blob: 839b4455c3a06733b58eb30ef3f22aaab2853863 [file] [log] [blame]
Gilles Peskinea3ed34f2021-01-05 21:11:16 +01001/*
Gilles Peskine0d980b82021-01-05 23:34:27 +01002 * Common code library for SSL test programs.
3 *
4 * In addition to the functions in this file, there is shared source code
5 * that cannot be compiled separately in "ssl_test_common_source.c".
Gilles Peskinea3ed34f2021-01-05 21:11:16 +01006 *
7 * Copyright The Mbed TLS Contributors
Dave Rodgman7ff79652023-11-03 12:04:52 +00008 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Gilles Peskinea3ed34f2021-01-05 21:11:16 +01009 */
10
11#include "ssl_test_lib.h"
12
Gilles Peskinee374b952021-02-03 00:05:19 +010013#if defined(MBEDTLS_TEST_HOOKS)
14#include "test/helpers.h"
15#endif
16
Gilles Peskineab7ce962021-01-05 21:27:53 +010017#if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
18
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010019void my_debug(void *ctx, int level,
20 const char *file, int line,
21 const char *str)
Gilles Peskine504c1a32021-01-05 23:40:14 +010022{
23 const char *p, *basename;
24
25 /* Extract basename from file */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010026 for (p = basename = file; *p != '\0'; p++) {
27 if (*p == '/' || *p == '\\') {
Gilles Peskine504c1a32021-01-05 23:40:14 +010028 basename = p + 1;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010029 }
30 }
Gilles Peskine504c1a32021-01-05 23:40:14 +010031
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010032 mbedtls_fprintf((FILE *) ctx, "%s:%04d: |%d| %s",
33 basename, line, level, str);
34 fflush((FILE *) ctx);
Gilles Peskine504c1a32021-01-05 23:40:14 +010035}
36
Raoul Strackx2db000f2020-06-22 14:08:57 +020037#if defined(MBEDTLS_HAVE_TIME)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010038mbedtls_time_t dummy_constant_time(mbedtls_time_t *time)
Gilles Peskine504c1a32021-01-05 23:40:14 +010039{
40 (void) time;
41 return 0x5af2a056;
42}
Raoul Strackx2db000f2020-06-22 14:08:57 +020043#endif
Gilles Peskine504c1a32021-01-05 23:40:14 +010044
Gilles Peskine8eb29432021-02-03 20:07:11 +010045#if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010046static int dummy_entropy(void *data, unsigned char *output, size_t len)
Gilles Peskine504c1a32021-01-05 23:40:14 +010047{
48 size_t i;
49 int ret;
50 (void) data;
51
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010052 ret = mbedtls_entropy_func(data, output, len);
53 for (i = 0; i < len; i++) {
Gilles Peskine504c1a32021-01-05 23:40:14 +010054 //replace result with pseudo random
55 output[i] = (unsigned char) rand();
56 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010057 return ret;
Gilles Peskine504c1a32021-01-05 23:40:14 +010058}
Gilles Peskine8eb29432021-02-03 20:07:11 +010059#endif
Gilles Peskine504c1a32021-01-05 23:40:14 +010060
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010061void rng_init(rng_context_t *rng)
Gilles Peskinedaa94c42021-01-13 18:38:27 +010062{
Gilles Peskine8eb29432021-02-03 20:07:11 +010063#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
64 (void) rng;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010065 psa_crypto_init();
Gilles Peskine8eb29432021-02-03 20:07:11 +010066#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
67
Gilles Peskineba749042021-01-13 20:02:03 +010068#if defined(MBEDTLS_CTR_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010069 mbedtls_ctr_drbg_init(&rng->drbg);
Gilles Peskineba749042021-01-13 20:02:03 +010070#elif defined(MBEDTLS_HMAC_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010071 mbedtls_hmac_drbg_init(&rng->drbg);
Gilles Peskineba749042021-01-13 20:02:03 +010072#else
73#error "No DRBG available"
74#endif
75
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010076 mbedtls_entropy_init(&rng->entropy);
Gilles Peskine8eb29432021-02-03 20:07:11 +010077#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
Gilles Peskinedaa94c42021-01-13 18:38:27 +010078}
79
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010080int rng_seed(rng_context_t *rng, int reproducible, const char *pers)
Gilles Peskinedaa94c42021-01-13 18:38:27 +010081{
Gilles Peskineaaedbdc2021-02-03 13:55:22 +010082#if defined(MBEDTLS_USE_PSA_CRYPTO)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010083 if (reproducible) {
84 mbedtls_fprintf(stderr,
85 "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n");
86 return -1;
Gilles Peskineaaedbdc2021-02-03 13:55:22 +010087 }
88#endif
Gilles Peskine8eb29432021-02-03 20:07:11 +010089#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
90 /* The PSA crypto RNG does its own seeding. */
91 (void) rng;
92 (void) pers;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010093 if (reproducible) {
94 mbedtls_fprintf(stderr,
95 "The PSA RNG does not support reproducible mode.\n");
96 return -1;
Gilles Peskine8eb29432021-02-03 20:07:11 +010097 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +010098 return 0;
Gilles Peskine8eb29432021-02-03 20:07:11 +010099#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100100 int (*f_entropy)(void *, unsigned char *, size_t) =
101 (reproducible ? dummy_entropy : mbedtls_entropy_func);
Gilles Peskinedaa94c42021-01-13 18:38:27 +0100102
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100103 if (reproducible) {
104 srand(1);
105 }
Gilles Peskinedaa94c42021-01-13 18:38:27 +0100106
Gilles Peskineba749042021-01-13 20:02:03 +0100107#if defined(MBEDTLS_CTR_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100108 int ret = mbedtls_ctr_drbg_seed(&rng->drbg,
109 f_entropy, &rng->entropy,
110 (const unsigned char *) pers,
111 strlen(pers));
Gilles Peskineba749042021-01-13 20:02:03 +0100112#elif defined(MBEDTLS_HMAC_DRBG_C)
113#if defined(MBEDTLS_SHA256_C)
114 const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
115#elif defined(MBEDTLS_SHA512_C)
116 const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
117#else
118#error "No message digest available for HMAC_DRBG"
119#endif
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100120 int ret = mbedtls_hmac_drbg_seed(&rng->drbg,
121 mbedtls_md_info_from_type(md_type),
122 f_entropy, &rng->entropy,
123 (const unsigned char *) pers,
124 strlen(pers));
Gilles Peskine8eb29432021-02-03 20:07:11 +0100125#else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
Gilles Peskineba749042021-01-13 20:02:03 +0100126#error "No DRBG available"
Gilles Peskine8eb29432021-02-03 20:07:11 +0100127#endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
Gilles Peskineba749042021-01-13 20:02:03 +0100128
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100129 if (ret != 0) {
130 mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
131 (unsigned int) -ret);
132 return ret;
Gilles Peskinef1cb75f2021-01-13 18:46:01 +0100133 }
Gilles Peskine8eb29432021-02-03 20:07:11 +0100134#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
Gilles Peskinedaa94c42021-01-13 18:38:27 +0100135
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100136 return 0;
Gilles Peskinedaa94c42021-01-13 18:38:27 +0100137}
138
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100139void rng_free(rng_context_t *rng)
Gilles Peskinedaa94c42021-01-13 18:38:27 +0100140{
Gilles Peskine8eb29432021-02-03 20:07:11 +0100141#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
142 (void) rng;
143 /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs.
144 * This is ok because none of our applications try to do any crypto after
145 * deinitializing the RNG. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100146 mbedtls_psa_crypto_free();
Gilles Peskine8eb29432021-02-03 20:07:11 +0100147#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
148
Gilles Peskineba749042021-01-13 20:02:03 +0100149#if defined(MBEDTLS_CTR_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100150 mbedtls_ctr_drbg_free(&rng->drbg);
Gilles Peskineba749042021-01-13 20:02:03 +0100151#elif defined(MBEDTLS_HMAC_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100152 mbedtls_hmac_drbg_free(&rng->drbg);
Gilles Peskineba749042021-01-13 20:02:03 +0100153#else
154#error "No DRBG available"
155#endif
156
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100157 mbedtls_entropy_free(&rng->entropy);
Gilles Peskine8eb29432021-02-03 20:07:11 +0100158#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
Gilles Peskinedaa94c42021-01-13 18:38:27 +0100159}
160
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100161int rng_get(void *p_rng, unsigned char *output, size_t output_len)
Gilles Peskine535fb372021-01-13 18:59:46 +0100162{
Gilles Peskine8eb29432021-02-03 20:07:11 +0100163#if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
164 (void) p_rng;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100165 return mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
166 output, output_len);
Gilles Peskine8eb29432021-02-03 20:07:11 +0100167#else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
Gilles Peskine535fb372021-01-13 18:59:46 +0100168 rng_context_t *rng = p_rng;
Gilles Peskine8eb29432021-02-03 20:07:11 +0100169
Gilles Peskineba749042021-01-13 20:02:03 +0100170#if defined(MBEDTLS_CTR_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100171 return mbedtls_ctr_drbg_random(&rng->drbg, output, output_len);
Gilles Peskineba749042021-01-13 20:02:03 +0100172#elif defined(MBEDTLS_HMAC_DRBG_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100173 return mbedtls_hmac_drbg_random(&rng->drbg, output, output_len);
Gilles Peskineba749042021-01-13 20:02:03 +0100174#else
175#error "No DRBG available"
176#endif
Gilles Peskine8eb29432021-02-03 20:07:11 +0100177
178#endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
Gilles Peskine535fb372021-01-13 18:59:46 +0100179}
180
Gilles Peskine504c1a32021-01-05 23:40:14 +0100181#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100182int ca_callback(void *data, mbedtls_x509_crt const *child,
183 mbedtls_x509_crt **candidates)
Gilles Peskine504c1a32021-01-05 23:40:14 +0100184{
185 int ret = 0;
186 mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
187 mbedtls_x509_crt *first;
188
189 /* This is a test-only implementation of the CA callback
190 * which always returns the entire list of trusted certificates.
191 * Production implementations managing a large number of CAs
192 * should use an efficient presentation and lookup for the
193 * set of trusted certificates (such as a hashtable) and only
194 * return those trusted certificates which satisfy basic
195 * parental checks, such as the matching of child `Issuer`
196 * and parent `Subject` field or matching key identifiers. */
197 ((void) child);
198
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100199 first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
200 if (first == NULL) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100201 ret = -1;
202 goto exit;
203 }
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100204 mbedtls_x509_crt_init(first);
Gilles Peskine504c1a32021-01-05 23:40:14 +0100205
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100206 if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100207 ret = -1;
208 goto exit;
209 }
210
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100211 while (ca->next != NULL) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100212 ca = ca->next;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100213 if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100214 ret = -1;
215 goto exit;
216 }
217 }
218
219exit:
220
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100221 if (ret != 0) {
222 mbedtls_x509_crt_free(first);
223 mbedtls_free(first);
Gilles Peskine504c1a32021-01-05 23:40:14 +0100224 first = NULL;
225 }
226
227 *candidates = first;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100228 return ret;
Gilles Peskine504c1a32021-01-05 23:40:14 +0100229}
230#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
231
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100232int delayed_recv(void *ctx, unsigned char *buf, size_t len)
Gilles Peskine504c1a32021-01-05 23:40:14 +0100233{
234 static int first_try = 1;
235 int ret;
236
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100237 if (first_try) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100238 first_try = 0;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100239 return MBEDTLS_ERR_SSL_WANT_READ;
Gilles Peskine504c1a32021-01-05 23:40:14 +0100240 }
241
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100242 ret = mbedtls_net_recv(ctx, buf, len);
243 if (ret != MBEDTLS_ERR_SSL_WANT_READ) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100244 first_try = 1; /* Next call will be a new operation */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100245 }
246 return ret;
Gilles Peskine504c1a32021-01-05 23:40:14 +0100247}
248
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100249int delayed_send(void *ctx, const unsigned char *buf, size_t len)
Gilles Peskine504c1a32021-01-05 23:40:14 +0100250{
251 static int first_try = 1;
252 int ret;
253
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100254 if (first_try) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100255 first_try = 0;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100256 return MBEDTLS_ERR_SSL_WANT_WRITE;
Gilles Peskine504c1a32021-01-05 23:40:14 +0100257 }
258
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100259 ret = mbedtls_net_send(ctx, buf, len);
260 if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100261 first_try = 1; /* Next call will be a new operation */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100262 }
263 return ret;
Gilles Peskine504c1a32021-01-05 23:40:14 +0100264}
265
266#if !defined(MBEDTLS_TIMING_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100267int idle(mbedtls_net_context *fd,
268 int idle_reason)
Gilles Peskine504c1a32021-01-05 23:40:14 +0100269#else
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100270int idle(mbedtls_net_context *fd,
271 mbedtls_timing_delay_context *timer,
272 int idle_reason)
Gilles Peskine504c1a32021-01-05 23:40:14 +0100273#endif
274{
275 int ret;
276 int poll_type = 0;
277
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100278 if (idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100279 poll_type = MBEDTLS_NET_POLL_WRITE;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100280 } else if (idle_reason == MBEDTLS_ERR_SSL_WANT_READ) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100281 poll_type = MBEDTLS_NET_POLL_READ;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100282 }
Gilles Peskine504c1a32021-01-05 23:40:14 +0100283#if !defined(MBEDTLS_TIMING_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100284 else {
285 return 0;
286 }
Gilles Peskine504c1a32021-01-05 23:40:14 +0100287#endif
288
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100289 while (1) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100290 /* Check if timer has expired */
291#if defined(MBEDTLS_TIMING_C)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100292 if (timer != NULL &&
293 mbedtls_timing_get_delay(timer) == 2) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100294 break;
295 }
296#endif /* MBEDTLS_TIMING_C */
297
298 /* Check if underlying transport became available */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100299 if (poll_type != 0) {
300 ret = mbedtls_net_poll(fd, poll_type, 0);
301 if (ret < 0) {
302 return ret;
303 }
304 if (ret == poll_type) {
Gilles Peskine504c1a32021-01-05 23:40:14 +0100305 break;
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100306 }
Gilles Peskine504c1a32021-01-05 23:40:14 +0100307 }
308 }
309
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100310 return 0;
Gilles Peskine504c1a32021-01-05 23:40:14 +0100311}
312
Gilles Peskine53dea742021-02-02 22:55:06 +0100313#if defined(MBEDTLS_TEST_HOOKS)
314
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100315void test_hooks_init(void)
Gilles Peskine53dea742021-02-02 22:55:06 +0100316{
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100317 mbedtls_test_info_reset();
Gilles Peskinee374b952021-02-03 00:05:19 +0100318
319#if defined(MBEDTLS_TEST_MUTEX_USAGE)
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100320 mbedtls_test_mutex_usage_init();
Gilles Peskinee374b952021-02-03 00:05:19 +0100321#endif
Gilles Peskine53dea742021-02-02 22:55:06 +0100322}
323
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100324int test_hooks_failure_detected(void)
Gilles Peskine53dea742021-02-02 22:55:06 +0100325{
Gilles Peskinee374b952021-02-03 00:05:19 +0100326#if defined(MBEDTLS_TEST_MUTEX_USAGE)
327 /* Errors are reported via mbedtls_test_info. */
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100328 mbedtls_test_mutex_usage_check();
Gilles Peskinee374b952021-02-03 00:05:19 +0100329#endif
330
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100331 if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS) {
332 return 1;
333 }
334 return 0;
Gilles Peskine53dea742021-02-02 22:55:06 +0100335}
336
Gilles Peskine1b6c09a2023-01-11 14:52:35 +0100337void test_hooks_free(void)
Gilles Peskine53dea742021-02-02 22:55:06 +0100338{
339}
340
341#endif /* MBEDTLS_TEST_HOOKS */
342
Gilles Peskineab7ce962021-01-05 21:27:53 +0100343#endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */