Merge pull request #3996 from stevew817/feature/allow_reading_external_keys
Allow loading external wrapped keys
diff --git a/.mypy.ini b/.mypy.ini
new file mode 100644
index 0000000..6b831dd
--- /dev/null
+++ b/.mypy.ini
@@ -0,0 +1,4 @@
+[mypy]
+mypy_path = scripts
+namespace_packages = True
+warn_unused_configs = True
diff --git a/.pylintrc b/.pylintrc
index ad25a7c..5f3d2b2 100644
--- a/.pylintrc
+++ b/.pylintrc
@@ -1,3 +1,6 @@
+[MASTER]
+init-hook='import sys; sys.path.append("scripts")'
+
[BASIC]
# We're ok with short funtion argument names.
# [invalid-name]
diff --git a/.travis.yml b/.travis.yml
index 76cb1c5..9b729ec 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -17,7 +17,7 @@
language: python # Needed to get pip for Python 3
python: 3.5 # version from Ubuntu 16.04
install:
- - pip install pylint==2.4.4
+ - pip install mypy==0.780 pylint==2.4.4
script:
- tests/scripts/all.sh -k 'check_*'
- tests/scripts/all.sh -k test_default_out_of_box
diff --git a/ChangeLog.d/psa-crypto-rename-output-buffer-size-macros.txt b/ChangeLog.d/psa-crypto-rename-output-buffer-size-macros.txt
new file mode 100644
index 0000000..1e8fb5f
--- /dev/null
+++ b/ChangeLog.d/psa-crypto-rename-output-buffer-size-macros.txt
@@ -0,0 +1,9 @@
+API changes
+ * Renamed the PSA Crypto API output buffer size macros to bring them in line
+ with version 1.0.0 of the specification.
+
+New deprecations
+ * PSA_KEY_EXPORT_MAX_SIZE, PSA_HASH_SIZE, PSA_MAC_FINAL_SIZE,
+ PSA_BLOCK_CIPHER_BLOCK_SIZE, PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE and
+ PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN have been renamed, and the old names
+ deprecated.
diff --git a/ChangeLog.d/rsa_private-ret.txt b/ChangeLog.d/rsa_private-ret.txt
new file mode 100644
index 0000000..b965cea
--- /dev/null
+++ b/ChangeLog.d/rsa_private-ret.txt
@@ -0,0 +1,2 @@
+Bugfix
+ * Fix an incorrect error code if an RSA private operation glitched.
diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md
new file mode 100644
index 0000000..71bf968
--- /dev/null
+++ b/docs/architecture/testing/psa-storage-format-testing.md
@@ -0,0 +1,103 @@
+# Mbed TLS PSA keystore format stability testing strategy
+
+## Introduction
+
+The PSA crypto subsystem includes a persistent key store. It is possible to create a persistent key and read it back later. This must work even if Mbed TLS has been upgraded in the meantime (except for deliberate breaks in the backward compatibility of the storage).
+
+The goal of this document is to define a test strategy for the key store that not only validates that it's possible to load a key that was saved with the version of Mbed TLS under test, but also that it's possible to load a key that was saved with previous versions of Mbed TLS.
+
+Interoperability is not a goal: PSA crypto implementations are not intended to have compatible storage formats. Downgrading is not required to work.
+
+## General approach
+
+### Limitations of a direct approach
+
+The goal of storage format stability testing is: as a user of Mbed TLS, I want to store a key under version V and read it back under version W, with W ≥ V.
+
+Doing the testing this way would be difficult because we'd need to have version V of Mbed TLS available when testing version W.
+
+An alternative, semi-direct approach consists of generating test data under version V, and reading it back under version W. Done naively, this would require keeping a large amount of test data (full test coverage multiplied by the number of versions that we want to preserve backward compatibility with).
+
+### Save-and-compare approach
+
+Importing and saving a key is deterministic. Therefore we can ensure the stability of the storage format by creating test cases under a version V of Mbed TLS, where the test case parameters include both the parameters to pass to key creation and the expected state of the storage after the key is created. The test case creates a key as indicated by the parameters, then compares the actual state of the storage with the expected state. In addition, the test case also loads the key and checks that it has the expected data and metadata.
+
+If the test passes with version V, this means that the test data is consistent with what the implementation does. When the test later runs under version W ≥ V, it creates and reads back a storage state which is known to be identical to the state that V would have produced. Thus, this approach validates that W can read storage states created by V.
+
+Use a similar approach for files other than keys where possible and relevant.
+
+### Keeping up with storage format evolution
+
+Test cases should normally not be removed from the code base: if something has worked before, it should keep working in future versions, so we should keep testing it.
+
+If the way certain keys are stored changes, and we don't deliberately decide to stop supporting old keys (which should only be done by retiring a version of the storage format), then we should keep the corresponding test cases in load-only mode: create a file with the expected content, load it and check the data that it contains.
+
+## Storage architecture overview
+
+The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifer (a 64-bit number) to file content (a byte array). These files include:
+
+* [Key files](#key-storage) (files containing one key's metadata and, except for some secure element keys, key material).
+* The [random generator injected seed or state file](#random-generator-state) (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`).
+* [Storage transaction file](#storage-transaction-resumption).
+* [Driver state files](#driver-state-files).
+
+For a more detailed description, refer to the [Mbed Crypto storage specification](../mbed-crypto-storage-specification.md).
+
+In addition, Mbed TLS includes an implementation of the PSA trusted storage interface on top of C stdio. This document addresses the test strategy for [PSA ITS over file](#psa-its-over-file) in a separate section below.
+
+## Key storage testing
+
+This section describes the desired test cases for keys created with the current storage format version. When the storage format changes, if backward compatibility is desired, old test data should be kept as described under [“Keeping up with storage format evolution”](#keeping-up-with-storage-format-evolution).
+
+### Keystore layout
+
+Objective: test that the key file name corresponds to the key identifier.
+
+Method: Create a key with a given identifier (using `psa_import_key`) and verify that a file with the expected name is created, and no other. Repeat for different identifiers.
+
+### General key format
+
+Objective: test the format of the key file: which field goes where and how big it is.
+
+Method: Create a key with certain metadata with `psa_import_key`. Read the file content and validate that it has the expected layout, deduced from the storage specification. Repeat with different metadata. Ensure that there are test cases covering all fields.
+
+### Enumeration of test cases for keys
+
+Objective: ensure that the coverage is sufficient to have assurance that all keys are stored correctly. This requires a sufficient selection of key types, sizes, policies, etc.
+
+In particular, the tests must validate that each `PSA_xxx` constant that is stored in a key is covered by at least once test case:
+
+* Usage flags: `PSA_KEY_USAGE_xxx`.
+* Algorithms in policies: `PSA_ALG_xxx`.
+* Key types: `PSA_KEY_TYPE_xxx`, `PSA_ECC_FAMILY_xxx`, `PSA_DH_FAMILY_xxx`.
+
+Method: Each test case creates a key with `psa_import_key`, purges it from memory, then reads it back and exercises it. Generate test cases automatically based on an enumeration of available constants and some knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a certain type. Note that the generated test cases will be checked into the repository (generating test cases at runtime would not allow us to test the stability of the format, only that a given version is internally consistent).
+
+### Testing with alternative lifetime values
+
+Objective: have test coverage for lifetimes other than the default persistent lifetime (`PSA_KEY_LIFETIME_PERSISTENT`).
+
+Method:
+
+* For alternative locations: have tests conditional on the presence of a driver for that location.
+* For alternative persistence levels: TODO
+
+## Random generator state
+
+TODO
+
+## Driver state files
+
+Not yet implemented.
+
+TODO
+
+## Storage transaction resumption
+
+Only relevant for secure element support. Not yet fully implemented.
+
+TODO
+
+## PSA ITS over file
+
+TODO
diff --git a/docs/getting_started.md b/docs/getting_started.md
index 15d5a31..70c5ff4 100644
--- a/docs/getting_started.md
+++ b/docs/getting_started.md
@@ -203,7 +203,7 @@
void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len)
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
};
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -288,7 +288,7 @@
void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len)
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES),
};
psa_status_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -445,7 +445,7 @@
0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
};
- size_t expected_hash_len = PSA_HASH_SIZE(alg);
+ size_t expected_hash_len = PSA_HASH_LENGTH(alg);
printf("Verify a hash...\t");
fflush(stdout);
@@ -482,7 +482,7 @@
mbedtls_psa_crypto_free();
```
-The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm.
+The API provides the macro `PSA_HASH_LENGTH`, which returns the expected hash length (in bytes) for the specified algorithm.
#### Handling hash operation contexts
diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md
index 67ded56..47d7271 100644
--- a/docs/proposed/psa-driver-interface.md
+++ b/docs/proposed/psa-driver-interface.md
@@ -606,7 +606,8 @@
* `"public_key_size"` (integer or string, optional): this many bytes are included in every key context for a public key. If omitted, this value defaults to 0.
* `"symmetric_factor"` (integer or string, optional): every key context for a symmetric key includes this many times the key size. If omitted, this value defaults to 0.
* `"store_public_key"` (boolean, optional): If specified and true, for a key pair, the key context includes space for the public key. If omitted or false, no additional space is added for the public key.
-* `"size_function"` (string, optional): the name of a function that returns the number of bytes that the driver needs in a key context for a key. This may be a pointer to function. This must be a C identifier; more complex expressions are not permitted. If the core uses this function, it supersedes all the other properties.
+* `"size_function"` (string, optional): the name of a function that returns the number of bytes that the driver needs in a key context for a key. This may be a pointer to function. This must be a C identifier; more complex expressions are not permitted. If the core uses this function, it supersedes all the other properties except for `"builtin_key_size"` (where applicable, if present).
+* `"builtin_key_size"` (integer or string, optional): If specified, this overrides all other methods (including the `"size_function"` entry point) to determine the size of the key context for [built-in keys](#built-in-keys). This allows drivers to efficiently represent application keys as wrapped key material, but built-in keys by an internal identifier that takes up less space.
The integer properties must be C language constants. A typical value for `"base_size"` is `sizeof(acme_key_context_t)` where `acme_key_context_t` is a type defined in a driver header file.
@@ -662,6 +663,7 @@
* `"generate_key"`: called by `psa_generate_key()`.
* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()`.
* `"copy_key"`: called by `psa_copy_key()` when copying a key within the same [location](#lifetimes-and-locations).
+* `"get_builtin_key"`: called by functions that access a key to retrieve information about a [built-in key](#built-in-keys).
In addition, secure elements that store the key material internally must provide the following two entry points:
@@ -792,6 +794,37 @@
In a multithreaded environment, the driver may only call these two functions from the thread that is executing the entry point.
+#### Built-in keys
+
+Opaque drivers may declare built-in keys. Built-in keys can be accessed, but not created, through the PSA Cryptography API.
+
+A built-in key is identified by its location and its **slot number**. Drivers that support built-in keys must provide a `"get_builtin_key"` entry point to retrieve the key data and metadata. The core calls this entry point when it needs to access the key, typically because the application requested an operation on the key. The core may keep information about the key in cache, and successive calls to access the same slot number should return the same data. This entry point has the following prototype:
+
+```
+psa_status_t acme_get_builtin_key(psa_drv_slot_number_t slot_number,
+ psa_key_attributes_t *attributes,
+ uint8_t *key_buffer,
+ size_t key_buffer_size,
+ size_t *key_buffer_length);
+```
+
+If this function returns `PSA_SUCCESS` or `PSA_ERROR_BUFFER_TOO_SMALL`, it must fill `attributes` with the attributes of the key (except for the key identifier). On success, this function must also fill `key_buffer` with the key context.
+
+On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and the persistence level `#PSA_KEY_LIFETIME_PERSISTENT`. The driver entry point may change the lifetime to one with the same location but a different persistence level. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`.
+
+The output parameter `key_buffer` points to a writable buffer of `key_buffer_size` bytes. If the driver has a [`"builtin_key_size"` property](#key-format-for-opaque-drivers) property, `key_buffer_size` has this value, otherwise `key_buffer_size` has the value determined from the key type and size.
+
+Typically, for a built-in key, the key context is a reference to key material that is kept inside the secure element, similar to the format returned by [`"allocate_key"`](#key-management-in-a-secure-element-with-storage). A driver may have built-in keys even if it doesn't have an `"allocate_key"` entry point.
+
+This entry point may return the following status values:
+
+* `PSA_SUCCESS`: the requested key exists, and the output parameters `attributes` and `key_buffer` contain the key metadata and key context respectively, and `*key_buffer_length` contains the length of the data written to `key_buffer`.
+* `PSA_ERROR_BUFFER_TOO_SMALL`: `key_buffer_size` is insufficient. In this case, the driver must pass the key's attributes in `*attributes`. In particular, `get_builtin_key(slot_number, &attributes, NULL, 0)` is a way for the core to obtain the key's attributes.
+* `PSA_ERROR_DOES_NOT_EXIST`: the requested key does not exist.
+* Other error codes such as `PSA_ERROR_COMMUNICATION_FAILURE` or `PSA_ERROR_HARDWARE_FAILURE` indicate a transient or permanent error.
+
+The core will pass authorized requests to destroy a built-in key to the [`"destroy_key"`](#key-management-in-a-secure-element-with-storage) entry point if there is one. If built-in keys must not be destroyed, it is up to the driver to reject such requests.
+
## How to use drivers from an application
### Using transparent drivers
@@ -807,7 +840,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_acme));
-psa_set_key_identifer(&attributes, 42);
+psa_set_key_identifier(&attributes, 42);
psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
psa_set_key_size(&attributes, 128);
psa_set_key_algorithm(&attributes, PSA_ALG_GCM);
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index accf51e..7f403c1 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -886,6 +886,10 @@
#error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) && ( !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) )
+#error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites"
+#endif
+
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index c5f65e1..b563a96 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1979,7 +1979,10 @@
/**
* \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
*
- * Enable modifying the maximum I/O buffer size.
+ * When this option is enabled, the SSL buffer will be resized automatically
+ * based on the negotiated maximum fragment length in each direction.
+ *
+ * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
*/
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 577c959..2097a6d 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -275,26 +275,26 @@
#endif
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-static inline uint32_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx )
+static inline size_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx )
{
#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
- return (uint32_t) mbedtls_ssl_get_output_max_frag_len( ctx )
+ return mbedtls_ssl_get_output_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+ MBEDTLS_SSL_CID_OUT_LEN_MAX;
#else
- return (uint32_t) mbedtls_ssl_get_output_max_frag_len( ctx )
+ return mbedtls_ssl_get_output_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
#endif
}
-static inline uint32_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx )
+static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx )
{
#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
- return (uint32_t) mbedtls_ssl_get_input_max_frag_len( ctx )
+ return mbedtls_ssl_get_input_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+ MBEDTLS_SSL_CID_IN_LEN_MAX;
#else
- return (uint32_t) mbedtls_ssl_get_input_max_frag_len( ctx )
+ return mbedtls_ssl_get_input_max_frag_len( ctx )
+ MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
#endif
}
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b41a20b..1adeda6 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -713,7 +713,7 @@
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p data buffer is too small. You can determine a
* sufficient buffer size by calling
- * #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits)
+ * #PSA_EXPORT_KEY_OUTPUT_SIZE(\c type, \c bits)
* where \c type is the key type
* and \c bits is the key size in bits.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -783,7 +783,7 @@
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p data buffer is too small. You can determine a
* sufficient buffer size by calling
- * #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits)
+ * #PSA_EXPORT_KEY_OUTPUT_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits)
* where \c type is the key type
* and \c bits is the key size in bits.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -822,7 +822,7 @@
* \param hash_size Size of the \p hash buffer in bytes.
* \param[out] hash_length On success, the number of bytes
* that make up the hash value. This is always
- * #PSA_HASH_SIZE(\p alg).
+ * #PSA_HASH_LENGTH(\p alg).
*
* \retval #PSA_SUCCESS
* Success.
@@ -1032,7 +1032,7 @@
* \param hash_size Size of the \p hash buffer in bytes.
* \param[out] hash_length On success, the number of bytes
* that make up the hash value. This is always
- * #PSA_HASH_SIZE(\c alg) where \c alg is the
+ * #PSA_HASH_LENGTH(\c alg) where \c alg is the
* hash algorithm that is calculated.
*
* \retval #PSA_SUCCESS
@@ -1041,7 +1041,7 @@
* The operation state is not valid (it must be active).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p hash buffer is too small. You can determine a
- * sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
+ * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg)
* where \c alg is the hash algorithm that is calculated.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -1479,7 +1479,7 @@
* \param mac_size Size of the \p mac buffer in bytes.
* \param[out] mac_length On success, the number of bytes
* that make up the MAC value. This is always
- * #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg)
+ * #PSA_MAC_LENGTH(\c key_type, \c key_bits, \c alg)
* where \c key_type and \c key_bits are the type and
* bit-size respectively of the key and \c alg is the
* MAC algorithm that is calculated.
@@ -1491,7 +1491,7 @@
* operation).
* \retval #PSA_ERROR_BUFFER_TOO_SMALL
* The size of the \p mac buffer is too small. You can determine a
- * sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
+ * sufficient buffer size by calling PSA_MAC_LENGTH().
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* \retval #PSA_ERROR_HARDWARE_FAILURE
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index 5bb5669..728d283 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -110,6 +110,18 @@
MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE )
#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) )
+#define PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) )
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) )
+#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE )
+#define PSA_HASH_SIZE( alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_HASH_LENGTH( alg ) )
+#define PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_MAC_LENGTH( key_type, key_bits, alg ) )
+#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN \
+ MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE )
/*
* Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3)
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 3df01b2..34e69be 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -68,8 +68,8 @@
* An implementation may return either 0 or the correct size
* for a hash algorithm that it recognizes, but does not support.
*/
-#define PSA_HASH_SIZE(alg) \
- ( \
+#define PSA_HASH_LENGTH(alg) \
+ ( \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
@@ -188,10 +188,11 @@
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
#endif
-/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN
+/** This macro returns the maximum supported length of the PSK for the
+ * TLS-1.2 PSK-to-MS key derivation
+ * (#PSA_ALG_TLS12_PSK_TO_MS(\p hash_alg)).
*
- * This macro returns the maximum length of the PSK supported
- * by the TLS-1.2 PSK-to-MS key derivation.
+ * The maximum supported length does not depend on the chosen hash algorithm.
*
* Quoting RFC 4279, Sect 5.3:
* TLS implementations supporting these ciphersuites MUST support
@@ -200,17 +201,21 @@
* keys is RECOMMENDED.
*
* Therefore, no implementation should define a value smaller than 64
- * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN.
+ * for #PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE.
*/
-#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128
+#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128
/** The maximum size of a block cipher supported by the implementation. */
-#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16
+#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
/** The size of the output of psa_mac_sign_finish(), in bytes.
*
* This is also the MAC size that psa_mac_verify_finish() expects.
*
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
* \param key_type The type of the MAC key.
* \param key_bits The size of the MAC key in bits.
* \param alg A MAC algorithm (\c PSA_ALG_XXX value such that
@@ -224,10 +229,10 @@
* \return Unspecified if the key parameters are not consistent
* with the algorithm.
*/
-#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \
- ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
- PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
- PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+#define PSA_MAC_LENGTH(key_type, key_bits, alg) \
+ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
+ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
+ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
((void)(key_type), (void)(key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
@@ -303,7 +308,7 @@
* implementation to delay the output until it has a full block. */
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_ROUND_UP_TO_MULTIPLE(PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE, (input_length)) : \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \
(input_length))
/** A sufficient ciphertext buffer size for psa_aead_finish().
@@ -326,7 +331,7 @@
*/
#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \
+ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
0)
/** A sufficient plaintext buffer size for psa_aead_verify().
@@ -349,12 +354,12 @@
*/
#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE : \
+ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
0)
#define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \
(PSA_ALG_IS_RSA_OAEP(alg) ? \
- 2 * PSA_HASH_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \
+ 2 * PSA_HASH_LENGTH(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \
11 /*PKCS#1v1.5*/)
/**
@@ -587,12 +592,13 @@
#define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \
(PSA_BITS_TO_BYTES(key_bits))
-/** Sufficient output buffer size for psa_export_key() or psa_export_public_key().
+/** Sufficient output buffer size for psa_export_key() or
+ * psa_export_public_key().
*
* This macro returns a compile-time constant if its arguments are
* compile-time constants.
*
- * \warning This function may call its arguments multiple times or
+ * \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
@@ -605,7 +611,7 @@
* if (status != PSA_SUCCESS) handle_error(...);
* psa_key_type_t key_type = psa_get_key_type(&attributes);
* size_t key_bits = psa_get_key_bits(&attributes);
- * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits);
+ * size_t buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits);
* psa_reset_key_attributes(&attributes);
* uint8_t *buffer = malloc(buffer_size);
* if (buffer == NULL) handle_error(...);
@@ -614,32 +620,12 @@
* if (status != PSA_SUCCESS) handle_error(...);
* \endcode
*
- * For psa_export_public_key(), calculate the buffer size from the
- * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR
- * to convert a key pair type to the corresponding public key type.
- * \code{c}
- * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- * psa_status_t status;
- * status = psa_get_key_attributes(key, &attributes);
- * if (status != PSA_SUCCESS) handle_error(...);
- * psa_key_type_t key_type = psa_get_key_type(&attributes);
- * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(key_type);
- * size_t key_bits = psa_get_key_bits(&attributes);
- * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits);
- * psa_reset_key_attributes(&attributes);
- * uint8_t *buffer = malloc(buffer_size);
- * if (buffer == NULL) handle_error(...);
- * size_t buffer_length;
- * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
- * if (status != PSA_SUCCESS) handle_error(...);
- * \endcode
- *
* \param key_type A supported key type.
* \param key_bits The size of the key in bits.
*
* \return If the parameters are valid and supported, return
* a buffer size in bytes that guarantees that
- * psa_sign_hash() will not fail with
+ * psa_export_key() or psa_export_public_key() will not fail with
* #PSA_ERROR_BUFFER_TOO_SMALL.
* If the parameters are a valid combination that is not supported
* by the implementation, this macro shall return either a
@@ -647,14 +633,14 @@
* If the parameters are not valid, the
* return value is unspecified.
*/
-#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \
- (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
- (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \
+#define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) \
+ (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \
(key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
- (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \
+ (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \
(key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
- PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
- PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \
+ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
0)
/** The default nonce size for an AEAD algorithm, in bytes.
@@ -683,7 +669,7 @@
* and AEAD algorithm that it recognizes, but does not support.
*/
#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
- (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) == 16 && \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 && \
(PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CCM || \
PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_GCM) ? 12 : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
@@ -727,13 +713,13 @@
* and cipher algorithm that it recognizes, but does not support.
*/
#define PSA_CIPHER_IV_LENGTH(key_type, alg) \
- (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) > 1 && \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
((alg) == PSA_ALG_CTR || \
(alg) == PSA_ALG_CFB || \
(alg) == PSA_ALG_OFB || \
(alg) == PSA_ALG_XTS || \
(alg) == PSA_ALG_CBC_NO_PADDING || \
- (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+ (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
(alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
0)
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 9610d5f..81a8575 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -363,7 +363,7 @@
* used for.
*
* HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
+ * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
* \c alg is the HMAC algorithm or the underlying hash algorithm. */
#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
@@ -594,9 +594,9 @@
*
* \warning This macro may evaluate its argument multiple times.
*/
-#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \
+#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
(((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
- 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
+ 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
0u)
/** Vendor-defined algorithm flag.
diff --git a/library/cmac.c b/library/cmac.c
index 59ece15..06f8eec 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -45,22 +45,10 @@
#include "mbedtls/cmac.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
+#include "mbedtls/platform.h"
#include <string.h>
-
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdlib.h>
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#if defined(MBEDTLS_SELF_TEST)
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_SELF_TEST */
-#endif /* MBEDTLS_PLATFORM_C */
-
#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
/*
@@ -793,6 +781,18 @@
if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
{
+ /* When CMAC is implemented by an alternative implementation, or
+ * the underlying primitive itself is implemented alternatively,
+ * AES-192 may be unavailable. This should not cause the selftest
+ * function to fail. */
+ if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+ ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
+ cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) {
+ if( verbose != 0 )
+ mbedtls_printf( "skipped\n" );
+ goto next_test;
+ }
+
if( verbose != 0 )
mbedtls_printf( "test execution failed\n" );
@@ -820,6 +820,7 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+next_test:
mbedtls_cipher_free( &ctx );
}
@@ -864,6 +865,18 @@
if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
message_lengths[i], output ) ) != 0 )
{
+ /* When CMAC is implemented by an alternative implementation, or
+ * the underlying primitive itself is implemented alternatively,
+ * AES-192 may be unavailable. This should not cause the selftest
+ * function to fail. */
+ if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+ ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
+ cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) {
+ if( verbose != 0 )
+ mbedtls_printf( "skipped\n" );
+ continue;
+ }
+
if( verbose != 0 )
mbedtls_printf( "failed\n" );
goto exit;
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 22fb5e3..355bd90 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -217,6 +217,9 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \
+ !defined(MBEDTLS_ECDSA_SIGN_ALT) || \
+ !defined(MBEDTLS_ECDSA_VERIFY_ALT)
/*
* Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
@@ -239,6 +242,7 @@
cleanup:
return( ret );
}
+#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */
#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
/*
@@ -766,6 +770,8 @@
(void) md_alg;
#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+ (void) rs_ctx;
+
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
hash, hlen, f_rng, p_rng ) );
#else
@@ -874,6 +880,8 @@
goto cleanup;
}
#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+ (void) rs_ctx;
+
if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &r, &s ) ) != 0 )
goto cleanup;
diff --git a/library/ecjpake.c b/library/ecjpake.c
index 315da4a..bd47169 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -820,6 +820,8 @@
0x65, 0x73, 0x74
};
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
static const unsigned char ecjpake_test_x1[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
@@ -964,6 +966,8 @@
return( ret );
}
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
+
/* For tests we don't need a secure RNG;
* use the LGC from Numerical Recipes for simplicity */
static int ecjpake_lgc( void *p, unsigned char *out, size_t len )
@@ -1059,6 +1063,12 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+ /* 'reference handshake' tests can only be run against implementations
+ * for which we have 100% control over how the random ephemeral keys
+ * are generated. This is only the case for the internal mbed TLS
+ * implementation, so these tests are skipped in case the internal
+ * implementation is swapped out for an alternative one. */
if( verbose != 0 )
mbedtls_printf( " ECJPAKE test #2 (reference handshake): " );
@@ -1107,6 +1117,7 @@
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
cleanup:
mbedtls_ecjpake_free( &cli );
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4f7be40..39144a3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -135,9 +135,11 @@
psa_status_t mbedtls_to_psa_error( int ret )
{
- /* If there's both a high-level code and low-level code, dispatch on
- * the high-level code. */
- switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
+ /* Mbed TLS error codes can combine a high-level error code and a
+ * low-level error code. The low-level error usually reflects the
+ * root cause better, so dispatch on that preferably. */
+ int low_level_ret = - ( -ret & 0x007f );
+ switch( low_level_ret != 0 ? low_level_ret : ret )
{
case 0:
return( PSA_SUCCESS );
@@ -344,7 +346,7 @@
case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
return( PSA_ERROR_BUFFER_TOO_SMALL );
case MBEDTLS_ERR_RSA_RNG_FAILED:
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:
return( PSA_ERROR_NOT_SUPPORTED );
case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED:
@@ -372,8 +374,11 @@
return( PSA_ERROR_INVALID_SIGNATURE );
case MBEDTLS_ERR_ECP_ALLOC_FAILED:
return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ case MBEDTLS_ERR_ECP_RANDOM_FAILED:
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED:
return( PSA_ERROR_HARDWARE_FAILURE );
+
case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED:
return( PSA_ERROR_CORRUPTION_DETECTED );
@@ -2768,7 +2773,7 @@
{
psa_status_t status;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t actual_hash_length = PSA_HASH_SIZE( operation->alg );
+ size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg );
/* Fill the output buffer with something that isn't a valid hash
* (barring an attack on the hash and deliberately-crafted input),
@@ -3245,7 +3250,7 @@
{
uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
size_t i;
- size_t hash_size = PSA_HASH_SIZE( hash_alg );
+ size_t hash_size = PSA_HASH_LENGTH( hash_alg );
size_t block_size = psa_get_hash_block_size( hash_alg );
psa_status_t status;
@@ -3361,7 +3366,7 @@
goto exit;
}
- operation->mac_size = PSA_HASH_SIZE( hash_alg );
+ operation->mac_size = PSA_HASH_LENGTH( hash_alg );
/* Sanity check. This shouldn't fail on a valid configuration. */
if( operation->mac_size == 0 ||
operation->mac_size > sizeof( operation->ctx.hmac.opad ) )
@@ -3531,7 +3536,7 @@
#if defined(MBEDTLS_CMAC_C)
if( operation->alg == PSA_ALG_CMAC )
{
- uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
+ uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE];
int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
if( ret == 0 )
memcpy( mac, tmp, operation->mac_size );
@@ -4487,11 +4492,11 @@
#endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
- PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( slot->attr.type ) );
if( ( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG ) != 0 &&
alg != PSA_ALG_ECB_NO_PADDING )
{
- operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->attr.type );
+ operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( slot->attr.type );
}
#if defined(MBEDTLS_CHACHA20_C)
else
@@ -4951,7 +4956,7 @@
/* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
* The call to mbedtls_ccm_encrypt_and_tag or
* mbedtls_ccm_auth_decrypt will validate the tag length. */
- if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
+ if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto cleanup;
@@ -4973,7 +4978,7 @@
/* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
* The call to mbedtls_gcm_crypt_and_tag or
* mbedtls_gcm_auth_decrypt will validate the tag length. */
- if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->attr.type ) != 16 )
+ if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( operation->slot->attr.type ) != 16 )
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto cleanup;
@@ -5342,7 +5347,7 @@
uint8_t *output,
size_t output_length )
{
- uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ uint8_t hash_length = PSA_HASH_LENGTH( hash_alg );
psa_status_t status;
if( hkdf->state < HKDF_STATE_KEYED || ! hkdf->info_set )
@@ -5412,7 +5417,7 @@
psa_algorithm_t alg )
{
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
- uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ uint8_t hash_length = PSA_HASH_LENGTH( hash_alg );
psa_hash_operation_t backup = PSA_HASH_OPERATION_INIT;
psa_status_t status, cleanup_status;
@@ -5522,7 +5527,7 @@
size_t output_length )
{
psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
- uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+ uint8_t hash_length = PSA_HASH_LENGTH( hash_alg );
psa_status_t status;
uint8_t offset, length;
@@ -5752,7 +5757,7 @@
if( is_kdf_alg_supported )
{
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
- size_t hash_size = PSA_HASH_SIZE( hash_alg );
+ size_t hash_size = PSA_HASH_LENGTH( hash_alg );
if( hash_size == 0 )
return( PSA_ERROR_NOT_SUPPORTED );
if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
@@ -5840,7 +5845,7 @@
sizeof( hkdf->prk ) );
if( status != PSA_SUCCESS )
return( status );
- hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg );
+ hkdf->offset_in_block = PSA_HASH_LENGTH( hash_alg );
hkdf->block_number = 0;
hkdf->state = HKDF_STATE_KEYED;
return( PSA_SUCCESS );
@@ -5958,10 +5963,10 @@
size_t data_length )
{
psa_status_t status;
- uint8_t pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
+ uint8_t pms[ 4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ];
uint8_t *cur = pms;
- if( data_length > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
+ if( data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE )
return( PSA_ERROR_INVALID_ARGUMENT );
/* Quoting RFC 4279, Section 2:
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index c3ea6f1..1243bd3 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -263,7 +263,7 @@
switch( location )
{
case PSA_KEY_LOCATION_LOCAL_STORAGE:
- buffer_size = PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits );
+ buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits );
if( buffer_size == 0 )
return( PSA_ERROR_NOT_SUPPORTED );
@@ -280,7 +280,7 @@
if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) )
{
int public_key_overhead = ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) ?
- PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) : 0 );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 );
*expected_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE
+ TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE
+ public_key_overhead;
diff --git a/library/rsa.c b/library/rsa.c
index d6abd65..9fe551d 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1076,10 +1076,10 @@
mbedtls_mpi_free( &C );
mbedtls_mpi_free( &I );
- if( ret != 0 )
+ if( ret != 0 && ret >= -0x007f )
return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret );
- return( 0 );
+ return( ret );
}
#if defined(MBEDTLS_PKCS1_V21)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a1a5859..336cbea 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -260,6 +260,70 @@
return 0;
}
+
+static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing,
+ size_t in_buf_new_len,
+ size_t out_buf_new_len )
+{
+ int modified = 0;
+ size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
+ size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
+ if( ssl->in_buf != NULL )
+ {
+ written_in = ssl->in_msg - ssl->in_buf;
+ iv_offset_in = ssl->in_iv - ssl->in_buf;
+ len_offset_in = ssl->in_len - ssl->in_buf;
+ if( downsizing ?
+ ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len :
+ ssl->in_buf_len < in_buf_new_len )
+ {
+ if( resize_buffer( &ssl->in_buf, in_buf_new_len, &ssl->in_buf_len ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", in_buf_new_len ) );
+ modified = 1;
+ }
+ }
+ }
+
+ if( ssl->out_buf != NULL )
+ {
+ written_out = ssl->out_msg - ssl->out_buf;
+ iv_offset_out = ssl->out_iv - ssl->out_buf;
+ len_offset_out = ssl->out_len - ssl->out_buf;
+ if( downsizing ?
+ ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len :
+ ssl->out_buf_len < out_buf_new_len )
+ {
+ if( resize_buffer( &ssl->out_buf, out_buf_new_len, &ssl->out_buf_len ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", out_buf_new_len ) );
+ modified = 1;
+ }
+ }
+ }
+ if( modified )
+ {
+ /* Update pointers here to avoid doing it twice. */
+ mbedtls_ssl_reset_in_out_pointers( ssl );
+ /* Fields below might not be properly updated with record
+ * splitting or with CID, so they are manually updated here. */
+ ssl->out_msg = ssl->out_buf + written_out;
+ ssl->out_len = ssl->out_buf + len_offset_out;
+ ssl->out_iv = ssl->out_buf + iv_offset_out;
+
+ ssl->in_msg = ssl->in_buf + written_in;
+ ssl->in_len = ssl->in_buf + len_offset_in;
+ ssl->in_iv = ssl->in_buf + iv_offset_in;
+ }
+}
#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */
/*
@@ -3686,64 +3750,9 @@
}
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
/* If the buffers are too small - reallocate */
- {
- int modified = 0;
- size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
- size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
- if( ssl->in_buf != NULL )
- {
- written_in = ssl->in_msg - ssl->in_buf;
- iv_offset_in = ssl->in_iv - ssl->in_buf;
- len_offset_in = ssl->in_len - ssl->in_buf;
- if( ssl->in_buf_len < MBEDTLS_SSL_IN_BUFFER_LEN )
- {
- if( resize_buffer( &ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN,
- &ssl->in_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", MBEDTLS_SSL_IN_BUFFER_LEN ) );
- modified = 1;
- }
- }
- }
- if( ssl->out_buf != NULL )
- {
- written_out = ssl->out_msg - ssl->out_buf;
- iv_offset_out = ssl->out_iv - ssl->out_buf;
- len_offset_out = ssl->out_len - ssl->out_buf;
- if( ssl->out_buf_len < MBEDTLS_SSL_OUT_BUFFER_LEN )
- {
- if( resize_buffer( &ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN,
- &ssl->out_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", MBEDTLS_SSL_OUT_BUFFER_LEN ) );
- modified = 1;
- }
- }
- }
- if( modified )
- {
- /* Update pointers here to avoid doing it twice. */
- mbedtls_ssl_reset_in_out_pointers( ssl );
- /* Fields below might not be properly updated with record
- * splitting or with CID, so they are manually updated here. */
- ssl->out_msg = ssl->out_buf + written_out;
- ssl->out_len = ssl->out_buf + len_offset_out;
- ssl->out_iv = ssl->out_buf + iv_offset_out;
-
- ssl->in_msg = ssl->in_buf + written_in;
- ssl->in_len = ssl->in_buf + len_offset_in;
- ssl->in_iv = ssl->in_buf + iv_offset_in;
- }
- }
+ handle_buffer_resizing( ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN,
+ MBEDTLS_SSL_OUT_BUFFER_LEN );
#endif
/* All pointers should exist and can be directly freed without issue */
@@ -6068,66 +6077,8 @@
* processes datagrams and the fact that a datagram is allowed to have
* several records in it, it is possible that the I/O buffers are not
* empty at this stage */
- {
- int modified = 0;
- uint32_t buf_len = mbedtls_ssl_get_input_buflen( ssl );
- size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0;
- size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0;
- if( ssl->in_buf != NULL )
- {
- written_in = ssl->in_msg - ssl->in_buf;
- iv_offset_in = ssl->in_iv - ssl->in_buf;
- len_offset_in = ssl->in_len - ssl->in_buf;
- if( ssl->in_buf_len > buf_len && ssl->in_left < buf_len )
- {
- if( resize_buffer( &ssl->in_buf, buf_len, &ssl->in_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %d", buf_len ) );
- modified = 1;
- }
- }
- }
-
-
- buf_len = mbedtls_ssl_get_output_buflen( ssl );
- if(ssl->out_buf != NULL )
- {
- written_out = ssl->out_msg - ssl->out_buf;
- iv_offset_out = ssl->out_iv - ssl->out_buf;
- len_offset_out = ssl->out_len - ssl->out_buf;
- if( ssl->out_buf_len > mbedtls_ssl_get_output_buflen( ssl ) &&
- ssl->out_left < buf_len )
- {
- if( resize_buffer( &ssl->out_buf, buf_len, &ssl->out_buf_len ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) );
- }
- else
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %d", buf_len ) );
- modified = 1;
- }
- }
- }
- if( modified )
- {
- /* Update pointers here to avoid doing it twice. */
- mbedtls_ssl_reset_in_out_pointers( ssl );
- /* Fields below might not be properly updated with record
- * splitting or with CID, so they are manually updated here. */
- ssl->out_msg = ssl->out_buf + written_out;
- ssl->out_len = ssl->out_buf + len_offset_out;
- ssl->out_iv = ssl->out_buf + iv_offset_out;
-
- ssl->in_msg = ssl->in_buf + written_in;
- ssl->in_len = ssl->in_buf + len_offset_in;
- ssl->in_iv = ssl->in_buf + iv_offset_in;
- }
- }
+ handle_buffer_resizing( ssl, 1, mbedtls_ssl_get_input_buflen( ssl ),
+ mbedtls_ssl_get_output_buflen( ssl ) );
#endif
}
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 32c6550..498b8b0 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -163,7 +163,7 @@
return(
mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
- 0, buf + sizeof(buf) - len, len ) );
+ is_ca, buf + sizeof(buf) - len, len ) );
}
#if defined(MBEDTLS_SHA1_C)
diff --git a/programs/.gitignore b/programs/.gitignore
index 88fb9d5..33593e0 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -1,7 +1,13 @@
+# Ignore makefiles generated by CMake, but not the makefile that's checked in.
*/Makefile
+!fuzz/Makefile
+
*.sln
*.vcxproj
+*.o
+*.exe
+
aes/aescrypt2
aes/crypt_and_hash
hash/generic_sum
diff --git a/programs/Makefile b/programs/Makefile
index 9cbc471..e0a324f 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -267,21 +267,32 @@
echo " CC ssl/ssl_client1.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client1.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c test/query_config.c $(DEP)
+SSL_TEST_OBJECTS = test/query_config.o ssl/ssl_test_lib.o
+SSL_TEST_DEPS = $(SSL_TEST_OBJECTS) \
+ test/query_config.h \
+ ssl/ssl_test_lib.h \
+ ssl/ssl_test_common_source.c \
+ $(DEP)
+
+ssl/ssl_test_lib.o: ssl/ssl_test_lib.c ssl/ssl_test_lib.h $(DEP)
+ echo " CC ssl/ssl_test_lib.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c ssl/ssl_test_lib.c -o $@
+
+ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c $(SSL_TEST_DEPS)
echo " CC ssl/ssl_client2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_client2.c $(SSL_TEST_OBJECTS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
ssl/ssl_server$(EXEXT): ssl/ssl_server.c $(DEP)
echo " CC ssl/ssl_server.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c test/query_config.c $(DEP)
+ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c $(SSL_TEST_DEPS)
echo " CC ssl/ssl_server2.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_server2.c $(SSL_TEST_OBJECTS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-ssl/ssl_context_info$(EXEXT): ssl/ssl_context_info.c test/query_config.c $(DEP)
+ssl/ssl_context_info$(EXEXT): ssl/ssl_context_info.c test/query_config.o test/query_config.h $(DEP)
echo " CC ssl/ssl_context_info.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_context_info.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/ssl_context_info.c test/query_config.o $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c $(DEP)
echo " CC ssl/ssl_fork_server.c"
@@ -307,6 +318,10 @@
echo " CXX test/cpp_dummy_build.cpp"
$(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+test/query_config.o: test/query_config.c test/query_config.h $(DEP)
+ echo " CC test/query_config.c"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@
+
test/selftest$(EXEXT): test/selftest.c $(DEP)
echo " CC test/selftest.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -319,9 +334,9 @@
echo " CC test/zeroize.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/zeroize.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.c $(DEP)
+test/query_compile_time_config$(EXEXT): test/query_compile_time_config.c test/query_config.o test/query_config.h $(DEP)
echo " CC test/query_compile_time_config.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_compile_time_config.c test/query_config.o $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
util/pem2der$(EXEXT): util/pem2der.c $(DEP)
echo " CC util/pem2der.c"
diff --git a/programs/fuzz/.gitignore b/programs/fuzz/.gitignore
index 6fcc004..5dc0960 100644
--- a/programs/fuzz/.gitignore
+++ b/programs/fuzz/.gitignore
@@ -1,4 +1,3 @@
-*.o
fuzz_client
fuzz_dtlsclient
fuzz_dtlsserver
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index f0e5705..fd55e31 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -32,20 +32,24 @@
foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-
- if (NOT FUZZINGENGINE_LIB)
- target_link_libraries(${exe} ${libs})
- set_property(TARGET ${exe} APPEND PROPERTY SOURCES onefile.c)
- else()
- target_link_libraries(${exe} ${libs} FuzzingEngine)
- SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
+ set(exe_sources ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ if(NOT FUZZINGENGINE_LIB)
+ list(APPEND exe_sources onefile.c)
endif()
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_with_common_c ${exe} exe_index)
- if (${exe_index} GREATER -1)
- set_property(TARGET ${exe} APPEND PROPERTY SOURCES common.c)
+ if(${exe_index} GREATER -1)
+ list(APPEND exe_sources common.c)
+ endif()
+
+ add_executable(${exe} ${exe_sources})
+
+ if (NOT FUZZINGENGINE_LIB)
+ target_link_libraries(${exe} ${libs})
+ else()
+ target_link_libraries(${exe} ${libs} FuzzingEngine)
+ SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
endif()
endforeach()
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index d165d2e..935d657 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -159,7 +159,7 @@
cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ),
key_bits = 256,
part_size = block_size,
};
@@ -207,7 +207,7 @@
static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ),
key_bits = 256,
input_size = 100,
part_size = 10,
@@ -255,7 +255,7 @@
static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
{
enum {
- block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+ block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ),
key_bits = 256,
input_size = 100,
part_size = 10,
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 149aa30..dfc16a5 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -27,13 +27,21 @@
)
foreach(exe IN LISTS executables)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ set(extra_sources "")
+ if(exe STREQUAL "ssl_client2" OR exe STREQUAL "ssl_server2")
+ list(APPEND extra_sources
+ ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+ endif()
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
+ ${extra_sources})
target_link_libraries(${exe} ${libs})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
-set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES
+ ssl_test_lib.c ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES
+ ssl_test_lib.c ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 1ddfb80..876555d 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -17,68 +17,21 @@
* limitations under the License.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "ssl_test_lib.h"
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_printf printf
-#define mbedtls_fprintf fprintf
-#define mbedtls_snprintf snprintf
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#define mbedtls_exit exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
- !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
- defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
int main( void )
{
- mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
- "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
- " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
+ mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE );
mbedtls_exit( 0 );
}
-#else
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/base64.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <test/helpers.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
+#elif !defined(MBEDTLS_SSL_CLI_C)
+int main( void )
+{
+ mbedtls_printf( "MBEDTLS_SSL_CLI_C not defined.\n" );
+ mbedtls_exit( 0 );
+}
+#else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
/* Size of memory to be allocated for the heap, when using the library's memory
* management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
@@ -568,425 +521,7 @@
const char *mki; /* The dtls mki value to use */
} opt;
-int query_config( const char *config );
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-typedef struct eap_tls_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} eap_tls_keys;
-
-static int eap_tls_key_derivation ( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
- mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
- mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
- }
- return( 0 );
-}
-
-static int nss_keylog_export( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- char nss_keylog_line[ 200 ];
- size_t const client_random_len = 32;
- size_t const master_secret_len = 48;
- size_t len = 0;
- size_t j;
- int ret = 0;
-
- ((void) p_expkey);
- ((void) kb);
- ((void) maclen);
- ((void) keylen);
- ((void) ivlen);
- ((void) server_random);
- ((void) tls_prf_type);
-
- len += sprintf( nss_keylog_line + len,
- "%s", "CLIENT_RANDOM " );
-
- for( j = 0; j < client_random_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", client_random[j] );
- }
-
- len += sprintf( nss_keylog_line + len, " " );
-
- for( j = 0; j < master_secret_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", ms[j] );
- }
-
- len += sprintf( nss_keylog_line + len, "\n" );
- nss_keylog_line[ len ] = '\0';
-
- mbedtls_printf( "\n" );
- mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
- mbedtls_printf( "%s", nss_keylog_line );
- mbedtls_printf( "---------------------------------------------\n" );
-
- if( opt.nss_keylog_file != NULL )
- {
- FILE *f;
-
- if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
- {
- ret = -1;
- goto exit;
- }
-
- if( fwrite( nss_keylog_line, 1, len, f ) != len )
- {
- ret = -1;
- fclose( f );
- goto exit;
- }
-
- fclose( f );
- }
-
-exit:
- mbedtls_platform_zeroize( nss_keylog_line,
- sizeof( nss_keylog_line ) );
- return( ret );
-}
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-/* Supported SRTP mode needs a maximum of :
- * - 16 bytes for key (AES-128)
- * - 14 bytes SALT
- * One for sender, one for receiver context
- */
-#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
-typedef struct dtls_srtp_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} dtls_srtp_keys;
-
-static int dtls_srtp_key_derivation( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
- mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
- mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
- }
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-static void my_debug( void *ctx, int level,
- const char *file, int line,
- const char *str )
-{
- const char *p, *basename;
-
- /* Extract basename from file */
- for( p = basename = file; *p != '\0'; p++ )
- if( *p == '/' || *p == '\\' )
- basename = p + 1;
-
- mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
- basename, line, level, str );
- fflush( (FILE *) ctx );
-}
-
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
- (void) time;
- return 0x5af2a056;
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
- size_t i;
- int ret;
- (void) data;
-
- ret = mbedtls_entropy_func( data, output, len );
- for ( i = 0; i < len; i++ )
- {
- //replace result with pseudo random
- output[i] = (unsigned char) rand();
- }
- return( ret );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback( void *data, mbedtls_x509_crt const *child,
- mbedtls_x509_crt **candidates )
-{
- int ret = 0;
- mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
- mbedtls_x509_crt *first;
-
- /* This is a test-only implementation of the CA callback
- * which always returns the entire list of trusted certificates.
- * Production implementations managing a large number of CAs
- * should use an efficient presentation and lookup for the
- * set of trusted certificates (such as a hashtable) and only
- * return those trusted certificates which satisfy basic
- * parental checks, such as the matching of child `Issuer`
- * and parent `Subject` field or matching key identifiers. */
- ((void) child);
-
- first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
- if( first == NULL )
- {
- ret = -1;
- goto exit;
- }
- mbedtls_x509_crt_init( first );
-
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
-
- while( ca->next != NULL )
- {
- ca = ca->next;
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
- }
-
-exit:
-
- if( ret != 0 )
- {
- mbedtls_x509_crt_free( first );
- mbedtls_free( first );
- first = NULL;
- }
-
- *candidates = first;
- return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-
-static int delayed_recv( void *ctx, unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_READ );
- }
-
- ret = mbedtls_net_recv( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_READ )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-static int delayed_send( void *ctx, const unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_WRITE );
- }
-
- ret = mbedtls_net_send( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-typedef struct
-{
- mbedtls_ssl_context *ssl;
- mbedtls_net_context *net;
-} io_ctx_t;
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char const *buf, size_t len )
-{
- int ret;
- unsigned char *tmp_buf;
-
- tmp_buf = mbedtls_calloc( 1, len );
- if( tmp_buf == NULL )
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- memcpy( tmp_buf, buf, len );
-
- ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
- {
- int ret_repeated;
-
- /* Test-only: Make sure that mbedtls_ssl_check_record()
- * doesn't alter state. */
- memcpy( tmp_buf, buf, len ); /* Restore buffer */
- ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != ret_repeated )
- {
- mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
- return( -1 );
- }
-
- switch( ret )
- {
- case 0:
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_MAC:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
- break;
-
- default:
- mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
- return( -1 );
- }
-
- /* Regardless of the outcome, forward the record to the stack. */
- }
-
- mbedtls_free( tmp_buf );
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-static int recv_cb( void *ctx, unsigned char *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- size_t recv_len;
- int ret;
-
- if( opt.nbio == 2 )
- ret = delayed_recv( io_ctx->net, buf, len );
- else
- ret = mbedtls_net_recv( io_ctx->net, buf, len );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- int ret;
- size_t recv_len;
-
- ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int send_cb( void *ctx, unsigned char const *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-
- if( opt.nbio == 2 )
- return( delayed_send( io_ctx->net, buf, len ) );
-
- return( mbedtls_net_send( io_ctx->net, buf, len ) );
-}
+#include "ssl_test_common_source.c"
#if defined(MBEDTLS_X509_CRT_PARSE_C)
static unsigned char peer_crt_info[1024];
@@ -1020,75 +555,8 @@
return( 0 );
}
-
-static int ssl_sig_hashes_for_test[] = {
-#if defined(MBEDTLS_SHA512_C)
- MBEDTLS_MD_SHA512,
- MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
- MBEDTLS_MD_SHA256,
- MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C)
- /* Allow SHA-1 as we use it extensively in tests. */
- MBEDTLS_MD_SHA1,
-#endif
- MBEDTLS_MD_NONE
-};
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-/*
- * Wait for an event from the underlying transport or the timer
- * (Used in event-driven IO mode).
- */
-#if !defined(MBEDTLS_TIMING_C)
-int idle( mbedtls_net_context *fd,
- int idle_reason )
-#else
-int idle( mbedtls_net_context *fd,
- mbedtls_timing_delay_context *timer,
- int idle_reason )
-#endif
-{
-
- int ret;
- int poll_type = 0;
-
- if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
- poll_type = MBEDTLS_NET_POLL_WRITE;
- else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
- poll_type = MBEDTLS_NET_POLL_READ;
-#if !defined(MBEDTLS_TIMING_C)
- else
- return( 0 );
-#endif
-
- while( 1 )
- {
- /* Check if timer has expired */
-#if defined(MBEDTLS_TIMING_C)
- if( timer != NULL &&
- mbedtls_timing_get_delay( timer ) == 2 )
- {
- break;
- }
-#endif /* MBEDTLS_TIMING_C */
-
- /* Check if underlying transport became available */
- if( poll_type != 0 )
- {
- ret = mbedtls_net_poll( fd, poll_type, 0 );
- if( ret < 0 )
- return( ret );
- if( ret == poll_type )
- break;
- }
- }
-
- return( 0 );
-}
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl,
const char *additional_description )
@@ -1218,8 +686,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
+ rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_ssl_session saved_session;
@@ -1274,7 +741,7 @@
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
- mbedtls_ctr_drbg_init( &ctr_drbg );
+ rng_init( &rng );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
@@ -1293,7 +760,10 @@
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
goto exit;
}
-#endif
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ mbedtls_test_enable_insecure_external_rng( );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( argc == 0 )
{
@@ -2066,31 +1536,8 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &entropy );
- if (opt.reproducible)
- {
- srand( 1 );
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
- else
- {
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
-
+ if( rng_seed( &rng, opt.reproducible, pers ) != 0 )
+ goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -2436,7 +1883,7 @@
#endif
#endif
}
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
@@ -3556,8 +3003,7 @@
mbedtls_ssl_session_free( &saved_session );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
+ rng_free( &rng );
if( session_data != NULL )
mbedtls_platform_zeroize( session_data, session_data_len );
mbedtls_free( session_data );
@@ -3612,6 +3058,4 @@
else
mbedtls_exit( query_config_ret );
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
- MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
- MBEDTLS_CTR_DRBG_C MBEDTLS_TIMING_C */
+#endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 4e11cb3..57c053c 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -17,64 +17,22 @@
* limitations under the License.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "ssl_test_lib.h"
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#include <stdlib.h>
-#define mbedtls_calloc calloc
-#define mbedtls_free free
-#define mbedtls_time time
-#define mbedtls_time_t time_t
-#define mbedtls_calloc calloc
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_exit exit
-#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
-#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
-#endif
-
-#if !defined(MBEDTLS_ENTROPY_C) || \
- !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_SRV_C) || \
- !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
- defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
int main( void )
{
- mbedtls_printf( "MBEDTLS_ENTROPY_C and/or "
- "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
- "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined "
- " and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" );
+ mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE );
mbedtls_exit( 0 );
}
-#else
+#elif !defined(MBEDTLS_SSL_SRV_C)
+int main( void )
+{
+ mbedtls_printf( "MBEDTLS_SSL_SRV_C not defined.\n" );
+ mbedtls_exit( 0 );
+}
+#else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/ssl.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/certs.h"
-#include "mbedtls/x509.h"
-#include "mbedtls/error.h"
-#include "mbedtls/debug.h"
-#include "mbedtls/timing.h"
-#include "mbedtls/base64.h"
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-#endif
-
-#include <test/helpers.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
#include <stdint.h>
#if !defined(_MSC_VER)
@@ -97,10 +55,6 @@
#include "mbedtls/ssl_cookie.h"
#endif
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
-#include "mbedtls/memory_buffer_alloc.h"
-#endif
-
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_FS_IO)
#define SNI_OPTION
#endif
@@ -670,424 +624,7 @@
int support_mki; /* The dtls mki mki support */
} opt;
-int query_config( const char *config );
-
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-typedef struct eap_tls_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} eap_tls_keys;
-
-static int eap_tls_key_derivation ( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
- mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
- mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
- }
- return( 0 );
-}
-
-static int nss_keylog_export( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- char nss_keylog_line[ 200 ];
- size_t const client_random_len = 32;
- size_t const master_secret_len = 48;
- size_t len = 0;
- size_t j;
- int ret = 0;
-
- ((void) p_expkey);
- ((void) kb);
- ((void) maclen);
- ((void) keylen);
- ((void) ivlen);
- ((void) server_random);
- ((void) tls_prf_type);
-
- len += sprintf( nss_keylog_line + len,
- "%s", "CLIENT_RANDOM " );
-
- for( j = 0; j < client_random_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", client_random[j] );
- }
-
- len += sprintf( nss_keylog_line + len, " " );
-
- for( j = 0; j < master_secret_len; j++ )
- {
- len += sprintf( nss_keylog_line + len,
- "%02x", ms[j] );
- }
-
- len += sprintf( nss_keylog_line + len, "\n" );
- nss_keylog_line[ len ] = '\0';
-
- mbedtls_printf( "\n" );
- mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
- mbedtls_printf( "%s", nss_keylog_line );
- mbedtls_printf( "---------------------------------------------\n" );
-
- if( opt.nss_keylog_file != NULL )
- {
- FILE *f;
-
- if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
- {
- ret = -1;
- goto exit;
- }
-
- if( fwrite( nss_keylog_line, 1, len, f ) != len )
- {
- ret = -1;
- fclose( f );
- goto exit;
- }
-
- fclose( f );
- }
-
-exit:
- mbedtls_platform_zeroize( nss_keylog_line,
- sizeof( nss_keylog_line ) );
- return( ret );
-}
-
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
-/* Supported SRTP mode needs a maximum of :
- * - 16 bytes for key (AES-128)
- * - 14 bytes SALT
- * One for sender, one for receiver context
- */
-#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
-typedef struct dtls_srtp_keys
-{
- unsigned char master_secret[48];
- unsigned char randbytes[64];
- mbedtls_tls_prf_types tls_prf_type;
-} dtls_srtp_keys;
-
-static int dtls_srtp_key_derivation( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
-{
- dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
-
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
- memcpy( keys->randbytes, client_random, 32 );
- memcpy( keys->randbytes + 32, server_random, 32 );
- keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
- mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
- mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
- }
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
-static void my_debug( void *ctx, int level,
- const char *file, int line,
- const char *str )
-{
- const char *p, *basename;
-
- /* Extract basename from file */
- for( p = basename = file; *p != '\0'; p++ )
- if( *p == '/' || *p == '\\' )
- basename = p + 1;
-
- mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", basename, line, level, str );
- fflush( (FILE *) ctx );
-}
-
-mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
-{
- (void) time;
- return 0x5af2a056;
-}
-
-int dummy_entropy( void *data, unsigned char *output, size_t len )
-{
- size_t i;
- int ret;
- (void) data;
-
- ret = mbedtls_entropy_func( data, output, len );
- for (i = 0; i < len; i++ ) {
- //replace result with pseudo random
- output[i] = (unsigned char) rand();
- }
- return( ret );
-}
-
-#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
-int ca_callback( void *data, mbedtls_x509_crt const *child,
- mbedtls_x509_crt **candidates)
-{
- int ret = 0;
- mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
- mbedtls_x509_crt *first;
-
- /* This is a test-only implementation of the CA callback
- * which always returns the entire list of trusted certificates.
- * Production implementations managing a large number of CAs
- * should use an efficient presentation and lookup for the
- * set of trusted certificates (such as a hashtable) and only
- * return those trusted certificates which satisfy basic
- * parental checks, such as the matching of child `Issuer`
- * and parent `Subject` field. */
- ((void) child);
-
- first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
- if( first == NULL )
- {
- ret = -1;
- goto exit;
- }
- mbedtls_x509_crt_init( first );
-
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
-
- while( ca->next != NULL )
- {
- ca = ca->next;
- if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
- {
- ret = -1;
- goto exit;
- }
- }
-
-exit:
-
- if( ret != 0 )
- {
- mbedtls_x509_crt_free( first );
- mbedtls_free( first );
- first = NULL;
- }
-
- *candidates = first;
- return( ret );
-}
-#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
-
-/*
- * Test recv/send functions that make sure each try returns
- * WANT_READ/WANT_WRITE at least once before sucesseding
- */
-static int delayed_recv( void *ctx, unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_READ );
- }
-
- ret = mbedtls_net_recv( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_READ )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-static int delayed_send( void *ctx, const unsigned char *buf, size_t len )
-{
- static int first_try = 1;
- int ret;
-
- if( first_try )
- {
- first_try = 0;
- return( MBEDTLS_ERR_SSL_WANT_WRITE );
- }
-
- ret = mbedtls_net_send( ctx, buf, len );
- if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- first_try = 1; /* Next call will be a new operation */
- return( ret );
-}
-
-typedef struct
-{
- mbedtls_ssl_context *ssl;
- mbedtls_net_context *net;
-} io_ctx_t;
-
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
-static int ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char const *buf, size_t len )
-{
- int ret;
- unsigned char *tmp_buf;
-
- /* Record checking may modify the input buffer,
- * so make a copy. */
- tmp_buf = mbedtls_calloc( 1, len );
- if( tmp_buf == NULL )
- return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
- memcpy( tmp_buf, buf, len );
-
- ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
- {
- int ret_repeated;
-
- /* Test-only: Make sure that mbedtls_ssl_check_record()
- * doesn't alter state. */
- memcpy( tmp_buf, buf, len ); /* Restore buffer */
- ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
- if( ret != ret_repeated )
- {
- mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
- return( -1 );
- }
-
- switch( ret )
- {
- case 0:
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_INVALID_MAC:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
- break;
-
- case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
- if( opt.debug_level > 1 )
- mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
- break;
-
- default:
- mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
- return( -1 );
- }
-
- /* Regardless of the outcome, forward the record to the stack. */
- }
-
- mbedtls_free( tmp_buf );
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
-
-static int recv_cb( void *ctx, unsigned char *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- size_t recv_len;
- int ret;
-
- if( opt.nbio == 2 )
- ret = delayed_recv( io_ctx->net, buf, len );
- else
- ret = mbedtls_net_recv( io_ctx->net, buf, len );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
- int ret;
- size_t recv_len;
-
- ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
- if( ret < 0 )
- return( ret );
- recv_len = (size_t) ret;
-
- if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
- {
- /* Here's the place to do any datagram/record checking
- * in between receiving the packet from the underlying
- * transport and passing it on to the TLS stack. */
-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
- if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
- return( -1 );
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */
- }
-
- return( (int) recv_len );
-}
-
-static int send_cb( void *ctx, unsigned char const *buf, size_t len )
-{
- io_ctx_t *io_ctx = (io_ctx_t*) ctx;
-
- if( opt.nbio == 2 )
- return( delayed_send( io_ctx->net, buf, len ) );
-
- return( mbedtls_net_send( io_ctx->net, buf, len ) );
-}
+#include "ssl_test_common_source.c"
/*
* Return authmode from string, or -1 on error
@@ -1406,24 +943,6 @@
}
#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-static int ssl_sig_hashes_for_test[] = {
-#if defined(MBEDTLS_SHA512_C)
- MBEDTLS_MD_SHA512,
- MBEDTLS_MD_SHA384,
-#endif
-#if defined(MBEDTLS_SHA256_C)
- MBEDTLS_MD_SHA256,
- MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C)
- /* Allow SHA-1 as we use it extensively in tests. */
- MBEDTLS_MD_SHA1,
-#endif
- MBEDTLS_MD_NONE
-};
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
/** Return true if \p ret is a status code indicating that there is an
* operation in progress on an SSL connection, and false if it indicates
* success or a fatal error.
@@ -1662,56 +1181,6 @@
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-/*
- * Wait for an event from the underlying transport or the timer
- * (Used in event-driven IO mode).
- */
-#if !defined(MBEDTLS_TIMING_C)
-int idle( mbedtls_net_context *fd,
- int idle_reason )
-#else
-int idle( mbedtls_net_context *fd,
- mbedtls_timing_delay_context *timer,
- int idle_reason )
-#endif
-{
- int ret;
- int poll_type = 0;
-
- if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
- poll_type = MBEDTLS_NET_POLL_WRITE;
- else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
- poll_type = MBEDTLS_NET_POLL_READ;
-#if !defined(MBEDTLS_TIMING_C)
- else
- return( 0 );
-#endif
-
- while( 1 )
- {
- /* Check if timer has expired */
-#if defined(MBEDTLS_TIMING_C)
- if( timer != NULL &&
- mbedtls_timing_get_delay( timer ) == 2 )
- {
- break;
- }
-#endif /* MBEDTLS_TIMING_C */
-
- /* Check if underlying transport became available */
- if( poll_type != 0 )
- {
- ret = mbedtls_net_poll( fd, poll_type, 0 );
- if( ret < 0 )
- return( ret );
- if( ret == poll_type )
- break;
- }
- }
-
- return( 0 );
-}
-
#if defined(MBEDTLS_USE_PSA_CRYPTO)
static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot,
psa_algorithm_t alg,
@@ -1813,8 +1282,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
+ rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
#if defined(MBEDTLS_TIMING_C)
@@ -1908,7 +1376,7 @@
mbedtls_net_init( &listen_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
+ rng_init( &rng );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &srvcert );
@@ -1944,7 +1412,10 @@
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
goto exit;
}
-#endif
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ mbedtls_test_enable_insecure_external_rng( );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if !defined(_WIN32)
/* Abort cleanly on SIGTERM and SIGINT */
@@ -2824,31 +2295,8 @@
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- mbedtls_entropy_init( &entropy );
- if (opt.reproducible)
- {
- srand( 1 );
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
- else
- {
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
- &entropy, (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
- (unsigned int) -ret );
- goto exit;
- }
- }
-
+ if( rng_seed( &rng, opt.reproducible, pers ) != 0 )
+ goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3237,7 +2685,7 @@
#endif
#endif
}
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -3256,7 +2704,7 @@
if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
{
if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg,
+ rng_get, &rng,
MBEDTLS_CIPHER_AES_256_GCM,
opt.ticket_timeout ) ) != 0 )
{
@@ -3278,7 +2726,7 @@
if( opt.cookies > 0 )
{
if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
+ rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret );
goto exit;
@@ -3430,8 +2878,8 @@
ssl_async_keys.inject_error = ( opt.async_private_error < 0 ?
- opt.async_private_error :
opt.async_private_error );
- ssl_async_keys.f_rng = mbedtls_ctr_drbg_random;
- ssl_async_keys.p_rng = &ctr_drbg;
+ ssl_async_keys.f_rng = rng_get;
+ ssl_async_keys.p_rng = &rng;
mbedtls_ssl_conf_async_private_cb( &conf,
sign,
decrypt,
@@ -4529,8 +3977,7 @@
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy );
+ rng_free( &rng );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free( &cache );
@@ -4576,6 +4023,4 @@
else
mbedtls_exit( query_config_ret );
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
- MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
- MBEDTLS_CTR_DRBG_C */
+#endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */
diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c
new file mode 100644
index 0000000..d9e3607
--- /dev/null
+++ b/programs/ssl/ssl_test_common_source.c
@@ -0,0 +1,305 @@
+/*
+ * Common source code for SSL test programs. This file is included by
+ * both ssl_client2.c and ssl_server2.c and is intended for source
+ * code that is textually identical in both programs, but that cannot be
+ * compiled separately because it refers to types or macros that are
+ * different in the two programs, or because it would have an incomplete
+ * type.
+ *
+ * This file is meant to be #include'd and cannot be compiled separately.
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+int eap_tls_key_derivation( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
+
+ ( ( void ) kb );
+ memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ memcpy( keys->randbytes, client_random, 32 );
+ memcpy( keys->randbytes + 32, server_random, 32 );
+ keys->tls_prf_type = tls_prf_type;
+
+ if( opt.debug_level > 2 )
+ {
+ mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
+ mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
+ mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
+ }
+ return( 0 );
+}
+
+int nss_keylog_export( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ char nss_keylog_line[ 200 ];
+ size_t const client_random_len = 32;
+ size_t const master_secret_len = 48;
+ size_t len = 0;
+ size_t j;
+ int ret = 0;
+
+ ((void) p_expkey);
+ ((void) kb);
+ ((void) maclen);
+ ((void) keylen);
+ ((void) ivlen);
+ ((void) server_random);
+ ((void) tls_prf_type);
+
+ len += sprintf( nss_keylog_line + len,
+ "%s", "CLIENT_RANDOM " );
+
+ for( j = 0; j < client_random_len; j++ )
+ {
+ len += sprintf( nss_keylog_line + len,
+ "%02x", client_random[j] );
+ }
+
+ len += sprintf( nss_keylog_line + len, " " );
+
+ for( j = 0; j < master_secret_len; j++ )
+ {
+ len += sprintf( nss_keylog_line + len,
+ "%02x", ms[j] );
+ }
+
+ len += sprintf( nss_keylog_line + len, "\n" );
+ nss_keylog_line[ len ] = '\0';
+
+ mbedtls_printf( "\n" );
+ mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
+ mbedtls_printf( "%s", nss_keylog_line );
+ mbedtls_printf( "---------------------------------------------\n" );
+
+ if( opt.nss_keylog_file != NULL )
+ {
+ FILE *f;
+
+ if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
+ {
+ ret = -1;
+ goto exit;
+ }
+
+ if( fwrite( nss_keylog_line, 1, len, f ) != len )
+ {
+ ret = -1;
+ fclose( f );
+ goto exit;
+ }
+
+ fclose( f );
+ }
+
+exit:
+ mbedtls_platform_zeroize( nss_keylog_line,
+ sizeof( nss_keylog_line ) );
+ return( ret );
+}
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+int dtls_srtp_key_derivation( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
+
+ ( ( void ) kb );
+ memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ memcpy( keys->randbytes, client_random, 32 );
+ memcpy( keys->randbytes + 32, server_random, 32 );
+ keys->tls_prf_type = tls_prf_type;
+
+ if( opt.debug_level > 2 )
+ {
+ mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
+ mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
+ mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+int ssl_check_record( mbedtls_ssl_context const *ssl,
+ unsigned char const *buf, size_t len )
+{
+ int ret;
+ unsigned char *tmp_buf;
+
+ /* Record checking may modify the input buffer,
+ * so make a copy. */
+ tmp_buf = mbedtls_calloc( 1, len );
+ if( tmp_buf == NULL )
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ memcpy( tmp_buf, buf, len );
+
+ ret = mbedtls_ssl_check_record( ssl, tmp_buf, len );
+ if( ret != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
+ {
+ int ret_repeated;
+
+ /* Test-only: Make sure that mbedtls_ssl_check_record()
+ * doesn't alter state. */
+ memcpy( tmp_buf, buf, len ); /* Restore buffer */
+ ret_repeated = mbedtls_ssl_check_record( ssl, tmp_buf, len );
+ if( ret != ret_repeated )
+ {
+ mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
+ return( -1 );
+ }
+
+ switch( ret )
+ {
+ case 0:
+ break;
+
+ case MBEDTLS_ERR_SSL_INVALID_RECORD:
+ if( opt.debug_level > 1 )
+ mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
+ break;
+
+ case MBEDTLS_ERR_SSL_INVALID_MAC:
+ if( opt.debug_level > 1 )
+ mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
+ break;
+
+ case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
+ if( opt.debug_level > 1 )
+ mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
+ break;
+
+ default:
+ mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret );
+ return( -1 );
+ }
+
+ /* Regardless of the outcome, forward the record to the stack. */
+ }
+
+ mbedtls_free( tmp_buf );
+
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+
+int recv_cb( void *ctx, unsigned char *buf, size_t len )
+{
+ io_ctx_t *io_ctx = (io_ctx_t*) ctx;
+ size_t recv_len;
+ int ret;
+
+ if( opt.nbio == 2 )
+ ret = delayed_recv( io_ctx->net, buf, len );
+ else
+ ret = mbedtls_net_recv( io_ctx->net, buf, len );
+ if( ret < 0 )
+ return( ret );
+ recv_len = (size_t) ret;
+
+ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ /* Here's the place to do any datagram/record checking
+ * in between receiving the packet from the underlying
+ * transport and passing it on to the TLS stack. */
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+ if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
+ return( -1 );
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+ }
+
+ return( (int) recv_len );
+}
+
+int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
+ uint32_t timeout )
+{
+ io_ctx_t *io_ctx = (io_ctx_t*) ctx;
+ int ret;
+ size_t recv_len;
+
+ ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
+ if( ret < 0 )
+ return( ret );
+ recv_len = (size_t) ret;
+
+ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ /* Here's the place to do any datagram/record checking
+ * in between receiving the packet from the underlying
+ * transport and passing it on to the TLS stack. */
+#if defined(MBEDTLS_SSL_RECORD_CHECKING)
+ if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
+ return( -1 );
+#endif /* MBEDTLS_SSL_RECORD_CHECKING */
+ }
+
+ return( (int) recv_len );
+}
+
+int send_cb( void *ctx, unsigned char const *buf, size_t len )
+{
+ io_ctx_t *io_ctx = (io_ctx_t*) ctx;
+
+ if( opt.nbio == 2 )
+ return( delayed_send( io_ctx->net, buf, len ) );
+
+ return( mbedtls_net_send( io_ctx->net, buf, len ) );
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int ssl_sig_hashes_for_test[] = {
+#if defined(MBEDTLS_SHA512_C)
+ MBEDTLS_MD_SHA512,
+ MBEDTLS_MD_SHA384,
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ MBEDTLS_MD_SHA256,
+ MBEDTLS_MD_SHA224,
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ /* Allow SHA-1 as we use it extensively in tests. */
+ MBEDTLS_MD_SHA1,
+#endif
+ MBEDTLS_MD_NONE
+};
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
new file mode 100644
index 0000000..46cea14
--- /dev/null
+++ b/programs/ssl/ssl_test_lib.c
@@ -0,0 +1,278 @@
+/*
+ * Common code library for SSL test programs.
+ *
+ * In addition to the functions in this file, there is shared source code
+ * that cannot be compiled separately in "ssl_test_common_source.c".
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "ssl_test_lib.h"
+
+#if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
+
+void my_debug( void *ctx, int level,
+ const char *file, int line,
+ const char *str )
+{
+ const char *p, *basename;
+
+ /* Extract basename from file */
+ for( p = basename = file; *p != '\0'; p++ )
+ if( *p == '/' || *p == '\\' )
+ basename = p + 1;
+
+ mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
+ basename, line, level, str );
+ fflush( (FILE *) ctx );
+}
+
+mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
+{
+ (void) time;
+ return 0x5af2a056;
+}
+
+static int dummy_entropy( void *data, unsigned char *output, size_t len )
+{
+ size_t i;
+ int ret;
+ (void) data;
+
+ ret = mbedtls_entropy_func( data, output, len );
+ for( i = 0; i < len; i++ )
+ {
+ //replace result with pseudo random
+ output[i] = (unsigned char) rand();
+ }
+ return( ret );
+}
+
+void rng_init( rng_context_t *rng )
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_init( &rng->drbg );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_init( &rng->drbg );
+#else
+#error "No DRBG available"
+#endif
+
+ mbedtls_entropy_init( &rng->entropy );
+}
+
+int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
+{
+ int ( *f_entropy )( void *, unsigned char *, size_t ) =
+ ( reproducible ? dummy_entropy : mbedtls_entropy_func );
+
+ if ( reproducible )
+ srand( 1 );
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+ int ret = mbedtls_ctr_drbg_seed( &rng->drbg,
+ f_entropy, &rng->entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+#if defined(MBEDTLS_SHA256_C)
+ const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
+#elif defined(MBEDTLS_SHA512_C)
+ const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
+#else
+#error "No message digest available for HMAC_DRBG"
+#endif
+ int ret = mbedtls_hmac_drbg_seed( &rng->drbg,
+ mbedtls_md_info_from_type( md_type ),
+ f_entropy, &rng->entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) );
+#else
+#error "No DRBG available"
+#endif
+
+ if( ret != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
+ (unsigned int) -ret );
+ return( ret );
+ }
+
+ return( 0 );
+}
+
+void rng_free( rng_context_t *rng )
+{
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_free( &rng->drbg );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_free( &rng->drbg );
+#else
+#error "No DRBG available"
+#endif
+
+ mbedtls_entropy_free( &rng->entropy );
+}
+
+int rng_get( void *p_rng, unsigned char *output, size_t output_len )
+{
+ rng_context_t *rng = p_rng;
+#if defined(MBEDTLS_CTR_DRBG_C)
+ return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) );
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ return( mbedtls_hmac_drbg_random( &rng->drbg, output, output_len ) );
+#else
+#error "No DRBG available"
+#endif
+}
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback( void *data, mbedtls_x509_crt const *child,
+ mbedtls_x509_crt **candidates )
+{
+ int ret = 0;
+ mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
+ mbedtls_x509_crt *first;
+
+ /* This is a test-only implementation of the CA callback
+ * which always returns the entire list of trusted certificates.
+ * Production implementations managing a large number of CAs
+ * should use an efficient presentation and lookup for the
+ * set of trusted certificates (such as a hashtable) and only
+ * return those trusted certificates which satisfy basic
+ * parental checks, such as the matching of child `Issuer`
+ * and parent `Subject` field or matching key identifiers. */
+ ((void) child);
+
+ first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
+ if( first == NULL )
+ {
+ ret = -1;
+ goto exit;
+ }
+ mbedtls_x509_crt_init( first );
+
+ if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
+ {
+ ret = -1;
+ goto exit;
+ }
+
+ while( ca->next != NULL )
+ {
+ ca = ca->next;
+ if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
+ {
+ ret = -1;
+ goto exit;
+ }
+ }
+
+exit:
+
+ if( ret != 0 )
+ {
+ mbedtls_x509_crt_free( first );
+ mbedtls_free( first );
+ first = NULL;
+ }
+
+ *candidates = first;
+ return( ret );
+}
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+int delayed_recv( void *ctx, unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( MBEDTLS_ERR_SSL_WANT_READ );
+ }
+
+ ret = mbedtls_net_recv( ctx, buf, len );
+ if( ret != MBEDTLS_ERR_SSL_WANT_READ )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+int delayed_send( void *ctx, const unsigned char *buf, size_t len )
+{
+ static int first_try = 1;
+ int ret;
+
+ if( first_try )
+ {
+ first_try = 0;
+ return( MBEDTLS_ERR_SSL_WANT_WRITE );
+ }
+
+ ret = mbedtls_net_send( ctx, buf, len );
+ if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+ first_try = 1; /* Next call will be a new operation */
+ return( ret );
+}
+
+#if !defined(MBEDTLS_TIMING_C)
+int idle( mbedtls_net_context *fd,
+ int idle_reason )
+#else
+int idle( mbedtls_net_context *fd,
+ mbedtls_timing_delay_context *timer,
+ int idle_reason )
+#endif
+{
+ int ret;
+ int poll_type = 0;
+
+ if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
+ poll_type = MBEDTLS_NET_POLL_WRITE;
+ else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
+ poll_type = MBEDTLS_NET_POLL_READ;
+#if !defined(MBEDTLS_TIMING_C)
+ else
+ return( 0 );
+#endif
+
+ while( 1 )
+ {
+ /* Check if timer has expired */
+#if defined(MBEDTLS_TIMING_C)
+ if( timer != NULL &&
+ mbedtls_timing_get_delay( timer ) == 2 )
+ {
+ break;
+ }
+#endif /* MBEDTLS_TIMING_C */
+
+ /* Check if underlying transport became available */
+ if( poll_type != 0 )
+ {
+ ret = mbedtls_net_poll( fd, poll_type, 0 );
+ if( ret < 0 )
+ return( ret );
+ if( ret == poll_type )
+ break;
+ }
+ }
+
+ return( 0 );
+}
+
+#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h
new file mode 100644
index 0000000..861e82a
--- /dev/null
+++ b/programs/ssl/ssl_test_lib.h
@@ -0,0 +1,223 @@
+/*
+ * Common code for SSL test programs
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
+#define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#define mbedtls_time time
+#define mbedtls_time_t time_t
+#define mbedtls_printf printf
+#define mbedtls_fprintf fprintf
+#define mbedtls_snprintf snprintf
+#define mbedtls_exit exit
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif
+
+#if !defined(MBEDTLS_ENTROPY_C) || \
+ !defined(MBEDTLS_NET_C) || \
+ !defined(MBEDTLS_SSL_TLS_C) || \
+ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+#define MBEDTLS_SSL_TEST_IMPOSSIBLE \
+ "MBEDTLS_ENTROPY_C and/or " \
+ "MBEDTLS_NET_C and/or " \
+ "MBEDTLS_SSL_TLS_C not defined, " \
+ "and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n"
+#elif !( defined(MBEDTLS_CTR_DRBG_C) || \
+ defined(MBEDTLS_HMAC_DRBG_C) && ( defined(MBEDTLS_SHA256_C) || \
+ defined(MBEDTLS_SHA512_C) ) )
+#define MBEDTLS_SSL_TEST_IMPOSSIBLE \
+ "Neither MBEDTLS_CTR_DRBG_C, nor MBEDTLS_HMAC_DRBG_C and a supported hash defined.\n"
+#else
+#undef MBEDTLS_SSL_TEST_IMPOSSIBLE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/timing.h"
+#include "mbedtls/base64.h"
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+#endif
+
+#include <test/helpers.h>
+
+#include "../test/query_config.h"
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+
+typedef struct eap_tls_keys
+{
+ unsigned char master_secret[48];
+ unsigned char randbytes[64];
+ mbedtls_tls_prf_types tls_prf_type;
+} eap_tls_keys;
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+
+/* Supported SRTP mode needs a maximum of :
+ * - 16 bytes for key (AES-128)
+ * - 14 bytes SALT
+ * One for sender, one for receiver context
+ */
+#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
+
+typedef struct dtls_srtp_keys
+{
+ unsigned char master_secret[48];
+ unsigned char randbytes[64];
+ mbedtls_tls_prf_types tls_prf_type;
+} dtls_srtp_keys;
+
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+typedef struct
+{
+ mbedtls_ssl_context *ssl;
+ mbedtls_net_context *net;
+} io_ctx_t;
+
+void my_debug( void *ctx, int level,
+ const char *file, int line,
+ const char *str );
+
+mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
+
+/** A context for random number generation (RNG).
+ */
+typedef struct
+{
+ mbedtls_entropy_context entropy;
+#if defined(MBEDTLS_CTR_DRBG_C)
+ mbedtls_ctr_drbg_context drbg;
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+ mbedtls_hmac_drbg_context drbg;
+#else
+#error "No DRBG available"
+#endif
+} rng_context_t;
+
+/** Initialize the RNG.
+ *
+ * This function only initializes the memory used by the RNG context.
+ * Before using the RNG, it must be seeded with rng_seed().
+ */
+void rng_init( rng_context_t *rng );
+
+/* Seed the random number generator.
+ *
+ * \param rng The RNG context to use. It must have been initialized
+ * with rng_init().
+ * \param reproducible If zero, seed the RNG from entropy.
+ * If nonzero, use a fixed seed, so that the program
+ * will produce the same sequence of random numbers
+ * each time it is invoked.
+ * \param pers A null-terminated string. Different values for this
+ * string cause the RNG to emit different output for
+ * the same seed.
+ *
+ * return 0 on success, a negative value on error.
+ */
+int rng_seed( rng_context_t *rng, int reproducible, const char *pers );
+
+/** Deinitialize the RNG. Free any embedded resource.
+ *
+ * \param rng The RNG context to deinitialize. It must have been
+ * initialized with rng_init().
+ */
+void rng_free( rng_context_t *rng );
+
+/** Generate random data.
+ *
+ * This function is suitable for use as the \c f_rng argument to Mbed TLS
+ * library functions.
+ *
+ * \param p_rng The random generator context. This must be a pointer to
+ * a #rng_context_t structure.
+ * \param output The buffer to fill.
+ * \param output_len The length of the buffer in bytes.
+ *
+ * \return \c 0 on success.
+ * \return An Mbed TLS error code on error.
+ */
+int rng_get( void *p_rng, unsigned char *output, size_t output_len );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/* The test implementation of the PSA external RNG is insecure. When
+ * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto
+ * function that makes use of an RNG, you must call
+ * mbedtls_test_enable_insecure_external_rng(). */
+#include <test/fake_external_rng_for_test.h>
+#endif
+
+#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
+int ca_callback( void *data, mbedtls_x509_crt const *child,
+ mbedtls_x509_crt **candidates );
+#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
+/*
+ * Test recv/send functions that make sure each try returns
+ * WANT_READ/WANT_WRITE at least once before sucesseding
+ */
+int delayed_recv( void *ctx, unsigned char *buf, size_t len );
+int delayed_send( void *ctx, const unsigned char *buf, size_t len );
+
+/*
+ * Wait for an event from the underlying transport or the timer
+ * (Used in event-driven IO mode).
+ */
+int idle( mbedtls_net_context *fd,
+#if defined(MBEDTLS_TIMING_C)
+ mbedtls_timing_delay_context *timer,
+#endif
+ int idle_reason );
+
+#endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */
+#endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 49b44e7..2b1e61e 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -26,7 +26,13 @@
endif()
foreach(exe IN LISTS executables_libs executables_mbedcrypto)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
+ set(extra_sources "")
+ if(exe STREQUAL "query_compile_time_config")
+ list(APPEND extra_sources
+ ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
+ endif()
+ add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
+ ${extra_sources})
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_libs ${exe} exe_index)
@@ -37,9 +43,6 @@
endif()
endforeach()
-set_property(TARGET query_compile_time_config APPEND PROPERTY SOURCES
- ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
-
install(TARGETS ${executables_libs} ${executables_mbedcrypto}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c
index abe8f76..0e356c8 100644
--- a/programs/test/query_compile_time_config.c
+++ b/programs/test/query_compile_time_config.c
@@ -40,7 +40,7 @@
"Mbed TLS build and the macro expansion of that configuration will be\n" \
"printed (if any). Otherwise, 1 will be returned.\n"
-int query_config( const char *config );
+#include "query_config.h"
int main( int argc, char *argv[] )
{
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 1fb7384..aae8e2e 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -23,6 +23,8 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "query_config.h"
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
diff --git a/programs/test/query_config.h b/programs/test/query_config.h
new file mode 100644
index 0000000..23009c4
--- /dev/null
+++ b/programs/test/query_config.h
@@ -0,0 +1,42 @@
+/*
+ * Query Mbed TLS compile time configurations from config.h
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H
+#define MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/** Check whether a given configuration symbol is enabled.
+ *
+ * \param config The symbol to query (e.g. "MBEDTLS_RSA_C").
+ * \return \c 0 if the symbol was defined at compile time
+ * (in MBEDTLS_CONFIG_FILE or config.h),
+ * \c 1 otherwise.
+ *
+ * \note This function is defined in `programs/test/query_config.c`
+ * which is automatically generated by
+ * `scripts/generate_query_config.pl`.
+ */
+int query_config( const char *config );
+
+#endif /* MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H */
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
index be1faef..be541cb 100644
--- a/scripts/data_files/query_config.fmt
+++ b/scripts/data_files/query_config.fmt
@@ -23,6 +23,8 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "query_config.h"
+
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 6c2b5e4..df5d66e 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -161,6 +161,9 @@
$appname eq "query_compile_time_config" ) {
$srcs .= "\r\n <ClCompile Include=\"..\\..\\programs\\test\\query_config.c\" \/>";
}
+ if( $appname eq "ssl_client2" or $appname eq "ssl_server2" ) {
+ $srcs .= "\r\n <ClCompile Include=\"..\\..\\programs\\ssl\\ssl_test_lib.c\" \/>";
+ }
my $content = $template;
$content =~ s/<SOURCES>/$srcs/g;
diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py
new file mode 100644
index 0000000..5c587a1
--- /dev/null
+++ b/scripts/mbedtls_dev/c_build_helper.py
@@ -0,0 +1,138 @@
+"""Generate and run C code.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import platform
+import subprocess
+import sys
+import tempfile
+
+def remove_file_if_exists(filename):
+ """Remove the specified file, ignoring errors."""
+ if not filename:
+ return
+ try:
+ os.remove(filename)
+ except OSError:
+ pass
+
+def create_c_file(file_label):
+ """Create a temporary C file.
+
+ * ``file_label``: a string that will be included in the file name.
+
+ Return ```(c_file, c_name, exe_name)``` where ``c_file`` is a Python
+ stream open for writing to the file, ``c_name`` is the name of the file
+ and ``exe_name`` is the name of the executable that will be produced
+ by compiling the file.
+ """
+ c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(file_label),
+ suffix='.c')
+ exe_suffix = '.exe' if platform.system() == 'Windows' else ''
+ exe_name = c_name[:-2] + exe_suffix
+ remove_file_if_exists(exe_name)
+ c_file = os.fdopen(c_fd, 'w', encoding='ascii')
+ return c_file, c_name, exe_name
+
+def generate_c_printf_expressions(c_file, cast_to, printf_format, expressions):
+ """Generate C instructions to print the value of ``expressions``.
+
+ Write the code with ``c_file``'s ``write`` method.
+
+ Each expression is cast to the type ``cast_to`` and printed with the
+ printf format ``printf_format``.
+ """
+ for expr in expressions:
+ c_file.write(' printf("{}\\n", ({}) {});\n'
+ .format(printf_format, cast_to, expr))
+
+def generate_c_file(c_file,
+ caller, header,
+ main_generator):
+ """Generate a temporary C source file.
+
+ * ``c_file`` is an open stream on the C source file.
+ * ``caller``: an informational string written in a comment at the top
+ of the file.
+ * ``header``: extra code to insert before any function in the generated
+ C file.
+ * ``main_generator``: a function called with ``c_file`` as its sole argument
+ to generate the body of the ``main()`` function.
+ """
+ c_file.write('/* Generated by {} */'
+ .format(caller))
+ c_file.write('''
+#include <stdio.h>
+''')
+ c_file.write(header)
+ c_file.write('''
+int main(void)
+{
+''')
+ main_generator(c_file)
+ c_file.write(''' return 0;
+}
+''')
+
+def get_c_expression_values(
+ cast_to, printf_format,
+ expressions,
+ caller=__name__, file_label='',
+ header='', include_path=None,
+ keep_c=False,
+): # pylint: disable=too-many-arguments
+ """Generate and run a program to print out numerical values for expressions.
+
+ * ``cast_to``: a C type.
+ * ``printf_format``: a printf format suitable for the type ``cast_to``.
+ * ``header``: extra code to insert before any function in the generated
+ C file.
+ * ``expressions``: a list of C language expressions that have the type
+ ``cast_to``.
+ * ``include_path``: a list of directories containing header files.
+ * ``keep_c``: if true, keep the temporary C file (presumably for debugging
+ purposes).
+
+ Return the list of values of the ``expressions``.
+ """
+ if include_path is None:
+ include_path = []
+ c_name = None
+ exe_name = None
+ try:
+ c_file, c_name, exe_name = create_c_file(file_label)
+ generate_c_file(
+ c_file, caller, header,
+ lambda c_file: generate_c_printf_expressions(c_file,
+ cast_to, printf_format,
+ expressions)
+ )
+ c_file.close()
+ cc = os.getenv('CC', 'cc')
+ subprocess.check_call([cc] +
+ ['-I' + dir for dir in include_path] +
+ ['-o', exe_name, c_name])
+ if keep_c:
+ sys.stderr.write('List of {} tests kept at {}\n'
+ .format(caller, c_name))
+ else:
+ os.remove(c_name)
+ output = subprocess.check_output([exe_name])
+ return output.decode('ascii').strip().split('\n')
+ finally:
+ remove_file_if_exists(exe_name)
diff --git a/tests/Makefile b/tests/Makefile
index 511db9d..d11d904 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -84,8 +84,16 @@
mbedtls_test: $(MBEDTLS_TEST_OBJS)
+TEST_OBJS_DEPS = $(wildcard include/test/*.h include/test/*/*.h)
+ifdef RECORD_PSA_STATUS_COVERAGE_LOG
+# Explicitly depend on this header because on a clean copy of the source tree,
+# it doesn't exist yet and must be generated as part of the build, and
+# therefore the wildcard enumeration above doesn't include it.
+TEST_OBJS_DEPS += include/test/instrument_record_status.h
+endif
+
# Rule to compile common test C files in src folder
-src/%.o : src/%.c
+src/%.o : src/%.c $(TEST_OBJS_DEPS)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
@@ -121,20 +129,15 @@
-o .
-$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTLS_TEST_OBJS)
+$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-# Some test suites require additional header files.
-$(filter test_suite_psa_crypto%, $(BINARIES)): include/test/psa_crypto_helpers.h
-$(addprefix embedded_,$(filter test_suite_psa_crypto%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_crypto_helpers.h
-$(filter test_suite_psa_%, $(BINARIES)): include/test/psa_helpers.h
-$(addprefix embedded_,$(filter test_suite_psa_%, $(APPS))): embedded_%: TESTS/mbedtls/%/psa_helpers.h
-
clean:
ifndef WINDOWS
rm -rf $(BINARIES) *.c *.datax TESTS
rm -f src/*.o src/drivers/*.o src/libmbed*
+ rm -f include/test/instrument_record_status.h
else
if exist *.c del /Q /F *.c
if exist *.exe del /Q /F *.exe
@@ -142,6 +145,7 @@
if exist src/*.o del /Q /F src/*.o
if exist src/drivers/*.o del /Q /F src/drivers/*.o
if exist src/libmbed* del /Q /F src/libmed*
+ if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h
ifneq ($(wildcard TESTS/.*),)
rmdir /Q /S TESTS
endif
@@ -185,9 +189,10 @@
endef
$(foreach app, $(APPS), $(foreach file, $(notdir $(wildcard include/test/*.h)), \
$(eval $(call copy_header_to_target,$(app),$(file)))))
+$(addprefix embedded_,$(filter test_suite_psa_%, $(APPS))): embedded_%: $(patsubst TESTS/mbedtls/%, include/test/%, $(wildcard include/test/*. include/test/*/*.h))
ifdef RECORD_PSA_STATUS_COVERAGE_LOG
-$(BINARIES): include/test/instrument_record_status.h
include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile
+ echo " Gen $@"
sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p'
endif
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index b90ce74..0962898 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1018,6 +1018,14 @@
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
all_final += server1.v1.crt server1.v1.der
+server1.ca.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+ $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 is_ca=1 version=3 output_file=$@
+server1.ca_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
+ $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 is_ca=1 version=3 output_file=$@
+server1.ca.der: server1.ca.crt
+ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
+all_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der
+
server1_ca.crt: server1.crt $(test_ca_crt)
cat server1.crt $(test_ca_crt) > $@
all_final += server1_ca.crt
diff --git a/tests/data_files/server1.ca.crt b/tests/data_files/server1.ca.crt
new file mode 100644
index 0000000..84691d6
--- /dev/null
+++ b/tests/data_files/server1.ca.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9
+Q1kCpjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0B
+AQUFAAOCAQEAgt0Fk6cLMjsZUkVpkpTw6EJuKA48H8ieUSTDzYoaDWJQsFY34OIc
+0UpfMwl1jl0qEcVboOdcJHug0EXsfm6XUlSJkPnmcdt/N4gU3/TVkdQwqbvrwjae
+S+Jb1E7fTAiauMi6++svV/sfKqE3OCTJWF+6D0LdgnxEVZM6DvnFU9Jvw+CPTIx6
++SYZLm5sOTL0sWMIxwAEjwGJ3T1m0sjPjnnl4Jn/XtD8UuRRYB/RS6e2TlKovwWP
+G3eUdEs2QJ5lnnD+d7AUYq9nAYnb42M1ZdAxRQxxu2wweiTpUubvT4W6wkG8veix
+UM45EKsxPinnK0rK9bzrPDwpntIHhEUcSQ==
+-----END CERTIFICATE-----
diff --git a/tests/data_files/server1.ca.der b/tests/data_files/server1.ca.der
new file mode 100644
index 0000000..a5ff059
--- /dev/null
+++ b/tests/data_files/server1.ca.der
Binary files differ
diff --git a/tests/data_files/server1.ca_noauthid.crt b/tests/data_files/server1.ca_noauthid.crt
new file mode 100644
index 0000000..e66956d
--- /dev/null
+++ b/tests/data_files/server1.ca_noauthid.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDJDCCAgygAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+ozIwMDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9
+Q1kCpjANBgkqhkiG9w0BAQUFAAOCAQEAMblPCsjj6RJ8sOm54sdlSJOTGWEo/1LF
+q1bJnKE3FXDeU8pbhEhpfsd2zcKdJxzp7Bg8Ms/xKBuOZhn/4C/n2FwZpEeAsS7J
+tZifKp+GXVs0xbcji9aB8niWXSl/CoICpvHpMAz8k2HT4LDvbC2ElXkqLT7n7k1B
+/ODI3BME34NquyBTDezQb4Gz7bx42OKLrxZkKrO3UF3TQTYBZvlH7IO7SvZhQPGk
+b8a2jKYfeQCCIvcywWQ7qzlgzTgnXJ0RrLyCqOqLFs6ztHPgclHa+XYF5yftSKIS
+zTJLT0IWBtwgB2opv7YSx7tKYhj+uHHY7C3iSXzAgPy5TYkissGXbw==
+-----END CERTIFICATE-----
diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h
new file mode 100644
index 0000000..faeef22
--- /dev/null
+++ b/tests/include/test/fake_external_rng_for_test.h
@@ -0,0 +1,56 @@
+/*
+ * Insecure but standalone implementation of mbedtls_psa_external_get_random().
+ * Only for use in tests!
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H
+#define FAKE_EXTERNAL_RNG_FOR_TEST_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+/** Enable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * The insecure implementation of mbedtls_psa_external_get_random() is
+ * disabled by default.
+ *
+ * When MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled and the test
+ * helpers are linked into a program, you must enable this before running any
+ * code that uses the PSA subsystem to generate random data (including internal
+ * random generation for purposes such as blinding when the random generation
+ * is routed through PSA).
+ *
+ * You can enable and disable it at any time, regardless of the state
+ * of the PSA subsystem. You may disable it temporarily to simulate a
+ * depleted entropy source.
+ */
+void mbedtls_test_enable_insecure_external_rng( void );
+
+/** Disable the insecure implementation of mbedtls_psa_external_get_random().
+ *
+ * See mbedtls_test_enable_insecure_external_rng().
+ */
+void mbedtls_test_disable_insecure_external_rng( void );
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index 2c7b179..ce8a1e2 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -190,4 +190,8 @@
void mbedtls_test_param_failed_reset_state( void );
#endif /* MBEDTLS_CHECK_PARAMS */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include "test/fake_external_rng_for_test.h"
+#endif
+
#endif /* TEST_HELPERS_H */
diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h
index 01b0547..b97263d 100644
--- a/tests/include/test/psa_crypto_helpers.h
+++ b/tests/include/test/psa_crypto_helpers.h
@@ -26,79 +26,48 @@
#include <psa/crypto.h>
#include <psa_crypto_slot_management.h>
-static int test_helper_is_psa_pristine( int line, const char *file )
-{
- mbedtls_psa_stats_t stats;
- const char *msg = NULL;
-
- mbedtls_psa_get_stats( &stats );
-
- if( stats.volatile_slots != 0 )
- msg = "A volatile slot has not been closed properly.";
- else if( stats.persistent_slots != 0 )
- msg = "A persistent slot has not been closed properly.";
- else if( stats.external_slots != 0 )
- msg = "An external slot has not been closed properly.";
- else if( stats.half_filled_slots != 0 )
- msg = "A half-filled slot has not been cleared properly.";
- else if( stats.locked_slots != 0 )
- {
- msg = "Some slots are still marked as locked.";
- }
-
- /* If the test has already failed, don't overwrite the failure
- * information. Do keep the stats lookup above, because it can be
- * convenient to break on it when debugging a failure. */
- if( msg != NULL && test_info.result == TEST_RESULT_SUCCESS )
- test_fail( msg, line, file );
-
- return( msg == NULL );
-}
+/** Check for things that have not been cleaned up properly in the
+ * PSA subsystem.
+ *
+ * \return NULL if nothing has leaked.
+ * \return A string literal explaining what has not been cleaned up
+ * if applicable.
+ */
+const char *mbedtls_test_helper_is_psa_leaking( void );
/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed and jump to
+ * the exit label. This is equivalent to
+ * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )`
+ * but with a more informative message.
*/
-#define ASSERT_PSA_PRISTINE( ) \
- do \
- { \
- if( ! test_helper_is_psa_pristine( __LINE__, __FILE__ ) ) \
- goto exit; \
- } \
+#define ASSERT_PSA_PRISTINE( ) \
+ do \
+ { \
+ if( test_fail_if_psa_leaking( __LINE__, __FILE__ ) ) \
+ goto exit; \
+ } \
while( 0 )
-static void test_helper_psa_done( int line, const char *file )
-{
- (void) test_helper_is_psa_pristine( line, file );
- mbedtls_psa_crypto_free( );
-}
-
/** Shut down the PSA Crypto subsystem. Expect a clean shutdown, with no slots
* in use.
*/
-#define PSA_DONE( ) test_helper_psa_done( __LINE__, __FILE__ )
+#define PSA_DONE( ) \
+ do \
+ { \
+ test_fail_if_psa_leaking( __LINE__, __FILE__ ); \
+ mbedtls_psa_crypto_free( ); \
+ } \
+ while( 0 )
#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
-#include <psa/crypto.h>
-
-/** Name of the file where return statuses are logged by #RECORD_STATUS. */
-#define STATUS_LOG_FILE_NAME "statuses.log"
-
-static psa_status_t record_status( psa_status_t status,
- const char *func,
- const char *file, int line,
- const char *expr )
-{
- /* We open the log file on first use.
- * We never close the log file, so the record_status feature is not
- * compatible with resource leak detectors such as Asan.
- */
- static FILE *log;
- if( log == NULL )
- log = fopen( STATUS_LOG_FILE_NAME, "a" );
- fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr );
- return( status );
-}
+psa_status_t mbedtls_test_record_status( psa_status_t status,
+ const char *func,
+ const char *file, int line,
+ const char *expr );
/** Return value logging wrapper macro.
*
@@ -125,7 +94,7 @@
* \return The value of \p expr.
*/
#define RECORD_STATUS( string, expr ) \
- record_status( ( expr ), string, __FILE__, __LINE__, #expr )
+ mbedtls_test_record_status( ( expr ), string, __FILE__, __LINE__, #expr )
#include "instrument_record_status.h"
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index a016732..676c804 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -919,10 +919,17 @@
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
- msg "test: no CTR_DRBG"
+ msg "test: Full minus CTR_DRBG - main suites"
make test
- # no ssl-opt.sh/compat.sh as they all depend on CTR_DRBG so far
+ # In this configuration, the TLS test programs use HMAC_DRBG.
+ # The SSL tests are slow, so run a small subset, just enough to get
+ # confidence that the SSL code copes with HMAC_DRBG.
+ msg "test: Full minus CTR_DRBG - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private.*delay=\|tickets enabled on server'
+
+ msg "test: Full minus CTR_DRBG - compat.sh (subset)"
+ if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA PSK' -V NO -p OpenSSL
}
component_test_no_hmac_drbg () {
@@ -934,11 +941,21 @@
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
- msg "test: no HMAC_DRBG"
+ msg "test: Full minus HMAC_DRBG - main suites"
make test
- # No ssl-opt.sh/compat.sh as they never use HMAC_DRBG so far,
- # so there's little value in running those lengthy tests here.
+ # Normally our ECDSA implementation uses deterministic ECDSA. But since
+ # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used
+ # instead.
+ # Test SSL with non-deterministic ECDSA. Only test features that
+ # might be affected by how ECDSA signature is performed.
+ msg "test: Full minus HMAC_DRBG - ssl-opt.sh (subset)"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign'
+
+ # To save time, only test one protocol version, since this part of
+ # the protocol is identical in (D)TLS up to 1.2.
+ msg "test: Full minus HMAC_DRBG - compat.sh (ECDSA)"
+ if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA'
}
component_test_psa_external_rng_no_drbg () {
@@ -954,7 +971,7 @@
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG"
make test
- # No ssl-opt.sh/compat.sh because they require CTR_DRBG.
+ # no SSL tests as they all depend on having a DRBG
}
component_test_psa_external_rng_use_psa_crypto () {
@@ -968,7 +985,8 @@
msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
make test
- # No ssl-opt.sh/compat.sh because they require CTR_DRBG.
+ msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
+ if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque'
}
component_test_ecp_no_internal_rng () {
diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh
index 518c423..449803a5 100755
--- a/tests/scripts/check-python-files.sh
+++ b/tests/scripts/check-python-files.sh
@@ -14,11 +14,13 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-# Purpose:
-#
-# Run 'pylint' on Python files for programming errors and helps enforcing
-# PEP8 coding standards.
+
+# Purpose: check Python files for potential programming errors or maintenance
+# hurdles. Run pylint to detect some potential mistakes and enforce PEP8
+# coding standards. If available, run mypy to perform static type checking.
+
+# We'll keep going on errors and report the status at the end.
+ret=0
if type python3 >/dev/null 2>/dev/null; then
PYTHON=python3
@@ -26,4 +28,56 @@
PYTHON=python
fi
-$PYTHON -m pylint -j 2 scripts/*.py tests/scripts/*.py
+check_version () {
+ $PYTHON - "$2" <<EOF
+import packaging.version
+import sys
+import $1 as package
+actual = package.__version__
+wanted = sys.argv[1]
+if packaging.version.parse(actual) < packaging.version.parse(wanted):
+ sys.stderr.write("$1: version %s is too old (want %s)\n" % (actual, wanted))
+ exit(1)
+EOF
+}
+
+can_pylint () {
+ # Pylint 1.5.2 from Ubuntu 16.04 is too old:
+ # E: 34, 0: Unable to import 'mbedtls_dev' (import-error)
+ # Pylint 1.8.3 from Ubuntu 18.04 passed on the first commit containing this line.
+ check_version pylint 1.8.3
+}
+
+can_mypy () {
+ # mypy 0.770 is too old:
+ # tests/scripts/test_psa_constant_names.py:34: error: Cannot find implementation or library stub for module named 'mbedtls_dev'
+ # mypy 0.780 from pip passed on the first commit containing this line.
+ check_version mypy.version 0.780
+}
+
+# With just a --can-xxx option, check whether the tool for xxx is available
+# with an acceptable version, and exit without running any checks. The exit
+# status is true if the tool is available and acceptable and false otherwise.
+if [ "$1" = "--can-pylint" ]; then
+ can_pylint
+ exit
+elif [ "$1" = "--can-mypy" ]; then
+ can_mypy
+ exit
+fi
+
+echo 'Running pylint ...'
+$PYTHON -m pylint -j 2 scripts/mbedtls_dev/*.py scripts/*.py tests/scripts/*.py || {
+ echo >&2 "pylint reported errors"
+ ret=1
+}
+
+# Check types if mypy is available
+if can_mypy; then
+ echo
+ echo 'Running mypy ...'
+ $PYTHON -m mypy scripts/*.py tests/scripts/*.py ||
+ ret=1
+fi
+
+exit $ret
diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py
index 13fee9d..8857e00 100755
--- a/tests/scripts/check_files.py
+++ b/tests/scripts/check_files.py
@@ -29,6 +29,10 @@
import re
import subprocess
import sys
+try:
+ from typing import FrozenSet, Optional, Pattern # pylint: disable=unused-import
+except ImportError:
+ pass
class FileIssueTracker:
@@ -48,8 +52,8 @@
``heading``: human-readable description of the issue
"""
- suffix_exemptions = frozenset()
- path_exemptions = None
+ suffix_exemptions = frozenset() #type: FrozenSet[str]
+ path_exemptions = None #type: Optional[Pattern[str]]
# heading must be defined in derived classes.
# pylint: disable=no-member
@@ -161,13 +165,64 @@
heading = "Incorrect permissions:"
+ # .py files can be either full scripts or modules, so they may or may
+ # not be executable.
+ suffix_exemptions = frozenset({".py"})
+
def check_file_for_issue(self, filepath):
is_executable = os.access(filepath, os.X_OK)
- should_be_executable = filepath.endswith((".sh", ".pl", ".py"))
+ should_be_executable = filepath.endswith((".sh", ".pl"))
if is_executable != should_be_executable:
self.files_with_issues[filepath] = None
+class ShebangIssueTracker(FileIssueTracker):
+ """Track files with a bad, missing or extraneous shebang line.
+
+ Executable scripts must start with a valid shebang (#!) line.
+ """
+
+ heading = "Invalid shebang line:"
+
+ # Allow either /bin/sh, /bin/bash, or /usr/bin/env.
+ # Allow at most one argument (this is a Linux limitation).
+ # For sh and bash, the argument if present must be options.
+ # For env, the argument must be the base name of the interpeter.
+ _shebang_re = re.compile(rb'^#! ?(?:/bin/(bash|sh)(?: -[^\n ]*)?'
+ rb'|/usr/bin/env ([^\n /]+))$')
+ _extensions = {
+ b'bash': 'sh',
+ b'perl': 'pl',
+ b'python3': 'py',
+ b'sh': 'sh',
+ }
+
+ def is_valid_shebang(self, first_line, filepath):
+ m = re.match(self._shebang_re, first_line)
+ if not m:
+ return False
+ interpreter = m.group(1) or m.group(2)
+ if interpreter not in self._extensions:
+ return False
+ if not filepath.endswith('.' + self._extensions[interpreter]):
+ return False
+ return True
+
+ def check_file_for_issue(self, filepath):
+ is_executable = os.access(filepath, os.X_OK)
+ with open(filepath, "rb") as f:
+ first_line = f.readline()
+ if first_line.startswith(b'#!'):
+ if not is_executable:
+ # Shebang on a non-executable file
+ self.files_with_issues[filepath] = None
+ elif not self.is_valid_shebang(first_line, filepath):
+ self.files_with_issues[filepath] = [1]
+ elif is_executable:
+ # Executable without a shebang
+ self.files_with_issues[filepath] = None
+
+
class EndOfFileNewlineIssueTracker(FileIssueTracker):
"""Track files that end with an incomplete line
(no newline character at the end of the last line)."""
@@ -288,6 +343,7 @@
self.setup_logger(log_file)
self.issues_to_check = [
PermissionIssueTracker(),
+ ShebangIssueTracker(),
EndOfFileNewlineIssueTracker(),
Utf8BomIssueTracker(),
UnixLineEndingIssueTracker(),
diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py
index a5d0940..64f12bb 100755
--- a/tests/scripts/mbedtls_test.py
+++ b/tests/scripts/mbedtls_test.py
@@ -38,7 +38,7 @@
import os
import binascii
-from mbed_host_tests import BaseHostTest, event_callback # pylint: disable=import-error
+from mbed_host_tests import BaseHostTest, event_callback # type: ignore # pylint: disable=import-error
class TestDataParserError(Exception):
diff --git a/tests/scripts/scripts_path.py b/tests/scripts/scripts_path.py
new file mode 100644
index 0000000..10bf6f8
--- /dev/null
+++ b/tests/scripts/scripts_path.py
@@ -0,0 +1,28 @@
+"""Add our Python library directory to the module search path.
+
+Usage:
+
+ import scripts_path # pylint: disable=unused-import
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import sys
+
+sys.path.append(os.path.join(os.path.dirname(__file__),
+ os.path.pardir, os.path.pardir,
+ 'scripts'))
diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py
index 000c2a7..9bf66f1 100755
--- a/tests/scripts/test_generate_test_code.py
+++ b/tests/scripts/test_generate_test_code.py
@@ -20,21 +20,10 @@
Unit tests for generate_test_code.py
"""
-# pylint: disable=wrong-import-order
-try:
- # Python 2
- from StringIO import StringIO
-except ImportError:
- # Python 3
- from io import StringIO
+from io import StringIO
from unittest import TestCase, main as unittest_main
-try:
- # Python 2
- from mock import patch
-except ImportError:
- # Python 3
- from unittest.mock import patch
-# pylint: enable=wrong-import-order
+from unittest.mock import patch
+
from generate_test_code import gen_dependencies, gen_dependencies_one_line
from generate_test_code import gen_function_wrapper, gen_dispatch
from generate_test_code import parse_until_pattern, GeneratorInputError
@@ -317,25 +306,16 @@
:return: Line read from file.
"""
parent = super(StringIOWrapper, self)
- if getattr(parent, 'next', None):
- # Python 2
- line = parent.next()
- else:
- # Python 3
- line = parent.__next__()
+ line = parent.__next__()
return line
- # Python 3
- __next__ = next
-
- def readline(self, length=0):
+ def readline(self, _length=0):
"""
Wrap the base class readline.
:param length:
:return:
"""
- # pylint: disable=unused-argument
line = super(StringIOWrapper, self).readline()
if line is not None:
self.line_no += 1
@@ -549,38 +529,6 @@
Test suite for testing parse_function_code()
"""
- def assert_raises_regex(self, exp, regex, func, *args):
- """
- Python 2 & 3 portable wrapper of assertRaisesRegex(p)? function.
-
- :param exp: Exception type expected to be raised by cb.
- :param regex: Expected exception message
- :param func: callable object under test
- :param args: variable positional arguments
- """
- parent = super(ParseFunctionCode, self)
-
- # Pylint does not appreciate that the super method called
- # conditionally can be available in other Python version
- # then that of Pylint.
- # Workaround is to call the method via getattr.
- # Pylint ignores that the method got via getattr is
- # conditionally executed. Method has to be a callable.
- # Hence, using a dummy callable for getattr default.
- dummy = lambda *x: None
- # First Python 3 assertRaisesRegex is checked, since Python 2
- # assertRaisesRegexp is also available in Python 3 but is
- # marked deprecated.
- for name in ('assertRaisesRegex', 'assertRaisesRegexp'):
- method = getattr(parent, name, dummy)
- if method is not dummy:
- method(exp, regex, func, *args)
- break
- else:
- raise AttributeError(" 'ParseFunctionCode' object has no attribute"
- " 'assertRaisesRegex' or 'assertRaisesRegexp'"
- )
-
def test_no_function(self):
"""
Test no test function found.
@@ -593,8 +541,8 @@
'''
stream = StringIOWrapper('test_suite_ut.function', data)
err_msg = 'file: test_suite_ut.function - Test functions not found!'
- self.assert_raises_regex(GeneratorInputError, err_msg,
- parse_function_code, stream, [], [])
+ self.assertRaisesRegex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
def test_no_end_case_comment(self):
"""
@@ -609,8 +557,8 @@
stream = StringIOWrapper('test_suite_ut.function', data)
err_msg = r'file: test_suite_ut.function - '\
'end case pattern .*? not found!'
- self.assert_raises_regex(GeneratorInputError, err_msg,
- parse_function_code, stream, [], [])
+ self.assertRaisesRegex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
@patch("generate_test_code.parse_function_arguments")
def test_function_called(self,
@@ -727,8 +675,8 @@
data = 'int entropy_threshold( char * a, data_t * h, int result )'
err_msg = 'file: test_suite_ut.function - Test functions not found!'
stream = StringIOWrapper('test_suite_ut.function', data)
- self.assert_raises_regex(GeneratorInputError, err_msg,
- parse_function_code, stream, [], [])
+ self.assertRaisesRegex(GeneratorInputError, err_msg,
+ parse_function_code, stream, [], [])
@patch("generate_test_code.gen_dispatch")
@patch("generate_test_code.gen_dependencies")
diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py
index bead60c..4ec98d3 100755
--- a/tests/scripts/test_psa_constant_names.py
+++ b/tests/scripts/test_psa_constant_names.py
@@ -26,11 +26,12 @@
from collections import namedtuple
import itertools
import os
-import platform
import re
import subprocess
import sys
-import tempfile
+
+import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import c_build_helper
class ReadFileLineException(Exception):
def __init__(self, filename, line_number):
@@ -308,63 +309,23 @@
inputs.gather_arguments()
return inputs
-def remove_file_if_exists(filename):
- """Remove the specified file, ignoring errors."""
- if not filename:
- return
- try:
- os.remove(filename)
- except OSError:
- pass
-
def run_c(type_word, expressions, include_path=None, keep_c=False):
- """Generate and run a program to print out numerical values for expressions."""
- if include_path is None:
- include_path = []
+ """Generate and run a program to print out numerical values of C expressions."""
if type_word == 'status':
cast_to = 'long'
printf_format = '%ld'
else:
cast_to = 'unsigned long'
printf_format = '0x%08lx'
- c_name = None
- exe_name = None
- try:
- c_fd, c_name = tempfile.mkstemp(prefix='tmp-{}-'.format(type_word),
- suffix='.c',
- dir='programs/psa')
- exe_suffix = '.exe' if platform.system() == 'Windows' else ''
- exe_name = c_name[:-2] + exe_suffix
- remove_file_if_exists(exe_name)
- c_file = os.fdopen(c_fd, 'w', encoding='ascii')
- c_file.write('/* Generated by test_psa_constant_names.py for {} values */'
- .format(type_word))
- c_file.write('''
-#include <stdio.h>
-#include <psa/crypto.h>
-int main(void)
-{
-''')
- for expr in expressions:
- c_file.write(' printf("{}\\n", ({}) {});\n'
- .format(printf_format, cast_to, expr))
- c_file.write(''' return 0;
-}
-''')
- c_file.close()
- cc = os.getenv('CC', 'cc')
- subprocess.check_call([cc] +
- ['-I' + dir for dir in include_path] +
- ['-o', exe_name, c_name])
- if keep_c:
- sys.stderr.write('List of {} tests kept at {}\n'
- .format(type_word, c_name))
- else:
- os.remove(c_name)
- output = subprocess.check_output([exe_name])
- return output.decode('ascii').strip().split('\n')
- finally:
- remove_file_if_exists(exe_name)
+ return c_build_helper.get_c_expression_values(
+ cast_to, printf_format,
+ expressions,
+ caller='test_psa_constant_names.py for {} values'.format(type_word),
+ file_label=type_word,
+ header='#include <psa/crypto.h>',
+ include_path=include_path,
+ keep_c=keep_c
+ )
NORMALIZE_STRIP_RE = re.compile(r'\s+')
def normalize(expr):
diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c
new file mode 100644
index 0000000..98b3fe0
--- /dev/null
+++ b/tests/src/fake_external_rng_for_test.c
@@ -0,0 +1,56 @@
+/** \file psa_crypto_helpers.c
+ *
+ * \brief Helper functions to test PSA crypto functionality.
+ */
+
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <test/fake_external_rng_for_test.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+#include <test/random.h>
+#include <psa/crypto.h>
+
+static int test_insecure_external_rng_enabled = 0;
+
+void mbedtls_test_enable_insecure_external_rng( void )
+{
+ test_insecure_external_rng_enabled = 1;
+}
+
+void mbedtls_test_disable_insecure_external_rng( void )
+{
+ test_insecure_external_rng_enabled = 0;
+}
+
+psa_status_t mbedtls_psa_external_get_random(
+ mbedtls_psa_external_random_context_t *context,
+ uint8_t *output, size_t output_size, size_t *output_length )
+{
+ (void) context;
+
+ if( !test_insecure_external_rng_enabled )
+ return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+
+ /* This implementation is for test purposes only!
+ * Use the libc non-cryptographic random generator. */
+ mbedtls_test_rnd_std_rand( NULL, output, output_size );
+ *output_length = output_size;
+ return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c
index dacda68..cb79a22 100644
--- a/tests/src/psa_crypto_helpers.c
+++ b/tests/src/psa_crypto_helpers.c
@@ -22,25 +22,51 @@
#include <test/helpers.h>
#include <test/macros.h>
+#include <test/psa_crypto_helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include <psa/crypto.h>
-#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
-#include <test/random.h>
-
-psa_status_t mbedtls_psa_external_get_random(
- mbedtls_psa_external_random_context_t *context,
- uint8_t *output, size_t output_size, size_t *output_length )
+const char *mbedtls_test_helper_is_psa_leaking( void )
{
- /* This implementation is for test purposes only!
- * Use the libc non-cryptographic random generator. */
- (void) context;
- mbedtls_test_rnd_std_rand( NULL, output, output_size );
- *output_length = output_size;
- return( PSA_SUCCESS );
+ mbedtls_psa_stats_t stats;
+
+ mbedtls_psa_get_stats( &stats );
+
+ if( stats.volatile_slots != 0 )
+ return( "A volatile slot has not been closed properly." );
+ if( stats.persistent_slots != 0 )
+ return( "A persistent slot has not been closed properly." );
+ if( stats.external_slots != 0 )
+ return( "An external slot has not been closed properly." );
+ if( stats.half_filled_slots != 0 )
+ return( "A half-filled slot has not been cleared properly." );
+ if( stats.locked_slots != 0 )
+ return( "Some slots are still marked as locked." );
+
+ return( NULL );
}
-#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+
+#if defined(RECORD_PSA_STATUS_COVERAGE_LOG)
+/** Name of the file where return statuses are logged by #RECORD_STATUS. */
+#define STATUS_LOG_FILE_NAME "statuses.log"
+
+psa_status_t mbedtls_test_record_status( psa_status_t status,
+ const char *func,
+ const char *file, int line,
+ const char *expr )
+{
+ /* We open the log file on first use.
+ * We never close the log file, so the record_status feature is not
+ * compatible with resource leak detectors such as Asan.
+ */
+ static FILE *log;
+ if( log == NULL )
+ log = fopen( STATUS_LOG_FILE_NAME, "a" );
+ fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr );
+ return( status );
+}
+#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index aafcf5c..1dc6721 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -5,6 +5,9 @@
#include <test/macros.h>
#include <test/helpers.h>
#include <test/random.h>
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#include <test/psa_crypto_helpers.h>
+#endif
#include <stdlib.h>
@@ -418,6 +421,26 @@
test_info.filename = filename;
}
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+/** Check that no PSA Crypto key slots are in use.
+ *
+ * If any slots are in use, mark the current test as failed.
+ *
+ * \return 0 if the key store is empty, 1 otherwise.
+ */
+int test_fail_if_psa_leaking( int line_no, const char *filename )
+{
+ const char *msg = mbedtls_test_helper_is_psa_leaking( );
+ if( msg == NULL )
+ return 0;
+ else
+ {
+ test_fail( msg, line_no, filename );
+ return 1;
+ }
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_C) */
+
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
static int redirect_output( FILE* out_stream, const char* path )
{
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 256224e..98dab3e 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -164,6 +164,10 @@
*/
void execute_function_ptr(TestWrapper_t fp, void **params)
{
+#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+ mbedtls_test_enable_insecure_external_rng( );
+#endif
+
#if defined(MBEDTLS_CHECK_PARAMS)
mbedtls_test_param_failed_location_record_t location_record;
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 1d98f3d..76e474f 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -9,10 +9,6 @@
#include "mbedtls/gcm.h"
#endif
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-#include "test/psa_crypto_helpers.h"
-#endif
-
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
#define MBEDTLS_CIPHER_AUTH_CRYPT
#endif
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 98016c6..577fb47 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -17,13 +17,13 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "mbedtls/psa_util.h"
-#include "test/psa_crypto_helpers.h"
#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
#else
/* Define empty macros so that we can use them in the preamble and teardown
* of every test function that uses PSA conditionally based on
* MBEDTLS_USE_PSA_CRYPTO. */
#define PSA_INIT( ) ( (void) 0 )
+#undef PSA_DONE
#define PSA_DONE( ) ( (void) 0 )
#endif
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f267c15..a760554 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -795,7 +795,6 @@
hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
PSA hash: bad order function calls
-depends_on:MBEDTLS_SHA256_C
hash_bad_order:
PSA hash verify: bad arguments
@@ -940,7 +939,6 @@
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
PSA MAC: bad order function calls
-depends_on:MBEDTLS_SHA256_C
mac_bad_order:
PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
@@ -1161,7 +1159,6 @@
cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
PSA cipher: bad order function calls
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
cipher_bad_order:
PSA symmetric encrypt: AES-ECB, 0 bytes, good
@@ -1181,11 +1178,11 @@
cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
PSA symmetric encrypt: AES-ECB, input too short (15 bytes)
@@ -1241,15 +1238,15 @@
cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_INVALID_ARGUMENT
PSA symmetric decrypt: AES-CTR, 16 bytes, good
@@ -2372,11 +2369,11 @@
derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
PSA key derivation: HKDF SHA-256, request maximum capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_SHA256_C:HAVE_RAM_AVAILABLE_128K
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
PSA key derivation: HKDF SHA-1, request maximum capacity
-depends_on:MBEDTLS_SHA1_C
+depends_on:MBEDTLS_SHA1_C:HAVE_RAM_AVAILABLE_128K
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_KEY_DERIVATION_INPUT_SECRET:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_KEY_DERIVATION_INPUT_INFO:"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
PSA key derivation: HKDF SHA-256, request too much capacity
@@ -2404,19 +2401,19 @@
derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
PSA key derivation: HKDF SHA-256, read maximum capacity minus 1
-depends_on:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_SHA256_C:HAVE_RAM_AVAILABLE_128K
derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
PSA key derivation: HKDF SHA-256, read maximum capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_SHA256_C:HAVE_RAM_AVAILABLE_128K
derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1
-depends_on:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_SHA256_C:HAVE_RAM_AVAILABLE_128K
derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity
-depends_on:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_SHA256_C:HAVE_RAM_AVAILABLE_128K
derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
PSA key derivation: HKDF SHA-256, exercise AES128-CTR
@@ -2428,15 +2425,15 @@
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
PSA key derivation: HKDF SHA-256, exercise DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
@@ -2452,15 +2449,15 @@
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: TLS 1.2 PRF SHA-256, exercise 2-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: TLS 1.2 PRF SHA-256, exercise 3-key 3DES-CBC
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
PSA key derivation: TLS 1.2 PRF SHA-256, exercise HMAC-SHA-256
@@ -2516,7 +2513,7 @@
# and not expected to be raised any time soon) is less than the maximum
# output from HKDF-SHA512 (255*64 = 16320 bytes).
PSA key derivation: largest possible key
-depends_on:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_SHA512_C:HAVE_RAM_AVAILABLE_128K
derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS:PSA_SUCCESS
PSA key derivation: key too large
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8e71610..79c012f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -9,8 +9,6 @@
* uses mbedtls_ctr_drbg internally. */
#include "mbedtls/ctr_drbg.h"
-#include "test/psa_crypto_helpers.h"
-
/* Tests that require more than 128kB of RAM plus change have this symbol
* as a dependency. Currently we always define this symbol, so the tests
* are always executed. In the future we should make this conditional
@@ -287,7 +285,7 @@
TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
else if( PSA_KEY_TYPE_IS_RSA( type ) )
TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS );
- TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) <= PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE );
+ TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE );
ok = 1;
@@ -447,7 +445,7 @@
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
/* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't
* have this macro yet. */
- iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE(
+ iv_length = PSA_BLOCK_CIPHER_BLOCK_LENGTH(
psa_get_key_type( &attributes ) );
maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg );
psa_reset_key_attributes( &attributes );
@@ -550,7 +548,7 @@
* the hash encoded in the algorithm. Use this input size
* even for algorithms that allow other input sizes. */
if( hash_alg != 0 )
- payload_length = PSA_HASH_SIZE( hash_alg );
+ payload_length = PSA_HASH_LENGTH( hash_alg );
PSA_ASSERT( psa_sign_hash( key, alg,
payload, payload_length,
signature, sizeof( signature ),
@@ -714,7 +712,7 @@
private_key_type = psa_get_key_type( &attributes );
key_bits = psa_get_key_bits( &attributes );
public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
- public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
+ public_key_length = PSA_EXPORT_KEY_OUTPUT_SIZE( public_key_type, key_bits );
ASSERT_ALLOC( public_key, public_key_length );
PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length,
&public_key_length ) );
@@ -755,7 +753,7 @@
private_key_type = psa_get_key_type( &attributes );
key_bits = psa_get_key_bits( &attributes );
public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type );
- public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
+ public_key_length = PSA_EXPORT_KEY_OUTPUT_SIZE( public_key_type, key_bits );
ASSERT_ALLOC( public_key, public_key_length );
PSA_ASSERT( psa_export_public_key( key,
public_key, public_key_length,
@@ -868,7 +866,7 @@
if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
TEST_EQUAL( exported_length, ( bits + 7 ) / 8 );
else
- TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) );
+ TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits ) );
#if defined(MBEDTLS_DES_C)
if( type == PSA_KEY_TYPE_DES )
@@ -1037,8 +1035,8 @@
goto exit;
}
- exported_size = PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ) );
+ exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type( &attributes ),
+ psa_get_key_bits( &attributes ) );
ASSERT_ALLOC( exported, exported_size );
PSA_ASSERT( psa_export_key( key,
@@ -1078,8 +1076,8 @@
public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(
psa_get_key_type( &attributes ) );
- exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type,
- psa_get_key_bits( &attributes ) );
+ exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( public_type,
+ psa_get_key_bits( &attributes ) );
ASSERT_ALLOC( exported, exported_size );
PSA_ASSERT( psa_export_public_key( key,
@@ -1735,7 +1733,7 @@
reexported, reexported_length );
PSA_ASSERT( psa_destroy_key( key2 ) );
}
- TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, psa_get_key_bits( &got_attributes ) ) );
+ TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, psa_get_key_bits( &got_attributes ) ) );
destroy:
/* Destroy the key */
@@ -1795,7 +1793,7 @@
PSA_ASSERT( psa_get_key_attributes( key, &attributes ) );
bits = psa_get_key_bits( &attributes );
TEST_ASSERT( expected_public_key->len <=
- PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) );
ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
exported, exported_length );
}
@@ -2643,9 +2641,9 @@
/* Compute with tight buffer */
PSA_ASSERT( psa_hash_compute( alg, input->x, input->len,
- output, PSA_HASH_SIZE( alg ),
+ output, PSA_HASH_LENGTH( alg ),
&output_length ) );
- TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) );
+ TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) );
ASSERT_COMPARE( output, output_length,
expected_output->x, expected_output->len );
@@ -2653,7 +2651,7 @@
PSA_ASSERT( psa_hash_compute( alg, input->x, input->len,
output, sizeof( output ),
&output_length ) );
- TEST_EQUAL( output_length, PSA_HASH_SIZE( alg ) );
+ TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) );
ASSERT_COMPARE( output, output_length,
expected_output->x, expected_output->len );
@@ -2687,7 +2685,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
void hash_bad_order( )
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
@@ -2785,7 +2783,7 @@
0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb };
- size_t expected_size = PSA_HASH_SIZE( alg );
+ size_t expected_size = PSA_HASH_LENGTH( alg );
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
PSA_ASSERT( psa_crypto_init( ) );
@@ -2815,7 +2813,7 @@
{
psa_algorithm_t alg = PSA_ALG_SHA_256;
unsigned char hash[PSA_HASH_MAX_SIZE];
- size_t expected_size = PSA_HASH_SIZE( alg );
+ size_t expected_size = PSA_HASH_LENGTH( alg );
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
size_t hash_len;
@@ -2989,7 +2987,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
void mac_bad_order( )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -3119,7 +3117,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *actual_mac = NULL;
size_t mac_buffer_size =
- PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
+ PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg );
size_t mac_length = 0;
const size_t output_sizes_to_test[] = {
0,
@@ -3130,7 +3128,7 @@
};
TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
- /* We expect PSA_MAC_FINAL_SIZE to be exact. */
+ /* We expect PSA_MAC_LENGTH to be exact. */
TEST_ASSERT( expected_mac->len == mac_buffer_size );
PSA_ASSERT( psa_crypto_init( ) );
@@ -3334,7 +3332,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 */
void cipher_bad_order( )
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -3342,14 +3340,14 @@
psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT;
- unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
+ unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 };
const uint8_t key_data[] = {
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
0xaa, 0xaa, 0xaa, 0xaa };
const uint8_t text[] = {
0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
0xbb, 0xbb, 0xbb, 0xbb };
- uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES)] = { 0 };
+ uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 };
size_t length = 0;
PSA_ASSERT( psa_crypto_init( ) );
@@ -3522,7 +3520,7 @@
}
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
PSA_ASSERT( psa_cipher_update( &operation,
@@ -3590,7 +3588,7 @@
}
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -3663,7 +3661,7 @@
}
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -3734,7 +3732,7 @@
}
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
PSA_ASSERT( psa_cipher_update( &operation,
@@ -3805,7 +3803,7 @@
&iv_length ) );
}
output1_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output1, output1_size );
PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
@@ -3899,7 +3897,7 @@
}
output1_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output1, output1_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -5645,7 +5643,7 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t *exported = NULL;
size_t exported_size =
- PSA_KEY_EXPORT_MAX_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits );
size_t exported_length = SIZE_MAX;
uint8_t *e_read_buffer = NULL;
int is_default_public_exponent = 0;
@@ -5756,7 +5754,7 @@
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
unsigned char *first_export = NULL;
unsigned char *second_export = NULL;
- size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
+ size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits );
size_t first_exported_length;
size_t second_exported_length;
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 6d20eff..dd01ab6 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -1,6 +1,4 @@
/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
-
#include "test/drivers/test_driver.h"
/* END_HEADER */
@@ -326,7 +324,7 @@
test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
if( mock_output_arg )
@@ -418,7 +416,7 @@
test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -503,7 +501,7 @@
test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
TEST_ASSERT( first_part_size <= input->len );
@@ -591,7 +589,7 @@
test_driver_cipher_hooks.hits = 0;
output_buffer_size = ( (size_t) input->len +
- PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
ASSERT_ALLOC( output, output_buffer_size );
if( mock_output_arg )
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
index 61593e9..0e53b60 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.data
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -1,3 +1,30 @@
+PSA external RNG failure: generate random and key
+external_rng_failure_generate:
+
+# When verifying the impact of a forced RNG failure, depend on the built-in
+# implementation of the algorithm that uses randomization, whether it's
+# because the algorithm is randomized or because our implementation uses
+# randomization for (e.g.) blinding. An external implementation could use
+# its own randomness source which is not affected by the forced failure of
+# the RNG driver.
+# Key types and non-randomized auxilary algorithms (in practice, hashes) can
+# use an external implementation.
+PSA external RNG failure: randomized ECDSA
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:32
+
+PSA external RNG failure: deterministic ECDSA (software implementation)
+depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:PSA_WANT_ALG_SHA_256
+external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):32
+
+PSA external RNG failure: RSA-PSS
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256
+external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):32
+
+PSA external RNG failure: RSA PKCS#1v1.5 (software implementation)
+depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN
+external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:32
+
PSA validate entropy injection: good, minimum size
validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 66c241e..8c1fdab 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -1,19 +1,23 @@
/* BEGIN_HEADER */
#include <stdint.h>
+#include <string.h>
+
+#include <psa/crypto.h>
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
-#include "test/psa_crypto_helpers.h"
+/* Calculating the minimum allowed entropy size in bytes */
+#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
+#if defined(MBEDTLS_PSA_INJECT_ENTROPY)
+
#if defined(MBEDTLS_PSA_ITS_FILE_C)
#include <stdio.h>
#else
#include <psa/internal_trusted_storage.h>
#endif
-/* Calculating the minimum allowed entropy size in bytes */
-#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
-
/* Remove the entropy seed file. Since the library does not expose a way
* to do this (it would be a security risk if such a function was ever
* accessible in production), implement this functionality in a white-box
@@ -30,14 +34,89 @@
#endif
}
+#endif /* MBEDTLS_PSA_INJECT_ENTROPY */
+
/* END_HEADER */
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_INJECT_ENTROPY
- * END_DEPENDENCIES
- */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void external_rng_failure_generate( )
+{
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE );
+ psa_set_key_bits( &attributes, 128 );
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ uint8_t output[1];
-/* BEGIN_CASE */
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) );
+ PSA_ASSERT( psa_generate_key( &attributes, &key ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+
+ mbedtls_test_disable_insecure_external_rng( );
+ TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
+ psa_generate_random( output, sizeof( output ) ) );
+ TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
+ psa_generate_key( &attributes, &key ) );
+
+exit:
+ psa_destroy_key( key );
+ PSA_DONE( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+void external_rng_failure_sign( int key_type, data_t *key_data, int alg,
+ int input_size_arg )
+{
+ /* This test case is only expected to pass if the signature mechanism
+ * requires randomness, either because it is a randomized signature
+ * or because the implementation uses blinding. */
+
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_set_key_type( &attributes, key_type );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN );
+ psa_set_key_algorithm( &attributes, alg );
+ mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+ size_t input_size = input_size_arg;
+ uint8_t *input = NULL;
+ uint8_t *signature = NULL;
+ size_t signature_size = PSA_SIGNATURE_MAX_SIZE;
+ size_t signature_length;
+
+ ASSERT_ALLOC( input, input_size );
+ ASSERT_ALLOC( signature, signature_size );
+
+ PSA_ASSERT( psa_crypto_init( ) );
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ PSA_ASSERT( psa_sign_hash( key, alg,
+ input, input_size,
+ signature, signature_size,
+ &signature_length ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+
+ mbedtls_test_disable_insecure_external_rng( );
+ /* Import the key again, because for RSA Mbed TLS caches blinding values
+ * in the key object and this could perturb the test. */
+ PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
+ &key ) );
+ TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY,
+ psa_sign_hash( key, alg,
+ input, input_size,
+ signature, signature_size,
+ &signature_length ) );
+ PSA_ASSERT( psa_destroy_key( key ) );
+
+exit:
+ psa_destroy_key( key );
+ PSA_DONE( );
+ mbedtls_free( input );
+ mbedtls_free( signature );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
void validate_entropy_seed_injection( int seed_length_a,
int expected_status_a,
int seed_length_b,
@@ -81,7 +160,7 @@
}
/* END_CASE */
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */
void run_entropy_inject_with_crypto_init( )
{
psa_status_t status;
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index 1bc9331..b0da2bf 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -2,8 +2,6 @@
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
-
/* END_HEADER */
/* BEGIN_DEPENDENCIES
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index e6097bb..40efb87 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
/* Some tests in this module configure entropy sources. */
#include "psa_crypto_invasive.h"
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 7c0929e..45f639e 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -156,7 +156,7 @@
algorithm_classification( alg, classification_flags );
/* Length */
- TEST_EQUAL( length, PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+ TEST_EQUAL( length, PSA_MAC_LENGTH( key_type, key_bits, alg ) );
exit: ;
}
@@ -226,7 +226,7 @@
TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg );
/* Hash length */
- TEST_EQUAL( length, PSA_HASH_SIZE( alg ) );
+ TEST_EQUAL( length, PSA_HASH_LENGTH( alg ) );
TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
}
/* END_CASE */
@@ -483,7 +483,7 @@
TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK,
PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
- TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), block_size );
+ TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size );
}
/* END_CASE */
@@ -496,7 +496,7 @@
TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK,
PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
- TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_SIZE( type ), 1 );
+ TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), 1 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 8e10158..9759077 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -9,7 +9,6 @@
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 1add9b4..cf6ca5e 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -1,5 +1,4 @@
/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
#include "psa/crypto_se_driver.h"
#include "psa_crypto_se.h"
@@ -293,8 +292,8 @@
{
psa_status_t status;
size_t required_storage =
- PSA_KEY_EXPORT_MAX_SIZE( psa_get_key_type( attributes ),
- psa_get_key_bits( attributes ) );
+ PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type( attributes ),
+ psa_get_key_bits( attributes ) );
DRIVER_ASSERT_RETURN( *pubkey_length == 0 );
if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
index 629c924..12c58eb 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
@@ -1,5 +1,4 @@
/* BEGIN_HEADER */
-#include "test/psa_crypto_helpers.h"
#include "psa/crypto_se_driver.h"
#include "psa_crypto_se.h"
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 57d4789..b0c660b 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -1,7 +1,6 @@
/* BEGIN_HEADER */
#include <stdint.h>
-#include "test/psa_crypto_helpers.h"
#include "psa_crypto_slot_management.h"
#include "psa_crypto_storage.h"
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index b3f209e..e0f80be 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -56,35 +56,43 @@
Certificate write check Server1 SHA1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0
Certificate write check Server1 SHA1, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0
Certificate write check Server1 SHA1, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0
Certificate write check Server1 SHA1, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0
+
+Certificate write check Server1 SHA1, CA
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1
Certificate write check Server1 SHA1, RSA_ALT
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0
Certificate write check Server1 SHA1, RSA_ALT, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0
Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0
Certificate write check Server1 SHA1, RSA_ALT, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
-x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0
+
+Certificate write check Server1 SHA1, RSA_ALT, CA
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1
X509 String to Names #1
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 3803377..9960989 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -6,24 +6,11 @@
#include "mbedtls/oid.h"
#include "mbedtls/rsa.h"
-/* These are the same depends as the test function x509_crs_check_opaque(),
- * the only function using PSA here. Using a weaker condition would result in
- * warnings about the static functions defined in psa_crypto_helpers.h being
- * unused. */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_PEM_WRITE_C) && \
- defined(MBEDTLS_X509_CSR_WRITE_C)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#include "mbedtls/psa_util.h"
-#include "test/psa_crypto_helpers.h"
#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) )
-#else
-/* Define empty macros so that we can use them in the preamble and teardown
- * of every test function that uses PSA conditionally based on
- * MBEDTLS_USE_PSA_CRYPTO. */
-#define PSA_INIT( ) ( (void) 0 )
-#define PSA_DONE( ) ( (void) 0 )
-#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
@@ -219,7 +206,7 @@
char *serial_str, char *not_before, char *not_after,
int md_type, int key_usage, int set_key_usage,
int cert_type, int set_cert_type, int auth_ident,
- int ver, char *cert_check_file, int rsa_alt )
+ int ver, char *cert_check_file, int rsa_alt, int is_ca )
{
mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
mbedtls_pk_context *key = &issuer_key;
@@ -282,7 +269,9 @@
if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 )
{
- TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
+ /* For the CA case, a path length of -1 means unlimited. */
+ TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, is_ca,
+ (is_ca ? -1 : 0) ) == 0 );
TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
if( auth_ident )
TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 100c313..78832eb 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -233,6 +233,7 @@
<ClInclude Include="..\..\include\psa\crypto_types.h" />
<ClInclude Include="..\..\include\psa\crypto_values.h" />
<ClInclude Include="..\..\tests\include\test\constant_flow.h" />
+ <ClInclude Include="..\..\tests\include\test\fake_external_rng_for_test.h" />
<ClInclude Include="..\..\tests\include\test\helpers.h" />
<ClInclude Include="..\..\tests\include\test\macros.h" />
<ClInclude Include="..\..\tests\include\test\psa_crypto_helpers.h" />
@@ -348,6 +349,7 @@
<ClCompile Include="..\..\library\x509write_crt.c" />
<ClCompile Include="..\..\library\x509write_csr.c" />
<ClCompile Include="..\..\library\xtea.c" />
+ <ClCompile Include="..\..\tests\src\fake_external_rng_for_test.c" />
<ClCompile Include="..\..\tests\src\helpers.c" />
<ClCompile Include="..\..\tests\src\psa_crypto_helpers.c" />
<ClCompile Include="..\..\tests\src\random.c" />
diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj
index 9021602..9884f23 100644
--- a/visualc/VS2010/ssl_client2.vcxproj
+++ b/visualc/VS2010/ssl_client2.vcxproj
@@ -21,6 +21,7 @@
<ItemGroup>
<ClCompile Include="..\..\programs\ssl\ssl_client2.c" />
<ClCompile Include="..\..\programs\test\query_config.c" />
+ <ClCompile Include="..\..\programs\ssl\ssl_test_lib.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">
diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj
index 61eedaa..d8f3e59 100644
--- a/visualc/VS2010/ssl_server2.vcxproj
+++ b/visualc/VS2010/ssl_server2.vcxproj
@@ -21,6 +21,7 @@
<ItemGroup>
<ClCompile Include="..\..\programs\ssl\ssl_server2.c" />
<ClCompile Include="..\..\programs\test\query_config.c" />
+ <ClCompile Include="..\..\programs\ssl\ssl_test_lib.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">