The exception in analyze_outcomes.py follows previous commit in which
a test in test_suite_pkparse was set with the ECP_C guard for a different
parsing of the private key between the legacy and PSA implementations.
The wrong guard in test_suite_ecp.function instead was erroneously
added in a past commit and it was setting a non-existing symbol of
mbedTLS so those tests were basically never executed.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
We maintain a dict with unique AudiData objects
(AuditData with unique underlying X.509 objects).
We don't need merge_auditdata anymore.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
We should print all the information for each objects
found every line. This makes it easy to analyze the
output.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
The identifier is calculated SHA1 hex string from
the DER encoding of each X.509 objects. It's useful
for finding out the identical X.509 objects.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
check_cryptography_version didn't provide helpful
message with Python < 3.6, because re.Match object
is not subscriptable.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Previously, if a file had multiple PEM objects, only
the first one would be parsed. This commit add the
support so that we could parse all the PEM objects
in the file.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit adds support to auto-enable
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled.
Furthermore, the corresponding check is removed in check_config.h.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit introduces a new function to generate extra dependencies
based on REGEX search pattern and predefined dependency list.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Until now, we were never enabling this option in any test.
MBEDTLS_PSA_INJECT_ENTROPY requires MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES, so
it cannot be enabled in the full config and it gets its own component.
Test with MBEDTLS_USE_PSA_CRYPTO enabled, since MBEDTLS_PSA_INJECT_ENTROPY
is a very PSA feature (which can break non-PSA applications), and Mbed
OS (for whch MBEDTLS_PSA_INJECT_ENTROPY was designed) enables
MBEDTLS_USE_PSA_CRYPTO when it enables MBEDTLS_PSA_INJECT_ENTROPY.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that the C code supports the full range of intmax_t, allow any size of
signed integer type in the .data file parser.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Change the type of signed integer arguments from int32_t to intmax_t.
This allows the C code to work with test function arguments with a range
larger than int32_t. A subsequent commit will change the .datax generator
to support larger types.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use normalization the equality comparisons instead of loose regular
expressions to determine the type of an argument of a test function.
Now declarations are parsed in a stricter way: there can't be ignored junk
at the beginning or at the end. For example, `long long unsigned int x`
was accepted as a test function argument (but not `long long unsigned x`),
although this was misleading since the value was truncated to the range of
int. Now only recognized types are accepted.
The new code is slightly looser in that it accepts `char const*` as well as
`const char*`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The test framework stores size_t and int32_t values in the parameter store
by converting them all to int. This is ok in practice, since we assume int
covers int32_t and we don't have test data larger than 2GB. But it's
confusing and error-prone. So make the parameter store a union, which allows
size_t values not to be potentially truncated and makes the code a little
clearer.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
