A switch has recently been made from make to cmake to build these tests
but paths for "not grep" were not properly updated.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
`python` might be the wrong version, for example it might be Python 2 on
some systems, or it might be a different version of Python 3. Use
`sys.executable`, so that the same version gets used consistently.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Switching to CMake build caused some failures due to the fact that:
- binary objects in tf-psa-crypto are not in the same location as before;
- header files from "<mbedtls-root>/include" are no more included when
building tf-psa-crypto ojects.
This commit fixes both problems.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is similar to the already existing "component_full_no_pkparse_pkwrite".
The biggest difference is that this new component starts from "full" config
instead of "crypto_full" because we want to test also some TLS modules,
in particular "test_suite_debug" where the new function
"mbedtls_pk_write_pubkey_psa" has been introduced.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Keep MBEDTLS_PK_WRITE_C as guard only for "debug_print_pk" but let
"mbedtls_debug_print_crt" to work also when MBEDTLS_PK_WRITE_C is disabled.
In this case the only public key won't be printed, but the rest of the
certificate will be.
This commit also updates test coverage by duplicating test cases: now there
will be one case for when MBEDTLS_PK_WRITE_C is enabled and another one
for !MBEDTLS_PK_WRITE_C.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Guards for "mbedtls_debug_print_crt()" were updated in previous commit,
but those changes were not applied to MBEDTLS_SSL_DEBUG_CRT therefore
causing build failures in the CI. This commit fixes the problem.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
In tf-psa-crypto "mbedtls_pk_write_pubkey_psa()" is only available when
MBEDTLS_PK_WRITE_C is defined. Therefore we need to add this guard also
in mbedtls to "debug_print_pk" (and indirectly to
"mbedtls_debug_print_crt") and the corresponding tests using it.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Adjust dumping format of public keys following recent updates to
mbedtls_debug_print_crt() and debug_print_pk()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move single line printing to a separate function named
mbedtls_debug_print_buf_one_line(). This accepts one extra parameter
'add_text' to tell if the final text chars are to be printed at the end
of the line or not.
Add also mbedtls_debug_print_buf_ext() as a generalized version of
mbedtls_debug_print_buf() by adding the extra 'add_text' param.
debug_print_pk() will now use mbedtls_debug_print_buf_ext() in order not
to print chars while dumping the buffer.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Remove usage of mbedtls_pk_debug stuff and related functions
(mbedtls_debug_print_psa_rsa(), mbedtls_debug_print_psa_ec(),
mbedtls_debug_print_integer() and debug_count_valid_bits()) and use
mbedtls_pk_write_pubkey_psa() to get the public key from the PK context.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
A new look-up table is created, "predefined_keys_psa", to list all the
predefined keys together with the corresponding PSA key type and bits.
A new look-up table was created in order not to conflict with the already
existing "predefined_keys" one.
"mbedtls_pk_helpers_get_predefined_key_data" is modified in order to
use the new look-up table.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Don't recurse into every subdirectory: that also removed files from
out-of-tree builds that the user may have placed into subdirectories. With
make as the build tool, the cleanup is mostly recoverable, but with ninja as
the build tool, you have to manually run `cmake` again after running
`all.sh`.
Instead, look for things to clean only in directories managed by git.
This also has the benefit of not touching `**/Makefile` if there hasn't been
an in-tree CMake build.
Fixes https://github.com/Mbed-TLS/mbedtls-framework/issues/252
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mypy only checks types in functions that have a return type annotation.
In `check_generated_files`, change from returning `None` to returning a
boolean, since the function is supposed to check some boolean-valued
assertion. So far, the function always returns `True`.
In `main`, explicitly return an `int` value as expected by the caller. When
calling `check_generated_files`, convert the boolean result into an exit
status.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
- better guard for the "ecp.h" header file;
- use already existing Mbed TLS' macro for unused variables and place it
at the beginning of the declaration of "predefined_keys".
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
- declare all arrays and structures as static
- add guards to the header file
This allows multiple inclusions of the generated header file.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Ronald Cron