + MBEDTLS_X509_REMOVE_INFO" # ~ 1 min 4791*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4792*62c56f98SSadaf Ebrahimi} 4793*62c56f98SSadaf Ebrahimi 4794*62c56f98SSadaf Ebrahimicomponent_build_arm_none_eabi_gcc () { 4795*62c56f98SSadaf Ebrahimi msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug" # ~ 10s 4796*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4797*62c56f98SSadaf Ebrahimi make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -O1' lib 4798*62c56f98SSadaf Ebrahimi 4799*62c56f98SSadaf Ebrahimi msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug" 4800*62c56f98SSadaf Ebrahimi ${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o 4801*62c56f98SSadaf Ebrahimi} 4802*62c56f98SSadaf Ebrahimi 4803*62c56f98SSadaf Ebrahimicomponent_build_arm_linux_gnueabi_gcc_arm5vte () { 4804*62c56f98SSadaf Ebrahimi msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte, baremetal+debug" # ~ 10s 4805*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4806*62c56f98SSadaf Ebrahimi # Build for a target platform that's close to what Debian uses 4807*62c56f98SSadaf Ebrahimi # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). 4808*62c56f98SSadaf Ebrahimi # See https://github.com/Mbed-TLS/mbedtls/pull/2169 and comments. 4809*62c56f98SSadaf Ebrahimi # Build everything including programs, see for example 4810*62c56f98SSadaf Ebrahimi # https://github.com/Mbed-TLS/mbedtls/pull/3449#issuecomment-675313720 4811*62c56f98SSadaf Ebrahimi make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' 4812*62c56f98SSadaf Ebrahimi 4813*62c56f98SSadaf Ebrahimi msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug" 4814*62c56f98SSadaf Ebrahimi ${ARM_LINUX_GNUEABI_GCC_PREFIX}size -t library/*.o 4815*62c56f98SSadaf Ebrahimi} 4816*62c56f98SSadaf Ebrahimisupport_build_arm_linux_gnueabi_gcc_arm5vte () { 4817*62c56f98SSadaf Ebrahimi type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1 4818*62c56f98SSadaf Ebrahimi} 4819*62c56f98SSadaf Ebrahimi 4820*62c56f98SSadaf Ebrahimicomponent_build_arm_none_eabi_gcc_arm5vte () { 4821*62c56f98SSadaf Ebrahimi msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte, baremetal+debug" # ~ 10s 4822*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4823*62c56f98SSadaf Ebrahimi # This is an imperfect substitute for 4824*62c56f98SSadaf Ebrahimi # component_build_arm_linux_gnueabi_gcc_arm5vte 4825*62c56f98SSadaf Ebrahimi # in case the gcc-arm-linux-gnueabi toolchain is not available 4826*62c56f98SSadaf Ebrahimi make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib 4827*62c56f98SSadaf Ebrahimi 4828*62c56f98SSadaf Ebrahimi msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug" 4829*62c56f98SSadaf Ebrahimi ${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o 4830*62c56f98SSadaf Ebrahimi} 4831*62c56f98SSadaf Ebrahimi 4832*62c56f98SSadaf Ebrahimicomponent_build_arm_none_eabi_gcc_m0plus () { 4833*62c56f98SSadaf Ebrahimi msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus, baremetal_size" # ~ 10s 4834*62c56f98SSadaf Ebrahimi scripts/config.py baremetal_size 4835*62c56f98SSadaf Ebrahimi make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib 4836*62c56f98SSadaf Ebrahimi 4837*62c56f98SSadaf Ebrahimi msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os, baremetal_size" 4838*62c56f98SSadaf Ebrahimi ${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o 4839*62c56f98SSadaf Ebrahimi for lib in library/*.a; do 4840*62c56f98SSadaf Ebrahimi echo "$lib:" 4841*62c56f98SSadaf Ebrahimi ${ARM_NONE_EABI_GCC_PREFIX}size -t $lib | grep TOTALS 4842*62c56f98SSadaf Ebrahimi done 4843*62c56f98SSadaf Ebrahimi} 4844*62c56f98SSadaf Ebrahimi 4845*62c56f98SSadaf Ebrahimicomponent_build_arm_none_eabi_gcc_no_udbl_division () { 4846*62c56f98SSadaf Ebrahimi msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s 4847*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4848*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_NO_UDBL_DIVISION 4849*62c56f98SSadaf Ebrahimi make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra' lib 4850*62c56f98SSadaf Ebrahimi echo "Checking that software 64-bit division is not required" 4851*62c56f98SSadaf Ebrahimi not grep __aeabi_uldiv library/*.o 4852*62c56f98SSadaf Ebrahimi} 4853*62c56f98SSadaf Ebrahimi 4854*62c56f98SSadaf Ebrahimicomponent_build_arm_none_eabi_gcc_no_64bit_multiplication () { 4855*62c56f98SSadaf Ebrahimi msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s 4856*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4857*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION 4858*62c56f98SSadaf Ebrahimi make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -O1 -march=armv6-m -mthumb' lib 4859*62c56f98SSadaf Ebrahimi echo "Checking that software 64-bit multiplication is not required" 4860*62c56f98SSadaf Ebrahimi not grep __aeabi_lmul library/*.o 4861*62c56f98SSadaf Ebrahimi} 4862*62c56f98SSadaf Ebrahimi 4863*62c56f98SSadaf Ebrahimicomponent_build_arm_clang_thumb () { 4864*62c56f98SSadaf Ebrahimi # ~ 30s 4865*62c56f98SSadaf Ebrahimi 4866*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4867*62c56f98SSadaf Ebrahimi 4868*62c56f98SSadaf Ebrahimi msg "build: clang thumb 2, make" 4869*62c56f98SSadaf Ebrahimi make clean 4870*62c56f98SSadaf Ebrahimi make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -march=armv7-m -mthumb' lib 4871*62c56f98SSadaf Ebrahimi 4872*62c56f98SSadaf Ebrahimi # Some Thumb 1 asm is sensitive to optimisation level, so test both -O0 and -Os 4873*62c56f98SSadaf Ebrahimi msg "build: clang thumb 1 -O0, make" 4874*62c56f98SSadaf Ebrahimi make clean 4875*62c56f98SSadaf Ebrahimi make CC="clang" CFLAGS='-std=c99 -Werror -O0 --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib 4876*62c56f98SSadaf Ebrahimi 4877*62c56f98SSadaf Ebrahimi msg "build: clang thumb 1 -Os, make" 4878*62c56f98SSadaf Ebrahimi make clean 4879*62c56f98SSadaf Ebrahimi make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib 4880*62c56f98SSadaf Ebrahimi} 4881*62c56f98SSadaf Ebrahimi 4882*62c56f98SSadaf Ebrahimicomponent_build_armcc () { 4883*62c56f98SSadaf Ebrahimi msg "build: ARM Compiler 5" 4884*62c56f98SSadaf Ebrahimi scripts/config.py baremetal 4885*62c56f98SSadaf Ebrahimi # armc[56] don't support SHA-512 intrinsics 4886*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 4887*62c56f98SSadaf Ebrahimi 4888*62c56f98SSadaf Ebrahimi # Stop armclang warning about feature detection for A64_CRYPTO. 4889*62c56f98SSadaf Ebrahimi # With this enabled, the library does build correctly under armclang, 4890*62c56f98SSadaf Ebrahimi # but in baremetal builds (as tested here), feature detection is 4891*62c56f98SSadaf Ebrahimi # unavailable, and the user is notified via a #warning. So enabling 4892*62c56f98SSadaf Ebrahimi # this feature would prevent us from building with -Werror on 4893*62c56f98SSadaf Ebrahimi # armclang. Tracked in #7198. 4894*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 4895*62c56f98SSadaf Ebrahimi 4896*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_HAVE_ASM 4897*62c56f98SSadaf Ebrahimi 4898*62c56f98SSadaf Ebrahimi make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib 4899*62c56f98SSadaf Ebrahimi 4900*62c56f98SSadaf Ebrahimi msg "size: ARM Compiler 5" 4901*62c56f98SSadaf Ebrahimi "$ARMC5_FROMELF" -z library/*.o 4902*62c56f98SSadaf Ebrahimi 4903*62c56f98SSadaf Ebrahimi make clean 4904*62c56f98SSadaf Ebrahimi 4905*62c56f98SSadaf Ebrahimi # Compile mostly with -O1 since some Arm inline assembly is disabled for -O0. 4906*62c56f98SSadaf Ebrahimi 4907*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target ARMv7-A 4908*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv7-a" 4909*62c56f98SSadaf Ebrahimi 4910*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target ARMv7-M 4911*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv7-m" 4912*62c56f98SSadaf Ebrahimi 4913*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target ARMv7-M+DSP 4914*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv7-m+dsp" 4915*62c56f98SSadaf Ebrahimi 4916*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target ARMv8-A - AArch32 4917*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv8.2-a" 4918*62c56f98SSadaf Ebrahimi 4919*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target ARMv8-M 4920*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv8-m.main" 4921*62c56f98SSadaf Ebrahimi 4922*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target ARMv8.2-A - AArch64 4923*62c56f98SSadaf Ebrahimi armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8.2-a+crypto" 4924*62c56f98SSadaf Ebrahimi 4925*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target Cortex-M0 - no optimisation 4926*62c56f98SSadaf Ebrahimi armc6_build_test "-O0 --target=arm-arm-none-eabi -mcpu=cortex-m0" 4927*62c56f98SSadaf Ebrahimi 4928*62c56f98SSadaf Ebrahimi # ARM Compiler 6 - Target Cortex-M0 4929*62c56f98SSadaf Ebrahimi armc6_build_test "-Os --target=arm-arm-none-eabi -mcpu=cortex-m0" 4930*62c56f98SSadaf Ebrahimi} 4931*62c56f98SSadaf Ebrahimi 4932*62c56f98SSadaf Ebrahimisupport_build_armcc () { 4933*62c56f98SSadaf Ebrahimi armc5_cc="$ARMC5_BIN_DIR/armcc" 4934*62c56f98SSadaf Ebrahimi armc6_cc="$ARMC6_BIN_DIR/armclang" 4935*62c56f98SSadaf Ebrahimi (check_tools "$armc5_cc" "$armc6_cc" > /dev/null 2>&1) 4936*62c56f98SSadaf Ebrahimi} 4937*62c56f98SSadaf Ebrahimi 4938*62c56f98SSadaf Ebrahimicomponent_test_tls13_only () { 4939*62c56f98SSadaf Ebrahimi msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2" 4940*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 4941*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 4942*62c56f98SSadaf Ebrahimi 4943*62c56f98SSadaf Ebrahimi msg "test: TLS 1.3 only, all key exchange modes enabled" 4944*62c56f98SSadaf Ebrahimi make test 4945*62c56f98SSadaf Ebrahimi 4946*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, all key exchange modes enabled" 4947*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4948*62c56f98SSadaf Ebrahimi} 4949*62c56f98SSadaf Ebrahimi 4950*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_psk () { 4951*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, only PSK key exchange mode" 4952*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 4953*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 4954*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 4955*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_DHM_C 4956*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C 4957*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 4958*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION 4959*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 4960*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 4961*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS7_C 4962*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 4963*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 4964*62c56f98SSadaf Ebrahimi 4965*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled" 4966*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 4967*62c56f98SSadaf Ebrahimi 4968*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled" 4969*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4970*62c56f98SSadaf Ebrahimi} 4971*62c56f98SSadaf Ebrahimi 4972*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_ephemeral () { 4973*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, only ephemeral key exchange mode" 4974*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 4975*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 4976*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_EARLY_DATA 4977*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 4978*62c56f98SSadaf Ebrahimi 4979*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode" 4980*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 4981*62c56f98SSadaf Ebrahimi 4982*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode" 4983*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 4984*62c56f98SSadaf Ebrahimi} 4985*62c56f98SSadaf Ebrahimi 4986*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_ephemeral_ffdh () { 4987*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, only ephemeral ffdh key exchange mode" 4988*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 4989*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 4990*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_EARLY_DATA 4991*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 4992*62c56f98SSadaf Ebrahimi 4993*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 4994*62c56f98SSadaf Ebrahimi 4995*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, only ephemeral ffdh key exchange mode" 4996*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 4997*62c56f98SSadaf Ebrahimi 4998*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, only ephemeral ffdh key exchange mode" 4999*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5000*62c56f98SSadaf Ebrahimi} 5001*62c56f98SSadaf Ebrahimi 5002*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_psk_ephemeral () { 5003*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, only PSK ephemeral key exchange mode" 5004*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 5005*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5006*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C 5007*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 5008*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION 5009*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 5010*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 5011*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS7_C 5012*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 5013*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 5014*62c56f98SSadaf Ebrahimi 5015*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode" 5016*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 5017*62c56f98SSadaf Ebrahimi 5018*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode" 5019*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5020*62c56f98SSadaf Ebrahimi} 5021*62c56f98SSadaf Ebrahimi 5022*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_psk_ephemeral_ffdh () { 5023*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, only PSK ephemeral ffdh key exchange mode" 5024*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 5025*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5026*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C 5027*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 5028*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION 5029*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 5030*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 5031*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS7_C 5032*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 5033*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDH_C 5034*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 5035*62c56f98SSadaf Ebrahimi 5036*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral ffdh key exchange mode" 5037*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 5038*62c56f98SSadaf Ebrahimi 5039*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral ffdh key exchange mode" 5040*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5041*62c56f98SSadaf Ebrahimi} 5042*62c56f98SSadaf Ebrahimi 5043*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_psk_all () { 5044*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, without ephemeral key exchange mode" 5045*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5046*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C 5047*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT 5048*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION 5049*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_ECDSA_C 5050*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS1_V21 5051*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_PKCS7_C 5052*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 5053*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 5054*62c56f98SSadaf Ebrahimi 5055*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" 5056*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 5057*62c56f98SSadaf Ebrahimi 5058*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" 5059*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5060*62c56f98SSadaf Ebrahimi} 5061*62c56f98SSadaf Ebrahimi 5062*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_ephemeral_all () { 5063*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, without PSK key exchange mode" 5064*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 5065*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 5066*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 5067*62c56f98SSadaf Ebrahimi 5068*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" 5069*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 5070*62c56f98SSadaf Ebrahimi 5071*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" 5072*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5073*62c56f98SSadaf Ebrahimi} 5074*62c56f98SSadaf Ebrahimi 5075*62c56f98SSadaf Ebrahimicomponent_test_tls13 () { 5076*62c56f98SSadaf Ebrahimi msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" 5077*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3 5078*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 5079*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 5080*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 5081*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 5082*62c56f98SSadaf Ebrahimi make 5083*62c56f98SSadaf Ebrahimi msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" 5084*62c56f98SSadaf Ebrahimi make test 5085*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh (TLS 1.3)" 5086*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5087*62c56f98SSadaf Ebrahimi} 5088*62c56f98SSadaf Ebrahimi 5089*62c56f98SSadaf Ebrahimicomponent_test_tls13_no_compatibility_mode () { 5090*62c56f98SSadaf Ebrahimi msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" 5091*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3 5092*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 5093*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 5094*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_EARLY_DATA 5095*62c56f98SSadaf Ebrahimi CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 5096*62c56f98SSadaf Ebrahimi make 5097*62c56f98SSadaf Ebrahimi msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" 5098*62c56f98SSadaf Ebrahimi make test 5099*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh (TLS 1.3 no compatibility mode)" 5100*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5101*62c56f98SSadaf Ebrahimi} 5102*62c56f98SSadaf Ebrahimi 5103*62c56f98SSadaf Ebrahimicomponent_test_tls13_only_record_size_limit () { 5104*62c56f98SSadaf Ebrahimi msg "build: TLS 1.3 only from default, record size limit extension enabled" 5105*62c56f98SSadaf Ebrahimi scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT 5106*62c56f98SSadaf Ebrahimi make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" 5107*62c56f98SSadaf Ebrahimi 5108*62c56f98SSadaf Ebrahimi msg "test_suite_ssl: TLS 1.3 only, record size limit extension enabled" 5109*62c56f98SSadaf Ebrahimi cd tests; ./test_suite_ssl; cd .. 5110*62c56f98SSadaf Ebrahimi 5111*62c56f98SSadaf Ebrahimi msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension tests only)" 5112*62c56f98SSadaf Ebrahimi # Both the server and the client will currently abort the handshake when they encounter the 5113*62c56f98SSadaf Ebrahimi # record size limit extension. There is no way to prevent gnutls-cli from sending the extension 5114*62c56f98SSadaf Ebrahimi # which makes all G_NEXT_CLI + P_SRV tests fail. Thus, run only the tests for the this extension. 5115*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh -f "Record Size Limit" 5116*62c56f98SSadaf Ebrahimi} 5117*62c56f98SSadaf Ebrahimi 5118*62c56f98SSadaf Ebrahimicomponent_build_mingw () { 5119*62c56f98SSadaf Ebrahimi msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s 5120*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers 5121*62c56f98SSadaf Ebrahimi make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs 5122*62c56f98SSadaf Ebrahimi 5123*62c56f98SSadaf Ebrahimi # note Make tests only builds the tests, but doesn't run them 5124*62c56f98SSadaf Ebrahimi make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests 5125*62c56f98SSadaf Ebrahimi make WINDOWS_BUILD=1 clean 5126*62c56f98SSadaf Ebrahimi 5127*62c56f98SSadaf Ebrahimi msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s 5128*62c56f98SSadaf Ebrahimi make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs 5129*62c56f98SSadaf Ebrahimi make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests 5130*62c56f98SSadaf Ebrahimi make WINDOWS_BUILD=1 clean 5131*62c56f98SSadaf Ebrahimi} 5132*62c56f98SSadaf Ebrahimisupport_build_mingw() { 5133*62c56f98SSadaf Ebrahimi case $(i686-w64-mingw32-gcc -dumpversion 2>/dev/null) in 5134*62c56f98SSadaf Ebrahimi [0-5]*|"") false;; 5135*62c56f98SSadaf Ebrahimi *) true;; 5136*62c56f98SSadaf Ebrahimi esac 5137*62c56f98SSadaf Ebrahimi} 5138*62c56f98SSadaf Ebrahimi 5139*62c56f98SSadaf Ebrahimicomponent_test_memsan () { 5140*62c56f98SSadaf Ebrahimi msg "build: MSan (clang)" # ~ 1 min 20s 5141*62c56f98SSadaf Ebrahimi scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm 5142*62c56f98SSadaf Ebrahimi CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . 5143*62c56f98SSadaf Ebrahimi make 5144*62c56f98SSadaf Ebrahimi 5145*62c56f98SSadaf Ebrahimi msg "test: main suites (MSan)" # ~ 10s 5146*62c56f98SSadaf Ebrahimi make test 5147*62c56f98SSadaf Ebrahimi 5148*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh (MSan)" # ~ 1 min 5149*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh 5150*62c56f98SSadaf Ebrahimi 5151*62c56f98SSadaf Ebrahimi # Optional part(s) 5152*62c56f98SSadaf Ebrahimi 5153*62c56f98SSadaf Ebrahimi if [ "$MEMORY" -gt 0 ]; then 5154*62c56f98SSadaf Ebrahimi msg "test: compat.sh (MSan)" # ~ 6 min 20s 5155*62c56f98SSadaf Ebrahimi tests/compat.sh 5156*62c56f98SSadaf Ebrahimi fi 5157*62c56f98SSadaf Ebrahimi} 5158*62c56f98SSadaf Ebrahimi 5159*62c56f98SSadaf Ebrahimicomponent_test_valgrind () { 5160*62c56f98SSadaf Ebrahimi msg "build: Release (clang)" 5161*62c56f98SSadaf Ebrahimi # default config, in particular without MBEDTLS_USE_PSA_CRYPTO 5162*62c56f98SSadaf Ebrahimi CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . 5163*62c56f98SSadaf Ebrahimi make 5164*62c56f98SSadaf Ebrahimi 5165*62c56f98SSadaf Ebrahimi msg "test: main suites, Valgrind (default config)" 5166*62c56f98SSadaf Ebrahimi make memcheck 5167*62c56f98SSadaf Ebrahimi 5168*62c56f98SSadaf Ebrahimi # Optional parts (slow; currently broken on OS X because programs don't 5169*62c56f98SSadaf Ebrahimi # seem to receive signals under valgrind on OS X). 5170*62c56f98SSadaf Ebrahimi # These optional parts don't run on the CI. 5171*62c56f98SSadaf Ebrahimi if [ "$MEMORY" -gt 0 ]; then 5172*62c56f98SSadaf Ebrahimi msg "test: ssl-opt.sh --memcheck (default config)" 5173*62c56f98SSadaf Ebrahimi tests/ssl-opt.sh --memcheck 5174*62c56f98SSadaf Ebrahimi fi 5175*62c56f98SSadaf Ebrahimi 5176*62c56f98SSadaf Ebrahimi if [ "$MEMORY" -gt 1 ]; then 5177*62c56f98SSadaf Ebrahimi msg "test: compat.sh --memcheck (default config)" 5178*62c56f98SSadaf Ebrahimi tests/compat.sh --memcheck 5179*62c56f98SSadaf Ebrahimi fi 5180*62c56f98SSadaf Ebrahimi 5181*62c56f98SSadaf Ebrahimi if [ "$MEMORY" -gt 0 ]; then 5182*62c56f98SSadaf Ebrahimi msg "test: context-info.sh --memcheck (default config)" 5183*62c56f98SSadaf Ebrahimi tests/context-info.sh --memcheck 5184*62c56f98SSadaf Ebrahimi fi 5185*62c56f98SSadaf Ebrahimi} 5186*62c56f98SSadaf Ebrahimi 5187*62c56f98SSadaf Ebrahimicomponent_test_valgrind_psa () { 5188*62c56f98SSadaf Ebrahimi msg "build: Release, full (clang)" 5189*62c56f98SSadaf Ebrahimi # full config, in particular with MBEDTLS_USE_PSA_CRYPTO 5190*62c56f98SSadaf Ebrahimi scripts/config.py full 5191*62c56f98SSadaf Ebrahimi CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . 5192*62c56f98SSadaf Ebrahimi make 5193*62c56f98SSadaf Ebrahimi 5194*62c56f98SSadaf Ebrahimi msg "test: main suites, Valgrind (full config)" 5195*62c56f98SSadaf Ebrahimi make memcheck 5196*62c56f98SSadaf Ebrahimi} 5197*62c56f98SSadaf Ebrahimi 5198*62c56f98SSadaf Ebrahimisupport_test_cmake_out_of_source () { 5199*62c56f98SSadaf Ebrahimi distrib_id="" 5200*62c56f98SSadaf Ebrahimi distrib_ver="" 5201*62c56f98SSadaf Ebrahimi distrib_ver_minor="" 5202*62c56f98SSadaf Ebrahimi distrib_ver_major="" 5203*62c56f98SSadaf Ebrahimi 5204*62c56f98SSadaf Ebrahimi # Attempt to parse lsb-release to find out distribution and version. If not 5205*62c56f98SSadaf Ebrahimi # found this should fail safe (test is supported). 5206*62c56f98SSadaf Ebrahimi if [[ -f /etc/lsb-release ]]; then 5207*62c56f98SSadaf Ebrahimi 5208*62c56f98SSadaf Ebrahimi while read -r lsb_line; do 5209*62c56f98SSadaf Ebrahimi case "$lsb_line" in 5210*62c56f98SSadaf Ebrahimi "DISTRIB_ID"*) distrib_id=${lsb_line/#DISTRIB_ID=};; 5211*62c56f98SSadaf Ebrahimi "DISTRIB_RELEASE"*) distrib_ver=${lsb_line/#DISTRIB_RELEASE=};; 5212*62c56f98SSadaf Ebrahimi esac 5213*62c56f98SSadaf Ebrahimi done < /etc/lsb-release 5214*62c56f98SSadaf Ebrahimi 5215*62c56f98SSadaf Ebrahimi distrib_ver_major="${distrib_ver%%.*}" 5216*62c56f98SSadaf Ebrahimi distrib_ver="${distrib_ver#*.}" 5217*62c56f98SSadaf Ebrahimi distrib_ver_minor="${distrib_ver%%.*}" 5218*62c56f98SSadaf Ebrahimi fi 5219*62c56f98SSadaf Ebrahimi 5220*62c56f98SSadaf Ebrahimi # Running the out of source CMake test on Ubuntu 16.04 using more than one 5221*62c56f98SSadaf Ebrahimi # processor (as the CI does) can create a race condition whereby the build 5222*62c56f98SSadaf Ebrahimi # fails to see a generated file, despite that file actually having been 5223*62c56f98SSadaf Ebrahimi # generated. This problem appears to go away with 18.04 or newer, so make 5224*62c56f98SSadaf Ebrahimi # the out of source tests unsupported on Ubuntu 16.04. 5225*62c56f98SSadaf Ebrahimi [ "$distrib_id" != "Ubuntu" ] || [ "$distrib_ver_major" -gt 16 ] 5226*62c56f98SSadaf Ebrahimi} 5227*62c56f98SSadaf Ebrahimi 5228*62c56f98SSadaf Ebrahimicomponent_test_cmake_out_of_source () { 5229*62c56f98SSadaf Ebrahimi # Remove existing generated files so that we use the ones cmake 5230*62c56f98SSadaf Ebrahimi # generates 5231*62c56f98SSadaf Ebrahimi make neat 5232*62c56f98SSadaf Ebrahimi 5233*62c56f98SSadaf Ebrahimi msg "build: cmake 'out-of-source' build" 5234*62c56f98SSadaf Ebrahimi MBEDTLS_ROOT_DIR="$PWD" 5235*62c56f98SSadaf Ebrahimi mkdir "$OUT_OF_SOURCE_DIR" 5236*62c56f98SSadaf Ebrahimi cd "$OUT_OF_SOURCE_DIR" 5237*62c56f98SSadaf Ebrahimi # Note: Explicitly generate files as these are turned off in releases 5238*62c56f98SSadaf Ebrahimi cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$MBEDTLS_ROOT_DIR" 5239*62c56f98SSadaf Ebrahimi make 5240*62c56f98SSadaf Ebrahimi 5241*62c56f98SSadaf Ebrahimi msg "test: cmake 'out-of-source' build" 5242*62c56f98SSadaf Ebrahimi make test 5243*62c56f98SSadaf Ebrahimi # Check that ssl-opt.sh can find the test programs. 5244*62c56f98SSadaf Ebrahimi # Also ensure that there are no error messages such as 5245*62c56f98SSadaf Ebrahimi # "No such file or directory", which would indicate that some required 5246*62c56f98SSadaf Ebrahimi # file is missing (ssl-opt.sh tolerates the absence of some files so 5247*62c56f98SSadaf Ebrahimi # may exit with status 0 but emit errors). 5248*62c56f98SSadaf Ebrahimi ./tests/ssl-opt.sh -f 'Default' >ssl-opt.out 2>ssl-opt.err 5249*62c56f98SSadaf Ebrahimi grep PASS ssl-opt.out 5250*62c56f98SSadaf Ebrahimi cat ssl-opt.err >&2 5251*62c56f98SSadaf Ebrahimi # If ssl-opt.err is non-empty, record an error and keep going. 5252*62c56f98SSadaf Ebrahimi [ ! -s ssl-opt.err ] 5253*62c56f98SSadaf Ebrahimi rm ssl-opt.out ssl-opt.err 5254*62c56f98SSadaf Ebrahimi cd "$MBEDTLS_ROOT_DIR" 5255*62c56f98SSadaf Ebrahimi rm -rf "$OUT_OF_SOURCE_DIR" 5256*62c56f98SSadaf Ebrahimi} 5257*62c56f98SSadaf Ebrahimi 5258*62c56f98SSadaf Ebrahimicomponent_test_cmake_as_subdirectory () { 5259*62c56f98SSadaf Ebrahimi # Remove existing generated files so that we use the ones CMake 5260*62c56f98SSadaf Ebrahimi # generates 5261*62c56f98SSadaf Ebrahimi make neat 5262*62c56f98SSadaf Ebrahimi 5263*62c56f98SSadaf Ebrahimi msg "build: cmake 'as-subdirectory' build" 5264*62c56f98SSadaf Ebrahimi cd programs/test/cmake_subproject 5265*62c56f98SSadaf Ebrahimi # Note: Explicitly generate files as these are turned off in releases 5266*62c56f98SSadaf Ebrahimi cmake -D GEN_FILES=ON . 5267*62c56f98SSadaf Ebrahimi make 5268*62c56f98SSadaf Ebrahimi ./cmake_subproject 5269*62c56f98SSadaf Ebrahimi} 5270*62c56f98SSadaf Ebrahimisupport_test_cmake_as_subdirectory () { 5271*62c56f98SSadaf Ebrahimi support_test_cmake_out_of_source 5272*62c56f98SSadaf Ebrahimi} 5273*62c56f98SSadaf Ebrahimi 5274*62c56f98SSadaf Ebrahimicomponent_test_cmake_as_package () { 5275*62c56f98SSadaf Ebrahimi # Remove existing generated files so that we use the ones CMake 5276*62c56f98SSadaf Ebrahimi # generates 5277*62c56f98SSadaf Ebrahimi make neat 5278*62c56f98SSadaf Ebrahimi 5279*62c56f98SSadaf Ebrahimi msg "build: cmake 'as-package' build" 5280*62c56f98SSadaf Ebrahimi cd programs/test/cmake_package 5281*62c56f98SSadaf Ebrahimi cmake . 5282*62c56f98SSadaf Ebrahimi make 5283*62c56f98SSadaf Ebrahimi ./cmake_package 5284*62c56f98SSadaf Ebrahimi} 5285*62c56f98SSadaf Ebrahimisupport_test_cmake_as_package () { 5286*62c56f98SSadaf Ebrahimi support_test_cmake_out_of_source 5287*62c56f98SSadaf Ebrahimi} 5288*62c56f98SSadaf Ebrahimi 5289*62c56f98SSadaf Ebrahimicomponent_test_cmake_as_package_install () { 5290*62c56f98SSadaf Ebrahimi # Remove existing generated files so that we use the ones CMake 5291*62c56f98SSadaf Ebrahimi # generates 5292*62c56f98SSadaf Ebrahimi make neat 5293*62c56f98SSadaf Ebrahimi 5294*62c56f98SSadaf Ebrahimi msg "build: cmake 'as-installed-package' build" 5295*62c56f98SSadaf Ebrahimi cd programs/test/cmake_package_install 5296*62c56f98SSadaf Ebrahimi cmake . 5297*62c56f98SSadaf Ebrahimi make 5298*62c56f98SSadaf Ebrahimi ./cmake_package_install 5299*62c56f98SSadaf Ebrahimi} 5300*62c56f98SSadaf Ebrahimisupport_test_cmake_as_package_install () { 5301*62c56f98SSadaf Ebrahimi support_test_cmake_out_of_source 5302*62c56f98SSadaf Ebrahimi} 5303*62c56f98SSadaf Ebrahimi 5304*62c56f98SSadaf Ebrahimicomponent_build_cmake_custom_config_file () { 5305*62c56f98SSadaf Ebrahimi # Make a copy of config file to use for the in-tree test 5306*62c56f98SSadaf Ebrahimi cp "$CONFIG_H" include/mbedtls_config_in_tree_copy.h 5307*62c56f98SSadaf Ebrahimi 5308*62c56f98SSadaf Ebrahimi MBEDTLS_ROOT_DIR="$PWD" 5309*62c56f98SSadaf Ebrahimi mkdir "$OUT_OF_SOURCE_DIR" 5310*62c56f98SSadaf Ebrahimi cd "$OUT_OF_SOURCE_DIR" 5311*62c56f98SSadaf Ebrahimi 5312*62c56f98SSadaf Ebrahimi # Build once to get the generated files (which need an intact config file) 5313*62c56f98SSadaf Ebrahimi cmake "$MBEDTLS_ROOT_DIR" 5314*62c56f98SSadaf Ebrahimi make 5315*62c56f98SSadaf Ebrahimi 5316*62c56f98SSadaf Ebrahimi msg "build: cmake with -DMBEDTLS_CONFIG_FILE" 5317*62c56f98SSadaf Ebrahimi scripts/config.py -w full_config.h full 5318*62c56f98SSadaf Ebrahimi echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" 5319*62c56f98SSadaf Ebrahimi cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h "$MBEDTLS_ROOT_DIR" 5320*62c56f98SSadaf Ebrahimi make 5321*62c56f98SSadaf Ebrahimi 5322*62c56f98SSadaf Ebrahimi msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" 5323*62c56f98SSadaf Ebrahimi # In the user config, disable one feature (for simplicity, pick a feature 5324*62c56f98SSadaf Ebrahimi # that nothing else depends on). 5325*62c56f98SSadaf Ebrahimi echo '#undef MBEDTLS_NIST_KW_C' >user_config.h 5326*62c56f98SSadaf Ebrahimi 5327*62c56f98SSadaf Ebrahimi cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h "$MBEDTLS_ROOT_DIR" 5328*62c56f98SSadaf Ebrahimi make 5329*62c56f98SSadaf Ebrahimi not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C 5330*62c56f98SSadaf Ebrahimi 5331*62c56f98SSadaf Ebrahimi rm -f user_config.h full_config.h 5332*62c56f98SSadaf Ebrahimi 5333*62c56f98SSadaf Ebrahimi cd "$MBEDTLS_ROOT_DIR" 5334*62c56f98SSadaf Ebrahimi rm -rf "$OUT_OF_SOURCE_DIR" 5335*62c56f98SSadaf Ebrahimi 5336*62c56f98SSadaf Ebrahimi # Now repeat the test for an in-tree build: 5337*62c56f98SSadaf Ebrahimi 5338*62c56f98SSadaf Ebrahimi # Restore config for the in-tree test 5339*62c56f98SSadaf Ebrahimi mv include/mbedtls_config_in_tree_copy.h "$CONFIG_H" 5340*62c56f98SSadaf Ebrahimi 5341*62c56f98SSadaf Ebrahimi # Build once to get the generated files (which need an intact config) 5342*62c56f98SSadaf Ebrahimi cmake . 5343*62c56f98SSadaf Ebrahimi make 5344*62c56f98SSadaf Ebrahimi 5345*62c56f98SSadaf Ebrahimi msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE" 5346*62c56f98SSadaf Ebrahimi scripts/config.py -w full_config.h full 5347*62c56f98SSadaf Ebrahimi echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" 5348*62c56f98SSadaf Ebrahimi cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h . 5349*62c56f98SSadaf Ebrahimi make 5350*62c56f98SSadaf Ebrahimi 5351*62c56f98SSadaf Ebrahimi msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" 5352*62c56f98SSadaf Ebrahimi # In the user config, disable one feature (for simplicity, pick a feature 5353*62c56f98SSadaf Ebrahimi # that nothing else depends on). 5354*62c56f98SSadaf Ebrahimi echo '#undef MBEDTLS_NIST_KW_C' >user_config.h 5355*62c56f98SSadaf Ebrahimi 5356*62c56f98SSadaf Ebrahimi cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h . 5357*62c56f98SSadaf Ebrahimi make 5358*62c56f98SSadaf Ebrahimi not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C 5359*62c56f98SSadaf Ebrahimi 5360*62c56f98SSadaf Ebrahimi rm -f user_config.h full_config.h 5361*62c56f98SSadaf Ebrahimi} 5362*62c56f98SSadaf Ebrahimisupport_build_cmake_custom_config_file () { 5363*62c56f98SSadaf Ebrahimi support_test_cmake_out_of_source 5364*62c56f98SSadaf Ebrahimi} 5365*62c56f98SSadaf Ebrahimi 5366*62c56f98SSadaf Ebrahimi 5367*62c56f98SSadaf Ebrahimicomponent_build_zeroize_checks () { 5368*62c56f98SSadaf Ebrahimi msg "build: check for obviously wrong calls to mbedtls_platform_zeroize()" 5369*62c56f98SSadaf Ebrahimi 5370*62c56f98SSadaf Ebrahimi scripts/config.py full 5371*62c56f98SSadaf Ebrahimi 5372*62c56f98SSadaf Ebrahimi # Only compile - we're looking for sizeof-pointer-memaccess warnings 5373*62c56f98SSadaf Ebrahimi make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" 5374*62c56f98SSadaf Ebrahimi} 5375*62c56f98SSadaf Ebrahimi 5376*62c56f98SSadaf Ebrahimi 5377*62c56f98SSadaf Ebrahimicomponent_test_zeroize () { 5378*62c56f98SSadaf Ebrahimi # Test that the function mbedtls_platform_zeroize() is not optimized away by 5379*62c56f98SSadaf Ebrahimi # different combinations of compilers and optimization flags by using an 5380*62c56f98SSadaf Ebrahimi # auxiliary GDB script. Unfortunately, GDB does not return error values to the 5381*62c56f98SSadaf Ebrahimi # system in all cases that the script fails, so we must manually search the 5382*62c56f98SSadaf Ebrahimi # output to check whether the pass string is present and no failure strings 5383*62c56f98SSadaf Ebrahimi # were printed. 5384*62c56f98SSadaf Ebrahimi 5385*62c56f98SSadaf Ebrahimi # Don't try to disable ASLR. We don't care about ASLR here. We do care 5386*62c56f98SSadaf Ebrahimi # about a spurious message if Gdb tries and fails, so suppress that. 5387*62c56f98SSadaf Ebrahimi gdb_disable_aslr= 5388*62c56f98SSadaf Ebrahimi if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then 5389*62c56f98SSadaf Ebrahimi gdb_disable_aslr='set disable-randomization off' 5390*62c56f98SSadaf Ebrahimi fi 5391*62c56f98SSadaf Ebrahimi 5392*62c56f98SSadaf Ebrahimi for optimization_flag in -O2 -O3 -Ofast -Os; do 5393*62c56f98SSadaf Ebrahimi for compiler in clang gcc; do 5394*62c56f98SSadaf Ebrahimi msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" 5395*62c56f98SSadaf Ebrahimi make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" 5396*62c56f98SSadaf Ebrahimi gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log 5397*62c56f98SSadaf Ebrahimi grep "The buffer was correctly zeroized" test_zeroize.log 5398*62c56f98SSadaf Ebrahimi not grep -i "error" test_zeroize.log 5399*62c56f98SSadaf Ebrahimi rm -f test_zeroize.log 5400*62c56f98SSadaf Ebrahimi make clean 5401*62c56f98SSadaf Ebrahimi done 5402*62c56f98SSadaf Ebrahimi done 5403*62c56f98SSadaf Ebrahimi} 5404*62c56f98SSadaf Ebrahimi 5405*62c56f98SSadaf Ebrahimicomponent_test_psa_compliance () { 5406*62c56f98SSadaf Ebrahimi msg "build: make, default config (out-of-box), libmbedcrypto.a only" 5407*62c56f98SSadaf Ebrahimi make -C library libmbedcrypto.a 5408*62c56f98SSadaf Ebrahimi 5409*62c56f98SSadaf Ebrahimi msg "unit test: test_psa_compliance.py" 5410*62c56f98SSadaf Ebrahimi ./tests/scripts/test_psa_compliance.py 5411*62c56f98SSadaf Ebrahimi} 5412*62c56f98SSadaf Ebrahimi 5413*62c56f98SSadaf Ebrahimisupport_test_psa_compliance () { 5414*62c56f98SSadaf Ebrahimi # psa-compliance-tests only supports CMake >= 3.10.0 5415*62c56f98SSadaf Ebrahimi ver="$(cmake --version)" 5416*62c56f98SSadaf Ebrahimi ver="${ver#cmake version }" 5417*62c56f98SSadaf Ebrahimi ver_major="${ver%%.*}" 5418*62c56f98SSadaf Ebrahimi 5419*62c56f98SSadaf Ebrahimi ver="${ver#*.}" 5420*62c56f98SSadaf Ebrahimi ver_minor="${ver%%.*}" 5421*62c56f98SSadaf Ebrahimi 5422*62c56f98SSadaf Ebrahimi [ "$ver_major" -eq 3 ] && [ "$ver_minor" -ge 10 ] 5423*62c56f98SSadaf Ebrahimi} 5424*62c56f98SSadaf Ebrahimi 5425*62c56f98SSadaf Ebrahimicomponent_check_code_style () { 5426*62c56f98SSadaf Ebrahimi msg "Check C code style" 5427*62c56f98SSadaf Ebrahimi ./scripts/code_style.py 5428*62c56f98SSadaf Ebrahimi} 5429*62c56f98SSadaf Ebrahimi 5430*62c56f98SSadaf Ebrahimisupport_check_code_style() { 5431*62c56f98SSadaf Ebrahimi case $(uncrustify --version) in 5432*62c56f98SSadaf Ebrahimi *0.75.1*) true;; 5433*62c56f98SSadaf Ebrahimi *) false;; 5434*62c56f98SSadaf Ebrahimi esac 5435*62c56f98SSadaf Ebrahimi} 5436*62c56f98SSadaf Ebrahimi 5437*62c56f98SSadaf Ebrahimicomponent_check_python_files () { 5438*62c56f98SSadaf Ebrahimi msg "Lint: Python scripts" 5439*62c56f98SSadaf Ebrahimi tests/scripts/check-python-files.sh 5440*62c56f98SSadaf Ebrahimi} 5441*62c56f98SSadaf Ebrahimi 5442*62c56f98SSadaf Ebrahimicomponent_check_test_helpers () { 5443*62c56f98SSadaf Ebrahimi msg "unit test: generate_test_code.py" 5444*62c56f98SSadaf Ebrahimi # unittest writes out mundane stuff like number or tests run on stderr. 5445*62c56f98SSadaf Ebrahimi # Our convention is to reserve stderr for actual errors, and write 5446*62c56f98SSadaf Ebrahimi # harmless info on stdout so it can be suppress with --quiet. 5447*62c56f98SSadaf Ebrahimi ./tests/scripts/test_generate_test_code.py 2>&1 5448*62c56f98SSadaf Ebrahimi 5449*62c56f98SSadaf Ebrahimi msg "unit test: translate_ciphers.py" 5450*62c56f98SSadaf Ebrahimi python3 -m unittest tests/scripts/translate_ciphers.py 2>&1 5451*62c56f98SSadaf Ebrahimi} 5452*62c56f98SSadaf Ebrahimi 5453*62c56f98SSadaf Ebrahimi 5454*62c56f98SSadaf Ebrahimi################################################################ 5455*62c56f98SSadaf Ebrahimi#### Termination 5456*62c56f98SSadaf Ebrahimi################################################################ 5457*62c56f98SSadaf Ebrahimi 5458*62c56f98SSadaf Ebrahimipost_report () { 5459*62c56f98SSadaf Ebrahimi msg "Done, cleaning up" 5460*62c56f98SSadaf Ebrahimi final_cleanup 5461*62c56f98SSadaf Ebrahimi 5462*62c56f98SSadaf Ebrahimi final_report 5463*62c56f98SSadaf Ebrahimi} 5464*62c56f98SSadaf Ebrahimi 5465*62c56f98SSadaf Ebrahimi 5466*62c56f98SSadaf Ebrahimi 5467*62c56f98SSadaf Ebrahimi################################################################ 5468*62c56f98SSadaf Ebrahimi#### Run all the things 5469*62c56f98SSadaf Ebrahimi################################################################ 5470*62c56f98SSadaf Ebrahimi 5471*62c56f98SSadaf Ebrahimi# Function invoked by --error-test to test error reporting. 5472*62c56f98SSadaf Ebrahimipseudo_component_error_test () { 5473*62c56f98SSadaf Ebrahimi msg "Testing error reporting $error_test_i" 5474*62c56f98SSadaf Ebrahimi if [ $KEEP_GOING -ne 0 ]; then 5475*62c56f98SSadaf Ebrahimi echo "Expect three failing commands." 5476*62c56f98SSadaf Ebrahimi fi 5477*62c56f98SSadaf Ebrahimi # If the component doesn't run in a subshell, changing error_test_i to an 5478*62c56f98SSadaf Ebrahimi # invalid integer will cause an error in the loop that runs this function. 5479*62c56f98SSadaf Ebrahimi error_test_i=this_should_not_be_used_since_the_component_runs_in_a_subshell 5480*62c56f98SSadaf Ebrahimi # Expected error: 'grep non_existent /dev/null -> 1' 5481*62c56f98SSadaf Ebrahimi grep non_existent /dev/null 5482*62c56f98SSadaf Ebrahimi # Expected error: '! grep -q . tests/scripts/all.sh -> 1' 5483*62c56f98SSadaf Ebrahimi not grep -q . "$0" 5484*62c56f98SSadaf Ebrahimi # Expected error: 'make unknown_target -> 2' 5485*62c56f98SSadaf Ebrahimi make unknown_target 5486*62c56f98SSadaf Ebrahimi false "this should not be executed" 5487*62c56f98SSadaf Ebrahimi} 5488*62c56f98SSadaf Ebrahimi 5489*62c56f98SSadaf Ebrahimi# Run one component and clean up afterwards. 5490*62c56f98SSadaf Ebrahimirun_component () { 5491*62c56f98SSadaf Ebrahimi current_component="$1" 5492*62c56f98SSadaf Ebrahimi export MBEDTLS_TEST_CONFIGURATION="$current_component" 5493*62c56f98SSadaf Ebrahimi 5494*62c56f98SSadaf Ebrahimi # Unconditionally create a seedfile that's sufficiently long. 5495*62c56f98SSadaf Ebrahimi # Do this before each component, because a previous component may 5496*62c56f98SSadaf Ebrahimi # have messed it up or shortened it. 5497*62c56f98SSadaf Ebrahimi local dd_cmd 5498*62c56f98SSadaf Ebrahimi dd_cmd=(dd if=/dev/urandom of=./tests/seedfile bs=64 count=1) 5499*62c56f98SSadaf Ebrahimi case $OSTYPE in 5500*62c56f98SSadaf Ebrahimi linux*|freebsd*|openbsd*) dd_cmd+=(status=none) 5501*62c56f98SSadaf Ebrahimi esac 5502*62c56f98SSadaf Ebrahimi "${dd_cmd[@]}" 5503*62c56f98SSadaf Ebrahimi 5504*62c56f98SSadaf Ebrahimi # Run the component in a subshell, with error trapping and output 5505*62c56f98SSadaf Ebrahimi # redirection set up based on the relevant options. 5506*62c56f98SSadaf Ebrahimi if [ $KEEP_GOING -eq 1 ]; then 5507*62c56f98SSadaf Ebrahimi # We want to keep running if the subshell fails, so 'set -e' must 5508*62c56f98SSadaf Ebrahimi # be off when the subshell runs. 5509*62c56f98SSadaf Ebrahimi set +e 5510*62c56f98SSadaf Ebrahimi fi 5511*62c56f98SSadaf Ebrahimi ( 5512*62c56f98SSadaf Ebrahimi if [ $QUIET -eq 1 ]; then 5513*62c56f98SSadaf Ebrahimi # msg() will be silenced, so just print the component name here. 5514*62c56f98SSadaf Ebrahimi echo "${current_component#component_}" 5515*62c56f98SSadaf Ebrahimi exec >/dev/null 5516*62c56f98SSadaf Ebrahimi fi 5517*62c56f98SSadaf Ebrahimi if [ $KEEP_GOING -eq 1 ]; then 5518*62c56f98SSadaf Ebrahimi # Keep "set -e" off, and run an ERR trap instead to record failures. 5519*62c56f98SSadaf Ebrahimi set -E 5520*62c56f98SSadaf Ebrahimi trap err_trap ERR 5521*62c56f98SSadaf Ebrahimi fi 5522*62c56f98SSadaf Ebrahimi # The next line is what runs the component 5523*62c56f98SSadaf Ebrahimi "$@" 5524*62c56f98SSadaf Ebrahimi if [ $KEEP_GOING -eq 1 ]; then 5525*62c56f98SSadaf Ebrahimi trap - ERR 5526*62c56f98SSadaf Ebrahimi exit $last_failure_status 5527*62c56f98SSadaf Ebrahimi fi 5528*62c56f98SSadaf Ebrahimi ) 5529*62c56f98SSadaf Ebrahimi component_status=$? 5530*62c56f98SSadaf Ebrahimi if [ $KEEP_GOING -eq 1 ]; then 5531*62c56f98SSadaf Ebrahimi set -e 5532*62c56f98SSadaf Ebrahimi if [ $component_status -ne 0 ]; then 5533*62c56f98SSadaf Ebrahimi failure_count=$((failure_count + 1)) 5534*62c56f98SSadaf Ebrahimi fi 5535*62c56f98SSadaf Ebrahimi fi 5536*62c56f98SSadaf Ebrahimi 5537*62c56f98SSadaf Ebrahimi # Restore the build tree to a clean state. 5538*62c56f98SSadaf Ebrahimi cleanup 5539*62c56f98SSadaf Ebrahimi unset current_component 5540*62c56f98SSadaf Ebrahimi} 5541*62c56f98SSadaf Ebrahimi 5542*62c56f98SSadaf Ebrahimi# Preliminary setup 5543*62c56f98SSadaf Ebrahimipre_check_environment 5544*62c56f98SSadaf Ebrahimipre_parse_command_line_for_dirs "$@" 5545*62c56f98SSadaf Ebrahimipre_initialize_variables 5546*62c56f98SSadaf Ebrahimipre_parse_command_line "$@" 5547*62c56f98SSadaf Ebrahimi 5548*62c56f98SSadaf Ebrahimipre_check_git 5549*62c56f98SSadaf Ebrahimipre_restore_files 5550*62c56f98SSadaf Ebrahimipre_back_up 5551*62c56f98SSadaf Ebrahimi 5552*62c56f98SSadaf Ebrahimibuild_status=0 5553*62c56f98SSadaf Ebrahimiif [ $KEEP_GOING -eq 1 ]; then 5554*62c56f98SSadaf Ebrahimi pre_setup_keep_going 5555*62c56f98SSadaf Ebrahimifi 5556*62c56f98SSadaf Ebrahimipre_prepare_outcome_file 5557*62c56f98SSadaf Ebrahimipre_print_configuration 5558*62c56f98SSadaf Ebrahimipre_check_tools 5559*62c56f98SSadaf Ebrahimicleanup 5560*62c56f98SSadaf Ebrahimiif in_mbedtls_repo; then 5561*62c56f98SSadaf Ebrahimi pre_generate_files 5562*62c56f98SSadaf Ebrahimifi 5563*62c56f98SSadaf Ebrahimi 5564*62c56f98SSadaf Ebrahimi# Run the requested tests. 5565*62c56f98SSadaf Ebrahimifor ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do 5566*62c56f98SSadaf Ebrahimi run_component pseudo_component_error_test 5567*62c56f98SSadaf Ebrahimidone 5568*62c56f98SSadaf Ebrahimiunset error_test_i 5569*62c56f98SSadaf Ebrahimifor component in $RUN_COMPONENTS; do 5570*62c56f98SSadaf Ebrahimi run_component "component_$component" 5571*62c56f98SSadaf Ebrahimidone 5572*62c56f98SSadaf Ebrahimi 5573*62c56f98SSadaf Ebrahimi# We're done. 5574*62c56f98SSadaf Ebrahimipost_report 5575