Skip to content

Commit 8a45f43

Browse files
dgarskedgarske
authored
Merge pull request #7131 from bandi13/fips-check-upgrades
Fips check upgrades
2 parents ec96fcd + 41b70b8 commit 8a45f43

1 file changed

Lines changed: 17 additions & 21 deletions

File tree

fips-check.sh

Lines changed: 17 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ GIT="${GIT:-git -c advice.detachedHead=false}"
1616
TEST_DIR="${TEST_DIR:-XXX-fips-test}"
1717
FLAVOR="${FLAVOR:-linux}"
1818
KEEP="${KEEP:-no}"
19+
MAKECHECK=${MAKECHECK:-yes}
1920
FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}"
2021

2122
Usage() {
@@ -39,7 +40,9 @@ usageText
3940
}
4041

4142
while [ "$1" ]; do
42-
if [ "$1" = 'keep' ]; then KEEP='yes'; else FLAVOR="$1"; fi
43+
if [ "$1" = 'keep' ]; then KEEP='yes';
44+
elif [ "$1" = 'nomakecheck' ]; then MAKECHECK='no';
45+
else FLAVOR="$1"; fi
4346
shift
4447
done
4548

@@ -262,8 +265,7 @@ esac
262265
function checkout_files() {
263266
local name
264267
local tag
265-
for file_entry in "$@"
266-
do
268+
for file_entry in "$@"; do
267269
name=${file_entry%%:*}
268270
tag=${file_entry#*:}
269271
if ! $GIT rev-parse -q --verify "my$tag" >/dev/null
@@ -283,14 +285,12 @@ function copy_fips_files() {
283285
local bname
284286
local dname
285287
local tag
286-
for file_entry in "$@"
287-
do
288+
for file_entry in "$@"; do
288289
name=${file_entry%%:*}
289290
tag=${file_entry#*:}
290291
bname=$(basename "$name")
291292
dname=$(dirname "$name")
292-
if ! $GIT rev-parse -q --verify "my$tag" >/dev/null
293-
then
293+
if ! $GIT rev-parse -q --verify "my$tag" >/dev/null; then
294294
$GIT branch --no-track "my$tag" "$tag" || exit $?
295295
fi
296296
$GIT checkout "my$tag" -- "$bname" || exit $?
@@ -305,8 +305,7 @@ fi
305305

306306
pushd "$TEST_DIR" || exit 2
307307

308-
if ! $GIT clone "$FIPS_REPO" fips
309-
then
308+
if ! $GIT clone "$FIPS_REPO" fips; then
310309
echo "fips-check: Couldn't check out FIPS repository."
311310
exit 1
312311
fi
@@ -322,8 +321,7 @@ popd || exit 2
322321
# Since OE additions can still be processed for cert3389 we will call 140-2
323322
# ready "fipsv2-OE-ready" indicating it is ready to use for an OE addition but
324323
# would not be good for a new certification effort with the latest files.
325-
if [ "$FLAVOR" = 'fipsv2-OE-ready' ] && [ -s wolfcrypt/src/fips.c ]
326-
then
324+
if [ "$FLAVOR" = 'fipsv2-OE-ready' ] && [ -s wolfcrypt/src/fips.c ]; then
327325
cp wolfcrypt/src/fips.c wolfcrypt/src/fips.c.bak
328326
sed "s/v4.0.0-alpha/fipsv2-OE-ready/" wolfcrypt/src/fips.c.bak >wolfcrypt/src/fips.c
329327
fi
@@ -343,14 +341,12 @@ cavp-selftest-v2)
343341
;;
344342
esac
345343

346-
if ! $MAKE
347-
then
344+
if ! $MAKE; then
348345
echo 'fips-check: Make failed. Debris left for analysis.'
349346
exit 3
350347
fi
351348

352-
if [ -s wolfcrypt/src/fips_test.c ]
353-
then
349+
if [ -s wolfcrypt/src/fips_test.c ]; then
354350
NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
355351
if [ -n "$NEWHASH" ]; then
356352
cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
@@ -359,15 +355,15 @@ then
359355
fi
360356
fi
361357

362-
if ! $MAKE check
363-
then
364-
echo 'fips-check: Test failed. Debris left for analysis.'
365-
exit 3
358+
if [ "$MAKECHECK" = "yes" ]; then
359+
if ! $MAKE check; then
360+
echo 'fips-check: Test failed. Debris left for analysis.'
361+
exit 3
362+
fi
366363
fi
367364

368365
# Clean up
369366
popd || exit 2
370-
if [ "$KEEP" = 'no' ];
371-
then
367+
if [ "$KEEP" = 'no' ]; then
372368
rm -rf "$TEST_DIR"
373369
fi

0 commit comments

Comments
 (0)