#!/usr/bin/env python3 """Test the configuration checks generated by generate_config_checks.py. """ ## Copyright The Mbed TLS Contributors ## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import unittest import scripts_path # pylint: disable=unused-import from mbedtls_framework import unittest_config_checks class MbedtlsTestConfigChecks(unittest_config_checks.TestConfigChecks): """Mbed TLS unit tests for checks generated by config_checks_generator.""" #pylint: disable=invalid-name # uppercase letters make sense here PROJECT_CONFIG_C = 'library/mbedtls_config.c' PROJECT_SPECIFIC_INCLUDE_DIRECTORIES = [ 'tf-psa-crypto/include', 'tf-psa-crypto/drivers/builtin/include', ] @unittest.skip("At this time, mbedtls does not go through crypto's check_config.h.") def test_crypto_no_fs_io(self) -> None: """A sample error expected from crypto's check_config.h.""" self.bad_case('#undef MBEDTLS_FS_IO', None, error=('MBEDTLS_PSA_ITS_FILE_C')) def test_mbedtls_no_session_tickets_for_early_data(self) -> None: """An error expected from mbedtls_check_config.h based on the TLS configuration.""" self.bad_case(None, ''' #define MBEDTLS_SSL_EARLY_DATA #undef MBEDTLS_SSL_SESSION_TICKETS ''', error=('MBEDTLS_SSL_EARLY_DATA')) def test_mbedtls_no_ecdsa(self) -> None: """An error expected from mbedtls_check_config.h based on crypto+TLS configuration.""" self.bad_case(''' #undef PSA_WANT_ALG_ECDSA #undef PSA_WANT_ALG_DETERMINISTIC_ECDSA #undef MBEDTLS_ECDSA_C ''', ''' #if defined(PSA_WANT_ALG_ECDSA) #error PSA_WANT_ALG_ECDSA unexpected #endif #if defined(PSA_WANT_ALG_DETERMINSTIC_ECDSA) #error PSA_WANT_ALG_DETERMINSTIC_ECDSA unexpected #endif #if defined(MBEDTLS_ECDSA_C) #error MBEDTLS_ECDSA_C unexpected #endif ''', error=('MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED')) if __name__ == '__main__': unittest.main()