From 0af7a9032926b8719817d56ae7d6142f58e8c237 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Feb 2024 14:16:05 +0100 Subject: [PATCH 1/3] depends.py: set unique configuration names in outcome file Set unique configuration names in the outcome file. This was lost in the rewrite from depends-*.pl to depends.py. Fix #7290 Signed-off-by: Gilles Peskine --- tests/scripts/depends.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index c6a438ee362f..346f6ff710d5 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -192,7 +192,10 @@ def test(self, options): success = True for command in self.commands: log_command(command) - ret = subprocess.call(command) + env = os.environ.copy() + if 'MBEDTLS_TEST_CONFIGURATION' in env: + env['MBEDTLS_TEST_CONFIGURATION'] += '-' + self.name + ret = subprocess.call(command, env=env) if ret != 0: if command[0] not in ['make', options.make_command]: log_line('*** [{}] Error {}'.format(' '.join(command), ret)) From c89f9ceb41d64b209774f6f34ba168a60638958f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Feb 2024 14:25:18 +0100 Subject: [PATCH 2/3] Don't define pk_sign_verify in configurations where it's unused MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In some configurations (e.g. ECDH but no ECDSA or RSA), the PK module is useful but cannot perform any signatures. Then modern GCC complains: ``` ../source/tests/suites/test_suite_pk.function: In function ‘test_pk_sign_verify’: ../source/tests/suites/test_suite_pk.function:1136:12: error: array subscript 0 is outside array bounds of ‘unsigned char[0]’ [-Werror=array-bounds] ../source/tests/suites/test_suite_pk.function:1094:19: note: while referencing sig’ … ``` This fixes test-ref-configs.pl with a modern GCC (specifically with config-thread.h). Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index c17037f079a6..0e69d806bef3 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -18,6 +18,13 @@ #define RSA_KEY_SIZE 512 #define RSA_KEY_LEN 64 +#if defined(MBEDTLS_RSA_C) || \ + defined(MBEDTLS_PK_RSA_ALT_SUPPORT) || \ + defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_USE_PSA_CRYPTO) +#define PK_CAN_SIGN_SOME +#endif + /** Generate a key of the desired type. * * \param pk The PK object to fill. It must have been initialized @@ -894,7 +901,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:PK_CAN_SIGN_SOME */ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) { mbedtls_pk_context pk; From 049ea32931ab7acba350fcda2b845bd1065dd657 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Feb 2024 15:32:12 +0100 Subject: [PATCH 3/3] Fix copypasta Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index b5282512289e..773c01e0ef8b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -400,7 +400,7 @@ ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) /** The public key type corresponding to a key pair type. * - * You may also pass a key pair type as \p type, it will be left unchanged. + * You may also pass a public key type as \p type, it will be left unchanged. * * \param type A public key type or key pair type. *