Merge branch 'development' into default-compiler-all
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 0869aaa..68bc57f 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -1,5 +1,8 @@
+find_package(Threads)
+
set(libs
${mbedtls_target}
+ ${CMAKE_THREAD_LIBS_INIT}
)
# Set the project root directory if it's not already defined, as may happen if
diff --git a/tests/Makefile b/tests/Makefile
index 2249a55..29197b7 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -57,6 +57,10 @@
DLEXT ?= so
EXEXT=
SHARED_SUFFIX=
+
+ifeq ($(THREADING),pthread)
+LOCAL_LDFLAGS += -lpthread
+endif
endif
ifdef WINDOWS
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 06ef19c..27bfbfa 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -220,6 +220,9 @@
esac
SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
done
+
+ # Option to enable linking with pthreads under make
+ MAKE_THREADING_FLAGS="THREADING=pthread"
}
# Test whether the component $1 is included in the command line patterns.
@@ -934,7 +937,7 @@
# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed.
helper_libtestdriver1_make_drivers() {
loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
- make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# Build the main libraries, programs and tests,
@@ -952,7 +955,7 @@
# we need flags both with and without the LIBTESTDRIVER1_ prefix
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS "$@"
}
################################################################
@@ -1447,7 +1450,7 @@
# When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
# the SSL test programs don't have an RNG and can't work. Explicitly
# make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites"
make test
@@ -1466,7 +1469,7 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
make test
@@ -1481,7 +1484,7 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_CTR_DRBG_C
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
make test
@@ -1499,7 +1502,7 @@
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY"
make test
@@ -1533,14 +1536,14 @@
# Note: MD-light is auto-enabled in build_info.h by modules that need it,
# which we haven't disabled, so no need to explicitly enable it.
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
# Make sure we don't have the HMAC functions, but the hashing functions
not grep mbedtls_md_hmac library/md.o
grep mbedtls_md library/md.o
msg "test: crypto_full with only the light subset of MD"
- make test
+ make $MAKE_THREADING_FLAGS test
}
component_test_full_no_cipher () {
@@ -1566,7 +1569,7 @@
scripts/config.py unset MBEDTLS_LMS_PRIVATE
msg "test: full no CIPHER no PSA_CRYPTO_C"
- make test
+ make $MAKE_THREADING_FLAGS test
}
# This is a common configurator and test function that is used in:
@@ -1615,7 +1618,7 @@
scripts/config.py unset MBEDTLS_PKCS12_C
scripts/config.py unset MBEDTLS_PKCS5_C
- make
+ make $MAKE_THREADING_FLAGS
# Ensure that CIPHER_C was not re-enabled
not grep mbedtls_cipher_init library/cipher.o
@@ -1648,7 +1651,7 @@
# PSA_WANT_ALG_CCM to be re-enabled.
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM
- make
+ make $MAKE_THREADING_FLAGS
msg "test: full no PSA_WANT_ALG_CCM"
make test
@@ -1676,7 +1679,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7
- make
+ make $MAKE_THREADING_FLAGS
# Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled
not grep mbedtls_psa_cipher library/psa_crypto_cipher.o
@@ -1733,7 +1736,7 @@
scripts/config.py unset MBEDTLS_SSL_ASYNC_PRIVATE
scripts/config.py unset MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
- make
+ make $MAKE_THREADING_FLAGS
msg "test: full minus bignum"
make test
@@ -2011,7 +2014,7 @@
component_test_psa_collect_statuses () {
msg "build+test: psa_collect_statuses" # ~30s
scripts/config.py full
- tests/scripts/psa_collect_statuses.py
+ tests/scripts/psa_collect_statuses.py --make-vars="$MAKE_THREADING_FLAGS"
# Check that psa_crypto_init() succeeded at least once
grep -q '^0:psa_crypto_init:' tests/statuses.log
rm -f tests/statuses.log
@@ -2163,6 +2166,19 @@
make memcheck
}
+component_test_tsan () {
+ msg "build: TSan (clang)"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_THREADING_C
+ scripts/config.py set MBEDTLS_THREADING_PTHREAD
+
+ CC=clang cmake -D CMAKE_BUILD_TYPE:String=TSan .
+ make
+
+ msg "test: main suites (TSan)"
+ make test
+}
+
component_test_default_no_deprecated () {
# Test that removing the deprecated features from the default
# configuration leaves something consistent.
@@ -2177,7 +2193,7 @@
component_test_full_no_deprecated () {
msg "build: make, full_no_deprecated config" # ~ 30s
scripts/config.py full_no_deprecated
- make CFLAGS='-O -Werror -Wall -Wextra'
+ make CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS
msg "test: make, full_no_deprecated config" # ~ 5s
make test
@@ -2194,7 +2210,7 @@
scripts/config.py full_no_deprecated
scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED
scripts/config.py set MBEDTLS_DEPRECATED_WARNING
- make CFLAGS='-O -Werror -Wall -Wextra'
+ make CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS
msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s
make test
@@ -2216,7 +2232,7 @@
# By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set.
# Expect warnings from '#warning' directives in check_config.h and
# from the use of deprecated functions in test suites.
- make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests
+ make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' $MAKE_THREADING_FLAGS tests
msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s
make test
@@ -2241,7 +2257,7 @@
component_build_crypto_full () {
msg "build: make, crypto only, full config"
scripts/config.py crypto_full
- make CFLAGS='-O1 -Werror'
+ make CFLAGS='-O1 -Werror' $MAKE_THREADING_FLAGS
are_empty_libraries library/libmbedx509.* library/libmbedtls.*
}
@@ -2301,73 +2317,73 @@
# depends.py family of tests
component_test_depends_py_cipher_id () {
msg "test/build: depends.py cipher_id (gcc)"
- tests/scripts/depends.py cipher_id --unset-use-psa
+ tests/scripts/depends.py cipher_id --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_chaining () {
msg "test/build: depends.py cipher_chaining (gcc)"
- tests/scripts/depends.py cipher_chaining --unset-use-psa
+ tests/scripts/depends.py cipher_chaining --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_padding () {
msg "test/build: depends.py cipher_padding (gcc)"
- tests/scripts/depends.py cipher_padding --unset-use-psa
+ tests/scripts/depends.py cipher_padding --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_curves () {
msg "test/build: depends.py curves (gcc)"
- tests/scripts/depends.py curves --unset-use-psa
+ tests/scripts/depends.py curves --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_hashes () {
msg "test/build: depends.py hashes (gcc)"
- tests/scripts/depends.py hashes --unset-use-psa
+ tests/scripts/depends.py hashes --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_kex () {
msg "test/build: depends.py kex (gcc)"
- tests/scripts/depends.py kex --unset-use-psa
+ tests/scripts/depends.py kex --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_pkalgs () {
msg "test/build: depends.py pkalgs (gcc)"
- tests/scripts/depends.py pkalgs --unset-use-psa
+ tests/scripts/depends.py pkalgs --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS"
}
# PSA equivalents of the depends.py tests
component_test_depends_py_cipher_id_psa () {
msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py cipher_id
+ tests/scripts/depends.py cipher_id --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_chaining_psa () {
msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py cipher_chaining
+ tests/scripts/depends.py cipher_chaining --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_cipher_padding_psa () {
msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py cipher_padding
+ tests/scripts/depends.py cipher_padding --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_curves_psa () {
msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py curves
+ tests/scripts/depends.py curves --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_hashes_psa () {
msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py hashes
+ tests/scripts/depends.py hashes --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_kex_psa () {
msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py kex
+ tests/scripts/depends.py kex --make-vars="$MAKE_THREADING_FLAGS"
}
component_test_depends_py_pkalgs_psa () {
msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined"
- tests/scripts/depends.py pkalgs
+ tests/scripts/depends.py pkalgs --make-vars="$MAKE_THREADING_FLAGS"
}
component_build_no_pk_rsa_alt_support () {
@@ -2379,7 +2395,7 @@
scripts/config.py set MBEDTLS_X509_CRT_WRITE_C
# Only compile - this is primarily to test for compile issues
- make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy'
+ make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' $MAKE_THREADING_FLAGS
}
component_build_module_alt () {
@@ -2593,7 +2609,7 @@
# Disable things that are not supported
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
- make
+ make $MAKE_THREADING_FLAGS
msg "test suites: full with non-accelerated FFDH alg"
make test
@@ -2632,7 +2648,7 @@
# -------------
msg "test: full with accelerated PAKE"
- make test
+ make $MAKE_THREADING_FLAGS test
}
component_test_psa_crypto_config_accel_ecc_some_key_types () {
@@ -2692,7 +2708,7 @@
# -------------
msg "test suites: full with accelerated EC algs and some key types"
- make test
+ make $MAKE_THREADING_FLAGS test
}
# Run tests with only (non-)Weierstrass accelerated
@@ -2891,7 +2907,7 @@
# -------------
msg "test suites: full with accelerated EC algs"
- make test
+ make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full with accelerated EC algs"
tests/ssl-opt.sh
@@ -2903,7 +2919,7 @@
config_psa_crypto_config_ecp_light_only 0
- make
+ make $MAKE_THREADING_FLAGS
msg "test suites: full with non-accelerated EC algs"
make test
@@ -2996,7 +3012,7 @@
# -------------
msg "test: full + accelerated EC algs - ECP"
- make test
+ make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full + accelerated EC algs - ECP"
tests/ssl-opt.sh
@@ -3010,7 +3026,7 @@
config_psa_crypto_no_ecp_at_all 0
- make
+ make $MAKE_THREADING_FLAGS
msg "test: full + non accelerated EC algs"
make test
@@ -3173,7 +3189,7 @@
msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM"
- make test
+ make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM"
tests/ssl-opt.sh
@@ -3204,7 +3220,7 @@
config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$test_target"
- make
+ make $MAKE_THREADING_FLAGS
msg "test suites: full + non accelerated EC algs + USE_PSA"
make test
@@ -3323,7 +3339,7 @@
scripts/config.py unset $sym
done
- make
+ make $MAKE_THREADING_FLAGS
msg "test: full minus something, test TLS"
( cd tests; ./test_suite_ssl )
@@ -3362,7 +3378,7 @@
# crypto_config.h so we just disable the one we don't want.
scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want"
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}"
make test
@@ -3428,7 +3444,7 @@
# -------------
msg "test: crypto_full with accelerated RSA"
- make test
+ make $MAKE_THREADING_FLAGS test
}
component_test_psa_crypto_config_reference_rsa_crypto () {
@@ -3440,7 +3456,7 @@
# Build
# -----
- make
+ make $MAKE_THREADING_FLAGS
# Run the tests
# -------------
@@ -3642,7 +3658,7 @@
config_psa_crypto_hash_use_psa 0
- make
+ make $MAKE_THREADING_FLAGS
msg "test: full without accelerated hashes"
make test
@@ -3807,7 +3823,7 @@
# -------------
msg "test: full config with accelerated cipher and AEAD"
- make test
+ make $MAKE_THREADING_FLAGS test
msg "ssl-opt: full config with accelerated cipher and AEAD"
tests/ssl-opt.sh
@@ -3820,7 +3836,7 @@
msg "build: full config with non-accelerated cipher and AEAD"
common_psa_crypto_config_accel_cipher_aead
- make
+ make $MAKE_THREADING_FLAGS
msg "test: full config with non-accelerated cipher and AEAD"
make test
@@ -3837,7 +3853,7 @@
scripts/config.py full
scripts/config.py unset MBEDTLS_CHACHAPOLY_C
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full minus CHACHAPOLY"
make test
@@ -3850,7 +3866,7 @@
scripts/config.py unset MBEDTLS_GCM_C
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full minus CHACHAPOLY and GCM"
make test
@@ -3881,7 +3897,7 @@
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test.
@@ -3891,7 +3907,7 @@
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test.
@@ -3904,7 +3920,7 @@
# Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it.
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
@@ -3923,7 +3939,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test.
@@ -3942,7 +3958,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test.
@@ -3961,7 +3977,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test.
@@ -3977,7 +3993,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test.
@@ -3993,7 +4009,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test.
@@ -4011,7 +4027,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test.
@@ -4030,7 +4046,7 @@
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4044,7 +4060,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4058,7 +4074,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4072,7 +4088,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4086,7 +4102,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4101,7 +4117,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
# This should be renamed to test and updated once the accelerator RSA code is in place and ready to test.
@@ -4113,7 +4129,7 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1
scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
}
@@ -4282,7 +4298,7 @@
# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
# to re-enable platform integration features otherwise disabled in C99 builds
make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' $MAKE_THREADING_FLAGS test
}
component_build_no_std_function () {
@@ -4300,14 +4316,14 @@
msg "build: full config except SSL server, make, gcc" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_SSL_SRV_C
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS
}
component_build_no_ssl_cli () {
msg "build: full config except SSL client, make, gcc" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_SSL_CLI_C
- make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
+ make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS
}
component_build_no_sockets () {
@@ -4482,7 +4498,7 @@
component_test_malloc_0_null () {
msg "build: malloc(0) returns NULL (ASan+UBSan build)"
scripts/config.py full
- make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: malloc(0) returns NULL (ASan+UBSan build)"
make test
@@ -5098,7 +5114,7 @@
loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
loc_cflags="${loc_cflags} -I../tests/include -O2"
- make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: full + test drivers dispatching to builtins"
make test
@@ -5125,7 +5141,7 @@
$cc --version
for opt in "$@"; do
msg "build/test: $cc $opt, $info" # ~ 30s
- make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror"
+ make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" $MAKE_THREADING_FLAGS
# We're confident enough in compilers to not run _all_ the tests,
# but at least run the unit tests. In particular, runs with
# optimizations use inline assembly whereas runs with -O0
@@ -5180,7 +5196,7 @@
msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s
scripts/config.py -w full_config.h full
echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H"
- make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'"
+ make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" $MAKE_THREADING_FLAGS
# Make sure this feature is enabled. We'll disable it in the next phase.
programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
make clean
@@ -5189,7 +5205,7 @@
# In the user config, disable one feature (for simplicity, pick a feature
# that nothing else depends on).
echo '#undef MBEDTLS_NIST_KW_C' >user_config.h
- make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'"
+ make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" $MAKE_THREADING_FLAGS
not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C
rm -f user_config.h full_config.h
@@ -5248,7 +5264,7 @@
scripts/config.py unset MBEDTLS_HAVE_ASM
scripts/config.py unset MBEDTLS_PADLOCK_C
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
- make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: i386, make, gcc, no asm (ASan build)"
make test
@@ -5266,7 +5282,7 @@
msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32
- make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS"
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS
msg "test: i386, make, gcc -O2 (ASan build)"
make test
@@ -5301,7 +5317,7 @@
component_test_mx32 () {
msg "build: 64-bit ILP32, make, gcc" # ~ 30s
scripts/config.py full
- make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mx32' LDFLAGS='-mx32'
+ make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' $MAKE_THREADING_FLAGS
msg "test: 64-bit ILP32, make, gcc"
make test
@@ -5365,7 +5381,7 @@
msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
scripts/config.py full
scripts/config.py set MBEDTLS_NO_UDBL_DIVISION
- make CFLAGS='-Werror -O1'
+ make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS
msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
make test
@@ -5375,7 +5391,7 @@
msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
scripts/config.py full
scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION
- make CFLAGS='-Werror -O1'
+ make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS
msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
make test
@@ -5389,7 +5405,7 @@
scripts/config.py unset MBEDTLS_ERROR_C
scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY
scripts/config.py unset MBEDTLS_VERSION_FEATURES
- make CFLAGS='-Werror -Os'
+ make CFLAGS='-Werror -Os' $MAKE_THREADING_FLAGS
msg "test: no strings" # ~ 10s
make test
@@ -5400,7 +5416,7 @@
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl set MBEDTLS_X509_REMOVE_INFO
- make CFLAGS='-Werror -O2'
+ make CFLAGS='-Werror -O2' $MAKE_THREADING_FLAGS
msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s
make test
@@ -6003,7 +6019,7 @@
scripts/config.py full
# Only compile - we're looking for sizeof-pointer-memaccess warnings
- make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
+ make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" $MAKE_THREADING_FLAGS
}
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index 1a84531..a7d5672 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -381,7 +381,7 @@
def __init__(self, options, conf):
"""Gather data about the library and establish a list of domains to test."""
- build_command = [options.make_command, 'CFLAGS=-Werror -O2']
+ build_command = [options.make_command] + options.make_vars.split(' ') + ['CFLAGS=-Werror -O2']
build_and_test = [build_command, [options.make_command, 'test']]
self.all_config_symbols = set(conf.settings.keys())
# Find hash modules by name.
@@ -526,6 +526,9 @@
parser.add_argument('--make-command', metavar='CMD',
help='Command to run instead of make (e.g. gmake)',
action='store', default='make')
+ parser.add_argument('--make-vars',
+ help='optional variable/value pairs to pass to make',
+ action='store', default='')
parser.add_argument('--unset-use-psa',
help='Unset MBEDTLS_USE_PSA_CRYPTO before any test',
action='store_true', dest='unset_use_psa')
diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py
index 11bbebc..6291d78 100755
--- a/tests/scripts/psa_collect_statuses.py
+++ b/tests/scripts/psa_collect_statuses.py
@@ -82,10 +82,15 @@
cwd='tests',
stdout=sys.stderr)
with open(os.devnull, 'w') as devnull:
- make_q_ret = subprocess.call(['make', '-q', 'lib', 'tests'],
- stdout=devnull, stderr=devnull)
+ build_command = ['make', '-q'] + options.make_vars.split(' ') + \
+ ['lib', 'tests']
+ make_q_ret = subprocess.call(build_command, stdout=devnull,
+ stderr=devnull)
+ print("blagh")
if make_q_ret != 0:
- subprocess.check_call(['make', 'RECORD_PSA_STATUS_COVERAGE_LOG=1'],
+ build_command = ['make'] + options.make_vars.split(' ') + \
+ ['RECORD_PSA_STATUS_COVERAGE_LOG=1']
+ subprocess.check_call(build_command,
stdout=sys.stderr)
rebuilt = True
subprocess.check_call(['make', 'test'],
@@ -112,6 +117,9 @@
help='Log file location (default: {})'.format(
DEFAULT_STATUS_LOG_FILE
))
+ parser.add_argument('--make-vars',
+ help='optional variable/value pairs to pass to make',
+ action='store', default='')
parser.add_argument('--psa-constant-names', metavar='PROGRAM',
default=DEFAULT_PSA_CONSTANT_NAMES,
help='Path to psa_constant_names (default: {})'.format(
diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data
index a72d8af..028a07f 100644
--- a/tests/suites/test_suite_ctr_drbg.data
+++ b/tests/suites/test_suite_ctr_drbg.data
@@ -1096,5 +1096,12 @@
CTR_DRBG Special Behaviours
ctr_drbg_special_behaviours:
+CTR_DRBG Threads: no reseed
+ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0:5
+
+CTR_DRBG Threads: reseed
+depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1:5
+
CTR_DRBG self test
ctr_drbg_selftest:
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index 066e70b..1f0a072 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -3,6 +3,10 @@
#include "mbedtls/ctr_drbg.h"
#include "string.h"
+#if defined(MBEDTLS_THREADING_PTHREAD)
+#include "mbedtls/threading.h"
+#endif
+
/* Modes for ctr_drbg_validate */
enum reseed_mode {
RESEED_NEVER, /* never reseed */
@@ -90,6 +94,19 @@
mbedtls_ctr_drbg_free(&ctx);
}
+static const int thread_random_reps = 10;
+void *thread_random_function(void *ctx)
+{
+ unsigned char out[16];
+ memset(out, 0, sizeof(out));
+
+ for (int i = 0; i < thread_random_reps; i++) {
+ TEST_EQUAL(mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context *) ctx, out, sizeof(out)), 0);
+ }
+
+exit:
+ return NULL;
+}
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -325,6 +342,79 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */
+void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count)
+{
+ size_t thread_count = (size_t) arg_thread_count;
+ pthread_t *threads = NULL;
+
+ unsigned char out[16];
+ unsigned char *entropy = NULL;
+
+ const size_t n_random_calls = thread_count * thread_random_reps + 1;
+
+ /* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */
+ const size_t entropy_len = 48;
+
+ AES_PSA_INIT();
+
+ TEST_CALLOC(threads, sizeof(pthread_t) * thread_count);
+ memset(out, 0, sizeof(out));
+
+ mbedtls_ctr_drbg_context ctx;
+ mbedtls_ctr_drbg_init(&ctx);
+
+ test_offset_idx = 0;
+
+ /* Need to do this, otherwise if we are forced into using SHA256 for
+ * whaever reason, output will differ. */
+ mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_len);
+
+ if (reseed == 0) {
+ mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF);
+ mbedtls_ctr_drbg_set_reseed_interval(&ctx, n_random_calls + 1);
+
+ TEST_CALLOC(entropy, entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN);
+ test_max_idx = entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
+ } else {
+ const size_t entropy_size = ((n_random_calls + 1) * entropy_len)
+ + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN;
+
+ mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON);
+
+ TEST_CALLOC(entropy, entropy_size);
+ test_max_idx = entropy_size;
+ }
+
+ TEST_EQUAL(
+ mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0),
+ 0);
+
+ for (size_t i = 0; i < thread_count; i++) {
+ TEST_EQUAL(
+ pthread_create(&threads[i], NULL,
+ thread_random_function, (void *) &ctx),
+ 0);
+ }
+
+ for (size_t i = 0; i < thread_count; i++) {
+ TEST_EQUAL(pthread_join(threads[i], NULL), 0);
+ }
+
+ /* Take a last output for comparing and thus verifying the DRBG state */
+ TEST_EQUAL(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)), 0);
+
+ TEST_MEMORY_COMPARE(out, sizeof(out), expected_result->x, expected_result->len);
+
+exit:
+ mbedtls_ctr_drbg_free(&ctx);
+ mbedtls_free(entropy);
+ mbedtls_free(threads);
+
+ AES_PSA_DONE();
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void ctr_drbg_seed_file(char *path, int ret)
{
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index e697491..af1e20c 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -621,62 +621,62 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C
pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
-PK Sign ext:RSA2048,PK_RSA,MD_SHA256
+PK sign ext: RSA2048, PK_RSA, MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
-PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256
+PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
-PK Sign ext:RSA2048,PK_RSA,MD_SHA384
+PK sign ext: RSA2048, PK_RSA, MD_SHA384
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
-PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384
+PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
-PK Sign ext:RSA2048,PK_RSA,MD_SHA512
+PK sign ext: RSA2048, PK_RSA, MD_SHA512
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
-PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512
+PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
-pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
+pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
-PK Sign ext:SECP256R1,PK_ECDSA,MD_SHA256
+PK sign ext: SECP256R1, PK_ECDSA, MD_SHA256
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256
-pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256
+pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256
-PK Sign ext:SECP384R1,PK_ECDSA,MD_SHA384
+PK sign ext: SECP384R1, PK_ECDSA, MD_SHA384
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA384
-pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384
+pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384
-PK Sign ext:SECP521R1,PK_ECDSA,MD_SHA512
+PK sign ext: SECP521R1, PK_ECDSA, MD_SHA512
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1:MBEDTLS_MD_CAN_SHA512
-pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512
+pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512
-PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA256
+PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA256
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256
-PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256
+PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256
-PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA384
+PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA384
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384
-PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384
+PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384
-PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA512
+PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA512
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512
-PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512
+PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512
depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C
pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index fa0b03b..226598c 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -84,25 +84,25 @@
/** Generate a key of the desired type.
*
- * \param pk The PK object to fill. It must have been initialized
- * with mbedtls_pk_setup().
- * \param parameter - For RSA keys, the key size in bits.
- * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
+ * \param pk The PK object to fill. It must have been initialized
+ * with mbedtls_pk_setup().
+ * \param curve_or_keybits - For RSA keys, the key size in bits.
+ * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx).
*
- * \return The status from the underlying type-specific key
- * generation function.
- * \return -1 if the key type is not recognized.
+ * \return The status from the underlying type-specific key
+ * generation function.
+ * \return -1 if the key type is not recognized.
*/
-static int pk_genkey(mbedtls_pk_context *pk, int parameter)
+static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits)
{
- ((void) pk);
- (void) parameter;
+ (void) pk;
+ (void) curve_or_keybits;
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) {
return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk),
mbedtls_test_rnd_std_rand, NULL,
- parameter, 3);
+ curve_or_keybits, 3);
}
#endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS)
@@ -112,7 +112,7 @@
int ret;
#if defined(MBEDTLS_ECP_C)
- ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, parameter);
+ ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, curve_or_keybits);
if (ret != 0) {
return ret;
}
@@ -123,7 +123,7 @@
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
- ret = pk_genkey_ec(pk, parameter);
+ ret = pk_genkey_ec(pk, curve_or_keybits);
if (ret != 0) {
return ret;
}
@@ -319,7 +319,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg,
- int key_alg2, int parameter, int alg_check, int usage_check,
+ int key_alg2, int curve_or_keybits, int alg_check, int usage_check,
int result)
{
mbedtls_pk_context pk;
@@ -336,7 +336,7 @@
psa_set_key_enrollment_algorithm(&attributes, key_alg2);
}
psa_set_key_type(&attributes, key_type);
- psa_set_key_bits(&attributes, parameter);
+ psa_set_key_bits(&attributes, curve_or_keybits);
PSA_ASSERT(psa_generate_key(&attributes, &key));
@@ -350,7 +350,7 @@
} else {
TEST_EQUAL(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(key_type)), 0);
- TEST_EQUAL(pk_genkey(&pk, parameter), 0);
+ TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0);
TEST_EQUAL(mbedtls_pk_get_type(&pk), key_type);
}
@@ -407,6 +407,16 @@
buf, buf_size, &buf_size,
NULL, NULL,
NULL));
+ TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+ mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_NONE,
+ NULL, buf_size,
+ buf, buf_size, &buf_size,
+ NULL, NULL));
+ TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA,
+ mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_SHA256,
+ NULL, 0,
+ buf, buf_size, &buf_size,
+ NULL, NULL));
exit:
mbedtls_pk_free(&ctx);
USE_PSA_DONE();
@@ -443,14 +453,6 @@
NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_pk_sign_restartable(&pk,
- MBEDTLS_MD_NONE,
- NULL, 0,
- buf, sizeof(buf), &len,
- mbedtls_test_rnd_std_rand, NULL,
- NULL) ==
- MBEDTLS_ERR_PK_BAD_INPUT_DATA);
-
TEST_ASSERT(mbedtls_pk_sign(&pk,
MBEDTLS_MD_NONE,
NULL, 0,
@@ -458,6 +460,13 @@
mbedtls_test_rnd_std_rand, NULL) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+ TEST_ASSERT(mbedtls_pk_sign_ext(MBEDTLS_PK_NONE, &pk,
+ MBEDTLS_MD_NONE,
+ NULL, 0,
+ buf, sizeof(buf), &len,
+ mbedtls_test_rnd_std_rand, NULL) ==
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+
TEST_ASSERT(mbedtls_pk_verify_restartable(&pk,
MBEDTLS_MD_NONE,
NULL, 0,
@@ -536,7 +545,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void pk_utils(int type, int parameter, int bitlen, int len, char *name)
+void pk_utils(int type, int curve_or_keybits, int bitlen, int len, char *name)
{
mbedtls_pk_context pk;
@@ -544,7 +553,7 @@
USE_PSA_INIT();
TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
- TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
+ TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0);
TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type);
TEST_ASSERT(mbedtls_pk_can_do(&pk, type));
@@ -848,7 +857,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */
-void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret)
+void pk_sign_verify(int type, int curve_or_keybits, int sign_ret, int verify_ret)
{
mbedtls_pk_context pk;
size_t sig_len;
@@ -874,7 +883,7 @@
memset(sig, 0, sizeof(sig));
TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0);
- TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
+ TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0);
TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256,
hash, hash_len,
@@ -1175,22 +1184,31 @@
memset(hash, 0x2a, sizeof(hash));
memset(sig, 0, sizeof(sig));
- TEST_ASSERT(mbedtls_pk_setup(&pk,
- mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
+ TEST_EQUAL(mbedtls_pk_setup(&pk,
+ mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)), 0);
#if defined(MBEDTLS_PKCS1_V21)
- TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
- MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) ==
- MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
+ MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
#endif /* MBEDTLS_PKCS1_V21 */
- TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len,
- sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+ TEST_EQUAL(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len,
+ sig, sig_len),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
- TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len,
- sig, sizeof(sig), &sig_len,
- mbedtls_test_rnd_std_rand, NULL)
- == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#if defined(MBEDTLS_PKCS1_V21)
+ TEST_EQUAL(mbedtls_pk_sign_ext(MBEDTLS_PK_RSASSA_PSS, &pk,
+ MBEDTLS_MD_NONE, hash, hash_len,
+ sig, sizeof(sig), &sig_len,
+ mbedtls_test_rnd_std_rand, NULL),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#endif /* MBEDTLS_PKCS1_V21 */
+
+ TEST_EQUAL(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len,
+ sig, sizeof(sig), &sig_len,
+ mbedtls_test_rnd_std_rand, NULL),
+ MBEDTLS_ERR_PK_BAD_INPUT_DATA);
exit:
mbedtls_pk_free(&pk);
@@ -1286,8 +1304,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
-void pk_psa_sign(int parameter_arg,
- int psa_type_arg, int expected_bits_arg)
+void pk_psa_sign(int curve_or_keybits, int psa_type, int expected_bits)
{
mbedtls_pk_context pk;
unsigned char hash[32];
@@ -1300,8 +1317,6 @@
int ret;
mbedtls_svc_key_id_t key_id;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_type_t expected_type = psa_type_arg;
- size_t expected_bits = expected_bits_arg;
/*
* This tests making signatures with a wrapped PSA key:
@@ -1315,19 +1330,19 @@
USE_PSA_INIT();
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
- if (PSA_KEY_TYPE_IS_RSA(psa_type_arg)) {
+ if (PSA_KEY_TYPE_IS_RSA(psa_type)) {
/* Create legacy RSA public/private key in PK context. */
TEST_ASSERT(mbedtls_pk_setup(&pk,
mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk),
mbedtls_test_rnd_std_rand, NULL,
- parameter_arg, 3) == 0);
+ curve_or_keybits, 3) == 0);
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256);
} else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
- if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) {
- mbedtls_ecp_group_id grpid = parameter_arg;
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
+ mbedtls_ecp_group_id grpid = curve_or_keybits;
/* Create legacy EC public/private key in PK context. */
TEST_ASSERT(mbedtls_pk_setup(&pk,
@@ -1338,7 +1353,7 @@
} else
#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
{
- (void) parameter_arg;
+ (void) curve_or_keybits;
TEST_ASSUME(!"Opaque PK key not supported in this configuration");
}
@@ -1366,8 +1381,8 @@
PSA_ALG_NONE) == 0);
PSA_ASSERT(psa_get_key_attributes(key_id, &attributes));
- TEST_EQUAL(psa_get_key_type(&attributes), expected_type);
- TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits);
+ TEST_EQUAL(psa_get_key_type(&attributes), (psa_key_type_t) psa_type);
+ TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits);
TEST_EQUAL(psa_get_key_lifetime(&attributes),
PSA_KEY_LIFETIME_VOLATILE);
@@ -1378,7 +1393,7 @@
hash, sizeof(hash), sig, sizeof(sig), &sig_len,
NULL, NULL) == 0);
/* Only opaque EC keys support verification. */
- if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) {
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) {
TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
hash, sizeof(hash), sig, sig_len) == 0);
}
@@ -1420,7 +1435,7 @@
mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0);
TEST_EQUAL(mbedtls_ecp_group_load(
&(mbedtls_pk_ec_rw(pk)->grp),
- (mbedtls_ecp_group_id) parameter_arg), 0);
+ (mbedtls_ecp_group_id) curve_or_keybits), 0);
TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp),
&(mbedtls_pk_ec_rw(pk)->Q),
pkey_legacy_start, klen_legacy), 0);
@@ -1440,14 +1455,13 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_GENPRIME */
-void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg)
+/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */
+void pk_sign_ext(int pk_type, int curve_or_keybits, int key_pk_type, int md_alg)
{
- /* See the description of pk_genkey() for the description of the `parameter` argument. */
mbedtls_pk_context pk;
size_t sig_len;
unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
- unsigned char hash[PSA_HASH_MAX_SIZE];
+ unsigned char hash[MBEDTLS_MD_MAX_SIZE];
size_t hash_len = mbedtls_md_get_size_from_type(md_alg);
void const *options = NULL;
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
@@ -1455,16 +1469,15 @@
memset(sig, 0, sizeof(sig));
mbedtls_pk_init(&pk);
- PSA_INIT();
+ MD_OR_USE_PSA_INIT();
- TEST_ASSERT(mbedtls_pk_setup(&pk,
- mbedtls_pk_info_from_type(pk_type)) == 0);
+ TEST_EQUAL(mbedtls_pk_setup(&pk,
+ mbedtls_pk_info_from_type(pk_type)), 0);
+ TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0);
- TEST_ASSERT(pk_genkey(&pk, parameter) == 0);
-
- TEST_ASSERT(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len,
- sig, sizeof(sig), &sig_len,
- mbedtls_test_rnd_std_rand, NULL) == 0);
+ TEST_EQUAL(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len,
+ sig, sizeof(sig), &sig_len,
+ mbedtls_test_rnd_std_rand, NULL), 0);
if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) {
rsassa_pss_options.mgf1_hash_id = md_alg;
@@ -1472,18 +1485,17 @@
rsassa_pss_options.expected_salt_len = hash_len;
options = (const void *) &rsassa_pss_options;
}
- TEST_ASSERT(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg,
- hash, hash_len, sig, sig_len) == 0);
+ TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg,
+ hash, hash_len, sig, sig_len), 0);
exit:
mbedtls_pk_free(&pk);
- PSA_DONE();
+ MD_OR_USE_PSA_DONE();
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_USE_PSA_CRYPTO */
-void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg)
+void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg)
{
- /* See the description of mbedtls_rsa_gen_key() for the description of the `parameter` argument. */
mbedtls_pk_context pk;
size_t sig_len, pkey_len;
mbedtls_svc_key_id_t key_id;
@@ -1507,7 +1519,7 @@
mbedtls_pk_info_from_type(pk_type)), 0);
TEST_EQUAL(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk),
mbedtls_test_rnd_std_rand, NULL,
- parameter, 3), 0);
+ key_bits, 3), 0);
/* Export underlying public key for re-importing in a legacy context. */
ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey));