Skip to content

Commit

Permalink
Merge pull request #7955 from davidhorstmann-arm/psa-crypto-script-ch…
Browse files Browse the repository at this point in the history 
…anges

Miscellaneous changes to scripts for PSA-Crypto enablement
  • Loading branch information
@paul-elliott-arm
paul-elliott-arm authored Aug 31, 2023
2 parents 6ebe7d2 + 8f3ec8e commit 6147511
Show file tree
Hide file tree
Showing 4 changed files with 101 additions and 27 deletions.
11 changes: 9 additions & 2 deletions scripts/mbedtls_dev/build_tree.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,19 @@
import os
import inspect

def looks_like_psa_crypto_root(path: str) -> bool:
"""Whether the given directory looks like the root of the PSA Crypto source tree."""
return all(os.path.isdir(os.path.join(path, subdir))
for subdir in ['include', 'core', 'drivers', 'programs', 'tests'])

def looks_like_mbedtls_root(path: str) -> bool:
"""Whether the given directory looks like the root of the Mbed TLS source tree."""
return all(os.path.isdir(os.path.join(path, subdir))
for subdir in ['include', 'library', 'programs', 'tests'])

def looks_like_root(path: str) -> bool:
return looks_like_psa_crypto_root(path) or looks_like_mbedtls_root(path)

def check_repo_path():
"""
Check that the current working directory is the project root, and throw
Expand All @@ -42,7 +49,7 @@ def chdir_to_root() -> None:
for d in [os.path.curdir,
os.path.pardir,
os.path.join(os.path.pardir, os.path.pardir)]:
if looks_like_mbedtls_root(d):
if looks_like_root(d):
os.chdir(d)
return
raise Exception('Mbed TLS source tree not found')
Expand All @@ -62,6 +69,6 @@ def guess_mbedtls_root():
if d in dirs:
continue
dirs.add(d)
if looks_like_mbedtls_root(d):
if looks_like_root(d):
return d
raise Exception('Mbed TLS source tree not found')
6 changes: 5 additions & 1 deletion scripts/mbedtls_dev/psa_storage.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import unittest

from . import c_build_helper
from . import build_tree


class Expr:
Expand All @@ -51,13 +52,16 @@ def __init__(self, content: Union[int, str]):
def update_cache(self) -> None:
"""Update `value_cache` for expressions registered in `unknown_values`."""
expressions = sorted(self.unknown_values)
includes = ['include']
if build_tree.looks_like_psa_crypto_root('.'):
includes.append('drivers/builtin/include')
values = c_build_helper.get_c_expression_values(
'unsigned long', '%lu',
expressions,
header="""
#include <psa/crypto.h>
""",
include_path=['include']) #type: List[str]
include_path=includes) #type: List[str]
for e, v in zip(expressions, values):
self.value_cache[e] = int(v, 0)
self.unknown_values.clear()
Expand Down
34 changes: 26 additions & 8 deletions tests/scripts/all.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,15 +123,27 @@ set -e -o pipefail -u
# Enable ksh/bash extended file matching patterns
shopt -s extglob

in_mbedtls_repo () {
test -d include -a -d library -a -d programs -a -d tests
}

in_psa_crypto_repo () {
test -d include -a -d core -a -d drivers -a -d programs -a -d tests
}

pre_check_environment () {
if [ -d library -a -d include -a -d tests ]; then :; else
echo "Must be run from mbed TLS root" >&2
if in_mbedtls_repo || in_psa_crypto_repo; then :; else
echo "Must be run from Mbed TLS / psa-crypto root" >&2
exit 1
fi
}

pre_initialize_variables () {
CONFIG_H='include/mbedtls/mbedtls_config.h'
if in_mbedtls_repo; then
CONFIG_H='include/mbedtls/mbedtls_config.h'
else
CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
fi
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'

Expand All @@ -141,8 +153,10 @@ pre_initialize_variables () {
backup_suffix='.all.bak'
# Files clobbered by config.py
files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
# Files clobbered by in-tree cmake
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
if in_mbedtls_repo; then
# Files clobbered by in-tree cmake
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
fi

append_outcome=0
MEMORY=0
Expand Down Expand Up @@ -299,7 +313,9 @@ EOF
# Does not remove generated source files.
cleanup()
{
command make clean
if in_mbedtls_repo; then
command make clean
fi
# Remove CMake artefacts
find . -name .git -prune -o \
Expand Down Expand Up @@ -556,7 +572,7 @@ pre_check_git () {
fi
if ! git diff --quiet "$CONFIG_H"; then
err_msg "Warning - the configuration file 'include/mbedtls/mbedtls_config.h' has been edited. "
err_msg "Warning - the configuration file '$CONFIG_H' has been edited. "
echo "You can either delete or preserve your work, or force the test by rerunning the"
echo "script as: $0 --force"
exit 1
Expand Down Expand Up @@ -5284,7 +5300,9 @@ pre_prepare_outcome_file
pre_print_configuration
pre_check_tools
cleanup
pre_generate_files
if in_mbedtls_repo; then
pre_generate_files
fi
# Run the requested tests.
for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do
Expand Down
77 changes: 61 additions & 16 deletions tests/scripts/test_psa_compliance.py
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
#!/usr/bin/env python3
"""Run the PSA Crypto API compliance test suite.
Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF,
then compile and run the test suite. The clone is stored at <Mbed TLS root>/psa-arch-tests.
Known defects in either the test suite or mbedtls - identified by their test number - are ignored,
while unexpected failures AND successes are reported as errors,
to help keep the list of known defects as up to date as possible.
then compile and run the test suite. The clone is stored at <repository root>/psa-arch-tests.
Known defects in either the test suite or mbedtls / psa-crypto - identified by their test
number - are ignored, while unexpected failures AND successes are reported as errors, to help
keep the list of known defects as up to date as possible.
"""

# Copyright The Mbed TLS Contributors
Expand All @@ -22,13 +22,20 @@
# See the License for the specific language governing permissions and
# limitations under the License.

import argparse
import os
import re
import shutil
import subprocess
import sys
from typing import List

# PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite)
#pylint: disable=unused-import
import scripts_path
from mbedtls_dev import build_tree

# PSA Compliance tests we expect to fail due to known defects in Mbed TLS / PSA Crypto
# (or the test suite).
# The test numbers correspond to the numbers used by the console output of the test suite.
# Test number 2xx corresponds to the files in the folder
# psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx
Expand All @@ -49,12 +56,32 @@
PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git'
PSA_ARCH_TESTS_REF = 'fix-pr-5736'

#pylint: disable=too-many-branches,too-many-statements
def main():
mbedtls_dir = os.getcwd()
#pylint: disable=too-many-branches,too-many-statements,too-many-locals
def main(library_build_dir: str):
root_dir = os.getcwd()

in_psa_crypto_repo = build_tree.looks_like_psa_crypto_root(root_dir)

if in_psa_crypto_repo:
crypto_name = 'psacrypto'
library_subdir = 'core'
else:
crypto_name = 'mbedcrypto'
library_subdir = 'library'

crypto_lib_filename = (library_build_dir + '/' +
library_subdir + '/' +
'lib' + crypto_name + '.a')

if not os.path.exists('library/libmbedcrypto.a'):
subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a'])
if not os.path.exists(crypto_lib_filename):
#pylint: disable=bad-continuation
subprocess.check_call([
'cmake', '.',
'-GUnix Makefiles',
'-B' + library_build_dir
])
subprocess.check_call(['cmake', '--build', library_build_dir,
'--target', crypto_name])

psa_arch_tests_dir = 'psa-arch-tests'
os.makedirs(psa_arch_tests_dir, exist_ok=True)
Expand All @@ -74,15 +101,19 @@ def main():
os.mkdir(build_dir)
os.chdir(build_dir)

extra_includes = (';{}/drivers/builtin/include'.format(root_dir)
if in_psa_crypto_repo else '')

#pylint: disable=bad-continuation
subprocess.check_call([
'cmake', '..',
'-GUnix Makefiles',
'-DTARGET=tgt_dev_apis_stdc',
'-DTOOLCHAIN=HOST_GCC',
'-DSUITE=CRYPTO',
'-DPSA_CRYPTO_LIB_FILENAME={}/library/libmbedcrypto.a'.format(mbedtls_dir),
'-DPSA_INCLUDE_PATHS={}/include'.format(mbedtls_dir)
'-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(root_dir,
crypto_lib_filename),
('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(root_dir)
])
subprocess.check_call(['cmake', '--build', '.'])

Expand All @@ -95,8 +126,11 @@ def main():
)
test = -1
unexpected_successes = set(EXPECTED_FAILURES)
expected_failures = []
unexpected_failures = []
expected_failures = [] # type: List[int]
unexpected_failures = [] # type: List[int]
if proc.stdout is None:
return 1

for line in proc.stdout:
print(line, end='')
match = test_re.match(line)
Expand Down Expand Up @@ -136,7 +170,18 @@ def main():
print('SUCCESS')
return 0
finally:
os.chdir(mbedtls_dir)
os.chdir(root_dir)

if __name__ == '__main__':
sys.exit(main())
BUILD_DIR = 'out_of_source_build'

# pylint: disable=invalid-name
parser = argparse.ArgumentParser()
parser.add_argument('--build-dir', nargs=1,
help='path to Mbed TLS / PSA Crypto build directory')
args = parser.parse_args()

if args.build_dir is not None:
BUILD_DIR = args.build_dir[0]

sys.exit(main(BUILD_DIR))

0 comments on commit 6147511

Please sign in to comment.