TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 24273c06db37ad4fa67cf15b0b5df8645c0fab65 / . / tests / scripts / test_config_checks.py
blob: 911e2d9a58692bd22c450187818e18532c705618 [file] [log] [blame]
Gilles Peskine01def642025-04-25 18:30:47 +0200[diff] [blame]1#!/usr/bin/env python3
2"""Test the configuration checks generated by generate_config_checks.py.
3"""
4
5## Copyright The Mbed TLS Contributors
6## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
7
8import unittest
9
10import scripts_path # pylint: disable=unused-import
11from mbedtls_framework import unittest_config_checks
12
13
14class MbedtlsTestConfigChecks(unittest_config_checks.TestConfigChecks):
15 """Mbed TLS unit tests for checks generated by config_checks_generator."""
16
17 #pylint: disable=invalid-name # uppercase letters make sense here
18
19 PROJECT_CONFIG_C = 'library/mbedtls_config.c'
20 PROJECT_SPECIFIC_INCLUDE_DIRECTORIES = [
21 'tf-psa-crypto/include',
22 'tf-psa-crypto/drivers/builtin/include',
23 ]
24
25 @unittest.skip("At this time, mbedtls does not go through crypto's check_config.h.")
26 def test_crypto_no_fs_io(self) -> None:
27 """A sample error expected from crypto's check_config.h."""
28 self.bad_case('#undef MBEDTLS_FS_IO',
29 None,
30 error=('MBEDTLS_PSA_ITS_FILE_C'))
31
32 def test_mbedtls_no_session_tickets_for_early_data(self) -> None:
33 """An error expected from mbedtls_check_config.h based on the TLS configuration."""
34 self.bad_case(None,
35 '''
36 #define MBEDTLS_SSL_EARLY_DATA
37 #undef MBEDTLS_SSL_SESSION_TICKETS
38 ''',
39 error=('MBEDTLS_SSL_EARLY_DATA'))
40
41 def test_mbedtls_no_ecdsa(self) -> None:
42 """An error expected from mbedtls_check_config.h based on crypto+TLS configuration."""
43 self.bad_case('''
44 #undef PSA_WANT_ALG_ECDSA
45 #undef PSA_WANT_ALG_DETERMINISTIC_ECDSA
Gilles Peskine01def642025-04-25 18:30:47 +0200[diff] [blame]46 ''',
47 '''
48 #if defined(PSA_WANT_ALG_ECDSA)
49 #error PSA_WANT_ALG_ECDSA unexpected
50 #endif
51 #if defined(PSA_WANT_ALG_DETERMINSTIC_ECDSA)
52 #error PSA_WANT_ALG_DETERMINSTIC_ECDSA unexpected
53 #endif
Gilles Peskine01def642025-04-25 18:30:47 +0200[diff] [blame]54 ''',
55 error=('MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'))
56
57
Gilles Peskine24273c02025-07-16 22:27:09 +0200[diff] [blame^]58 def test_define_MBEDTLS_MD5_C_redundant(self) -> None:
59 """Error when redundantly setting a subproject internal option."""
60 self.bad_case('#define PSA_WANT_ALG_MD5 1',
61 '#define MBEDTLS_MD5_C',
62 error=r'MBEDTLS_MD5_C.* PSA_WANT_ALG_MD5 in psa/crypto_config\.h')
63
64 def test_define_MBEDTLS_MD5_C_added(self) -> None:
65 """Error when setting a subproject internal option that was disabled."""
66 self.bad_case('''
67 #undef PSA_WANT_ALG_MD5
68 #undef MBEDTLS_MD5_C
69 ''',
70 '#define MBEDTLS_MD5_C',
71 error=r'MBEDTLS_MD5_C.* PSA_WANT_ALG_MD5 in psa/crypto_config\.h')
72
73 def test_define_MBEDTLS_BASE64_C_redundant(self) -> None:
74 """Ok to redundantly set a subproject option."""
75 self.good_case(None,
76 '#define MBEDTLS_BASE64_C')
77
78 def test_define_MBEDTLS_BASE64_C_added(self) -> None:
79 """Error when setting a subproject option that was disabled."""
80 self.bad_case('''
81 #undef MBEDTLS_BASE64_C
82 #undef MBEDTLS_PEM_PARSE_C
83 #undef MBEDTLS_PEM_WRITE_C
84 ''',
85 '#define MBEDTLS_BASE64_C',
86 error=r'MBEDTLS_BASE64_C .*psa/crypto_config\.h')
87
88 @unittest.skip("Checks for #undef are not implemented yet.")
89 def test_define_MBEDTLS_BASE64_C_unset(self) -> None:
90 """Error when unsetting a subproject option that was enabled."""
91 self.bad_case(None,
92 '#undef MBEDTLS_BASE64_C',
93 error=r'MBEDTLS_BASE64_C .*psa/crypto_config\.h')
94
95
Gilles Peskine01def642025-04-25 18:30:47 +0200[diff] [blame]96if __name__ == '__main__':
97 unittest.main()