1#!/usr/bin/env perl
2
3# test-ref-configs.pl
4#
5# Copyright The Mbed TLS Contributors
6# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20# Purpose
21#
22# For each reference configuration file in the configs directory, build the
23# configuration, run the test suites and compat.sh
24#
25# Usage: tests/scripts/test-ref-configs.pl [config-name [...]]
26
27use warnings;
28use strict;
29
30my %configs = (
31    'config-ccm-psk-tls1_2.h' => {
32        'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
33    },
34    'config-no-entropy.h' => {
35    },
36    'config-suite-b.h' => {
37        'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
38    },
39    'config-symmetric-only.h' => {
40    },
41    'config-thread.h' => {
42        'opt' => '-f ECJPAKE.*nolog',
43    },
44);
45
46# If no config-name is provided, use all known configs.
47# Otherwise, use the provided names only.
48if ($#ARGV >= 0) {
49    my %configs_ori = ( %configs );
50    %configs = ();
51
52    foreach my $conf_name (@ARGV) {
53        if( ! exists $configs_ori{$conf_name} ) {
54            die "Unknown configuration: $conf_name\n";
55        } else {
56            $configs{$conf_name} = $configs_ori{$conf_name};
57        }
58    }
59}
60
61-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
62
63my $config_h = 'include/mbedtls/mbedtls_config.h';
64
65system( "cp $config_h $config_h.bak" ) and die;
66sub abort {
67    system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
68    # use an exit code between 1 and 124 for git bisect (die returns 255)
69    warn $_[0];
70    exit 1;
71}
72
73# Create a seedfile for configurations that enable MBEDTLS_ENTROPY_NV_SEED.
74# For test purposes, this doesn't have to be cryptographically random.
75if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) {
76    local *SEEDFILE;
77    open SEEDFILE, ">tests/seedfile" or die;
78    print SEEDFILE "*" x 64 or die;
79    close SEEDFILE or die;
80}
81
82while( my ($conf, $data) = each %configs ) {
83    system( "cp $config_h.bak $config_h" ) and die;
84    system( "make clean" ) and die;
85
86    print "\n******************************************\n";
87    print "* Testing configuration: $conf\n";
88    print "******************************************\n";
89    $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf;
90
91    system( "cp configs/$conf $config_h" )
92        and abort "Failed to activate $conf\n";
93
94    system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n";
95    system( "make test" ) and abort "Failed test suite: $conf\n";
96
97    my $compat = $data->{'compat'};
98    if( $compat )
99    {
100        print "\nrunning compat.sh $compat\n";
101        system( "tests/compat.sh $compat" )
102            and abort "Failed compat.sh: $conf\n";
103    }
104    else
105    {
106        print "\nskipping compat.sh\n";
107    }
108
109    my $opt = $data->{'opt'};
110    if( $opt )
111    {
112        print "\nrunning ssl-opt.sh $opt\n";
113        system( "tests/ssl-opt.sh $opt" )
114            and abort "Failed ssl-opt.sh: $conf\n";
115    }
116    else
117    {
118        print "\nskipping ssl-opt.sh\n";
119    }
120}
121
122system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
123system( "make clean" );
124exit 0;
125