Run metatests in some components, covering both GCC and Clang, with ASan,
MSan or neither.
Note that this commit does not cover constant-flow testing builds or Valgrind.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Enforce a specific copyright statement and a specific SPDX license
identifier where they are present.
Binary files, third-party modules and a few other exceptions are not
checked.
There is currently no check that copyright statements and license
identifiers are present.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
walk_compat_sh and walk_opt_sh are basically the same now, so:
* Merge them into one function.
* Use the --list-test-cases option for both of them.
* Rename this merged function as collect_from_script which seems
more appropriate as since it isn't iterating the script but
calling it.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
Don't chdir when invoking a test suite executable with an explicit .datax
file. The point of the chdir is to automatically find the .datax file (and
the relative location of the data_files directory) in typical cases. This
conflicts with the expectation that passing a relative path to a .datax file
will work.
(This is what I had originally intended, and what is documented in the
comment, but I forgot to add the argc check in the initial commit.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When running a test suite, try to change to the directory containing the
executable. This allows running a test suite from any directory, and still
allow it to access its .datax file as well as data files (generally in
tests/data_files) used by individual test cases.
Only implemented on Unix-like systems and on Windows.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
crl_file is a test argument and can't be null. Besides the code above
already assumes that it's non-null.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Test mbedtls_ssl_decrypt_buf() with a stream cipher (RC4 or null). Test the
good case (to make sure the test code constructs the input correctly), test
with an invalid MAC, and test with a shortened input.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
test_suite_ssl is huge and needs splitting.
Create a new test suite focused on mbedtls_ssl_decrypt_buf(), which is a
complicated function that needs more thorough testing with malformed inputs.
At this point, we are only doing negative testing with CBC-non-ETM test
suites. This needs to grow.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Return back to modifying input parameters in pkcs12_parse_pbe_params
to avoid change in behaviour.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
Add new mbedtls_pkcs12_pbe_ext function to replace
old mbedtls_pkcs12_pbe function that have security
issues.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
