Commit graph

11679 commits

Author SHA1 Message Date
Jaeden Amero 137c5b7297 Merge remote-tracking branch 'origin/pr/2477' into development
* origin/pr/2477:
  Fix typo in data_file generator code
2019-04-16 14:38:58 +01:00
Jaeden Amero bc195a99c7 Merge remote-tracking branch 'origin/pr/2474' into development
* origin/pr/2474:
  Fix the proxy seed in Travis runs
2019-04-16 14:37:15 +01:00
Gilles Peskine 139ec3b913 Don't call mbedtls_cipher_setkey twice
The documentation doesn't explicitly say whether it's allowed or not.
This currently works with the default software implementation, but
only by accident. It isn't guaranteed to work with new ciphers or with
alternative implementations of individual ciphers, and it doesn't work
with the PSA wrappers. So don't do it.
2019-04-16 15:25:20 +02:00
Ron Eldor 3b4f9eac44 Update crypto submodule
Update crypto submodule to latest commit
2019-04-16 13:31:27 +03:00
Ron Eldor 685a398a6b Minor fixes in get certificate policies oid test
1. Remove irrelevant  dependency on `MBEDTLS_ASN1_WRITE_C`.
2. Remove whitespace between `*` and parameter.
2019-04-16 13:26:54 +03:00
Ron Eldor e82341646a Add certificate policy oid x509 extension
Add the `MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES` to the list
of supported x509 extensions, in `mbedtls_oid_get_x509_ext_type()`.
2019-04-16 13:26:54 +03:00
Jaeden Amero e6d5a501ba Merge remote-tracking branch 'origin/pr/2558' into development
* origin/pr/2558:
  Skip uncritical unsupported extensions
2019-04-15 13:13:26 +01:00
Jaeden Amero 125a1e980e
Merge pull request #90 from dgreen-arm/fix-its-file-on-windows
Use Windows-specific renaming function
2019-04-15 10:23:19 +01:00
Peter Kolbus 2ae29ba444 cpp_dummy_build: Add missing header psa_util.h
Add missing header to fix #2579.

Change-Id: I038166b826534bac853be34a0281384e26675187
2019-04-14 15:55:20 -05:00
Andrzej Kurek 021dc3f226 generate_visualc_files.pl: add mbedtls source shadowing by crypto
Running the generation script with "include_crypto" input parameter set to 1
makes the mbedtls sources being overshadowed by crypto sources. 
In case of any duplicate sources, crypto ones take precedence.
2019-04-12 10:51:27 -04:00
Andrzej Kurek 463f049ef0 generate_errors.pl: refactor and simplify the code 2019-04-12 10:35:01 -04:00
Darryl Green f025d5395e Start unused variable with underscore 2019-04-12 15:18:02 +01:00
Darryl Green f67e349863 Correct documentation 2019-04-12 15:17:02 +01:00
Andrzej Kurek e90205f9e6 generate_errors.pl: typo fix 2019-04-12 09:49:30 -04:00
Andrzej Kurek 9b11af42e2 revert changes to generate_features.pl and generate_query_config.pl
These script should depend solely on the external, mbedtls config
2019-04-12 09:43:04 -04:00
Gilles Peskine f9ee633d33 Fix confusion between HMAC algorithm and the corresponding hash 2019-04-11 21:22:52 +02:00
Darryl Green 492bc402a3 Check that the report directory is a directory 2019-04-11 15:50:41 +01:00
Darryl Green 86095bcaa8 Document rename_replace_existing macro 2019-04-11 14:21:14 +01:00
Darryl Green fdda7de048 Use function-like macro for Windows renaming 2019-04-11 12:54:02 +01:00
Gilles Peskine f1349e4bfe Clarify comment mangled by an earlier refactoring 2019-04-10 18:41:53 +02:00
Gilles Peskine 7832c9fc3d Add an "out-of-box" component
Just run `make` and `make test`. And `selftest` for good measure.
2019-04-10 18:41:53 +02:00
Gilles Peskine 4b317616eb Run ssl-opt.sh on 32-bit runtime
Run ssl-opt.sh on x86_32 with ASan. This may detect bugs that only
show up on 32-bit platforms, for example due to size_t overflow.

For this component, turn off some memory management features that are
not useful, potentially slow, and may reduce ASan's effectiveness at
catching buffer overflows.
2019-04-10 18:41:53 +02:00
Darryl Green b467934fb7 Use Windows-specific renaming function
On Windows, rename() fails if the new filename already exists.
Use the Windows specific function MoveFileExA with the
MOVEFILE_REPLACE_EXISTING flag set instead to do renames.
2019-04-10 15:37:06 +01:00
Qixiang Xu 7346b312e1 Fix CMake build error on Cygwin and minGW platforms
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
2019-04-10 14:59:29 +01:00
Marcel c709a00b7b change .gitignore line endings to UNIX 2019-04-10 12:49:07 +01:00
Ron Eldor 8e6740f15d Update ChangeLog
Co-Authored-By: confusedsushi <confused.sushi@googlemail.com>
2019-04-10 12:49:06 +01:00
Marcel a6ead983b3 mention .gitignore changes in ChangeLog 2019-04-10 12:48:19 +01:00
Marcel 9786657365 add Visual Studio filters to .gitignore 2019-04-10 12:47:34 +01:00
Marcel b555457d39 update .gitignore to include Visual Studio artifacts 2019-04-10 12:47:34 +01:00
Hanno Becker 4c8c7aa95e Don't use debug level 1 for informational messages 2019-04-10 09:26:53 +01:00
Ron Eldor df48efa77a Skip uncritical unsupported extensions
Skip extensions that have support in the `oid` layer`, but
no parser found in the x509 layer, in case these are not critical.
2019-04-10 11:06:53 +03:00
Darryl Green 0d1ca51107 Use namespaces instead of full classes 2019-04-09 11:46:12 +01:00
Darryl Green 8184df5de9 Fix pylint issues 2019-04-09 11:46:12 +01:00
Darryl Green fe9a67510e Don't put abi dumps in subfolders 2019-04-09 11:46:12 +01:00
Darryl Green 3c3da790d2 Add verbose switch to silence all output except the final report 2019-04-09 11:46:12 +01:00
Darryl Green 1d95c539e9 Fetch the remote crypto branch, rather than cloning it 2019-04-09 11:46:12 +01:00
Darryl Green 3a5f6c83bc Prefix internal functions with underscore 2019-04-09 11:46:11 +01:00
Darryl Green 7c1a73370b Add RepoVersion class to make handling of many arguments easier
There are a number of arguments being passed around, nearly all of
which are duplicated between the old and new versions. Moving these
into a separate class should hopefully make it simpler to follow
what is being done.
2019-04-09 11:46:11 +01:00
Darryl Green e29ce70ca5 Reduce indentation levels 2019-04-09 11:46:11 +01:00
Darryl Green 4cde8a0513 Improve documentation 2019-04-09 11:46:11 +01:00
Darryl Green c5132ffc41 Use optional arguments for setting repositories 2019-04-09 11:46:11 +01:00
Darryl Green ddf25a6095 Only build the library
We only need the .so files, so only build the library
2019-04-09 11:46:11 +01:00
Darryl Green 4831145cdd Add ability to compare submodules from different repositories
As before with wanting to compare revisions across different
repositories, the ability to select the crypto submodule from a
different repository is useful.
2019-04-09 11:46:11 +01:00
Darryl Green 3e7a980d62 Add handling for cases when not all .so files are present
We may wish to compare ABI/API between Mbed TLS and Mbed Crypto,
which will cause issues as not all .so files are shared. Only
compare .so files which both libraries have.
2019-04-09 11:46:11 +01:00
Darryl Green 9f357d65d4 Extend functionality to allow setting crypto submodule version
As going forward we will have Crypto in a submodule, we will need to
be able to check ABI compatibility between versions using different
submodule versions. For TLS versions that support the submodule, we
will always build using the submodule.

If the Crypto submodule is used, libmbedcrypto.so is not in the main
library folder, but in crypto/library instead. Given this, the script
searches for *.so files and notes their path, in order to create the
dumps correctly.
2019-04-09 11:46:11 +01:00
Darryl Green 3d3d552579 Simplify logic for checking if report folder can be removed 2019-04-09 11:46:11 +01:00
Darryl Green e62f9bbbf1 Add option for a brief report of problems only 2019-04-09 11:46:11 +01:00
Darryl Green c2883a29bc Add option to skip identifiers in ABI checks
By default abi-compliance-checker will check the entire ABI/API.
There are internal identifiers that we do not promise compatibility
for, so we want the ability to skip them when checking the ABI/API.
2019-04-09 11:46:11 +01:00
Darryl Green da84e3215e Extend abi-checking to different repos 2019-04-09 11:46:11 +01:00
Gilles Peskine 1e2730b9b1 Update usage of PSA_ALG_ECDH so that test_suite_psa_crypto compiles 2019-04-09 12:25:23 +02:00