Skip to content

Commit 87695ad

Browse files
ejohnstownejohnstown
committed
FIPS Check Script with Explicit Versioning
1. Remove the demo variable presets. Actually use them in testing. 2. FIPS_REPO can be set to a local file path to speed up testing. 3. Add files missing from the demo OE checkout. 4. Add the fips-read OE files. 5. Add the quiet option to grep.
1 parent 98c50e0 commit 87695ad

1 file changed

Lines changed: 19 additions & 19 deletions

File tree

fips-check.sh

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -36,9 +36,8 @@ MAKE="${MAKE:-make}"
3636
GIT="${GIT:-git -c advice.detachedHead=false}"
3737
TEST_DIR="${TEST_DIR:-XXX-fips-test}"
3838
FLAVOR="${FLAVOR:-linux}"
39-
#KEEP="${KEEP:-no}"
40-
KEEP="${KEEP:-yes}"
41-
#FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}"
39+
KEEP="${KEEP:-no}"
40+
FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}"
4241

4342
while [ "$1" ]; do
4443
if [ "$1" = 'keep' ]; then KEEP='yes'; else FLAVOR="$1"; fi
@@ -94,7 +93,8 @@ linuxv5a)
9493
)
9594
WOLFCRYPT_FILES=(
9695
'wolfcrypt/src/aes.c:WCv5.0-RC12'
97-
'wolfcrypt/src/aes_asm.c:WCv5.0-RC12'
96+
'wolfcrypt/src/aes_asm.S:WCv5.0-RC12'
97+
'wolfcrypt/src/aes_gcm_asm.S:WCv5.0-RC12'
9898
'wolfcrypt/src/cmac.c:WCv5.0-RC12'
9999
'wolfcrypt/src/dh.c:WCv5.0-RC12'
100100
'wolfcrypt/src/ecc.c:WCv5.0-RC12'
@@ -104,13 +104,11 @@ linuxv5a)
104104
'wolfcrypt/src/rsa.c:WCv5.0-RC12'
105105
'wolfcrypt/src/sha.c:WCv5.0-RC12'
106106
'wolfcrypt/src/sha256.c:WCv5.0-RC12'
107-
'wolfcrypt/src/sha256_asm.c:WCv5.0-RC12'
107+
'wolfcrypt/src/sha256_asm.S:WCv5.0-RC12'
108108
'wolfcrypt/src/sha3.c:WCv5.0-RC12'
109109
'wolfcrypt/src/sha512.c:WCv5.0-RC12'
110-
'wolfcrypt/src/sha512_asm.c:WCv5.0-RC12'
111-
'wolfcrypt/src/aes_gcm_asm.S:WCv5.0-RC12'
110+
'wolfcrypt/src/sha512_asm.S:WCv5.0-RC12'
112111
'wolfssl/wolfcrypt/aes.h:WCv5.0-RC12'
113-
'wolfssl/wolfcrypt/aes_asm.h:WCv5.0-RC12'
114112
'wolfssl/wolfcrypt/cmac.h:WCv5.0-RC12'
115113
'wolfssl/wolfcrypt/dh.h:WCv5.0-RC12'
116114
'wolfssl/wolfcrypt/ecc.h:WCv5.0-RC12'
@@ -120,18 +118,20 @@ linuxv5a)
120118
'wolfssl/wolfcrypt/rsa.h:WCv5.0-RC12'
121119
'wolfssl/wolfcrypt/sha.h:WCv5.0-RC12'
122120
'wolfssl/wolfcrypt/sha256.h:WCv5.0-RC12'
123-
'wolfssl/wolfcrypt/sha256_asm.h:WCv5.0-RC12'
124121
'wolfssl/wolfcrypt/sha3.h:WCv5.0-RC12'
125122
'wolfssl/wolfcrypt/sha512.h:WCv5.0-RC12'
126-
'wolfssl/wolfcrypt/sha512_asm.h:WCv5.0-RC12'
127123
)
128124
;;
129-
#fips-ready)
130-
# FIPS_OPTION='ready'
131-
# FIPS_VERSION='master'
132-
# FIPS_SRCS=('fips.c' 'fips_test.c' 'wolfcrypt_first.c' 'wolfcrypt_last.c')
133-
# FIPS_INCS=('fips.h')
134-
# ;;
125+
fips-ready)
126+
FIPS_OPTION='ready'
127+
FIPS_FILES=('master'
128+
'wolfcrypt/src/fips.c'
129+
'wolfcrypt/src/fips_test.c'
130+
'wolfcrypt/src/wolfcrypt_first.c'
131+
'wolfcrypt/src/wolfcrypt_last.c'
132+
'wolfssl/wolfcrypt/fips.h'
133+
)
134+
;;
135135
#fips-dev)
136136
# FIPS_OPTION='dev'
137137
# FIPS_VERSION='master'
@@ -169,7 +169,7 @@ function checkout_files() {
169169
do
170170
local name=${file_entry%%:*}
171171
local tag=${file_entry#*:}
172-
if ! $GIT branch --list | grep "my$tag"
172+
if ! $GIT branch --list | grep --quiet "my$tag"
173173
then
174174
$GIT branch --no-track "my$tag" "$tag" || exit $?
175175
fi
@@ -183,7 +183,7 @@ function checkout_files() {
183183
function copy_fips_files() {
184184
local tag="$1"
185185
shift
186-
if ! $GIT clone --depth 1 -b "$tag" 'git@github.com:wolfssl/fips.git' fips
186+
if ! $GIT clone --depth 1 -b "$tag" "$FIPS_REPO" fips
187187
then
188188
echo "fips-check: Couldn't check out $tag from FIPS repository."
189189
exit 1
@@ -252,7 +252,7 @@ esac
252252

253253
if ! $MAKE
254254
then
255-
echo "fips-check: Make failed. Debris left for analysis."
255+
echo 'fips-check: Make failed. Debris left for analysis.'
256256
exit 3
257257
fi
258258

0 commit comments

Comments
 (0)