Adjust depends.py to the 2.28 branch
SHA224 and SHA384 does not exist.
ARC4 and BLOWFISH requirements had to be added.
Changed mbedtls_config.h to config.h
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index c6e0396..ef7dac3 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -22,7 +22,7 @@
This script can be divided into several steps:
-First, include/mbedtls/mbedtls_config.h or a different config file passed
+First, include/mbedtls/config.h or a different config file passed
in the arguments is parsed to extract any configuration options (collect_config_symbols).
Then, test domains (groups of jobs, tests) are built based on predefined data
@@ -43,18 +43,6 @@
any non-standard symbols to set/unset in EXCLUSIVE_GROUPS. These are usually not
direct dependencies, but rather non-trivial results of other configs missing. Then
look for any unset symbols and handle their reverse dependencies.
- Examples of EXCLUSIVE_GROUPS usage:
- - MBEDTLS_SHA256 job turns off all hashes except SHA256, however, when investigating
- reverse dependencies, SHA224 is found to depend on SHA256, so it is disabled,
- and then SHA256 is found to depend on SHA224, so it is also disabled. To handle
- this, there's a field in EXCLUSIVE_GROUPS that states that in a SHA256 test SHA224
- should also be enabled before processing reverse dependencies:
- 'MBEDTLS_SHA256_C': ['+MBEDTLS_SHA224_C']
- - MBEDTLS_SHA512_C job turns off all hashes except SHA512. MBEDTLS_SSL_COOKIE_C
- requires either SHA256 or SHA384 to work, so it also has to be disabled.
- This is not a dependency on SHA512_C, but a result of an exclusive domain
- config building method. Relevant field:
- 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C'],
- DualDomain - combination of the two above - both complementary and exclusive domain
job generation code will be run. Currently only used for hashes.
@@ -113,7 +101,7 @@
log_line(' '.join(cmd), prefix='+')
def backup_config(options):
- """Back up the library configuration file (mbedtls_config.h).
+ """Back up the library configuration file (config.h).
If the backup file already exists, it is presumed to be the desired backup,
so don't make another backup."""
if os.path.exists(options.config_backup):
@@ -123,7 +111,7 @@
shutil.copy(options.config, options.config_backup)
def restore_config(options):
- """Restore the library configuration file (mbedtls_config.h).
+ """Restore the library configuration file (config.h).
Remove the backup file if it was saved earlier."""
if options.own_backup:
shutil.move(options.config_backup, options.config)
@@ -133,14 +121,14 @@
def run_config_py(options, args):
"""Run scripts/config.py with the specified arguments."""
cmd = ['scripts/config.py']
- if options.config != 'include/mbedtls/mbedtls_config.h':
+ if options.config != 'include/mbedtls/config.h':
cmd += ['--file', options.config]
cmd += args
log_command(cmd)
subprocess.check_call(cmd)
def set_reference_config(options):
- """Change the library configuration file (mbedtls_config.h) to the reference state.
+ """Change the library configuration file (config.h) to the reference state.
The reference state is the one from which the tested configurations are
derived."""
# Turn off options that are not relevant to the tests and slow them down.
@@ -148,7 +136,7 @@
run_config_py(options, ['unset', 'MBEDTLS_TEST_HOOKS'])
def collect_config_symbols(options):
- """Read the list of settings from mbedtls_config.h.
+ """Read the list of settings from config.h.
Return them in a generator."""
with open(options.config, encoding="utf-8") as config_file:
rx = re.compile(r'\s*(?://\s*)?#define\s+(\w+)\s*(?:$|/[/*])')
@@ -261,17 +249,10 @@
'MBEDTLS_SHA1_C': SSL_PRE_1_2_DEPENDENCIES,
'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
'MBEDTLS_ENTROPY_FORCE_SHA256',
- 'MBEDTLS_SHA224_C',
'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT',
'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'],
- 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA384_C',
- 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
+ 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT',
'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'],
- 'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
- 'MBEDTLS_ENTROPY_FORCE_SHA256',
- 'MBEDTLS_SHA256_C',
- 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT',
- 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'],
'MBEDTLS_X509_RSASSA_PSS_SUPPORT': []
}
@@ -279,10 +260,7 @@
# These are not necessarily dependencies, but just minimal required changes
# if a given define is the only one enabled from an exclusive group.
EXCLUSIVE_GROUPS = {
- 'MBEDTLS_SHA256_C': ['+MBEDTLS_SHA224_C'],
- 'MBEDTLS_SHA384_C': ['+MBEDTLS_SHA512_C'],
- 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C',
- '-MBEDTLS_SSL_PROTO_TLS1_3'],
+ 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL'],
'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
'-MBEDTLS_ECDSA_DETERMINISTIC',
'-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
@@ -296,6 +274,16 @@
'-MBEDTLS_ECJPAKE_C',
'-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
'MBEDTLS_ARIA_C': ['-MBEDTLS_CMAC_C'],
+ 'MBEDTLS_ARC4_C': ['-MBEDTLS_CMAC_C',
+ '-MBEDTLS_CCM_C',
+ '-MBEDTLS_SSL_TICKET_C',
+ '-MBEDTLS_SSL_CONTEXT_SERIALIZATION',
+ '-MBEDTLS_GCM_C'],
+ 'MBEDTLS_BLOWFISH_C': ['-MBEDTLS_CMAC_C',
+ '-MBEDTLS_CCM_C',
+ '-MBEDTLS_SSL_TICKET_C',
+ '-MBEDTLS_SSL_CONTEXT_SERIALIZATION',
+ '-MBEDTLS_GCM_C'],
'MBEDTLS_CAMELLIA_C': ['-MBEDTLS_CMAC_C'],
'MBEDTLS_CHACHA20_C': ['-MBEDTLS_CMAC_C', '-MBEDTLS_CCM_C', '-MBEDTLS_GCM_C'],
'MBEDTLS_DES_C': ['-MBEDTLS_CCM_C',
@@ -391,7 +379,7 @@
class DomainData:
"""A container for domains and jobs, used to structurize testing."""
def config_symbols_matching(self, regexp):
- """List the mbedtls_config.h settings matching regexp."""
+ """List the config.h settings matching regexp."""
return [symbol for symbol in self.all_config_symbols
if re.match(regexp, symbol)]
@@ -408,7 +396,7 @@
key_exchange_symbols = self.config_symbols_matching(r'MBEDTLS_KEY_EXCHANGE_\w+_ENABLED\Z')
# Find cipher IDs (block permutations and stream ciphers --- chaining
# and padding modes are exercised separately) information by parsing
- # cipher.h, as the information is not readily available in mbedtls_config.h.
+ # cipher.h, as the information is not readily available in config.h.
cipher_info = CipherInfo()
# Find block cipher chaining and padding mode enabling macros by name.
cipher_chaining_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_MODE_\w+\Z')
@@ -423,15 +411,9 @@
build_and_test),
# Elliptic curves. Run the test suites.
'curves': ExclusiveDomain(curve_symbols, build_and_test),
- # Hash algorithms. Exclude three groups:
- # - Exclusive domain of MD, RIPEMD, SHA1 (obsolete);
- # - Exclusive domain of SHA224 (tested with and depends on SHA256);
- # - Complementary domain of SHA224 and SHA384 - tested with and depend
- # on SHA256 and SHA512, respectively.
+ # Hash algorithms. Exclude exclusive domain of MD, RIPEMD, SHA1 (obsolete)
'hashes': DualDomain(hash_symbols, build_and_test,
- exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)' \
- '|MBEDTLS_SHA224_'\
- '|!MBEDTLS_(SHA224_|SHA384_)'),
+ exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)'),
# Key exchange types. Only build the library and the sample
# programs.
'kex': ExclusiveDomain(key_exchange_symbols,
@@ -522,7 +504,7 @@
choices=['always', 'auto', 'never'], default='auto')
parser.add_argument('-c', '--config', metavar='FILE',
help='Configuration file to modify',
- default='include/mbedtls/mbedtls_config.h')
+ default='include/mbedtls/config.h')
parser.add_argument('-C', '--directory', metavar='DIR',
help='Change to this directory before anything else',
default='.')