From cafd01610c0e6d0ffdd48e4e20e44646b8c9844c Mon Sep 17 00:00:00 2001 From: Soren Ptak Date: Tue, 5 Sep 2023 17:27:52 -0400 Subject: [PATCH] CI-CD Updates (#180) * Use new version of CI-CD Actions, checkout@v3 instead of checkout@v2 on all jobs * Use cSpell spell check, and use ubuntu-20.04 for formatting check * Add in bot formatting action --- .github/.cSpellWords.txt | 85 ++++ CONTRIBUTING.md => .github/CONTRIBUTING.md | 2 +- .github/workflows/ci.yml | 143 ++++--- .github/workflows/formatting.yml | 23 ++ .github/workflows/release.yml | 4 +- MISRA.md | 8 +- README.md | 199 ++++++--- cspell.config.yaml | 31 ++ lexicon.txt | 378 ------------------ manifest.yml | 13 +- .../3rdparty/mbedtls_utils/mbedtls_utils.c | 2 +- .../3rdparty/mbedtls_utils/mbedtls_utils.h | 2 +- source/portable/mbedtls/core_pkcs11_mbedtls.c | 10 +- test/cbmc/include/core_pkcs11_config.h | 2 +- test/cbmc/include/mbedtls_config.h | 22 +- test/cbmc/proofs/C_CloseSession/README.md | 2 +- test/cbmc/proofs/C_CreateObject/README.md | 2 +- test/cbmc/proofs/C_DestroyObject/README.md | 2 +- test/cbmc/proofs/C_DigestFinal/README.md | 2 +- test/cbmc/proofs/C_DigestInit/README.md | 2 +- test/cbmc/proofs/C_DigestUpdate/README.md | 2 +- test/cbmc/proofs/C_Finalize/README.md | 2 +- test/cbmc/proofs/C_FindObjects/README.md | 2 +- test/cbmc/proofs/C_FindObjectsFinal/README.md | 2 +- test/cbmc/proofs/C_FindObjectsInit/README.md | 2 +- test/cbmc/proofs/C_GenerateKeyPair/README.md | 2 +- test/cbmc/proofs/C_GenerateRandom/README.md | 2 +- .../cbmc/proofs/C_GetAttributeValue/README.md | 2 +- test/cbmc/proofs/C_GetFunctionList/README.md | 2 +- test/cbmc/proofs/C_GetMechanismInfo/README.md | 2 +- test/cbmc/proofs/C_GetSlotList/README.md | 2 +- test/cbmc/proofs/C_Initialize/README.md | 2 +- test/cbmc/proofs/C_OpenSession/README.md | 2 +- test/cbmc/proofs/C_Sign/README.md | 2 +- test/cbmc/proofs/C_SignInit/README.md | 2 +- test/cbmc/proofs/C_Verify/README.md | 2 +- test/cbmc/proofs/C_VerifyInit/README.md | 2 +- .../README.md | 2 +- .../README.md | 2 +- .../README.md | 2 +- .../xFindObjectWithLabelAndClass/README.md | 2 +- test/cbmc/proofs/xGetSlotList/README.md | 2 +- test/cbmc/proofs/xInitializePKCS11/README.md | 2 +- .../proofs/xInitializePkcs11Session/README.md | 2 +- .../proofs/xInitializePkcs11Token/README.md | 2 +- test/include/core_pkcs11_config.h | 2 +- test/mbedtls_integration/core_pkcs11_config.h | 2 +- .../mbedtls_integration_test.c | 2 +- .../core_pkcs11_mbedtls_utest.c | 2 +- tools/uncrustify.cfg | 160 -------- 50 files changed, 426 insertions(+), 726 deletions(-) create mode 100644 .github/.cSpellWords.txt rename CONTRIBUTING.md => .github/CONTRIBUTING.md (96%) create mode 100644 .github/workflows/formatting.yml create mode 100644 cspell.config.yaml delete mode 100644 lexicon.txt delete mode 100644 tools/uncrustify.cfg diff --git a/.github/.cSpellWords.txt b/.github/.cSpellWords.txt new file mode 100644 index 00000000..996297cf --- /dev/null +++ b/.github/.cSpellWords.txt @@ -0,0 +1,85 @@ +ABEF +AESCMAC +AESNI +BBOOL +Bgkqhki +Bhargavan +CBMC +CBOR +CMAC +CMOCK +CMock +CSRS +Chth +Cmock +Coverity +DNDEBUG +DSYSTEM +DUNIT +DUNITY +Drbg +ECKEY +FAAOCAQE +Fithb +Gaëtan +Gcbs +HAVEGE +HKDF +JITP +JITR +Karthikeyan +LPDWORD +LPWORD +MBED +MBEDTLSSL +MISRA +MQTT +Merkle +Misra +NISTP +OPTIM +Optiga +PAKE +RCVT +RSAES +RSASSA +SCSV +SECP +SSLV +UDBL +Wunused +XTEA +ZEROIZE +abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu +aesni +cbmc +cbor +cmac +cmock +coverity +ctest +dgst +ecdh +ecjpake +ggdb +havege +hkdf +lcov +mbed +mbedcrypto +misra +osal +pcertificate +pkparse +pkwrite +ppublic +ppuc +scsv +sinclude +unhashed +utest +xfindobjectwithlabelandclass +xgetslotlist +xinitializepkcs +xtea +zeroize diff --git a/CONTRIBUTING.md b/.github/CONTRIBUTING.md similarity index 96% rename from CONTRIBUTING.md rename to .github/CONTRIBUTING.md index 0c78389b..c0fe952f 100644 --- a/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -56,6 +56,6 @@ If you discover a potential security issue in this project we ask that you notif ## Licensing -See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. +See the [LICENSE](../LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 59fef710..048b873b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,11 @@ name: CI Checks +env: + bashPass: \033[32;1mPASSED - + bashInfo: \033[33;1mINFO - + bashFail: \033[31;1mFAILED - + bashEnd: \033[0m + on: push: branches: ["**"] @@ -24,25 +30,30 @@ jobs: -DUNIT_TESTS=0 \ -DCMAKE_C_FLAGS="${CFLAGS}" make -C build/ all + - name: Integration Tests - run: | - cd build/ - ctest --output-on-failure | tee -a $GITHUB_STEP_SUMMARY + run: ctest --test-dir build --output-on-failure | tee -a $GITHUB_STEP_SUMMARY + - name: Archive Test Results if: success() || failure() uses: actions/upload-artifact@v3 with: - name: system_test_results - path: | - build/Testing/Temporary/LastTest.log + name: system_test_results + path: | + build/Testing/Temporary/LastTest.log unit-tests-with-sanitizer: runs-on: ubuntu-latest steps: - name: Clone This Repo uses: actions/checkout@v3 - - name: Build + + - env: + stepName: Build corePKCS11 Sanitizer Unit Tests run: | + # ${{ env.stepName }} + echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" + CFLAGS="-Wall -Wextra -DNDEBUG" CFLAGS+=" -fsanitize=address,undefined" cmake -S test -B build/ \ @@ -52,18 +63,25 @@ jobs: -DSYSTEM_TESTS=0 \ -DCMAKE_C_FLAGS="${CFLAGS}" make -C build/ all - - name: Unit Tests - run: | - cd build/ - ctest --output-on-failure | tee -a $GITHUB_STEP_SUMMARY + echo "::endgroup::" + + echo -e "${{ env.bashPass }} ${{env.stepName}} ${{ env.bashEnd }}" + + - name: Run Unit Tests + run: ctest --test-dir build --output-on-failure | tee -a $GITHUB_STEP_SUMMARY unit-tests: runs-on: ubuntu-latest steps: - name: Clone This Repo uses: actions/checkout@v3 - - name: Build + + - env: + stepName: Build corePKCS11 Unit Tests run: | + # ${{ env.stepName }} + echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" + sudo apt-get install -y lcov CFLAGS="--coverage -Wall -Wextra -DNDEBUG" cmake -S test -B build/ \ @@ -73,30 +91,41 @@ jobs: -DSYSTEM_TESTS=0 \ -DCMAKE_C_FLAGS="${CFLAGS}" make -C build/ all + echo "::endgroup::" + + echo -e "${{ env.bashPass }} ${{env.stepName}} ${{ env.bashEnd }}" + - name: Run Unit Tests + run: ctest --test-dir build --output-on-failure | tee -a $GITHUB_STEP_SUMMARY + + - env: + stepName: Line and Branch Coverage Build run: | - cd build/ - ctest --output-on-failure | tee -a $GITHUB_STEP_SUMMARY - cd .. - - name: Run and Collect Coverage - if: success() || failure() - run: | + # ${{ env.stepName }} + echo -e "::group::${{ env.bashInfo }} Build Coverage Target ${{ env.bashEnd }}" + + # Build the coverage target make -C build/ coverage - lcov --rc lcov_branch_coverage=1 --remove build/coverage.info '*test*' --output-file build/coverage.info - lcov --rc lcov_branch_coverage=1 --remove build/coverage.info '*CMakeCCompilerId*' --output-file build/coverage.info - lcov --rc lcov_branch_coverage=1 --remove build/coverage.info '*mocks*' --output-file build/coverage.info + + # Generate coverage report, excluding extra directories + lcov --rc lcov_branch_coverage=1 -r build/coverage.info -o build/coverage.info '*test*' '*CMakeCCompilerId*' '*mocks*' + echo "::endgroup::" + lcov --list build/coverage.info + echo -e "${{ env.bashPass }} ${{env.stepName}} ${{ env.bashEnd }}" + - name: Archive Test Results if: success() || failure() uses: actions/upload-artifact@v3 with: - name: unit_test_results - path: | - build/utest_report.txt - build/*_out.txt - build/coverage.info - build/report.xml - build/Testing/Temporary/LastTest.log + name: unit_test_results + path: | + build/utest_report.txt + build/*_out.txt + build/coverage.info + build/report.xml + build/Testing/Temporary/LastTest.log + - name: Upload coverage data to Codecov if: success() uses: codecov/codecov-action@v3 @@ -106,7 +135,6 @@ jobs: fail_ci_if_error: false verbose: false - complexity: runs-on: ubuntu-latest steps: @@ -129,34 +157,12 @@ jobs: spell-check: runs-on: ubuntu-latest steps: - - name: Checkout Parent Repo - uses: actions/checkout@v3 - with: - ref: main - repository: aws/aws-iot-device-sdk-embedded-C - - run: rm -r libraries/standard/corePKCS11 - name: Clone This Repo uses: actions/checkout@v3 + - name: Run spellings check + uses: FreeRTOS/CI-CD-Github-Actions/spellings@main with: - path: libraries/standard/corePKCS11 - - name: Install spell - run: | - sudo apt-get install spell - sudo apt-get install util-linux - - name: Check spelling - run: | - PATH=$PATH:$PWD/tools/spell - # Modifies `find` command used in spell checker to ignore the test and dependency directory - # The command looks like this `extract-comments `find $DIRNAME -name \*.[ch]` should the line change and the sed command will - # append "-not path {val added below}" for each of the directories mentioned. - # https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/ad28ed355df4f82b77f48028e24bd6fc9e63bc54/tools/spell/find-unknown-comment-words#L86 - sed -i 's/find $DIRNAME/find $DIRNAME -not -path '*test*' -not -path '*dependency*'/g' tools/spell/find-unknown-comment-words - find-unknown-comment-words --directory libraries/standard/corePKCS11 - if [ "$?" = "0" ]; then - exit 0 - else - exit 1 - fi + path: ./ formatting: runs-on: ubuntu-20.04 @@ -172,16 +178,24 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Setup Python for link verifier action - uses: actions/setup-python@v4 - with: - python-version: '3.11.0' - name: Check Links - uses: FreeRTOS/CI-CD-GitHub-Actions/link-verifier@main + uses: FreeRTOS/CI-CD-Github-Actions/link-verifier@main + with: + path: ./ + + verify-manifest: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + submodules: true + fetch-depth: 0 + + - name: Run manifest verifier + uses: FreeRTOS/CI-CD-GitHub-Actions/manifest-verifier@main with: path: ./ - exclude-dirs: cbmc - include-file-types: .c,.h,.dox + fail-on-incorrect-version: true git-secrets: runs-on: ubuntu-latest @@ -215,14 +229,15 @@ jobs: - name: Install Python3 uses: actions/setup-python@v4 with: - python-version: '3.11.0' + python-version: "3.11.0" - name: Measure sizes uses: FreeRTOS/CI-CD-Github-Actions/memory_statistics@main with: - config: .github/memory_statistics_config.json - check_against: docs/doxygen/include/size_table.md + config: .github/memory_statistics_config.json + check_against: docs/doxygen/include/size_table.md proof_ci: + if: ${{ github.event.pull_request }} runs-on: cbmc_ubuntu-latest_16-core steps: - name: Set up CBMC runner diff --git a/.github/workflows/formatting.yml b/.github/workflows/formatting.yml new file mode 100644 index 00000000..8257adda --- /dev/null +++ b/.github/workflows/formatting.yml @@ -0,0 +1,23 @@ +name: Format Pull Request Files + +on: + issue_comment: + types: [created] + +env: + bashPass: \033[32;1mPASSED - + bashInfo: \033[33;1mINFO - + bashFail: \033[31;1mFAILED - + bashEnd: \033[0m + +jobs: + Formatting: + name: Run Formatting Check + if: ${{ github.event.issue.pull_request }} && + ( ( github.event.comment.body == '/bot run uncrustify' ) || + ( github.event.comment.body == '/bot run formatting' ) ) + runs-on: ubuntu-20.04 + steps: + - name: Apply Formatting Fix + uses: FreeRTOS/CI-CD-Github-Actions/formatting-bot@main + id: check-formatting diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 83a1e8ea..a76bf248 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: ref: ${{ github.event.inputs.commit_id }} - name: Configure git identity @@ -53,7 +53,7 @@ jobs: - name: Install ZIP tools run: sudo apt-get install zip unzip - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: ref: ${{ github.event.inputs.commit_id }} path: corePKCS11 diff --git a/MISRA.md b/MISRA.md index 9f3566be..dd62c42a 100644 --- a/MISRA.md +++ b/MISRA.md @@ -26,17 +26,17 @@ _Ref 10.5.1_ _Ref 11.1.1_ - MISRA C-2012 Rule 11.1 Doesn't allow conversions between function pointers and any other type - However, since we're just using this to supress the compiler warning, we're also fine with - supressing the MISRA violation related to this line as well. + However, since we're just using this to suppress the compiler warning, we're also fine with + suppressing the MISRA violation related to this line as well. #### Rule 12.1 _Ref 12.1.1_ -- MISRA C-2012 Rule 12.1 Requires precendence of operators within an expression to be explicit. +- MISRA C-2012 Rule 12.1 Requires precedence of operators within an expression to be explicit. The third party macro being used here throws a violation when used. Adding additional parens to the - call or to the decleration doesn't remove the violation, so we supress it. + call or to the decleration doesn't remove the violation, so we suppress it. #### Rule 11.5 diff --git a/README.md b/README.md index 707ecc46..9caa86bb 100644 --- a/README.md +++ b/README.md @@ -1,49 +1,110 @@ # corePKCS11 Library -[PKCS #11](https://en.wikipedia.org/wiki/PKCS_11) is a standardized and widely used API for manipulating common cryptographic objects. It is important because the functions it specifies allow application software to use, create, modify, and delete cryptographic objects, without ever exposing those objects to the application’s memory. -For example, FreeRTOS AWS reference integrations use a small subset of the PKCS #11 API to, among other things, access the secret (private) key necessary to create a network connection that is authenticated and secured by the [Transport Layer Security (TLS)](https://en.wikipedia.org/wiki/Transport_Layer_Security) protocol – without the application ever ‘seeing’ the key. - -The Cryptoki or PKCS #11 standard defines a platform-independent API to manage and use cryptographic tokens. The name, "PKCS #11", is used interchangeably to refer to the API itself and the standard which defines it. - -This repository contains a software based mock implementation of the PKCS #11 interface (API) that uses the cryptographic functionality provided by Mbed TLS. Using a software mock enables rapid development and flexibility, but it is expected that the mock be replaced by an implementation specific to your chosen secure key storage in production devices. - -Only a subset of the PKCS #11 standard is implemented, with a focus on operations involving asymmetric keys, random number generation, and hashing. - -The targeted use cases include certificate and key management for TLS authentication and code-sign signature verification, on small embedded devices. - -corePKCS11 is implemented on PKCS #11 v2.4.0, the full PKCS #11 standard can be found on the [oasis website](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html). - -This library has gone through code quality checks including verification that no function has a [GNU Complexity](https://www.gnu.org/software/complexity/manual/complexity.html) score over 8, and checks against deviations from mandatory rules in the [MISRA coding standard](https://www.misra.org.uk). Deviations from the MISRA C:2012 guidelines are documented under [MISRA Deviations](MISRA.md). This library has also undergone both static code analysis from [Coverity static analysis](https://scan.coverity.com/) and validation of memory safety through the [CBMC automated reasoning tool](https://www.cprover.org/cbmc/). - -See memory requirements for this library [here](./docs/doxygen/include/size_table.md). - -**corePKCS11 v3.5.0 [source code](https://github.com/FreeRTOS/corePKCS11/tree/v3.5.0/source) is part of the [FreeRTOS 202210.00 LTS](https://github.com/FreeRTOS/FreeRTOS-LTS/tree/202210.00-LTS) release.** - -**corePKCS11 v3.0.0 [source code](https://github.com/FreeRTOS/corePKCS11/tree/v3.0.0/source) is part of the [FreeRTOS 202012.00 LTS](https://github.com/FreeRTOS/FreeRTOS-LTS/tree/202012.00-LTS) release.** +**[API Documentation Pages for current and previous releases of this library can be found here](https://freertos.github.io/corePKCS11/)** + +[PKCS #11](https://en.wikipedia.org/wiki/PKCS_11) is a standardized and widely +used API for manipulating common cryptographic objects. It is important because +the functions it specifies allow application software to use, create, modify, +and delete cryptographic objects, without ever exposing those objects to the +application’s memory. For example, FreeRTOS AWS reference integrations use a +small subset of the PKCS #11 API to, among other things, access the secret +(private) key necessary to create a network connection that is authenticated and +secured by the +[Transport Layer Security (TLS)](https://en.wikipedia.org/wiki/Transport_Layer_Security) +protocol – without the application ever ‘seeing’ the key. + +The Cryptoki or PKCS #11 standard defines a platform-independent API to manage +and use cryptographic tokens. The name, "PKCS #11", is used interchangeably to +refer to the API itself and the standard which defines it. + +This repository contains a software based mock implementation of the PKCS #11 +interface (API) that uses the cryptographic functionality provided by Mbed TLS. +Using a software mock enables rapid development and flexibility, but it is +expected that the mock be replaced by an implementation specific to your chosen +secure key storage in production devices. + +Only a subset of the PKCS #11 standard is implemented, with a focus on +operations involving asymmetric keys, random number generation, and hashing. + +The targeted use cases include certificate and key management for TLS +authentication and code-sign signature verification, on small embedded devices. + +corePKCS11 is implemented on PKCS #11 v2.4.0, the full PKCS #11 standard can be +found on the +[oasis website](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html). + +This library has gone through code quality checks including verification that no +function has a +[GNU Complexity](https://www.gnu.org/software/complexity/manual/complexity.html) +score over 8, and checks against deviations from mandatory rules in the +[MISRA coding standard](https://www.misra.org.uk). Deviations from the MISRA +C:2012 guidelines are documented under [MISRA Deviations](MISRA.md). This +library has also undergone both static code analysis from +[Coverity static analysis](https://scan.coverity.com/) and validation of memory +safety through the +[CBMC automated reasoning tool](https://www.cprover.org/cbmc/). + +See memory requirements for this library +[here](./docs/doxygen/include/size_table.md). + +**corePKCS11 v3.5.0 +[source code](https://github.com/FreeRTOS/corePKCS11/tree/v3.5.0/source) is part +of the +[FreeRTOS 202210.00 LTS](https://github.com/FreeRTOS/FreeRTOS-LTS/tree/202210.00-LTS) +release.** + +**corePKCS11 v3.0.0 +[source code](https://github.com/FreeRTOS/corePKCS11/tree/v3.0.0/source) is part +of the +[FreeRTOS 202012.00 LTS](https://github.com/FreeRTOS/FreeRTOS-LTS/tree/202012.00-LTS) +release.** # Purpose -Generally vendors for secure cryptoprocessors such as Trusted Platform Module ([TPM](https://en.wikipedia.org/wiki/Trusted_Platform_Module)), Hardware Security Module ([HSM](https://en.wikipedia.org/wiki/Hardware_security_module)), Secure Element, or any other type of secure hardware enclave, distribute a PKCS #11 implementation with the hardware. -The purpose of the corePKCS11 software only mock library is therefore to provide a non hardware specific PKCS #11 implementation that allows for rapid prototyping and development before switching to a cryptoprocessor specific PKCS #11 implementation in production devices. - -Since the PKCS #11 interface is defined as part of the PKCS #11 [specification](https://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html) replacing this library with another implementation should require little porting effort, as the interface will not change. The system tests distributed in this repository can be leveraged to verify the behavior of a different implementation is similar to corePKCS11. +Generally vendors for secure cryptoprocessors such as Trusted Platform Module +([TPM](https://en.wikipedia.org/wiki/Trusted_Platform_Module)), Hardware +Security Module ([HSM](https://en.wikipedia.org/wiki/Hardware_security_module)), +Secure Element, or any other type of secure hardware enclave, distribute a PKCS +#11 implementation with the hardware. The purpose of the corePKCS11 software +only mock library is therefore to provide a non hardware specific PKCS #11 +implementation that allows for rapid prototyping and development before +switching to a cryptoprocessor specific PKCS #11 implementation in production +devices. + +Since the PKCS #11 interface is defined as part of the PKCS #11 +[specification](https://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html) +replacing this library with another implementation should require little porting +effort, as the interface will not change. The system tests distributed in this +repository can be leveraged to verify the behavior of a different implementation +is similar to corePKCS11. ## corePKCS11 Configuration -The corePKCS11 library exposes preprocessor macros which must be defined prior to building the library. -A list of all the configurations and their default values are defined in the doxygen documentation for this library. +The corePKCS11 library exposes preprocessor macros which must be defined prior +to building the library. A list of all the configurations and their default +values are defined in the doxygen documentation for this library. ## Build Prerequisites + ### Library Usage + For building the library the following are required: + - **A C99 compiler** -- **mbedcrypto** library from [mbedtls](https://github.com/ARMmbed/mbedtls) version 2.x or 3.x. -- **pkcs11 API header(s)** available from [OASIS](https://github.com/oasis-tcs/pkcs11) or [OpenSC](https://github.com/OpenSC/libp11/blob/master/src/pkcs11.h) +- **mbedcrypto** library from [mbedtls](https://github.com/ARMmbed/mbedtls) + version 2.x or 3.x. +- **pkcs11 API header(s)** available from + [OASIS](https://github.com/oasis-tcs/pkcs11) or + [OpenSC](https://github.com/OpenSC/libp11/blob/master/src/pkcs11.h) -Optionally, variables from the pkcsFilePaths.cmake file may be referenced if your project uses cmake. +Optionally, variables from the pkcsFilePaths.cmake file may be referenced if +your project uses cmake. ### Integration and Unit Tests -In order to run the integration and unit test suites the following are dependencies are necessary: + +In order to run the integration and unit test suites the following are +dependencies are necessary: + - **C Compiler** - **CMake 3.13.0 or later** - **Ruby 2.0.0 or later** required by CMock. @@ -51,14 +112,19 @@ In order to run the integration and unit test suites the following are dependenc - **git** required for fetching dependencies. - **GNU Make** or **Ninja** -The *mbedtls*, *CMock*, and *Unity* libraries are downloaded and built automatically using the cmake FetchContent feature. +The _mbedtls_, _CMock_, and _Unity_ libraries are downloaded and built +automatically using the cmake FetchContent feature. ### Coverage Measurement and Instrumentation + The following software is required to run the coverage target: + - Linux, MacOS, or another POSIX-like environment. -- A recent version of **GCC** or **Clang** with support for gcov-like coverage instrumentation. +- A recent version of **GCC** or **Clang** with support for gcov-like coverage + instrumentation. - **gcov** binary corresponding to your chosen compiler -- **lcov** from the [Linux Test Project](https://github.com/linux-test-project/lcov) +- **lcov** from the + [Linux Test Project](https://github.com/linux-test-project/lcov) - **perl** needed to run the lcov utility. Coverage builds are validated on recent versions of Ubuntu Linux. @@ -68,55 +134,80 @@ Coverage builds are validated on recent versions of Ubuntu Linux. 1. Navigate to the root directory of this repository in your shell. 1. Run **cmake** to construct a build tree: `cmake -S test -B build` - - You may specify your preferred build tool by appending `-G'Unix Makefiles'` or `-GNinja` to the command above. - - You may append `-DUNIT_TESTS=0` or `-DSYSTEM_TESTS=0` to disable Unit Tests or Integration Tests respectively. + + - You may specify your preferred build tool by appending `-G'Unix Makefiles'` + or `-GNinja` to the command above. + - You may append `-DUNIT_TESTS=0` or `-DSYSTEM_TESTS=0` to disable Unit Tests + or Integration Tests respectively. 1. Build the test binaries: `cmake --build ./build --target all` -1. Run `ctest --test-dir ./build` or `cmake --build ./build --target test` to run the tests without capturing coverage. +1. Run `ctest --test-dir ./build` or `cmake --build ./build --target test` to + run the tests without capturing coverage. -1. Run `cmake --build ./build --target coverage` to run the tests and capture coverage data. +1. Run `cmake --build ./build --target coverage` to run the tests and capture + coverage data. ## CBMC -To learn more about CBMC and proofs specifically, review the training material [here](https://model-checking.github.io/cbmc-training). +To learn more about CBMC and proofs specifically, review the training material +[here](https://model-checking.github.io/cbmc-training). The `test/cbmc/proofs` directory contains CBMC proofs. -In order to run these proofs you will need to install CBMC and other tools by following the instructions [here](https://model-checking.github.io/cbmc-training/installation.html). +In order to run these proofs you will need to install CBMC and other tools by +following the instructions +[here](https://model-checking.github.io/cbmc-training/installation.html). ## Reference examples -The FreeRTOS-Labs repository contains demos using the PKCS #11 library [here](https://github.com/FreeRTOS/FreeRTOS-Labs/tree/master/FreeRTOS-Plus/Demo/FreeRTOS_Plus_PKCS11_Windows_Simulator/examples) using FreeRTOS on the Windows simulator platform. These can be used as reference examples for the library API. +The FreeRTOS-Labs repository contains demos using the PKCS #11 library +[here](https://github.com/FreeRTOS/FreeRTOS-Labs/tree/master/FreeRTOS-Plus/Demo/FreeRTOS_Plus_PKCS11_Windows_Simulator/examples) +using FreeRTOS on the Windows simulator platform. These can be used as reference +examples for the library API. ## Porting Guide -Documentation for porting corePKCS11 to a new platform can be found on the AWS [docs](https://docs.aws.amazon.com/freertos/latest/portingguide/afr-porting-pkcs.html) web page. -corePKCS11 is not meant to be ported to projects that have a TPM, HSM, or other hardware for offloading crypto-processing. This library is specifically meant to be used for development and prototyping. +Documentation for porting corePKCS11 to a new platform can be found on the AWS +[docs](https://docs.aws.amazon.com/freertos/latest/portingguide/afr-porting-pkcs.html) +web page. +corePKCS11 is not meant to be ported to projects that have a TPM, HSM, or other +hardware for offloading crypto-processing. This library is specifically meant to +be used for development and prototyping. ## Related Example Implementations -These projects implement the PKCS #11 interface on real hardware and have similar behavior to corePKCS11. It is preferred to use these, over corePKCS11, as they allow for offloading Cryptography to separate hardware. -* ARM's [Platform Security Architecture](https://github.com/Linaro/freertos-pkcs11-psa). -* Microchip's [cryptoauthlib](https://github.com/MicrochipTech/cryptoauthlib). -* Infineon's [Optiga Trust X](https://github.com/aws/amazon-freertos/blob/main/vendors/infineon/secure_elements/pkcs11/iot_pkcs11_trustx.c). +These projects implement the PKCS #11 interface on real hardware and have +similar behavior to corePKCS11. It is preferred to use these, over corePKCS11, +as they allow for offloading Cryptography to separate hardware. + +- ARM's + [Platform Security Architecture](https://github.com/Linaro/freertos-pkcs11-psa). +- Microchip's [cryptoauthlib](https://github.com/MicrochipTech/cryptoauthlib). +- Infineon's + [Optiga Trust X](https://github.com/aws/amazon-freertos/blob/main/vendors/infineon/secure_elements/pkcs11/iot_pkcs11_trustx.c). ## Documentation ### Existing Documentation -For pre-generated documentation, please see the documentation linked in the locations below: -| Location | -| :-: | +For pre-generated documentation, please see the documentation linked in the +locations below: + +| Location | +| :------------------------------------------------------------------------------------------------------------------: | | [AWS IoT Device SDK for Embedded C](https://github.com/aws/aws-iot-device-sdk-embedded-C#releases-and-documentation) | -| [FreeRTOS.org](https://freertos.org/Documentation/api-ref/corePKCS11/docs/doxygen/output/html/index.html) | +| [FreeRTOS.org](https://freertos.org/Documentation/api-ref/corePKCS11/docs/doxygen/output/html/index.html) | -Note that the latest included version of corePKCS11 may differ across repositories. +Note that the latest included version of corePKCS11 may differ across +repositories. ### Generating Documentation + The Doxygen references were created using Doxygen version 1.9.2. To generate the -Doxygen pages, please run the following command from the root of this repository: +Doxygen pages, please run the following command from the root of this +repository: ```shell doxygen docs/doxygen/config.doxyfile @@ -124,9 +215,9 @@ doxygen docs/doxygen/config.doxyfile ## Security -See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information. +See [CONTRIBUTING](.github/CONTRIBUTING.md#security-issue-notifications) for more +information. ## License This library is licensed under the MIT-0 License. See the LICENSE file. - diff --git a/cspell.config.yaml b/cspell.config.yaml new file mode 100644 index 00000000..911ce1d8 --- /dev/null +++ b/cspell.config.yaml @@ -0,0 +1,31 @@ +--- +$schema: https://raw.githubusercontent.com/streetsidesoftware/cspell/main/cspell.schema.json +version: '0.2' +# Allows things like stringLength +allowCompoundWords: true + +# Read files not to spell check from the git ignore +useGitignore: true + +# Language settings for C +languageSettings: + - caseSensitive: false + enabled: true + languageId: c + locale: "*" + +# Add a dictionary, and the path to the word list +dictionaryDefinitions: + - name: freertos-words + path: '.github/.cSpellWords.txt' + addWords: true + +dictionaries: + - freertos-words + +# Paths and files to ignore +ignorePaths: + - 'dependency' + - 'docs' + - 'ThirdParty' + - 'History.txt' diff --git a/lexicon.txt b/lexicon.txt deleted file mode 100644 index dd63cc57..00000000 --- a/lexicon.txt +++ /dev/null @@ -1,378 +0,0 @@ -aes -alg -algorithmidentifier -algorithmidentifiersequence -alt -ans -api -app -armmbed -asn -aws -bbool -br -bytehashedmessage -bytehashoidbuffer -cancelfunction -cert -ck -cka -ckc -ckf -ckk -ckm -cko -ckr -closeallsessions -closesession -cmac -codesignkey -colspan -com -config -configlabel -configmax -configpal -configsuppress -copydoc -copyobject -coverity -createmutex -createmutexw -createobject -crt -crypto -cryptoki -ctr -dat -datatypes -decryptdigestupdate -decryptfinal -decryptinit -decryptupdate -decryptverifyupdate -defgroup -der -derivekey -destroyobject -digestalgorithm -digestalgorithmidentifier -digestencryptupdate -digestfinal -digestinfo -digestinit -digestkey -digestupdate -doxygen -drbg -eawsclaimcertificate -eawsclaimprivatekey -eawscmacsecretkey -eawscodesigningkey -eawsdevicecertificate -eawsdeviceprivatekey -eawsdevicepublickey -eawshmacsecretkey -ec -ecdsa -einvalidhandle -encryptfinal -encryptinit -encryptupdate -enddot -endif -enums -exportable -fillcolor -findobject -findobjects -findobjectsfinal -findobjectsinit -fontname -fontsize -fopen -freertos -gcc -gen -generatekey -generatekeypair -getattributevalue -getfunctionlist -getfunctionstatus -getinfo -getmechanisminfo -getmechanismlist -getobjectsize -getobjectvalue -getobjectvaluecleanup -getoperationstate -getsessioninfo -getslotinfo -getslotlist -gettokeninfo -github -helvetica -hkey -hmac -hobject -href -hsession -hsm -html -http -https -iattrib -ietf -ifdef -ifndef -inc -ingroup -init -initpin -inittoken -int -iot -iso -jitp -jitr -keil -keypair -len -linux -logdebug -logerror -loginfo -logwarn -lookedup -mainpage -malloc -mbed -mbedtls -md -mdash -memcpy -memset -microcontroller -misra -mit -mutex -mutext -noninfringement -num -nvm -ny -objectlist -oid -ok -onboard -opensession -org -os -ota -palfile -papplication -param -params -pcfilename -pclabel -pclabelname -pdata -pdfalse -pdigest -pdtrue -phandle -phobject -phprivatekey -phpublickey -phsession -pinfo -pinitargs -pisprivate -pisprivatekey -pk -pkcs -pki -pkimbedtlssignaturetopkcs -pkipkcs -pmechanism -png -posix -ppart -ppclabel -ppfunctionlist -pprivatekeytemplate -ppublickeytemplate -ppucdata -ppxlabel -ppxslotid -pre -priv -prvcheckvalidsessionandmodule -prvfindobjectinlistbyhandle -prvgetexistingkeycomponent -prvmbedtls -psignature -pslotlist -ptemplate -puc -pucdata -puckeydata -pucsig -pucsignature -pucsigptr -pulattributemap -pulcount -puldatasize -puldigestlen -pulobjectcount -pulsignaturelen -pvalue -pxapphandle -pxattribute -pxfindobjectlabel -pxfunctionlist -pxhandle -pxkeytype -pxlabel -pxlabellength -pxmbedcontext -pxmbedsignature -pxmechanism -pxnextlength -pxobject -pxpalhandle -pxrsactx -pxsession -pxsiglen -pxsignaturepkcs -pxslotcount -pxslotlist -pxtemplate -queryable -randomdata -rcvt -rfc -rm -rng -rowspan -rsa -sa -saveobject -sdk -searchable -seedrandom -semaphorehandle -setattributevalue -setoperationstate -setpin -sha -sig -signaturetombedtlssignature -signencryptupdate -signfinal -signinit -signrecover -signrecoverinit -signupdate -sizeof -slotid -spdx -staticsemaphore -stdint -stdlib -struct -sublicense -synchapi -td -tls -tokenpresent -toolchain -tr -ucsigcomponentlength -uctemp -uint -ul -ulcount -uldatalen -uldatasize -ulindex -ulkeydatalength -ullabelnamelen -ulmaxobjectcount -ulobjectlength -ulong -ulpartlen -ulprivatekeyattributecount -ulpublickeyattributecount -ulrandomlen -ulsignaturelen -ulstate -ulvaluelen -undef -undefine -unhashed -unwrapkey -uslength -utils -vappendsha -verifyfinal -verifyinit -verifyrecover -verifyrecoverinit -verifyupdate -waitforslotevent -wether -winsim -wrapkey -wtscrttv -www -xapphandle -xbyte -xcertificatetype -xclass -xcmackeyhandle -xcmackeyhandle -xcmacsecretcontext -xcmacsecretcontext -xfindobjectlabellen -xfindobjectwithlabelandclass -xgetslotlist -xhandle -xhmackeyhandle -xhmacsecretcontext -xinitializepkcs -xisinitialized -xisprivate -xkeytype -xlabel -xlabellength -xlabelsize -xmbeddrbgctx -xmbedentropycontext -xmutex -xmutexbuffer -xobjectclass -xobjectlist -xobjects -xopened -xoperationdigestmechanism -xoperationsignmechanism -xoperationverifymechanism -xp -xpalhandle -xresult -xsession -xsessionmutex -xsessionmutexbuffer -xsha -xsignkey -xsignkeyhandle -xsignmutex -xsize -xslotid -xsubject -xtokenobject -xvalue -xverifykey -xverifykeyhandle -xverifymutex diff --git a/manifest.yml b/manifest.yml index c5bf1e79..633b3c5d 100644 --- a/manifest.yml +++ b/manifest.yml @@ -1,17 +1,10 @@ -name : "corePKCS11" +name: "corePKCS11" version: "v3.5.0" description: "Software implementation of the PKCS #11 standard." license: "MIT" -dependencies: - - name : "mbedtls" - version: "v2.28.0" - license: "Apache-2.0" - repository: - type: "git" - url: "https://github.com/ARMmbed/mbedtls.git" - path: "source/dependency/3rdparty/mbedtls" - - name : "pkcs11" +dependencies: + - name: "pkcs11" version: "v2.40_errata01" license: "OASIS-IPR" repository: diff --git a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c index 828474ca..23a1dafb 100644 --- a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c +++ b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c @@ -44,7 +44,7 @@ * * \param pucInput[in] Pointer to PEM object * \param xLen[in] Length of PEM object - * \param pucOutput[out] Pointer to buffer where DER oboject will be placed + * \param pucOutput[out] Pointer to buffer where DER object will be placed * \param pxOlen[in/out] Pointer to length of DER buffer. This value is updated * to contain the actual length of the converted DER object. * diff --git a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h index b6030a94..2566b67a 100644 --- a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h +++ b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h @@ -48,7 +48,7 @@ * * @param pucInput[in] Pointer to PEM object * @param xLen[in] Length of PEM object - * @param pucOutput[out] Pointer to buffer where DER oboject will be placed + * @param pucOutput[out] Pointer to buffer where DER object will be placed * @param pxOlen[in/out] Pointer to length of DER buffer. This value is updated * to contain the actual length of the converted DER object. * diff --git a/source/portable/mbedtls/core_pkcs11_mbedtls.c b/source/portable/mbedtls/core_pkcs11_mbedtls.c index 31354fc1..a18f5411 100644 --- a/source/portable/mbedtls/core_pkcs11_mbedtls.c +++ b/source/portable/mbedtls/core_pkcs11_mbedtls.c @@ -1103,7 +1103,7 @@ static void prvFindObjectInListByLabel( const CK_BYTE * pcLabel, /** * @brief Looks up a PKCS #11 object's label and PAL handle given an application handle. * - * @param[in] xAppHandle The handle of the object being lookedup for, used by the application. + * @param[in] xAppHandle The handle of the object being looked up for, used by the application. * @param[out] pxPalHandle Pointer to the handle corresponding to xPalHandle being used by the PAL. * @param[out] ppcLabel Pointer to an array containing label. NULL if object not found. * @param[out] pxLabelLength Pointer to label length (includes a string null terminator). @@ -1739,8 +1739,8 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetMechanismInfo )( CK_SLOT_ID slotID, { CKM_RSA_PKCS, { 2048, 2048, CKF_SIGN } }, { CKM_RSA_X_509, { 2048, 2048, CKF_VERIFY } }, #ifndef pkcs11configSUPPRESS_ECDSA_MECHANISM - { CKM_ECDSA, { 256, 256, CKF_SIGN | CKF_VERIFY } }, - { CKM_EC_KEY_PAIR_GEN, { 256, 256, CKF_GENERATE_KEY_PAIR } }, + { CKM_ECDSA, { 256, 256, CKF_SIGN | CKF_VERIFY } }, + { CKM_EC_KEY_PAIR_GEN, { 256, 256, CKF_GENERATE_KEY_PAIR } }, #endif { CKM_SHA256, { 0, 0, CKF_DIGEST } } }; @@ -4956,9 +4956,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE hSession, /* If using SHA512 a larger buffer is needed for the call to mbedtls_md_hmac_finish */ #if defined( MBEDTLS_SHA512_C ) - CK_BYTE pxHMACBuffer[ pkcs11SHA256_DIGEST_LENGTH * 2 ] = { 0 }; + CK_BYTE pxHMACBuffer[ pkcs11SHA256_DIGEST_LENGTH * 2 ] = { 0 }; #else - CK_BYTE pxHMACBuffer[ pkcs11SHA256_DIGEST_LENGTH ] = { 0 }; + CK_BYTE pxHMACBuffer[ pkcs11SHA256_DIGEST_LENGTH ] = { 0 }; #endif CK_BYTE pxCMACBuffer[ MBEDTLS_AES_BLOCK_SIZE ] = { 0 }; diff --git a/test/cbmc/include/core_pkcs11_config.h b/test/cbmc/include/core_pkcs11_config.h index aae439cf..9ae8dc2a 100644 --- a/test/cbmc/include/core_pkcs11_config.h +++ b/test/cbmc/include/core_pkcs11_config.h @@ -24,7 +24,7 @@ /** * @file aws_pkcs11_config.h - * @brief PCKS#11 config options. + * @brief PKCS#11 config options. */ diff --git a/test/cbmc/include/mbedtls_config.h b/test/cbmc/include/mbedtls_config.h index 83be817e..11100f89 100644 --- a/test/cbmc/include/mbedtls_config.h +++ b/test/cbmc/include/mbedtls_config.h @@ -167,7 +167,7 @@ * * System has time.h, time(), and an implementation for * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necesarily very accurate, but at least + * The time needs to be correct (not necessarily very accurate, but at least * the date should be correct). This is used to verify the validity period of * X.509 certificates. * @@ -1316,7 +1316,7 @@ * Enable an implementation of SHA-256 that has lower ROM footprint but also * lower performance. * - * The default implementation is meant to be a reasonnable compromise between + * The default implementation is meant to be a reasonable compromise between * performance and size. This version optimizes more aggressively for size at * the expense of performance. Eg on Cortex-M4 it reduces the size of * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about @@ -1390,7 +1390,7 @@ * Enable support for Extended Master Secret, aka Session Hash * (draft-ietf-tls-session-hash-02). * - * This was introduced as "the proper fix" to the Triple Handshake familiy of + * This was introduced as "the proper fix" to the Triple Handshake family of * attacks, but it is recommended to always use it (even if you disable * renegotiation), since it actually fixes a more fundamental issue in the * original SSL/TLS design, and has implications beyond Triple Handshake. @@ -1931,7 +1931,7 @@ * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on + * security risk. If possible, we recommend avoiding dependencies on * it, and considering stronger ciphers instead. * */ @@ -2413,7 +2413,7 @@ * * Requires: MBEDTLS_MD_C * - * Uncomment to enable the HMAC_DRBG random number geerator. + * Uncomment to enable the HMAC_DRBG random number generator. */ /*#define MBEDTLS_HMAC_DRBG_C */ @@ -2607,7 +2607,7 @@ /** * \def MBEDTLS_PK_C * - * Enable the generic public (asymetric) key layer. + * Enable the generic public (asymmetric) key layer. * * Module: library/pk.c * Caller: library/ssl_tls.c @@ -2623,7 +2623,7 @@ /** * \def MBEDTLS_PK_PARSE_C * - * Enable the generic public (asymetric) key parser. + * Enable the generic public (asymmetric) key parser. * * Module: library/pkparse.c * Caller: library/x509_crt.c @@ -2638,7 +2638,7 @@ /** * \def MBEDTLS_PK_WRITE_C * - * Enable the generic public (asymetric) key writer. + * Enable the generic public (asymmetric) key writer. * * Module: library/pkwrite.c * Caller: library/x509write.c @@ -3106,7 +3106,7 @@ /*#define MBEDTLS_PLATFORM_STD_TIME time / **< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled * / */ /*#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf / **< Default fprintf to use, can be undefined * / */ /*#define MBEDTLS_PLATFORM_STD_PRINTF printf / **< Default printf to use, can be undefined * / */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ /*#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf / **< Default snprintf to use, can be undefined * / */ /*#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 / **< Default exit value to use, can be undefined * / */ /*#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 / **< Default exit value to use, can be undefined * / */ @@ -3123,7 +3123,7 @@ /*#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t / **< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled * / */ /*#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf / **< Default fprintf macro to use, can be undefined * / */ /*#define MBEDTLS_PLATFORM_PRINTF_MACRO printf / **< Default printf macro to use, can be undefined * / */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ +/* Note: your snprintf must correctly zero-terminate the buffer! */ /*#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf / **< Default snprintf macro to use, can be undefined * / */ /*#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read / **< Default nv_seed_read function to use, can be undefined * / */ /*#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write / **< Default nv_seed_write function to use, can be undefined * / */ @@ -3348,7 +3348,7 @@ */ /*#define MBEDTLS_PLATFORM_GMTIME_R_ALT */ -/* \} name SECTION: Customisation configuration options */ +/* \} name SECTION: Customization configuration options */ /* Target and application specific configurations * diff --git a/test/cbmc/proofs/C_CloseSession/README.md b/test/cbmc/proofs/C_CloseSession/README.md index 5cc5abfa..f2b4deff 100644 --- a/test/cbmc/proofs/C_CloseSession/README.md +++ b/test/cbmc/proofs/C_CloseSession/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_CreateObject/README.md b/test/cbmc/proofs/C_CreateObject/README.md index eaa84167..c2dcf3df 100644 --- a/test/cbmc/proofs/C_CreateObject/README.md +++ b/test/cbmc/proofs/C_CreateObject/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_DestroyObject/README.md b/test/cbmc/proofs/C_DestroyObject/README.md index 4d365cac..cfe4434a 100644 --- a/test/cbmc/proofs/C_DestroyObject/README.md +++ b/test/cbmc/proofs/C_DestroyObject/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_DigestFinal/README.md b/test/cbmc/proofs/C_DigestFinal/README.md index 2701d283..910dd21c 100644 --- a/test/cbmc/proofs/C_DigestFinal/README.md +++ b/test/cbmc/proofs/C_DigestFinal/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_DigestInit/README.md b/test/cbmc/proofs/C_DigestInit/README.md index 0c719e9f..db6b208c 100644 --- a/test/cbmc/proofs/C_DigestInit/README.md +++ b/test/cbmc/proofs/C_DigestInit/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_DigestUpdate/README.md b/test/cbmc/proofs/C_DigestUpdate/README.md index dd40df5a..99675bb5 100644 --- a/test/cbmc/proofs/C_DigestUpdate/README.md +++ b/test/cbmc/proofs/C_DigestUpdate/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_Finalize/README.md b/test/cbmc/proofs/C_Finalize/README.md index 22c29154..343a7d38 100644 --- a/test/cbmc/proofs/C_Finalize/README.md +++ b/test/cbmc/proofs/C_Finalize/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_FindObjects/README.md b/test/cbmc/proofs/C_FindObjects/README.md index 226fadc7..ba07ebee 100644 --- a/test/cbmc/proofs/C_FindObjects/README.md +++ b/test/cbmc/proofs/C_FindObjects/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_FindObjectsFinal/README.md b/test/cbmc/proofs/C_FindObjectsFinal/README.md index 0e152ee2..5c5382c3 100644 --- a/test/cbmc/proofs/C_FindObjectsFinal/README.md +++ b/test/cbmc/proofs/C_FindObjectsFinal/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_FindObjectsInit/README.md b/test/cbmc/proofs/C_FindObjectsInit/README.md index 76646a61..97b8925d 100644 --- a/test/cbmc/proofs/C_FindObjectsInit/README.md +++ b/test/cbmc/proofs/C_FindObjectsInit/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_GenerateKeyPair/README.md b/test/cbmc/proofs/C_GenerateKeyPair/README.md index cbd172cb..127eeba0 100644 --- a/test/cbmc/proofs/C_GenerateKeyPair/README.md +++ b/test/cbmc/proofs/C_GenerateKeyPair/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_GenerateRandom/README.md b/test/cbmc/proofs/C_GenerateRandom/README.md index 23b74f80..3655e02d 100644 --- a/test/cbmc/proofs/C_GenerateRandom/README.md +++ b/test/cbmc/proofs/C_GenerateRandom/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_GetAttributeValue/README.md b/test/cbmc/proofs/C_GetAttributeValue/README.md index ae59be6e..35eb8539 100644 --- a/test/cbmc/proofs/C_GetAttributeValue/README.md +++ b/test/cbmc/proofs/C_GetAttributeValue/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_GetFunctionList/README.md b/test/cbmc/proofs/C_GetFunctionList/README.md index 4c6051b2..0d395562 100644 --- a/test/cbmc/proofs/C_GetFunctionList/README.md +++ b/test/cbmc/proofs/C_GetFunctionList/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_GetMechanismInfo/README.md b/test/cbmc/proofs/C_GetMechanismInfo/README.md index 9101354a..1b78f8c9 100644 --- a/test/cbmc/proofs/C_GetMechanismInfo/README.md +++ b/test/cbmc/proofs/C_GetMechanismInfo/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_GetSlotList/README.md b/test/cbmc/proofs/C_GetSlotList/README.md index 0dd18a1b..40530d60 100644 --- a/test/cbmc/proofs/C_GetSlotList/README.md +++ b/test/cbmc/proofs/C_GetSlotList/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_Initialize/README.md b/test/cbmc/proofs/C_Initialize/README.md index db4fd6c6..bf41c8c0 100644 --- a/test/cbmc/proofs/C_Initialize/README.md +++ b/test/cbmc/proofs/C_Initialize/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_OpenSession/README.md b/test/cbmc/proofs/C_OpenSession/README.md index e4146758..20062c14 100644 --- a/test/cbmc/proofs/C_OpenSession/README.md +++ b/test/cbmc/proofs/C_OpenSession/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_Sign/README.md b/test/cbmc/proofs/C_Sign/README.md index dc056492..15ced23c 100644 --- a/test/cbmc/proofs/C_Sign/README.md +++ b/test/cbmc/proofs/C_Sign/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_SignInit/README.md b/test/cbmc/proofs/C_SignInit/README.md index 7d85f80d..77c70c75 100644 --- a/test/cbmc/proofs/C_SignInit/README.md +++ b/test/cbmc/proofs/C_SignInit/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_Verify/README.md b/test/cbmc/proofs/C_Verify/README.md index a2928366..6d97863d 100644 --- a/test/cbmc/proofs/C_Verify/README.md +++ b/test/cbmc/proofs/C_Verify/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/C_VerifyInit/README.md b/test/cbmc/proofs/C_VerifyInit/README.md index 938e9adc..cb2f882e 100644 --- a/test/cbmc/proofs/C_VerifyInit/README.md +++ b/test/cbmc/proofs/C_VerifyInit/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/README.md b/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/README.md index 645cef41..0917fafc 100644 --- a/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/README.md +++ b/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/README.md b/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/README.md index 813689a4..e0681876 100644 --- a/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/README.md +++ b/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/README.md b/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/README.md index 9b361d75..6a9735ba 100644 --- a/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/README.md +++ b/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/xFindObjectWithLabelAndClass/README.md b/test/cbmc/proofs/xFindObjectWithLabelAndClass/README.md index 63a675eb..2fe33fa2 100644 --- a/test/cbmc/proofs/xFindObjectWithLabelAndClass/README.md +++ b/test/cbmc/proofs/xFindObjectWithLabelAndClass/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/xGetSlotList/README.md b/test/cbmc/proofs/xGetSlotList/README.md index 7bff0d47..ad2f74ec 100644 --- a/test/cbmc/proofs/xGetSlotList/README.md +++ b/test/cbmc/proofs/xGetSlotList/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/xInitializePKCS11/README.md b/test/cbmc/proofs/xInitializePKCS11/README.md index 7a4d900d..27463ee9 100644 --- a/test/cbmc/proofs/xInitializePKCS11/README.md +++ b/test/cbmc/proofs/xInitializePKCS11/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/xInitializePkcs11Session/README.md b/test/cbmc/proofs/xInitializePkcs11Session/README.md index e364b1c9..b53bcfaf 100644 --- a/test/cbmc/proofs/xInitializePkcs11Session/README.md +++ b/test/cbmc/proofs/xInitializePkcs11Session/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/cbmc/proofs/xInitializePkcs11Token/README.md b/test/cbmc/proofs/xInitializePkcs11Token/README.md index 97c6446c..96b8c20c 100644 --- a/test/cbmc/proofs/xInitializePkcs11Token/README.md +++ b/test/cbmc/proofs/xInitializePkcs11Token/README.md @@ -11,7 +11,7 @@ To run the proof. * Run `make`. * Open html/index.html in a web browser. -To use [`arpa`](https://github.com/awslabs/aws-proof-build-assistant) to simplify writing Makefiles. +To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. ------------- * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. diff --git a/test/include/core_pkcs11_config.h b/test/include/core_pkcs11_config.h index aeadfb81..a93b14c3 100644 --- a/test/include/core_pkcs11_config.h +++ b/test/include/core_pkcs11_config.h @@ -24,7 +24,7 @@ /** * @file aws_pkcs11_config.h - * @brief PCKS#11 config options. + * @brief PKCS#11 config options. */ diff --git a/test/mbedtls_integration/core_pkcs11_config.h b/test/mbedtls_integration/core_pkcs11_config.h index a4faf15a..286209d2 100644 --- a/test/mbedtls_integration/core_pkcs11_config.h +++ b/test/mbedtls_integration/core_pkcs11_config.h @@ -24,7 +24,7 @@ /** * @file core_pkcs11_config.h - * @brief PCKS#11 config options. + * @brief PKCS#11 config options. */ diff --git a/test/mbedtls_integration/mbedtls_integration_test.c b/test/mbedtls_integration/mbedtls_integration_test.c index 80e7f1cb..68900d6b 100644 --- a/test/mbedtls_integration/mbedtls_integration_test.c +++ b/test/mbedtls_integration/mbedtls_integration_test.c @@ -182,7 +182,7 @@ static int lWrapPkParseKey( mbedtls_pk_context * pxMbedContext, * * @param pcInput[in] Pointer to PEM object * @param xLen[in] Length of PEM object - * @param pucOutput[out] Pointer to buffer where DER oboject will be placed + * @param pucOutput[out] Pointer to buffer where DER object will be placed * @param pxOlen[in/out] Pointer to length of DER buffer. This value is updated * to contain the actual length of the converted DER object. * diff --git a/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c b/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c index 234a6c46..55a5305a 100644 --- a/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c +++ b/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c @@ -2194,7 +2194,7 @@ void test_pkcs11_C_CreateObjectCertificateTooLongLabel( void ) CK_BBOOL xTokenStorage = CK_TRUE; CK_BYTE xSubject[] = "TestSubject"; CK_BYTE xCert[] = "Empty Cert"; - char * pucLabel = "TestTemporyaryCertificate123456789ABEF"; + char * pucLabel = "TestTemporaryCertificate123456789ABEF"; PKCS11_CertificateTemplate_t xCertificateTemplate = CERT_INITIALIZER; diff --git a/tools/uncrustify.cfg b/tools/uncrustify.cfg deleted file mode 100644 index 0cb7d3fb..00000000 --- a/tools/uncrustify.cfg +++ /dev/null @@ -1,160 +0,0 @@ -# Uncrustify-0.67 -input_tab_size = 4 # unsigned number -output_tab_size = 4 # unsigned number -sp_arith = force # ignore/add/remove/force -sp_assign = force # ignore/add/remove/force -sp_assign_default = force # ignore/add/remove/force -sp_before_assign = force # ignore/add/remove/force -sp_after_assign = force # ignore/add/remove/force -sp_enum_assign = force # ignore/add/remove/force -sp_enum_before_assign = force # ignore/add/remove/force -sp_enum_after_assign = force # ignore/add/remove/force -sp_pp_stringify = add # ignore/add/remove/force -sp_bool = force # ignore/add/remove/force -sp_compare = force # ignore/add/remove/force -sp_inside_paren = force # ignore/add/remove/force -sp_paren_paren = force # ignore/add/remove/force -sp_paren_brace = force # ignore/add/remove/force -sp_before_ptr_star = force # ignore/add/remove/force -sp_before_unnamed_ptr_star = force # ignore/add/remove/force -sp_between_ptr_star = remove # ignore/add/remove/force -sp_after_ptr_star = force # ignore/add/remove/force -sp_before_byref = force # ignore/add/remove/force -sp_after_byref = remove # ignore/add/remove/force -sp_after_byref_func = remove # ignore/add/remove/force -sp_before_angle = remove # ignore/add/remove/force -sp_inside_angle = remove # ignore/add/remove/force -sp_after_angle = force # ignore/add/remove/force -sp_before_sparen = remove # ignore/add/remove/force -sp_inside_sparen = force # ignore/add/remove/force -sp_after_sparen = force # ignore/add/remove/force -sp_sparen_brace = force # ignore/add/remove/force -sp_before_semi_for = remove # ignore/add/remove/force -sp_before_semi_for_empty = add # ignore/add/remove/force -sp_after_semi_for_empty = force # ignore/add/remove/force -sp_before_square = remove # ignore/add/remove/force -sp_before_squares = remove # ignore/add/remove/force -sp_inside_square = force # ignore/add/remove/force -sp_after_comma = force # ignore/add/remove/force -sp_after_cast = force # ignore/add/remove/force -sp_inside_paren_cast = force # ignore/add/remove/force -sp_sizeof_paren = remove # ignore/add/remove/force -sp_inside_braces_enum = force # ignore/add/remove/force -sp_inside_braces_struct = force # ignore/add/remove/force -sp_inside_braces = force # ignore/add/remove/force -sp_inside_braces_empty = remove # ignore/add/remove/force -sp_type_func = force # ignore/add/remove/force -sp_func_proto_paren = remove # ignore/add/remove/force -sp_func_def_paren = remove # ignore/add/remove/force -sp_inside_fparens = remove # ignore/add/remove/force -sp_inside_fparen = force # ignore/add/remove/force -sp_fparen_brace = add # ignore/add/remove/force -sp_func_call_paren = remove # ignore/add/remove/force -sp_func_class_paren = remove # ignore/add/remove/force -sp_return_paren = remove # ignore/add/remove/force -sp_attribute_paren = remove # ignore/add/remove/force -sp_defined_paren = remove # ignore/add/remove/force -sp_macro = force # ignore/add/remove/force -sp_macro_func = force # ignore/add/remove/force -sp_brace_typedef = force # ignore/add/remove/force -sp_before_dc = remove # ignore/add/remove/force -sp_after_dc = remove # ignore/add/remove/force -sp_cond_colon = force # ignore/add/remove/force -sp_cond_question = force # ignore/add/remove/force -sp_case_label = force # ignore/add/remove/force -sp_endif_cmt = force # ignore/add/remove/force -sp_before_tr_emb_cmt = force # ignore/add/remove/force -sp_num_before_tr_emb_cmt = 1 # unsigned number -indent_columns = 4 # unsigned number -indent_with_tabs = 0 # unsigned number -indent_align_string = true # false/true -indent_class = true # false/true -indent_class_colon = true # false/true -indent_member = 3 # unsigned number -indent_switch_case = 4 # unsigned number -indent_case_brace = 3 # number -nl_assign_leave_one_liners = true # false/true -nl_class_leave_one_liners = true # false/true -nl_start_of_file = remove # ignore/add/remove/force -nl_end_of_file = force # ignore/add/remove/force -nl_end_of_file_min = 1 # unsigned number -nl_assign_brace = add # ignore/add/remove/force -nl_func_var_def_blk = 1 # unsigned number -nl_fcall_brace = add # ignore/add/remove/force -nl_enum_brace = force # ignore/add/remove/force -nl_struct_brace = force # ignore/add/remove/force -nl_union_brace = force # ignore/add/remove/force -nl_if_brace = add # ignore/add/remove/force -nl_brace_else = add # ignore/add/remove/force -nl_else_brace = add # ignore/add/remove/force -nl_getset_brace = force # ignore/add/remove/force -nl_for_brace = add # ignore/add/remove/force -nl_while_brace = add # ignore/add/remove/force -nl_do_brace = add # ignore/add/remove/force -nl_switch_brace = add # ignore/add/remove/force -nl_multi_line_define = true # false/true -nl_before_case = true # false/true -nl_after_case = true # false/true -nl_func_type_name = remove # ignore/add/remove/force -nl_func_proto_type_name = remove # ignore/add/remove/force -nl_func_paren = remove # ignore/add/remove/force -nl_func_def_paren = remove # ignore/add/remove/force -nl_func_decl_start = remove # ignore/add/remove/force -nl_func_def_start = remove # ignore/add/remove/force -nl_func_decl_args = add # ignore/add/remove/force -nl_func_def_args = add # ignore/add/remove/force -nl_func_decl_end = remove # ignore/add/remove/force -nl_func_def_end = remove # ignore/add/remove/force -nl_fdef_brace = add # ignore/add/remove/force -nl_after_semicolon = true # false/true -nl_after_brace_open = true # false/true -nl_after_brace_close = true # false/true -nl_squeeze_ifdef = true # false/true -nl_before_if = force # ignore/add/remove/force -nl_after_if = force # ignore/add/remove/force -nl_before_for = force # ignore/add/remove/force -nl_after_for = force # ignore/add/remove/force -nl_before_while = force # ignore/add/remove/force -nl_after_while = force # ignore/add/remove/force -nl_before_switch = force # ignore/add/remove/force -nl_after_switch = force # ignore/add/remove/force -nl_before_do = force # ignore/add/remove/force -nl_after_do = force # ignore/add/remove/force -nl_max = 4 # unsigned number -nl_after_func_proto_group = 1 # unsigned number -nl_after_func_body_class = 2 # unsigned number -nl_before_block_comment = 2 # unsigned number -eat_blanks_after_open_brace = true # false/true -eat_blanks_before_close_brace = true # false/true -nl_after_return = true # false/true -pos_bool = trail # ignore/join/lead/lead_break/lead_force/trail/trail_break/trail_force -align_var_def_amp_style = 1 # unsigned number -align_var_def_thresh = 16 # unsigned number -align_assign_thresh = 12 # unsigned number -align_struct_init_span = 3 # unsigned number -align_typedef_gap = 3 # unsigned number -align_typedef_span = 5 # unsigned number -align_typedef_star_style = 1 # unsigned number -align_typedef_amp_style = 1 # unsigned number -align_right_cmt_span = 3 # unsigned number -align_nl_cont = true # false/true -align_pp_define_gap = 4 # unsigned number -align_pp_define_span = 3 # unsigned number -cmt_cpp_to_c = true # false/true -cmt_star_cont = true # false/true -mod_full_brace_do = add # ignore/add/remove/force -mod_full_brace_for = add # ignore/add/remove/force -mod_full_brace_if = add # ignore/add/remove/force -mod_full_brace_while = add # ignore/add/remove/force -mod_full_paren_if_bool = true # false/true -mod_remove_extra_semicolon = true # false/true -mod_add_long_ifdef_endif_comment = 10 # unsigned number -mod_add_long_ifdef_else_comment = 10 # unsigned number -mod_case_brace = remove # ignore/add/remove/force -mod_remove_empty_return = true # false/true -pp_indent = force # ignore/add/remove/force -pp_indent_at_level = true # false/true -pp_indent_count = 4 # unsigned number -pp_space = remove # ignore/add/remove/force -pp_if_indent_code = true # false/true -# option(s) with 'not default' value: 158