From 63097759f84ec831e7001b50303a5e4299b7893b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Mar 2024 13:18:13 +0100 Subject: [PATCH] all.sh: modify/add test components for CRYPTO_CLIENT The already existing component_test_psa_crypto_client() is renamed as component_test_default_psa_crypto_client_without_crypto_provider() while component_build_full_psa_crypto_client_without_crypto_provider() was added. - Both of them check that the missing symbols at link time (if any) belong to the psa_xxx() family. - The former builds with default config + CRYPTO_CLIENT - CRYPTO_C and then runs test suites. - The latter only perform the builds using the full config and then it checks that PK-PSA bridge functions are present. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 56 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 52 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 467ff8e7c..b445ecf8c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1285,19 +1285,67 @@ component_build_psa_crypto_spm () { check_renamed_symbols tests/include/spe/crypto_spe.h library/libmbedcrypto.a } -component_test_psa_crypto_client () { - msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make" +# Get a list of library-wise undefined symbols and ensure that they only +# belong to psa_xxx() functions and not to mbedtls_yyy() ones. +# This function is a common helper used by both: +# - component_test_default_psa_crypto_client_without_crypto_provider +# - component_build_full_psa_crypto_client_without_crypto_provider. +common_check_mbedtls_missing_symbols() { + nm library/libmbedcrypto.a | grep ' [TRrDC] ' | grep -Eo '(mbedtls_|psa_).*' | sort -u > sym_def.txt + nm library/libmbedcrypto.a | grep ' U ' | grep -Eo '(mbedtls_|psa_).*' | sort -u > sym_undef.txt + comm sym_def.txt sym_undef.txt -13 > linking_errors.txt + not grep mbedtls_ linking_errors.txt + + rm sym_def.txt sym_undef.txt linking_errors.txt +} + +component_test_default_psa_crypto_client_without_crypto_provider () { + msg "build: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT" + scripts/config.py unset MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C + scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C scripts/config.py set MBEDTLS_PSA_CRYPTO_CLIENT scripts/config.py unset MBEDTLS_LMS_C - scripts/config.py unset MBEDTLS_LMS_PRIVATE + make - msg "test: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT, make" + msg "check missing symbols: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT" + common_check_mbedtls_missing_symbols + + msg "test: default config - PSA_CRYPTO_C + PSA_CRYPTO_CLIENT" make test } +component_build_full_psa_crypto_client_without_crypto_provider () { + msg "build: full config - PSA_CRYPTO_C" + + # Use full config which includes USE_PSA and CRYPTO_CLIENT. + scripts/config.py full + + scripts/config.py unset MBEDTLS_PSA_CRYPTO_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C + # Dynamic secure element support is a deprecated feature and it is not + # available when CRYPTO_C and PSA_CRYPTO_STORAGE_C are disabled. + scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C + + # Since there is no crypto provider in this build it is not possible to + # build all the test executables and progrems due to missing PSA functions + # at link time. Therefore we will just build libraries and we'll check + # that symbols of interest are there. + make lib + + msg "check missing symbols: full config - PSA_CRYPTO_C" + + common_check_mbedtls_missing_symbols + + # Ensure that desired functions are included into the build (extend the + # following list as required). + grep mbedtls_pk_get_psa_attributes library/libmbedcrypto.a + grep mbedtls_pk_import_into_psa library/libmbedcrypto.a + grep mbedtls_pk_copy_from_psa library/libmbedcrypto.a +} + component_test_psa_crypto_rsa_no_genprime() { msg "build: default config minus MBEDTLS_GENPRIME" scripts/config.py unset MBEDTLS_GENPRIME