Merge pull request #8489 from valeriosetti/issue8482
Make CCM* and CCM independent
diff --git a/configs/config-tfm.h b/configs/config-tfm.h
new file mode 100644
index 0000000..191e4c4
--- /dev/null
+++ b/configs/config-tfm.h
@@ -0,0 +1,40 @@
+/**
+ * \file config-tfm.h
+ *
+ * \brief TF-M medium profile, adapted to work on other platforms.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+/* TF-M medium profile: mbedtls legacy configuration */
+#include "../configs/ext/tfm_mbedcrypto_config_profile_medium.h"
+
+/* TF-M medium profile: PSA crypto configuration */
+#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h"
+
+/***********************************************************/
+/* Tweak the configuration to remove dependencies on TF-M. */
+/***********************************************************/
+
+/* MBEDTLS_PSA_CRYPTO_SPM needs third-party files, so disable it. */
+#undef MBEDTLS_PSA_CRYPTO_SPM
+
+/* TF-M provides its own dummy implementations to save code size.
+ * We don't have any way to disable the tests that need these feature,
+ * so we just keep AES decryption enabled. We will resolve this through
+ * an official way to disable AES decryption, then this deviation
+ * will no longer be needed:
+ * https://github.com/Mbed-TLS/mbedtls/issues/7368
+ */
+#undef MBEDTLS_AES_SETKEY_DEC_ALT
+#undef MBEDTLS_AES_DECRYPT_ALT
+
+/* Use built-in platform entropy functions (TF-M provides its own). */
+#undef MBEDTLS_NO_PLATFORM_ENTROPY
+
+/* Disable buffer-based memory allocator. This isn't strictly required,
+ * but using the native allocator is faster and works better with
+ * memory management analysis frameworks such as ASan. */
+#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C
diff --git a/configs/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h
similarity index 100%
rename from configs/crypto_config_profile_medium.h
rename to configs/ext/crypto_config_profile_medium.h
diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
similarity index 100%
rename from configs/tfm_mbedcrypto_config_profile_medium.h
rename to configs/ext/tfm_mbedcrypto_config_profile_medium.h
diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h
new file mode 100644
index 0000000..154ae26
--- /dev/null
+++ b/include/mbedtls/block_cipher.h
@@ -0,0 +1,58 @@
+/**
+ * \file block_cipher.h
+ *
+ * \brief Internal abstraction layer.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_BLOCK_CIPHER_H
+#define MBEDTLS_BLOCK_CIPHER_H
+
+#include "mbedtls/private_access.h"
+
+#include "mbedtls/build_info.h"
+
+#if defined(MBEDTLS_AES_C)
+#include "mbedtls/aes.h"
+#endif
+#if defined(MBEDTLS_ARIA_C)
+#include "mbedtls/aria.h"
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+#include "mbedtls/camellia.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef enum {
+ MBEDTLS_BLOCK_CIPHER_ID_NONE = 0, /**< Unset. */
+ MBEDTLS_BLOCK_CIPHER_ID_AES, /**< The AES cipher. */
+ MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */
+ MBEDTLS_BLOCK_CIPHER_ID_ARIA, /**< The Aria cipher. */
+} mbedtls_block_cipher_id_t;
+
+typedef struct {
+ mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id);
+ union {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_AES_C)
+ mbedtls_aes_context MBEDTLS_PRIVATE(aes);
+#endif
+#if defined(MBEDTLS_ARIA_C)
+ mbedtls_aria_context MBEDTLS_PRIVATE(aria);
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+ mbedtls_camellia_context MBEDTLS_PRIVATE(camellia);
+#endif
+ } MBEDTLS_PRIVATE(ctx);
+} mbedtls_block_cipher_context_t;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_BLOCK_CIPHER_H */
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 08d82b1..951db31 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -193,6 +193,15 @@
#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C)
+#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature"
+#endif
+#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C)
+#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification"
+#endif
+#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_ECJPAKE_C) && \
( !defined(MBEDTLS_ECP_C) || \
!( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) )
diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h
index aafd42e..e4f6a27 100644
--- a/include/mbedtls/config_adjust_legacy_crypto.h
+++ b/include/mbedtls/config_adjust_legacy_crypto.h
@@ -22,6 +22,13 @@
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
+/* Temporary hack to pacify check_names.py.
+ * (GCM and CCM still hard-depend on CIPHER_C for now.) */
+#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \
+ !defined(MBEDTLS_CIPHER_C)
+#define MBEDTLS_BLOCK_CIPHER_C
+#endif
+
/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C.
* This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C.
*/
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 30b8685..7294bb1 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1260,6 +1260,10 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ uint32_t MBEDTLS_PRIVATE(max_early_data_size); /*!< maximum amount of early data in tickets */
+#endif
+
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */
#endif
@@ -2046,6 +2050,10 @@
*
* \warning This interface is experimental and may change without notice.
*
+ * \warning This interface DOES NOT influence/limit the amount of early data
+ * that can be received through previously created and issued tickets,
+ * which clients may have stored.
+ *
*/
void mbedtls_ssl_conf_max_early_data_size(
mbedtls_ssl_config *conf, uint32_t max_early_data_size);
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index eeda06a..5c297e0 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -22,6 +22,7 @@
bignum_core.c
bignum_mod.c
bignum_mod_raw.c
+ block_cipher.c
camellia.c
ccm.c
chacha20.c
diff --git a/library/Makefile b/library/Makefile
index 9e2d723..d11a98d 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -91,6 +91,7 @@
bignum_core.o \
bignum_mod.o \
bignum_mod_raw.o \
+ block_cipher.o \
camellia.o \
ccm.o \
chacha20.o \
diff --git a/library/block_cipher.c b/library/block_cipher.c
new file mode 100644
index 0000000..1118d3a
--- /dev/null
+++ b/library/block_cipher.c
@@ -0,0 +1,116 @@
+/**
+ * \file block_cipher.c
+ *
+ * \brief Lightweight abstraction layer for block ciphers with 128 bit blocks,
+ * for use by the GCM and CCM modules.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "common.h"
+
+#include "block_cipher_internal.h"
+
+#if defined(MBEDTLS_BLOCK_CIPHER_C)
+
+void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx)
+{
+ switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_AES:
+ mbedtls_aes_free(&ctx->ctx.aes);
+ break;
+#endif
+#if defined(MBEDTLS_ARIA_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+ mbedtls_aria_free(&ctx->ctx.aria);
+ break;
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+ mbedtls_camellia_free(&ctx->ctx.camellia);
+ break;
+#endif
+ default:
+ break;
+ }
+ ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE;
+}
+
+int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx,
+ mbedtls_cipher_id_t cipher_id)
+{
+ switch (cipher_id) {
+#if defined(MBEDTLS_AES_C)
+ case MBEDTLS_CIPHER_ID_AES:
+ ctx->id = MBEDTLS_BLOCK_CIPHER_ID_AES;
+ mbedtls_aes_init(&ctx->ctx.aes);
+ return 0;
+#endif
+#if defined(MBEDTLS_ARIA_C)
+ case MBEDTLS_CIPHER_ID_ARIA:
+ ctx->id = MBEDTLS_BLOCK_CIPHER_ID_ARIA;
+ mbedtls_aria_init(&ctx->ctx.aria);
+ return 0;
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+ case MBEDTLS_CIPHER_ID_CAMELLIA:
+ ctx->id = MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA;
+ mbedtls_camellia_init(&ctx->ctx.camellia);
+ return 0;
+#endif
+ default:
+ return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+ }
+}
+
+int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx,
+ const unsigned char *key,
+ unsigned key_bitlen)
+{
+ switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_AES:
+ return mbedtls_aes_setkey_enc(&ctx->ctx.aes, key, key_bitlen);
+#endif
+#if defined(MBEDTLS_ARIA_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+ return mbedtls_aria_setkey_enc(&ctx->ctx.aria, key, key_bitlen);
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+ return mbedtls_camellia_setkey_enc(&ctx->ctx.camellia, key, key_bitlen);
+#endif
+ default:
+ return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+ }
+}
+
+int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx,
+ const unsigned char input[16],
+ unsigned char output[16])
+{
+ switch (ctx->id) {
+#if defined(MBEDTLS_AES_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_AES:
+ return mbedtls_aes_crypt_ecb(&ctx->ctx.aes, MBEDTLS_AES_ENCRYPT,
+ input, output);
+#endif
+#if defined(MBEDTLS_ARIA_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
+ return mbedtls_aria_crypt_ecb(&ctx->ctx.aria, input, output);
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+ case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
+ return mbedtls_camellia_crypt_ecb(&ctx->ctx.camellia,
+ MBEDTLS_CAMELLIA_ENCRYPT,
+ input, output);
+#endif
+ default:
+ return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+ }
+}
+
+#endif /* MBEDTLS_BLOCK_CIPHER_C */
diff --git a/library/block_cipher_internal.h b/library/block_cipher_internal.h
new file mode 100644
index 0000000..c57338b
--- /dev/null
+++ b/library/block_cipher_internal.h
@@ -0,0 +1,99 @@
+/**
+ * \file block_cipher_internal.h
+ *
+ * \brief Lightweight abstraction layer for block ciphers with 128 bit blocks,
+ * for use by the GCM and CCM modules.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#ifndef MBEDTLS_BLOCK_CIPHER_INTERNAL_H
+#define MBEDTLS_BLOCK_CIPHER_INTERNAL_H
+
+#include "mbedtls/build_info.h"
+
+#include "mbedtls/cipher.h"
+
+#include "mbedtls/block_cipher.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Initialize the context.
+ * This must be the first API call before using the context.
+ *
+ * \param ctx The context to initialize.
+ */
+static inline void mbedtls_block_cipher_init(mbedtls_block_cipher_context_t *ctx)
+{
+ memset(ctx, 0, sizeof(*ctx));
+}
+
+/**
+ * \brief Set the block cipher to use with this context.
+ * This must be called after mbedtls_block_cipher_init().
+ *
+ * \param ctx The context to set up.
+ * \param cipher_id The identifier of the cipher to use.
+ * This must be either AES, ARIA or Camellia.
+ * Warning: this is a ::mbedtls_cipher_id_t,
+ * not a ::mbedtls_block_cipher_id_t!
+ *
+ * \retval \c 0 on success.
+ * \retval #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if \p cipher_id was
+ * invalid.
+ */
+int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx,
+ mbedtls_cipher_id_t cipher_id);
+
+/**
+ * \brief Set the key into the context.
+ *
+ * \param ctx The context to configure.
+ * \param key The buffer holding the key material.
+ * \param key_bitlen The size of the key in bits.
+ *
+ * \retval \c 0 on success.
+ * \retval #MBEDTLS_ERR_CIPHER_INVALID_CONTEXT if the context was not
+ * properly set up before calling this function.
+ * \retval One of #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH,
+ * #MBEDTLS_ERR_ARIA_BAD_INPUT_DATA,
+ * #MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA if \p key_bitlen is
+ * invalid.
+ */
+int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx,
+ const unsigned char *key,
+ unsigned key_bitlen);
+
+/**
+ * \brief Encrypt one block (16 bytes) with the configured key.
+ *
+ * \param ctx The context holding the key.
+ * \param input The buffer holding the input block. Must be 16 bytes.
+ * \param output The buffer to which the output block will be written.
+ * Must be writable and 16 bytes long.
+ * This must either not overlap with \p input, or be equal.
+ *
+ * \retval \c 0 on success.
+ * \retval #MBEDTLS_ERR_CIPHER_INVALID_CONTEXT if the context was not
+ * properly set up before calling this function.
+ * \retval Another negative value if encryption failed.
+ */
+int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx,
+ const unsigned char input[16],
+ unsigned char output[16]);
+/**
+ * \brief Clear the context.
+ *
+ * \param ctx The context to clear.
+ */
+void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_BLOCK_CIPHER_INTERNAL_H */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4751d34..f855576 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2454,6 +2454,7 @@
* uint32 ticket_age_add;
* uint8 ticket_flags;
* opaque resumption_key<0..255>;
+ * uint32 max_early_data_size;
* select ( endpoint ) {
* case client: ClientOnlyData;
* case server: uint64 start_time;
@@ -2486,6 +2487,10 @@
}
needed += session->resumption_key_len; /* resumption_key */
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ needed += 4; /* max_early_data_size */
+#endif
+
#if defined(MBEDTLS_HAVE_TIME)
needed += 8; /* start_time or ticket_received */
#endif
@@ -2525,6 +2530,11 @@
memcpy(p, session->resumption_key, session->resumption_key_len);
p += session->resumption_key_len;
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 0);
+ p += 4;
+#endif
+
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
MBEDTLS_PUT_UINT64_BE((uint64_t) session->start, p, 0);
@@ -2593,6 +2603,14 @@
memcpy(session->resumption_key, p, session->resumption_key_len);
p += session->resumption_key_len;
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ if (end - p < 4) {
+ return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+ }
+ session->max_early_data_size = MBEDTLS_GET_UINT32_BE(p, 0);
+ p += 4;
+#endif
+
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
if (end - p < 8) {
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 061dcf7..b418ee6 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -472,6 +472,10 @@
}
memcpy(dst->resumption_key, src->resumption_key, src->resumption_key_len);
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ dst->max_early_data_size = src->max_early_data_size;
+#endif
+
return 0;
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
diff --git a/programs/.gitignore b/programs/.gitignore
index a641c31..e0c4987 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -38,6 +38,7 @@
psa/hmac_demo
psa/key_ladder_demo
psa/psa_constant_names
+psa/psa_hash
random/gen_entropy
random/gen_random_ctr_drbg
ssl/dtls_client
@@ -56,6 +57,7 @@
test/cpp_dummy_build.cpp
test/dlopen
test/ecp-bench
+test/metatest
test/query_compile_time_config
test/query_included_headers
test/selftest
diff --git a/programs/Makefile b/programs/Makefile
index 116883b..a3fa816 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -123,6 +123,7 @@
ssl/ssl_server \
ssl/ssl_server2 \
test/benchmark \
+ test/metatest \
test/query_compile_time_config \
test/query_included_headers \
test/selftest \
@@ -413,6 +414,10 @@
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/dlopen.c $(LDFLAGS) $(DLOPEN_LDFLAGS) -o $@
endif
+test/metatest$(EXEXT): test/metatest.c $(DEP)
+ echo " CC test/metatest.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -I ../library test/metatest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
test/query_config.o: test/query_config.c test/query_config.h $(DEP)
echo " CC test/query_config.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index a75f8d9..0778731 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -3,6 +3,7 @@
)
set(executables_libs
+ metatest
query_included_headers
selftest
udp_proxy
@@ -72,6 +73,7 @@
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
${extra_sources})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../library)
if(exe STREQUAL "query_compile_time_config")
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR})
endif()
diff --git a/programs/test/metatest.c b/programs/test/metatest.c
new file mode 100644
index 0000000..2973cce
--- /dev/null
+++ b/programs/test/metatest.c
@@ -0,0 +1,351 @@
+/** \file metatest.c
+ *
+ * \brief Test features of the test framework.
+ *
+ * When you run this program, it runs a single "meta-test". A meta-test
+ * performs an operation which should be caught as a failure by our
+ * test framework. The meta-test passes if this program calls `exit` with
+ * a nonzero status, or aborts, or is terminated by a signal, or if the
+ * framework running the program considers the run an error (this happens
+ * with Valgrind for a memory leak). The non-success of the meta-test
+ * program means that the test failure has been caught correctly.
+ *
+ * Some failures are purely functional: the logic of the code causes the
+ * test result to be set to FAIL. Other failures come from extra
+ * instrumentation which is not present in a normal build; for example,
+ * Asan or Valgrind to detect memory leaks. This is reflected by the
+ * "platform" associated with each meta-test.
+ *
+ * Use the companion script `tests/scripts/run-metatests.sh` to run all
+ * the meta-tests for a given platform and validate that they trigger a
+ * detected failure as expected.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+#include <mbedtls/platform.h>
+#include <mbedtls/platform_util.h>
+#include "test/helpers.h"
+#include "test/macros.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(MBEDTLS_THREADING_C)
+#include <mbedtls/threading.h>
+#endif
+
+
+/* This is an external variable, so the compiler doesn't know that we're never
+ * changing its value.
+ */
+volatile int false_but_the_compiler_does_not_know = 0;
+
+/* Set n bytes at the address p to all-bits-zero, in such a way that
+ * the compiler should not know that p is all-bits-zero. */
+static void set_to_zero_but_the_compiler_does_not_know(volatile void *p, size_t n)
+{
+ memset((void *) p, false_but_the_compiler_does_not_know, n);
+}
+
+
+/****************************************************************/
+/* Test framework features */
+/****************************************************************/
+
+void meta_test_fail(const char *name)
+{
+ (void) name;
+ mbedtls_test_fail("Forced test failure", __LINE__, __FILE__);
+}
+
+
+/****************************************************************/
+/* Platform features */
+/****************************************************************/
+
+void null_pointer_dereference(const char *name)
+{
+ (void) name;
+ volatile char *volatile p;
+ set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p));
+ /* Undefined behavior (read from null data pointer) */
+ mbedtls_printf("%p -> %u\n", p, (unsigned) *p);
+}
+
+void null_pointer_call(const char *name)
+{
+ (void) name;
+ unsigned(*volatile p)(void);
+ set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p));
+ /* Undefined behavior (execute null function pointer) */
+ /* The pointer representation may be truncated, but we don't care:
+ * the only point of printing it is to have some use of the pointer
+ * to dissuade the compiler from optimizing it away. */
+ mbedtls_printf("%lx() -> %u\n", (unsigned long) (uintptr_t) p, p());
+}
+
+
+/****************************************************************/
+/* Memory */
+/****************************************************************/
+
+void read_after_free(const char *name)
+{
+ (void) name;
+ volatile char *p = mbedtls_calloc(1, 1);
+ *p = 'a';
+ mbedtls_free((void *) p);
+ /* Undefined behavior (read after free) */
+ mbedtls_printf("%u\n", (unsigned) *p);
+}
+
+void double_free(const char *name)
+{
+ (void) name;
+ volatile char *p = mbedtls_calloc(1, 1);
+ *p = 'a';
+ mbedtls_free((void *) p);
+ /* Undefined behavior (double free) */
+ mbedtls_free((void *) p);
+}
+
+void read_uninitialized_stack(const char *name)
+{
+ (void) name;
+ char buf[1];
+ if (false_but_the_compiler_does_not_know) {
+ buf[0] = '!';
+ }
+ char *volatile p = buf;
+ if (*p != 0) {
+ /* Unspecified result (read from uninitialized memory) */
+ mbedtls_printf("%u\n", (unsigned) *p);
+ }
+}
+
+void memory_leak(const char *name)
+{
+ (void) name;
+ volatile char *p = mbedtls_calloc(1, 1);
+ mbedtls_printf("%u\n", (unsigned) *p);
+ /* Leak of a heap object */
+}
+
+
+/****************************************************************/
+/* Threading */
+/****************************************************************/
+
+void mutex_lock_not_initialized(const char *name)
+{
+ (void) name;
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_threading_mutex_t mutex;
+ memset(&mutex, 0, sizeof(mutex));
+ /* This mutex usage error is detected by our test framework's mutex usage
+ * verification framework. See tests/src/threading_helpers.c. Other
+ * threading implementations (e.g. pthread without our instrumentation)
+ * might consider this normal usage. */
+ TEST_ASSERT(mbedtls_mutex_lock(&mutex) == 0);
+exit:
+ ;
+#endif
+}
+
+void mutex_unlock_not_initialized(const char *name)
+{
+ (void) name;
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_threading_mutex_t mutex;
+ memset(&mutex, 0, sizeof(mutex));
+ /* This mutex usage error is detected by our test framework's mutex usage
+ * verification framework. See tests/src/threading_helpers.c. Other
+ * threading implementations (e.g. pthread without our instrumentation)
+ * might consider this normal usage. */
+ TEST_ASSERT(mbedtls_mutex_unlock(&mutex) == 0);
+exit:
+ ;
+#endif
+}
+
+void mutex_free_not_initialized(const char *name)
+{
+ (void) name;
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_threading_mutex_t mutex;
+ memset(&mutex, 0, sizeof(mutex));
+ /* This mutex usage error is detected by our test framework's mutex usage
+ * verification framework. See tests/src/threading_helpers.c. Other
+ * threading implementations (e.g. pthread without our instrumentation)
+ * might consider this normal usage. */
+ mbedtls_mutex_free(&mutex);
+#endif
+}
+
+void mutex_double_init(const char *name)
+{
+ (void) name;
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_threading_mutex_t mutex;
+ mbedtls_mutex_init(&mutex);
+ /* This mutex usage error is detected by our test framework's mutex usage
+ * verification framework. See tests/src/threading_helpers.c. Other
+ * threading implementations (e.g. pthread without our instrumentation)
+ * might consider this normal usage. */
+ mbedtls_mutex_init(&mutex);
+ mbedtls_mutex_free(&mutex);
+#endif
+}
+
+void mutex_double_free(const char *name)
+{
+ (void) name;
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_threading_mutex_t mutex;
+ mbedtls_mutex_init(&mutex);
+ mbedtls_mutex_free(&mutex);
+ /* This mutex usage error is detected by our test framework's mutex usage
+ * verification framework. See tests/src/threading_helpers.c. Other
+ * threading implementations (e.g. pthread without our instrumentation)
+ * might consider this normal usage. */
+ mbedtls_mutex_free(&mutex);
+#endif
+}
+
+void mutex_leak(const char *name)
+{
+ (void) name;
+#if defined(MBEDTLS_THREADING_C)
+ mbedtls_threading_mutex_t mutex;
+ mbedtls_mutex_init(&mutex);
+#endif
+ /* This mutex usage error is detected by our test framework's mutex usage
+ * verification framework. See tests/src/threading_helpers.c. Other
+ * threading implementations (e.g. pthread without our instrumentation)
+ * might consider this normal usage. */
+}
+
+
+/****************************************************************/
+/* Command line entry point */
+/****************************************************************/
+
+typedef struct {
+ /** Command line argument that will trigger that metatest.
+ *
+ * Conventionally matches "[a-z0-9_]+". */
+ const char *name;
+
+ /** Platform under which that metatest is valid.
+ *
+ * - "any": should work anywhere.
+ * - "asan": triggers ASan (Address Sanitizer).
+ * - "msan": triggers MSan (Memory Sanitizer).
+ * - "pthread": requires MBEDTLS_THREADING_PTHREAD and MBEDTLS_TEST_HOOKS,
+ * which enables MBEDTLS_TEST_MUTEX_USAGE internally in the test
+ * framework (see tests/src/threading_helpers.c).
+ */
+ const char *platform;
+
+ /** Function that performs the metatest.
+ *
+ * The function receives the name as an argument. This allows using the
+ * same function to perform multiple variants of a test based on the name.
+ *
+ * When executed on a conforming platform, the function is expected to
+ * either cause a test failure (mbedtls_test_fail()), or cause the
+ * program to abort in some way (e.g. by causing a segfault or by
+ * triggering a sanitizer).
+ *
+ * When executed on a non-conforming platform, the function may return
+ * normally or may have unpredictable behavior.
+ */
+ void (*entry_point)(const char *name);
+} metatest_t;
+
+/* The list of availble meta-tests. Remember to register new functions here!
+ *
+ * Note that we always compile all the functions, so that `metatest --list`
+ * will always list all the available meta-tests.
+ *
+ * See the documentation of metatest_t::platform for the meaning of
+ * platform values.
+ */
+metatest_t metatests[] = {
+ { "test_fail", "any", meta_test_fail },
+ { "null_dereference", "any", null_pointer_dereference },
+ { "null_call", "any", null_pointer_call },
+ { "read_after_free", "asan", read_after_free },
+ { "double_free", "asan", double_free },
+ { "read_uninitialized_stack", "msan", read_uninitialized_stack },
+ { "memory_leak", "asan", memory_leak },
+ { "mutex_lock_not_initialized", "pthread", mutex_lock_not_initialized },
+ { "mutex_unlock_not_initialized", "pthread", mutex_unlock_not_initialized },
+ { "mutex_free_not_initialized", "pthread", mutex_free_not_initialized },
+ { "mutex_double_init", "pthread", mutex_double_init },
+ { "mutex_double_free", "pthread", mutex_double_free },
+ { "mutex_leak", "pthread", mutex_leak },
+ { NULL, NULL, NULL }
+};
+
+static void help(FILE *out, const char *argv0)
+{
+ mbedtls_fprintf(out, "Usage: %s list|TEST\n", argv0);
+ mbedtls_fprintf(out, "Run a meta-test that should cause a test failure.\n");
+ mbedtls_fprintf(out, "With 'list', list the available tests and their platform requirement.\n");
+}
+
+int main(int argc, char *argv[])
+{
+ const char *argv0 = argc > 0 ? argv[0] : "metatest";
+ if (argc != 2) {
+ help(stderr, argv0);
+ mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+ }
+
+ /* Support "-help", "--help", "--list", etc. */
+ const char *command = argv[1];
+ while (*command == '-') {
+ ++command;
+ }
+
+ if (strcmp(argv[1], "help") == 0) {
+ help(stdout, argv0);
+ mbedtls_exit(MBEDTLS_EXIT_SUCCESS);
+ }
+ if (strcmp(argv[1], "list") == 0) {
+ for (const metatest_t *p = metatests; p->name != NULL; p++) {
+ mbedtls_printf("%s %s\n", p->name, p->platform);
+ }
+ mbedtls_exit(MBEDTLS_EXIT_SUCCESS);
+ }
+
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_init();
+#endif
+
+ for (const metatest_t *p = metatests; p->name != NULL; p++) {
+ if (strcmp(argv[1], p->name) == 0) {
+ mbedtls_printf("Running metatest %s...\n", argv[1]);
+ p->entry_point(argv[1]);
+#if defined(MBEDTLS_TEST_MUTEX_USAGE)
+ mbedtls_test_mutex_usage_check();
+#endif
+ mbedtls_printf("Running metatest %s... done, result=%d\n",
+ argv[1], (int) mbedtls_test_info.result);
+ mbedtls_exit(mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS ?
+ MBEDTLS_EXIT_SUCCESS :
+ MBEDTLS_EXIT_FAILURE);
+ }
+ }
+
+ mbedtls_fprintf(stderr, "%s: FATAL: No such metatest: %s\n",
+ argv0, command);
+ mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+}
diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index ad9b325..abd13df 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -144,8 +144,8 @@
print("Unknown host architecture, cannot auto-detect arch.")
sys.exit(1)
-TFM_MEDIUM_CONFIG_H = 'configs/tfm_mbedcrypto_config_profile_medium.h'
-TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/crypto_config_profile_medium.h'
+TFM_MEDIUM_CONFIG_H = 'configs/ext/tfm_mbedcrypto_config_profile_medium.h'
+TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/ext/crypto_config_profile_medium.h'
CONFIG_H = 'include/mbedtls/mbedtls_config.h'
CRYPTO_CONFIG_H = 'include/psa/crypto_config.h'
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 7f56098..96ade2f 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -144,6 +144,7 @@
my $guid = gen_app_guid( $path );
$path =~ s!/!\\!g;
(my $appname = $path) =~ s/.*\\//;
+ my $is_test_app = ($path =~ m/^test\\/);
my $srcs = "<ClCompile Include=\"..\\..\\programs\\$path.c\" \/>";
if( $appname eq "ssl_client2" or $appname eq "ssl_server2" or
@@ -158,7 +159,9 @@
$content =~ s/<SOURCES>/$srcs/g;
$content =~ s/<APPNAME>/$appname/g;
$content =~ s/<GUID>/$guid/g;
- $content =~ s/INCLUDE_DIRECTORIES\n/$include_directories/g;
+ $content =~ s/INCLUDE_DIRECTORIES\n/($is_test_app ?
+ $library_include_directories :
+ $include_directories)/ge;
content_to_file( $content, "$dir/$appname.$ext" );
}
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 5e150f2..929b093 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1120,6 +1120,9 @@
msg "test: selftest (ASan build)" # ~ 10s
programs/test/selftest
+ msg "test: metatests (GCC, ASan build)"
+ tests/scripts/run-metatests.sh any asan
+
msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
tests/ssl-opt.sh
@@ -1553,7 +1556,7 @@
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_LMS_C
scripts/config.py unset MBEDTLS_LMS_PRIVATE
- make
+ make CFLAGS='-DMBEDTLS_BLOCK_CIPHER_C'
msg "test: full no CIPHER no PSA_CRYPTO_C"
make test
@@ -1938,6 +1941,9 @@
msg "test: Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
make test
+ msg "test: metatests (clang, ASan)"
+ tests/scripts/run-metatests.sh any asan
+
msg "test: Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s
tests/ssl-opt.sh -f ECDH
@@ -2026,6 +2032,9 @@
msg "test: cpp_dummy_build (full config, clang)" # ~ 1s
programs/test/cpp_dummy_build
+ msg "test: metatests (clang)"
+ tests/scripts/run-metatests.sh any pthread
+
msg "program demos (full config, clang)" # ~10s
tests/scripts/run_demos.py
@@ -3226,49 +3235,29 @@
# - component_test_tfm_config()
common_tfm_config () {
# Enable TF-M config
- cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ cp configs/config-tfm.h "$CONFIG_H"
+ echo "#undef MBEDTLS_PSA_CRYPTO_CONFIG_FILE" >> "$CONFIG_H"
+ cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
- # Adjust for the fact that we're building outside the TF-M environment.
- #
- # TF-M has separation, our build doesn't
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_SPM
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- # TF-M provdes its own (dummy) implemenation, from their tree
- scripts/config.py unset MBEDTLS_AES_DECRYPT_ALT
- scripts/config.py unset MBEDTLS_AES_SETKEY_DEC_ALT
- # We have an OS that provides entropy, use it
- scripts/config.py unset MBEDTLS_NO_PLATFORM_ENTROPY
-
- # Other config adjustments to make the tests pass.
- # Those should probably be adopted upstream.
+ # Other config adjustment to make the tests pass.
+ # This should probably be adopted upstream.
#
# - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS
echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H"
- # pkparse.c and pkwrite.c fail to link without this
- echo "#define MBEDTLS_OID_C" >> "$CONFIG_H"
- # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite
- echo "#define MBEDTLS_ASN1_PARSE_C" >> "$CONFIG_H"
- echo "#define MBEDTLS_ASN1_WRITE_C" >> "$CONFIG_H"
- # - MD_C for HKDF_C
- echo "#define MBEDTLS_MD_C" >> "$CONFIG_H"
- # Config adjustments for better test coverage in our environment.
- # These are not needed just to build and pass tests.
+ # Config adjustment for better test coverage in our environment.
+ # This is not needed just to build and pass tests.
#
# Enable filesystem I/O for the benefit of PK parse/write tests.
echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H"
- # Disable this for maximal ASan efficiency
- scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
# Config adjustments for features that are not supported
# when using only drivers / by p256-m
#
- # Disable all the features that auto-enable ECP_LIGHT (see build_info.h)
+ # Disable all the features that auto-enable ECP_LIGHT (see config_adjust_legacy_crypto.h)
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
# Disable deterministic ECDSA as p256-m only does randomized
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
-
}
# Keep this in sync with component_test_tfm_config() as they are both meant
@@ -3758,7 +3747,7 @@
# are meant to be used together in analyze_outcomes.py script in order to test
# driver's coverage for ciphers and AEADs.
component_test_psa_crypto_config_accel_cipher_aead () {
- msg "build: crypto config with accelerated cipher and AEAD"
+ msg "build: full config with accelerated cipher and AEAD"
loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \
ALG_OFB ALG_XTS ALG_STREAM_CIPHER ALG_CCM_STAR_NO_TAG \
@@ -3812,24 +3801,30 @@
# Run the tests
# -------------
- msg "test: crypto config with accelerated cipher and AEAD"
+ msg "test: full config with accelerated cipher and AEAD"
make test
- msg "ssl-opt: crypto config with accelerated cipher and AEAD"
+ msg "ssl-opt: full config with accelerated cipher and AEAD"
tests/ssl-opt.sh
+
+ msg "compat.sh: full config with accelerated cipher and AEAD"
+ tests/compat.sh -V NO -p mbedTLS
}
component_test_psa_crypto_config_reference_cipher_aead () {
- msg "build: crypto config with non-accelerated cipher and AEAD"
+ msg "build: full config with non-accelerated cipher and AEAD"
common_psa_crypto_config_accel_cipher_aead
make
- msg "test: crypto config with non-accelerated cipher and AEAD"
+ msg "test: full config with non-accelerated cipher and AEAD"
make test
- msg "ssl-opt: crypto config with non-accelerated cipher and AEAD"
+ msg "ssl-opt: full config with non-accelerated cipher and AEAD"
tests/ssl-opt.sh
+
+ msg "compat.sh: full config with non-accelerated cipher and AEAD"
+ tests/compat.sh -V NO -p mbedTLS
}
component_test_aead_chachapoly_disabled() {
@@ -4124,8 +4119,8 @@
component_build_tfm_armcc() {
# test the TF-M configuration can build cleanly with various warning flags enabled
- cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
+ cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
msg "build: TF-M config, armclang armv7-m thumb2"
make clean
@@ -4133,9 +4128,13 @@
}
component_build_tfm() {
- # test the TF-M configuration can build cleanly with various warning flags enabled
- cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ # Check that the TF-M configuration can build cleanly with various
+ # warning flags enabled. We don't build or run tests, since the
+ # TF-M configuration needs a TF-M platform. A tweaked version of
+ # the configuration that works on mainstream platforms is in
+ # configs/config-tfm.h, tested via test-ref-configs.pl.
+ cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
+ cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
msg "build: TF-M config, clang, armv7-m thumb2"
make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe"
@@ -5531,6 +5530,9 @@
msg "test: main suites (MSan)" # ~ 10s
make test
+ msg "test: metatests (MSan)"
+ tests/scripts/run-metatests.sh any msan
+
msg "program demos (MSan)" # ~20s
tests/scripts/run_demos.py
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index 80b6459..a070b01 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -441,6 +441,7 @@
'component_driver': 'test_tfm_config_p256m_driver_accel_ec',
'ignored_suites': [
# Modules replaced by drivers
+ 'asn1parse', 'asn1write',
'ecp', 'ecdsa', 'ecdh', 'ecjpake',
'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
'bignum.generated', 'bignum.misc',
@@ -450,12 +451,6 @@
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
- 'test_suite_asn1parse': [
- 'INTEGER too large for mpi',
- ],
- 'test_suite_asn1write': [
- re.compile(r'ASN.1 Write mpi.*'),
- ],
}
}
}
diff --git a/tests/scripts/run-metatests.sh b/tests/scripts/run-metatests.sh
new file mode 100755
index 0000000..22a302c
--- /dev/null
+++ b/tests/scripts/run-metatests.sh
@@ -0,0 +1,89 @@
+#!/bin/sh
+
+help () {
+ cat <<EOF
+Usage: $0 [OPTION] [PLATFORM]...
+Run all the metatests whose platform matches any of the given PLATFORM.
+A PLATFORM can contain shell wildcards.
+
+Expected output: a lot of scary-looking error messages, since each
+metatest is expected to report a failure. The final line should be
+"Ran N metatests, all good."
+
+If something goes wrong: the final line should be
+"Ran N metatests, X unexpected successes". Look for "Unexpected success"
+in the logs above.
+
+ -l List the available metatests, don't run them.
+EOF
+}
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+set -e -u
+
+if [ -d programs ]; then
+ METATEST_PROGRAM=programs/test/metatest
+elif [ -d ../programs ]; then
+ METATEST_PROGRAM=../programs/test/metatest
+elif [ -d ../../programs ]; then
+ METATEST_PROGRAM=../../programs/test/metatest
+else
+ echo >&2 "$0: FATAL: programs/test/metatest not found"
+ exit 120
+fi
+
+LIST_ONLY=
+while getopts hl OPTLET; do
+ case $OPTLET in
+ h) help; exit;;
+ l) LIST_ONLY=1;;
+ \?) help >&2; exit 120;;
+ esac
+done
+shift $((OPTIND - 1))
+
+list_matches () {
+ while read name platform junk; do
+ for pattern in "$@"; do
+ case $platform in
+ $pattern) echo "$name"; break;;
+ esac
+ done
+ done
+}
+
+count=0
+errors=0
+run_metatest () {
+ ret=0
+ "$METATEST_PROGRAM" "$1" || ret=$?
+ if [ $ret -eq 0 ]; then
+ echo >&2 "$0: Unexpected success: $1"
+ errors=$((errors + 1))
+ fi
+ count=$((count + 1))
+}
+
+# Don't pipe the output of metatest so that if it fails, this script exits
+# immediately with a failure status.
+full_list=$("$METATEST_PROGRAM" list)
+matching_list=$(printf '%s\n' "$full_list" | list_matches "$@")
+
+if [ -n "$LIST_ONLY" ]; then
+ printf '%s\n' $matching_list
+ exit
+fi
+
+for name in $matching_list; do
+ run_metatest "$name"
+done
+
+if [ $errors -eq 0 ]; then
+ echo "Ran $count metatests, all good."
+ exit 0
+else
+ echo "Ran $count metatests, $errors unexpected successes."
+ exit 1
+fi
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index 0702074..055023a 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -37,6 +37,9 @@
'config-symmetric-only.h' => {
'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
},
+ 'config-tfm.h' => {
+ 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
+ },
'config-thread.h' => {
'opt' => '-f ECJPAKE.*nolog',
'test_again_with_use_psa' => 1,
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index be2aede..54b57be 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -1746,6 +1746,10 @@
session->resumption_key_len = 32;
memset(session->resumption_key, 0x99, sizeof(session->resumption_key));
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ session->max_early_data_size = 0x87654321;
+#endif
+
#if defined(MBEDTLS_HAVE_TIME)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
session->start = mbedtls_time(NULL) - 42;
diff --git a/tests/suites/test_suite_block_cipher.data b/tests/suites/test_suite_block_cipher.data
new file mode 100644
index 0000000..cf321ae
--- /dev/null
+++ b/tests/suites/test_suite_block_cipher.data
@@ -0,0 +1,237 @@
+Invalid input
+invalid:
+
+AES-128-ECB Encrypt NIST KAT #1
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e"
+
+AES-128-ECB Encrypt NIST KAT #2
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"9798c4640bad75c7c3227db910174e72":"a9a1631bf4996954ebc093957b234589"
+
+AES-128-ECB Encrypt NIST KAT #3
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"96ab5c2ff612d9dfaae8c31f30c42168":"ff4f8391a6a40ca5b25d23bedd44a597"
+
+AES-128-ECB Encrypt NIST KAT #4
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"e0000000000000000000000000000000":"00000000000000000000000000000000":"72a1da770f5d7ac4c9ef94d822affd97"
+
+AES-128-ECB Encrypt NIST KAT #5
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"f0000000000000000000000000000000":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8"
+
+AES-128-ECB Encrypt NIST KAT #6
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"f8000000000000000000000000000000":"00000000000000000000000000000000":"f17e79aed0db7e279e955b5f493875a7"
+
+AES-128-ECB Encrypt NIST KAT #7
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffff0000000000000000000":"00000000000000000000000000000000":"7b90785125505fad59b13c186dd66ce3"
+
+AES-128-ECB Encrypt NIST KAT #8
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffff8000000000000000000":"00000000000000000000000000000000":"8b527a6aebdaec9eaef8eda2cb7783e5"
+
+AES-128-ECB Encrypt NIST KAT #9
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffc000000000000000000":"00000000000000000000000000000000":"43fdaf53ebbc9880c228617d6a9b548b"
+
+AES-128-ECB Encrypt NIST KAT #10
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffc000":"00000000000000000000000000000000":"70c46bb30692be657f7eaa93ebad9897"
+
+AES-128-ECB Encrypt NIST KAT #11
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a"
+
+AES-128-ECB Encrypt NIST KAT #12
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffffff000":"00000000000000000000000000000000":"1dbf57877b7b17385c85d0b54851e371"
+
+AES-128-ECB Encrypt NIST KAT #13
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a"
+
+AES-128-ECB Encrypt NIST KAT #14
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"ffffffffffffffe00000000000000000":"d451b8d6e1e1a0ebb155fbbf6e7b7dc3"
+
+AES-128-ECB Encrypt NIST KAT #15
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"fffffffffffffff00000000000000000":"6898d4f42fa7ba6a10ac05e87b9f2080"
+
+AES-128-ECB Encrypt NIST KAT #16
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"ffffffffffffffffffffffffe0000000":"082eb8be35f442fb52668e16a591d1d6"
+
+AES-128-ECB Encrypt NIST KAT #17
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"fffffffffffffffffffffffff0000000":"e656f9ecf5fe27ec3e4a73d00c282fb3"
+
+AES-128-ECB Encrypt NIST KAT #18
+depends_on:MBEDTLS_AES_C
+test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"fffffffffffffffffffffffff8000000":"2ca8209d63274cd9a29bb74bcd77683a"
+
+AES-192-ECB Encrypt NIST KAT #1
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01"
+
+AES-192-ECB Encrypt NIST KAT #2
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffc0000000000":"15eec9ebf42b9ca76897d2cd6c5a12e2"
+
+AES-192-ECB Encrypt NIST KAT #3
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffe0000000000":"db0d3a6fdcc13f915e2b302ceeb70fd8"
+
+AES-192-ECB Encrypt NIST KAT #4
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c"
+
+AES-192-ECB Encrypt NIST KAT #5
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"26aa49dcfe7629a8901a69a9914e6dfd":"d5e08bf9a182e857cf40b3a36ee248cc"
+
+AES-192-ECB Encrypt NIST KAT #6
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"941a4773058224e1ef66d10e0a6ee782":"067cd9d3749207791841562507fa9626"
+
+AES-192-ECB Encrypt NIST KAT #7
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c"
+
+AES-192-ECB Encrypt NIST KAT #8
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"982215f4e173dfa0fcffe5d3da41c4812c7bcc8ed3540f93":"00000000000000000000000000000000":"d4f0aae13c8fe9339fbf9e69ed0ad74d"
+
+AES-192-ECB Encrypt NIST KAT #9
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"98c6b8e01e379fbd14e61af6af891596583565f2a27d59e9":"00000000000000000000000000000000":"19c80ec4a6deb7e5ed1033dda933498f"
+
+AES-192-ECB Encrypt NIST KAT #10
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffff800000000000000000000":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3"
+
+AES-192-ECB Encrypt NIST KAT #11
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffffc00000000000000000000":"00000000000000000000000000000000":"9d6bdc8f4ce5feb0f3bed2e4b9a9bb0b"
+
+AES-192-ECB Encrypt NIST KAT #12
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46"
+
+AES-256-ECB Encrypt NIST KAT #1
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd"
+
+AES-256-ECB Encrypt NIST KAT #2
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"984ca75f4ee8d706f46c2d98c0bf4a45f5b00d791c2dfeb191b5ed8e420fd627":"00000000000000000000000000000000":"4307456a9e67813b452e15fa8fffe398"
+
+AES-256-ECB Encrypt NIST KAT #3
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"b43d08a447ac8609baadae4ff12918b9f68fc1653f1269222f123981ded7a92f":"00000000000000000000000000000000":"4663446607354989477a5c6f0f007ef4"
+
+AES-256-ECB Encrypt NIST KAT #4
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04"
+
+AES-256-ECB Encrypt NIST KAT #5
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"623a52fcea5d443e48d9181ab32c7421"
+
+AES-256-ECB Encrypt NIST KAT #6
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"38f2c7ae10612415d27ca190d27da8b4"
+
+AES-256-ECB Encrypt NIST KAT #7
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2"
+
+AES-256-ECB Encrypt NIST KAT #8
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffc0000000000000000000000000":"1f8eedea0f62a1406d58cfc3ecea72cf"
+
+AES-256-ECB Encrypt NIST KAT #9
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffe0000000000000000000000000":"abf4154a3375a1d3e6b1d454438f95a6"
+
+AES-256-ECB Encrypt NIST KAT #10
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5"
+
+AES-256-ECB Encrypt NIST KAT #11
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffffffffffc000000000000000000000000000":"00000000000000000000000000000000":"b4da5df4becb5462e03a0ed00d295629"
+
+AES-256-ECB Encrypt NIST KAT #12
+depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
+test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b"
+
+ARIA-128-ECB Encrypt - RFC 5794
+depends_on:MBEDTLS_ARIA_C
+test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f":"00112233445566778899aabbccddeeff":"d718fbd6ab644c739da95f3be6451778"
+
+ARIA-192-ECB Encrypt - RFC 5794
+depends_on:MBEDTLS_ARIA_C
+test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f1011121314151617":"00112233445566778899aabbccddeeff":"26449c1805dbe7aa25a468ce263a9e79"
+
+ARIA-256-ECB Encrypt - RFC 5794
+depends_on:MBEDTLS_ARIA_C
+test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc"
+
+Camellia-128-ECB Encrypt RFC3713 #1
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba9876543210":"0123456789abcdeffedcba9876543210":"67673138549669730857065648eabe43"
+
+Camellia-192-ECB Encrypt RFC3713 #1
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba98765432100011223344556677":"0123456789abcdeffedcba9876543210":"b4993401b3e996f84ee5cee7d79b09b9"
+
+Camellia-256-ECB Encrypt RFC3713 #1
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff":"0123456789abcdeffedcba9876543210":"9acc237dff16d76c20ef7c919e3a7509"
+
+Camellia-128-ECB Encrypt Perl EVP #1 [#1]
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"77CF412067AF8270613529149919546F"
+
+Camellia-192-ECB Encrypt Perl EVP #1 [#1]
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"B22F3C36B72D31329EEE8ADDC2906C68"
+
+Camellia-256-ECB Encrypt Perl EVP #1 [#1]
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"2EDF1F3418D53B88841FC8985FB1ECF2"
+
+Camellia-128-ECB Encrypt Perl EVP #1 [#2]
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"6BC1BEE22E409F96E93D7E117393172A":"432FC5DCD628115B7C388D770B270C96"
+
+Camellia-128-ECB Encrypt Perl EVP #2
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"0BE1F14023782A22E8384C5ABB7FAB2B"
+
+Camellia-128-ECB Encrypt Perl EVP #3
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"30C81C46A35CE411E5FBC1191A0A52EF":"A0A1ABCD1893AB6FE0FE5B65DF5F8636"
+
+Camellia-128-ECB Encrypt Perl EVP #4
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"F69F2445DF4F9B17AD2B417BE66C3710":"E61925E0D5DFAA9BB29F815B3076E51A"
+
+Camellia-192-ECB Encrypt Perl EVP #1 [#2]
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"6BC1BEE22E409F96E93D7E117393172A":"CCCC6C4E138B45848514D48D0D3439D3"
+
+Camellia-192-ECB Encrypt Perl EVP #2
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"5713C62C14B2EC0F8393B6AFD6F5785A"
+
+Camellia-192-ECB Encrypt Perl EVP #3
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"30C81C46A35CE411E5FBC1191A0A52EF":"B40ED2B60EB54D09D030CF511FEEF366"
+
+Camellia-192-ECB Encrypt Perl EVP #4
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"F69F2445DF4F9B17AD2B417BE66C3710":"909DBD95799096748CB27357E73E1D26"
+
+Camellia-256-ECB Encrypt Perl EVP #1 [#2]
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"6BC1BEE22E409F96E93D7E117393172A":"BEFD219B112FA00098919CD101C9CCFA"
+
+Camellia-256-ECB Encrypt Perl EVP #2
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"C91D3A8F1AEA08A9386CF4B66C0169EA"
+
+Camellia-256-ECB Encrypt Perl EVP #3
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"30C81C46A35CE411E5FBC1191A0A52EF":"A623D711DC5F25A51BB8A80D56397D28"
+
+Camellia-256-ECB Encrypt Perl EVP #4
+test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"F69F2445DF4F9B17AD2B417BE66C3710":"7960109FB6DC42947FCFE59EA3C5EB6B"
+
diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function
new file mode 100644
index 0000000..239568c
--- /dev/null
+++ b/tests/suites/test_suite_block_cipher.function
@@ -0,0 +1,94 @@
+/* BEGIN_HEADER */
+#include "block_cipher_internal.h"
+
+#define BLOCK_SIZE 16
+
+#if defined(MBEDTLS_AES_C)
+#define VALID_CIPHER_ID MBEDTLS_CIPHER_ID_AES
+#define BADKEY_ERROR MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
+#elif defined(MBEDTLS_ARIA_C)
+#define VALID_CIPHER_ID MBEDTLS_CIPHER_ID_ARIA
+#define BADKEY_ERROR MBEDTLS_ERR_ARIA_BAD_INPUT_DATA
+#elif defined(MBEDTLS_CAMELLIA_C)
+#define VALID_CIPHER_ID MBEDTLS_CIPHER_ID_CAMELLIA
+#define BADKEY_ERROR MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA
+#else
+#undef VALID_CIPHER_ID
+#endif
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_BLOCK_CIPHER_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:VALID_CIPHER_ID */
+void invalid()
+{
+ /* That size is valid for a key or an input/output block. */
+ unsigned char buf[16] = { 0 };
+
+ mbedtls_block_cipher_context_t ctx;
+
+ mbedtls_block_cipher_init(&ctx);
+
+ /* Bad parameters to setup */
+ TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_block_cipher_setup(&ctx, MBEDTLS_CIPHER_ID_NONE));
+ TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA,
+ mbedtls_block_cipher_setup(&ctx, MBEDTLS_CIPHER_ID_DES));
+
+ /* setkey() before successful setup() */
+ TEST_EQUAL(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT,
+ mbedtls_block_cipher_setkey(&ctx, buf, 128));
+
+ /* encrypt() before successful setup() */
+ TEST_EQUAL(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT,
+ mbedtls_block_cipher_encrypt(&ctx, buf, buf));
+
+ /* free() before successful setup()
+ * No return value to check, but shouldn't cause memory errors. */
+ mbedtls_block_cipher_free(&ctx);
+
+ /* Now properly setup the context */
+ mbedtls_block_cipher_init(&ctx);
+ TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, VALID_CIPHER_ID));
+
+ /* Bad parameters to setkey() */
+ TEST_EQUAL(BADKEY_ERROR,
+ mbedtls_block_cipher_setkey(&ctx, buf, 42));
+
+exit:
+ mbedtls_block_cipher_free(&ctx);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void test_vec(int cipher_id_arg, data_t *key, data_t *input, data_t *outref)
+{
+ mbedtls_block_cipher_context_t ctx;
+ mbedtls_cipher_id_t cipher_id = cipher_id_arg;
+ unsigned char output[BLOCK_SIZE];
+
+ mbedtls_block_cipher_init(&ctx);
+
+ memset(output, 0x00, sizeof(output));
+
+ TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, cipher_id));
+ TEST_EQUAL(0, mbedtls_block_cipher_setkey(&ctx, key->x, 8 * key->len));
+
+ /* Encrypt with input != output */
+ TEST_EQUAL(0, mbedtls_block_cipher_encrypt(&ctx, input->x, output));
+ ASSERT_COMPARE(output, BLOCK_SIZE, outref->x, outref->len);
+
+ /* Encrypt with input == output.
+ * (Also, encrypting again ensures the previous call to encrypt()
+ * did not change the state of the context.) */
+ memcpy(output, input->x, BLOCK_SIZE);
+ TEST_EQUAL(0, mbedtls_block_cipher_encrypt(&ctx, output, output));
+ ASSERT_COMPARE(output, BLOCK_SIZE, outref->x, outref->len);
+
+exit:
+ mbedtls_block_cipher_free(&ctx);
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 881429c..fa0b03b 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -24,6 +24,17 @@
#define RSA_KEY_SIZE MBEDTLS_RSA_GEN_KEY_MIN_BITS
#define RSA_KEY_LEN (MBEDTLS_RSA_GEN_KEY_MIN_BITS/8)
+/* MBEDTLS_TEST_PK_PSA_SIGN is enabled when:
+ * - The build has PK_[PARSE/WRITE]_C for RSA or ECDSA signature.
+ * - The build has built-in ECC and ECDSA signature.
+ */
+#if (defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \
+ ((defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)) || \
+ defined(MBEDTLS_PK_CAN_ECDSA_SIGN))) || \
+ (defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_CAN_ECDSA_SIGN))
+#define MBEDTLS_TEST_PK_PSA_SIGN
+#endif
+
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id)
{
@@ -1274,7 +1285,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO */
+/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
void pk_psa_sign(int parameter_arg,
int psa_type_arg, int expected_bits_arg)
{
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 5bd12eb..b4f2d23 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -142,7 +142,6 @@
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
{
- psa_key_handle_t handle;
mbedtls_svc_key_id_t key_with_invalid_owner =
mbedtls_svc_key_id_make(owner_id + 1,
MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key));
@@ -150,8 +149,8 @@
TEST_ASSERT(mbedtls_key_owner_id_equal(
owner_id,
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key)));
- TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle),
- PSA_ERROR_DOES_NOT_EXIST);
+ TEST_EQUAL(psa_get_key_attributes(key_with_invalid_owner, &attributes),
+ PSA_ERROR_INVALID_HANDLE);
}
#endif
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index a19e08a..7cdf17e 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -2041,6 +2041,12 @@
restored.resumption_key,
original.resumption_key_len) == 0);
}
+
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ TEST_ASSERT(
+ original.max_early_data_size == restored.max_early_data_size);
+#endif
+
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (endpoint_type == MBEDTLS_SSL_IS_SERVER) {
TEST_ASSERT(original.start == restored.start);