Skip to content

Commit 162e03f

Browse files
authored
Add secure and crypto regression test. (#218)
1 parent 947608f commit 162e03f

File tree

247 files changed

+1279394
-2
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

247 files changed

+1279394
-2
lines changed

.github/workflows/regression_test.yml

Lines changed: 32 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,36 @@ jobs:
128128
run: |
129129
cd build
130130
cmake --build .
131+
Secure:
132+
permissions:
133+
contents: read
134+
issues: read
135+
checks: write
136+
pull-requests: write
137+
pages: write
138+
id-token: write
139+
uses: azure-rtos/threadx/.github/workflows/regression_template.yml@master
140+
with:
141+
build_script: ./scripts/build_secure.sh
142+
test_script: ./scripts/test_secure.sh
143+
cmake_path: ./test/cmake/nx_secure
144+
result_affix: Secure
145+
skip_deploy: true
146+
Crypto:
147+
permissions:
148+
contents: read
149+
issues: read
150+
checks: write
151+
pull-requests: write
152+
pages: write
153+
id-token: write
154+
uses: azure-rtos/threadx/.github/workflows/regression_template.yml@master
155+
with:
156+
build_script: ./scripts/build_crypto.sh
157+
test_script: ./scripts/test_crypto.sh
158+
cmake_path: ./test/cmake/crypto
159+
result_affix: Crypto
160+
skip_deploy: true
131161
Deploy:
132162
permissions:
133163
contents: read
@@ -136,8 +166,8 @@ jobs:
136166
pull-requests: write
137167
pages: write
138168
id-token: write
139-
needs: [NetXDuo, Web, MQTT, NetXDuo64, NetXDuo_Fast, Azure_IoT]
169+
needs: [NetXDuo, Web, MQTT, NetXDuo64, NetXDuo_Fast, Azure_IoT, Secure, Crypto]
140170
uses: azure-rtos/threadx/.github/workflows/regression_template.yml@master
141171
with:
142172
skip_test: true
143-
deploy_list: "NetXDuo Web MQTT NetXDuo64 NetXDuo_Fast Azure_IoT"
173+
deploy_list: "NetXDuo Web MQTT NetXDuo64 NetXDuo_Fast Azure_IoT Secure Crypto"

scripts/build_crypto.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#! /bin/bash
2+
3+
$(dirname `realpath $0`)/../test/cmake/crypto/run.sh build all

scripts/build_secure.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#! /bin/bash
2+
3+
$(dirname `realpath $0`)/../test/cmake/nx_secure/run.sh build all

scripts/test_crypto.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#! /bin/bash
2+
3+
CTEST_PARALLEL_LEVEL=4 $(dirname `realpath $0`)/../test/cmake/crypto/run.sh test all

scripts/test_secure.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#! /bin/bash
2+
3+
CTEST_PARALLEL_LEVEL=4 $(dirname `realpath $0`)/../test/cmake/nx_secure/run.sh test all

test/cmake/crypto/CMakeLists.txt

Lines changed: 122 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,122 @@
1+
cmake_minimum_required(VERSION 3.13 FATAL_ERROR)
2+
cmake_policy(SET CMP0054 NEW)
3+
cmake_policy(SET CMP0057 NEW)
4+
cmake_policy(SET CMP0077 NEW)
5+
6+
project(crypto_test LANGUAGES C)
7+
8+
set(CPU_ARCH "linux")
9+
set(COMPILER "gnu")
10+
11+
# Set build configurations
12+
set(BUILD_CONFIGURATIONS default_build_coverage fips_build_coverage
13+
standalone_build curve25519_448_build)
14+
set(CMAKE_CONFIGURATION_TYPES
15+
${BUILD_CONFIGURATIONS}
16+
CACHE STRING "list of supported configuration types" FORCE)
17+
set_property(CACHE CMAKE_BUILD_TYPE PROPERTY STRINGS
18+
${CMAKE_CONFIGURATION_TYPES})
19+
list(GET CMAKE_CONFIGURATION_TYPES 0 BUILD_TYPE)
20+
if((NOT CMAKE_BUILD_TYPE) OR (NOT ("${CMAKE_BUILD_TYPE}" IN_LIST
21+
CMAKE_CONFIGURATION_TYPES)))
22+
set(CMAKE_BUILD_TYPE
23+
"${BUILD_TYPE}"
24+
CACHE STRING "Build Type of the project" FORCE)
25+
endif()
26+
27+
message(STATUS "Build type: ${CMAKE_BUILD_TYPE}")
28+
message(STATUS "Using toolchain file: ${CMAKE_TOOLCHAIN_FILE}.")
29+
30+
set(default_build_coverage "")
31+
set(fips_build_coverage -DNX_CRYPTO_SELF_TEST)
32+
set(standalone_build -DNX_CRYPTO_STANDALONE_ENABLE -DNX_CRYPTO_SELF_TEST)
33+
set(curve25519_448_build -DNX_CRYPTO_ENABLE_CURVE25519_448)
34+
35+
add_compile_options(
36+
-std=c99
37+
-ggdb
38+
-g3
39+
-gdwarf-2
40+
-fdiagnostics-color
41+
-Werror
42+
${${CMAKE_BUILD_TYPE}})
43+
44+
if($ENV{ENABLE_64})
45+
message(STATUS "Building for 64bit")
46+
else()
47+
add_compile_options(-m32)
48+
add_link_options(-m32)
49+
message(STATUS "Building for 32bit")
50+
endif()
51+
52+
enable_testing()
53+
54+
set(NXD_ENABLE_FILE_SERVERS
55+
OFF
56+
CACHE BOOL
57+
"Includes a dependency on FileX to support 'server' protocol handlers"
58+
FORCE)
59+
add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/../../.. netxduo)
60+
add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/regression regression)
61+
62+
63+
# Coverage
64+
if(CMAKE_BUILD_TYPE MATCHES ".*_coverage")
65+
target_compile_options(netxduo PRIVATE -fprofile-arcs -ftest-coverage)
66+
target_link_options(netxduo PRIVATE -fprofile-arcs -ftest-coverage)
67+
endif()
68+
69+
# Build ThreadX library once
70+
if(NOT ("${CMAKE_BUILD_TYPE}" STREQUAL "standalone_build"))
71+
execute_process(COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/run.sh build_libs)
72+
add_custom_target(build_libs ALL COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/run.sh
73+
build_libs)
74+
add_dependencies(netxduo build_libs)
75+
target_include_directories(netxduo PUBLIC ${CMAKE_BINARY_DIR}/../libs/inc)
76+
add_library(threadx SHARED IMPORTED GLOBAL)
77+
add_library("azrtos::threadx" ALIAS threadx)
78+
set_target_properties(
79+
threadx PROPERTIES IMPORTED_LOCATION
80+
${CMAKE_BINARY_DIR}/../libs/threadx/libthreadx.so)
81+
endif()
82+
83+
target_compile_options(
84+
netxduo
85+
PRIVATE -Werror
86+
-Wall
87+
-Wextra
88+
-pedantic
89+
-fmessage-length=0
90+
-fsigned-char
91+
-ffunction-sections
92+
-fdata-sections
93+
-Wunused
94+
-Wuninitialized
95+
-Wmissing-declarations
96+
-Wconversion
97+
-Wpointer-arith
98+
-Wshadow
99+
-Wlogical-op
100+
-Waggregate-return
101+
-Wfloat-equal)
102+
103+
# Leave files from crypto_libraries only
104+
get_target_property(SOURCES_LIST netxduo SOURCES)
105+
set(NEW_SOURCES_LIST "")
106+
foreach(SOURCE ${SOURCES_LIST})
107+
if(("${SOURCE}" MATCHES ".*crypto_libraries/.*")
108+
AND NOT (("${SOURCE}" MATCHES ".*nx_crypto_module_start.*")
109+
OR (("${SOURCE}" MATCHES ".*nx_crypto_generic_ciphersuites.*")
110+
AND ("${CMAKE_BUILD_TYPE}" STREQUAL "standalone_build"))))
111+
list(APPEND NEW_SOURCES_LIST ${SOURCE})
112+
endif()
113+
endforeach()
114+
set_target_properties(netxduo PROPERTIES SOURCES "${NEW_SOURCES_LIST}")
115+
116+
if("${CMAKE_BUILD_TYPE}" STREQUAL "standalone_build")
117+
set_target_properties(netxduo PROPERTIES INCLUDE_DIRECTORIES
118+
"${CMAKE_CURRENT_SOURCE_DIR}/../../../crypto_libraries/inc")
119+
target_include_directories(netxduo PUBLIC "${CMAKE_CURRENT_SOURCE_DIR}/../../../crypto_libraries/ports/${CPU_ARCH}/${COMPILER}/inc")
120+
set_target_properties(netxduo PROPERTIES LINK_LIBRARIES "")
121+
set_target_properties(netxduo PROPERTIES INTERFACE_LINK_LIBRARIES "")
122+
endif()

test/cmake/crypto/coverage.sh

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
#!/bin/bash
2+
3+
set -e
4+
5+
cd $(dirname $0)
6+
mkdir -p coverage_report/$1
7+
gcovr --object-directory=build/$1/netxduo/CMakeFiles/netxduo.dir/crypto_libraries -r ../../../crypto_libraries --xml-pretty --output coverage_report/$1.xml
8+
gcovr --object-directory=build/$1/netxduo/CMakeFiles/netxduo.dir/crypto_libraries -r ../../../crypto_libraries --html --html-details --output coverage_report/$1/index.html

test/cmake/crypto/libs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
../nx_secure/libs
Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,69 @@
1+
cmake_minimum_required(VERSION 3.0.0 FATAL_ERROR)
2+
cmake_policy(SET CMP0057 NEW)
3+
4+
project(regression_test LANGUAGES C)
5+
6+
get_filename_component(SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/../../../regression/nx_secure_test
7+
ABSOLUTE)
8+
9+
set(crypto_test_cases
10+
${SOURCE_DIR}/nx_secure_3des_test.c
11+
${SOURCE_DIR}/nx_secure_3des_error_checking_test.c
12+
${SOURCE_DIR}/nx_secure_sha_additional_test.c
13+
${SOURCE_DIR}/nx_secure_sha256_rfc_test.c
14+
${SOURCE_DIR}/nx_secure_sha256_test.c
15+
${SOURCE_DIR}/nx_secure_sha384_test.c
16+
${SOURCE_DIR}/nx_secure_sha512_test.c
17+
${SOURCE_DIR}/nx_secure_hmac_md5_test.c
18+
${SOURCE_DIR}/nx_secure_hmac_md5_error_checking_test.c
19+
${SOURCE_DIR}/nx_secure_hmac_sha1_test.c
20+
${SOURCE_DIR}/nx_secure_hmac_sha256_test.c
21+
${SOURCE_DIR}/nx_secure_hmac_sha384_test.c
22+
${SOURCE_DIR}/nx_secure_hmac_sha512_test.c
23+
${SOURCE_DIR}/nx_secure_rsa_test.c
24+
${SOURCE_DIR}/nx_secure_rsa_error_checking_test.c
25+
${SOURCE_DIR}/nx_secure_aes_test.c
26+
${SOURCE_DIR}/nx_secure_aes_additional_test.c
27+
${SOURCE_DIR}/nx_secure_aes_ccm_test.c
28+
${SOURCE_DIR}/nx_secure_des_test.c
29+
${SOURCE_DIR}/nx_secure_des_error_checking_test.c
30+
${SOURCE_DIR}/nx_secure_drbg_test.c
31+
${SOURCE_DIR}/nx_secure_ec_test.c
32+
${SOURCE_DIR}/nx_secure_ec_additional_test.c
33+
${SOURCE_DIR}/nx_secure_ecdh_test.c
34+
${SOURCE_DIR}/nx_secure_ecdh_error_checking_test.c
35+
${SOURCE_DIR}/nx_secure_ecdh_self_test.c
36+
${SOURCE_DIR}/nx_secure_ecdsa_test.c
37+
${SOURCE_DIR}/nx_secure_ecdsa_error_checking_test.c
38+
${SOURCE_DIR}/nx_secure_ecjpake_self_test.c
39+
${SOURCE_DIR}/nx_secure_huge_number_test.c
40+
${SOURCE_DIR}/nx_secure_md5_test.c
41+
${SOURCE_DIR}/nx_secure_phash_prf_test.c
42+
${SOURCE_DIR}/nx_secure_pkcs1_v1_5_test.c)
43+
set(test_utility_files ${SOURCE_DIR}/../crypto_test/cryptotestcontrol.c)
44+
if(("${CMAKE_BUILD_TYPE}" STREQUAL "standalone_build"))
45+
include(${CMAKE_CURRENT_SOURCE_DIR}/crypto_standalone.cmake)
46+
endif()
47+
48+
if(NOT("${CMAKE_BUILD_TYPE}" STREQUAL "standalone_build"))
49+
add_library(test_utility ${test_utility_files})
50+
target_link_libraries(test_utility PUBLIC azrtos::netxduo)
51+
else()
52+
add_library(test_utility ${crypto_source_files} ${test_utility_files})
53+
endif()
54+
55+
target_include_directories(test_utility PUBLIC ${SOURCE_DIR}/test)
56+
target_compile_definitions(test_utility PUBLIC BATCH_TEST CTEST)
57+
if(("${CMAKE_BUILD_TYPE}" STREQUAL "fips_build_coverage") OR ("${CMAKE_BUILD_TYPE}" STREQUAL "standalone_build"))
58+
target_link_libraries(test_utility PUBLIC crypto)
59+
endif()
60+
61+
foreach(test_case ${crypto_test_cases})
62+
get_filename_component(test_name ${test_case} NAME_WE)
63+
add_executable(${test_name} ${test_case})
64+
target_link_libraries(${test_name} PRIVATE test_utility)
65+
add_test(
66+
NAME ${CMAKE_BUILD_TYPE}::${test_name}
67+
COMMAND ${test_name}
68+
WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR}/..)
69+
endforeach()
Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
cmake_minimum_required(VERSION 3.0.0 FATAL_ERROR)
2+
set(CPU_ARCH "linux")
3+
set(COMPILER "gnu")
4+
5+
get_filename_component(CRYPTO_DIR ${CMAKE_CURRENT_LIST_DIR}/../../../../crypto_libraries
6+
ABSOLUTE)
7+
8+
set(crypto_source_files
9+
# Network security and crypto components (CRYPTO - STANDALONE)
10+
${CRYPTO_DIR}/src/nx_crypto_3des.c
11+
${CRYPTO_DIR}/src/nx_crypto_aes.c
12+
${CRYPTO_DIR}/src/nx_crypto_cbc.c
13+
${CRYPTO_DIR}/src/nx_crypto_ccm.c
14+
${CRYPTO_DIR}/src/nx_crypto_ctr.c
15+
${CRYPTO_DIR}/src/nx_crypto_des.c
16+
${CRYPTO_DIR}/src/nx_crypto_dh.c
17+
${CRYPTO_DIR}/src/nx_crypto_drbg.c
18+
${CRYPTO_DIR}/src/nx_crypto_ec.c
19+
${CRYPTO_DIR}/src/nx_crypto_ec_secp192r1_fixed_points.c
20+
${CRYPTO_DIR}/src/nx_crypto_ec_secp224r1_fixed_points.c
21+
${CRYPTO_DIR}/src/nx_crypto_ec_secp256r1_fixed_points.c
22+
${CRYPTO_DIR}/src/nx_crypto_ec_secp384r1_fixed_points.c
23+
${CRYPTO_DIR}/src/nx_crypto_ec_secp521r1_fixed_points.c
24+
${CRYPTO_DIR}/src/nx_crypto_ecdh.c
25+
${CRYPTO_DIR}/src/nx_crypto_ecdsa.c
26+
${CRYPTO_DIR}/src/nx_crypto_ecjpake.c
27+
${CRYPTO_DIR}/src/nx_crypto_gcm.c
28+
${CRYPTO_DIR}/src/nx_crypto_hkdf.c
29+
${CRYPTO_DIR}/src/nx_crypto_hmac.c
30+
${CRYPTO_DIR}/src/nx_crypto_hmac_md5.c
31+
${CRYPTO_DIR}/src/nx_crypto_hmac_sha1.c
32+
${CRYPTO_DIR}/src/nx_crypto_hmac_sha2.c
33+
${CRYPTO_DIR}/src/nx_crypto_hmac_sha5.c
34+
${CRYPTO_DIR}/src/nx_crypto_huge_number.c
35+
${CRYPTO_DIR}/src/nx_crypto_huge_number_extended.c
36+
${CRYPTO_DIR}/src/nx_crypto_initialize.c
37+
${CRYPTO_DIR}/src/nx_crypto_md5.c
38+
${CRYPTO_DIR}/src/nx_crypto_method_self_test.c
39+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_3des.c
40+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_aes.c
41+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_des.c
42+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_drbg.c
43+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_ecdh.c
44+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_ecdsa.c
45+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_hmac_md5.c
46+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_hmac_sha.c
47+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_md5.c
48+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_pkcs1.c
49+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_prf.c
50+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_rsa.c
51+
${CRYPTO_DIR}/src/nx_crypto_method_self_test_sha.c
52+
${CRYPTO_DIR}/src/nx_crypto_methods.c
53+
${CRYPTO_DIR}/src/nx_crypto_null_cipher.c
54+
${CRYPTO_DIR}/src/nx_crypto_phash.c
55+
${CRYPTO_DIR}/src/nx_crypto_pkcs1_v1.5.c
56+
${CRYPTO_DIR}/src/nx_crypto_rsa.c
57+
${CRYPTO_DIR}/src/nx_crypto_sha1.c
58+
${CRYPTO_DIR}/src/nx_crypto_sha2.c
59+
${CRYPTO_DIR}/src/nx_crypto_sha5.c
60+
${CRYPTO_DIR}/src/nx_crypto_tls_prf_1.c
61+
${CRYPTO_DIR}/src/nx_crypto_tls_prf_sha256.c
62+
${CRYPTO_DIR}/src/nx_crypto_tls_prf_sha384.c
63+
${CRYPTO_DIR}/src/nx_crypto_tls_prf_sha512.c
64+
${CRYPTO_DIR}/src/nx_crypto_xcbc_mac.c)
65+
66+
include_directories(crypto_source_files PUBLIC ${CRYPTO_DIR}/inc)
67+
include_directories(crypto_source_files PUBLIC "${CRYPTO_DIR}/ports/${CPU_ARCH}/${COMPILER}/inc")

0 commit comments

Comments
 (0)