mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-18 10:23:20 +00:00
Merge pull request #7955 from davidhorstmann-arm/psa-crypto-script-changes
Miscellaneous changes to scripts for PSA-Crypto enablement
This commit is contained in:
commit
6147511bc0
@ -19,12 +19,19 @@
|
||||
import os
|
||||
import inspect
|
||||
|
||||
def looks_like_psa_crypto_root(path: str) -> bool:
|
||||
"""Whether the given directory looks like the root of the PSA Crypto source tree."""
|
||||
return all(os.path.isdir(os.path.join(path, subdir))
|
||||
for subdir in ['include', 'core', 'drivers', 'programs', 'tests'])
|
||||
|
||||
def looks_like_mbedtls_root(path: str) -> bool:
|
||||
"""Whether the given directory looks like the root of the Mbed TLS source tree."""
|
||||
return all(os.path.isdir(os.path.join(path, subdir))
|
||||
for subdir in ['include', 'library', 'programs', 'tests'])
|
||||
|
||||
def looks_like_root(path: str) -> bool:
|
||||
return looks_like_psa_crypto_root(path) or looks_like_mbedtls_root(path)
|
||||
|
||||
def check_repo_path():
|
||||
"""
|
||||
Check that the current working directory is the project root, and throw
|
||||
@ -42,7 +49,7 @@ def chdir_to_root() -> None:
|
||||
for d in [os.path.curdir,
|
||||
os.path.pardir,
|
||||
os.path.join(os.path.pardir, os.path.pardir)]:
|
||||
if looks_like_mbedtls_root(d):
|
||||
if looks_like_root(d):
|
||||
os.chdir(d)
|
||||
return
|
||||
raise Exception('Mbed TLS source tree not found')
|
||||
@ -62,6 +69,6 @@ def guess_mbedtls_root():
|
||||
if d in dirs:
|
||||
continue
|
||||
dirs.add(d)
|
||||
if looks_like_mbedtls_root(d):
|
||||
if looks_like_root(d):
|
||||
return d
|
||||
raise Exception('Mbed TLS source tree not found')
|
||||
|
@ -27,6 +27,7 @@ from typing import Dict, List, Optional, Set, Union
|
||||
import unittest
|
||||
|
||||
from . import c_build_helper
|
||||
from . import build_tree
|
||||
|
||||
|
||||
class Expr:
|
||||
@ -51,13 +52,16 @@ class Expr:
|
||||
def update_cache(self) -> None:
|
||||
"""Update `value_cache` for expressions registered in `unknown_values`."""
|
||||
expressions = sorted(self.unknown_values)
|
||||
includes = ['include']
|
||||
if build_tree.looks_like_psa_crypto_root('.'):
|
||||
includes.append('drivers/builtin/include')
|
||||
values = c_build_helper.get_c_expression_values(
|
||||
'unsigned long', '%lu',
|
||||
expressions,
|
||||
header="""
|
||||
#include <psa/crypto.h>
|
||||
""",
|
||||
include_path=['include']) #type: List[str]
|
||||
include_path=includes) #type: List[str]
|
||||
for e, v in zip(expressions, values):
|
||||
self.value_cache[e] = int(v, 0)
|
||||
self.unknown_values.clear()
|
||||
|
@ -123,15 +123,27 @@ set -e -o pipefail -u
|
||||
# Enable ksh/bash extended file matching patterns
|
||||
shopt -s extglob
|
||||
|
||||
in_mbedtls_repo () {
|
||||
test -d include -a -d library -a -d programs -a -d tests
|
||||
}
|
||||
|
||||
in_psa_crypto_repo () {
|
||||
test -d include -a -d core -a -d drivers -a -d programs -a -d tests
|
||||
}
|
||||
|
||||
pre_check_environment () {
|
||||
if [ -d library -a -d include -a -d tests ]; then :; else
|
||||
echo "Must be run from mbed TLS root" >&2
|
||||
if in_mbedtls_repo || in_psa_crypto_repo; then :; else
|
||||
echo "Must be run from Mbed TLS / psa-crypto root" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
pre_initialize_variables () {
|
||||
CONFIG_H='include/mbedtls/mbedtls_config.h'
|
||||
if in_mbedtls_repo; then
|
||||
CONFIG_H='include/mbedtls/mbedtls_config.h'
|
||||
else
|
||||
CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
|
||||
fi
|
||||
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
|
||||
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
|
||||
|
||||
@ -141,8 +153,10 @@ pre_initialize_variables () {
|
||||
backup_suffix='.all.bak'
|
||||
# Files clobbered by config.py
|
||||
files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
|
||||
# Files clobbered by in-tree cmake
|
||||
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
|
||||
if in_mbedtls_repo; then
|
||||
# Files clobbered by in-tree cmake
|
||||
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
|
||||
fi
|
||||
|
||||
append_outcome=0
|
||||
MEMORY=0
|
||||
@ -299,7 +313,9 @@ EOF
|
||||
# Does not remove generated source files.
|
||||
cleanup()
|
||||
{
|
||||
command make clean
|
||||
if in_mbedtls_repo; then
|
||||
command make clean
|
||||
fi
|
||||
|
||||
# Remove CMake artefacts
|
||||
find . -name .git -prune -o \
|
||||
@ -556,7 +572,7 @@ pre_check_git () {
|
||||
fi
|
||||
|
||||
if ! git diff --quiet "$CONFIG_H"; then
|
||||
err_msg "Warning - the configuration file 'include/mbedtls/mbedtls_config.h' has been edited. "
|
||||
err_msg "Warning - the configuration file '$CONFIG_H' has been edited. "
|
||||
echo "You can either delete or preserve your work, or force the test by rerunning the"
|
||||
echo "script as: $0 --force"
|
||||
exit 1
|
||||
@ -5284,7 +5300,9 @@ pre_prepare_outcome_file
|
||||
pre_print_configuration
|
||||
pre_check_tools
|
||||
cleanup
|
||||
pre_generate_files
|
||||
if in_mbedtls_repo; then
|
||||
pre_generate_files
|
||||
fi
|
||||
|
||||
# Run the requested tests.
|
||||
for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do
|
||||
|
@ -1,10 +1,10 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Run the PSA Crypto API compliance test suite.
|
||||
Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF,
|
||||
then compile and run the test suite. The clone is stored at <Mbed TLS root>/psa-arch-tests.
|
||||
Known defects in either the test suite or mbedtls - identified by their test number - are ignored,
|
||||
while unexpected failures AND successes are reported as errors,
|
||||
to help keep the list of known defects as up to date as possible.
|
||||
then compile and run the test suite. The clone is stored at <repository root>/psa-arch-tests.
|
||||
Known defects in either the test suite or mbedtls / psa-crypto - identified by their test
|
||||
number - are ignored, while unexpected failures AND successes are reported as errors, to help
|
||||
keep the list of known defects as up to date as possible.
|
||||
"""
|
||||
|
||||
# Copyright The Mbed TLS Contributors
|
||||
@ -22,13 +22,20 @@ to help keep the list of known defects as up to date as possible.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import argparse
|
||||
import os
|
||||
import re
|
||||
import shutil
|
||||
import subprocess
|
||||
import sys
|
||||
from typing import List
|
||||
|
||||
# PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite)
|
||||
#pylint: disable=unused-import
|
||||
import scripts_path
|
||||
from mbedtls_dev import build_tree
|
||||
|
||||
# PSA Compliance tests we expect to fail due to known defects in Mbed TLS / PSA Crypto
|
||||
# (or the test suite).
|
||||
# The test numbers correspond to the numbers used by the console output of the test suite.
|
||||
# Test number 2xx corresponds to the files in the folder
|
||||
# psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx
|
||||
@ -49,12 +56,32 @@ EXPECTED_FAILURES = {
|
||||
PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git'
|
||||
PSA_ARCH_TESTS_REF = 'fix-pr-5736'
|
||||
|
||||
#pylint: disable=too-many-branches,too-many-statements
|
||||
def main():
|
||||
mbedtls_dir = os.getcwd()
|
||||
#pylint: disable=too-many-branches,too-many-statements,too-many-locals
|
||||
def main(library_build_dir: str):
|
||||
root_dir = os.getcwd()
|
||||
|
||||
if not os.path.exists('library/libmbedcrypto.a'):
|
||||
subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a'])
|
||||
in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(root_dir)
|
||||
|
||||
if in_psa_crypto_repo:
|
||||
crypto_name = 'psacrypto'
|
||||
library_subdir = 'core'
|
||||
else:
|
||||
crypto_name = 'mbedcrypto'
|
||||
library_subdir = 'library'
|
||||
|
||||
crypto_lib_filename = (library_build_dir + '/' +
|
||||
library_subdir + '/' +
|
||||
'lib' + crypto_name + '.a')
|
||||
|
||||
if not os.path.exists(crypto_lib_filename):
|
||||
#pylint: disable=bad-continuation
|
||||
subprocess.check_call([
|
||||
'cmake', '.',
|
||||
'-GUnix Makefiles',
|
||||
'-B' + library_build_dir
|
||||
])
|
||||
subprocess.check_call(['cmake', '--build', library_build_dir,
|
||||
'--target', crypto_name])
|
||||
|
||||
psa_arch_tests_dir = 'psa-arch-tests'
|
||||
os.makedirs(psa_arch_tests_dir, exist_ok=True)
|
||||
@ -74,6 +101,9 @@ def main():
|
||||
os.mkdir(build_dir)
|
||||
os.chdir(build_dir)
|
||||
|
||||
extra_includes = (';{}/drivers/builtin/include'.format(root_dir)
|
||||
if in_psa_crypto_repo else '')
|
||||
|
||||
#pylint: disable=bad-continuation
|
||||
subprocess.check_call([
|
||||
'cmake', '..',
|
||||
@ -81,8 +111,9 @@ def main():
|
||||
'-DTARGET=tgt_dev_apis_stdc',
|
||||
'-DTOOLCHAIN=HOST_GCC',
|
||||
'-DSUITE=CRYPTO',
|
||||
'-DPSA_CRYPTO_LIB_FILENAME={}/library/libmbedcrypto.a'.format(mbedtls_dir),
|
||||
'-DPSA_INCLUDE_PATHS={}/include'.format(mbedtls_dir)
|
||||
'-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(root_dir,
|
||||
crypto_lib_filename),
|
||||
('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(root_dir)
|
||||
])
|
||||
subprocess.check_call(['cmake', '--build', '.'])
|
||||
|
||||
@ -95,8 +126,11 @@ def main():
|
||||
)
|
||||
test = -1
|
||||
unexpected_successes = set(EXPECTED_FAILURES)
|
||||
expected_failures = []
|
||||
unexpected_failures = []
|
||||
expected_failures = [] # type: List[int]
|
||||
unexpected_failures = [] # type: List[int]
|
||||
if proc.stdout is None:
|
||||
return 1
|
||||
|
||||
for line in proc.stdout:
|
||||
print(line, end='')
|
||||
match = test_re.match(line)
|
||||
@ -136,7 +170,18 @@ def main():
|
||||
print('SUCCESS')
|
||||
return 0
|
||||
finally:
|
||||
os.chdir(mbedtls_dir)
|
||||
os.chdir(root_dir)
|
||||
|
||||
if __name__ == '__main__':
|
||||
sys.exit(main())
|
||||
BUILD_DIR = 'out_of_source_build'
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument('--build-dir', nargs=1,
|
||||
help='path to Mbed TLS / PSA Crypto build directory')
|
||||
args = parser.parse_args()
|
||||
|
||||
if args.build_dir is not None:
|
||||
BUILD_DIR = args.build_dir[0]
|
||||
|
||||
sys.exit(main(BUILD_DIR))
|
||||
|
Loading…
Reference in New Issue
Block a user