Modify tests directory structure

.github/workflows/ci.yml

@@ -3,82 +3,55 @@ name: Continuous Integration
 on: [push, pull_request]
 
 jobs:
- build-and-formatting:
- name: Build and check formatting
+ all-providers:
+ name: Various tests targeting a Parsec image with all providers included
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v1
- - name: Build
- run: cargo build --verbose
- # rustfmt will check if the code build before checking the formatting.
- # Because the build script generated a new module in the code,
- # building the code before checking it is needed.
- - name: Check formatting
- run: cargo fmt --all -- --check
+ - name: Build the container
+ run: docker build -t all-providers tests/all_providers
+ - name: Run the container to execute the test script
+ run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec all-providers /tmp/parsec/tests/all_providers/ci.sh
 
- linting:
- name: Execute clippy
+ mbed-crypto-provider:
+ name: Integration tests using Mbed Crypto provider
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v1
- - run: cargo clippy
+ - name: Build the container
+ run: docker build -t mbed-crypto-provider tests/per_provider/provider_cfg/mbed-crypto
+ - name: Run the container to execute the test script
+ run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec mbed-crypto-provider /tmp/parsec/tests/per_provider/ci.sh mbed-crypto
 
- unit-test:
- name: Run unit and doc tests
+ pkcs11-provider:
+ name: Integration tests using PKCS 11 provider
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v1
- - run: cargo test --lib --verbose
- - run: cargo test --doc --verbose
+ - name: Build the container
+ run: docker build -t pkcs11-provider tests/per_provider/provider_cfg/pkcs11
+ - name: Run the container to execute the test script
+ run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec pkcs11-provider /tmp/parsec/tests/per_provider/ci.sh pkcs11
 
- integ-test-normal:
- name: Normal integration tests
+ tpm-provider:
+ name: Integration tests using TPM provider
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v1
- - run: cargo build --verbose
- - run: |
-  RUST_BACKTRACE=1 RUST_LOG=info cargo run &
-  cargo test --test normal
+ - name: Build the container
+  run: docker build -t tpm-provider tests/per_provider/provider_cfg/tpm
+ - name: Run the container to execute the test script
+ run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec tpm-provider /tmp/parsec/tests/per_provider/ci.sh tpm
 
- integ-test-persistence:
- name: Persistence integration tests
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v1
- - run: cargo build --verbose
- - run: |
- RUST_BACKTRACE=1 RUST_LOG=info cargo run &
- SERVER_PID=$!
- cargo test --test persistent-before
- # Create a fake mapping file for the root application, the Mbed Provider and
- # a key name of "Test Key". It contains a valid PSA Key ID.
- # It is tested in test "should_have_been_deleted".
- mkdir -p mappings/cm9vdA==/1 || exit 1
- printf '\xe0\x19\xb2\x5c' > mappings/cm9vdA==/1/VGVzdCBLZXk\=
- kill -s SIGHUP $SERVER_PID
- cargo test --test persistent-after
-
- stress-test:
- name: Stress tests
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v1
- - run: cargo build --verbose
- - run: |
- RUST_BACKTRACE=1 RUST_LOG=info cargo run &
- cargo test --test stress_test
-
- cross-testing-arm64-linux:
- name: Cross testing for the aarch64-unknown-linux-gnu target
+ cross-compilation-arm64-linux:
+ name: Cross compilation for the aarch64-unknown-linux-gnu target
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v1
  - name: Install cross
  run: cargo install cross
  - name: Build the cross Dockerfile
- run: docker build -t parsec-cross tests/
+ run: docker build -t parsec-cross tests/cross_compilation
  - name: Cross-compile with cross
- run: cross build --target aarch64-unknown-linux-gnu --verbose
- - name: Execute the unit tests with cross
- run: cross test --lib --target aarch64-unknown-linux-gnu --verbose
+ #TODO: compile will all features included by setting up the right Dockerfile
+ run: cross build --target aarch64-unknown-linux-gnu --verbose --no-default-features

build-conf.toml

@@ -4,7 +4,7 @@
  # Path (either relative or absolute) where the Mbed Crypto source code will be
  # persisted.
  # This value default to the OUT_DIR environment variable.
- # mbed_path = "/tmp/"
+ mbed_path = "/tmp/"
 
  # When compiling natively
  [mbed_config.native]

setup_mbed_crypto.sh

@@ -65,7 +65,7 @@ else
 fi
 
 # Set up lib
-if [[ -n "$HAS_CURRENT_MBED" && -e "library/$MBED_LIB_FILENAME" ]]; then
+if [[ -e "library/$MBED_LIB_FILENAME" ]]; then
  echo "Library is set up."
 else 
  setup_mbed_library

tests/all_providers/Dockerfile

@@ -0,0 +1,49 @@
+FROM tpm2software/tpm2-tss
+
+ENV PKG_CONFIG_PATH /usr/local/lib/pkgconfig
+
+RUN apt-get update && \
+ apt-get install -y git make gcc python3 python curl wget && \
+ apt-get install -y automake autoconf libtool pkg-config libssl-dev && \
+ # These libraries are needed for bindgen as it uses libclang.so
+ apt-get install -y clang libclang-dev libc6-dev-i386
+
+WORKDIR /tmp
+RUN wget https://github.com/ARMmbed/mbed-crypto/archive/mbedcrypto-2.0.0.tar.gz
+RUN tar xf mbedcrypto-2.0.0.tar.gz
+RUN cd mbed-crypto-mbedcrypto-2.0.0 \
+ && make SHARED=0
+
+WORKDIR /tmp
+# Download and install TSS 2.0
+RUN git clone https://github.com/tpm2-software/tpm2-tss.git --branch 2.3.1
+RUN cd tpm2-tss \
+ && ./bootstrap \
+ && ./configure \
+ && make -j$(nproc) \
+ && make install \
+ && ldconfig
+
+# Download and install TPM2 tools
+RUN git clone https://github.com/tpm2-software/tpm2-tools.git --branch 4.1
+RUN cd tpm2-tools \
+ && ./bootstrap \
+ && ./configure --enable-unit \
+ && make install
+
+WORKDIR /tmp
+RUN wget https://github.com/opendnssec/SoftHSMv2/archive/2.5.0.tar.gz
+RUN tar xf 2.5.0.tar.gz
+RUN cd SoftHSMv2-2.5.0 \
+ && sh autogen.sh \
+ && ./configure --disable-gost \
+ && make \
+ && make install
+
+# Create a new token in a new slot. The slot number assigned will be random
+# and is found with the find_slot_number script.
+RUN softhsm2-util --init-token --slot 0 --label "Parsec Tests" --pin 123456 --so-pin 123456
+
+# Install Rust toolchain
+RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
+ENV PATH="/root/.cargo/bin:${PATH}"

tests/all.sh → tests/all_providers/ci.sh

@@ -17,52 +17,51 @@
 # limitations under the License.
 # ------------------------------------------------------------------------------
 
-# This script executes static checks, unit and integration tests for the PARSEC
-# service.
+# All providers CI test script
 #
-# Usage: ./tests/all.sh
+# This script will execute various tests targeting a platform will all providers included.
+# It is meant to be executed inside the container which Dockerfile is in tests/all_providers.
+# Usage: ./tests/all_providers/ci.sh
+
+set -e
+
+# Select all providers.
+FEATURES="--all-features"
+
+# Start the TPM simulation server if needed
+tpm_server &
+sleep 5
+tpm2_startup -c -T mssim
+
+# Find and append the slot number at the end of the configuration file.
+tests/per_provider/provider_cfg/pkcs11/find_slot_number.sh \
+ tests/all_providers/config.toml
 
 ##############
 # Build test #
 ##############
-cargo build || exit 1
-
-############################
-# Unit tests and doc tests #
-############################
-cargo test --lib || exit 1
-cargo test --doc || exit 1
+RUST_BACKTRACE=1 cargo build $FEATURES --verbose
 
 #################
 # Static checks #
 #################
-cargo fmt --all -- --check || exit 1
-cargo clippy || exit 1
+cargo fmt --all -- --check
+cargo clippy
+
+############################
+# Unit tests and doc tests #
+############################
+RUST_BACKTRACE=1 cargo test --lib $FEATURES
+RUST_BACKTRACE=1 cargo test --doc $FEATURES
 
 #####################
 # Integration tests #
 #####################
-RUST_BACKTRACE=1 RUST_LOG=info cargo run &
+RUST_BACKTRACE=1 cargo run $FEATURES \
+ -- --config tests/all_providers/config.toml &
 SERVER_PID=$!
 
-cargo test --test normal || exit 1
-
-cargo test --test persistent-before || exit 1
-
-# Create a fake mapping file for the root application, the Mbed Provider and a
-# key name of "Test Key". It contains a valid PSA Key ID.
-# It is tested in test "should_have_been_deleted".
-mkdir -p mappings/cm9vdA==/1 || exit 1
-# For Mbed Provider
-printf '\xe0\x19\xb2\x5c' > mappings/cm9vdA==/1/VGVzdCBLZXk\=
-# For PKCS 11 Provider
-printf '\xe0\x19\xb2\x5c' > mappings/cm9vdA==/2/VGVzdCBLZXk\=
-
-# Trigger a configuration reload to load the new mappings.
-kill -s SIGHUP $SERVER_PID
-
-cargo test --test persistent-after || exit 1
-
-RUST_LOG=info cargo test --test stress_test || exit 1
+RUST_BACKTRACE=1 cargo test $FEATURES all_providers
 
 kill $SERVER_PID
+cargo clean

tests/all_providers/config.toml

@@ -0,0 +1,30 @@
+[core_settings]
+log_level = "debug"
+# The CI already timestamps the logs
+log_timestamp = false
+
+[listener]
+listener_type = "DomainSocket"
+timeout = 200 # in milliseconds
+
+[[key_manager]]
+name = "on-disk-manager"
+manager_type = "OnDisk"
+
+[[provider]]
+provider_type = "MbedProvider"
+key_id_manager = "on-disk-manager"
+
+[[provider]]
+provider_type = "TpmProvider"
+key_id_manager = "on-disk-manager"
+tcti = "mssim"
+
+[[provider]]
+provider_type = "Pkcs11Provider"
+key_id_manager = "on-disk-manager"
+library_path = "/usr/local/lib/softhsm/libsofthsm2.so"
+user_pin = "123456"
+# The slot_number mandatory field is going to be added by the find_slot_number.sh script
+# to the last line of this file in the form:
+# slot_number = 123456

tests/normal_tests/describe_assets.rs → tests/all_providers/mod.rs

@@ -19,26 +19,21 @@ mod tests {
  use parsec_interface::requests::Result;
  use std::collections::HashSet;
 
- //TODO: put those two first tests in a separate target which is executed with an
- //appropriate config file so that all providers are there.
-
  #[test]
- #[ignore]
  fn list_providers() {
  let mut client = TestClient::new();
  let providers = client.list_providers().expect("list providers failed");
- assert_eq!(providers.len(), 3);
+ assert_eq!(providers.len(), 4);
  let ids: HashSet<ProviderID> = providers.iter().map(|p| p.id).collect();
  assert!(ids.contains(&ProviderID::CoreProvider));
  assert!(ids.contains(&ProviderID::MbedProvider));
  assert!(ids.contains(&ProviderID::Pkcs11Provider));
+ assert!(ids.contains(&ProviderID::TpmProvider));
  }
 
  #[test]
- #[ignore]
  fn list_opcodes() {
  let mut client = TestClient::new();
- client.set_provider(Some(ProviderID::MbedProvider));
  let opcodes = client
  .list_opcodes(ProviderID::MbedProvider)
  .expect("list providers failed");

tests/Dockerfile → tests/cross_compilation/Dockerfile

@@ -1,5 +1,4 @@
-# This Dockerfile is used by cross for cross-compilation and cross-testing of
-# PARSEC.
+# This Dockerfile is used by cross for cross-compilation of Parsec.
 
 FROM rustembedded/cross:aarch64-unknown-linux-gnu-0.1.16
 

tests/mod.rs

@@ -0,0 +1,16 @@
+// Copyright (c) 2019, Arm Limited, All Rights Reserved
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+mod all_providers;
+mod per_provider;