From 3df1dae6c0afd25acb9d9c7f1262daf957747d3b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jan 2022 22:30:25 +0100 Subject: [PATCH 1/5] CMake: generate the list of test suites automatically We keep forgetting to register new test suites in tests/CMakeLists.txt. To fix this problem once and for all, remove the need for manual registration. The following test suites were missing: test_suite_cipher.aria test_suite_psa_crypto_driver_wrappers Signed-off-by: Gilles Peskine --- tests/CMakeLists.txt | 104 ++++--------------------------------------- 1 file changed, 9 insertions(+), 95 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index f86127245d..5dfddb717a 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -77,101 +77,15 @@ if(MSVC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-") endif(MSVC) -add_test_suite(aes aes.cbc) -add_test_suite(aes aes.cfb) -add_test_suite(aes aes.ecb) -add_test_suite(aes aes.ofb) -add_test_suite(aes aes.rest) -add_test_suite(aes aes.xts) -add_test_suite(arc4) -add_test_suite(aria) -add_test_suite(asn1parse) -add_test_suite(asn1write) -add_test_suite(base64) -add_test_suite(blowfish) -add_test_suite(camellia) -add_test_suite(ccm) -add_test_suite(chacha20) -add_test_suite(chachapoly) -add_test_suite(cipher cipher.aes) -add_test_suite(cipher cipher.arc4) -add_test_suite(cipher cipher.blowfish) -add_test_suite(cipher cipher.camellia) -add_test_suite(cipher cipher.ccm) -add_test_suite(cipher cipher.chacha20) -add_test_suite(cipher cipher.chachapoly) -add_test_suite(cipher cipher.des) -add_test_suite(cipher cipher.gcm) -add_test_suite(cipher cipher.misc) -add_test_suite(cipher cipher.nist_kw) -add_test_suite(cipher cipher.null) -add_test_suite(cipher cipher.padding) -add_test_suite(cmac) -add_test_suite(ctr_drbg) -add_test_suite(debug) -add_test_suite(des) -add_test_suite(dhm) -add_test_suite(ecdh) -add_test_suite(ecdsa) -add_test_suite(ecjpake) -add_test_suite(ecp) -add_test_suite(entropy) -add_test_suite(error) -add_test_suite(gcm gcm.aes128_de) -add_test_suite(gcm gcm.aes128_en) -add_test_suite(gcm gcm.aes192_de) -add_test_suite(gcm gcm.aes192_en) -add_test_suite(gcm gcm.aes256_de) -add_test_suite(gcm gcm.aes256_en) -add_test_suite(gcm gcm.camellia) -add_test_suite(gcm gcm.misc) -add_test_suite(hkdf) -add_test_suite(hmac_drbg hmac_drbg.misc) -add_test_suite(hmac_drbg hmac_drbg.no_reseed) -add_test_suite(hmac_drbg hmac_drbg.nopr) -add_test_suite(hmac_drbg hmac_drbg.pr) -add_test_suite(md) -add_test_suite(mdx) -add_test_suite(memory_buffer_alloc) -add_test_suite(mpi) -add_test_suite(mps) -add_test_suite(net) -add_test_suite(nist_kw) -add_test_suite(oid) -add_test_suite(pem) -add_test_suite(pk) -add_test_suite(pkcs1_v15) -add_test_suite(pkcs1_v21) -add_test_suite(pkcs5) -add_test_suite(pkcs12) -add_test_suite(pkparse) -add_test_suite(pkwrite) -add_test_suite(poly1305) -add_test_suite(psa_crypto) -add_test_suite(psa_crypto_attributes) -add_test_suite(psa_crypto_entropy) -add_test_suite(psa_crypto_hash) -add_test_suite(psa_crypto_init) -add_test_suite(psa_crypto_metadata) -add_test_suite(psa_crypto_not_supported psa_crypto_not_supported.generated) -add_test_suite(psa_crypto_not_supported psa_crypto_not_supported.misc) -add_test_suite(psa_crypto_persistent_key) -add_test_suite(psa_crypto_se_driver_hal) -add_test_suite(psa_crypto_se_driver_hal_mocks) -add_test_suite(psa_crypto_slot_management) -add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.misc) -add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.current) -add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.v0) -add_test_suite(psa_its) -add_test_suite(random) -add_test_suite(rsa) -add_test_suite(shax) -add_test_suite(ssl) -add_test_suite(timing) -add_test_suite(version) -add_test_suite(x509parse) -add_test_suite(x509write) -add_test_suite(xtea) +file(GLOB test_suites RELATIVE "${CMAKE_CURRENT_SOURCE_DIR}" suites/*.data) +list(SORT test_suites) +foreach(test_suite ${test_suites}) + get_filename_component(data_name ${test_suite} NAME) + string(REGEX REPLACE "\\.data\$" "" data_name "${data_name}") + string(REPLACE "test_suite_" "" data_name "${data_name}") + string(REGEX MATCH "[^.]*" function_name "${data_name}") + add_test_suite(${function_name} ${data_name}) +endforeach(test_suite) # Make scripts and data files needed for testing available in an # out-of-source build. From ca9cfcaed95719591e7c678cb0e7337ce689feb3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Feb 2022 00:21:12 +0100 Subject: [PATCH 2/5] Stop CMake out of source tests running on 16.04 (continued) The race condition mentioned in the previous commit "Stop CMake out of source tests running on 16.04" has also been observed with test_cmake_as_subdirectory on 3.1 and can presumably happen on 2.28 as well. So skip it on Ubuntu 16.04 as well. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c07ef34f5d..d70ed7738e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3006,6 +3006,9 @@ component_test_cmake_as_subdirectory () { cd "$MBEDTLS_ROOT_DIR" unset MBEDTLS_ROOT_DIR } +support_test_cmake_as_subdirectory () { + support_test_cmake_out_of_source +} component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by From 717d55edbe60f310a2118a8a6e88c6e6e0c70633 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Feb 2022 00:25:06 +0100 Subject: [PATCH 3/5] Remove obsolete cd at the end of a component This is no longer useful now that components run in a subshell. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d70ed7738e..24fc27d225 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2996,15 +2996,10 @@ component_test_cmake_out_of_source () { component_test_cmake_as_subdirectory () { msg "build: cmake 'as-subdirectory' build" - MBEDTLS_ROOT_DIR="$PWD" - cd programs/test/cmake_subproject cmake . make ./cmake_subproject - - cd "$MBEDTLS_ROOT_DIR" - unset MBEDTLS_ROOT_DIR } support_test_cmake_as_subdirectory () { support_test_cmake_out_of_source From fdddb9de8ffb37d9d6c804ada5543f7ade06ba91 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Feb 2022 00:29:18 +0100 Subject: [PATCH 4/5] Remove obsolete variable restoration or unset at the end of a component This is no longer useful now that components run in a subshell. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 24fc27d225..ff220a25da 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -846,7 +846,6 @@ component_test_default_out_of_box () { msg "build: make, default config (out-of-box)" # ~1min make # Disable fancy stuff - SAVE_MBEDTLS_TEST_OUTCOME_FILE="$MBEDTLS_TEST_OUTCOME_FILE" unset MBEDTLS_TEST_OUTCOME_FILE msg "test: main suites make, default config (out-of-box)" # ~10s @@ -854,9 +853,6 @@ component_test_default_out_of_box () { msg "selftest: make, default config (out-of-box)" # ~10s programs/test/selftest - - export MBEDTLS_TEST_OUTCOME_FILE="$SAVE_MBEDTLS_TEST_OUTCOME_FILE" - unset SAVE_MBEDTLS_TEST_OUTCOME_FILE } component_test_default_cmake_gcc_asan () { @@ -1619,9 +1615,6 @@ component_test_psa_crypto_config_accel_ecdsa () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - if_build_succeeded not grep mbedtls_ecdsa_ library/ecdsa.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" @@ -1705,9 +1698,6 @@ component_test_psa_crypto_config_accel_rsa_signature () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - if_build_succeeded not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o if_build_succeeded not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o @@ -1745,9 +1735,6 @@ component_test_psa_crypto_config_accel_hash () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - if_build_succeeded not grep mbedtls_sha512_init library/sha512.o if_build_succeeded not grep mbedtls_sha1_init library/sha1.o @@ -1785,9 +1772,6 @@ component_test_psa_crypto_config_accel_cipher () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - if_build_succeeded not grep mbedtls_des* library/des.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" @@ -2576,7 +2560,6 @@ component_test_psa_crypto_drivers () { loc_cflags="${loc_cflags} -I../tests/include -O2" make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" - unset loc_cflags msg "test: full + MBEDTLS_PSA_CRYPTO_DRIVERS" make test @@ -3031,8 +3014,6 @@ component_test_zeroize () { make clean done done - - unset gdb_disable_aslr } component_test_psa_compliance () { From d4c5c3d231c6a129e43850ea8ec229363a552fc3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 4 Feb 2022 00:30:54 +0100 Subject: [PATCH 5/5] Remove obsolete calls to if_build_succeeded This is now a no-op. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ff220a25da..c43bc5805d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1615,7 +1615,7 @@ component_test_psa_crypto_config_accel_ecdsa () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - if_build_succeeded not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdsa_ library/ecdsa.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" make test @@ -1698,8 +1698,8 @@ component_test_psa_crypto_config_accel_rsa_signature () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - if_build_succeeded not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o - if_build_succeeded not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o + not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" make test @@ -1735,8 +1735,8 @@ component_test_psa_crypto_config_accel_hash () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - if_build_succeeded not grep mbedtls_sha512_init library/sha512.o - if_build_succeeded not grep mbedtls_sha1_init library/sha1.o + not grep mbedtls_sha512_init library/sha512.o + not grep mbedtls_sha1_init library/sha1.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" make test @@ -1772,7 +1772,7 @@ component_test_psa_crypto_config_accel_cipher () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - if_build_succeeded not grep mbedtls_des* library/des.o + not grep mbedtls_des* library/des.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" make test