lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-20 12:07:51 +03:00
Code
mbedtls/framework/scripts/generate_config_tests.py
Minos Galanakis 2c824b4fe5 Added framework as a flattened directory 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2025-03-20 09:28:45 +00:00

187 lines
8.2 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python3
"""Generate test data for configuration reporting.
"""
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
import inspect
import re
import sys
from typing import Iterable, Iterator, List, Optional, Tuple
import project_scripts # pylint: disable=unused-import
import config
from mbedtls_framework import config_common
from mbedtls_framework import test_case
from mbedtls_framework import test_data_generation
def single_setting_case(setting: config_common.Setting, when_on: bool,
dependencies: List[str],
note: Optional[str]) -> test_case.TestCase:
"""Construct a test case for a boolean setting.
This test case passes if the setting and its dependencies are enabled,
and is skipped otherwise.
* setting: the setting to be tested.
* when_on: True to test with the setting enabled, or False to test
with the setting disabled.
* dependencies: extra dependencies for the test case.
* note: a note to add after the setting name in the test description.
This is generally a summary of dependencies, and is generally empty
if the given setting is only tested once.
"""
base = setting.name if when_on else '!' + setting.name
tc = test_case.TestCase()
tc.set_function('pass')
description_suffix = ' (' + note + ')' if note else ''
tc.set_description('Config: ' + base + description_suffix)
tc.set_dependencies([base] + dependencies)
return tc
PSA_WANT_KEY_TYPE_KEY_PAIR_RE = \
re.compile(r'(?P<prefix>PSA_WANT_KEY_TYPE_(?P<type>\w+)_KEY_PAIR_)(?P<operation>\w+)\Z')
# If foo is a setting that is only meaningful when bar is enabled, set
# SIMPLE_DEPENDENCIES[foo]=bar. More generally, bar can be a colon-separated
# list of settings, meaning that all the settings must be enabled. Each setting
# in bar can be prefixed with '!' to negate it. This is the same syntax as a
# depends_on directive in test data.
# See also `dependencies_of_settting`.
SIMPLE_DEPENDENCIES = {
'MBEDTLS_AESCE_C': 'MBEDTLS_AES_C',
'MBEDTLS_AESNI_C': 'MBEDTLS_AES_C',
'MBEDTLS_ERROR_STRERROR_DUMMY': '!MBEDTLS_ERROR_C',
'MBEDTLS_GENPRIME': 'MBEDTLS_RSA_C',
'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES': 'MBEDTLS_ENTROPY_C',
'MBEDTLS_NO_PLATFORM_ENTROPY': 'MBEDTLS_ENTROPY_C',
'MBEDTLS_PKCS1_V15': 'MBEDTLS_RSA_C',
'MBEDTLS_PKCS1_V21': 'MBEDTLS_RSA_C',
'MBEDTLS_PSA_CRYPTO_CLIENT': '!MBEDTLS_PSA_CRYPTO_C',
'MBEDTLS_PSA_INJECT_ENTROPY': 'MBEDTLS_PSA_CRYPTO_C',
'MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS': 'MBEDTLS_PSA_CRYPTO_C',
}
def dependencies_of_setting(cfg: config_common.Config,
setting: config_common.Setting) -> Optional[str]:
"""Return dependencies without which a setting is not meaningful.
The dependencies of a setting express when a setting can be enabled and
is relevant. For example, if ``check_config.h`` errors out when
``defined(FOO) && !defined(BAR)``, then ``BAR`` is a dependency of ``FOO``.
If ``FOO`` has no effect when ``CORGE`` is disabled, then ``CORGE``
is a dependency of ``FOO``.
The return value can be a colon-separated list of settings, if the setting
is only meaningful when all of these settings are enabled. Each setting can
be negated by prefixing them with '!'. This is the same syntax as a
depends_on directive in test data.
"""
#pylint: disable=too-many-branches,too-many-return-statements
name = setting.name
if name in SIMPLE_DEPENDENCIES:
return SIMPLE_DEPENDENCIES[name]
if name.startswith('MBEDTLS_') and not name.endswith('_C'):
if name.startswith('MBEDTLS_CIPHER_PADDING_'):
return 'MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC'
if name.startswith('MBEDTLS_PK_PARSE_EC_'):
return 'MBEDTLS_PK_C:' + test_case.psa_or_3_6_feature_macro(
'PSA_KEY_TYPE_ECC_PUBLIC_KEY', test_case.Domain36.USE_PSA)
# For TLS settings, insist on having them once off and once on in
# a configuration where both client support and server support are
# enabled. The settings are also meaningful when only one side is
# enabled, but there isn't much point in having separate records
# for client-side and server-side, so we keep things simple.
# Requiring both sides to be enabled also means we know we'll run
# tests that only run Mbed TLS against itself, which only run in
# configurations with both sides enabled.
if name.startswith('MBEDTLS_SSL_TLS1_3_') or \
name == 'MBEDTLS_SSL_EARLY_DATA':
return 'MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_PROTO_TLS1_3'
if name.startswith('MBEDTLS_SSL_DTLS_'):
return 'MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_PROTO_DTLS'
if name.startswith('MBEDTLS_SSL_'):
return 'MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C'
for pos in re.finditer(r'_', name):
super_name = name[:pos.start()] + '_C'
if cfg.known(super_name):
return super_name
if name.startswith('PSA_WANT_'):
deps = 'MBEDTLS_PSA_CRYPTO_CLIENT'
m = PSA_WANT_KEY_TYPE_KEY_PAIR_RE.match(name)
if m and m.group('operation') != 'BASIC':
deps += ':' + m.group('prefix') + 'BASIC'
return deps
return None
def conditions_for_setting(cfg: config_common.Config,
setting: config_common.Setting
) -> Iterator[Tuple[List[str], str]]:
"""Enumerate the conditions under which to test the given setting.
* cfg: all configuration settings.
* setting: the setting to be tested.
Generate a stream of conditions, i.e. extra dependencies to test with
together with a human-readable explanation of each dependency. Some
typical cases:
* By default, generate a one-element stream with no extra dependencies.
* If the setting is ignored unless some other setting is enabled, generate
a one-element stream with that other setting as an extra dependency.
* If the setting is known to interact with some other setting, generate
a stream with one element where this setting is on and one where it's off.
* To skip the setting altogether, generate an empty stream.
"""
name = setting.name
if name.endswith('_ALT') and not config.is_seamless_alt(name):
# We don't test alt implementations, except (most) platform alts
return
dependencies = dependencies_of_setting(cfg, setting)
if dependencies:
yield [dependencies], ''
return
yield [], ''
def enumerate_boolean_setting_cases(cfg: config_common.Config
) -> Iterable[test_case.TestCase]:
"""Emit test cases for all boolean settings."""
for name in sorted(cfg.settings.keys()):
setting = cfg.settings[name]
if not name.startswith('PSA_WANT_') and setting.value:
continue # non-boolean setting
for when_on in True, False:
for deps, note in conditions_for_setting(cfg, setting):
yield single_setting_case(setting, when_on, deps, note)
class ConfigTestGenerator(test_data_generation.TestGenerator):
"""Generate test cases for configuration reporting."""
def __init__(self, settings):
# pylint: disable=no-member
config_members = dict(inspect.getmembers(config))
if 'MbedTLSConfig' in config_members:
self.mbedtls_config = config.MbedTLSConfig()
self.targets['test_suite_config.mbedtls_boolean'] = \
lambda: enumerate_boolean_setting_cases(self.mbedtls_config)
if 'CryptoConfig' in config_members:
self.psa_config = config.CryptoConfig()
self.targets['test_suite_config.psa_boolean'] = \
lambda: enumerate_boolean_setting_cases(self.psa_config)
elif 'TFPSACryptoConfig' in config_members:
self.psa_config = config.TFPSACryptoConfig()
self.targets['test_suite_config.psa_boolean'] = \
lambda: enumerate_boolean_setting_cases(self.psa_config)
super().__init__(settings)
if __name__ == '__main__':
test_data_generation.main(sys.argv[1:], __doc__, ConfigTestGenerator)
View Git Blame Copy Permalink