Commit graph

305 commits

Author SHA1 Message Date
Andrzej Kurek 9c754a9892 config.pl: disable PSA_ITS_FILE and PSA_CRYPTO_STORAGE for baremetal 2019-05-23 03:01:35 -04:00
Andrzej Kurek 03c35a5744 Disable MBEDTLS_ECP_RESTARTABLE in full config
MBEDTLS_ECP_RESTARTABLE is not compatible with MBEDTLS_USE_PSA_CRYPTO.
2019-05-23 03:01:35 -04:00
Manuel Pégourié-Gonnard 971dea3745 Enable USE_PSA_CRYPTO with config.pl full
Previously it was disabled as too experimental, which no longer holds. Also,
this option introduces new APIs, so it's not only about an internal
alternative (as the comment in config.pl used to state) - people who request a
full config should get all of the available APIs.

Adapt all.sh: now all builds with full config will also test this option, and
builds with the default config will test without it. Just to be sure, let's
have a build with full config minus this option.

Update documentation of MBEDTLS_USE_PSA_CRYPTO to reflect the status of the
new APIs it enables in Mbed TLS and why they're still opt-in.
2019-05-23 03:01:35 -04:00
Manuel Pégourié-Gonnard de7636e2dd Enable MBEDTLS_PSA_CRYPTO_C by default
Also enable it in scripts/config.pl full, as well as two storage options that
were only blacklisted from full config because they depended on
MBEDTLS_PSA_CRYPTO_C.
2019-05-23 03:01:35 -04:00
Darryl Green d2dba36f44 Only use submodule if present
Enabling the USE_CRYPTO_SUBMODULE option causes problems if the
crypto submodule isn't present. For example, when building
mbed-crypto as a submodule, it should use error.c from the parent
project if USE_CRYPTO_SUBMODULE is set. However if the parent
project isn't present, then the build will fail. Only enable it
if the submodule actually exists.
2019-05-09 13:17:53 +01:00
Jaeden Amero 5c03c65a66 Merge remote-tracking branch 'origin/pr/2547' into development
* origin/pr/2547:
  generate_visualc_files.pl: add mbedtls source shadowing by crypto
  generate_errors.pl: refactor and simplify the code
  generate_errors.pl: typo fix
  revert changes to generate_features.pl and generate_query_config.pl
  generate_errors.pl: add mbedtls header shadowing by crypto headers
  Add an option to use crypto source files in generated visual c project
  Add description of generate_query_config.pl argument
  Add crypto includes when generating features in generate_features.pl
  Include crypto config when generating query config
  Add crypto includes when generating errors in generate_errors.pl
2019-04-24 11:21:56 +01:00
Darryl Green b2ee0b8782 Use check_output instead of Popen 2019-04-18 09:24:38 +01:00
Andrzej Kurek 021dc3f226 generate_visualc_files.pl: add mbedtls source shadowing by crypto
Running the generation script with "include_crypto" input parameter set to 1
makes the mbedtls sources being overshadowed by crypto sources. 
In case of any duplicate sources, crypto ones take precedence.
2019-04-12 10:51:27 -04:00
Andrzej Kurek 463f049ef0 generate_errors.pl: refactor and simplify the code 2019-04-12 10:35:01 -04:00
Darryl Green f025d5395e Start unused variable with underscore 2019-04-12 15:18:02 +01:00
Darryl Green f67e349863 Correct documentation 2019-04-12 15:17:02 +01:00
Andrzej Kurek e90205f9e6 generate_errors.pl: typo fix 2019-04-12 09:49:30 -04:00
Andrzej Kurek 9b11af42e2 revert changes to generate_features.pl and generate_query_config.pl
These script should depend solely on the external, mbedtls config
2019-04-12 09:43:04 -04:00
Darryl Green 492bc402a3 Check that the report directory is a directory 2019-04-11 15:50:41 +01:00
Darryl Green 0d1ca51107 Use namespaces instead of full classes 2019-04-09 11:46:12 +01:00
Darryl Green 8184df5de9 Fix pylint issues 2019-04-09 11:46:12 +01:00
Darryl Green fe9a67510e Don't put abi dumps in subfolders 2019-04-09 11:46:12 +01:00
Darryl Green 3c3da790d2 Add verbose switch to silence all output except the final report 2019-04-09 11:46:12 +01:00
Darryl Green 1d95c539e9 Fetch the remote crypto branch, rather than cloning it 2019-04-09 11:46:12 +01:00
Darryl Green 3a5f6c83bc Prefix internal functions with underscore 2019-04-09 11:46:11 +01:00
Darryl Green 7c1a73370b Add RepoVersion class to make handling of many arguments easier
There are a number of arguments being passed around, nearly all of
which are duplicated between the old and new versions. Moving these
into a separate class should hopefully make it simpler to follow
what is being done.
2019-04-09 11:46:11 +01:00
Darryl Green e29ce70ca5 Reduce indentation levels 2019-04-09 11:46:11 +01:00
Darryl Green 4cde8a0513 Improve documentation 2019-04-09 11:46:11 +01:00
Darryl Green c5132ffc41 Use optional arguments for setting repositories 2019-04-09 11:46:11 +01:00
Darryl Green ddf25a6095 Only build the library
We only need the .so files, so only build the library
2019-04-09 11:46:11 +01:00
Darryl Green 4831145cdd Add ability to compare submodules from different repositories
As before with wanting to compare revisions across different
repositories, the ability to select the crypto submodule from a
different repository is useful.
2019-04-09 11:46:11 +01:00
Darryl Green 3e7a980d62 Add handling for cases when not all .so files are present
We may wish to compare ABI/API between Mbed TLS and Mbed Crypto,
which will cause issues as not all .so files are shared. Only
compare .so files which both libraries have.
2019-04-09 11:46:11 +01:00
Darryl Green 9f357d65d4 Extend functionality to allow setting crypto submodule version
As going forward we will have Crypto in a submodule, we will need to
be able to check ABI compatibility between versions using different
submodule versions. For TLS versions that support the submodule, we
will always build using the submodule.

If the Crypto submodule is used, libmbedcrypto.so is not in the main
library folder, but in crypto/library instead. Given this, the script
searches for *.so files and notes their path, in order to create the
dumps correctly.
2019-04-09 11:46:11 +01:00
Darryl Green 3d3d552579 Simplify logic for checking if report folder can be removed 2019-04-09 11:46:11 +01:00
Darryl Green e62f9bbbf1 Add option for a brief report of problems only 2019-04-09 11:46:11 +01:00
Darryl Green c2883a29bc Add option to skip identifiers in ABI checks
By default abi-compliance-checker will check the entire ABI/API.
There are internal identifiers that we do not promise compatibility
for, so we want the ability to skip them when checking the ABI/API.
2019-04-09 11:46:11 +01:00
Darryl Green da84e3215e Extend abi-checking to different repos 2019-04-09 11:46:11 +01:00
Andrzej Kurek 91c6030584 generate_errors.pl: add mbedtls header shadowing by crypto headers
Abort script upon encountering a duplicated error
2019-04-09 03:32:31 -04:00
Jaeden Amero 7c1e6193af Merge remote-tracking branch 'origin/pr/2464' into development
* origin/pr/2464:
  Allow main() to lack a docstring.
  Silence pylint
  check-files.py: readability improvement in permission check
  check-files.py: use class fields for class-wide constants
  check-files.py: clean up class structure
  abi_check.py: Document more methods
  check-files.py: document some classes and methods
  Fix pylint errors going uncaught
  Call pylint3, not pylint
  New, documented pylint configuration
2019-04-05 14:19:09 +01:00
Andrzej Kurek 92f91fc9ff Add an option to use crypto source files in generated visual c project 2019-04-05 05:49:53 -04:00
Andrzej Kurek b4b1ae193b Add description of generate_query_config.pl argument 2019-04-05 04:16:12 -04:00
Andrzej Kurek 79369cd8d9 Add crypto includes when generating features in generate_features.pl
Adjusted generate_features to have a configuration option of including crypto
config. Turned on by default.
2019-04-05 04:07:40 -04:00
Andrzej Kurek ef907604f8 Include crypto config when generating query config
Adjusted generate_query_config.pl to have a configuration option 
of including the crypto config. Turned on by default.
2019-04-05 03:56:27 -04:00
Jaeden Amero 57f4d9e4fe Update crypto submodule to test with private headers
Update the crypto submodule to the top of the Mbed Crypto development
branch. This brings in a version of Mbed Crypto that enables building
Mbed Crypto tests that depend on private headers, like
'psa_crypto_invasive.h'.

This also requires updating our config.h to include new configuration
options added to Mbed Crypto. MBEDTLS_PSA_ITS_FILE_C replaces
MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C and MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C.
MBEDTLS_PSA_INJECT_ENTROPY replaces MBEDTLS_PSA_HAS_ITS_IO.
2019-03-19 15:45:09 +00:00
Andrzej Kurek b0fc484188 Add crypto includes when generating errors in generate_errors.pl
Adjusted generate_errors to have a configuration option of including crypto files.
Turned on by default
2019-03-12 10:48:18 -04:00
Andres Amaya Garcia 4a512281ec Reduce priority of 3DES ciphersuites 2019-03-01 10:19:27 +01:00
Gilles Peskine e915d532a6 Silence pylint
Silence pylint in specific places where we're doing slightly unusual
or dodgy, but correct.
2019-02-27 11:03:25 +01:00
Gilles Peskine 712afa74f4 abi_check.py: Document more methods 2019-02-27 11:03:25 +01:00
Jaeden Amero 415620c1f2 Merge remote-tracking branch 'origin/pr/2105' into development
Additional work done as part of merge:
    - Run ./tests/scripts/check-generated-files.sh and check in the
      resulting changes to programs/ssl/query_config.c
2019-02-22 10:33:15 +00:00
Andrzej Kurek 172457460b Add MBEDTLS_PSA_HAS_ITS_IO to config.pl exclude list 2019-02-07 08:49:53 -05:00
Andrzej Kurek d3643ef29b Add PSA defines to config.pl exclude list 2019-02-07 07:41:27 -05:00
Andres Amaya Garcia 17c53c5c1e Fix check-generated-files.sh failure with query_config 2019-02-07 10:38:23 +00:00
Andres Amaya Garcia bc432b8232 Use \r instead of 0xD in generate_visualc_files.pl 2019-02-07 10:38:23 +00:00
Andres Amaya Garcia 8645f733cf Update query_config.c with new macros 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia ef672f0319 Exclude macros from query_config.c generation 2019-02-07 10:38:22 +00:00