Commit graph

10962 commits

Author SHA1 Message Date
Ron Eldor b7c9626e76 Update soon to be expired crl
Update crl.pem, as it will expire on November 25 2019.
Resolves #2357.
2019-07-09 16:48:09 +03:00
Jaeden Amero 482a479ef0 Merge remote-tracking branch 'origin/pr/2699' into development
* origin/pr/2699:
  Update crypto submodule to a revision with the HAVEGE header changes
  Fix misuse of signed ints in the HAVEGE module
2019-07-05 15:41:39 +01:00
Gilles Peskine 06e752b2c2 Update crypto submodule to a revision with the HAVEGE header changes 2019-07-05 16:36:40 +02:00
Jaeden Amero b6229e304e
Merge pull request #149 from gilles-peskine-arm/havege-asan-crypto
Fix misuse of signed ints in the HAVEGE module
2019-07-05 15:30:30 +01:00
Jaeden Amero 0f220ec73b Test with MBEDTLS_ECP_RESTARTABLE
We accidentally disabled testing with MBEDTLS_ECP_RESTARTABLE. Re-enable
testing with restartable ECP when MBEDTLS_USE_PSA_CRYPTO is not set.

Fixes 971dea3745 ("Enable USE_PSA_CRYPTO with config.pl full")
2019-07-05 15:14:57 +01:00
Jaeden Amero e78cd62acb
Merge pull request #159 from k-stachowiak/IOTCRYPT-474-prevent-dead-code-warning
Prevent dead code warning
2019-07-05 14:43:11 +01:00
Hanno Becker e69d0150d7 Add TEST_ASSUME macro to allow skipping tests at runtime
This commit adds a macro TEST_ASSUME to the test infrastructure
which allows to skip tests based on unmet conditions determined
at runtime.
2019-07-05 13:39:09 +01:00
Gilles Peskine 55b49ee10f Allow TODO in code
Don't reject TODO in code. Fix #2587
2019-07-04 19:39:06 +02:00
Gilles Peskine 7dfcfceb49 Use the docstring in the command line help 2019-07-04 19:39:06 +02:00
Gilles Peskine ada828f36a Split _abi_compliance_command into smaller functions
This makes the code easier to read and pacifies pylint.
2019-07-04 19:20:35 +02:00
Gilles Peskine 3e2da4acf2 Record the commits that were compared
Record the commit ID in addition to the symbolic name of the version
being tested. This makes it easier to figure out what has been
compared when reading logs that don't always indicate explicitly what
things like HEAD are.

This makes the title of HTML reports somewhat verbose, but I think
that's a small price to pay.
2019-07-04 19:06:54 +02:00
Gilles Peskine b6ce234c57 Document how to build the typical argument for -s 2019-07-04 19:00:31 +02:00
Gilles Peskine 6aa32ccfae Allow running /somewhere/else/path/to/abi_check.py
Don't require abi_check.py to be the one in scripts/ under the current
directory.
2019-07-04 18:59:36 +02:00
k-stachowiak 653a4a2fba Prevent dead code warning
The window size variable in ecp_pick_window_size() can take values
4, 5 or 6, but we clamp it not to exceed the value of
MBEDTLS_ECP_WINDOW_SIZE. If that is 6 (default) or higher, the
static analyzer will point out that the test:
w > MBEDTLS_ECP_WINDOW_SIZE always evaluates to false.

This commit removes the test for the cases of the window size
large enough to fit all the potential values of the variable.
2019-07-04 12:19:47 +02:00
Jaeden Amero 6e70eb2678 tests: Limit each log to 10 GiB
Limit log output in compat.sh and ssl-opt.sh, in case of failures with these
scripts where they may output seemingly unlimited length error logs.

Note that ulimit -f uses units of 512 bytes, so we use 10 * 1024 * 1024 * 2 to
get 10 GiB.
2019-07-03 16:54:44 +01:00
Gilles Peskine be517164d2 Warn if VLAs are used
We don't intend to use C99 variable-length arrays, so make the
compiler complain about them.
2019-07-02 20:22:11 +02:00
Gilles Peskine 1e65771ba3 Remove redundant compiler flag
`-Wunused' is included in `-Wall -Wextra'.
2019-07-02 20:05:20 +02:00
Gilles Peskine 85aba47715 Consistently spell -Wextra
-W is a deprecated alias of -Wextra. Consistently use the new name.
2019-07-02 20:05:16 +02:00
Ron Eldor 5131f771ef Fix parsing issue when int parameter is in base 16
Fix error `ValueError: invalid literal for int() with base 10:` that
is caused when a parameter is given in base 16. Use relevant base
when calling `int()` function.
2019-07-02 11:02:29 +03:00
Jaeden Amero a4b94c460d Update Mbed Crypto to contain mbed-crypto#152
Update Mbed Crypto to a commit on its development branch that contains
the merged [mbed-crypto#152
PR](https://github.com/ARMmbed/mbed-crypto/pull/152).
2019-07-02 08:43:57 +01:00
Jaeden Amero ee6f9b2a9f
Merge pull request #152 from Patater/cmake-subproject-fix
Enable use of Mbed TLS and Mbed Crypto as a CMake subproject
2019-07-02 08:39:11 +01:00
Peter Kolbus 718c74ca85 Improve compatibility with firewalled networks
* Allow specifying MBEDTLS_DOCKER_REGISTRY for organizations that have
  a mirroring proxy of Docker Hub
* Specify "--network host" during build to ensure use of the host's
  DNS resolution.
2019-06-29 17:45:34 -05:00
Peter Kolbus be54358fa7 Dockerfile: apt -> apt-get
Dockerfile commands should be using apt-get, not apt.
2019-06-29 17:45:34 -05:00
Peter Kolbus 49c2435a40 Change Docker container to bionic
Commit 117b8a4516 requires version 6+
of i686-w64-mingw32-gcc to run the mingw builds, but Ubuntu Xenial (16.04)
supplies 5.3.1. Change the Docker container to Ubuntu Bionic (18.04) to
pick up a version that will run the tests.
2019-06-29 17:45:34 -05:00
Peter Kolbus 4225b1a966 Clean up file prologue comments
Update new files to include the same legalese as in aes.h. Editorial
touchups in Dockerfile and ssl-opt-in-docker.sh.
2019-06-29 17:45:34 -05:00
Peter Kolbus e4e2d3a396 Add docker-based test scripts
Enable running tests under Docker. This makes it easier to spin up an
environment with all dependencies (especially the multiple versions of
openssl and gnutls needed).
* tests/docker/xenial/Dockerfile: Definition for the docker image,
  including local builds for openssl and gnutls.
* tests/scripts/docker_env.sh: New helper script that creates the Docker
  image and has a function to run a command in the Docker container.
* tests/docker/all-in-docker.sh: Wrapper for all.sh under Docker.
* tests/docker/basic-in-docker.sh: Script that runs the same commands as
  .travis.yml, in Docker.
* tests/ssl-opt-in-docker.sh: Wrapper to run ssl-opt.sh in Docker.
* tests/compat-in-docker.sh: Wrapper to run compat.sh in Docker.
* tests/make-in-docker.sh: Wrapper to run make in Docker.

Change-Id: Ie092b1deed24c24c3859754535589523ce1d0a58
2019-06-29 17:45:34 -05:00
Philippe Antoine daab28a4af checks MBEDTLS_PEM_PARSE_C 2019-06-28 12:31:23 +02:00
Jaeden Amero 8646a9241c
Merge pull request #156 from k-stachowiak/add-basic-build-to-all-sh
Add an alternarive full build component to all.sh
2019-06-28 10:32:19 +01:00
Philippe Antoine 5dece6da2c Restore programs/fuzz/Makefile after in-tree cmake 2019-06-27 16:55:07 +02:00
k-stachowiak 5559b31b6b Disable optimizations for the full+make+gcc all.sh component 2019-06-27 11:28:11 +02:00
Philippe Antoine 48f35f50bf Move fuzz directory to programs 2019-06-27 08:46:45 +02:00
Jaeden Amero 0069ab7d96 ChangeLog: Add ChangeLog entry for #2681 2019-06-26 17:17:18 +01:00
k-stachowiak 0291cb7180 Add an alternarive full build component to all.sh 2019-06-26 15:52:12 +02:00
Jaeden Amero e8451f2274 CMake: Add a subdirectory build regression test
If we have a regression with the "build Mbed Crypto as a subdirectory
with CMake" feature and fail to build, fail the test.
2019-06-26 12:46:53 +01:00
Jaeden Amero 77dd25d98f tests: Enable building with add_subdirectory()
When building Mbed Crypto when including it via CMake's
`add_subdirectory()`, the tests are also built by default. This means
all headers the tests need must be public, in order for the build of the
tests to have access to the headers.
2019-06-26 12:46:53 +01:00
Ashley Duncan d85a7e9b09 Remove use of CMAKE_SOURCE_DIR
Remove use of CMAKE_SOURCE_DIR in case mbedtls is built from within
another CMake project. Define MBEDTLS_DIR to ${CMAKE_CURRENT_SOURCE_DIR}
in the main CMakeLists.txt file and refer to that when defining target
include paths to enable mbedtls to be built as a sub project.

Fixes https://github.com/ARMmbed/mbedtls/issues/2609

Signed-off-by: Ashley Duncan <ashes.man@gmail.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2019-06-26 12:46:53 +01:00
Philippe Antoine cf8fdfd8e1 Documentation for corpus generation 2019-06-25 22:06:35 +02:00
Philippe Antoine 1c582c3b8b Restore tests/fuzz/Makefile after in-tree cmake
Save and restore the Makefile in tests/fuzz like the other makefiles.
2019-06-25 21:55:21 +02:00
Philippe Antoine adc23e6132 Adding ifdefs to avoid warnings for unused globals 2019-06-25 21:53:12 +02:00
Philippe Antoine cd2c127f75 Adds LDFLAGS fsanitize=address 2019-06-25 21:50:07 +02:00
Gilles Peskine c2d56a4446 Allow declarations after statements
We officially allow C99, so don't forbid this C99 feature.
2019-06-25 18:52:06 +02:00
Jaeden Amero ab83fdf944 CMake: Add a subdirectory build regression test
If we have a regression with the "build Mbed TLS as a subdirectory with
CMake" feature and fail to build, fail the test.
2019-06-25 15:21:24 +01:00
Jaeden Amero 41421c4797 README: Enable builds as a CMake subproject
Update the README with information on a newly supported feature: the
ability to build Mbed TLS as a subproject of another CMake project.
2019-06-25 13:34:12 +01:00
Jaeden Amero 33b6a99d4d ChangeLog: Enable builds as a CMake subproject 2019-06-25 13:34:11 +01:00
Ashley Duncan 3278081428 Remove use of CMAKE_SOURCE_DIR
Remove use of CMAKE_SOURCE_DIR in case mbedtls is built from within
another CMake project. Define MBEDTLS_DIR to ${CMAKE_CURRENT_SOURCE_DIR}
in the main CMakeLists.txt file and refer to that when defining target
include paths to enable mbedtls to be built as a sub project.

Fixes #2609

Signed-off-by: Ashley Duncan <ashes.man@gmail.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2019-06-25 13:33:51 +01:00
Ron Eldor 72662a495c Refactor receive_uint32()
Call `greentea_getc()` 8 times, and then `unhexify` once, instead of
calling `receive_byte()`, which inside calls `greentea_getc()` twice,
for every hex digit.
2019-06-25 14:56:44 +03:00
Ron Eldor b220489422 Refactor get_byte function
Change implementation of `get_byte()` to call `unhexify()`.
2019-06-25 14:56:44 +03:00
Ron Eldor 64e45950de Make the script portable to both pythons
Make the script work for python3 and for python2
2019-06-25 14:56:43 +03:00
Ron Eldor 5075f4df18 Update the test encoding to support python3
Since Python3 handles encoding differently than Python2,
a change in the way the data is encoded and sent to the target is needed.
1. Change the test data to be sent as hex string
2. Convert the characters to binary bytes.

This is done because the mbed tools translate the encoding differently
(mbed-greentea, and mbed-htrunner)
2019-06-25 14:56:01 +03:00
Ron Eldor 33908e8429 update the test script
Update `mbedtls_test.py` script to work with Python 3.7.
resolves #2653
2019-06-25 14:55:43 +03:00