Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix test function derive_key_exercise() #6873

Merged
merged 1 commit into from
Jan 6, 2023
Merged

Fix test function derive_key_exercise() #6873

merged 1 commit into from
Jan 6, 2023

Conversation

mpg
Copy link
Contributor

@mpg mpg commented Jan 4, 2023
edited
Loading

mbedtls_test_psa_setup_key_derivation_wrap() returns 1 for success, 0 for error, so the test here was wrong. Other uses of this function in the same file have the correct check (either ! or == 0). This was causing tests using derive_key_exercises() to be marked as PASS even in builds where other derive key tests fail which made me notice.

Gatekeeper checklist

@mpg
Fix test function derive_key_exercise()
9502b56 
mbedtls_test_psa_setup_key_derivation_wrap() returns 1 for success, 0
for error, so the test here was wrong.

This is just a hotfix in order to avoid a testing gap. Larger issues not
addressed here:

- I don't think we should just exit and mark the test as passed; if
we're not doing the actual testing this should be marked as SKIP.
- Returning 1 for success and 0 for failure is a violation of our
documented coding guidelines. We're also supposed to test with == 0 or
!= 0. Having consistent conventions is supposed to help avoid errors
like this.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@mpg mpg added DO-NOT-MERGE needs-ci Needs to pass CI tests labels Jan 4, 2023
@mpg mpg mentioned this pull request Jan 4, 2023
Closed
@gilles-peskine-arm
Copy link
Contributor

I don't think we should just exit and mark the test as passed; if we're not doing the actual testing this should be marked as SKIP.

Where is this happening? It's the job of mbedtls_test_psa_setup_key_derivation_wrap to mark the test case as failed.

Returning 1 for success and 0 for failure is a violation of our documented coding guidelines. We're also supposed to test with == 0 or != 0. Having consistent conventions is supposed to help avoid errors like this.

I'm afraid I introduced this convention in test code: auxiliary functions return booleans (int because we don't assume that bool exists) with 1 meaning “I did my job successfully” and 0 meaning “something went wrong and I marked the test case as failed”. I did it precisely so that the expected usage is if (!auxiliary_function()) goto exit; or TEST_ASSERT(auxiliary_function()). I think this reduces the risk of using the wrong direction (but of course it doesn't eliminate it, as we saw here).

I do agree that it's problematic that this is the opposite convention from library functions in terms of what 0 vs nonzero means. But I'm not convinced that changing to 0 for error and 1 for success would be less error-prone. And using library error codes wouldn't really make sense either (would they even be MBEDTLS_ERR_xxx or PSA_ERROR_xxx?) since there's no library error to report.

gilles-peskine-arm
gilles-peskine-arm approved these changes Jan 4, 2023
View reviewed changes
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks correct to me now, with no follow-up needed (unless it causes an existing test to break).

@mpg
Copy link
Contributor Author

mpg commented Jan 5, 2023

I don't think we should just exit and mark the test as passed; if we're not doing the actual testing this should be marked as SKIP.

Where is this happening? It's the job of mbedtls_test_psa_setup_key_derivation_wrap to mark the test case as failed.

Ah right, missed that, thanks.

@mpg mpg marked this pull request as ready for review January 5, 2023 09:46
@mpg mpg added needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review size-s Estimated task size: small (~2d) priority-medium Medium priority - this can be reviewed as time permits and removed DO-NOT-MERGE needs-ci Needs to pass CI tests labels Jan 5, 2023
@mpg mpg self-assigned this Jan 5, 2023
@mpg mpg mentioned this pull request Jan 5, 2023
Merged
tom-cosgrove-arm
tom-cosgrove-arm approved these changes Jan 6, 2023
View reviewed changes
Copy link
Contributor

@tom-cosgrove-arm tom-cosgrove-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tom-cosgrove-arm tom-cosgrove-arm added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review labels Jan 6, 2023
@mpg mpg merged commit b178036 into Mbed-TLS:development Jan 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tom-cosgrove-arm tom-cosgrove-arm tom-cosgrove-arm approved these changes

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm approved these changes

Assignees

@mpg mpg

Labels
approved Design and code approved - may be waiting for CI or backports priority-medium Medium priority - this can be reviewed as time permits size-s Estimated task size: small (~2d)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mpg @gilles-peskine-arm @tom-cosgrove-arm