Merge remote-tracking branch 'tls/development' into development
Resolve merge conflicts by performing the following actions:
- Reject changes to deleted files.
- Reject changes to generate_errors.pl and generate_visualc_files.pl.
Don't add an 'include-crypto' option which would attempt to use the
non-existent crypto submodule.
- list-identifiers.sh had the `--internal` option added to it, which
lists identifiers only in internal headers. Add PSA-specific internal
headers to list-identifiers.sh.
* origin/development: (40 commits)
Document the scripts behaviour further
Use check_output instead of Popen
all.sh: Require i686-w64-mingw32-gcc version >= 6
generate_visualc_files.pl: add mbedtls source shadowing by crypto
generate_errors.pl: refactor and simplify the code
Start unused variable with underscore
Correct documentation
generate_errors.pl: typo fix
revert changes to generate_features.pl and generate_query_config.pl
Check that the report directory is a directory
Use namespaces instead of full classes
Fix pylint issues
Don't put abi dumps in subfolders
Add verbose switch to silence all output except the final report
Fetch the remote crypto branch, rather than cloning it
Prefix internal functions with underscore
Add RepoVersion class to make handling of many arguments easier
Reduce indentation levels
Improve documentation
Use optional arguments for setting repositories
...
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index dc81782..8aa01b4 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -33,11 +33,12 @@
#include "asn1.h"
#define MBEDTLS_ASN1_CHK_ADD(g, f) \
- do { \
- if( ( ret = f ) < 0 ) \
+ do \
+ { \
+ if( ( ret = (f) ) < 0 ) \
return( ret ); \
else \
- g += ret; \
+ (g) += ret; \
} while( 0 )
#ifdef __cplusplus
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index c4d7686..a04a145 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -46,7 +46,12 @@
#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */
-#define MBEDTLS_MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 )
+#define MBEDTLS_MPI_CHK(f) \
+ do \
+ { \
+ if( ( ret = (f) ) != 0 ) \
+ goto cleanup; \
+ } while( 0 )
/*
* Maximum size MPIs are allowed to grow to in number of limbs.
diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h
index f05b72b..721a5d4 100644
--- a/include/mbedtls/padlock.h
+++ b/include/mbedtls/padlock.h
@@ -59,7 +59,7 @@
#define MBEDTLS_PADLOCK_PHE 0x0C00
#define MBEDTLS_PADLOCK_PMM 0x3000
-#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15))
+#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) (x) & ~15))
#ifdef __cplusplus
extern "C" {
diff --git a/library/aes.c b/library/aes.c
index 0543cd7..aff0a99 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -395,9 +395,9 @@
/*
* Tables generation code
*/
-#define ROTL8(x) ( ( x << 8 ) & 0xFFFFFFFF ) | ( x >> 24 )
-#define XTIME(x) ( ( x << 1 ) ^ ( ( x & 0x80 ) ? 0x1B : 0x00 ) )
-#define MUL(x,y) ( ( x && y ) ? pow[(log[x]+log[y]) % 255] : 0 )
+#define ROTL8(x) ( ( (x) << 8 ) & 0xFFFFFFFF ) | ( (x) >> 24 )
+#define XTIME(x) ( ( (x) << 1 ) ^ ( ( (x) & 0x80 ) ? 0x1B : 0x00 ) )
+#define MUL(x,y) ( ( (x) && (y) ) ? pow[(log[(x)]+log[(y)]) % 255] : 0 )
static int aes_init_done = 0;
@@ -815,51 +815,53 @@
#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
-#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
-{ \
- X0 = *RK++ ^ AES_FT0( ( Y0 ) & 0xFF ) ^ \
- AES_FT1( ( Y1 >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( Y2 >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( Y3 >> 24 ) & 0xFF ); \
- \
- X1 = *RK++ ^ AES_FT0( ( Y1 ) & 0xFF ) ^ \
- AES_FT1( ( Y2 >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( Y3 >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( Y0 >> 24 ) & 0xFF ); \
- \
- X2 = *RK++ ^ AES_FT0( ( Y2 ) & 0xFF ) ^ \
- AES_FT1( ( Y3 >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( Y0 >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( Y1 >> 24 ) & 0xFF ); \
- \
- X3 = *RK++ ^ AES_FT0( ( Y3 ) & 0xFF ) ^ \
- AES_FT1( ( Y0 >> 8 ) & 0xFF ) ^ \
- AES_FT2( ( Y1 >> 16 ) & 0xFF ) ^ \
- AES_FT3( ( Y2 >> 24 ) & 0xFF ); \
-}
+#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
+ do \
+ { \
+ (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \
+ AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \
+ AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \
+ AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \
+ \
+ (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \
+ AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \
+ AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \
+ AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \
+ \
+ (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \
+ AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \
+ AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \
+ AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \
+ \
+ (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \
+ AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \
+ AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \
+ AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \
+ } while( 0 )
-#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
-{ \
- X0 = *RK++ ^ AES_RT0( ( Y0 ) & 0xFF ) ^ \
- AES_RT1( ( Y3 >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( Y2 >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( Y1 >> 24 ) & 0xFF ); \
- \
- X1 = *RK++ ^ AES_RT0( ( Y1 ) & 0xFF ) ^ \
- AES_RT1( ( Y0 >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( Y3 >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( Y2 >> 24 ) & 0xFF ); \
- \
- X2 = *RK++ ^ AES_RT0( ( Y2 ) & 0xFF ) ^ \
- AES_RT1( ( Y1 >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( Y0 >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( Y3 >> 24 ) & 0xFF ); \
- \
- X3 = *RK++ ^ AES_RT0( ( Y3 ) & 0xFF ) ^ \
- AES_RT1( ( Y2 >> 8 ) & 0xFF ) ^ \
- AES_RT2( ( Y1 >> 16 ) & 0xFF ) ^ \
- AES_RT3( ( Y0 >> 24 ) & 0xFF ); \
-}
+#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
+ do \
+ { \
+ (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \
+ AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \
+ AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \
+ AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \
+ \
+ (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \
+ AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \
+ AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \
+ AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \
+ \
+ (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \
+ AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \
+ AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \
+ AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \
+ \
+ (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \
+ AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \
+ AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \
+ AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \
+ } while( 0 )
/*
* AES-ECB block encryption
diff --git a/library/ccm.c b/library/ccm.c
index 2c87b3e..a7e360e 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -135,11 +135,17 @@
* This avoids allocating one more 16 bytes buffer while allowing src == dst.
*/
#define CTR_CRYPT( dst, src, len ) \
- if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \
- return( ret ); \
- \
- for( i = 0; i < len; i++ ) \
- dst[i] = src[i] ^ b[i];
+ do \
+ { \
+ if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, \
+ 16, b, &olen ) ) != 0 ) \
+ { \
+ return( ret ); \
+ } \
+ \
+ for( i = 0; i < (len); i++ ) \
+ (dst)[i] = (src)[i] ^ b[i]; \
+ } while( 0 )
/*
* Authenticated encryption or decryption
diff --git a/library/chacha20.c b/library/chacha20.c
index 0757163..8a3610f 100644
--- a/library/chacha20.c
+++ b/library/chacha20.c
@@ -60,14 +60,14 @@
MBEDTLS_INTERNAL_VALIDATE( cond )
#define BYTES_TO_U32_LE( data, offset ) \
- ( (uint32_t) data[offset] \
- | (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \
- | (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \
- | (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \
+ ( (uint32_t) (data)[offset] \
+ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \
+ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \
+ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \
)
#define ROTL32( value, amount ) \
- ( (uint32_t) ( value << amount ) | ( value >> ( 32 - amount ) ) )
+ ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) )
#define CHACHA20_CTR_INDEX ( 12U )
diff --git a/library/des.c b/library/des.c
index ca9e071..8a33d82 100644
--- a/library/des.c
+++ b/library/des.c
@@ -257,50 +257,57 @@
/*
* Initial Permutation macro
*/
-#define DES_IP(X,Y) \
-{ \
- T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \
- T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \
- T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \
- T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \
- Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF; \
- T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T; \
- X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF; \
-}
+#define DES_IP(X,Y) \
+ do \
+ { \
+ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \
+ T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
+ T = (((Y) >> 2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T << 2); \
+ T = (((Y) >> 8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T << 8); \
+ (Y) = (((Y) << 1) | ((Y) >> 31)) & 0xFFFFFFFF; \
+ T = ((X) ^ (Y)) & 0xAAAAAAAA; (Y) ^= T; (X) ^= T; \
+ (X) = (((X) << 1) | ((X) >> 31)) & 0xFFFFFFFF; \
+ } while( 0 )
/*
* Final Permutation macro
*/
-#define DES_FP(X,Y) \
-{ \
- X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF; \
- T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T; \
- Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF; \
- T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \
- T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \
- T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \
- T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \
-}
+#define DES_FP(X,Y) \
+ do \
+ { \
+ (X) = (((X) << 31) | ((X) >> 1)) & 0xFFFFFFFF; \
+ T = ((X) ^ (Y)) & 0xAAAAAAAA; (X) ^= T; (Y) ^= T; \
+ (Y) = (((Y) << 31) | ((Y) >> 1)) & 0xFFFFFFFF; \
+ T = (((Y) >> 8) ^ (X)) & 0x00FF00FF; (X) ^= T; (Y) ^= (T << 8); \
+ T = (((Y) >> 2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T << 2); \
+ T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \
+ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \
+ } while( 0 )
/*
* DES round macro
*/
-#define DES_ROUND(X,Y) \
-{ \
- T = *SK++ ^ X; \
- Y ^= SB8[ (T ) & 0x3F ] ^ \
- SB6[ (T >> 8) & 0x3F ] ^ \
- SB4[ (T >> 16) & 0x3F ] ^ \
- SB2[ (T >> 24) & 0x3F ]; \
- \
- T = *SK++ ^ ((X << 28) | (X >> 4)); \
- Y ^= SB7[ (T ) & 0x3F ] ^ \
- SB5[ (T >> 8) & 0x3F ] ^ \
- SB3[ (T >> 16) & 0x3F ] ^ \
- SB1[ (T >> 24) & 0x3F ]; \
-}
+#define DES_ROUND(X,Y) \
+ do \
+ { \
+ T = *SK++ ^ (X); \
+ (Y) ^= SB8[ (T ) & 0x3F ] ^ \
+ SB6[ (T >> 8) & 0x3F ] ^ \
+ SB4[ (T >> 16) & 0x3F ] ^ \
+ SB2[ (T >> 24) & 0x3F ]; \
+ \
+ T = *SK++ ^ (((X) << 28) | ((X) >> 4)); \
+ (Y) ^= SB7[ (T ) & 0x3F ] ^ \
+ SB5[ (T >> 8) & 0x3F ] ^ \
+ SB3[ (T >> 16) & 0x3F ] ^ \
+ SB1[ (T >> 24) & 0x3F ]; \
+ } while( 0 )
-#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
+#define SWAP(a,b) \
+ do \
+ { \
+ uint32_t t = (a); (a) = (b); (b) = t; t = 0; \
+ } while( 0 )
void mbedtls_des_init( mbedtls_des_context *ctx )
{
diff --git a/library/ecp.c b/library/ecp.c
index e8df2fd..03f5fef 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -1073,25 +1073,29 @@
#define INC_MUL_COUNT
#endif
-#define MOD_MUL( N ) do { MBEDTLS_MPI_CHK( ecp_modp( &N, grp ) ); INC_MUL_COUNT } \
- while( 0 )
+#define MOD_MUL( N ) \
+ do \
+ { \
+ MBEDTLS_MPI_CHK( ecp_modp( &(N), grp ) ); \
+ INC_MUL_COUNT \
+ } while( 0 )
/*
* Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi
* N->s < 0 is a very fast test, which fails only if N is 0
*/
-#define MOD_SUB( N ) \
- while( N.s < 0 && mbedtls_mpi_cmp_int( &N, 0 ) != 0 ) \
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &N, &N, &grp->P ) )
+#define MOD_SUB( N ) \
+ while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 ) \
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) )
/*
* Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
* We known P, N and the result are positive, so sub_abs is correct, and
* a bit faster.
*/
-#define MOD_ADD( N ) \
- while( mbedtls_mpi_cmp_mpi( &N, &grp->P ) >= 0 ) \
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &N, &N, &grp->P ) )
+#define MOD_ADD( N ) \
+ while( mbedtls_mpi_cmp_mpi( &(N), &grp->P ) >= 0 ) \
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &(N), &(N), &grp->P ) )
#if defined(ECP_SHORTWEIERSTRASS)
/*
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index 731621d..282481d 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -51,11 +51,11 @@
*/
#if defined(MBEDTLS_HAVE_INT32)
-#define BYTES_TO_T_UINT_4( a, b, c, d ) \
- ( (mbedtls_mpi_uint) a << 0 ) | \
- ( (mbedtls_mpi_uint) b << 8 ) | \
- ( (mbedtls_mpi_uint) c << 16 ) | \
- ( (mbedtls_mpi_uint) d << 24 )
+#define BYTES_TO_T_UINT_4( a, b, c, d ) \
+ ( (mbedtls_mpi_uint) (a) << 0 ) | \
+ ( (mbedtls_mpi_uint) (b) << 8 ) | \
+ ( (mbedtls_mpi_uint) (c) << 16 ) | \
+ ( (mbedtls_mpi_uint) (d) << 24 )
#define BYTES_TO_T_UINT_2( a, b ) \
BYTES_TO_T_UINT_4( a, b, 0, 0 )
@@ -67,14 +67,14 @@
#else /* 64-bits */
#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
- ( (mbedtls_mpi_uint) a << 0 ) | \
- ( (mbedtls_mpi_uint) b << 8 ) | \
- ( (mbedtls_mpi_uint) c << 16 ) | \
- ( (mbedtls_mpi_uint) d << 24 ) | \
- ( (mbedtls_mpi_uint) e << 32 ) | \
- ( (mbedtls_mpi_uint) f << 40 ) | \
- ( (mbedtls_mpi_uint) g << 48 ) | \
- ( (mbedtls_mpi_uint) h << 56 )
+ ( (mbedtls_mpi_uint) (a) << 0 ) | \
+ ( (mbedtls_mpi_uint) (b) << 8 ) | \
+ ( (mbedtls_mpi_uint) (c) << 16 ) | \
+ ( (mbedtls_mpi_uint) (d) << 24 ) | \
+ ( (mbedtls_mpi_uint) (e) << 32 ) | \
+ ( (mbedtls_mpi_uint) (f) << 40 ) | \
+ ( (mbedtls_mpi_uint) (g) << 48 ) | \
+ ( (mbedtls_mpi_uint) (h) << 56 )
#define BYTES_TO_T_UINT_4( a, b, c, d ) \
BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
@@ -890,7 +890,7 @@
}
#define WIDTH 8 / sizeof( mbedtls_mpi_uint )
-#define A( i ) N->p + i * WIDTH
+#define A( i ) N->p + (i) * WIDTH
#define ADD( i ) add64( p, A( i ), &c )
#define NEXT p += WIDTH; carry64( p, &c )
#define LAST p += WIDTH; *p = c; while( ++p < end ) *p = 0
@@ -955,7 +955,8 @@
#else /* 64-bit */
#define MAX32 N->n * 2
-#define A( j ) j % 2 ? (uint32_t)( N->p[j/2] >> 32 ) : (uint32_t)( N->p[j/2] )
+#define A( j ) (j) % 2 ? (uint32_t)( N->p[(j)/2] >> 32 ) : \
+ (uint32_t)( N->p[(j)/2] )
#define STORE32 \
if( i % 2 ) { \
N->p[i/2] &= 0x00000000FFFFFFFF; \
@@ -989,20 +990,21 @@
* Helpers for the main 'loop'
* (see fix_negative for the motivation of C)
*/
-#define INIT( b ) \
- int ret; \
- signed char c = 0, cc; \
- uint32_t cur; \
- size_t i = 0, bits = b; \
- mbedtls_mpi C; \
- mbedtls_mpi_uint Cp[ b / 8 / sizeof( mbedtls_mpi_uint) + 1 ]; \
- \
- C.s = 1; \
- C.n = b / 8 / sizeof( mbedtls_mpi_uint) + 1; \
- C.p = Cp; \
- memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \
- \
- MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, b * 2 / 8 / sizeof( mbedtls_mpi_uint ) ) ); \
+#define INIT( b ) \
+ int ret; \
+ signed char c = 0, cc; \
+ uint32_t cur; \
+ size_t i = 0, bits = (b); \
+ mbedtls_mpi C; \
+ mbedtls_mpi_uint Cp[ (b) / 8 / sizeof( mbedtls_mpi_uint) + 1 ]; \
+ \
+ C.s = 1; \
+ C.n = (b) / 8 / sizeof( mbedtls_mpi_uint) + 1; \
+ C.p = Cp; \
+ memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \
+ \
+ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, (b) * 2 / 8 / \
+ sizeof( mbedtls_mpi_uint ) ) ); \
LOAD32;
#define NEXT \
diff --git a/library/havege.c b/library/havege.c
index 4dcac02..54f897c 100644
--- a/library/havege.c
+++ b/library/havege.c
@@ -54,7 +54,7 @@
* ------------------------------------------------------------------------
*/
-#define SWAP(X,Y) { int *T = X; X = Y; Y = T; }
+#define SWAP(X,Y) { int *T = (X); (X) = (Y); (Y) = T; }
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
diff --git a/library/md4.c b/library/md4.c
index 3f8ddff..828fd42 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -137,15 +137,21 @@
GET_UINT32_LE( X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 );
-#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
A = ctx->state[0];
B = ctx->state[1];
C = ctx->state[2];
D = ctx->state[3];
-#define F(x, y, z) ((x & y) | ((~x) & z))
-#define P(a,b,c,d,x,s) { a += F(b,c,d) + x; a = S(a,s); }
+#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
+#define P(a,b,c,d,x,s) \
+ do \
+ { \
+ (a) += F((b),(c),(d)) + (x); \
+ (a) = S((a),(s)); \
+ } while( 0 )
+
P( A, B, C, D, X[ 0], 3 );
P( D, A, B, C, X[ 1], 7 );
@@ -167,8 +173,13 @@
#undef P
#undef F
-#define F(x,y,z) ((x & y) | (x & z) | (y & z))
-#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x5A827999; a = S(a,s); }
+#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define P(a,b,c,d,x,s) \
+ do \
+ { \
+ (a) += F((b),(c),(d)) + (x) + 0x5A827999; \
+ (a) = S((a),(s)); \
+ } while( 0 )
P( A, B, C, D, X[ 0], 3 );
P( D, A, B, C, X[ 4], 5 );
@@ -190,8 +201,13 @@
#undef P
#undef F
-#define F(x,y,z) (x ^ y ^ z)
-#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x6ED9EBA1; a = S(a,s); }
+#define F(x,y,z) ((x) ^ (y) ^ (z))
+#define P(a,b,c,d,x,s) \
+ do \
+ { \
+ (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \
+ (a) = S((a),(s)); \
+ } while( 0 )
P( A, B, C, D, X[ 0], 3 );
P( D, A, B, C, X[ 8], 9 );
diff --git a/library/md5.c b/library/md5.c
index 2a740cd..a93da8a 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -136,19 +136,22 @@
GET_UINT32_LE( X[14], data, 56 );
GET_UINT32_LE( X[15], data, 60 );
-#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+#define S(x,n) \
+ ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) )
-#define P(a,b,c,d,k,s,t) \
-{ \
- a += F(b,c,d) + X[k] + t; a = S(a,s) + b; \
-}
+#define P(a,b,c,d,k,s,t) \
+ do \
+ { \
+ (a) += F((b),(c),(d)) + X[(k)] + (t); \
+ (a) = S((a),(s)) + (b); \
+ } while( 0 )
A = ctx->state[0];
B = ctx->state[1];
C = ctx->state[2];
D = ctx->state[3];
-#define F(x,y,z) (z ^ (x & (y ^ z)))
+#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
P( A, B, C, D, 0, 7, 0xD76AA478 );
P( D, A, B, C, 1, 12, 0xE8C7B756 );
@@ -169,7 +172,7 @@
#undef F
-#define F(x,y,z) (y ^ (z & (x ^ y)))
+#define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y))))
P( A, B, C, D, 1, 5, 0xF61E2562 );
P( D, A, B, C, 6, 9, 0xC040B340 );
@@ -190,7 +193,7 @@
#undef F
-#define F(x,y,z) (x ^ y ^ z)
+#define F(x,y,z) ((x) ^ (y) ^ (z))
P( A, B, C, D, 5, 4, 0xFFFA3942 );
P( D, A, B, C, 8, 11, 0x8771F681 );
@@ -211,7 +214,7 @@
#undef F
-#define F(x,y,z) (y ^ (x | ~z))
+#define F(x,y,z) ((y) ^ ((x) | ~(z)))
P( A, B, C, D, 0, 6, 0xF4292244 );
P( D, A, B, C, 7, 10, 0x432AFF97 );
diff --git a/library/oid.c b/library/oid.c
index 2d22b11..9f40941 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -50,22 +50,24 @@
* Macro to generate an internal function for oid_XXX_from_asn1() (used by
* the other functions)
*/
-#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
-static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid ) \
-{ \
- const TYPE_T *p = LIST; \
- const mbedtls_oid_descriptor_t *cur = (const mbedtls_oid_descriptor_t *) p; \
- if( p == NULL || oid == NULL ) return( NULL ); \
- while( cur->asn1 != NULL ) { \
- if( cur->asn1_len == oid->len && \
- memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
- return( p ); \
- } \
- p++; \
- cur = (const mbedtls_oid_descriptor_t *) p; \
- } \
- return( NULL ); \
-}
+#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
+ static const TYPE_T * oid_ ## NAME ## _from_asn1( \
+ const mbedtls_asn1_buf *oid ) \
+ { \
+ const TYPE_T *p = (LIST); \
+ const mbedtls_oid_descriptor_t *cur = \
+ (const mbedtls_oid_descriptor_t *) p; \
+ if( p == NULL || oid == NULL ) return( NULL ); \
+ while( cur->asn1 != NULL ) { \
+ if( cur->asn1_len == oid->len && \
+ memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
+ return( p ); \
+ } \
+ p++; \
+ cur = (const mbedtls_oid_descriptor_t *) p; \
+ } \
+ return( NULL ); \
+ }
/*
* Macro to generate a function for retrieving a single attribute from the
@@ -99,12 +101,13 @@
*/
#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
ATTR2_TYPE, ATTR2) \
-int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
+int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \
+ ATTR2_TYPE * ATTR2 ) \
{ \
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
- if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
- *ATTR1 = data->ATTR1; \
- *ATTR2 = data->ATTR2; \
+ if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
+ *(ATTR1) = data->ATTR1; \
+ *(ATTR2) = data->ATTR2; \
return( 0 ); \
}
@@ -115,16 +118,16 @@
#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
{ \
- const TYPE_T *cur = LIST; \
+ const TYPE_T *cur = (LIST); \
while( cur->descriptor.asn1 != NULL ) { \
- if( cur->ATTR1 == ATTR1 ) { \
+ if( cur->ATTR1 == (ATTR1) ) { \
*oid = cur->descriptor.asn1; \
*olen = cur->descriptor.asn1_len; \
return( 0 ); \
} \
cur++; \
} \
- return( MBEDTLS_ERR_OID_NOT_FOUND ); \
+ return( MBEDTLS_ERR_OID_NOT_FOUND ); \
}
/*
@@ -136,9 +139,9 @@
int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
size_t *olen ) \
{ \
- const TYPE_T *cur = LIST; \
+ const TYPE_T *cur = (LIST); \
while( cur->descriptor.asn1 != NULL ) { \
- if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \
+ if( cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2) ) { \
*oid = cur->descriptor.asn1; \
*olen = cur->descriptor.asn1_len; \
return( 0 ); \
diff --git a/library/poly1305.c b/library/poly1305.c
index b274119..2b56c5f 100644
--- a/library/poly1305.c
+++ b/library/poly1305.c
@@ -58,10 +58,10 @@
#define POLY1305_BLOCK_SIZE_BYTES ( 16U )
#define BYTES_TO_U32_LE( data, offset ) \
- ( (uint32_t) data[offset] \
- | (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \
- | (uint32_t) ( (uint32_t) data[( offset ) + 2] << 16 ) \
- | (uint32_t) ( (uint32_t) data[( offset ) + 3] << 24 ) \
+ ( (uint32_t) (data)[offset] \
+ | (uint32_t) ( (uint32_t) (data)[( offset ) + 1] << 8 ) \
+ | (uint32_t) ( (uint32_t) (data)[( offset ) + 2] << 16 ) \
+ | (uint32_t) ( (uint32_t) (data)[( offset ) + 3] << 24 ) \
)
/*
diff --git a/library/ripemd160.c b/library/ripemd160.c
index bd25ada..0791ae4 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -147,22 +147,29 @@
D = Dp = ctx->state[3];
E = Ep = ctx->state[4];
-#define F1( x, y, z ) ( x ^ y ^ z )
-#define F2( x, y, z ) ( ( x & y ) | ( ~x & z ) )
-#define F3( x, y, z ) ( ( x | ~y ) ^ z )
-#define F4( x, y, z ) ( ( x & z ) | ( y & ~z ) )
-#define F5( x, y, z ) ( x ^ ( y | ~z ) )
+#define F1( x, y, z ) ( (x) ^ (y) ^ (z) )
+#define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) )
+#define F3( x, y, z ) ( ( (x) | ~(y) ) ^ (z) )
+#define F4( x, y, z ) ( ( (x) & (z) ) | ( (y) & ~(z) ) )
+#define F5( x, y, z ) ( (x) ^ ( (y) | ~(z) ) )
-#define S( x, n ) ( ( x << n ) | ( x >> (32 - n) ) )
+#define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) )
-#define P( a, b, c, d, e, r, s, f, k ) \
- a += f( b, c, d ) + X[r] + k; \
- a = S( a, s ) + e; \
- c = S( c, 10 );
+#define P( a, b, c, d, e, r, s, f, k ) \
+ do \
+ { \
+ (a) += f( (b), (c), (d) ) + X[r] + (k); \
+ (a) = S( (a), (s) ) + (e); \
+ (c) = S( (c), 10 ); \
+ } while( 0 )
-#define P2( a, b, c, d, e, r, s, rp, sp ) \
- P( a, b, c, d, e, r, s, F, K ); \
- P( a ## p, b ## p, c ## p, d ## p, e ## p, rp, sp, Fp, Kp );
+#define P2( a, b, c, d, e, r, s, rp, sp ) \
+ do \
+ { \
+ P( (a), (b), (c), (d), (e), (r), (s), F, K ); \
+ P( a ## p, b ## p, c ## p, d ## p, e ## p, \
+ (rp), (sp), Fp, Kp ); \
+ } while( 0 )
#define F F1
#define K 0x00000000
diff --git a/library/sha1.c b/library/sha1.c
index e8d4096..355c83d 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -152,19 +152,21 @@
GET_UINT32_BE( W[14], data, 56 );
GET_UINT32_BE( W[15], data, 60 );
-#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
-#define R(t) \
-( \
- temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
- W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
- ( W[t & 0x0F] = S(temp,1) ) \
-)
+#define R(t) \
+ ( \
+ temp = W[( (t) - 3 ) & 0x0F] ^ W[( (t) - 8 ) & 0x0F] ^ \
+ W[( (t) - 14 ) & 0x0F] ^ W[ (t) & 0x0F], \
+ ( W[(t) & 0x0F] = S(temp,1) ) \
+ )
-#define P(a,b,c,d,e,x) \
-{ \
- e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
-}
+#define P(a,b,c,d,e,x) \
+ do \
+ { \
+ (e) += S((a),5) + F((b),(c),(d)) + K + (x); \
+ (b) = S((b),30); \
+ } while( 0 )
A = ctx->state[0];
B = ctx->state[1];
@@ -172,7 +174,7 @@
D = ctx->state[3];
E = ctx->state[4];
-#define F(x,y,z) (z ^ (x & (y ^ z)))
+#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define K 0x5A827999
P( A, B, C, D, E, W[0] );
@@ -199,7 +201,7 @@
#undef K
#undef F
-#define F(x,y,z) (x ^ y ^ z)
+#define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0x6ED9EBA1
P( A, B, C, D, E, R(20) );
@@ -226,7 +228,7 @@
#undef K
#undef F
-#define F(x,y,z) ((x & y) | (z & (x | y)))
+#define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
#define K 0x8F1BBCDC
P( A, B, C, D, E, R(40) );
@@ -253,7 +255,7 @@
#undef K
#undef F
-#define F(x,y,z) (x ^ y ^ z)
+#define F(x,y,z) ((x) ^ (y) ^ (z))
#define K 0xCA62C1D6
P( A, B, C, D, E, R(60) );
diff --git a/library/sha256.c b/library/sha256.c
index 8a540ad..2dc0e1a 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -172,8 +172,8 @@
0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
};
-#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
-#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
+#define SHR(x,n) (((x) & 0xFFFFFFFF) >> (n))
+#define ROTR(x,n) (SHR(x,n) | ((x) << (32 - (n))))
#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
@@ -181,21 +181,22 @@
#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
-#define F0(x,y,z) ((x & y) | (z & (x | y)))
-#define F1(x,y,z) (z ^ (x & (y ^ z)))
+#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
+#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
#define R(t) \
-( \
- W[t] = S1(W[t - 2]) + W[t - 7] + \
- S0(W[t - 15]) + W[t - 16] \
-)
+ ( \
+ W[t] = S1(W[(t) - 2]) + W[(t) - 7] + \
+ S0(W[(t) - 15]) + W[(t) - 16] \
+ )
-#define P(a,b,c,d,e,f,g,h,x,K) \
-{ \
- temp1 = h + S3(e) + F1(e,f,g) + K + x; \
- temp2 = S2(a) + F0(a,b,c); \
- d += temp1; h = temp1 + temp2; \
-}
+#define P(a,b,c,d,e,f,g,h,x,K) \
+ do \
+ { \
+ temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
+ temp2 = S2(a) + F0((a),(b),(c)); \
+ (d) += temp1; (h) = temp1 + temp2; \
+ } while( 0 )
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] )
diff --git a/library/sha512.c b/library/sha512.c
index 941ecda..bdd20b2 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -224,8 +224,8 @@
SHA512_VALIDATE_RET( ctx != NULL );
SHA512_VALIDATE_RET( (const unsigned char *)data != NULL );
-#define SHR(x,n) (x >> n)
-#define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))
+#define SHR(x,n) ((x) >> (n))
+#define ROTR(x,n) (SHR((x),(n)) | ((x) << (64 - (n))))
#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7))
#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6))
@@ -233,15 +233,16 @@
#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
-#define F0(x,y,z) ((x & y) | (z & (x | y)))
-#define F1(x,y,z) (z ^ (x & (y ^ z)))
+#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
+#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
-#define P(a,b,c,d,e,f,g,h,x,K) \
-{ \
- temp1 = h + S3(e) + F1(e,f,g) + K + x; \
- temp2 = S2(a) + F0(a,b,c); \
- d += temp1; h = temp1 + temp2; \
-}
+#define P(a,b,c,d,e,f,g,h,x,K) \
+ do \
+ { \
+ temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \
+ temp2 = S2(a) + F0((a),(b),(c)); \
+ (d) += temp1; (h) = temp1 + temp2; \
+ } while( 0 )
for( i = 0; i < 16; i++ )
{
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 8d7ecf7..e31faaf 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -163,7 +163,7 @@
#define MEMORY_MEASURE_PRINT( title_len ) \
mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
- for( ii = 12 - title_len; ii != 0; ii-- ) mbedtls_printf( " " ); \
+ for( ii = 12 - (title_len); ii != 0; ii-- ) mbedtls_printf( " " ); \
max_used -= prv_used; \
max_blocks -= prv_blocks; \
max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
diff --git a/scripts/abi_check.py b/scripts/abi_check.py
index 7926bc8..f837f7a 100755
--- a/scripts/abi_check.py
+++ b/scripts/abi_check.py
@@ -9,10 +9,10 @@
This script is a small wrapper around the abi-compliance-checker and
abi-dumper tools, applying them to compare the ABI and API of the library
files from two different Git revisions within an Mbed TLS repository.
-The results of the comparison are formatted as HTML and stored at
-a configurable location. Returns 0 on success, 1 on ABI/API non-compliance,
-and 2 if there is an error while running the script.
-Note: must be run from Mbed TLS root.
+The results of the comparison are either formatted as HTML and stored at
+a configurable location, or are given as a brief list of problems.
+Returns 0 on success, 1 on ABI/API non-compliance, and 2 if there is an error
+while running the script. Note: must be run from Mbed TLS root.
"""
import os
@@ -23,30 +23,37 @@
import argparse
import logging
import tempfile
+import fnmatch
+from types import SimpleNamespace
+
+import xml.etree.ElementTree as ET
class AbiChecker(object):
"""API and ABI checker."""
- def __init__(self, report_dir, old_rev, new_rev, keep_all_reports):
+ def __init__(self, old_version, new_version, configuration):
"""Instantiate the API/ABI checker.
- report_dir: directory for output files
- old_rev: reference git revision to compare against
- new_rev: git revision to check
- keep_all_reports: if false, delete old reports
+ old_version: RepoVersion containing details to compare against
+ new_version: RepoVersion containing details to check
+ configuration.report_dir: directory for output files
+ configuration.keep_all_reports: if false, delete old reports
+ configuration.brief: if true, output shorter report to stdout
+ configuration.skip_file: path to file containing symbols and types to skip
"""
self.repo_path = "."
self.log = None
- self.setup_logger()
- self.report_dir = os.path.abspath(report_dir)
- self.keep_all_reports = keep_all_reports
- self.should_keep_report_dir = os.path.isdir(self.report_dir)
- self.old_rev = old_rev
- self.new_rev = new_rev
- self.mbedtls_modules = ["libmbedcrypto", "libmbedtls", "libmbedx509"]
- self.old_dumps = {}
- self.new_dumps = {}
+ self.verbose = configuration.verbose
+ self._setup_logger()
+ self.report_dir = os.path.abspath(configuration.report_dir)
+ self.keep_all_reports = configuration.keep_all_reports
+ self.can_remove_report_dir = not (os.path.exists(self.report_dir) or
+ self.keep_all_reports)
+ self.old_version = old_version
+ self.new_version = new_version
+ self.skip_file = configuration.skip_file
+ self.brief = configuration.brief
self.git_command = "git"
self.make_command = "make"
@@ -57,9 +64,12 @@
if current_dir != root_dir:
raise Exception("Must be run from Mbed TLS root")
- def setup_logger(self):
+ def _setup_logger(self):
self.log = logging.getLogger()
- self.log.setLevel(logging.INFO)
+ if self.verbose:
+ self.log.setLevel(logging.DEBUG)
+ else:
+ self.log.setLevel(logging.INFO)
self.log.addHandler(logging.StreamHandler())
@staticmethod
@@ -68,155 +78,210 @@
if not shutil.which(command):
raise Exception("{} not installed, aborting".format(command))
- def get_clean_worktree_for_git_revision(self, git_rev):
- """Make a separate worktree with git_rev checked out.
+ def _get_clean_worktree_for_git_revision(self, version):
+ """Make a separate worktree with version.revision checked out.
Do not modify the current worktree."""
- self.log.info(
- "Checking out git worktree for revision {}".format(git_rev)
- )
git_worktree_path = tempfile.mkdtemp()
- worktree_process = subprocess.Popen(
- [self.git_command, "worktree", "add", "--detach", git_worktree_path, git_rev],
+ if version.repository:
+ self.log.debug(
+ "Checking out git worktree for revision {} from {}".format(
+ version.revision, version.repository
+ )
+ )
+ fetch_output = subprocess.check_output(
+ [self.git_command, "fetch",
+ version.repository, version.revision],
+ cwd=self.repo_path,
+ stderr=subprocess.STDOUT
+ )
+ self.log.debug(fetch_output.decode("utf-8"))
+ worktree_rev = "FETCH_HEAD"
+ else:
+ self.log.debug("Checking out git worktree for revision {}".format(
+ version.revision
+ ))
+ worktree_rev = version.revision
+ worktree_output = subprocess.check_output(
+ [self.git_command, "worktree", "add", "--detach",
+ git_worktree_path, worktree_rev],
cwd=self.repo_path,
- stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
- worktree_output, _ = worktree_process.communicate()
- self.log.info(worktree_output.decode("utf-8"))
- if worktree_process.returncode != 0:
- raise Exception("Checking out worktree failed, aborting")
+ self.log.debug(worktree_output.decode("utf-8"))
return git_worktree_path
- def update_git_submodules(self, git_worktree_path):
- process = subprocess.Popen(
+ def _update_git_submodules(self, git_worktree_path, version):
+ """If the crypto submodule is present, initialize it.
+ if version.crypto_revision exists, update it to that revision,
+ otherwise update it to the default revision"""
+ update_output = subprocess.check_output(
[self.git_command, "submodule", "update", "--init", '--recursive'],
cwd=git_worktree_path,
- stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
- output, _ = process.communicate()
- self.log.info(output.decode("utf-8"))
- if process.returncode != 0:
- raise Exception("git submodule update failed, aborting")
+ self.log.debug(update_output.decode("utf-8"))
+ if not (os.path.exists(os.path.join(git_worktree_path, "crypto"))
+ and version.crypto_revision):
+ return
- def build_shared_libraries(self, git_worktree_path):
+ if version.crypto_repository:
+ fetch_output = subprocess.check_output(
+ [self.git_command, "fetch", version.crypto_repository,
+ version.crypto_revision],
+ cwd=os.path.join(git_worktree_path, "crypto"),
+ stderr=subprocess.STDOUT
+ )
+ self.log.debug(fetch_output.decode("utf-8"))
+ crypto_rev = "FETCH_HEAD"
+ else:
+ crypto_rev = version.crypto_revision
+
+ checkout_output = subprocess.check_output(
+ [self.git_command, "checkout", crypto_rev],
+ cwd=os.path.join(git_worktree_path, "crypto"),
+ stderr=subprocess.STDOUT
+ )
+ self.log.debug(checkout_output.decode("utf-8"))
+
+ def _build_shared_libraries(self, git_worktree_path, version):
"""Build the shared libraries in the specified worktree."""
my_environment = os.environ.copy()
my_environment["CFLAGS"] = "-g -Og"
my_environment["SHARED"] = "1"
- make_process = subprocess.Popen(
- self.make_command,
+ my_environment["USE_CRYPTO_SUBMODULE"] = "1"
+ make_output = subprocess.check_output(
+ [self.make_command, "lib"],
env=my_environment,
cwd=git_worktree_path,
- stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
- make_output, _ = make_process.communicate()
- self.log.info(make_output.decode("utf-8"))
- if make_process.returncode != 0:
- raise Exception("make failed, aborting")
+ self.log.debug(make_output.decode("utf-8"))
+ for root, _dirs, files in os.walk(git_worktree_path):
+ for file in fnmatch.filter(files, "*.so"):
+ version.modules[os.path.splitext(file)[0]] = (
+ os.path.join(root, file)
+ )
- def get_abi_dumps_from_shared_libraries(self, git_ref, git_worktree_path):
+ def _get_abi_dumps_from_shared_libraries(self, version):
"""Generate the ABI dumps for the specified git revision.
- It must be checked out in git_worktree_path and the shared libraries
- must have been built."""
- abi_dumps = {}
- for mbed_module in self.mbedtls_modules:
+ The shared libraries must have been built and the module paths
+ present in version.modules."""
+ for mbed_module, module_path in version.modules.items():
output_path = os.path.join(
- self.report_dir, "{}-{}.dump".format(mbed_module, git_ref)
+ self.report_dir, "{}-{}-{}.dump".format(
+ mbed_module, version.revision, version.version
+ )
)
abi_dump_command = [
"abi-dumper",
- os.path.join(
- git_worktree_path, "library", mbed_module + ".so"),
+ module_path,
"-o", output_path,
- "-lver", git_ref
+ "-lver", version.revision
]
- abi_dump_process = subprocess.Popen(
+ abi_dump_output = subprocess.check_output(
abi_dump_command,
- stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
- abi_dump_output, _ = abi_dump_process.communicate()
- self.log.info(abi_dump_output.decode("utf-8"))
- if abi_dump_process.returncode != 0:
- raise Exception("abi-dumper failed, aborting")
- abi_dumps[mbed_module] = output_path
- return abi_dumps
+ self.log.debug(abi_dump_output.decode("utf-8"))
+ version.abi_dumps[mbed_module] = output_path
- def cleanup_worktree(self, git_worktree_path):
+ def _cleanup_worktree(self, git_worktree_path):
"""Remove the specified git worktree."""
shutil.rmtree(git_worktree_path)
- worktree_process = subprocess.Popen(
+ worktree_output = subprocess.check_output(
[self.git_command, "worktree", "prune"],
cwd=self.repo_path,
- stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
- worktree_output, _ = worktree_process.communicate()
- self.log.info(worktree_output.decode("utf-8"))
- if worktree_process.returncode != 0:
- raise Exception("Worktree cleanup failed, aborting")
+ self.log.debug(worktree_output.decode("utf-8"))
- def get_abi_dump_for_ref(self, git_rev):
+ def _get_abi_dump_for_ref(self, version):
"""Generate the ABI dumps for the specified git revision."""
- git_worktree_path = self.get_clean_worktree_for_git_revision(git_rev)
- self.update_git_submodules(git_worktree_path)
- self.build_shared_libraries(git_worktree_path)
- abi_dumps = self.get_abi_dumps_from_shared_libraries(
- git_rev, git_worktree_path
- )
- self.cleanup_worktree(git_worktree_path)
- return abi_dumps
+ git_worktree_path = self._get_clean_worktree_for_git_revision(version)
+ self._update_git_submodules(git_worktree_path, version)
+ self._build_shared_libraries(git_worktree_path, version)
+ self._get_abi_dumps_from_shared_libraries(version)
+ self._cleanup_worktree(git_worktree_path)
+
+ def _remove_children_with_tag(self, parent, tag):
+ children = parent.getchildren()
+ for child in children:
+ if child.tag == tag:
+ parent.remove(child)
+ else:
+ self._remove_children_with_tag(child, tag)
+
+ def _remove_extra_detail_from_report(self, report_root):
+ for tag in ['test_info', 'test_results', 'problem_summary',
+ 'added_symbols', 'removed_symbols', 'affected']:
+ self._remove_children_with_tag(report_root, tag)
+
+ for report in report_root:
+ for problems in report.getchildren()[:]:
+ if not problems.getchildren():
+ report.remove(problems)
def get_abi_compatibility_report(self):
"""Generate a report of the differences between the reference ABI
- and the new ABI. ABI dumps from self.old_rev and self.new_rev must
- be available."""
+ and the new ABI. ABI dumps from self.old_version and self.new_version
+ must be available."""
compatibility_report = ""
compliance_return_code = 0
- for mbed_module in self.mbedtls_modules:
+ shared_modules = list(set(self.old_version.modules.keys()) &
+ set(self.new_version.modules.keys()))
+ for mbed_module in shared_modules:
output_path = os.path.join(
self.report_dir, "{}-{}-{}.html".format(
- mbed_module, self.old_rev, self.new_rev
+ mbed_module, self.old_version.revision,
+ self.new_version.revision
)
)
abi_compliance_command = [
"abi-compliance-checker",
"-l", mbed_module,
- "-old", self.old_dumps[mbed_module],
- "-new", self.new_dumps[mbed_module],
+ "-old", self.old_version.abi_dumps[mbed_module],
+ "-new", self.new_version.abi_dumps[mbed_module],
"-strict",
- "-report-path", output_path
+ "-report-path", output_path,
]
- abi_compliance_process = subprocess.Popen(
- abi_compliance_command,
- stdout=subprocess.PIPE,
- stderr=subprocess.STDOUT
- )
- abi_compliance_output, _ = abi_compliance_process.communicate()
- self.log.info(abi_compliance_output.decode("utf-8"))
- if abi_compliance_process.returncode == 0:
+ if self.skip_file:
+ abi_compliance_command += ["-skip-symbols", self.skip_file,
+ "-skip-types", self.skip_file]
+ if self.brief:
+ abi_compliance_command += ["-report-format", "xml",
+ "-stdout"]
+ try:
+ subprocess.check_output(
+ abi_compliance_command,
+ stderr=subprocess.STDOUT
+ )
+ except subprocess.CalledProcessError as err:
+ if err.returncode == 1:
+ compliance_return_code = 1
+ if self.brief:
+ self.log.info(
+ "Compatibility issues found for {}".format(mbed_module)
+ )
+ report_root = ET.fromstring(err.output.decode("utf-8"))
+ self._remove_extra_detail_from_report(report_root)
+ self.log.info(ET.tostring(report_root).decode("utf-8"))
+ else:
+ self.can_remove_report_dir = False
+ compatibility_report += (
+ "Compatibility issues found for {}, "
+ "for details see {}\n".format(mbed_module, output_path)
+ )
+ else:
+ raise err
+ else:
compatibility_report += (
"No compatibility issues for {}\n".format(mbed_module)
)
- if not self.keep_all_reports:
+ if not (self.keep_all_reports or self.brief):
os.remove(output_path)
- elif abi_compliance_process.returncode == 1:
- compliance_return_code = 1
- self.should_keep_report_dir = True
- compatibility_report += (
- "Compatibility issues found for {}, "
- "for details see {}\n".format(mbed_module, output_path)
- )
- else:
- raise Exception(
- "abi-compliance-checker failed with a return code of {},"
- " aborting".format(abi_compliance_process.returncode)
- )
- os.remove(self.old_dumps[mbed_module])
- os.remove(self.new_dumps[mbed_module])
- if not self.should_keep_report_dir and not self.keep_all_reports:
+ os.remove(self.old_version.abi_dumps[mbed_module])
+ os.remove(self.new_version.abi_dumps[mbed_module])
+ if self.can_remove_report_dir:
os.rmdir(self.report_dir)
self.log.info(compatibility_report)
return compliance_return_code
@@ -226,8 +291,8 @@
between self.old_rev and self.new_rev."""
self.check_repo_path()
self.check_abi_tools_are_installed()
- self.old_dumps = self.get_abi_dump_for_ref(self.old_rev)
- self.new_dumps = self.get_abi_dump_for_ref(self.new_rev)
+ self._get_abi_dump_for_ref(self.old_version)
+ self._get_abi_dump_for_ref(self.new_version)
return self.get_abi_compatibility_report()
@@ -239,13 +304,18 @@
abi-compliance-checker and abi-dumper tools, applying them
to compare the ABI and API of the library files from two
different Git revisions within an Mbed TLS repository.
- The results of the comparison are formatted as HTML and stored
- at a configurable location. Returns 0 on success, 1 on ABI/API
- non-compliance, and 2 if there is an error while running the
- script. Note: must be run from Mbed TLS root."""
+ The results of the comparison are either formatted as HTML and
+ stored at a configurable location, or are given as a brief list
+ of problems. Returns 0 on success, 1 on ABI/API non-compliance,
+ and 2 if there is an error while running the script.
+ Note: must be run from Mbed TLS root."""
)
)
parser.add_argument(
+ "-v", "--verbose", action="store_true",
+ help="set verbosity level",
+ )
+ parser.add_argument(
"-r", "--report-dir", type=str, default="reports",
help="directory where reports are stored, default is reports",
)
@@ -254,18 +324,73 @@
help="keep all reports, even if there are no compatibility issues",
)
parser.add_argument(
- "-o", "--old-rev", type=str, help="revision for old version",
- required=True
+ "-o", "--old-rev", type=str, help="revision for old version.",
+ required=True,
+ )
+ parser.add_argument(
+ "-or", "--old-repo", type=str, help="repository for old version."
+ )
+ parser.add_argument(
+ "-oc", "--old-crypto-rev", type=str,
+ help="revision for old crypto submodule."
+ )
+ parser.add_argument(
+ "-ocr", "--old-crypto-repo", type=str,
+ help="repository for old crypto submodule."
)
parser.add_argument(
"-n", "--new-rev", type=str, help="revision for new version",
- required=True
+ required=True,
+ )
+ parser.add_argument(
+ "-nr", "--new-repo", type=str, help="repository for new version."
+ )
+ parser.add_argument(
+ "-nc", "--new-crypto-rev", type=str,
+ help="revision for new crypto version"
+ )
+ parser.add_argument(
+ "-ncr", "--new-crypto-repo", type=str,
+ help="repository for new crypto submodule."
+ )
+ parser.add_argument(
+ "-s", "--skip-file", type=str,
+ help="path to file containing symbols and types to skip"
+ )
+ parser.add_argument(
+ "-b", "--brief", action="store_true",
+ help="output only the list of issues to stdout, instead of a full report",
)
abi_args = parser.parse_args()
- abi_check = AbiChecker(
- abi_args.report_dir, abi_args.old_rev,
- abi_args.new_rev, abi_args.keep_all_reports
+ if os.path.isfile(abi_args.report_dir):
+ print("Error: {} is not a directory".format(abi_args.report_dir))
+ parser.exit()
+ old_version = SimpleNamespace(
+ version="old",
+ repository=abi_args.old_repo,
+ revision=abi_args.old_rev,
+ crypto_repository=abi_args.old_crypto_repo,
+ crypto_revision=abi_args.old_crypto_rev,
+ abi_dumps={},
+ modules={}
)
+ new_version = SimpleNamespace(
+ version="new",
+ repository=abi_args.new_repo,
+ revision=abi_args.new_rev,
+ crypto_repository=abi_args.new_crypto_repo,
+ crypto_revision=abi_args.new_crypto_rev,
+ abi_dumps={},
+ modules={}
+ )
+ configuration = SimpleNamespace(
+ verbose=abi_args.verbose,
+ report_dir=abi_args.report_dir,
+ keep_all_reports=abi_args.keep_all_reports,
+ brief=abi_args.brief,
+ skip_file=abi_args.skip_file
+ )
+ abi_check = AbiChecker(old_version, new_version, configuration)
return_code = abi_check.check_for_abi_changes()
sys.exit(return_code)
except Exception: # pylint: disable=broad-except
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index badbd97..b38c7d4 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1004,6 +1004,12 @@
make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests
make WINDOWS_BUILD=1 clean
}
+support_build_mingw() {
+ case $(i686-w64-mingw32-gcc -dumpversion) in
+ [0-5]*) false;;
+ *) true;;
+ esac
+}
component_test_memsan () {
msg "build: MSan (clang)" # ~ 1 min 20s
diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh
index ccd488c..eaf270c 100755
--- a/tests/scripts/list-identifiers.sh
+++ b/tests/scripts/list-identifiers.sh
@@ -1,4 +1,10 @@
-#!/bin/sh
+#!/bin/bash
+#
+# Create a file named identifiers containing identifiers from internal header
+# files or all header files, based on --internal flag.
+# Outputs the line count of the file to stdout.
+#
+# Usage: list-identifiers.sh [ -i | --internal ]
set -eu
@@ -7,7 +13,29 @@
exit 1
fi
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+INTERNAL=""
+
+until [ -z "${1-}" ]
+do
+ case "$1" in
+ -i|--internal)
+ INTERNAL="1"
+ ;;
+ *)
+ # print error
+ echo "Unknown argument: '$1'"
+ exit 1
+ ;;
+ esac
+ shift
+done
+
+if [ $INTERNAL ]
+then
+ HEADERS=$( ls include/mbedtls/*_internal.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+else
+ HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+fi
rm -f identifiers