diff --git a/scripts/generate_psa_wrappers.py b/scripts/generate_psa_wrappers.py index 641149b6ab..e2bfeeec28 100755 --- a/scripts/generate_psa_wrappers.py +++ b/scripts/generate_psa_wrappers.py @@ -248,8 +248,8 @@ def _printf_parameters(self, typ: str, var: str) -> Tuple[str, List[str]]: return super()._printf_parameters(typ, var) -DEFAULT_C_OUTPUT_FILE_NAME = 'tests/src/psa_test_wrappers.c' -DEFAULT_H_OUTPUT_FILE_NAME = 'tests/include/test/psa_test_wrappers.h' +DEFAULT_C_OUTPUT_FILE_NAME = 'framework/tests/src/psa_test_wrappers.c' +DEFAULT_H_OUTPUT_FILE_NAME = 'framework/tests/include/test/psa_test_wrappers.h' def main() -> None: parser = argparse.ArgumentParser(description=globals()['__doc__']) diff --git a/scripts/generate_test_cert_macros.py b/scripts/generate_test_cert_macros.py index b6d97fcd1d..4771bb9ee6 100755 --- a/scripts/generate_test_cert_macros.py +++ b/scripts/generate_test_cert_macros.py @@ -1,7 +1,8 @@ #!/usr/bin/env python3 """ -Generate `tests/src/test_certs.h` which includes certficaties/keys/certificate list for testing. +Generate `framework/tests/src/test_certs.h` which includes +certficates/keys/certificate list for testing. """ # @@ -15,8 +16,8 @@ import jinja2 from mbedtls_framework.build_tree import guess_project_root -TESTS_DIR = os.path.join(guess_project_root(), 'tests') FRAMEWORK_DIR = os.path.join(guess_project_root(), 'framework') +TESTS_DIR = os.path.join(FRAMEWORK_DIR, 'tests') DATA_FILES_PATH = os.path.join(FRAMEWORK_DIR, 'data_files') INPUT_ARGS = [ diff --git a/scripts/generate_test_keys.py b/scripts/generate_test_keys.py index effc65ac3e..ace328c880 100755 --- a/scripts/generate_test_keys.py +++ b/scripts/generate_test_keys.py @@ -168,7 +168,7 @@ def collect_keys() -> Tuple[str, str]: return ''.join(arrays), '\n'.join(look_up_table) def main() -> None: - default_output_path = guess_project_root() + "/tests/src/test_keys.h" + default_output_path = guess_project_root() + "/framework/tests/src/test_keys.h" argparser = argparse.ArgumentParser() argparser.add_argument("--output", help="Output file", default=default_output_path) diff --git a/tests/include/alt-extra/psa/crypto.h b/tests/include/alt-extra/psa/crypto.h new file mode 100644 index 0000000000..005f3aeea0 --- /dev/null +++ b/tests/include/alt-extra/psa/crypto.h @@ -0,0 +1,7 @@ +/* The goal of the include/alt-extra directory is to test what happens + * if certain files come _after_ the normal include directory. + * Make sure that if the alt-extra directory comes before the normal + * directory (so we wouldn't be achieving our test objective), the build + * will fail. + */ +#error "The normal include directory must come first in the include path" diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h new file mode 100644 index 0000000000..0a44275e76 --- /dev/null +++ b/tests/include/baremetal-override/time.h @@ -0,0 +1,6 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h new file mode 100644 index 0000000000..fdf3a2db5a --- /dev/null +++ b/tests/include/spe/crypto_spe.h @@ -0,0 +1,131 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * + */ + +/** + * \file crypto_spe.h + * + * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option + * enabled, this header is included by all .c files in Mbed TLS that + * use PSA Crypto function names. This avoids duplication of symbols + * between TF-M and Mbed TLS. + * + * \note This file should be included before including any PSA Crypto headers + * from Mbed TLS. + */ + +#ifndef CRYPTO_SPE_H +#define CRYPTO_SPE_H + +#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x + +#define psa_crypto_init \ + PSA_FUNCTION_NAME(psa_crypto_init) +#define psa_key_derivation_get_capacity \ + PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) +#define psa_key_derivation_set_capacity \ + PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) +#define psa_key_derivation_input_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) +#define psa_key_derivation_output_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) +#define psa_key_derivation_input_key \ + PSA_FUNCTION_NAME(psa_key_derivation_input_key) +#define psa_key_derivation_output_key \ + PSA_FUNCTION_NAME(psa_key_derivation_output_key) +#define psa_key_derivation_setup \ + PSA_FUNCTION_NAME(psa_key_derivation_setup) +#define psa_key_derivation_abort \ + PSA_FUNCTION_NAME(psa_key_derivation_abort) +#define psa_key_derivation_key_agreement \ + PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) +#define psa_raw_key_agreement \ + PSA_FUNCTION_NAME(psa_raw_key_agreement) +#define psa_generate_random \ + PSA_FUNCTION_NAME(psa_generate_random) +#define psa_aead_encrypt \ + PSA_FUNCTION_NAME(psa_aead_encrypt) +#define psa_aead_decrypt \ + PSA_FUNCTION_NAME(psa_aead_decrypt) +#define psa_open_key \ + PSA_FUNCTION_NAME(psa_open_key) +#define psa_close_key \ + PSA_FUNCTION_NAME(psa_close_key) +#define psa_import_key \ + PSA_FUNCTION_NAME(psa_import_key) +#define psa_destroy_key \ + PSA_FUNCTION_NAME(psa_destroy_key) +#define psa_get_key_attributes \ + PSA_FUNCTION_NAME(psa_get_key_attributes) +#define psa_reset_key_attributes \ + PSA_FUNCTION_NAME(psa_reset_key_attributes) +#define psa_export_key \ + PSA_FUNCTION_NAME(psa_export_key) +#define psa_export_public_key \ + PSA_FUNCTION_NAME(psa_export_public_key) +#define psa_purge_key \ + PSA_FUNCTION_NAME(psa_purge_key) +#define psa_copy_key \ + PSA_FUNCTION_NAME(psa_copy_key) +#define psa_cipher_operation_init \ + PSA_FUNCTION_NAME(psa_cipher_operation_init) +#define psa_cipher_generate_iv \ + PSA_FUNCTION_NAME(psa_cipher_generate_iv) +#define psa_cipher_set_iv \ + PSA_FUNCTION_NAME(psa_cipher_set_iv) +#define psa_cipher_encrypt_setup \ + PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) +#define psa_cipher_decrypt_setup \ + PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) +#define psa_cipher_update \ + PSA_FUNCTION_NAME(psa_cipher_update) +#define psa_cipher_finish \ + PSA_FUNCTION_NAME(psa_cipher_finish) +#define psa_cipher_abort \ + PSA_FUNCTION_NAME(psa_cipher_abort) +#define psa_hash_operation_init \ + PSA_FUNCTION_NAME(psa_hash_operation_init) +#define psa_hash_setup \ + PSA_FUNCTION_NAME(psa_hash_setup) +#define psa_hash_update \ + PSA_FUNCTION_NAME(psa_hash_update) +#define psa_hash_finish \ + PSA_FUNCTION_NAME(psa_hash_finish) +#define psa_hash_verify \ + PSA_FUNCTION_NAME(psa_hash_verify) +#define psa_hash_abort \ + PSA_FUNCTION_NAME(psa_hash_abort) +#define psa_hash_clone \ + PSA_FUNCTION_NAME(psa_hash_clone) +#define psa_hash_compute \ + PSA_FUNCTION_NAME(psa_hash_compute) +#define psa_hash_compare \ + PSA_FUNCTION_NAME(psa_hash_compare) +#define psa_mac_operation_init \ + PSA_FUNCTION_NAME(psa_mac_operation_init) +#define psa_mac_sign_setup \ + PSA_FUNCTION_NAME(psa_mac_sign_setup) +#define psa_mac_verify_setup \ + PSA_FUNCTION_NAME(psa_mac_verify_setup) +#define psa_mac_update \ + PSA_FUNCTION_NAME(psa_mac_update) +#define psa_mac_sign_finish \ + PSA_FUNCTION_NAME(psa_mac_sign_finish) +#define psa_mac_verify_finish \ + PSA_FUNCTION_NAME(psa_mac_verify_finish) +#define psa_mac_abort \ + PSA_FUNCTION_NAME(psa_mac_abort) +#define psa_sign_hash \ + PSA_FUNCTION_NAME(psa_sign_hash) +#define psa_verify_hash \ + PSA_FUNCTION_NAME(psa_verify_hash) +#define psa_asymmetric_encrypt \ + PSA_FUNCTION_NAME(psa_asymmetric_encrypt) +#define psa_asymmetric_decrypt \ + PSA_FUNCTION_NAME(psa_asymmetric_decrypt) +#define psa_generate_key \ + PSA_FUNCTION_NAME(psa_generate_key) + +#endif /* CRYPTO_SPE_H */ diff --git a/tests/include/test/arguments.h b/tests/include/test/arguments.h new file mode 100644 index 0000000000..6d267b660e --- /dev/null +++ b/tests/include/test/arguments.h @@ -0,0 +1,26 @@ +/** + * \file arguments.h + * + * \brief Manipulation of test arguments. + * + * Much of the code is in host_test.function, to be migrated here later. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_ARGUMENTS_H +#define TEST_ARGUMENTS_H + +#include "mbedtls/build_info.h" +#include +#include + +typedef union { + size_t len; + intmax_t sint; +} mbedtls_test_argument_t; + +#endif /* TEST_ARGUMENTS_H */ diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h new file mode 100644 index 0000000000..2eb9171282 --- /dev/null +++ b/tests/include/test/asn1_helpers.h @@ -0,0 +1,38 @@ +/** Helper functions for tests that manipulate ASN.1 data. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef ASN1_HELPERS_H +#define ASN1_HELPERS_H + +#include "test/helpers.h" + +/** Skip past an INTEGER in an ASN.1 buffer. + * + * Mark the current test case as failed in any of the following conditions: + * - The buffer does not start with an ASN.1 INTEGER. + * - The integer's size or parity does not match the constraints expressed + * through \p min_bits, \p max_bits and \p must_be_odd. + * + * \param p Upon entry, `*p` points to the first byte of the + * buffer to parse. + * On successful return, `*p` points to the first byte + * after the parsed INTEGER. + * On failure, `*p` is unspecified. + * \param end The end of the ASN.1 buffer. + * \param min_bits Fail the test case if the integer does not have at + * least this many significant bits. + * \param max_bits Fail the test case if the integer has more than + * this many significant bits. + * \param must_be_odd Fail the test case if the integer is even. + * + * \return \c 0 if the test failed, otherwise 1. + */ +int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd); + +#endif /* ASN1_HELPERS_H */ diff --git a/tests/include/test/bignum_helpers.h b/tests/include/test/bignum_helpers.h new file mode 100644 index 0000000000..a5e49cbe57 --- /dev/null +++ b/tests/include/test/bignum_helpers.h @@ -0,0 +1,98 @@ +/** + * \file bignum_helpers.h + * + * \brief This file contains the prototypes of helper functions for + * bignum-related testing. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_BIGNUM_HELPERS_H +#define TEST_BIGNUM_HELPERS_H + +#include + +#if defined(MBEDTLS_BIGNUM_C) + +#include +#include + +/** Allocate and populate a core MPI from a test case argument. + * + * This function allocates exactly as many limbs as necessary to fit + * the length of the input. In other words, it preserves leading zeros. + * + * The limb array is allocated with mbedtls_calloc() and must later be + * freed with mbedtls_free(). + * + * \param[in,out] pX The address where a pointer to the allocated limb + * array will be stored. + * \c *pX must be null on entry. + * On exit, \c *pX is null on error or if the number + * of limbs is 0. + * \param[out] plimbs The address where the number of limbs will be stored. + * \param[in] input The test argument to read. + * It is interpreted as a hexadecimal representation + * of a non-negative integer. + * + * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise. + */ +int mbedtls_test_read_mpi_core(mbedtls_mpi_uint **pX, size_t *plimbs, + const char *input); + +/** Read a modulus from a hexadecimal string. + * + * This function allocates exactly as many limbs as necessary to fit + * the length of the input. In other words, it preserves leading zeros. + * + * The limb array is allocated with mbedtls_calloc() and must later be + * freed with mbedtls_free(). You can do that by calling + * mbedtls_test_mpi_mod_modulus_free_with_limbs(). + * + * \param[in,out] N A modulus structure. It must be initialized, but + * not set up. + * \param[in] s The null-terminated hexadecimal string to read from. + * \param int_rep The desired representation of residues. + * + * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise. + */ +int mbedtls_test_read_mpi_modulus(mbedtls_mpi_mod_modulus *N, + const char *s, + mbedtls_mpi_mod_rep_selector int_rep); + +/** Free a modulus and its limbs. + * + * \param[in] N A modulus structure such that there is no other + * reference to `N->p`. + */ +void mbedtls_test_mpi_mod_modulus_free_with_limbs(mbedtls_mpi_mod_modulus *N); + +/** Read an MPI from a hexadecimal string. + * + * Like mbedtls_mpi_read_string(), but with tighter guarantees around + * edge cases. + * + * - This function guarantees that if \p s begins with '-' then the sign + * bit of the result will be negative, even if the value is 0. + * When this function encounters such a "negative 0", it calls + * mbedtls_test_increment_case_uses_negative_0(). + * - The size of the result is exactly the minimum number of limbs needed to fit + * the digits in the input. In particular, this function constructs a bignum + * with 0 limbs for an empty string, and a bignum with leading 0 limbs if the + * string has sufficiently many leading 0 digits. This is important so that + * the "0 (null)" and "0 (1 limb)" and "leading zeros" test cases do what they + * claim. + * + * \param[out] X The MPI object to populate. It must be initialized. + * \param[in] s The null-terminated hexadecimal string to read from. + * + * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise. + */ +int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s); + +#endif /* MBEDTLS_BIGNUM_C */ + +#endif /* TEST_BIGNUM_HELPERS_H */ diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h new file mode 100644 index 0000000000..db69536a6f --- /dev/null +++ b/tests/include/test/certs.h @@ -0,0 +1,234 @@ +/** + * \file certs.h + * + * \brief Sample certificates and DHM parameters for testing + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_CERTS_H +#define MBEDTLS_CERTS_H + +#include "mbedtls/build_info.h" + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* List of all PEM-encoded CA certificates, terminated by NULL; + * PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded + * otherwise. */ +extern const char *mbedtls_test_cas[]; +extern const size_t mbedtls_test_cas_len[]; + +/* List of all DER-encoded CA certificates, terminated by NULL */ +extern const unsigned char *mbedtls_test_cas_der[]; +extern const size_t mbedtls_test_cas_der_len[]; + +#if defined(MBEDTLS_PEM_PARSE_C) +/* Concatenation of all CA certificates in PEM format if available */ +extern const char mbedtls_test_cas_pem[]; +extern const size_t mbedtls_test_cas_pem_len; +#endif /* MBEDTLS_PEM_PARSE_C */ + +/* + * CA test certificates + */ + +extern const char mbedtls_test_ca_crt_ec_pem[]; +extern const char mbedtls_test_ca_key_ec_pem[]; +extern const char mbedtls_test_ca_pwd_ec_pem[]; +extern const char mbedtls_test_ca_key_rsa_pem[]; +extern const char mbedtls_test_ca_pwd_rsa_pem[]; +extern const char mbedtls_test_ca_crt_rsa_sha1_pem[]; +extern const char mbedtls_test_ca_crt_rsa_sha256_pem[]; + +extern const unsigned char mbedtls_test_ca_crt_ec_der[]; +extern const unsigned char mbedtls_test_ca_key_ec_der[]; +extern const unsigned char mbedtls_test_ca_key_rsa_der[]; +extern const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[]; +extern const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[]; + +extern const size_t mbedtls_test_ca_crt_ec_pem_len; +extern const size_t mbedtls_test_ca_key_ec_pem_len; +extern const size_t mbedtls_test_ca_pwd_ec_pem_len; +extern const size_t mbedtls_test_ca_key_rsa_pem_len; +extern const size_t mbedtls_test_ca_pwd_rsa_pem_len; +extern const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len; +extern const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len; + +extern const size_t mbedtls_test_ca_crt_ec_der_len; +extern const size_t mbedtls_test_ca_key_ec_der_len; +extern const size_t mbedtls_test_ca_pwd_ec_der_len; +extern const size_t mbedtls_test_ca_key_rsa_der_len; +extern const size_t mbedtls_test_ca_pwd_rsa_der_len; +extern const size_t mbedtls_test_ca_crt_rsa_sha1_der_len; +extern const size_t mbedtls_test_ca_crt_rsa_sha256_der_len; + +/* Config-dependent dispatch between PEM and DER encoding + * (PEM if enabled, otherwise DER) */ + +extern const char mbedtls_test_ca_crt_ec[]; +extern const char mbedtls_test_ca_key_ec[]; +extern const char mbedtls_test_ca_pwd_ec[]; +extern const char mbedtls_test_ca_key_rsa[]; +extern const char mbedtls_test_ca_pwd_rsa[]; +extern const char mbedtls_test_ca_crt_rsa_sha1[]; +extern const char mbedtls_test_ca_crt_rsa_sha256[]; + +extern const size_t mbedtls_test_ca_crt_ec_len; +extern const size_t mbedtls_test_ca_key_ec_len; +extern const size_t mbedtls_test_ca_pwd_ec_len; +extern const size_t mbedtls_test_ca_key_rsa_len; +extern const size_t mbedtls_test_ca_pwd_rsa_len; +extern const size_t mbedtls_test_ca_crt_rsa_sha1_len; +extern const size_t mbedtls_test_ca_crt_rsa_sha256_len; + +/* Config-dependent dispatch between SHA-1 and SHA-256 + * (SHA-256 if enabled, otherwise SHA-1) */ + +extern const char mbedtls_test_ca_crt_rsa[]; +extern const size_t mbedtls_test_ca_crt_rsa_len; + +/* Config-dependent dispatch between EC and RSA + * (RSA if enabled, otherwise EC) */ + +extern const char *mbedtls_test_ca_crt; +extern const char *mbedtls_test_ca_key; +extern const char *mbedtls_test_ca_pwd; +extern const size_t mbedtls_test_ca_crt_len; +extern const size_t mbedtls_test_ca_key_len; +extern const size_t mbedtls_test_ca_pwd_len; + +/* + * Server test certificates + */ + +extern const char mbedtls_test_srv_crt_ec_pem[]; +extern const char mbedtls_test_srv_key_ec_pem[]; +extern const char mbedtls_test_srv_pwd_ec_pem[]; +extern const char mbedtls_test_srv_key_rsa_pem[]; +extern const char mbedtls_test_srv_pwd_rsa_pem[]; +extern const char mbedtls_test_srv_crt_rsa_sha1_pem[]; +extern const char mbedtls_test_srv_crt_rsa_sha256_pem[]; + +extern const unsigned char mbedtls_test_srv_crt_ec_der[]; +extern const unsigned char mbedtls_test_srv_key_ec_der[]; +extern const unsigned char mbedtls_test_srv_key_rsa_der[]; +extern const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[]; +extern const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[]; + +extern const size_t mbedtls_test_srv_crt_ec_pem_len; +extern const size_t mbedtls_test_srv_key_ec_pem_len; +extern const size_t mbedtls_test_srv_pwd_ec_pem_len; +extern const size_t mbedtls_test_srv_key_rsa_pem_len; +extern const size_t mbedtls_test_srv_pwd_rsa_pem_len; +extern const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len; +extern const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len; + +extern const size_t mbedtls_test_srv_crt_ec_der_len; +extern const size_t mbedtls_test_srv_key_ec_der_len; +extern const size_t mbedtls_test_srv_pwd_ec_der_len; +extern const size_t mbedtls_test_srv_key_rsa_der_len; +extern const size_t mbedtls_test_srv_pwd_rsa_der_len; +extern const size_t mbedtls_test_srv_crt_rsa_sha1_der_len; +extern const size_t mbedtls_test_srv_crt_rsa_sha256_der_len; + +/* Config-dependent dispatch between PEM and DER encoding + * (PEM if enabled, otherwise DER) */ + +extern const char mbedtls_test_srv_crt_ec[]; +extern const char mbedtls_test_srv_key_ec[]; +extern const char mbedtls_test_srv_pwd_ec[]; +extern const char mbedtls_test_srv_key_rsa[]; +extern const char mbedtls_test_srv_pwd_rsa[]; +extern const char mbedtls_test_srv_crt_rsa_sha1[]; +extern const char mbedtls_test_srv_crt_rsa_sha256[]; + +extern const size_t mbedtls_test_srv_crt_ec_len; +extern const size_t mbedtls_test_srv_key_ec_len; +extern const size_t mbedtls_test_srv_pwd_ec_len; +extern const size_t mbedtls_test_srv_key_rsa_len; +extern const size_t mbedtls_test_srv_pwd_rsa_len; +extern const size_t mbedtls_test_srv_crt_rsa_sha1_len; +extern const size_t mbedtls_test_srv_crt_rsa_sha256_len; + +/* Config-dependent dispatch between SHA-1 and SHA-256 + * (SHA-256 if enabled, otherwise SHA-1) */ + +extern const char mbedtls_test_srv_crt_rsa[]; +extern const size_t mbedtls_test_srv_crt_rsa_len; + +/* Config-dependent dispatch between EC and RSA + * (RSA if enabled, otherwise EC) */ + +extern const char *mbedtls_test_srv_crt; +extern const char *mbedtls_test_srv_key; +extern const char *mbedtls_test_srv_pwd; +extern const size_t mbedtls_test_srv_crt_len; +extern const size_t mbedtls_test_srv_key_len; +extern const size_t mbedtls_test_srv_pwd_len; + +/* + * Client test certificates + */ + +extern const char mbedtls_test_cli_crt_ec_pem[]; +extern const char mbedtls_test_cli_key_ec_pem[]; +extern const char mbedtls_test_cli_pwd_ec_pem[]; +extern const char mbedtls_test_cli_key_rsa_pem[]; +extern const char mbedtls_test_cli_pwd_rsa_pem[]; +extern const char mbedtls_test_cli_crt_rsa_pem[]; + +extern const unsigned char mbedtls_test_cli_crt_ec_der[]; +extern const unsigned char mbedtls_test_cli_key_ec_der[]; +extern const unsigned char mbedtls_test_cli_key_rsa_der[]; +extern const unsigned char mbedtls_test_cli_crt_rsa_der[]; + +extern const size_t mbedtls_test_cli_crt_ec_pem_len; +extern const size_t mbedtls_test_cli_key_ec_pem_len; +extern const size_t mbedtls_test_cli_pwd_ec_pem_len; +extern const size_t mbedtls_test_cli_key_rsa_pem_len; +extern const size_t mbedtls_test_cli_pwd_rsa_pem_len; +extern const size_t mbedtls_test_cli_crt_rsa_pem_len; + +extern const size_t mbedtls_test_cli_crt_ec_der_len; +extern const size_t mbedtls_test_cli_key_ec_der_len; +extern const size_t mbedtls_test_cli_key_rsa_der_len; +extern const size_t mbedtls_test_cli_crt_rsa_der_len; + +/* Config-dependent dispatch between PEM and DER encoding + * (PEM if enabled, otherwise DER) */ + +extern const char mbedtls_test_cli_crt_ec[]; +extern const char mbedtls_test_cli_key_ec[]; +extern const char mbedtls_test_cli_pwd_ec[]; +extern const char mbedtls_test_cli_key_rsa[]; +extern const char mbedtls_test_cli_pwd_rsa[]; +extern const char mbedtls_test_cli_crt_rsa[]; + +extern const size_t mbedtls_test_cli_crt_ec_len; +extern const size_t mbedtls_test_cli_key_ec_len; +extern const size_t mbedtls_test_cli_pwd_ec_len; +extern const size_t mbedtls_test_cli_key_rsa_len; +extern const size_t mbedtls_test_cli_pwd_rsa_len; +extern const size_t mbedtls_test_cli_crt_rsa_len; + +/* Config-dependent dispatch between EC and RSA + * (RSA if enabled, otherwise EC) */ + +extern const char *mbedtls_test_cli_crt; +extern const char *mbedtls_test_cli_key; +extern const char *mbedtls_test_cli_pwd; +extern const size_t mbedtls_test_cli_crt_len; +extern const size_t mbedtls_test_cli_key_len; +extern const size_t mbedtls_test_cli_pwd_len; + +#ifdef __cplusplus +} +#endif + +#endif /* certs.h */ diff --git a/tests/include/test/constant_flow.h b/tests/include/test/constant_flow.h new file mode 100644 index 0000000000..22d4371ee4 --- /dev/null +++ b/tests/include/test/constant_flow.h @@ -0,0 +1,72 @@ +/** + * \file constant_flow.h + * + * \brief This file contains tools to ensure tested code has constant flow. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_CONSTANT_FLOW_H +#define TEST_CONSTANT_FLOW_H + +#include "mbedtls/build_info.h" + +/* + * This file defines the two macros + * + * #define TEST_CF_SECRET(ptr, size) + * #define TEST_CF_PUBLIC(ptr, size) + * + * that can be used in tests to mark a memory area as secret (no branch or + * memory access should depend on it) or public (default, only needs to be + * marked explicitly when it was derived from secret data). + * + * Arguments: + * - ptr: a pointer to the memory area to be marked + * - size: the size in bytes of the memory area + * + * Implementation: + * The basic idea is that of ctgrind : we can + * re-use tools that were designed for checking use of uninitialized memory. + * This file contains two implementations: one based on MemorySanitizer, the + * other on valgrind's memcheck. If none of them is enabled, dummy macros that + * do nothing are defined for convenience. + * + * \note #TEST_CF_SECRET must be called directly from within a .function file, + * not indirectly via a macro defined under framework/tests/include or a + * function under framework/tests/src. This is because we only run + * Valgrind for constant flow on test suites that have greppable + * annotations inside them (see `skip_suites_without_constant_flow` in + * `tests/scripts/all.sh`). + */ + +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) +#include + +/* Use macros to avoid messing up with origin tracking */ +#define TEST_CF_SECRET __msan_allocated_memory +// void __msan_allocated_memory(const volatile void* data, size_t size); +#define TEST_CF_PUBLIC __msan_unpoison +// void __msan_unpoison(const volatile void *a, size_t size); + +#elif defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) +#include + +#define TEST_CF_SECRET VALGRIND_MAKE_MEM_UNDEFINED +// VALGRIND_MAKE_MEM_UNDEFINED(_qzz_addr, _qzz_len) +#define TEST_CF_PUBLIC VALGRIND_MAKE_MEM_DEFINED +// VALGRIND_MAKE_MEM_DEFINED(_qzz_addr, _qzz_len) + +#else /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN || + MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ + +#define TEST_CF_SECRET(ptr, size) +#define TEST_CF_PUBLIC(ptr, size) + +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN || + MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ + +#endif /* TEST_CONSTANT_FLOW_H */ diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h new file mode 100644 index 0000000000..a033e399d0 --- /dev/null +++ b/tests/include/test/drivers/aead.h @@ -0,0 +1,121 @@ +/* + * Test driver for AEAD driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H +#define PSA_CRYPTO_TEST_DRIVERS_AEAD_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times AEAD driver functions are called. */ + unsigned long hits_encrypt; + unsigned long hits_decrypt; + unsigned long hits_encrypt_setup; + unsigned long hits_decrypt_setup; + unsigned long hits_set_nonce; + unsigned long hits_set_lengths; + unsigned long hits_update_ad; + unsigned long hits_update; + unsigned long hits_finish; + unsigned long hits_verify; + unsigned long hits_abort; + + /* Status returned by the last AEAD driver function call. */ + psa_status_t driver_status; +} mbedtls_test_driver_aead_hooks_t; + +#define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 } +static inline mbedtls_test_driver_aead_hooks_t +mbedtls_test_driver_aead_hooks_init(void) +{ + const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT; + return v; +} + +extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks; + +psa_status_t mbedtls_test_transparent_aead_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *nonce, size_t nonce_length, + const uint8_t *additional_data, size_t additional_data_length, + const uint8_t *plaintext, size_t plaintext_length, + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); + +psa_status_t mbedtls_test_transparent_aead_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *nonce, size_t nonce_length, + const uint8_t *additional_data, size_t additional_data_length, + const uint8_t *ciphertext, size_t ciphertext_length, + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); + +psa_status_t mbedtls_test_transparent_aead_encrypt_setup( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_aead_decrypt_setup( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_aead_set_nonce( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const uint8_t *nonce, + size_t nonce_length); + +psa_status_t mbedtls_test_transparent_aead_set_lengths( + mbedtls_transparent_test_driver_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length); + +psa_status_t mbedtls_test_transparent_aead_update_ad( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t mbedtls_test_transparent_aead_update( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); + +psa_status_t mbedtls_test_transparent_aead_finish( + mbedtls_transparent_test_driver_aead_operation_t *operation, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length); + +psa_status_t mbedtls_test_transparent_aead_verify( + mbedtls_transparent_test_driver_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t *tag, + size_t tag_length); + +psa_status_t mbedtls_test_transparent_aead_abort( + mbedtls_transparent_test_driver_aead_operation_t *operation); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */ diff --git a/tests/include/test/drivers/asymmetric_encryption.h b/tests/include/test/drivers/asymmetric_encryption.h new file mode 100644 index 0000000000..0ac77087df --- /dev/null +++ b/tests/include/test/drivers/asymmetric_encryption.h @@ -0,0 +1,67 @@ +/* + * Test driver for asymmetric encryption. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H +#define PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include +#include + +typedef struct { + /* If non-null, on success, copy this to the output. */ + void *forced_output; + size_t forced_output_length; + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times one of the asymmetric_encryption driver + functions is called. */ + unsigned long hits; +} mbedtls_test_driver_asymmetric_encryption_hooks_t; + +#define MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT { NULL, 0, PSA_SUCCESS, 0 } + +static inline mbedtls_test_driver_asymmetric_encryption_hooks_t +mbedtls_test_driver_asymmetric_encryption_hooks_init(void) +{ + const mbedtls_test_driver_asymmetric_encryption_hooks_t v = + MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT; + return v; +} + +extern mbedtls_test_driver_asymmetric_encryption_hooks_t + mbedtls_test_driver_asymmetric_encryption_hooks; + +psa_status_t mbedtls_test_transparent_asymmetric_encrypt( + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_opaque_asymmetric_encrypt( + const psa_key_attributes_t *attributes, const uint8_t *key, + size_t key_length, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_transparent_asymmetric_decrypt( + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_opaque_asymmetric_decrypt( + const psa_key_attributes_t *attributes, const uint8_t *key, + size_t key_length, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H */ diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h new file mode 100644 index 0000000000..2fe47e4d7a --- /dev/null +++ b/tests/include/test/drivers/cipher.h @@ -0,0 +1,136 @@ +/* + * Test driver for cipher functions + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H +#define PSA_CRYPTO_TEST_DRIVERS_CIPHER_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include +#include + +#include "mbedtls/cipher.h" + +typedef struct { + /* If non-null, on success, copy this to the output. */ + void *forced_output; + size_t forced_output_length; + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + psa_status_t forced_status_encrypt; + psa_status_t forced_status_set_iv; + /* Count the amount of times one of the cipher driver functions is called. */ + unsigned long hits; + unsigned long hits_encrypt; + unsigned long hits_set_iv; +} mbedtls_test_driver_cipher_hooks_t; + +#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, \ + PSA_SUCCESS, PSA_SUCCESS, PSA_SUCCESS, \ + 0, 0, 0 } +static inline mbedtls_test_driver_cipher_hooks_t +mbedtls_test_driver_cipher_hooks_init(void) +{ + const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT; + return v; +} + +extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks; + +psa_status_t mbedtls_test_transparent_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *iv, size_t iv_length, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_transparent_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_cipher_abort( + mbedtls_transparent_test_driver_cipher_operation_t *operation); + +psa_status_t mbedtls_test_transparent_cipher_set_iv( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const uint8_t *iv, size_t iv_length); + +psa_status_t mbedtls_test_transparent_cipher_update( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_transparent_cipher_finish( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length); + +/* + * opaque versions + */ +psa_status_t mbedtls_test_opaque_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *iv, size_t iv_length, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_opaque_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_opaque_cipher_abort( + mbedtls_opaque_test_driver_cipher_operation_t *operation); + +psa_status_t mbedtls_test_opaque_cipher_set_iv( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const uint8_t *iv, size_t iv_length); + +psa_status_t mbedtls_test_opaque_cipher_update( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_opaque_cipher_finish( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_CIPHER_H */ diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h new file mode 100644 index 0000000000..ec8bcb6135 --- /dev/null +++ b/tests/include/test/drivers/config_test_driver.h @@ -0,0 +1,46 @@ +/* + * Mbed TLS configuration for PSA test driver libraries. It includes: + * . the minimum set of modules needed by the PSA core. + * . the Mbed TLS configuration options that may need to be additionally + * enabled for the purpose of a specific test. + * . the PSA configuration file for the Mbed TLS library and its test drivers. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +#define MBEDTLS_PSA_CRYPTO_C +#define MBEDTLS_PSA_CRYPTO_CONFIG + +/* PSA core mandatory configuration options */ +#define MBEDTLS_CIPHER_C +#define MBEDTLS_AES_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_ENTROPY_FORCE_SHA256 + +/* + * Configuration options that may need to be additionally enabled for the + * purpose of a specific set of tests. + */ +//#define MBEDTLS_SHA1_C +//#define MBEDTLS_SHA224_C +//#define MBEDTLS_SHA384_C +//#define MBEDTLS_SHA512_C +//#define MBEDTLS_MD_C +//#define MBEDTLS_PEM_PARSE_C +//#define MBEDTLS_BASE64_C +//#define MBEDTLS_THREADING_C +//#define MBEDTLS_THREADING_PTHREAD + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h new file mode 100644 index 0000000000..66378e7def --- /dev/null +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -0,0 +1,689 @@ +/** + * This file is intended to be used to build PSA external test driver + * libraries (libtestdriver1). + * + * It is intended to be appended by the test build system to the + * crypto_config.h file of the Mbed TLS library the test library will be + * linked to (see `tests/Makefile` libtestdriver1 target). This is done in + * order to insert it at the right time: after the main configuration + * (PSA_WANT) but before the logic that determines what built-ins to enable + * based on PSA_WANT and MBEDTLS_PSA_ACCEL macros. + * + * It reverses the PSA_ACCEL_* macros defining the cryptographic operations + * that will be accelerated in the main library: + * - When something is accelerated in the main library, we need it supported + * in libtestdriver1, so we disable the accel macro in order to the built-in + * to be enabled. + * - When something is NOT accelerated in the main library, we don't need it + * in libtestdriver1, so we enable its accel macro in order to the built-in + * to be disabled, to keep libtestdriver1 minimal. (We can't adjust the + * PSA_WANT macros as they need to be the same between libtestdriver1 and + * the main library, since they determine the ABI between the two.) + */ + +#include "psa/crypto_legacy.h" + +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CBC_PKCS7) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CFB) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CFB) +#undef MBEDTLS_PSA_ACCEL_ALG_CFB +#else +#define MBEDTLS_PSA_ACCEL_ALG_CFB 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CMAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) +#undef MBEDTLS_PSA_ACCEL_ALG_CMAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CTR) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CTR) +#undef MBEDTLS_PSA_ACCEL_ALG_CTR +#else +#define MBEDTLS_PSA_ACCEL_ALG_CTR 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_STREAM_CIPHER) +#if defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) +#undef MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER +#else +#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) +#undef MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) +#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 +#else +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) +#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 +#else +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) +#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 +#else +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_MONTGOMERY_255) +#if defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) +#undef MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 +#else +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_MONTGOMERY_448) +#if defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) +#undef MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 +#else +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_192) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_224) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_256) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_192) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_224) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_256) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_384) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_521) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) +#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA +#else +#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECDSA) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) +#undef MBEDTLS_PSA_ACCEL_ALG_ECDSA +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECDSA 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECDH) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) +#undef MBEDTLS_PSA_ACCEL_ALG_ECDH +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_2048) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_2048 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_2048 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_3072) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_3072 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_3072 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_4096) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_4096 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_4096 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_6144) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_6144 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_6144 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_8192) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_8192 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_8192 +#endif +#endif + +#if defined(PSA_WANT_ALG_FFDH) +#if defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) +#undef MBEDTLS_PSA_ACCEL_ALG_FFDH +#else +#define MBEDTLS_PSA_ACCEL_ALG_FFDH 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_MD5) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#undef MBEDTLS_PSA_ACCEL_ALG_MD5 +#else +#define MBEDTLS_PSA_ACCEL_ALG_MD5 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_OFB) +#if defined(MBEDTLS_PSA_ACCEL_ALG_OFB) +#undef MBEDTLS_PSA_ACCEL_ALG_OFB +#else +#define MBEDTLS_PSA_ACCEL_ALG_OFB 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RIPEMD160) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#undef MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 +#else +#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PSS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PSS +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_1) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_1 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_1 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_224) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_224 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_224 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_256) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_256 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_256 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_384) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_384 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_384 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA_512) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA_512 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA_512 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_224) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_224 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_224 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_256) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_256 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_256 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_384) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_384 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_384 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_512) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_512 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_512 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_XTS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_XTS) +#undef MBEDTLS_PSA_ACCEL_ALG_XTS +#else +#define MBEDTLS_PSA_ACCEL_ALG_XTS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) +#undef MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 +#else +#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_JPAKE) +#if defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) +#undef MBEDTLS_PSA_ACCEL_ALG_JPAKE +#else +#define MBEDTLS_PSA_ACCEL_ALG_JPAKE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_AES) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ARIA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_CHACHA20) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1 +#endif +#endif + + +#if defined(PSA_WANT_ALG_TLS12_PRF) +#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) +#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF +#else +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) +#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS +#else +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) +#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS +#else +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_GCM) +#if defined(MBEDTLS_PSA_ACCEL_ALG_GCM) +#undef MBEDTLS_PSA_ACCEL_ALG_GCM +#else +#define MBEDTLS_PSA_ACCEL_ALG_GCM 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CCM) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CCM) +#undef MBEDTLS_PSA_ACCEL_ALG_CCM +#else +#define MBEDTLS_PSA_ACCEL_ALG_CCM 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) +#undef MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG +#else +#define MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CBC_MAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_MAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HMAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) +#undef MBEDTLS_PSA_ACCEL_ALG_HMAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HKDF) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) +#undef MBEDTLS_PSA_ACCEL_ALG_HKDF +#else +#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HKDF_EXTRACT) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) +#undef MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT +#else +#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HKDF_EXPAND) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) +#undef MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND +#else +#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_OAEP) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DERIVE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_HMAC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DES) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DES +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RAW_DATA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1 +#endif +#endif diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h new file mode 100644 index 0000000000..ad48c45d52 --- /dev/null +++ b/tests/include/test/drivers/hash.h @@ -0,0 +1,64 @@ +/* + * Test driver for hash driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H +#define PSA_CRYPTO_TEST_DRIVERS_HASH_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times hash driver entry points are called. */ + unsigned long hits; + /* Status returned by the last hash driver entry point call. */ + psa_status_t driver_status; +} mbedtls_test_driver_hash_hooks_t; + +#define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 } +static inline mbedtls_test_driver_hash_hooks_t +mbedtls_test_driver_hash_hooks_init(void) +{ + const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT; + return v; +} + +extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; + +psa_status_t mbedtls_test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, size_t *hash_length); + +psa_status_t mbedtls_test_transparent_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation); + +psa_status_t mbedtls_test_transparent_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t mbedtls_test_transparent_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length); + +psa_status_t mbedtls_test_transparent_hash_abort( + mbedtls_transparent_test_driver_hash_operation_t *operation); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/key_agreement.h b/tests/include/test/drivers/key_agreement.h new file mode 100644 index 0000000000..ca82b3ad96 --- /dev/null +++ b/tests/include/test/drivers/key_agreement.h @@ -0,0 +1,62 @@ +/* + * Test driver for key agreement functions. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H +#define PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If non-null, on success, copy this to the output. */ + void *forced_output; + size_t forced_output_length; + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times one of the signature driver functions is called. */ + unsigned long hits; +} mbedtls_test_driver_key_agreement_hooks_t; + +#define MBEDTLS_TEST_DRIVER_KEY_AGREEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_key_agreement_hooks_t +mbedtls_test_driver_key_agreement_hooks_init(void) +{ + const mbedtls_test_driver_key_agreement_hooks_t + v = MBEDTLS_TEST_DRIVER_KEY_AGREEMENT_INIT; + return v; +} + +extern mbedtls_test_driver_key_agreement_hooks_t + mbedtls_test_driver_key_agreement_hooks; + +psa_status_t mbedtls_test_transparent_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length); + +psa_status_t mbedtls_test_opaque_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length); + +#endif /*PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h new file mode 100644 index 0000000000..1d9bc43985 --- /dev/null +++ b/tests/include/test/drivers/key_management.h @@ -0,0 +1,131 @@ +/* + * Test driver for generating and verifying keys. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H +#define PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0 +#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1 + +typedef struct { + /* If non-null, on success, copy this to the output. */ + void *forced_output; + size_t forced_output_length; + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times one of the key management driver functions + * is called. */ + unsigned long hits; + /* Subset of hits which only counts public key export operations */ + unsigned long hits_export_public_key; + /* Subset of hits which only counts key generation operations */ + unsigned long hits_generate_key; + /* Location of the last key management driver called to import a key. */ + psa_key_location_t location; +} mbedtls_test_driver_key_management_hooks_t; + +/* The location is initialized to the invalid value 0x800000. Invalid in the + * sense that no PSA specification will assign a meaning to this location + * (stated first in version 1.0.1 of the specification) and that it is not + * used as a location of an opaque test drivers. */ +#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0, 0x800000 } +static inline mbedtls_test_driver_key_management_hooks_t +mbedtls_test_driver_key_management_hooks_init(void) +{ + const mbedtls_test_driver_key_management_hooks_t + v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; + return v; +} + +/* + * In order to convert the plain text keys to Opaque, the size of the key is + * padded up by PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE in addition to + * xor mangling the key. The pad prefix needs to be accounted for while + * sizing for the key. + */ +#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX 0xBEEFED00U +#define PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE sizeof( \ + PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX) + +size_t mbedtls_test_opaque_size_function( + const psa_key_type_t key_type, + const size_t key_bits); + +extern mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks; + +psa_status_t mbedtls_test_transparent_init(void); +void mbedtls_test_transparent_free(void); +psa_status_t mbedtls_test_opaque_init(void); +void mbedtls_test_opaque_free(void); + +psa_status_t mbedtls_test_opaque_unwrap_key( + const uint8_t *wrapped_key, size_t wrapped_key_length, uint8_t *key_buffer, + size_t key_buffer_size, size_t *key_buffer_length); + +psa_status_t mbedtls_test_transparent_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length); + +psa_status_t mbedtls_test_opaque_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length); + +psa_status_t mbedtls_test_opaque_export_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length); + +psa_status_t mbedtls_test_transparent_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length); + +psa_status_t mbedtls_test_opaque_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length); + +psa_status_t mbedtls_test_transparent_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits); + +psa_status_t mbedtls_test_opaque_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits); + +psa_status_t mbedtls_test_opaque_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); + +psa_status_t mbedtls_test_opaque_copy_key( + psa_key_attributes_t *attributes, + const uint8_t *source_key, + size_t source_key_length, + uint8_t *target_key_buffer, + size_t target_key_buffer_size, + size_t *target_key_buffer_length); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h new file mode 100644 index 0000000000..d92eff9038 --- /dev/null +++ b/tests/include/test/drivers/mac.h @@ -0,0 +1,125 @@ +/* + * Test driver for MAC driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H +#define PSA_CRYPTO_TEST_DRIVERS_MAC_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times MAC driver functions are called. */ + unsigned long hits; + /* Status returned by the last MAC driver function call. */ + psa_status_t driver_status; +} mbedtls_test_driver_mac_hooks_t; + +#define MBEDTLS_TEST_DRIVER_MAC_INIT { 0, 0, 0 } +static inline mbedtls_test_driver_mac_hooks_t +mbedtls_test_driver_mac_hooks_init(void) +{ + const mbedtls_test_driver_mac_hooks_t v = MBEDTLS_TEST_DRIVER_MAC_INIT; + return v; +} + +extern mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks; + +psa_status_t mbedtls_test_transparent_mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +psa_status_t mbedtls_test_transparent_mac_sign_setup( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_mac_verify_setup( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_transparent_mac_update( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t mbedtls_test_transparent_mac_sign_finish( + mbedtls_transparent_test_driver_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +psa_status_t mbedtls_test_transparent_mac_verify_finish( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length); + +psa_status_t mbedtls_test_transparent_mac_abort( + mbedtls_transparent_test_driver_mac_operation_t *operation); + +psa_status_t mbedtls_test_opaque_mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +psa_status_t mbedtls_test_opaque_mac_sign_setup( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_opaque_mac_verify_setup( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg); + +psa_status_t mbedtls_test_opaque_mac_update( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const uint8_t *input, + size_t input_length); + +psa_status_t mbedtls_test_opaque_mac_sign_finish( + mbedtls_opaque_test_driver_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length); + +psa_status_t mbedtls_test_opaque_mac_verify_finish( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length); + +psa_status_t mbedtls_test_opaque_mac_abort( + mbedtls_opaque_test_driver_mac_operation_t *operation); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/tests/include/test/drivers/pake.h b/tests/include/test/drivers/pake.h new file mode 100644 index 0000000000..d292ca0daf --- /dev/null +++ b/tests/include/test/drivers/pake.h @@ -0,0 +1,75 @@ +/* + * Test driver for PAKE driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H +#define PSA_CRYPTO_TEST_DRIVERS_PAKE_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* PAKE driver setup is executed on the first call to + pake_output/pake_input (added to distinguish forced statuses). */ + psa_status_t forced_setup_status; + /* Count the amount of times PAKE driver functions are called. */ + struct { + unsigned long total; + unsigned long setup; + unsigned long input; + unsigned long output; + unsigned long implicit_key; + unsigned long abort; + } hits; + /* Status returned by the last PAKE driver function call. */ + psa_status_t driver_status; + /* Output returned by pake_output */ + void *forced_output; + size_t forced_output_length; +} mbedtls_test_driver_pake_hooks_t; + +#define MBEDTLS_TEST_DRIVER_PAKE_INIT { PSA_SUCCESS, PSA_SUCCESS, { 0, 0, 0, 0, 0, 0 }, PSA_SUCCESS, \ + NULL, 0 } +static inline mbedtls_test_driver_pake_hooks_t +mbedtls_test_driver_pake_hooks_init(void) +{ + const mbedtls_test_driver_pake_hooks_t v = MBEDTLS_TEST_DRIVER_PAKE_INIT; + return v; +} + +extern mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks; + +psa_status_t mbedtls_test_transparent_pake_setup( + mbedtls_transparent_test_driver_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs); + +psa_status_t mbedtls_test_transparent_pake_output( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length); + +psa_status_t mbedtls_test_transparent_pake_input( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length); + +psa_status_t mbedtls_test_transparent_pake_get_implicit_key( + mbedtls_transparent_test_driver_pake_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_transparent_pake_abort( + mbedtls_transparent_test_driver_pake_operation_t *operation); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_PAKE_H */ diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h new file mode 100644 index 0000000000..8c5703edf9 --- /dev/null +++ b/tests/include/test/drivers/signature.h @@ -0,0 +1,112 @@ +/* + * Test driver for signature functions. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H +#define PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If non-null, on success, copy this to the output. */ + void *forced_output; + size_t forced_output_length; + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times one of the signature driver functions is called. */ + unsigned long hits; +} mbedtls_test_driver_signature_hooks_t; + +#define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_signature_hooks_t +mbedtls_test_driver_signature_hooks_init(void) +{ + const mbedtls_test_driver_signature_hooks_t + v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; + return v; +} + +extern mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_sign_hooks; +extern mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_verify_hooks; + +psa_status_t mbedtls_test_transparent_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); + +psa_status_t mbedtls_test_opaque_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); + +psa_status_t mbedtls_test_transparent_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length); + +psa_status_t mbedtls_test_opaque_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length); + +psa_status_t mbedtls_test_transparent_signature_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length); + +psa_status_t mbedtls_test_opaque_signature_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length); + +psa_status_t mbedtls_test_transparent_signature_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length); + +psa_status_t mbedtls_test_opaque_signature_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h new file mode 100644 index 0000000000..74605d6b82 --- /dev/null +++ b/tests/include/test/drivers/test_driver.h @@ -0,0 +1,32 @@ +/* + * Umbrella include for all of the test driver functionality + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_TEST_DRIVER_H +#define PSA_CRYPTO_TEST_DRIVER_H + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#ifndef PSA_CRYPTO_DRIVER_PRESENT +#define PSA_CRYPTO_DRIVER_PRESENT +#endif +#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT +#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT +#endif + +#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff + +#include "test/drivers/aead.h" +#include "test/drivers/cipher.h" +#include "test/drivers/hash.h" +#include "test/drivers/mac.h" +#include "test/drivers/key_management.h" +#include "test/drivers/signature.h" +#include "test/drivers/asymmetric_encryption.h" +#include "test/drivers/key_agreement.h" +#include "test/drivers/pake.h" + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h new file mode 100644 index 0000000000..e3e331d552 --- /dev/null +++ b/tests/include/test/fake_external_rng_for_test.h @@ -0,0 +1,40 @@ +/* + * Insecure but standalone implementation of mbedtls_psa_external_get_random(). + * Only for use in tests! + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H +#define FAKE_EXTERNAL_RNG_FOR_TEST_H + +#include "mbedtls/build_info.h" + +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +/** Enable the insecure implementation of mbedtls_psa_external_get_random(). + * + * The insecure implementation of mbedtls_psa_external_get_random() is + * disabled by default. + * + * When MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled and the test + * helpers are linked into a program, you must enable this before running any + * code that uses the PSA subsystem to generate random data (including internal + * random generation for purposes such as blinding when the random generation + * is routed through PSA). + * + * You can enable and disable it at any time, regardless of the state + * of the PSA subsystem. You may disable it temporarily to simulate a + * depleted entropy source. + */ +void mbedtls_test_enable_insecure_external_rng(void); + +/** Disable the insecure implementation of mbedtls_psa_external_get_random(). + * + * See mbedtls_test_enable_insecure_external_rng(). + */ +void mbedtls_test_disable_insecure_external_rng(void); +#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ + +#endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h new file mode 100644 index 0000000000..d08100f158 --- /dev/null +++ b/tests/include/test/helpers.h @@ -0,0 +1,404 @@ +/** + * \file helpers.h + * + * \brief This file contains the prototypes of helper functions for the + * purpose of testing. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_HELPERS_H +#define TEST_HELPERS_H + +/* Most fields of publicly available structs are private and are wrapped with + * MBEDTLS_PRIVATE macro. This define allows tests to access the private fields + * directly (without using the MBEDTLS_PRIVATE wrapper). */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + +#include "mbedtls/build_info.h" + +#if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */ +# define MBEDTLS_TEST_HAVE_ASAN +#endif +#if defined(__SANITIZE_THREAD__) /* gcc -fsanitize-thread */ +# define MBEDTLS_TEST_HAVE_TSAN +#endif + +#if defined(__has_feature) +# if __has_feature(address_sanitizer) /* clang -fsanitize=address */ +# define MBEDTLS_TEST_HAVE_ASAN +# endif +# if __has_feature(memory_sanitizer) /* clang -fsanitize=memory */ +# define MBEDTLS_TEST_HAVE_MSAN +# endif +# if __has_feature(thread_sanitizer) /* clang -fsanitize=thread */ +# define MBEDTLS_TEST_HAVE_TSAN +# endif +#endif + +#include "test/threading_helpers.h" + +#if defined(MBEDTLS_TEST_MUTEX_USAGE) +#include "mbedtls/threading.h" +#endif + +#include "mbedtls/platform.h" + +#include +#include + +#if defined(MBEDTLS_BIGNUM_C) +#include "mbedtls/bignum.h" +#endif + +/** The type of test case arguments that contain binary data. */ +typedef struct data_tag { + uint8_t *x; + uint32_t len; +} data_t; + +typedef enum { + MBEDTLS_TEST_RESULT_SUCCESS = 0, + MBEDTLS_TEST_RESULT_FAILED, + MBEDTLS_TEST_RESULT_SKIPPED +} mbedtls_test_result_t; + +#define MBEDTLS_TEST_LINE_LENGTH 76 + +typedef struct { + mbedtls_test_result_t result; + const char *test; + const char *filename; + int line_no; + unsigned long step; + char line1[MBEDTLS_TEST_LINE_LENGTH]; + char line2[MBEDTLS_TEST_LINE_LENGTH]; +#if defined(MBEDTLS_TEST_MUTEX_USAGE) + const char *mutex_usage_error; +#endif +#if defined(MBEDTLS_BIGNUM_C) + unsigned case_uses_negative_0; +#endif +} +mbedtls_test_info_t; + +/** + * \brief Get the current test result status + * + * \return The current test result status + */ +mbedtls_test_result_t mbedtls_test_get_result(void); + +/** + * \brief Get the current test name/description + * + * \return The current test name/description + */ +const char *mbedtls_test_get_test(void); + +/** + * \brief Get the current test filename + * + * \return The current test filename + */ +const char *mbedtls_get_test_filename(void); + +/** + * \brief Get the current test file line number (for failure / skip) + * + * \return The current test file line number (for failure / skip) + */ +int mbedtls_test_get_line_no(void); + +/** + * \brief Increment the current test step. + * + * \note It is not recommended for multiple threads to call this + * function concurrently - whilst it is entirely thread safe, + * the order of calls to this function can obviously not be + * ensured, so unexpected results may occur. + */ +void mbedtls_test_increment_step(void); + +/** + * \brief Get the current test step + * + * \return The current test step + */ +unsigned long mbedtls_test_get_step(void); + +/** + * \brief Get the current test line buffer 1 + * + * \param line Buffer of minimum size \c MBEDTLS_TEST_LINE_LENGTH, + * which will have line buffer 1 copied to it. + */ +void mbedtls_test_get_line1(char *line); + +/** + * \brief Get the current test line buffer 2 + * + * \param line Buffer of minimum size \c MBEDTLS_TEST_LINE_LENGTH, + * which will have line buffer 1 copied to it. + */ +void mbedtls_test_get_line2(char *line); + +#if defined(MBEDTLS_TEST_MUTEX_USAGE) +/** + * \brief Get the current mutex usage error message + * + * \return The current mutex error message (may be NULL if no error) + */ +const char *mbedtls_test_get_mutex_usage_error(void); + +/** + * \brief Set the current mutex usage error message + * + * \note This will only set the mutex error message if one has not + * already been set, or if we are clearing the message (msg is + * NULL) + * + * \param msg Error message to set (can be NULL to clear) + */ +void mbedtls_test_set_mutex_usage_error(const char *msg); +#endif + +#if defined(MBEDTLS_BIGNUM_C) + +/** + * \brief Get whether the current test is a bignum test that uses + * negative zero. + * + * \return non zero if the current test uses bignum negative zero. + */ +unsigned mbedtls_test_get_case_uses_negative_0(void); + +/** + * \brief Indicate that the current test uses bignum negative zero. + * + * \note This function is called if the current test case had an + * input parsed with mbedtls_test_read_mpi() that is a negative + * 0 (`"-"`, `"-0"`, `"-00"`, etc., constructing a result with + * the sign bit set to -1 and the value being all-limbs-0, + * which is not a valid representation in #mbedtls_mpi but is + * tested for robustness). * + */ +void mbedtls_test_increment_case_uses_negative_0(void); +#endif + +int mbedtls_test_platform_setup(void); +void mbedtls_test_platform_teardown(void); + +/** + * \brief Record the current test case as a failure. + * + * This function can be called directly however it is usually + * called via macros such as TEST_ASSERT, TEST_EQUAL, + * PSA_ASSERT, etc... + * + * \note If the test case was already marked as failed, calling + * `mbedtls_test_fail( )` again will not overwrite any + * previous information about the failure. + * + * \param test Description of the failure or assertion that failed. This + * MUST be a string literal. + * \param line_no Line number where the failure originated. + * \param filename Filename where the failure originated. + */ +void mbedtls_test_fail(const char *test, int line_no, const char *filename); + +/** + * \brief Record the current test case as skipped. + * + * This function can be called directly however it is usually + * called via the TEST_ASSUME macro. + * + * \param test Description of the assumption that caused the test case to + * be skipped. This MUST be a string literal. + * \param line_no Line number where the test case was skipped. + * \param filename Filename where the test case was skipped. + */ +void mbedtls_test_skip(const char *test, int line_no, const char *filename); + +/** + * \brief Set the test step number for failure reports. + * + * Call this function to display "step NNN" in addition to the + * line number and file name if a test fails. Typically the + * "step number" is the index of a for loop but it can be + * whatever you want. + * + * \note It is not recommended for multiple threads to call this + * function concurrently - whilst it is entirely thread safe, + * the order of calls to this function can obviously not be + * ensured, so unexpected results may occur. + * + * \param step The step number to report. + */ +void mbedtls_test_set_step(unsigned long step); + +/** + * \brief Reset mbedtls_test_info to a ready/starting state. + */ +void mbedtls_test_info_reset(void); + +#ifdef MBEDTLS_TEST_MUTEX_USAGE +/** + * \brief Get the test info data mutex. + * + * \note This is designed only to be used by threading_helpers to + * avoid a deadlock, not for general access to this mutex. + * + * \return The test info data mutex. + */ +mbedtls_threading_mutex_t *mbedtls_test_get_info_mutex(void); + +#endif /* MBEDTLS_TEST_MUTEX_USAGE */ + +/** + * \brief Record the current test case as a failure if two integers + * have a different value. + * + * This function is usually called via the macro + * #TEST_EQUAL. + * + * \param test Description of the failure or assertion that failed. This + * MUST be a string literal. This normally has the form + * "EXPR1 == EXPR2" where EXPR1 has the value \p value1 + * and EXPR2 has the value \p value2. + * \param line_no Line number where the failure originated. + * \param filename Filename where the failure originated. + * \param value1 The first value to compare. + * \param value2 The second value to compare. + * + * \return \c 1 if the values are equal, otherwise \c 0. + */ +int mbedtls_test_equal(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2); + +/** + * \brief Record the current test case as a failure based + * on comparing two unsigned integers. + * + * This function is usually called via the macro + * #TEST_LE_U. + * + * \param test Description of the failure or assertion that failed. This + * MUST be a string literal. This normally has the form + * "EXPR1 <= EXPR2" where EXPR1 has the value \p value1 + * and EXPR2 has the value \p value2. + * \param line_no Line number where the failure originated. + * \param filename Filename where the failure originated. + * \param value1 The first value to compare. + * \param value2 The second value to compare. + * + * \return \c 1 if \p value1 <= \p value2, otherwise \c 0. + */ +int mbedtls_test_le_u(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2); + +/** + * \brief Record the current test case as a failure based + * on comparing two signed integers. + * + * This function is usually called via the macro + * #TEST_LE_S. + * + * \param test Description of the failure or assertion that failed. This + * MUST be a string literal. This normally has the form + * "EXPR1 <= EXPR2" where EXPR1 has the value \p value1 + * and EXPR2 has the value \p value2. + * \param line_no Line number where the failure originated. + * \param filename Filename where the failure originated. + * \param value1 The first value to compare. + * \param value2 The second value to compare. + * + * \return \c 1 if \p value1 <= \p value2, otherwise \c 0. + */ +int mbedtls_test_le_s(const char *test, int line_no, const char *filename, + long long value1, long long value2); + +/** + * \brief This function decodes the hexadecimal representation of + * data. + * + * \note The output buffer can be the same as the input buffer. For + * any other overlapping of the input and output buffers, the + * behavior is undefined. + * + * \param obuf Output buffer. + * \param obufmax Size in number of bytes of \p obuf. + * \param ibuf Input buffer. + * \param len The number of unsigned char written in \p obuf. This must + * not be \c NULL. + * + * \return \c 0 on success. + * \return \c -1 if the output buffer is too small or the input string + * is not a valid hexadecimal representation. + */ +int mbedtls_test_unhexify(unsigned char *obuf, size_t obufmax, + const char *ibuf, size_t *len); + +void mbedtls_test_hexify(unsigned char *obuf, + const unsigned char *ibuf, + int len); + +/** + * \brief Convert hexadecimal digit to an integer. + * + * \param c The digit to convert (`'0'` to `'9'`, `'A'` to `'F'` or + * `'a'` to `'f'`). + * \param[out] uc On success, the value of the digit (0 to 15). + * + * \return 0 on success, -1 if \p c is not a hexadecimal digit. + */ +int mbedtls_test_ascii2uc(const char c, unsigned char *uc); + +/** + * Allocate and zeroize a buffer. + * + * If the size if zero, a pointer to a zeroized 1-byte buffer is returned. + * + * For convenience, dies if allocation fails. + */ +unsigned char *mbedtls_test_zero_alloc(size_t len); + +/** + * Allocate and fill a buffer from hex data. + * + * The buffer is sized exactly as needed. This allows to detect buffer + * overruns (including overreads) when running the test suite under valgrind. + * + * If the size if zero, a pointer to a zeroized 1-byte buffer is returned. + * + * For convenience, dies if allocation fails. + */ +unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen); + +int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, + uint32_t a_len, uint32_t b_len); + +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +#include "test/fake_external_rng_for_test.h" +#endif + +#if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Check that only a pure high-level error code is being combined with + * a pure low-level error code as otherwise the resultant error code + * would be corrupted. + * + * \note Both high-level and low-level error codes cannot be greater than + * zero however can be zero. If one error code is zero then the + * other error code is returned even if both codes are zero. + * + * \note If the check fails, fail the test currently being run. + */ +void mbedtls_test_err_add_check(int high, int low, + const char *file, int line); +#endif + +#endif /* TEST_HELPERS_H */ diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h new file mode 100644 index 0000000000..a73e06fca8 --- /dev/null +++ b/tests/include/test/macros.h @@ -0,0 +1,250 @@ +/** + * \file macros.h + * + * \brief This file contains generic macros for the purpose of testing. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_MACROS_H +#define TEST_MACROS_H + +#include "mbedtls/build_info.h" + +#include + +#include "mbedtls/platform.h" + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#include "mbedtls/memory_buffer_alloc.h" +#endif +#include "common.h" + +/** + * \brief This macro tests the expression passed to it as a test step or + * individual test in a test case. + * + * It allows a library function to return a value and return an error + * code that can be tested. + * + * Failing the test means: + * - Mark this test case as failed. + * - Print a message identifying the failure. + * - Jump to the \c exit label. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param TEST The test expression to be tested. + */ +#define TEST_ASSERT(TEST) \ + do { \ + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + goto exit; \ + } \ + } while (0) + +/** This macro asserts fails the test with given output message. + * + * \param MESSAGE The message to be outputed on assertion + */ +#define TEST_FAIL(MESSAGE) \ + do { \ + mbedtls_test_fail(MESSAGE, __LINE__, __FILE__); \ + goto exit; \ + } while (0) + +/** Evaluate two integer expressions and fail the test case if they have + * different values. + * + * The two expressions should have the same signedness, otherwise the + * comparison is not meaningful if the signed value is negative. + * + * \param expr1 An integral-typed expression to evaluate. + * \param expr2 Another integral-typed expression to evaluate. + */ +#define TEST_EQUAL(expr1, expr2) \ + do { \ + if (!mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \ + (unsigned long long) (expr1), (unsigned long long) (expr2))) \ + goto exit; \ + } while (0) + +/** Evaluate two unsigned integer expressions and fail the test case + * if they are not in increasing order (left <= right). + * + * \param expr1 An integral-typed expression to evaluate. + * \param expr2 Another integral-typed expression to evaluate. + */ +#define TEST_LE_U(expr1, expr2) \ + do { \ + if (!mbedtls_test_le_u( #expr1 " <= " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) + +/** Evaluate two signed integer expressions and fail the test case + * if they are not in increasing order (left <= right). + * + * \param expr1 An integral-typed expression to evaluate. + * \param expr2 Another integral-typed expression to evaluate. + */ +#define TEST_LE_S(expr1, expr2) \ + do { \ + if (!mbedtls_test_le_s( #expr1 " <= " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) + +/** Allocate memory dynamically and fail the test case if this fails. + * The allocated memory will be filled with zeros. + * + * You must set \p pointer to \c NULL before calling this macro and + * put `mbedtls_free(pointer)` in the test's cleanup code. + * + * If \p item_count is zero, the resulting \p pointer will be \c NULL. + * This is usually what we want in tests since API functions are + * supposed to accept null pointers when a buffer size is zero. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param item_count Number of elements to allocate. + * This expression may be evaluated multiple times. + * + */ +#define TEST_CALLOC(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + if ((item_count) != 0) { \ + (pointer) = mbedtls_calloc((item_count), \ + sizeof(*(pointer))); \ + TEST_ASSERT((pointer) != NULL); \ + } \ + } while (0) + +/** Allocate memory dynamically and fail the test case if this fails. + * The allocated memory will be filled with zeros. + * + * You must set \p pointer to \c NULL before calling this macro and + * put `mbedtls_free(pointer)` in the test's cleanup code. + * + * If \p item_count is zero, the resulting \p pointer will not be \c NULL. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param item_count Number of elements to allocate. + * This expression may be evaluated multiple times. + * + * Note: if passing size 0, mbedtls_calloc may return NULL. In this case, + * we reattempt to allocate with the smallest possible buffer to assure a + * non-NULL pointer. + */ +#define TEST_CALLOC_NONNULL(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + (pointer) = mbedtls_calloc((item_count), \ + sizeof(*(pointer))); \ + if (((pointer) == NULL) && ((item_count) == 0)) { \ + (pointer) = mbedtls_calloc(1, 1); \ + } \ + TEST_ASSERT((pointer) != NULL); \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_ALLOC(pointer, item_count) TEST_CALLOC(pointer, item_count) + +/** Allocate memory dynamically. If the allocation fails, skip the test case. + * + * This macro behaves like #TEST_CALLOC, except that if the allocation + * fails, it marks the test as skipped rather than failed. + */ +#define TEST_CALLOC_OR_SKIP(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + if ((item_count) != 0) { \ + (pointer) = mbedtls_calloc((item_count), \ + sizeof(*(pointer))); \ + TEST_ASSUME((pointer) != NULL); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_ALLOC_WEAK(pointer, item_count) TEST_CALLOC_OR_SKIP(pointer, item_count) + +/** Compare two buffers and fail the test case if they differ. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param p1 Pointer to the start of the first buffer. + * \param size1 Size of the first buffer in bytes. + * This expression may be evaluated multiple times. + * \param p2 Pointer to the start of the second buffer. + * \param size2 Size of the second buffer in bytes. + * This expression may be evaluated multiple times. + */ +#define TEST_MEMORY_COMPARE(p1, size1, p2, size2) \ + do { \ + TEST_EQUAL((size1), (size2)); \ + if ((size1) != 0) { \ + TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_COMPARE(p1, size1, p2, size2) TEST_MEMORY_COMPARE(p1, size1, p2, size2) + +/** + * \brief This macro tests the expression passed to it and skips the + * running test if it doesn't evaluate to 'true'. + * + * \param TEST The test expression to be tested. + */ +#define TEST_ASSUME(TEST) \ + do { \ + if (!(TEST)) \ + { \ + mbedtls_test_skip( #TEST, __LINE__, __FILE__); \ + goto exit; \ + } \ + } while (0) + +#define TEST_HELPER_ASSERT(a) if (!(a)) \ + { \ + mbedtls_fprintf(stderr, "Assertion Failed at %s:%d - %s\n", \ + __FILE__, __LINE__, #a); \ + mbedtls_exit(1); \ + } + +/** Return the smaller of two values. + * + * \param x An integer-valued expression without side effects. + * \param y An integer-valued expression without side effects. + * + * \return The smaller of \p x and \p y. + */ +#define MIN(x, y) ((x) < (y) ? (x) : (y)) + +/** Return the larger of two values. + * + * \param x An integer-valued expression without side effects. + * \param y An integer-valued expression without side effects. + * + * \return The larger of \p x and \p y. + */ +#define MAX(x, y) ((x) > (y) ? (x) : (y)) + +#endif /* TEST_MACROS_H */ diff --git a/tests/include/test/memory.h b/tests/include/test/memory.h new file mode 100644 index 0000000000..940d9e6baa --- /dev/null +++ b/tests/include/test/memory.h @@ -0,0 +1,108 @@ +/** + * \file memory.h + * + * \brief Helper macros and functions related to testing memory management. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_MEMORY_H +#define TEST_MEMORY_H + +#include "mbedtls/build_info.h" +#include "mbedtls/platform.h" +#include "test/helpers.h" + +/** \def MBEDTLS_TEST_MEMORY_CAN_POISON + * + * This macro is defined if the tests are compiled with a method to mark + * memory as poisoned, which can be used to enforce some memory access + * policies. + * + * Support for the C11 thread_local keyword is also required. + * + * Currently, only Asan (Address Sanitizer) is supported. + */ +#if defined(MBEDTLS_TEST_HAVE_ASAN) && \ + (__STDC_VERSION__ >= 201112L) && \ + !defined(PSA_CRYPTO_DRIVER_TEST) +# define MBEDTLS_TEST_MEMORY_CAN_POISON +#endif + +/** \def MBEDTLS_TEST_MEMORY_POISON(buf, size) + * + * Poison a memory area so that any attempt to read or write from it will + * cause a runtime failure. + * + * Depending on the implementation, this may poison a few bytes beyond the + * indicated region, but will never poison a separate object on the heap + * or a separate object with more than the alignment of a long long. + * + * The behavior is undefined if any part of the memory area is invalid. + * + * This is a no-op in builds without a poisoning method. + * See #MBEDTLS_TEST_MEMORY_CAN_POISON. + * + * \param buf Pointer to the beginning of the memory area to poison. + * \param size Size of the memory area in bytes. + */ + +/** \def MBEDTLS_TEST_MEMORY_UNPOISON(buf, size) + * + * Undo the effect of #MBEDTLS_TEST_MEMORY_POISON. + * + * The behavior is undefined if any part of the memory area is invalid, + * or if the memory area contains a mixture of poisoned and unpoisoned parts. + * + * This is a no-op in builds without a poisoning method. + * See #MBEDTLS_TEST_MEMORY_CAN_POISON. + * + * \param buf Pointer to the beginning of the memory area to unpoison. + * \param size Size of the memory area in bytes. + */ + +#if defined(MBEDTLS_TEST_MEMORY_CAN_POISON) + +/** Thread-local variable used to enable memory poisoning. This is set and + * unset in the test wrappers so that calls to PSA functions from the library + * do not poison memory. + */ +extern _Thread_local unsigned int mbedtls_test_memory_poisoning_count; + +/** Poison a memory area so that any attempt to read or write from it will + * cause a runtime failure. + * + * The behavior is undefined if any part of the memory area is invalid. + */ +void mbedtls_test_memory_poison(const unsigned char *ptr, size_t size); +#define MBEDTLS_TEST_MEMORY_POISON(ptr, size) \ + do { \ + mbedtls_test_memory_poisoning_count++; \ + mbedtls_test_memory_poison(ptr, size); \ + } while (0) + +/** Undo the effect of mbedtls_test_memory_poison(). + * + * This is a no-op if the given area is entirely valid, unpoisoned memory. + * + * The behavior is undefined if any part of the memory area is invalid, + * or if the memory area contains a mixture of poisoned and unpoisoned parts. + */ +void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size); +#define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size) \ + do { \ + mbedtls_test_memory_unpoison(ptr, size); \ + if (mbedtls_test_memory_poisoning_count != 0) { \ + mbedtls_test_memory_poisoning_count--; \ + } \ + } while (0) + +#else /* MBEDTLS_TEST_MEMORY_CAN_POISON */ +#define MBEDTLS_TEST_MEMORY_POISON(ptr, size) ((void) (ptr), (void) (size)) +#define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size) ((void) (ptr), (void) (size)) +#endif /* MBEDTLS_TEST_MEMORY_CAN_POISON */ + +#endif /* TEST_MEMORY_H */ diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h new file mode 100644 index 0000000000..ea6e8c52dc --- /dev/null +++ b/tests/include/test/psa_crypto_helpers.h @@ -0,0 +1,443 @@ +/* + * Helper functions for tests that use the PSA Crypto API. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_HELPERS_H +#define PSA_CRYPTO_HELPERS_H + +#include "test/helpers.h" + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) +#include "test/psa_helpers.h" +#include +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) +/** Initialize the PSA Crypto subsystem. */ +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) + +/** Shut down the PSA Crypto subsystem and destroy persistent keys. + * Expect a clean shutdown, with no slots in use. + * + * If some key slots are still in use, record the test case as failed, + * but continue executing. This macro is suitable (and primarily intended) + * for use in the cleanup section of test functions. + * + * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before + * creating them. + */ +#define PSA_DONE() \ + do \ + { \ + mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ + mbedtls_test_psa_purge_key_storage(); \ + mbedtls_psa_crypto_free(); \ + } \ + while (0) +#elif defined(MBEDTLS_PSA_CRYPTO_CLIENT) /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */ +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) +#define PSA_DONE() mbedtls_psa_crypto_free(); +#else /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */ +#define PSA_INIT() ((void) 0) +#define PSA_DONE() ((void) 0) +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + +/* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */ +int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id); + +/** Destroy persistent keys recorded with #TEST_USES_KEY_ID. + */ +void mbedtls_test_psa_purge_key_storage(void); + +/** Purge the in-memory cache of persistent keys recorded with + * #TEST_USES_KEY_ID. + * + * Call this function before calling PSA_DONE() if it's ok for + * persistent keys to still exist at this point. + */ +void mbedtls_test_psa_purge_key_cache(void); + +/** \def TEST_USES_KEY_ID + * + * Call this macro in a test function before potentially creating a + * persistent key. Test functions that use this mechanism must call + * mbedtls_test_psa_purge_key_storage() in their cleanup code. + * + * This macro records a persistent key identifier as potentially used in the + * current test case. Recorded key identifiers will be cleaned up at the end + * of the test case, even on failure. + * + * This macro has no effect on volatile keys. Therefore, it is safe to call + * this macro in a test function that creates either volatile or persistent + * keys depending on the test data. + * + * This macro currently has no effect on special identifiers + * used to store implementation-specific files. + * + * Calling this macro multiple times on the same key identifier in the same + * test case has no effect. + * + * This macro can fail the test case if there isn't enough memory to + * record the key id. + * + * \param key_id The PSA key identifier to record. + */ +#define TEST_USES_KEY_ID(key_id) \ + TEST_ASSERT(mbedtls_test_uses_key_id(key_id)) + +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + +#define TEST_USES_KEY_ID(key_id) ((void) (key_id)) +#define mbedtls_test_psa_purge_key_storage() ((void) 0) +#define mbedtls_test_psa_purge_key_cache() ((void) 0) + +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + +/** Check for things that have not been cleaned up properly in the + * PSA subsystem. + * + * \return NULL if nothing has leaked. + * \return A string literal explaining what has not been cleaned up + * if applicable. + */ +const char *mbedtls_test_helper_is_psa_leaking(void); + +/** Check that no PSA Crypto key slots are in use. + * + * If any slots are in use, mark the current test as failed and jump to + * the exit label. This is equivalent to + * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )` + * but with a more informative message. + */ +#define ASSERT_PSA_PRISTINE() \ + do \ + { \ + if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \ + goto exit; \ + } \ + while (0) + +/** Shut down the PSA Crypto subsystem, allowing persistent keys to survive. + * Expect a clean shutdown, with no slots in use. + * + * If some key slots are still in use, record the test case as failed and + * jump to the `exit` label. + */ +#define PSA_SESSION_DONE() \ + do \ + { \ + mbedtls_test_psa_purge_key_cache(); \ + ASSERT_PSA_PRISTINE(); \ + mbedtls_psa_crypto_free(); \ + } \ + while (0) + + + +#if defined(RECORD_PSA_STATUS_COVERAGE_LOG) +psa_status_t mbedtls_test_record_status(psa_status_t status, + const char *func, + const char *file, int line, + const char *expr); + +/** Return value logging wrapper macro. + * + * Evaluate \p expr. Write a line recording its value to the log file + * #STATUS_LOG_FILE_NAME and return the value. The line is a colon-separated + * list of fields: + * ``` + * value of expr:string:__FILE__:__LINE__:expr + * ``` + * + * The test code does not call this macro explicitly because that would + * be very invasive. Instead, we instrument the source code by defining + * a bunch of wrapper macros like + * ``` + * #define psa_crypto_init() RECORD_STATUS("psa_crypto_init", psa_crypto_init()) + * ``` + * These macro definitions must be present in `instrument_record_status.h` + * when building the test suites. + * + * \param string A string, normally a function name. + * \param expr An expression to evaluate, normally a call of the function + * whose name is in \p string. This expression must return + * a value of type #psa_status_t. + * \return The value of \p expr. + */ +#define RECORD_STATUS(string, expr) \ + mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr) + +#include "instrument_record_status.h" + +#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ + +/** Return extended key usage policies. + * + * Do a key policy permission extension on key usage policies always involves + * permissions of other usage policies + * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE). + */ +psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags); + +/** Check that no PSA Crypto key slots are in use. + * + * If any slots are in use, mark the current test as failed. + * + * \return 0 if the key store is empty, 1 otherwise. + */ +int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename); + + + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform + * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO + * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions + * is to read and write from the entropy seed file, which is located + * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID. + * (These could have been provided as library functions, but for historical + * reasons, they weren't, and so each integrator has to provide a copy + * of these functions.) + * + * Provide implementations of these functions for testing. */ +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len); +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len); + + +/** Make sure that the injected entropy is present. + * + * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init() + * will fail if the PSA entropy seed is not present. + * This function must be called at least once in a test suite or other + * program before any call to psa_crypto_init(). + * It does not need to be called in each test case. + * + * The test framework calls this function before running any test case. + * + * The few tests that might remove the entropy file must call this function + * in their cleanup. + */ +int mbedtls_test_inject_entropy_restore(void); +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + +/** Parse binary string and convert it to a long integer + */ +uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); + +/** Skip a test case if the given key is a 192 bits AES key and the AES + * implementation is at least partially provided by an accelerator or + * alternative implementation. + * + * Call this macro in a test case when a cryptographic operation that may + * involve an AES operation returns a #PSA_ERROR_NOT_SUPPORTED error code. + * The macro call will skip and not fail the test case in case the operation + * involves a 192 bits AES key and the AES implementation is at least + * partially provided by an accelerator or alternative implementation. + * + * Hardware AES implementations not supporting 192 bits keys commonly exist. + * Consequently, PSA test cases aim at not failing when an AES operation with + * a 192 bits key performed by an alternative AES implementation returns + * with the #PSA_ERROR_NOT_SUPPORTED error code. The purpose of this macro + * is to facilitate this and make the test case code more readable. + * + * \param key_type Key type + * \param key_bits Key length in number of bits. + */ +#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#define MBEDTLS_TEST_HAVE_ALT_AES 1 +#else +#define MBEDTLS_TEST_HAVE_ALT_AES 0 +#endif + +#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \ + do \ + { \ + if ((MBEDTLS_TEST_HAVE_ALT_AES) && \ + ((key_type) == PSA_KEY_TYPE_AES) && \ + (key_bits == 192)) \ + { \ + mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__); \ + goto exit; \ + } \ + } \ + while (0) + +/** Skip a test case if a GCM operation with a nonce length different from + * 12 bytes fails and was performed by an accelerator or alternative + * implementation. + * + * Call this macro in a test case when an AEAD cryptography operation that + * may involve the GCM mode returns with a #PSA_ERROR_NOT_SUPPORTED error + * code. The macro call will skip and not fail the test case in case the + * operation involves the GCM mode, a nonce with a length different from + * 12 bytes and the GCM mode implementation is an alternative one. + * + * Hardware GCM implementations not supporting nonce lengths different from + * 12 bytes commonly exist, as supporting a non-12-byte nonce requires + * additional computations involving the GHASH function. + * Consequently, PSA test cases aim at not failing when an AEAD operation in + * GCM mode with a nonce length different from 12 bytes is performed by an + * alternative GCM implementation and returns with a #PSA_ERROR_NOT_SUPPORTED + * error code. The purpose of this macro is to facilitate this check and make + * the test case code more readable. + * + * \param alg The AEAD algorithm. + * \param nonce_length The nonce length in number of bytes. + */ + +#if defined(MBEDTLS_PSA_ACCEL_ALG_GCM) +#define MBEDTLS_TEST_HAVE_ACCEL_GCM 1 +#else +#define MBEDTLS_TEST_HAVE_ACCEL_GCM 0 +#endif + +#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \ + nonce_length) \ + do \ + { \ + if ((MBEDTLS_TEST_HAVE_ACCEL_GCM) && \ + (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \ + ((nonce_length) != 12)) \ + { \ + mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \ + goto exit; \ + } \ + } \ + while (0) + +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ + +/** \def USE_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO + * or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the + * TLS 1.3 one uses PSA independently of the definition of + * #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def USE_PSA_DONE + * + * Call this macro at the end of a test case if you called #USE_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #USE_PSA_INIT. + */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) +#define USE_PSA_INIT() PSA_INIT() +#define USE_PSA_DONE() PSA_DONE() +#else /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */ +/* Define empty macros so that we can use them in the preamble and teardown + * of every test function that uses PSA conditionally based on + * MBEDTLS_USE_PSA_CRYPTO. */ +#define USE_PSA_INIT() ((void) 0) +#define USE_PSA_DONE() ((void) 0) +#endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */ + +/** \def MD_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if MD uses a driver, + * and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def MD_PSA_DONE + * + * Call this macro at the end of a test case if you called #MD_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #MD_PSA_INIT. + */ +#if defined(MBEDTLS_MD_SOME_PSA) +#define MD_PSA_INIT() PSA_INIT() +#define MD_PSA_DONE() PSA_DONE() +#else /* MBEDTLS_MD_SOME_PSA */ +#define MD_PSA_INIT() ((void) 0) +#define MD_PSA_DONE() ((void) 0) +#endif /* MBEDTLS_MD_SOME_PSA */ + +/** \def BLOCK_CIPHER_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if BLOCK_CIPHER uses a driver, + * and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def BLOCK_CIPHER_PSA_DONE + * + * Call this macro at the end of a test case if you called #BLOCK_CIPHER_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #BLOCK_CIPHER_PSA_INIT. + */ +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +#define BLOCK_CIPHER_PSA_INIT() PSA_INIT() +#define BLOCK_CIPHER_PSA_DONE() PSA_DONE() +#else /* MBEDTLS_MD_SOME_PSA */ +#define BLOCK_CIPHER_PSA_INIT() ((void) 0) +#define BLOCK_CIPHER_PSA_DONE() ((void) 0) +#endif /* MBEDTLS_MD_SOME_PSA */ + + +/** \def MD_OR_USE_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if MD uses a driver, + * or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled, + * and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def MD_OR_USE_PSA_DONE + * + * Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #MD_OR_USE_PSA_INIT. + */ +#if defined(MBEDTLS_MD_SOME_PSA) || \ + defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) +#define MD_OR_USE_PSA_INIT() PSA_INIT() +#define MD_OR_USE_PSA_DONE() PSA_DONE() +#else +#define MD_OR_USE_PSA_INIT() ((void) 0) +#define MD_OR_USE_PSA_DONE() ((void) 0) +#endif + +/** \def AES_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if AES_C is not defined, + * so that CTR_DRBG uses PSA implementation to get AES-ECB. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def AES_PSA_DONE + * + * Call this macro at the end of a test case if you called #AES_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #AES_PSA_INIT. + */ +#if defined(MBEDTLS_AES_C) +#define AES_PSA_INIT() ((void) 0) +#define AES_PSA_DONE() ((void) 0) +#else /* MBEDTLS_AES_C */ +#define AES_PSA_INIT() PSA_INIT() +#define AES_PSA_DONE() PSA_DONE() +#endif /* MBEDTLS_AES_C */ + +#endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h new file mode 100644 index 0000000000..f6be3073ac --- /dev/null +++ b/tests/include/test/psa_exercise_key.h @@ -0,0 +1,286 @@ +/** Code to exercise a PSA key object, i.e. validate that it seems well-formed + * and can do what it is supposed to do. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_EXERCISE_KEY_H +#define PSA_EXERCISE_KEY_H + +#include "test/helpers.h" +#include "test/psa_crypto_helpers.h" + +#include + +#if defined(MBEDTLS_PK_C) +#include +#endif + +/** \def KNOWN_SUPPORTED_HASH_ALG + * + * A hash algorithm that is known to be supported. + * + * This is used in some smoke tests. + */ +#if defined(PSA_WANT_ALG_SHA_256) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_256 +#elif defined(PSA_WANT_ALG_SHA_384) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_384 +#elif defined(PSA_WANT_ALG_SHA_512) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_512 +#elif defined(PSA_WANT_ALG_SHA3_256) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA3_256 +#elif defined(PSA_WANT_ALG_SHA_1) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_SHA_1 +#elif defined(PSA_WANT_ALG_MD5) +#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5 +/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of + * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 + * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be + * implausible anyway. */ +#else +#undef KNOWN_SUPPORTED_HASH_ALG +#endif + +/** \def KNOWN_SUPPORTED_BLOCK_CIPHER + * + * A block cipher that is known to be supported. + * + * For simplicity's sake, stick to block ciphers with 16-byte blocks. + */ +#if defined(PSA_WANT_KEY_TYPE_AES) +#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES +#elif defined(PSA_WANT_KEY_TYPE_ARIA) +#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA +#elif defined(PSA_WANT_KEY_TYPE_CAMELLIA) +#define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA +#else +#undef KNOWN_SUPPORTED_BLOCK_CIPHER +#endif + +/** \def KNOWN_SUPPORTED_MAC_ALG + * + * A MAC mode that is known to be supported. + * + * It must either be HMAC with #KNOWN_SUPPORTED_HASH_ALG or + * a block cipher-based MAC with #KNOWN_SUPPORTED_BLOCK_CIPHER. + * + * This is used in some smoke tests. + */ +#if defined(KNOWN_SUPPORTED_HASH_ALG) && defined(PSA_WANT_ALG_HMAC) +#define KNOWN_SUPPORTED_MAC_ALG (PSA_ALG_HMAC(KNOWN_SUPPORTED_HASH_ALG)) +#define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C) +#define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC +#define KNOWN_SUPPORTED_MAC_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER +#else +#undef KNOWN_SUPPORTED_MAC_ALG +#undef KNOWN_SUPPORTED_MAC_KEY_TYPE +#endif + +/** \def KNOWN_SUPPORTED_BLOCK_CIPHER_ALG + * + * A cipher algorithm and key type that are known to be supported. + * + * This is used in some smoke tests. + */ +#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CTR) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CBC_NO_PADDING) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CFB) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_OFB) +#define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB +#else +#undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG +#endif +#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG) +#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG +#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER +#else +#undef KNOWN_SUPPORTED_CIPHER_ALG +#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE +#endif + +/** Convenience function to set up a key derivation. + * + * In case of failure, mark the current test case as failed. + * + * The inputs \p input1 and \p input2 are, in order: + * - HKDF: salt, info. + * - TKS 1.2 PRF, TLS 1.2 PSK-to-MS: seed, label. + * - PBKDF2: input cost, salt. + * + * \param operation The operation object to use. + * It must be in the initialized state. + * \param key The key to use. + * \param alg The algorithm to use. + * \param input1 The first input to pass. + * \param input1_length The length of \p input1 in bytes. + * \param input2 The first input to pass. + * \param input2_length The length of \p input2 in bytes. + * \param capacity The capacity to set. + * \param key_destroyable If set to 1, a failure due to the key not existing + * or the key being destroyed mid-operation will only + * be reported if the error code is unexpected. + * + * \return \c 1 on success, \c 0 on failure. + */ +int mbedtls_test_psa_setup_key_derivation_wrap( + psa_key_derivation_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const unsigned char *input1, size_t input1_length, + const unsigned char *input2, size_t input2_length, + size_t capacity, int key_destroyable); + +/** Perform a key agreement using the given key pair against its public key + * using psa_raw_key_agreement(). + * + * The result is discarded. The purpose of this function is to smoke-test a key. + * + * In case of failure, mark the current test case as failed. + * + * \param alg A key agreement algorithm compatible with \p key. + * \param key A key that allows key agreement with \p alg. + * \param key_destroyable If set to 1, a failure due to the key not existing + * or the key being destroyed mid-operation will only + * be reported if the error code is unexpected. + * + * \return \c 1 on success, \c 0 on failure. + */ +psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( + psa_algorithm_t alg, + mbedtls_svc_key_id_t key, int key_destroyable); + +/** Perform a key agreement using the given key pair against its public key + * using psa_key_derivation_raw_key(). + * + * The result is discarded. The purpose of this function is to smoke-test a key. + * + * In case of failure, mark the current test case as failed. + * + * \param operation An operation that has been set up for a key + * agreement algorithm that is compatible with + * \p key. + * \param key A key pair object that is suitable for a key + * agreement with \p operation. + * \param key_destroyable If set to 1, a failure due to the key not existing + * or the key being destroyed mid-operation will only + * be reported if the error code is unexpected. + * + * \return \c 1 on success, \c 0 on failure. + */ +psa_status_t mbedtls_test_psa_key_agreement_with_self( + psa_key_derivation_operation_t *operation, + mbedtls_svc_key_id_t key, int key_destroyable); + +/** Perform sanity checks on the given key representation. + * + * If any of the checks fail, mark the current test case as failed. + * + * The checks depend on the key type. + * - All types: check the export size against maximum-size macros. + * - DES: parity bits. + * - RSA: check the ASN.1 structure and the size and parity of the integers. + * - ECC private or public key: exact representation length. + * - Montgomery public key: first byte. + * + * \param type The key type. + * \param bits The key size in bits. + * \param exported A buffer containing the key representation. + * \param exported_length The length of \p exported in bytes. + * + * \return \c 1 if all checks passed, \c 0 on failure. + */ +int mbedtls_test_psa_exported_key_sanity_check( + psa_key_type_t type, size_t bits, + const uint8_t *exported, size_t exported_length); + +/** Do smoke tests on a key. + * + * Perform one of each operation indicated by \p alg (decrypt/encrypt, + * sign/verify, or derivation) that is permitted according to \p usage. + * \p usage and \p alg should correspond to the expected policy on the + * key. + * + * Export the key if permitted by \p usage, and check that the output + * looks sensible. If \p usage forbids export, check that + * \p psa_export_key correctly rejects the attempt. If the key is + * asymmetric, also check \p psa_export_public_key. + * + * If the key fails the tests, this function calls the test framework's + * `mbedtls_test_fail` function and returns false. Otherwise this function + * returns true. Therefore it should be used as follows: + * ``` + * if( ! exercise_key( ... ) ) goto exit; + * ``` + * To use this function for multi-threaded tests where the key + * may be destroyed at any point: call this function with key_destroyable set + * to 1, while another thread calls psa_destroy_key on the same key; + * this will test whether destroying the key in use leads to any corruption. + * + * There cannot be a set of concurrent calls: + * `mbedtls_test_psa_exercise_key(ki,...)` such that each ki is a unique + * persistent key not loaded into any key slot, and i is greater than the + * number of free key slots. + * This is because such scenarios can lead to unsupported + * `PSA_ERROR_INSUFFICIENT_MEMORY` return codes. + * + * + * \param key The key to exercise. It should be capable of performing + * \p alg. + * \param usage The usage flags to assume. + * \param alg The algorithm to exercise. + * \param key_destroyable If set to 1, a failure due to the key not existing + * or the key being destroyed mid-operation will only + * be reported if the error code is unexpected. + * + * \retval 0 The key failed the smoke tests. + * \retval 1 The key passed the smoke tests. + */ +int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable); + +psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, + psa_algorithm_t alg); + +/** Whether the specified algorithm can be exercised. + * + * \note This function is solely based on the algorithm and does not + * consider potential issues with the compatibility of a key. + * The idea is that you already have a key, so you know that the + * key type is supported, and you want to exercise the key but + * only if the algorithm given in its policy is enabled in the + * compile-time configuration. + * + * \note This function currently only supports signature algorithms + * (including wildcards). + * TODO: a more general mechanism, which should be automatically + * generated and possibly available as a library function? + */ +int mbedtls_test_can_exercise_psa_algorithm(psa_algorithm_t alg); + +#if defined(MBEDTLS_PK_C) +/** PK-PSA key consistency test. + * + * This function tests that the pk context and the PSA key are + * consistent. At a minimum: + * + * - The two objects must contain keys of the same type, + * or a key pair and a public key of the matching type. + * - The two objects must have the same public key. + * + * \retval 0 The key failed the consistency tests. + * \retval 1 The key passed the consistency tests. + */ +int mbedtls_test_key_consistency_psa_pk(mbedtls_svc_key_id_t psa_key, + const mbedtls_pk_context *pk); +#endif /* MBEDTLS_PK_C */ + +#endif /* PSA_EXERCISE_KEY_H */ diff --git a/tests/include/test/psa_helpers.h b/tests/include/test/psa_helpers.h new file mode 100644 index 0000000000..b61718939e --- /dev/null +++ b/tests/include/test/psa_helpers.h @@ -0,0 +1,24 @@ +/* + * Helper functions for tests that use any PSA API. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_HELPERS_H +#define PSA_HELPERS_H + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#include "spm/psa_defs.h" +#endif + +/** Evaluate an expression and fail the test case if it returns an error. + * + * \param expr The expression to evaluate. This is typically a call + * to a \c psa_xxx function that returns a value of type + * #psa_status_t. + */ +#define PSA_ASSERT(expr) TEST_EQUAL((expr), PSA_SUCCESS) + +#endif /* PSA_HELPERS_H */ diff --git a/tests/include/test/psa_memory_poisoning_wrappers.h b/tests/include/test/psa_memory_poisoning_wrappers.h new file mode 100644 index 0000000000..3f30b65c04 --- /dev/null +++ b/tests/include/test/psa_memory_poisoning_wrappers.h @@ -0,0 +1,40 @@ +/** Support for memory poisoning wrappers for PSA functions. + * + * The wrappers poison the input and output buffers of each function + * before calling it, to ensure that it does not access the buffers + * except by calling the approved buffer-copying functions. + * + * This header declares support functions. The wrappers themselves are + * decalred in the automatically generated file `test/psa_test_wrappers.h`. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_MEMORY_POISONING_WRAPPERS_H +#define PSA_MEMORY_POISONING_WRAPPERS_H + +#include "psa/crypto.h" + +#include "test/memory.h" + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_TEST_MEMORY_CAN_POISON) + +/** + * \brief Setup the memory poisoning test hooks used by + * psa_crypto_copy_input() and psa_crypto_copy_output() for + * memory poisoning. + */ +void mbedtls_poison_test_hooks_setup(void); + +/** + * \brief Teardown the memory poisoning test hooks used by + * psa_crypto_copy_input() and psa_crypto_copy_output() for + * memory poisoning. + */ +void mbedtls_poison_test_hooks_teardown(void); + +#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_TEST_MEMORY_CAN_POISON */ + +#endif /* PSA_MEMORY_POISONING_WRAPPERS_H */ diff --git a/tests/include/test/psa_test_wrappers.h b/tests/include/test/psa_test_wrappers.h new file mode 100644 index 0000000000..e6d712bd63 --- /dev/null +++ b/tests/include/test/psa_test_wrappers.h @@ -0,0 +1,771 @@ +/* Automatically generated by generate_psa_wrappers.py, do not edit! */ + +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_PSA_TEST_WRAPPERS_H +#define TEST_PSA_TEST_WRAPPERS_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ + !defined(RECORD_PSA_STATUS_COVERAGE_LOG) + +#include + +#include +#include +#include + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +psa_status_t mbedtls_test_wrap_mbedtls_psa_inject_entropy( + const uint8_t *arg0_seed, + size_t arg1_seed_size); +#define mbedtls_psa_inject_entropy(arg0_seed, arg1_seed_size) \ + mbedtls_test_wrap_mbedtls_psa_inject_entropy(arg0_seed, arg1_seed_size) +#endif /* defined(MBEDTLS_PSA_INJECT_ENTROPY) */ + +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +psa_status_t mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key( + mbedtls_svc_key_id_t arg0_key_id, + psa_key_lifetime_t *arg1_lifetime, + psa_drv_slot_number_t *arg2_slot_number); +#define mbedtls_psa_platform_get_builtin_key(arg0_key_id, arg1_lifetime, arg2_slot_number) \ + mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key(arg0_key_id, arg1_lifetime, arg2_slot_number) +#endif /* defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) */ + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +psa_status_t mbedtls_test_wrap_mbedtls_psa_register_se_key( + const psa_key_attributes_t *arg0_attributes); +#define mbedtls_psa_register_se_key(arg0_attributes) \ + mbedtls_test_wrap_mbedtls_psa_register_se_key(arg0_attributes) +#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ + +psa_status_t mbedtls_test_wrap_psa_aead_abort( + psa_aead_operation_t *arg0_operation); +#define psa_aead_abort(arg0_operation) \ + mbedtls_test_wrap_psa_aead_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_aead_decrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_nonce, + size_t arg3_nonce_length, + const uint8_t *arg4_additional_data, + size_t arg5_additional_data_length, + const uint8_t *arg6_ciphertext, + size_t arg7_ciphertext_length, + uint8_t *arg8_plaintext, + size_t arg9_plaintext_size, + size_t *arg10_plaintext_length); +#define psa_aead_decrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length) \ + mbedtls_test_wrap_psa_aead_decrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length) + +psa_status_t mbedtls_test_wrap_psa_aead_decrypt_setup( + psa_aead_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg); +#define psa_aead_decrypt_setup(arg0_operation, arg1_key, arg2_alg) \ + mbedtls_test_wrap_psa_aead_decrypt_setup(arg0_operation, arg1_key, arg2_alg) + +psa_status_t mbedtls_test_wrap_psa_aead_encrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_nonce, + size_t arg3_nonce_length, + const uint8_t *arg4_additional_data, + size_t arg5_additional_data_length, + const uint8_t *arg6_plaintext, + size_t arg7_plaintext_length, + uint8_t *arg8_ciphertext, + size_t arg9_ciphertext_size, + size_t *arg10_ciphertext_length); +#define psa_aead_encrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length) \ + mbedtls_test_wrap_psa_aead_encrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length) + +psa_status_t mbedtls_test_wrap_psa_aead_encrypt_setup( + psa_aead_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg); +#define psa_aead_encrypt_setup(arg0_operation, arg1_key, arg2_alg) \ + mbedtls_test_wrap_psa_aead_encrypt_setup(arg0_operation, arg1_key, arg2_alg) + +psa_status_t mbedtls_test_wrap_psa_aead_finish( + psa_aead_operation_t *arg0_operation, + uint8_t *arg1_ciphertext, + size_t arg2_ciphertext_size, + size_t *arg3_ciphertext_length, + uint8_t *arg4_tag, + size_t arg5_tag_size, + size_t *arg6_tag_length); +#define psa_aead_finish(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length) \ + mbedtls_test_wrap_psa_aead_finish(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length) + +psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce( + psa_aead_operation_t *arg0_operation, + uint8_t *arg1_nonce, + size_t arg2_nonce_size, + size_t *arg3_nonce_length); +#define psa_aead_generate_nonce(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length) \ + mbedtls_test_wrap_psa_aead_generate_nonce(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length) + +psa_status_t mbedtls_test_wrap_psa_aead_set_lengths( + psa_aead_operation_t *arg0_operation, + size_t arg1_ad_length, + size_t arg2_plaintext_length); +#define psa_aead_set_lengths(arg0_operation, arg1_ad_length, arg2_plaintext_length) \ + mbedtls_test_wrap_psa_aead_set_lengths(arg0_operation, arg1_ad_length, arg2_plaintext_length) + +psa_status_t mbedtls_test_wrap_psa_aead_set_nonce( + psa_aead_operation_t *arg0_operation, + const uint8_t *arg1_nonce, + size_t arg2_nonce_length); +#define psa_aead_set_nonce(arg0_operation, arg1_nonce, arg2_nonce_length) \ + mbedtls_test_wrap_psa_aead_set_nonce(arg0_operation, arg1_nonce, arg2_nonce_length) + +psa_status_t mbedtls_test_wrap_psa_aead_update( + psa_aead_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length, + uint8_t *arg3_output, + size_t arg4_output_size, + size_t *arg5_output_length); +#define psa_aead_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) \ + mbedtls_test_wrap_psa_aead_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) + +psa_status_t mbedtls_test_wrap_psa_aead_update_ad( + psa_aead_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length); +#define psa_aead_update_ad(arg0_operation, arg1_input, arg2_input_length) \ + mbedtls_test_wrap_psa_aead_update_ad(arg0_operation, arg1_input, arg2_input_length) + +psa_status_t mbedtls_test_wrap_psa_aead_verify( + psa_aead_operation_t *arg0_operation, + uint8_t *arg1_plaintext, + size_t arg2_plaintext_size, + size_t *arg3_plaintext_length, + const uint8_t *arg4_tag, + size_t arg5_tag_length); +#define psa_aead_verify(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length) \ + mbedtls_test_wrap_psa_aead_verify(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length) + +psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_salt, + size_t arg5_salt_length, + uint8_t *arg6_output, + size_t arg7_output_size, + size_t *arg8_output_length); +#define psa_asymmetric_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) \ + mbedtls_test_wrap_psa_asymmetric_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) + +psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_salt, + size_t arg5_salt_length, + uint8_t *arg6_output, + size_t arg7_output_size, + size_t *arg8_output_length); +#define psa_asymmetric_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) \ + mbedtls_test_wrap_psa_asymmetric_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) + +psa_status_t mbedtls_test_wrap_psa_cipher_abort( + psa_cipher_operation_t *arg0_operation); +#define psa_cipher_abort(arg0_operation) \ + mbedtls_test_wrap_psa_cipher_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_cipher_decrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_output, + size_t arg5_output_size, + size_t *arg6_output_length); +#define psa_cipher_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) \ + mbedtls_test_wrap_psa_cipher_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) + +psa_status_t mbedtls_test_wrap_psa_cipher_decrypt_setup( + psa_cipher_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg); +#define psa_cipher_decrypt_setup(arg0_operation, arg1_key, arg2_alg) \ + mbedtls_test_wrap_psa_cipher_decrypt_setup(arg0_operation, arg1_key, arg2_alg) + +psa_status_t mbedtls_test_wrap_psa_cipher_encrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_output, + size_t arg5_output_size, + size_t *arg6_output_length); +#define psa_cipher_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) \ + mbedtls_test_wrap_psa_cipher_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) + +psa_status_t mbedtls_test_wrap_psa_cipher_encrypt_setup( + psa_cipher_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg); +#define psa_cipher_encrypt_setup(arg0_operation, arg1_key, arg2_alg) \ + mbedtls_test_wrap_psa_cipher_encrypt_setup(arg0_operation, arg1_key, arg2_alg) + +psa_status_t mbedtls_test_wrap_psa_cipher_finish( + psa_cipher_operation_t *arg0_operation, + uint8_t *arg1_output, + size_t arg2_output_size, + size_t *arg3_output_length); +#define psa_cipher_finish(arg0_operation, arg1_output, arg2_output_size, arg3_output_length) \ + mbedtls_test_wrap_psa_cipher_finish(arg0_operation, arg1_output, arg2_output_size, arg3_output_length) + +psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv( + psa_cipher_operation_t *arg0_operation, + uint8_t *arg1_iv, + size_t arg2_iv_size, + size_t *arg3_iv_length); +#define psa_cipher_generate_iv(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length) \ + mbedtls_test_wrap_psa_cipher_generate_iv(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length) + +psa_status_t mbedtls_test_wrap_psa_cipher_set_iv( + psa_cipher_operation_t *arg0_operation, + const uint8_t *arg1_iv, + size_t arg2_iv_length); +#define psa_cipher_set_iv(arg0_operation, arg1_iv, arg2_iv_length) \ + mbedtls_test_wrap_psa_cipher_set_iv(arg0_operation, arg1_iv, arg2_iv_length) + +psa_status_t mbedtls_test_wrap_psa_cipher_update( + psa_cipher_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length, + uint8_t *arg3_output, + size_t arg4_output_size, + size_t *arg5_output_length); +#define psa_cipher_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) \ + mbedtls_test_wrap_psa_cipher_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) + +psa_status_t mbedtls_test_wrap_psa_copy_key( + mbedtls_svc_key_id_t arg0_source_key, + const psa_key_attributes_t *arg1_attributes, + mbedtls_svc_key_id_t *arg2_target_key); +#define psa_copy_key(arg0_source_key, arg1_attributes, arg2_target_key) \ + mbedtls_test_wrap_psa_copy_key(arg0_source_key, arg1_attributes, arg2_target_key) + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + psa_pake_cipher_suite_t *arg1_cipher_suite); +#define psa_crypto_driver_pake_get_cipher_suite(arg0_inputs, arg1_cipher_suite) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite(arg0_inputs, arg1_cipher_suite) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + uint8_t *arg1_buffer, + size_t arg2_buffer_size, + size_t *arg3_buffer_length); +#define psa_crypto_driver_pake_get_password(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_password(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + size_t *arg1_password_len); +#define psa_crypto_driver_pake_get_password_len(arg0_inputs, arg1_password_len) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len(arg0_inputs, arg1_password_len) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + uint8_t *arg1_peer_id, + size_t arg2_peer_id_size, + size_t *arg3_peer_id_length); +#define psa_crypto_driver_pake_get_peer(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_peer(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + size_t *arg1_peer_len); +#define psa_crypto_driver_pake_get_peer_len(arg0_inputs, arg1_peer_len) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len(arg0_inputs, arg1_peer_len) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + uint8_t *arg1_user_id, + size_t arg2_user_id_size, + size_t *arg3_user_id_len); +#define psa_crypto_driver_pake_get_user(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_user(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + size_t *arg1_user_len); +#define psa_crypto_driver_pake_get_user_len(arg0_inputs, arg1_user_len) \ + mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len(arg0_inputs, arg1_user_len) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +psa_status_t mbedtls_test_wrap_psa_crypto_init(void); +#define psa_crypto_init() \ + mbedtls_test_wrap_psa_crypto_init() + +psa_status_t mbedtls_test_wrap_psa_destroy_key( + mbedtls_svc_key_id_t arg0_key); +#define psa_destroy_key(arg0_key) \ + mbedtls_test_wrap_psa_destroy_key(arg0_key) + +psa_status_t mbedtls_test_wrap_psa_export_key( + mbedtls_svc_key_id_t arg0_key, + uint8_t *arg1_data, + size_t arg2_data_size, + size_t *arg3_data_length); +#define psa_export_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) \ + mbedtls_test_wrap_psa_export_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) + +psa_status_t mbedtls_test_wrap_psa_export_public_key( + mbedtls_svc_key_id_t arg0_key, + uint8_t *arg1_data, + size_t arg2_data_size, + size_t *arg3_data_length); +#define psa_export_public_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) \ + mbedtls_test_wrap_psa_export_public_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) + +psa_status_t mbedtls_test_wrap_psa_generate_key( + const psa_key_attributes_t *arg0_attributes, + mbedtls_svc_key_id_t *arg1_key); +#define psa_generate_key(arg0_attributes, arg1_key) \ + mbedtls_test_wrap_psa_generate_key(arg0_attributes, arg1_key) + +psa_status_t mbedtls_test_wrap_psa_generate_key_ext( + const psa_key_attributes_t *arg0_attributes, + const psa_key_production_parameters_t *arg1_params, + size_t arg2_params_data_length, + mbedtls_svc_key_id_t *arg3_key); +#define psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key) \ + mbedtls_test_wrap_psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key) + +psa_status_t mbedtls_test_wrap_psa_generate_random( + uint8_t *arg0_output, + size_t arg1_output_size); +#define psa_generate_random(arg0_output, arg1_output_size) \ + mbedtls_test_wrap_psa_generate_random(arg0_output, arg1_output_size) + +psa_status_t mbedtls_test_wrap_psa_get_key_attributes( + mbedtls_svc_key_id_t arg0_key, + psa_key_attributes_t *arg1_attributes); +#define psa_get_key_attributes(arg0_key, arg1_attributes) \ + mbedtls_test_wrap_psa_get_key_attributes(arg0_key, arg1_attributes) + +psa_status_t mbedtls_test_wrap_psa_hash_abort( + psa_hash_operation_t *arg0_operation); +#define psa_hash_abort(arg0_operation) \ + mbedtls_test_wrap_psa_hash_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_hash_clone( + const psa_hash_operation_t *arg0_source_operation, + psa_hash_operation_t *arg1_target_operation); +#define psa_hash_clone(arg0_source_operation, arg1_target_operation) \ + mbedtls_test_wrap_psa_hash_clone(arg0_source_operation, arg1_target_operation) + +psa_status_t mbedtls_test_wrap_psa_hash_compare( + psa_algorithm_t arg0_alg, + const uint8_t *arg1_input, + size_t arg2_input_length, + const uint8_t *arg3_hash, + size_t arg4_hash_length); +#define psa_hash_compare(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length) \ + mbedtls_test_wrap_psa_hash_compare(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length) + +psa_status_t mbedtls_test_wrap_psa_hash_compute( + psa_algorithm_t arg0_alg, + const uint8_t *arg1_input, + size_t arg2_input_length, + uint8_t *arg3_hash, + size_t arg4_hash_size, + size_t *arg5_hash_length); +#define psa_hash_compute(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length) \ + mbedtls_test_wrap_psa_hash_compute(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length) + +psa_status_t mbedtls_test_wrap_psa_hash_finish( + psa_hash_operation_t *arg0_operation, + uint8_t *arg1_hash, + size_t arg2_hash_size, + size_t *arg3_hash_length); +#define psa_hash_finish(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length) \ + mbedtls_test_wrap_psa_hash_finish(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length) + +psa_status_t mbedtls_test_wrap_psa_hash_setup( + psa_hash_operation_t *arg0_operation, + psa_algorithm_t arg1_alg); +#define psa_hash_setup(arg0_operation, arg1_alg) \ + mbedtls_test_wrap_psa_hash_setup(arg0_operation, arg1_alg) + +psa_status_t mbedtls_test_wrap_psa_hash_update( + psa_hash_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length); +#define psa_hash_update(arg0_operation, arg1_input, arg2_input_length) \ + mbedtls_test_wrap_psa_hash_update(arg0_operation, arg1_input, arg2_input_length) + +psa_status_t mbedtls_test_wrap_psa_hash_verify( + psa_hash_operation_t *arg0_operation, + const uint8_t *arg1_hash, + size_t arg2_hash_length); +#define psa_hash_verify(arg0_operation, arg1_hash, arg2_hash_length) \ + mbedtls_test_wrap_psa_hash_verify(arg0_operation, arg1_hash, arg2_hash_length) + +psa_status_t mbedtls_test_wrap_psa_import_key( + const psa_key_attributes_t *arg0_attributes, + const uint8_t *arg1_data, + size_t arg2_data_length, + mbedtls_svc_key_id_t *arg3_key); +#define psa_import_key(arg0_attributes, arg1_data, arg2_data_length, arg3_key) \ + mbedtls_test_wrap_psa_import_key(arg0_attributes, arg1_data, arg2_data_length, arg3_key) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_abort( + psa_key_derivation_operation_t *arg0_operation); +#define psa_key_derivation_abort(arg0_operation) \ + mbedtls_test_wrap_psa_key_derivation_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *arg0_operation, + size_t *arg1_capacity); +#define psa_key_derivation_get_capacity(arg0_operation, arg1_capacity) \ + mbedtls_test_wrap_psa_key_derivation_get_capacity(arg0_operation, arg1_capacity) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + const uint8_t *arg2_data, + size_t arg3_data_length); +#define psa_key_derivation_input_bytes(arg0_operation, arg1_step, arg2_data, arg3_data_length) \ + mbedtls_test_wrap_psa_key_derivation_input_bytes(arg0_operation, arg1_step, arg2_data, arg3_data_length) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_input_integer( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + uint64_t arg2_value); +#define psa_key_derivation_input_integer(arg0_operation, arg1_step, arg2_value) \ + mbedtls_test_wrap_psa_key_derivation_input_integer(arg0_operation, arg1_step, arg2_value) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_input_key( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + mbedtls_svc_key_id_t arg2_key); +#define psa_key_derivation_input_key(arg0_operation, arg1_step, arg2_key) \ + mbedtls_test_wrap_psa_key_derivation_input_key(arg0_operation, arg1_step, arg2_key) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + mbedtls_svc_key_id_t arg2_private_key, + const uint8_t *arg3_peer_key, + size_t arg4_peer_key_length); +#define psa_key_derivation_key_agreement(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length) \ + mbedtls_test_wrap_psa_key_derivation_key_agreement(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *arg0_operation, + uint8_t *arg1_output, + size_t arg2_output_length); +#define psa_key_derivation_output_bytes(arg0_operation, arg1_output, arg2_output_length) \ + mbedtls_test_wrap_psa_key_derivation_output_bytes(arg0_operation, arg1_output, arg2_output_length) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key( + const psa_key_attributes_t *arg0_attributes, + psa_key_derivation_operation_t *arg1_operation, + mbedtls_svc_key_id_t *arg2_key); +#define psa_key_derivation_output_key(arg0_attributes, arg1_operation, arg2_key) \ + mbedtls_test_wrap_psa_key_derivation_output_key(arg0_attributes, arg1_operation, arg2_key) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext( + const psa_key_attributes_t *arg0_attributes, + psa_key_derivation_operation_t *arg1_operation, + const psa_key_production_parameters_t *arg2_params, + size_t arg3_params_data_length, + mbedtls_svc_key_id_t *arg4_key); +#define psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key) \ + mbedtls_test_wrap_psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *arg0_operation, + size_t arg1_capacity); +#define psa_key_derivation_set_capacity(arg0_operation, arg1_capacity) \ + mbedtls_test_wrap_psa_key_derivation_set_capacity(arg0_operation, arg1_capacity) + +psa_status_t mbedtls_test_wrap_psa_key_derivation_setup( + psa_key_derivation_operation_t *arg0_operation, + psa_algorithm_t arg1_alg); +#define psa_key_derivation_setup(arg0_operation, arg1_alg) \ + mbedtls_test_wrap_psa_key_derivation_setup(arg0_operation, arg1_alg) + +psa_status_t mbedtls_test_wrap_psa_mac_abort( + psa_mac_operation_t *arg0_operation); +#define psa_mac_abort(arg0_operation) \ + mbedtls_test_wrap_psa_mac_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_mac_compute( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_mac, + size_t arg5_mac_size, + size_t *arg6_mac_length); +#define psa_mac_compute(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length) \ + mbedtls_test_wrap_psa_mac_compute(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length) + +psa_status_t mbedtls_test_wrap_psa_mac_sign_finish( + psa_mac_operation_t *arg0_operation, + uint8_t *arg1_mac, + size_t arg2_mac_size, + size_t *arg3_mac_length); +#define psa_mac_sign_finish(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length) \ + mbedtls_test_wrap_psa_mac_sign_finish(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length) + +psa_status_t mbedtls_test_wrap_psa_mac_sign_setup( + psa_mac_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg); +#define psa_mac_sign_setup(arg0_operation, arg1_key, arg2_alg) \ + mbedtls_test_wrap_psa_mac_sign_setup(arg0_operation, arg1_key, arg2_alg) + +psa_status_t mbedtls_test_wrap_psa_mac_update( + psa_mac_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length); +#define psa_mac_update(arg0_operation, arg1_input, arg2_input_length) \ + mbedtls_test_wrap_psa_mac_update(arg0_operation, arg1_input, arg2_input_length) + +psa_status_t mbedtls_test_wrap_psa_mac_verify( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_mac, + size_t arg5_mac_length); +#define psa_mac_verify(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length) \ + mbedtls_test_wrap_psa_mac_verify(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length) + +psa_status_t mbedtls_test_wrap_psa_mac_verify_finish( + psa_mac_operation_t *arg0_operation, + const uint8_t *arg1_mac, + size_t arg2_mac_length); +#define psa_mac_verify_finish(arg0_operation, arg1_mac, arg2_mac_length) \ + mbedtls_test_wrap_psa_mac_verify_finish(arg0_operation, arg1_mac, arg2_mac_length) + +psa_status_t mbedtls_test_wrap_psa_mac_verify_setup( + psa_mac_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg); +#define psa_mac_verify_setup(arg0_operation, arg1_key, arg2_alg) \ + mbedtls_test_wrap_psa_mac_verify_setup(arg0_operation, arg1_key, arg2_alg) + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_abort( + psa_pake_operation_t *arg0_operation); +#define psa_pake_abort(arg0_operation) \ + mbedtls_test_wrap_psa_pake_abort(arg0_operation) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_get_implicit_key( + psa_pake_operation_t *arg0_operation, + psa_key_derivation_operation_t *arg1_output); +#define psa_pake_get_implicit_key(arg0_operation, arg1_output) \ + mbedtls_test_wrap_psa_pake_get_implicit_key(arg0_operation, arg1_output) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_input( + psa_pake_operation_t *arg0_operation, + psa_pake_step_t arg1_step, + const uint8_t *arg2_input, + size_t arg3_input_length); +#define psa_pake_input(arg0_operation, arg1_step, arg2_input, arg3_input_length) \ + mbedtls_test_wrap_psa_pake_input(arg0_operation, arg1_step, arg2_input, arg3_input_length) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_output( + psa_pake_operation_t *arg0_operation, + psa_pake_step_t arg1_step, + uint8_t *arg2_output, + size_t arg3_output_size, + size_t *arg4_output_length); +#define psa_pake_output(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length) \ + mbedtls_test_wrap_psa_pake_output(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_password_key( + psa_pake_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_password); +#define psa_pake_set_password_key(arg0_operation, arg1_password) \ + mbedtls_test_wrap_psa_pake_set_password_key(arg0_operation, arg1_password) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_peer( + psa_pake_operation_t *arg0_operation, + const uint8_t *arg1_peer_id, + size_t arg2_peer_id_len); +#define psa_pake_set_peer(arg0_operation, arg1_peer_id, arg2_peer_id_len) \ + mbedtls_test_wrap_psa_pake_set_peer(arg0_operation, arg1_peer_id, arg2_peer_id_len) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_role( + psa_pake_operation_t *arg0_operation, + psa_pake_role_t arg1_role); +#define psa_pake_set_role(arg0_operation, arg1_role) \ + mbedtls_test_wrap_psa_pake_set_role(arg0_operation, arg1_role) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_user( + psa_pake_operation_t *arg0_operation, + const uint8_t *arg1_user_id, + size_t arg2_user_id_len); +#define psa_pake_set_user(arg0_operation, arg1_user_id, arg2_user_id_len) \ + mbedtls_test_wrap_psa_pake_set_user(arg0_operation, arg1_user_id, arg2_user_id_len) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_setup( + psa_pake_operation_t *arg0_operation, + const psa_pake_cipher_suite_t *arg1_cipher_suite); +#define psa_pake_setup(arg0_operation, arg1_cipher_suite) \ + mbedtls_test_wrap_psa_pake_setup(arg0_operation, arg1_cipher_suite) +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +psa_status_t mbedtls_test_wrap_psa_purge_key( + mbedtls_svc_key_id_t arg0_key); +#define psa_purge_key(arg0_key) \ + mbedtls_test_wrap_psa_purge_key(arg0_key) + +psa_status_t mbedtls_test_wrap_psa_raw_key_agreement( + psa_algorithm_t arg0_alg, + mbedtls_svc_key_id_t arg1_private_key, + const uint8_t *arg2_peer_key, + size_t arg3_peer_key_length, + uint8_t *arg4_output, + size_t arg5_output_size, + size_t *arg6_output_length); +#define psa_raw_key_agreement(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length) \ + mbedtls_test_wrap_psa_raw_key_agreement(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length) + +psa_status_t mbedtls_test_wrap_psa_sign_hash( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_hash, + size_t arg3_hash_length, + uint8_t *arg4_signature, + size_t arg5_signature_size, + size_t *arg6_signature_length); +#define psa_sign_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length) \ + mbedtls_test_wrap_psa_sign_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length) + +psa_status_t mbedtls_test_wrap_psa_sign_hash_abort( + psa_sign_hash_interruptible_operation_t *arg0_operation); +#define psa_sign_hash_abort(arg0_operation) \ + mbedtls_test_wrap_psa_sign_hash_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_sign_hash_complete( + psa_sign_hash_interruptible_operation_t *arg0_operation, + uint8_t *arg1_signature, + size_t arg2_signature_size, + size_t *arg3_signature_length); +#define psa_sign_hash_complete(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length) \ + mbedtls_test_wrap_psa_sign_hash_complete(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length) + +psa_status_t mbedtls_test_wrap_psa_sign_hash_start( + psa_sign_hash_interruptible_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg, + const uint8_t *arg3_hash, + size_t arg4_hash_length); +#define psa_sign_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length) \ + mbedtls_test_wrap_psa_sign_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length) + +psa_status_t mbedtls_test_wrap_psa_sign_message( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_signature, + size_t arg5_signature_size, + size_t *arg6_signature_length); +#define psa_sign_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length) \ + mbedtls_test_wrap_psa_sign_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length) + +psa_status_t mbedtls_test_wrap_psa_verify_hash( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_hash, + size_t arg3_hash_length, + const uint8_t *arg4_signature, + size_t arg5_signature_length); +#define psa_verify_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length) \ + mbedtls_test_wrap_psa_verify_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length) + +psa_status_t mbedtls_test_wrap_psa_verify_hash_abort( + psa_verify_hash_interruptible_operation_t *arg0_operation); +#define psa_verify_hash_abort(arg0_operation) \ + mbedtls_test_wrap_psa_verify_hash_abort(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_verify_hash_complete( + psa_verify_hash_interruptible_operation_t *arg0_operation); +#define psa_verify_hash_complete(arg0_operation) \ + mbedtls_test_wrap_psa_verify_hash_complete(arg0_operation) + +psa_status_t mbedtls_test_wrap_psa_verify_hash_start( + psa_verify_hash_interruptible_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg, + const uint8_t *arg3_hash, + size_t arg4_hash_length, + const uint8_t *arg5_signature, + size_t arg6_signature_length); +#define psa_verify_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length) \ + mbedtls_test_wrap_psa_verify_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length) + +psa_status_t mbedtls_test_wrap_psa_verify_message( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_signature, + size_t arg5_signature_length); +#define psa_verify_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length) \ + mbedtls_test_wrap_psa_verify_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length) + +#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ + !defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ + +#ifdef __cplusplus +} +#endif + +#endif /* TEST_PSA_TEST_WRAPPERS_H */ + +/* End of automatically generated file. */ diff --git a/tests/include/test/random.h b/tests/include/test/random.h new file mode 100644 index 0000000000..6304e05d7f --- /dev/null +++ b/tests/include/test/random.h @@ -0,0 +1,91 @@ +/** + * \file random.h + * + * \brief This file contains the prototypes of helper functions to generate + * random numbers for the purpose of testing. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_RANDOM_H +#define TEST_RANDOM_H + +#include "mbedtls/build_info.h" + +#include +#include + +typedef struct { + unsigned char *buf; /* Pointer to a buffer of length bytes. */ + size_t length; + /* If fallback_f_rng is NULL, fail after delivering length bytes. */ + int (*fallback_f_rng)(void *, unsigned char *, size_t); + void *fallback_p_rng; +} mbedtls_test_rnd_buf_info; + +/** + * Info structure for the pseudo random function + * + * Key should be set at the start to a test-unique value. + * Do not forget endianness! + * State( v0, v1 ) should be set to zero. + */ +typedef struct { + uint32_t key[16]; + uint32_t v0, v1; +} mbedtls_test_rnd_pseudo_info; + +/** + * This function just returns data from rand(). + * Although predictable and often similar on multiple + * runs, this does not result in identical random on + * each run. So do not use this if the results of a + * test depend on the random data that is generated. + * + * rng_state shall be NULL. + */ +int mbedtls_test_rnd_std_rand(void *rng_state, + unsigned char *output, + size_t len); + +/** + * This function only returns zeros. + * + * \p rng_state shall be \c NULL. + */ +int mbedtls_test_rnd_zero_rand(void *rng_state, + unsigned char *output, + size_t len); + +/** + * This function returns random data based on a buffer it receives. + * + * \p rng_state shall be a pointer to a #mbedtls_test_rnd_buf_info structure. + * + * The number of bytes released from the buffer on each call to + * the random function is specified by \p len. + * + * After the buffer is empty, this function will call the fallback RNG in the + * #mbedtls_test_rnd_buf_info structure if there is one, and + * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise. + */ +int mbedtls_test_rnd_buffer_rand(void *rng_state, + unsigned char *output, + size_t len); + +/** + * This function returns random based on a pseudo random function. + * This means the results should be identical on all systems. + * Pseudo random is based on the XTEA encryption algorithm to + * generate pseudorandom. + * + * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure. + */ +int mbedtls_test_rnd_pseudo_rand(void *rng_state, + unsigned char *output, + size_t len); + +#endif /* TEST_RANDOM_H */ diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h new file mode 100644 index 0000000000..a3750cb864 --- /dev/null +++ b/tests/include/test/ssl_helpers.h @@ -0,0 +1,664 @@ +/** \file ssl_helpers.h + * + * \brief This file contains helper functions to set up a TLS connection. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef SSL_HELPERS_H +#define SSL_HELPERS_H + +#include "mbedtls/build_info.h" + +#include + +#include +#include +#include +#include + +#if defined(MBEDTLS_SSL_TLS_C) +#include +#include +#include + +#include "test/certs.h" + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ + psa_to_ssl_errors, \ + psa_generic_status_to_mbedtls) +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined(MBEDTLS_SSL_HAVE_AES) +#if defined(MBEDTLS_SSL_HAVE_GCM) +#if defined(PSA_WANT_ALG_SHA_384) +#define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384 +#endif +#if defined(PSA_WANT_ALG_SHA_256) +#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256 +#endif +#endif /* MBEDTLS_SSL_HAVE_GCM */ +#if defined(MBEDTLS_SSL_HAVE_CCM) && defined(PSA_WANT_ALG_SHA_256) +#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256 +#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256 +#endif +#endif /* MBEDTLS_SSL_HAVE_AES */ +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(PSA_WANT_ALG_SHA_256) +#define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256 +#endif + +#if defined(MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256) +#define MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +#endif + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +#endif +enum { +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + tls13_label_ ## name, + MBEDTLS_SSL_TLS1_3_LABEL_LIST +#undef MBEDTLS_SSL_TLS1_3_LABEL +}; + +#if defined(MBEDTLS_SSL_ALPN) +#define MBEDTLS_TEST_MAX_ALPN_LIST_SIZE 10 +#endif + +typedef struct mbedtls_test_ssl_log_pattern { + const char *pattern; + size_t counter; +} mbedtls_test_ssl_log_pattern; + +typedef struct mbedtls_test_handshake_test_options { + const char *cipher; + uint16_t *group_list; + mbedtls_ssl_protocol_version client_min_version; + mbedtls_ssl_protocol_version client_max_version; + mbedtls_ssl_protocol_version server_min_version; + mbedtls_ssl_protocol_version server_max_version; + mbedtls_ssl_protocol_version expected_negotiated_version; + int expected_handshake_result; + int expected_ciphersuite; + int pk_alg; + int opaque_alg; + int opaque_alg2; + int opaque_usage; + data_t *psk_str; + int dtls; + int srv_auth_mode; + int serialize; + int mfl; + int cli_msg_len; + int srv_msg_len; + int expected_cli_fragments; + int expected_srv_fragments; + int renegotiate; + int legacy_renegotiation; + void *srv_log_obj; + void *cli_log_obj; + void (*srv_log_fun)(void *, int, const char *, int, const char *); + void (*cli_log_fun)(void *, int, const char *, int, const char *); + int resize_buffers; + int early_data; + int max_early_data_size; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context *cache; +#endif +#if defined(MBEDTLS_SSL_ALPN) + const char *alpn_list[MBEDTLS_TEST_MAX_ALPN_LIST_SIZE]; +#endif +} mbedtls_test_handshake_test_options; + +/* + * Buffer structure for custom I/O callbacks. + */ +typedef struct mbedtls_test_ssl_buffer { + size_t start; + size_t content_length; + size_t capacity; + unsigned char *buffer; +} mbedtls_test_ssl_buffer; + +/* + * Context for a message metadata queue (fifo) that is on top of the ring buffer. + */ +typedef struct mbedtls_test_ssl_message_queue { + size_t *messages; + int pos; + int num; + int capacity; +} mbedtls_test_ssl_message_queue; + +/* + * Context for the I/O callbacks simulating network connection. + */ + +#define MBEDTLS_MOCK_SOCKET_CONNECTED 1 + +typedef struct mbedtls_test_mock_socket { + int status; + mbedtls_test_ssl_buffer *input; + mbedtls_test_ssl_buffer *output; + struct mbedtls_test_mock_socket *peer; +} mbedtls_test_mock_socket; + +/* Errors used in the message socket mocks */ + +#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 +#define MBEDTLS_TEST_ERROR_SEND_FAILED -66 +#define MBEDTLS_TEST_ERROR_RECV_FAILED -77 + +/* + * Structure used as an addon, or a wrapper, around the mocked sockets. + * Contains an input queue, to which the other socket pushes metadata, + * and an output queue, to which this one pushes metadata. This context is + * considered as an owner of the input queue only, which is initialized and + * freed in the respective setup and free calls. + */ +typedef struct mbedtls_test_message_socket_context { + mbedtls_test_ssl_message_queue *queue_input; + mbedtls_test_ssl_message_queue *queue_output; + mbedtls_test_mock_socket *socket; +} mbedtls_test_message_socket_context; + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + +/* + * Structure with endpoint's certificates for SSL communication tests. + */ +typedef struct mbedtls_test_ssl_endpoint_certificate { + mbedtls_x509_crt *ca_cert; + mbedtls_x509_crt *cert; + mbedtls_pk_context *pkey; +} mbedtls_test_ssl_endpoint_certificate; + +/* + * Endpoint structure for SSL communication tests. + */ +typedef struct mbedtls_test_ssl_endpoint { + const char *name; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_test_mock_socket socket; + mbedtls_test_ssl_endpoint_certificate cert; +} mbedtls_test_ssl_endpoint; + +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +/* + * Random number generator aimed for TLS unitary tests. Its main purpose is to + * simplify the set-up of a random number generator for TLS + * unitary tests: no need to set up a good entropy source for example. + */ +int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len); + +/* + * This function can be passed to mbedtls to receive output logs from it. In + * this case, it will count the instances of a mbedtls_test_ssl_log_pattern + * in the received logged messages. + */ +void mbedtls_test_ssl_log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str); + +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts); + +void mbedtls_test_free_handshake_options( + mbedtls_test_handshake_test_options *opts); + +/* + * Initialises \p buf. After calling this function it is safe to call + * `mbedtls_test_ssl_buffer_free()` on \p buf. + */ +void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf); + +/* + * Sets up \p buf. After calling this function it is safe to call + * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()` + * on \p buf. + */ +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity); + +void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf); + +/* + * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf. + * + * \p buf must have been initialized and set up by calling + * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`. + * + * \retval \p input_len, if the data fits. + * \retval 0 <= value < \p input_len, if the data does not fit. + * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not + * zero and \p input is NULL. + */ +int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, + const unsigned char *input, size_t input_len); + +/* + * Gets \p output_len bytes from the ring buffer \p buf into the + * \p output buffer. The output buffer can be NULL, in this case a part of the + * ring buffer will be dropped, if the requested length is available. + * + * \p buf must have been initialized and set up by calling + * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`. + * + * \retval \p output_len, if the data is available. + * \retval 0 <= value < \p output_len, if the data is not available. + * \retval -1, if \buf is NULL or it hasn't been set up. + */ +int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, + unsigned char *output, size_t output_len); + +/* + * Errors used in the message transport mock tests + */ + #define MBEDTLS_TEST_ERROR_ARG_NULL -11 + #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44 + +/* + * Setup and free functions for the message metadata queue. + * + * \p capacity describes the number of message metadata chunks that can be held + * within the queue. + * + * \retval 0, if a metadata queue of a given length can be allocated. + * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. + */ +int mbedtls_test_ssl_message_queue_setup( + mbedtls_test_ssl_message_queue *queue, size_t capacity); + +void mbedtls_test_ssl_message_queue_free( + mbedtls_test_ssl_message_queue *queue); + +/* + * Push message length information onto the message metadata queue. + * This will become the last element to leave it (fifo). + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. + * \retval \p len, if the push was successful. + */ +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len); + +/* + * Pop information about the next message length from the queue. This will be + * the oldest inserted message length(fifo). \p msg_len can be null, in which + * case the data will be popped from the queue but not copied anywhere. + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. + * \retval message length, if the pop was successful, up to the given + \p buf_len. + */ +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len); + +/* + * Setup and teardown functions for mock sockets. + */ +void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket); + +/* + * Closes the socket \p socket. + * + * \p socket must have been previously initialized by calling + * mbedtls_test_mock_socket_init(). + * + * This function frees all allocated resources and both sockets are aware of the + * new connection state. + * + * That is, this function does not simulate half-open TCP connections and the + * phenomenon that when closing a UDP connection the peer is not aware of the + * connection having been closed. + */ +void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket); + +/* + * Establishes a connection between \p peer1 and \p peer2. + * + * \p peer1 and \p peer2 must have been previously initialized by calling + * mbedtls_test_mock_socket_init(). + * + * The capacities of the internal buffers are set to \p bufsize. Setting this to + * the correct value allows for simulation of MTU, sanity testing the mock + * implementation and mocking TCP connections with lower memory cost. + */ +int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, + mbedtls_test_mock_socket *peer2, + size_t bufsize); + + +/* + * Callbacks for simulating blocking I/O over connection-oriented transport. + */ +int mbedtls_test_mock_tcp_send_b(void *ctx, + const unsigned char *buf, size_t len); + +int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len); + +/* + * Callbacks for simulating non-blocking I/O over connection-oriented transport. + */ +int mbedtls_test_mock_tcp_send_nb(void *ctx, + const unsigned char *buf, size_t len); + +int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len); + +void mbedtls_test_message_socket_init( + mbedtls_test_message_socket_context *ctx); + +/* + * Setup a given message socket context including initialization of + * input/output queues to a chosen capacity of messages. Also set the + * corresponding mock socket. + * + * \retval 0, if everything succeeds. + * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message + * queue failed. + */ +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx); + +/* + * Close a given message socket context, along with the socket itself. Free the + * memory allocated by the input queue. + */ +void mbedtls_test_message_socket_close( + mbedtls_test_message_socket_context *ctx); + +/* + * Send one message through a given message socket context. + * + * \retval \p len, if everything succeeds. + * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context + * elements or the context itself is null. + * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if + * mbedtls_test_mock_tcp_send_b failed. + * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. + * + * This function will also return any error from + * mbedtls_test_ssl_message_queue_push_info. + */ +int mbedtls_test_mock_tcp_send_msg(void *ctx, + const unsigned char *buf, size_t len); + +/* + * Receive one message from a given message socket context and return message + * length or an error. + * + * \retval message length, if everything succeeds. + * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context + * elements or the context itself is null. + * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if + * mbedtls_test_mock_tcp_recv_b failed. + * + * This function will also return any error other than + * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info. + */ +int mbedtls_test_mock_tcp_recv_msg(void *ctx, + unsigned char *buf, size_t buf_len); + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + +/* + * Initializes \p ep_cert structure and assigns it to endpoint + * represented by \p ep. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg, + int opaque_alg, int opaque_alg2, + int opaque_usage); + +/* + * Initializes \p ep structure. It is important to call + * `mbedtls_test_ssl_endpoint_free()` after calling this function + * even if it fails. + * + * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or + * MBEDTLS_SSL_IS_CLIENT. + * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and + * MBEDTLS_PK_ECDSA are supported. + * \p dtls_context - in case of DTLS - this is the context handling metadata. + * \p input_queue - used only in case of DTLS. + * \p output_queue - used only in case of DTLS. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, + mbedtls_test_handshake_test_options *options, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue); + +/* + * Deinitializes endpoint represented by \p ep. + */ +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context); + +/* + * This function moves ssl handshake from \p ssl to prescribed \p state. + * /p second_ssl is used as second endpoint and their sockets have to be + * connected before calling this function. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state); + +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +/* + * Helper function setting up inverse record transformations + * using given cipher, hash, EtM mode, authentication tag length, + * and version. + */ +#define CHK(x) \ + do \ + { \ + if (!(x)) \ + { \ + ret = -1; \ + goto cleanup; \ + } \ + } while (0) + +#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX +#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX +#else +#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES) +int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, + const unsigned char *iv, + size_t iv_len, + const unsigned char *input, + size_t ilen, + unsigned char *output, + size_t *olen); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC && + MBEDTLS_SSL_HAVE_AES */ + +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, + mbedtls_ssl_protocol_version tls_version, + size_t cid0_len, + size_t cid1_len); + +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +/** + * \param[in,out] record The record to prepare. + * It must contain the data to MAC at offset + * `record->data_offset`, of length + * `record->data_length`. + * On success, write the MAC immediately + * after the data and increment + * `record->data_length` accordingly. + * \param[in,out] transform_out The out transform, typically prepared by + * mbedtls_test_ssl_build_transforms(). + * Its HMAC context may be used. Other than that + * it is treated as an input parameter. + * + * \return 0 on success, an `MBEDTLS_ERR_xxx` error code + * or -1 on error. + */ +int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, + mbedtls_ssl_transform *transform_out); +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + +/* + * Populate a session structure for serialization tests. + * Choose dummy values, mostly non-0 to distinguish from the init default. + */ +int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type, + const char *crt_file); + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + +/* + * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the + * message was sent in the correct number of fragments. + * + * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both + * of them must be initialized and connected + * beforehand. + * /p msg_len_1 and /p msg_len_2 specify the size of the message to send. + * /p expected_fragments_1 and /p expected_fragments_2 determine in how many + * fragments the message should be sent. + * expected_fragments is 0: can be used for DTLS testing while the message + * size is larger than MFL. In that case the message + * cannot be fragmented and sent to the second + * endpoint. + * This value can be used for negative tests. + * expected_fragments is 1: can be used for TLS/DTLS testing while the + * message size is below MFL + * expected_fragments > 1: can be used for TLS testing while the message + * size is larger than MFL + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_exchange_data( + mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2); + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options); +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_TEST_HOOKS) +/* + * Tweak vector lengths in a TLS 1.3 Certificate message + * + * \param[in] buf Buffer containing the Certificate message to tweak + * \param[in]]out] end End of the buffer to parse + * \param tweak Tweak identifier (from 1 to the number of tweaks). + * \param[out] expected_result Error code expected from the parsing function + * \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that + * is expected to fail. All zeroes if no + * MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected. + */ +int mbedtls_test_tweak_tls13_certificate_msg_vector_len( + unsigned char *buf, unsigned char **end, int tweak, + int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args); +#endif /* MBEDTLS_TEST_HOOKS */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +int mbedtls_test_ticket_write( + void *p_ticket, const mbedtls_ssl_session *session, + unsigned char *start, const unsigned char *end, + size_t *tlen, uint32_t *ticket_lifetime); + +int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, + unsigned char *buf, size_t len); +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \ + defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +int mbedtls_test_get_tls13_ticket( + mbedtls_test_handshake_test_options *client_options, + mbedtls_test_handshake_test_options *server_options, + mbedtls_ssl_session *session); +#endif + +#define ECJPAKE_TEST_PWD "bla" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \ + ret = (use_opaque_arg) ? \ + mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \ + mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \ + TEST_EQUAL(ret, exp_ret_val) +#else +#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \ + ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \ + pwd_string, pwd_len); \ + TEST_EQUAL(ret, exp_ret_val) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \ + TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \ + group_id_); \ + TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \ + tls_id_); \ + TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \ + &psa_type, &psa_bits), PSA_SUCCESS); \ + TEST_EQUAL(psa_family_, PSA_KEY_TYPE_ECC_GET_FAMILY(psa_type)); \ + TEST_EQUAL(psa_bits_, psa_bits); + +#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \ + TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \ + MBEDTLS_ECP_DP_NONE); \ + TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \ + 0); \ + TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \ + &psa_type, &psa_bits), \ + PSA_ERROR_NOT_SUPPORTED); + +#endif /* MBEDTLS_SSL_TLS_C */ + +#endif /* SSL_HELPERS_H */ diff --git a/tests/include/test/threading_helpers.h b/tests/include/test/threading_helpers.h new file mode 100644 index 0000000000..79bc6c0ded --- /dev/null +++ b/tests/include/test/threading_helpers.h @@ -0,0 +1,112 @@ +/** + * \file threading_helpers.h + * + * \brief This file contains the prototypes of helper functions for the purpose + * of testing threading. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef THREADING_HELPERS_H +#define THREADING_HELPERS_H + +#if defined MBEDTLS_THREADING_C + +#include "mbedtls/private_access.h" +#include "mbedtls/build_info.h" + +/* Most fields of publicly available structs are private and are wrapped with + * MBEDTLS_PRIVATE macro. This define allows tests to access the private fields + * directly (without using the MBEDTLS_PRIVATE wrapper). */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + +#define MBEDTLS_ERR_THREADING_THREAD_ERROR -0x001F + +#if defined(MBEDTLS_THREADING_PTHREAD) +#include +#endif /* MBEDTLS_THREADING_PTHREAD */ + +#if defined(MBEDTLS_THREADING_ALT) +/* You should define the mbedtls_test_thread_t type in your header */ +#include "threading_alt.h" + +/** + * \brief Set your alternate threading implementation + * function pointers for test threads. If used, this + * function must be called once in the main thread + * before any other MbedTLS function is called. + * + * \note These functions are part of the testing API only and + * thus not considered part of the public API of + * MbedTLS and thus may change without notice. + * + * \param thread_create The thread create function implementation. + * \param thread_join The thread join function implementation. + + */ +void mbedtls_test_thread_set_alt(int (*thread_create)(mbedtls_test_thread_t *thread, + void *(*thread_func)( + void *), + void *thread_data), + int (*thread_join)(mbedtls_test_thread_t *thread)); + +#else /* MBEDTLS_THREADING_ALT*/ + +typedef struct mbedtls_test_thread_t { + +#if defined(MBEDTLS_THREADING_PTHREAD) + pthread_t MBEDTLS_PRIVATE(thread); +#else /* MBEDTLS_THREADING_PTHREAD */ + /* Make sure this struct is always non-empty */ + unsigned dummy; +#endif + +} mbedtls_test_thread_t; + +#endif /* MBEDTLS_THREADING_ALT*/ + +/** + * \brief The function pointers for thread create and thread + * join. + * + * \note These functions are part of the testing API only + * and thus not considered part of the public API of + * MbedTLS and thus may change without notice. + * + * \note All these functions are expected to work or + * the result will be undefined. + */ +extern int (*mbedtls_test_thread_create)(mbedtls_test_thread_t *thread, + void *(*thread_func)(void *), void *thread_data); +extern int (*mbedtls_test_thread_join)(mbedtls_test_thread_t *thread); + +#if defined(MBEDTLS_THREADING_PTHREAD) && defined(MBEDTLS_TEST_HOOKS) +#define MBEDTLS_TEST_MUTEX_USAGE +#endif + +#if defined(MBEDTLS_TEST_MUTEX_USAGE) +/** + * Activate the mutex usage verification framework. See threading_helpers.c for + * information. + */ +void mbedtls_test_mutex_usage_init(void); + +/** + * Deactivate the mutex usage verification framework. See threading_helpers.c + * for information. + */ +void mbedtls_test_mutex_usage_end(void); + +/** + * Call this function after executing a test case to check for mutex usage + * errors. + */ +void mbedtls_test_mutex_usage_check(void); +#endif /* MBEDTLS_TEST_MUTEX_USAGE */ + +#endif /* MBEDTLS_THREADING_C */ + +#endif /* THREADING_HELPERS_H */ diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c new file mode 100644 index 0000000000..c8df1995e3 --- /dev/null +++ b/tests/src/asn1_helpers.c @@ -0,0 +1,62 @@ +/** \file asn1_helpers.c + * + * \brief Helper functions for tests that manipulate ASN.1 data. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include + +#if defined(MBEDTLS_ASN1_PARSE_C) + +#include + +int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd) +{ + size_t len; + size_t actual_bits; + unsigned char msb; + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_INTEGER), + 0); + + /* Check if the retrieved length doesn't extend the actual buffer's size. + * It is assumed here, that end >= p, which validates casting to size_t. */ + TEST_ASSERT(len <= (size_t) (end - *p)); + + /* Tolerate a slight departure from DER encoding: + * - 0 may be represented by an empty string or a 1-byte string. + * - The sign bit may be used as a value bit. */ + if ((len == 1 && (*p)[0] == 0) || + (len > 1 && (*p)[0] == 0 && ((*p)[1] & 0x80) != 0)) { + ++(*p); + --len; + } + if (min_bits == 0 && len == 0) { + return 1; + } + msb = (*p)[0]; + TEST_ASSERT(msb != 0); + actual_bits = 8 * (len - 1); + while (msb != 0) { + msb >>= 1; + ++actual_bits; + } + TEST_ASSERT(actual_bits >= min_bits); + TEST_ASSERT(actual_bits <= max_bits); + if (must_be_odd) { + TEST_ASSERT(((*p)[len-1] & 1) != 0); + } + *p += len; + return 1; +exit: + return 0; +} + +#endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/tests/src/bignum_helpers.c b/tests/src/bignum_helpers.c new file mode 100644 index 0000000000..913f5e3870 --- /dev/null +++ b/tests/src/bignum_helpers.c @@ -0,0 +1,145 @@ +/** + * \file bignum_helpers.c + * + * \brief This file contains the prototypes of helper functions for + * bignum-related testing. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#define MBEDTLS_ALLOW_PRIVATE_ACCESS +#include + +#if defined(MBEDTLS_BIGNUM_C) + +#include +#include + +#include +#include +#include +#include + +#include +#include + +int mbedtls_test_read_mpi_core(mbedtls_mpi_uint **pX, size_t *plimbs, + const char *input) +{ + /* Sanity check */ + if (*pX != NULL) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + size_t hex_len = strlen(input); + size_t byte_len = (hex_len + 1) / 2; + *plimbs = CHARS_TO_LIMBS(byte_len); + + /* A core bignum is not allowed to be empty. Forbid it as test data, + * this way static analyzers have a chance of knowing we don't expect + * the bignum functions to support empty inputs. */ + if (*plimbs == 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + *pX = mbedtls_calloc(*plimbs, sizeof(**pX)); + if (*pX == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } + + unsigned char *byte_start = (unsigned char *) *pX; + if (byte_len % sizeof(mbedtls_mpi_uint) != 0) { + byte_start += sizeof(mbedtls_mpi_uint) - byte_len % sizeof(mbedtls_mpi_uint); + } + if ((hex_len & 1) != 0) { + /* mbedtls_test_unhexify wants an even number of hex digits */ + TEST_ASSERT(mbedtls_test_ascii2uc(*input, byte_start) == 0); + ++byte_start; + ++input; + --byte_len; + } + TEST_ASSERT(mbedtls_test_unhexify(byte_start, + byte_len, + input, + &byte_len) == 0); + + mbedtls_mpi_core_bigendian_to_host(*pX, *plimbs); + return 0; + +exit: + mbedtls_free(*pX); + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; +} + +#if defined(MBEDTLS_ECP_WITH_MPI_UINT) +int mbedtls_test_read_mpi_modulus(mbedtls_mpi_mod_modulus *N, + const char *s, + mbedtls_mpi_mod_rep_selector int_rep) +{ + mbedtls_mpi_uint *p = NULL; + size_t limbs = 0; + if (N->limbs != 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + int ret = mbedtls_test_read_mpi_core(&p, &limbs, s); + if (ret != 0) { + return ret; + } + + switch (int_rep) { + case MBEDTLS_MPI_MOD_REP_MONTGOMERY: + ret = mbedtls_mpi_mod_modulus_setup(N, p, limbs); + break; + case MBEDTLS_MPI_MOD_REP_OPT_RED: + ret = mbedtls_mpi_mod_optred_modulus_setup(N, p, limbs, NULL); + break; + default: + ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + break; + } + if (ret != 0) { + mbedtls_free(p); + } + return ret; +} + +void mbedtls_test_mpi_mod_modulus_free_with_limbs(mbedtls_mpi_mod_modulus *N) +{ + mbedtls_free((mbedtls_mpi_uint *) N->p); + mbedtls_mpi_mod_modulus_free(N); +} +#endif /* MBEDTLS_ECP_WITH_MPI_UINT */ + +int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s) +{ + int negative = 0; + /* Always set the sign bit to -1 if the input has a minus sign, even for 0. + * This creates an invalid representation, which mbedtls_mpi_read_string() + * avoids but we want to be able to create that in test data. */ + if (s[0] == '-') { + ++s; + negative = 1; + } + /* mbedtls_mpi_read_string() currently retains leading zeros. + * It always allocates at least one limb for the value 0. */ + if (s[0] == 0) { + mbedtls_mpi_free(X); + return 0; + } + int ret = mbedtls_mpi_read_string(X, 16, s); + if (ret != 0) { + return ret; + } + if (negative) { + if (mbedtls_mpi_cmp_int(X, 0) == 0) { + mbedtls_test_increment_case_uses_negative_0(); + } + X->s = -1; + } + return 0; +} + +#endif /* MBEDTLS_BIGNUM_C */ diff --git a/tests/src/certs.c b/tests/src/certs.c new file mode 100644 index 0000000000..56c56b5d61 --- /dev/null +++ b/tests/src/certs.c @@ -0,0 +1,480 @@ +/* + * X.509 test certificates + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include "common.h" + +#include + +#include "mbedtls/build_info.h" + +#include "mbedtls/pk.h" + +#include "test_certs.h" + +/* + * + * Test certificates and keys as C variables + * + */ + +/* + * CA + */ + +const char mbedtls_test_ca_crt_ec_pem[] = TEST_CA_CRT_EC_PEM; +const char mbedtls_test_ca_key_ec_pem[] = TEST_CA_KEY_EC_PEM; +const char mbedtls_test_ca_pwd_ec_pem[] = TEST_CA_PWD_EC_PEM; +const char mbedtls_test_ca_key_rsa_pem[] = TEST_CA_KEY_RSA_PEM; +const char mbedtls_test_ca_pwd_rsa_pem[] = TEST_CA_PWD_RSA_PEM; +const char mbedtls_test_ca_crt_rsa_sha1_pem[] = TEST_CA_CRT_RSA_SHA1_PEM; +const char mbedtls_test_ca_crt_rsa_sha256_pem[] = TEST_CA_CRT_RSA_SHA256_PEM; + +const unsigned char mbedtls_test_ca_crt_ec_der[] = TEST_CA_CRT_EC_DER; +const unsigned char mbedtls_test_ca_key_ec_der[] = TEST_CA_KEY_EC_DER; +const unsigned char mbedtls_test_ca_key_rsa_der[] = TEST_CA_KEY_RSA_DER; +const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[] = + TEST_CA_CRT_RSA_SHA1_DER; +const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[] = + TEST_CA_CRT_RSA_SHA256_DER; + +const size_t mbedtls_test_ca_crt_ec_pem_len = + sizeof(mbedtls_test_ca_crt_ec_pem); +const size_t mbedtls_test_ca_key_ec_pem_len = + sizeof(mbedtls_test_ca_key_ec_pem); +const size_t mbedtls_test_ca_pwd_ec_pem_len = + sizeof(mbedtls_test_ca_pwd_ec_pem) - 1; +const size_t mbedtls_test_ca_key_rsa_pem_len = + sizeof(mbedtls_test_ca_key_rsa_pem); +const size_t mbedtls_test_ca_pwd_rsa_pem_len = + sizeof(mbedtls_test_ca_pwd_rsa_pem) - 1; +const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len = + sizeof(mbedtls_test_ca_crt_rsa_sha1_pem); +const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len = + sizeof(mbedtls_test_ca_crt_rsa_sha256_pem); + +const size_t mbedtls_test_ca_crt_ec_der_len = + sizeof(mbedtls_test_ca_crt_ec_der); +const size_t mbedtls_test_ca_key_ec_der_len = + sizeof(mbedtls_test_ca_key_ec_der); +const size_t mbedtls_test_ca_pwd_ec_der_len = 0; +const size_t mbedtls_test_ca_key_rsa_der_len = + sizeof(mbedtls_test_ca_key_rsa_der); +const size_t mbedtls_test_ca_pwd_rsa_der_len = 0; +const size_t mbedtls_test_ca_crt_rsa_sha1_der_len = + sizeof(mbedtls_test_ca_crt_rsa_sha1_der); +const size_t mbedtls_test_ca_crt_rsa_sha256_der_len = + sizeof(mbedtls_test_ca_crt_rsa_sha256_der); + +/* + * Server + */ + +const char mbedtls_test_srv_crt_ec_pem[] = TEST_SRV_CRT_EC_PEM; +const char mbedtls_test_srv_key_ec_pem[] = TEST_SRV_KEY_EC_PEM; +const char mbedtls_test_srv_pwd_ec_pem[] = ""; +const char mbedtls_test_srv_key_rsa_pem[] = TEST_SRV_KEY_RSA_PEM; +const char mbedtls_test_srv_pwd_rsa_pem[] = ""; +const char mbedtls_test_srv_crt_rsa_sha1_pem[] = TEST_SRV_CRT_RSA_SHA1_PEM; +const char mbedtls_test_srv_crt_rsa_sha256_pem[] = TEST_SRV_CRT_RSA_SHA256_PEM; + +const unsigned char mbedtls_test_srv_crt_ec_der[] = TEST_SRV_CRT_EC_DER; +const unsigned char mbedtls_test_srv_key_ec_der[] = TEST_SRV_KEY_EC_DER; +const unsigned char mbedtls_test_srv_key_rsa_der[] = TEST_SRV_KEY_RSA_DER; +const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[] = + TEST_SRV_CRT_RSA_SHA1_DER; +const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[] = + TEST_SRV_CRT_RSA_SHA256_DER; + +const size_t mbedtls_test_srv_crt_ec_pem_len = + sizeof(mbedtls_test_srv_crt_ec_pem); +const size_t mbedtls_test_srv_key_ec_pem_len = + sizeof(mbedtls_test_srv_key_ec_pem); +const size_t mbedtls_test_srv_pwd_ec_pem_len = + sizeof(mbedtls_test_srv_pwd_ec_pem) - 1; +const size_t mbedtls_test_srv_key_rsa_pem_len = + sizeof(mbedtls_test_srv_key_rsa_pem); +const size_t mbedtls_test_srv_pwd_rsa_pem_len = + sizeof(mbedtls_test_srv_pwd_rsa_pem) - 1; +const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len = + sizeof(mbedtls_test_srv_crt_rsa_sha1_pem); +const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len = + sizeof(mbedtls_test_srv_crt_rsa_sha256_pem); + +const size_t mbedtls_test_srv_crt_ec_der_len = + sizeof(mbedtls_test_srv_crt_ec_der); +const size_t mbedtls_test_srv_key_ec_der_len = + sizeof(mbedtls_test_srv_key_ec_der); +const size_t mbedtls_test_srv_pwd_ec_der_len = 0; +const size_t mbedtls_test_srv_key_rsa_der_len = + sizeof(mbedtls_test_srv_key_rsa_der); +const size_t mbedtls_test_srv_pwd_rsa_der_len = 0; +const size_t mbedtls_test_srv_crt_rsa_sha1_der_len = + sizeof(mbedtls_test_srv_crt_rsa_sha1_der); +const size_t mbedtls_test_srv_crt_rsa_sha256_der_len = + sizeof(mbedtls_test_srv_crt_rsa_sha256_der); + +/* + * Client + */ + +const char mbedtls_test_cli_crt_ec_pem[] = TEST_CLI_CRT_EC_PEM; +const char mbedtls_test_cli_key_ec_pem[] = TEST_CLI_KEY_EC_PEM; +const char mbedtls_test_cli_pwd_ec_pem[] = ""; +const char mbedtls_test_cli_key_rsa_pem[] = TEST_CLI_KEY_RSA_PEM; +const char mbedtls_test_cli_pwd_rsa_pem[] = ""; +const char mbedtls_test_cli_crt_rsa_pem[] = TEST_CLI_CRT_RSA_PEM; + +const unsigned char mbedtls_test_cli_crt_ec_der[] = TEST_CLI_CRT_EC_DER; +const unsigned char mbedtls_test_cli_key_ec_der[] = TEST_CLI_KEY_EC_DER; +const unsigned char mbedtls_test_cli_key_rsa_der[] = TEST_CLI_KEY_RSA_DER; +const unsigned char mbedtls_test_cli_crt_rsa_der[] = TEST_CLI_CRT_RSA_DER; + +const size_t mbedtls_test_cli_crt_ec_pem_len = + sizeof(mbedtls_test_cli_crt_ec_pem); +const size_t mbedtls_test_cli_key_ec_pem_len = + sizeof(mbedtls_test_cli_key_ec_pem); +const size_t mbedtls_test_cli_pwd_ec_pem_len = + sizeof(mbedtls_test_cli_pwd_ec_pem) - 1; +const size_t mbedtls_test_cli_key_rsa_pem_len = + sizeof(mbedtls_test_cli_key_rsa_pem); +const size_t mbedtls_test_cli_pwd_rsa_pem_len = + sizeof(mbedtls_test_cli_pwd_rsa_pem) - 1; +const size_t mbedtls_test_cli_crt_rsa_pem_len = + sizeof(mbedtls_test_cli_crt_rsa_pem); + +const size_t mbedtls_test_cli_crt_ec_der_len = + sizeof(mbedtls_test_cli_crt_ec_der); +const size_t mbedtls_test_cli_key_ec_der_len = + sizeof(mbedtls_test_cli_key_ec_der); +const size_t mbedtls_test_cli_key_rsa_der_len = + sizeof(mbedtls_test_cli_key_rsa_der); +const size_t mbedtls_test_cli_crt_rsa_der_len = + sizeof(mbedtls_test_cli_crt_rsa_der); + +/* + * + * Definitions of test CRTs without specification of all parameters, choosing + * them automatically according to the config. For example, mbedtls_test_ca_crt + * is one of mbedtls_test_ca_crt_{rsa|ec}_{sha1|sha256}_{pem|der}. + * + */ + +/* + * Dispatch between PEM and DER according to config + */ + +#if defined(MBEDTLS_PEM_PARSE_C) + +/* PEM encoded test CA certificates and keys */ + +#define TEST_CA_KEY_RSA TEST_CA_KEY_RSA_PEM +#define TEST_CA_PWD_RSA TEST_CA_PWD_RSA_PEM +#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_PEM +#define TEST_CA_CRT_RSA_SHA1 TEST_CA_CRT_RSA_SHA1_PEM +#define TEST_CA_KEY_EC TEST_CA_KEY_EC_PEM +#define TEST_CA_PWD_EC TEST_CA_PWD_EC_PEM +#define TEST_CA_CRT_EC TEST_CA_CRT_EC_PEM + +/* PEM encoded test server certificates and keys */ + +#define TEST_SRV_KEY_RSA TEST_SRV_KEY_RSA_PEM +#define TEST_SRV_PWD_RSA "" +#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_PEM +#define TEST_SRV_CRT_RSA_SHA1 TEST_SRV_CRT_RSA_SHA1_PEM +#define TEST_SRV_KEY_EC TEST_SRV_KEY_EC_PEM +#define TEST_SRV_PWD_EC "" +#define TEST_SRV_CRT_EC TEST_SRV_CRT_EC_PEM + +/* PEM encoded test client certificates and keys */ + +#define TEST_CLI_KEY_RSA TEST_CLI_KEY_RSA_PEM +#define TEST_CLI_PWD_RSA "" +#define TEST_CLI_CRT_RSA TEST_CLI_CRT_RSA_PEM +#define TEST_CLI_KEY_EC TEST_CLI_KEY_EC_PEM +#define TEST_CLI_PWD_EC "" +#define TEST_CLI_CRT_EC TEST_CLI_CRT_EC_PEM + +#else /* MBEDTLS_PEM_PARSE_C */ + +/* DER encoded test CA certificates and keys */ + +#define TEST_CA_KEY_RSA TEST_CA_KEY_RSA_DER +#define TEST_CA_PWD_RSA "" +#define TEST_CA_CRT_RSA_SHA256 TEST_CA_CRT_RSA_SHA256_DER +#define TEST_CA_CRT_RSA_SHA1 TEST_CA_CRT_RSA_SHA1_DER +#define TEST_CA_KEY_EC TEST_CA_KEY_EC_DER +#define TEST_CA_PWD_EC "" +#define TEST_CA_CRT_EC TEST_CA_CRT_EC_DER + +/* DER encoded test server certificates and keys */ + +#define TEST_SRV_KEY_RSA TEST_SRV_KEY_RSA_DER +#define TEST_SRV_PWD_RSA "" +#define TEST_SRV_CRT_RSA_SHA256 TEST_SRV_CRT_RSA_SHA256_DER +#define TEST_SRV_CRT_RSA_SHA1 TEST_SRV_CRT_RSA_SHA1_DER +#define TEST_SRV_KEY_EC TEST_SRV_KEY_EC_DER +#define TEST_SRV_PWD_EC "" +#define TEST_SRV_CRT_EC TEST_SRV_CRT_EC_DER + +/* DER encoded test client certificates and keys */ + +#define TEST_CLI_KEY_RSA TEST_CLI_KEY_RSA_DER +#define TEST_CLI_PWD_RSA "" +#define TEST_CLI_CRT_RSA TEST_CLI_CRT_RSA_DER +#define TEST_CLI_KEY_EC TEST_CLI_KEY_EC_DER +#define TEST_CLI_PWD_EC "" +#define TEST_CLI_CRT_EC TEST_CLI_CRT_EC_DER + +#endif /* MBEDTLS_PEM_PARSE_C */ + +const char mbedtls_test_ca_key_rsa[] = TEST_CA_KEY_RSA; +const char mbedtls_test_ca_pwd_rsa[] = TEST_CA_PWD_RSA; +const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256; +const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1; +const char mbedtls_test_ca_key_ec[] = TEST_CA_KEY_EC; +const char mbedtls_test_ca_pwd_ec[] = TEST_CA_PWD_EC; +const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC; + +const char mbedtls_test_srv_key_rsa[] = TEST_SRV_KEY_RSA; +const char mbedtls_test_srv_pwd_rsa[] = TEST_SRV_PWD_RSA; +const char mbedtls_test_srv_crt_rsa_sha256[] = TEST_SRV_CRT_RSA_SHA256; +const char mbedtls_test_srv_crt_rsa_sha1[] = TEST_SRV_CRT_RSA_SHA1; +const char mbedtls_test_srv_key_ec[] = TEST_SRV_KEY_EC; +const char mbedtls_test_srv_pwd_ec[] = TEST_SRV_PWD_EC; +const char mbedtls_test_srv_crt_ec[] = TEST_SRV_CRT_EC; + +const char mbedtls_test_cli_key_rsa[] = TEST_CLI_KEY_RSA; +const char mbedtls_test_cli_pwd_rsa[] = TEST_CLI_PWD_RSA; +const char mbedtls_test_cli_crt_rsa[] = TEST_CLI_CRT_RSA; +const char mbedtls_test_cli_key_ec[] = TEST_CLI_KEY_EC; +const char mbedtls_test_cli_pwd_ec[] = TEST_CLI_PWD_EC; +const char mbedtls_test_cli_crt_ec[] = TEST_CLI_CRT_EC; + +const size_t mbedtls_test_ca_key_rsa_len = + sizeof(mbedtls_test_ca_key_rsa); +const size_t mbedtls_test_ca_pwd_rsa_len = + sizeof(mbedtls_test_ca_pwd_rsa) - 1; +const size_t mbedtls_test_ca_crt_rsa_sha256_len = + sizeof(mbedtls_test_ca_crt_rsa_sha256); +const size_t mbedtls_test_ca_crt_rsa_sha1_len = + sizeof(mbedtls_test_ca_crt_rsa_sha1); +const size_t mbedtls_test_ca_key_ec_len = + sizeof(mbedtls_test_ca_key_ec); +const size_t mbedtls_test_ca_pwd_ec_len = + sizeof(mbedtls_test_ca_pwd_ec) - 1; +const size_t mbedtls_test_ca_crt_ec_len = + sizeof(mbedtls_test_ca_crt_ec); + +const size_t mbedtls_test_srv_key_rsa_len = + sizeof(mbedtls_test_srv_key_rsa); +const size_t mbedtls_test_srv_pwd_rsa_len = + sizeof(mbedtls_test_srv_pwd_rsa) -1; +const size_t mbedtls_test_srv_crt_rsa_sha256_len = + sizeof(mbedtls_test_srv_crt_rsa_sha256); +const size_t mbedtls_test_srv_crt_rsa_sha1_len = + sizeof(mbedtls_test_srv_crt_rsa_sha1); +const size_t mbedtls_test_srv_key_ec_len = + sizeof(mbedtls_test_srv_key_ec); +const size_t mbedtls_test_srv_pwd_ec_len = + sizeof(mbedtls_test_srv_pwd_ec) - 1; +const size_t mbedtls_test_srv_crt_ec_len = + sizeof(mbedtls_test_srv_crt_ec); + +const size_t mbedtls_test_cli_key_rsa_len = + sizeof(mbedtls_test_cli_key_rsa); +const size_t mbedtls_test_cli_pwd_rsa_len = + sizeof(mbedtls_test_cli_pwd_rsa) - 1; +const size_t mbedtls_test_cli_crt_rsa_len = + sizeof(mbedtls_test_cli_crt_rsa); +const size_t mbedtls_test_cli_key_ec_len = + sizeof(mbedtls_test_cli_key_ec); +const size_t mbedtls_test_cli_pwd_ec_len = + sizeof(mbedtls_test_cli_pwd_ec) - 1; +const size_t mbedtls_test_cli_crt_ec_len = + sizeof(mbedtls_test_cli_crt_ec); + +/* + * Dispatch between SHA-1 and SHA-256 + */ + +#if defined(PSA_WANT_ALG_SHA_256) +#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA256 +#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256 +#else +#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA1 +#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1 +#endif /* PSA_WANT_ALG_SHA_256 */ + +const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA; +const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA; + +const size_t mbedtls_test_ca_crt_rsa_len = + sizeof(mbedtls_test_ca_crt_rsa); +const size_t mbedtls_test_srv_crt_rsa_len = + sizeof(mbedtls_test_srv_crt_rsa); + +/* + * Dispatch between RSA and EC + */ + +#if defined(MBEDTLS_RSA_C) + +#define TEST_CA_KEY TEST_CA_KEY_RSA +#define TEST_CA_PWD TEST_CA_PWD_RSA +#define TEST_CA_CRT TEST_CA_CRT_RSA + +#define TEST_SRV_KEY TEST_SRV_KEY_RSA +#define TEST_SRV_PWD TEST_SRV_PWD_RSA +#define TEST_SRV_CRT TEST_SRV_CRT_RSA + +#define TEST_CLI_KEY TEST_CLI_KEY_RSA +#define TEST_CLI_PWD TEST_CLI_PWD_RSA +#define TEST_CLI_CRT TEST_CLI_CRT_RSA + +#else /* no RSA, so assume ECDSA */ + +#define TEST_CA_KEY TEST_CA_KEY_EC +#define TEST_CA_PWD TEST_CA_PWD_EC +#define TEST_CA_CRT TEST_CA_CRT_EC + +#define TEST_SRV_KEY TEST_SRV_KEY_EC +#define TEST_SRV_PWD TEST_SRV_PWD_EC +#define TEST_SRV_CRT TEST_SRV_CRT_EC + +#define TEST_CLI_KEY TEST_CLI_KEY_EC +#define TEST_CLI_PWD TEST_CLI_PWD_EC +#define TEST_CLI_CRT TEST_CLI_CRT_EC +#endif /* MBEDTLS_RSA_C */ + +/* API stability forces us to declare + * mbedtls_test_{ca|srv|cli}_{key|pwd|crt} + * as pointers. */ +static const char test_ca_key[] = TEST_CA_KEY; +static const char test_ca_pwd[] = TEST_CA_PWD; +static const char test_ca_crt[] = TEST_CA_CRT; + +static const char test_srv_key[] = TEST_SRV_KEY; +static const char test_srv_pwd[] = TEST_SRV_PWD; +static const char test_srv_crt[] = TEST_SRV_CRT; + +static const char test_cli_key[] = TEST_CLI_KEY; +static const char test_cli_pwd[] = TEST_CLI_PWD; +static const char test_cli_crt[] = TEST_CLI_CRT; + +const char *mbedtls_test_ca_key = test_ca_key; +const char *mbedtls_test_ca_pwd = test_ca_pwd; +const char *mbedtls_test_ca_crt = test_ca_crt; + +const char *mbedtls_test_srv_key = test_srv_key; +const char *mbedtls_test_srv_pwd = test_srv_pwd; +const char *mbedtls_test_srv_crt = test_srv_crt; + +const char *mbedtls_test_cli_key = test_cli_key; +const char *mbedtls_test_cli_pwd = test_cli_pwd; +const char *mbedtls_test_cli_crt = test_cli_crt; + +const size_t mbedtls_test_ca_key_len = + sizeof(test_ca_key); +const size_t mbedtls_test_ca_pwd_len = + sizeof(test_ca_pwd) - 1; +const size_t mbedtls_test_ca_crt_len = + sizeof(test_ca_crt); + +const size_t mbedtls_test_srv_key_len = + sizeof(test_srv_key); +const size_t mbedtls_test_srv_pwd_len = + sizeof(test_srv_pwd) - 1; +const size_t mbedtls_test_srv_crt_len = + sizeof(test_srv_crt); + +const size_t mbedtls_test_cli_key_len = + sizeof(test_cli_key); +const size_t mbedtls_test_cli_pwd_len = + sizeof(test_cli_pwd) - 1; +const size_t mbedtls_test_cli_crt_len = + sizeof(test_cli_crt); + +/* + * + * Lists of certificates + * + */ + +/* List of CAs in PEM or DER, depending on config */ +const char *mbedtls_test_cas[] = { +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1) + mbedtls_test_ca_crt_rsa_sha1, +#endif +#if defined(MBEDTLS_RSA_C) && defined(PSA_WANT_ALG_SHA_256) + mbedtls_test_ca_crt_rsa_sha256, +#endif +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) + mbedtls_test_ca_crt_ec, +#endif + NULL +}; +const size_t mbedtls_test_cas_len[] = { +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1) + sizeof(mbedtls_test_ca_crt_rsa_sha1), +#endif +#if defined(MBEDTLS_RSA_C) && defined(PSA_WANT_ALG_SHA_256) + sizeof(mbedtls_test_ca_crt_rsa_sha256), +#endif +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) + sizeof(mbedtls_test_ca_crt_ec), +#endif + 0 +}; + +/* List of all available CA certificates in DER format */ +const unsigned char *mbedtls_test_cas_der[] = { +#if defined(MBEDTLS_RSA_C) +#if defined(PSA_WANT_ALG_SHA_256) + mbedtls_test_ca_crt_rsa_sha256_der, +#endif /* PSA_WANT_ALG_SHA_256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) + mbedtls_test_ca_crt_rsa_sha1_der, +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) + mbedtls_test_ca_crt_ec_der, +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ + NULL +}; + +const size_t mbedtls_test_cas_der_len[] = { +#if defined(MBEDTLS_RSA_C) +#if defined(PSA_WANT_ALG_SHA_256) + sizeof(mbedtls_test_ca_crt_rsa_sha256_der), +#endif /* PSA_WANT_ALG_SHA_256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) + sizeof(mbedtls_test_ca_crt_rsa_sha1_der), +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) + sizeof(mbedtls_test_ca_crt_ec_der), +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ + 0 +}; + +/* Concatenation of all available CA certificates in PEM format */ +#if defined(MBEDTLS_PEM_PARSE_C) +const char mbedtls_test_cas_pem[] = +#if defined(MBEDTLS_RSA_C) +#if defined(PSA_WANT_ALG_SHA_256) + TEST_CA_CRT_RSA_SHA256_PEM +#endif /* PSA_WANT_ALG_SHA_256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) + TEST_CA_CRT_RSA_SHA1_PEM +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) + TEST_CA_CRT_EC_PEM +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ + ""; +const size_t mbedtls_test_cas_pem_len = sizeof(mbedtls_test_cas_pem); +#endif /* MBEDTLS_PEM_PARSE_C */ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c new file mode 100644 index 0000000000..2416ba8123 --- /dev/null +++ b/tests/src/drivers/hash.c @@ -0,0 +1,199 @@ +/* + * Test driver for hash entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_hash.h" + +#include "test/drivers/hash.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_hash.h" +#endif + +mbedtls_test_driver_hash_hooks_t + mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT; + +psa_status_t mbedtls_test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, size_t *hash_length) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + libtestdriver1_mbedtls_psa_hash_compute( + alg, input, input_length, + hash, hash_size, hash_length); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_compute( + alg, input, input_length, + hash, hash_size, hash_length); +#else + (void) alg; + (void) input; + (void) input_length; + (void) hash; + (void) hash_size; + (void) hash_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_hash_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, + psa_algorithm_t alg) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + libtestdriver1_mbedtls_psa_hash_setup(operation, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_setup(operation, alg); +#else + (void) operation; + (void) alg; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_hash_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + libtestdriver1_mbedtls_psa_hash_clone(source_operation, + target_operation); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_clone(source_operation, target_operation); +#else + (void) source_operation; + (void) target_operation; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_hash_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + libtestdriver1_mbedtls_psa_hash_update( + operation, input, input_length); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_update(operation, input, input_length); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_hash_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + libtestdriver1_mbedtls_psa_hash_finish( + operation, hash, hash_size, hash_length); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_finish(operation, hash, hash_size, hash_length); +#else + (void) operation; + (void) hash; + (void) hash_size; + (void) hash_length; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_hash_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_hash_abort( + mbedtls_transparent_test_driver_hash_operation_t *operation) +{ + mbedtls_test_driver_hash_hooks.hits++; + + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + libtestdriver1_mbedtls_psa_hash_abort(operation); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_psa_hash_abort(operation); +#else + (void) operation; + mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_hash_hooks.driver_status; +} +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c new file mode 100644 index 0000000000..01fc050bbb --- /dev/null +++ b/tests/src/drivers/platform_builtin_keys.c @@ -0,0 +1,78 @@ +/** \file platform_builtin_keys.c + * + * \brief Test driver implementation of the builtin key support + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#include +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include +#endif + +typedef struct { + psa_key_id_t builtin_key_id; + psa_key_lifetime_t lifetime; + psa_drv_slot_number_t slot_number; +} mbedtls_psa_builtin_key_description_t; + +static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* For testing, assign the AES builtin key slot to the boundary values. + * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, +#else + { 0, 0, 0 } +#endif +}; + +psa_status_t mbedtls_psa_platform_get_builtin_key( + mbedtls_svc_key_id_t key_id, + psa_key_lifetime_t *lifetime, + psa_drv_slot_number_t *slot_number) +{ + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id); + const mbedtls_psa_builtin_key_description_t *builtin_key; + + for (size_t i = 0; + i < (sizeof(builtin_keys) / sizeof(builtin_keys[0])); i++) { + builtin_key = &builtin_keys[i]; + if (builtin_key->builtin_key_id == app_key_id) { + *lifetime = builtin_key->lifetime; + *slot_number = builtin_key->slot_number; + return PSA_SUCCESS; + } + } + + return PSA_ERROR_DOES_NOT_EXIST; +} diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c new file mode 100644 index 0000000000..080b4dba81 --- /dev/null +++ b/tests/src/drivers/test_driver_aead.c @@ -0,0 +1,462 @@ +/* + * Test driver for AEAD entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_aead.h" +#include "psa_crypto_core.h" + +#include "test/drivers/aead.h" + +#include "mbedtls/constant_time.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_aead.h" +#endif + +mbedtls_test_driver_aead_hooks_t + mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT; + +psa_status_t mbedtls_test_transparent_aead_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *nonce, size_t nonce_length, + const uint8_t *additional_data, size_t additional_data_length, + const uint8_t *plaintext, size_t plaintext_length, + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) +{ + mbedtls_test_driver_aead_hooks.hits_encrypt++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_encrypt( + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; + (void) plaintext_length; + (void) ciphertext; + (void) ciphertext_size; + (void) ciphertext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *nonce, size_t nonce_length, + const uint8_t *additional_data, size_t additional_data_length, + const uint8_t *ciphertext, size_t ciphertext_length, + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) +{ + mbedtls_test_driver_aead_hooks.hits_decrypt++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_decrypt( + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) ciphertext; + (void) ciphertext_length; + (void) plaintext; + (void) plaintext_size; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_encrypt_setup( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg) +{ + mbedtls_test_driver_aead_hooks.hits_encrypt_setup++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_encrypt_setup(operation, + (const libtestdriver1_psa_key_attributes_t + *) attributes, + key_buffer, + key_buffer_size, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_encrypt_setup(operation, attributes, key_buffer, + key_buffer_size, alg); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_decrypt_setup( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg) +{ + mbedtls_test_driver_aead_hooks.hits_decrypt_setup++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_decrypt_setup(operation, + (const libtestdriver1_psa_key_attributes_t + *) attributes, + key_buffer, key_buffer_size, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_decrypt_setup(operation, attributes, key_buffer, + key_buffer_size, alg); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_set_nonce( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const uint8_t *nonce, + size_t nonce_length) +{ + mbedtls_test_driver_aead_hooks.hits_set_nonce++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_set_nonce(operation, nonce, nonce_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_set_nonce(operation, nonce, nonce_length); +#else + (void) operation; + (void) nonce; + (void) nonce_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_set_lengths( + mbedtls_transparent_test_driver_aead_operation_t *operation, + size_t ad_length, + size_t plaintext_length) +{ + mbedtls_test_driver_aead_hooks.hits_set_lengths++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_set_lengths(operation, ad_length, + plaintext_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_set_lengths(operation, ad_length, + plaintext_length); +#else + (void) operation; + (void) ad_length; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_update_ad( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ + mbedtls_test_driver_aead_hooks.hits_update_ad++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_update_ad(operation, input, input_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_update_ad(operation, input, input_length); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_update( + mbedtls_transparent_test_driver_aead_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_aead_hooks.hits_update++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_update(operation, input, + input_length, output, + output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_update(operation, input, input_length, output, + output_size, output_length); +#else + (void) operation; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_finish( + mbedtls_transparent_test_driver_aead_operation_t *operation, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length, + uint8_t *tag, + size_t tag_size, + size_t *tag_length) +{ + mbedtls_test_driver_aead_hooks.hits_finish++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_finish(operation, ciphertext, + ciphertext_size, ciphertext_length, + tag, tag_size, tag_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_finish(operation, ciphertext, ciphertext_size, + ciphertext_length, tag, tag_size, + tag_length); +#else + (void) operation; + (void) ciphertext; + (void) ciphertext_size; + (void) ciphertext_length; + (void) tag; + (void) tag_size; + (void) tag_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_verify( + mbedtls_transparent_test_driver_aead_operation_t *operation, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length, + const uint8_t *tag, + size_t tag_length) +{ + mbedtls_test_driver_aead_hooks.hits_verify++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { + uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE]; + size_t check_tag_length = 0; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_finish(operation, + plaintext, + plaintext_size, + plaintext_length, + check_tag, + sizeof(check_tag), + &check_tag_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_finish(operation, + plaintext, + plaintext_size, + plaintext_length, + check_tag, + sizeof(check_tag), + &check_tag_length); +#else + (void) operation; + (void) plaintext; + (void) plaintext_size; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + + if (mbedtls_test_driver_aead_hooks.driver_status == PSA_SUCCESS) { + if (tag_length != check_tag_length || + mbedtls_ct_memcmp(tag, check_tag, tag_length) + != 0) { + mbedtls_test_driver_aead_hooks.driver_status = + PSA_ERROR_INVALID_SIGNATURE; + } + } + + mbedtls_platform_zeroize(check_tag, sizeof(check_tag)); + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_aead_abort( + mbedtls_transparent_test_driver_aead_operation_t *operation) +{ + mbedtls_test_driver_aead_hooks.hits_abort++; + + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_abort(operation); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_psa_aead_abort(operation); +#else + (void) operation; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_aead_hooks.driver_status; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c new file mode 100644 index 0000000000..55e09b2f34 --- /dev/null +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -0,0 +1,181 @@ +/* + * Test driver for asymmetric encryption. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa/crypto.h" +#include "mbedtls/rsa.h" +#include "psa_crypto_rsa.h" +#include "string.h" +#include "test/drivers/asymmetric_encryption.h" +#include "test/drivers/key_management.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h" +#endif + +#define PSA_RSA_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) + +mbedtls_test_driver_asymmetric_encryption_hooks_t mbedtls_test_driver_asymmetric_encryption_hooks = + MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT; + +psa_status_t mbedtls_test_transparent_asymmetric_encrypt( + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length) +{ + mbedtls_test_driver_asymmetric_encryption_hooks.hits++; + + if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_asymmetric_encryption_hooks.forced_output, + mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length); + *output_length = mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length; + + return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status; + } + + if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + return libtestdriver1_mbedtls_psa_asymmetric_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#else + return mbedtls_psa_asymmetric_encrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_asymmetric_decrypt( + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length) +{ + mbedtls_test_driver_asymmetric_encryption_hooks.hits++; + + if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_asymmetric_encryption_hooks.forced_output, + mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length); + *output_length = mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length; + + return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status; + } + + if (mbedtls_test_driver_asymmetric_encryption_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + return libtestdriver1_mbedtls_psa_asymmetric_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#else + return mbedtls_psa_asymmetric_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +/* + * opaque versions + */ +psa_status_t mbedtls_test_opaque_asymmetric_encrypt( + const psa_key_attributes_t *attributes, const uint8_t *key, + size_t key_length, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length) +{ + unsigned char unwrapped_key[PSA_RSA_KEY_PAIR_MAX_SIZE]; + size_t unwrapped_key_length; + psa_status_t status; + + status = mbedtls_test_opaque_unwrap_key(key, key_length, + unwrapped_key, sizeof(unwrapped_key), + &unwrapped_key_length); + if (status != PSA_SUCCESS) { + return status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) || defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)) + return libtestdriver1_mbedtls_psa_asymmetric_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#else + return mbedtls_psa_asymmetric_encrypt( + attributes, unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_asymmetric_decrypt( + const psa_key_attributes_t *attributes, const uint8_t *key, + size_t key_length, psa_algorithm_t alg, const uint8_t *input, + size_t input_length, const uint8_t *salt, size_t salt_length, + uint8_t *output, size_t output_size, size_t *output_length) +{ + unsigned char unwrapped_key[PSA_RSA_KEY_PAIR_MAX_SIZE]; + size_t unwrapped_key_length; + psa_status_t status; + + status = mbedtls_test_opaque_unwrap_key(key, key_length, + unwrapped_key, sizeof(unwrapped_key), + &unwrapped_key_length); + if (status != PSA_SUCCESS) { + return status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) || defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)) + return libtestdriver1_mbedtls_psa_asymmetric_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#else + return mbedtls_psa_asymmetric_decrypt( + attributes, unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c new file mode 100644 index 0000000000..ace0ed313d --- /dev/null +++ b/tests/src/drivers/test_driver_cipher.c @@ -0,0 +1,432 @@ +/* + * Test driver for cipher functions. + * Currently only supports multi-part operations using AES-CTR. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa/crypto.h" +#include "psa_crypto_cipher.h" +#include "psa_crypto_core.h" +#include "mbedtls/cipher.h" + +#include "test/drivers/cipher.h" + +#include "test/random.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_cipher.h" +#endif + +#include + +mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = + MBEDTLS_TEST_DRIVER_CIPHER_INIT; + +psa_status_t mbedtls_test_transparent_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_length, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits_encrypt++; + + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; + + return mbedtls_test_driver_cipher_hooks.forced_status; + } + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + if (mbedtls_test_driver_cipher_hooks.forced_status_encrypt != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status_encrypt; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, iv, iv_length, input, input_length, + output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, iv, iv_length, input, input_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_cipher_hooks.hits++; + + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; + + return mbedtls_test_driver_cipher_hooks.forced_status; + } + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg) +{ + mbedtls_test_driver_cipher_hooks.hits++; + + /* Wiping the entire struct here, instead of member-by-member. This is + * useful for the test suite, since it gives a chance of catching memory + * corruption errors should the core not have allocated (enough) memory for + * our context struct. */ + memset(operation, 0, sizeof(*operation)); + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_encrypt_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_length, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_encrypt_setup( + operation, attributes, key, key_length, alg); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg) +{ + mbedtls_test_driver_cipher_hooks.hits++; + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_decrypt_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_length, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_decrypt_setup( + operation, attributes, key, key_length, alg); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_cipher_abort( + mbedtls_transparent_test_driver_cipher_operation_t *operation) +{ + mbedtls_test_driver_cipher_hooks.hits++; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + libtestdriver1_mbedtls_psa_cipher_abort(operation); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + mbedtls_psa_cipher_abort(operation); +#endif + + /* Wiping the entire struct here, instead of member-by-member. This is + * useful for the test suite, since it gives a chance of catching memory + * corruption errors should the core not have allocated (enough) memory for + * our context struct. */ + memset(operation, 0, sizeof(*operation)); + + return mbedtls_test_driver_cipher_hooks.forced_status; +} + +psa_status_t mbedtls_test_transparent_cipher_set_iv( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const uint8_t *iv, + size_t iv_length) +{ + mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits_set_iv++; + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + if (mbedtls_test_driver_cipher_hooks.forced_status_set_iv != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status_set_iv; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_set_iv( + operation, iv, iv_length); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_set_iv(operation, iv, iv_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_cipher_update( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_cipher_hooks.hits++; + + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; + + return mbedtls_test_driver_cipher_hooks.forced_status; + } + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_cipher_finish( + mbedtls_transparent_test_driver_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_cipher_hooks.hits++; + + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; + + return mbedtls_test_driver_cipher_hooks.forced_status; + } + + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) + return libtestdriver1_mbedtls_psa_cipher_finish( + operation, output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) + return mbedtls_psa_cipher_finish( + operation, output, output_size, output_length); +#endif + + return PSA_ERROR_NOT_SUPPORTED; +} + +/* + * opaque versions, to do + */ +psa_status_t mbedtls_test_opaque_cipher_encrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *iv, size_t iv_length, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) iv; + (void) iv_length; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_decrypt( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *output, size_t output_size, size_t *output_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg) +{ + (void) operation; + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg) +{ + (void) operation; + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_abort( + mbedtls_opaque_test_driver_cipher_operation_t *operation) +{ + (void) operation; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_set_iv( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const uint8_t *iv, + size_t iv_length) +{ + (void) operation; + (void) iv; + (void) iv_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_update( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + (void) operation; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_cipher_finish( + mbedtls_opaque_test_driver_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + (void) operation; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_NOT_SUPPORTED; +} +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c new file mode 100644 index 0000000000..8a8e3a8074 --- /dev/null +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -0,0 +1,147 @@ +/* + * Test driver for key agreement functions. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) + +#include "psa/crypto.h" +#include "psa_crypto_core.h" +#include "psa_crypto_ecp.h" +#include "psa_crypto_ffdh.h" + +#include "test/drivers/key_agreement.h" +#include "test/drivers/test_driver.h" + +#include + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/include/psa/crypto.h" +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ffdh.h" +#endif + +mbedtls_test_driver_key_agreement_hooks_t + mbedtls_test_driver_key_agreement_hooks = MBEDTLS_TEST_DRIVER_KEY_AGREEMENT_INIT; + +psa_status_t mbedtls_test_transparent_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) +{ + mbedtls_test_driver_key_agreement_hooks.hits++; + + if (mbedtls_test_driver_key_agreement_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_agreement_hooks.forced_status; + } + + if (mbedtls_test_driver_key_agreement_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_agreement_hooks.forced_output_length > shared_secret_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(shared_secret, mbedtls_test_driver_key_agreement_hooks.forced_output, + mbedtls_test_driver_key_agreement_hooks.forced_output_length); + *shared_secret_length = mbedtls_test_driver_key_agreement_hooks.forced_output_length; + + return PSA_SUCCESS; + } + + if (PSA_ALG_IS_ECDH(alg)) { +#if (defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDH)) + return libtestdriver1_mbedtls_psa_key_agreement_ecdh( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, peer_key, peer_key_length, + shared_secret, shared_secret_size, + shared_secret_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) + return mbedtls_psa_key_agreement_ecdh( + attributes, + key_buffer, key_buffer_size, + alg, peer_key, peer_key_length, + shared_secret, shared_secret_size, + shared_secret_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) peer_key; + (void) peer_key_length; + (void) shared_secret; + (void) shared_secret_size; + (void) shared_secret_length; + return PSA_ERROR_NOT_SUPPORTED; +#endif + } + if (PSA_ALG_IS_FFDH(alg)) { +#if (defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_FFDH)) + return libtestdriver1_mbedtls_psa_ffdh_key_agreement( + (const libtestdriver1_psa_key_attributes_t *) attributes, + peer_key, peer_key_length, + key_buffer, key_buffer_size, + shared_secret, shared_secret_size, + shared_secret_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH) + return mbedtls_psa_ffdh_key_agreement( + attributes, + peer_key, + peer_key_length, + key_buffer, + key_buffer_size, + shared_secret, + shared_secret_size, + shared_secret_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) peer_key; + (void) peer_key_length; + (void) shared_secret; + (void) shared_secret_size; + (void) shared_secret_length; + return PSA_ERROR_NOT_SUPPORTED; +#endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; + } + +} + +psa_status_t mbedtls_test_opaque_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) +{ + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) peer_key; + (void) peer_key_length; + (void) shared_secret; + (void) shared_secret_size; + (void) shared_secret_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c new file mode 100644 index 0000000000..c0869f1291 --- /dev/null +++ b/tests/src/drivers/test_driver_key_management.c @@ -0,0 +1,788 @@ +/* + * Test driver for generating and verifying keys. + * Currently only supports generating and verifying ECC keys. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa/crypto.h" +#include "psa_crypto_core.h" +#include "psa_crypto_ecp.h" +#include "psa_crypto_rsa.h" +#include "psa_crypto_ffdh.h" +#include "mbedtls/ecp.h" +#include "mbedtls/error.h" + +#include "test/drivers/key_management.h" +#include "test/drivers/test_driver.h" + +#include "test/random.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h" +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ffdh.h" +#endif + +#include + +mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; + +const uint8_t mbedtls_test_driver_aes_key[16] = +{ 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, + 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; +const uint8_t mbedtls_test_driver_ecdsa_key[32] = +{ 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, + 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, + 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, + 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; +const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = +{ 0x04, + 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, + 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, + 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, + 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, + 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, + 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, + 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, + 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; + +psa_status_t mbedtls_test_transparent_init(void) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + status = libtestdriver1_psa_crypto_init(); + if (status != PSA_SUCCESS) { + return status; + } +#endif + + (void) status; + return PSA_SUCCESS; +} + +void mbedtls_test_transparent_free(void) +{ +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + libtestdriver1_mbedtls_psa_crypto_free(); +#endif + + return; +} + +psa_status_t mbedtls_test_opaque_init(void) +{ + return PSA_SUCCESS; +} + +void mbedtls_test_opaque_free(void) +{ + return; +} + +/* + * This macro returns the base size for the key context when SE does not + * support storage. It is the size of the metadata that gets added to the + * wrapped key. In its test functionality the metadata is just some padded + * prefixing to the key. + */ +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \ + PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX_SIZE + + +size_t mbedtls_test_opaque_size_function( + const psa_key_type_t key_type, + const size_t key_bits) +{ + size_t key_buffer_size = 0; + + key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits); + if (key_buffer_size == 0) { + return 0; + } + /* Include spacing for base size overhead over the key size + * */ + key_buffer_size += TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; + return key_buffer_size; +} + +static size_t mbedtls_test_opaque_get_base_size() +{ + return TEST_DRIVER_KEY_CONTEXT_BASE_SIZE; +} + +/* + * The wrap function mbedtls_test_opaque_wrap_key pads and wraps the + * clear key. It expects the clear and wrap buffers to be passed in. + * key_length is the size of the clear key to be wrapped. + * wrapped_key_buffer_size is the size of the output buffer wrap_key. + * The argument wrapped_key_buffer_length is filled with the wrapped + * key_size on success. + * */ +static psa_status_t mbedtls_test_opaque_wrap_key( + const uint8_t *key, + size_t key_length, + uint8_t *wrapped_key_buffer, + size_t wrapped_key_buffer_size, + size_t *wrapped_key_buffer_length) +{ + size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); + uint64_t prefix = PSA_CRYPTO_TEST_DRIVER_OPAQUE_PAD_PREFIX; + + if (key_length + opaque_key_base_size > wrapped_key_buffer_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + /* Write in the opaque pad prefix */ + memcpy(wrapped_key_buffer, &prefix, opaque_key_base_size); + wrapped_key_buffer += opaque_key_base_size; + *wrapped_key_buffer_length = key_length + opaque_key_base_size; + + while (key_length--) { + wrapped_key_buffer[key_length] = key[key_length] ^ 0xFF; + } + return PSA_SUCCESS; +} + +/* + * The unwrap function mbedtls_test_opaque_unwrap_key removes a pad prefix + * and unwraps the wrapped key. It expects the clear and wrap buffers to be + * passed in. + * wrapped_key_length is the size of the wrapped key, + * key_buffer_size is the size of the output buffer clear_key. + * The argument key_buffer_length is filled with the unwrapped(clear) + * key_size on success. + * */ +psa_status_t mbedtls_test_opaque_unwrap_key( + const uint8_t *wrapped_key, + size_t wrapped_key_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length) +{ + /* Remove the pad prefix from the wrapped key */ + size_t opaque_key_base_size = mbedtls_test_opaque_get_base_size(); + size_t clear_key_size; + + /* Check for underflow */ + if (wrapped_key_length < opaque_key_base_size) { + return PSA_ERROR_DATA_CORRUPT; + } + clear_key_size = wrapped_key_length - opaque_key_base_size; + + wrapped_key += opaque_key_base_size; + if (clear_key_size > key_buffer_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + *key_buffer_length = clear_key_size; + while (clear_key_size--) { + key_buffer[clear_key_size] = wrapped_key[clear_key_size] ^ 0xFF; + } + return PSA_SUCCESS; +} + +psa_status_t mbedtls_test_transparent_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length) +{ + ++mbedtls_test_driver_key_management_hooks.hits; + ++mbedtls_test_driver_key_management_hooks.hits_generate_key; + + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } + + if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_management_hooks.forced_output_length > + key_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length); + *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length; + return PSA_SUCCESS; + } + + if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes)) + && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) + return libtestdriver1_mbedtls_psa_ecp_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) + return mbedtls_psa_ecp_generate_key( + attributes, key, key_size, key_length); +#endif + } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) + return libtestdriver1_mbedtls_psa_rsa_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + NULL, 0, /* We don't support custom e in the test driver yet */ + key, key_size, key_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) + return mbedtls_psa_rsa_generate_key( + attributes, + NULL, 0, /* We don't support custom e in the test driver yet */ + key, key_size, key_length); +#endif + } else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes)) + && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) + return libtestdriver1_mbedtls_psa_ffdh_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) + return mbedtls_psa_ffdh_generate_key( + attributes, key, key_size, key_length); +#endif + } + + (void) attributes; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key, size_t key_size, size_t *key_length) +{ + (void) attributes; + (void) key; + (void) key_size; + (void) key_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits) +{ + psa_key_type_t type = psa_get_key_type(attributes); + + ++mbedtls_test_driver_key_management_hooks.hits; + mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE; + + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } + + if (PSA_KEY_TYPE_IS_ECC(type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ecp_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#endif + } else if (PSA_KEY_TYPE_IS_RSA(type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_rsa_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#endif + } else if (PSA_KEY_TYPE_IS_DH(type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ffdh_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_ffdh_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#endif + } + (void) data; + (void) data_length; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + (void) bits; + (void) type; + + return PSA_ERROR_NOT_SUPPORTED; +} + + +psa_status_t mbedtls_test_opaque_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t type = psa_get_key_type(attributes); + /* This buffer will be used as an intermediate placeholder for + * the clear key till we wrap it */ + uint8_t *key_buffer_temp; + + ++mbedtls_test_driver_key_management_hooks.hits; + mbedtls_test_driver_key_management_hooks.location = PSA_CRYPTO_TEST_DRIVER_LOCATION; + + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } + + key_buffer_temp = mbedtls_calloc(1, key_buffer_size); + if (key_buffer_temp == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + *bits = PSA_BYTES_TO_BITS(data_length); + + status = psa_validate_unstructured_key_bit_size(type, + *bits); + if (status != PSA_SUCCESS) { + goto exit; + } + + if (data_length > key_buffer_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + /* Copy the key material accounting for opaque key padding. */ + memcpy(key_buffer_temp, data, data_length); + *key_buffer_length = data_length; + } else if (PSA_KEY_TYPE_IS_ECC(type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) + status = libtestdriver1_mbedtls_psa_ecp_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer_temp, key_buffer_size, + key_buffer_length, bits); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + status = mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer_temp, key_buffer_size, + key_buffer_length, bits); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif + if (status != PSA_SUCCESS) { + goto exit; + } + } else if (PSA_KEY_TYPE_IS_RSA(type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)) + status = libtestdriver1_mbedtls_psa_rsa_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer_temp, key_buffer_size, + key_buffer_length, bits); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + status = mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer_temp, key_buffer_size, + key_buffer_length, bits); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif + if (status != PSA_SUCCESS) { + goto exit; + } + } else { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + status = mbedtls_test_opaque_wrap_key(key_buffer_temp, *key_buffer_length, + key_buffer, key_buffer_size, key_buffer_length); +exit: + mbedtls_free(key_buffer_temp); + return status; +} + +psa_status_t mbedtls_test_opaque_export_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length) +{ + if (key_length == sizeof(psa_drv_slot_number_t)) { + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); + + switch (slot_number) { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the private key. */ + if (psa_get_key_type(attributes) != + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 256) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != + PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if ((psa_get_key_usage_flags(attributes) & + PSA_KEY_USAGE_EXPORT) == 0) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_ecdsa_key, + sizeof(mbedtls_test_driver_ecdsa_key)); + *data_length = sizeof(mbedtls_test_driver_ecdsa_key); + return PSA_SUCCESS; + + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + /* This is the AES slot. Verify the key's attributes before + * returning the key. */ + if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 128) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if ((psa_get_key_usage_flags(attributes) & + PSA_KEY_USAGE_EXPORT) == 0) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_aes_key)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_aes_key, + sizeof(mbedtls_test_driver_aes_key)); + *data_length = sizeof(mbedtls_test_driver_aes_key); + return PSA_SUCCESS; + + default: + return PSA_ERROR_DOES_NOT_EXIST; + } + } else { + /* This buffer will be used as an intermediate placeholder for + * the opaque key till we unwrap the key into key_buffer */ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t type = psa_get_key_type(attributes); + + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type) || + PSA_KEY_TYPE_IS_RSA(type) || + PSA_KEY_TYPE_IS_ECC(type)) { + status = mbedtls_test_opaque_unwrap_key(key, key_length, + data, data_size, data_length); + return status; + } + } + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length) +{ + ++mbedtls_test_driver_key_management_hooks.hits; + ++mbedtls_test_driver_key_management_hooks.hits_export_public_key; + + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } + + if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_management_hooks.forced_output_length > + data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length); + *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length; + return PSA_SUCCESS; + } + + psa_key_type_t key_type = psa_get_key_type(attributes); + + if (PSA_KEY_TYPE_IS_ECC(key_type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ecp_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#endif + } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_rsa_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#endif + } else if (PSA_KEY_TYPE_IS_DH(key_type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ffdh_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) + return mbedtls_psa_ffdh_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#endif + } + + (void) key_buffer; + (void) key_buffer_size; + (void) key_type; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_opaque_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + uint8_t *data, size_t data_size, size_t *data_length) +{ + if (key_length != sizeof(psa_drv_slot_number_t)) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_type_t key_type = psa_get_key_type(attributes); + uint8_t *key_buffer_temp; + + key_buffer_temp = mbedtls_calloc(1, key_length); + if (key_buffer_temp == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + + if (PSA_KEY_TYPE_IS_ECC(key_type)) { + status = mbedtls_test_opaque_unwrap_key(key, key_length, + key_buffer_temp, key_length, data_length); + if (status == PSA_SUCCESS) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) + status = libtestdriver1_mbedtls_psa_ecp_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer_temp, *data_length, + data, data_size, data_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + status = mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { + status = mbedtls_test_opaque_unwrap_key(key, key_length, + key_buffer_temp, key_length, data_length); + if (status == PSA_SUCCESS) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)) + status = libtestdriver1_mbedtls_psa_rsa_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer_temp, *data_length, + data, data_size, data_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + status = mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer_temp, *data_length, + data, data_size, data_length); +#else + status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + } else { + status = PSA_ERROR_NOT_SUPPORTED; + (void) key; + (void) key_type; + } + mbedtls_free(key_buffer_temp); + return status; + } + + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); + switch (slot_number) { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the public key. */ + if (psa_get_key_type(attributes) != + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 256) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != + PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_ecdsa_pubkey, + sizeof(mbedtls_test_driver_ecdsa_pubkey)); + *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey); + return PSA_SUCCESS; + + default: + return PSA_ERROR_DOES_NOT_EXIST; + } +} + +/* The opaque test driver exposes two built-in keys when builtin key support is + * compiled in. + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128 + * key which allows CTR mode. + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1 + * private key which allows ECDSA sign & verify. + * The key buffer format for these is the raw format of psa_drv_slot_number_t + * (i.e. for an actual driver this would mean 'builtin_key_size' = + * sizeof(psa_drv_slot_number_t)). + */ +psa_status_t mbedtls_test_opaque_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) +{ + switch (slot_number) { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + psa_set_key_type(attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(attributes, 128); + psa_set_key_usage_flags( + attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(attributes, PSA_ALG_CTR); + + if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + *((psa_drv_slot_number_t *) key_buffer) = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; + *key_buffer_length = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + psa_set_key_type( + attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); + psa_set_key_bits(attributes, 256); + psa_set_key_usage_flags( + attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm( + attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); + + if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + *((psa_drv_slot_number_t *) key_buffer) = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; + *key_buffer_length = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; + default: + return PSA_ERROR_DOES_NOT_EXIST; + } +} + +psa_status_t mbedtls_test_opaque_copy_key( + psa_key_attributes_t *attributes, + const uint8_t *source_key, size_t source_key_length, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) +{ + /* This is a case where the opaque test driver emulates an SE without storage. + * With that all key context is stored in the wrapped buffer. + * So no additional house keeping is necessary to reference count the + * copied keys. This could change when the opaque test driver is extended + * to support SE with storage, or to emulate an SE without storage but + * still holding some slot references */ + if (source_key_length > key_buffer_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(key_buffer, source_key, source_key_length); + *key_buffer_length = source_key_length; + (void) attributes; + return PSA_SUCCESS; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c new file mode 100644 index 0000000000..de43e49074 --- /dev/null +++ b/tests/src/drivers/test_driver_mac.c @@ -0,0 +1,422 @@ +/* + * Test driver for MAC entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_mac.h" + +#include "test/drivers/mac.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_mac.h" +#endif + +mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks = + MBEDTLS_TEST_DRIVER_MAC_INIT; + +psa_status_t mbedtls_test_transparent_mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_compute( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg, + input, input_length, + mac, mac_size, mac_length); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_compute( + attributes, key_buffer, key_buffer_size, alg, + input, input_length, + mac, mac_size, mac_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_mac_sign_setup( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_sign_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_sign_setup( + operation, attributes, key_buffer, key_buffer_size, alg); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_mac_verify_setup( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_verify_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_verify_setup( + operation, attributes, key_buffer, key_buffer_size, alg); +#else + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_mac_update( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_update( + operation, input, input_length); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_update( + operation, input, input_length); +#else + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_mac_sign_finish( + mbedtls_transparent_test_driver_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_sign_finish( + operation, mac, mac_size, mac_length); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_sign_finish( + operation, mac, mac_size, mac_length); +#else + (void) operation; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_mac_verify_finish( + mbedtls_transparent_test_driver_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_verify_finish( + operation, mac, mac_length); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_verify_finish( + operation, mac, mac_length); +#else + (void) operation; + (void) mac; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_mac_abort( + mbedtls_transparent_test_driver_mac_operation_t *operation) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + libtestdriver1_mbedtls_psa_mac_abort(operation); +#elif defined(MBEDTLS_PSA_BUILTIN_MAC) + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_psa_mac_abort(operation); +#else + (void) operation; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_compute( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_sign_setup( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_verify_setup( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) operation; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_update( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) operation; + (void) input; + (void) input_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_sign_finish( + mbedtls_opaque_test_driver_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) operation; + (void) mac; + (void) mac_size; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_verify_finish( + mbedtls_opaque_test_driver_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) operation; + (void) mac; + (void) mac_length; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +psa_status_t mbedtls_test_opaque_mac_abort( + mbedtls_opaque_test_driver_mac_operation_t *operation) +{ + mbedtls_test_driver_mac_hooks.hits++; + + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { + (void) operation; + mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; + } + + return mbedtls_test_driver_mac_hooks.driver_status; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c new file mode 100644 index 0000000000..963110109a --- /dev/null +++ b/tests/src/drivers/test_driver_pake.c @@ -0,0 +1,202 @@ +/* + * Test driver for PAKE entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_pake.h" + +#include "test/drivers/pake.h" +#include "string.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_pake.h" +#endif + +mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks = + MBEDTLS_TEST_DRIVER_PAKE_INIT; + + +psa_status_t mbedtls_test_transparent_pake_setup( + mbedtls_transparent_test_driver_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.setup++; + + if (mbedtls_test_driver_pake_hooks.forced_setup_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_setup_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_setup( + operation, (const libtestdriver1_psa_crypto_driver_pake_inputs_t *) inputs); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_setup( + operation, inputs); +#else + (void) operation; + (void) inputs; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_output( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.output++; + + if (mbedtls_test_driver_pake_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_pake_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_pake_hooks.forced_output, + mbedtls_test_driver_pake_hooks.forced_output_length); + *output_length = mbedtls_test_driver_pake_hooks.forced_output_length; + + return mbedtls_test_driver_pake_hooks.forced_status; + } + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_output( + operation, (libtestdriver1_psa_crypto_driver_pake_step_t) step, + output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_output( + operation, step, output, output_size, output_length); +#else + (void) operation; + (void) step; + (void) output; + (void) output_size; + (void) output_length; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_input( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.input++; + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_input( + operation, (libtestdriver1_psa_crypto_driver_pake_step_t) step, + input, input_length); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_input( + operation, step, input, input_length); +#else + (void) operation; + (void) step; + (void) input; + (void) input_length; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_get_implicit_key( + mbedtls_transparent_test_driver_pake_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.implicit_key++; + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_get_implicit_key( + operation, output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_get_implicit_key( + operation, output, output_size, output_length); +#else + (void) operation; + (void) output; + (void) output_size; + (void) output_length; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_abort( + mbedtls_transparent_test_driver_pake_operation_t *operation) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.abort++; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_abort( + operation); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_abort( + operation); +#else + (void) operation; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS && + mbedtls_test_driver_pake_hooks.driver_status == PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } + + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c new file mode 100644 index 0000000000..02c6298a29 --- /dev/null +++ b/tests/src/drivers/test_driver_signature.c @@ -0,0 +1,404 @@ +/* + * Test driver for signature functions. + * Currently supports signing and verifying precalculated hashes, using + * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa/crypto.h" +#include "psa_crypto_core.h" +#include "psa_crypto_ecp.h" +#include "psa_crypto_hash.h" +#include "psa_crypto_rsa.h" +#include "mbedtls/ecp.h" + +#include "test/drivers/hash.h" +#include "test/drivers/signature.h" +#include "test/drivers/hash.h" + +#include "mbedtls/ecdsa.h" + +#include "test/random.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_hash.h" +#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h" +#endif + +#include + +mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; +mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; + +psa_status_t sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) + return libtestdriver1_mbedtls_psa_rsa_sign_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); +#endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) { + if (PSA_ALG_IS_ECDSA(alg)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) + return libtestdriver1_mbedtls_psa_ecdsa_sign_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); +#endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; + } + } + + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ + if (PSA_KEY_TYPE_IS_RSA(attributes->type)) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) + return libtestdriver1_mbedtls_psa_rsa_verify_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); +#endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) { + if (PSA_ALG_IS_ECDSA(alg)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) + return libtestdriver1_mbedtls_psa_ecdsa_verify_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); +#endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; + } + } + + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + ++mbedtls_test_driver_signature_sign_hooks.hits; + + if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_sign_hooks.forced_status; + } + + if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { + if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length); + *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; + + return PSA_SUCCESS; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + status = libtestdriver1_mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); +#else + (void) input; + (void) input_length; + status = PSA_ERROR_NOT_SUPPORTED; +#endif + if (status != PSA_SUCCESS) { + return status; + } + + return sign_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); +} + +psa_status_t mbedtls_test_opaque_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) signature; + (void) signature_size; + (void) signature_length; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + ++mbedtls_test_driver_signature_verify_hooks.hits; + + if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_verify_hooks.forced_status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + status = libtestdriver1_mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); +#elif defined(MBEDTLS_PSA_BUILTIN_HASH) + status = mbedtls_psa_hash_compute( + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); +#else + (void) input; + (void) input_length; + status = PSA_ERROR_NOT_SUPPORTED; +#endif + if (status != PSA_SUCCESS) { + return status; + } + + return verify_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); +} + +psa_status_t mbedtls_test_opaque_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) signature; + (void) signature_length; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_signature_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length) +{ + ++mbedtls_test_driver_signature_sign_hooks.hits; + + if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_sign_hooks.forced_status; + } + + if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { + if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length); + *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; + return PSA_SUCCESS; + } + + return sign_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); +} + +psa_status_t mbedtls_test_opaque_signature_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; + + return PSA_ERROR_NOT_SUPPORTED; +} + +psa_status_t mbedtls_test_transparent_signature_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length) +{ + ++mbedtls_test_driver_signature_verify_hooks.hits; + + if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_verify_hooks.forced_status; + } + + return verify_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); +} + +psa_status_t mbedtls_test_opaque_signature_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c new file mode 100644 index 0000000000..c0bfde51aa --- /dev/null +++ b/tests/src/fake_external_rng_for_test.c @@ -0,0 +1,45 @@ +/** \file fake_external_rng_for_test.c + * + * \brief Helper functions to test PSA crypto functionality. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +#include +#include + +static int test_insecure_external_rng_enabled = 0; + +void mbedtls_test_enable_insecure_external_rng(void) +{ + test_insecure_external_rng_enabled = 1; +} + +void mbedtls_test_disable_insecure_external_rng(void) +{ + test_insecure_external_rng_enabled = 0; +} + +psa_status_t mbedtls_psa_external_get_random( + mbedtls_psa_external_random_context_t *context, + uint8_t *output, size_t output_size, size_t *output_length) +{ + (void) context; + + if (!test_insecure_external_rng_enabled) { + return PSA_ERROR_INSUFFICIENT_ENTROPY; + } + + /* This implementation is for test purposes only! + * Use the libc non-cryptographic random generator. */ + mbedtls_test_rnd_std_rand(NULL, output, output_size); + *output_length = output_size; + return PSA_SUCCESS; +} +#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c new file mode 100644 index 0000000000..065d17d3e0 --- /dev/null +++ b/tests/src/helpers.c @@ -0,0 +1,708 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include +#include +#include + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include +#include +#endif + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) +#include +#endif +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif + +/*----------------------------------------------------------------------------*/ +/* Static global variables */ + +#if defined(MBEDTLS_PLATFORM_C) +static mbedtls_platform_context platform_ctx; +#endif + +static mbedtls_test_info_t mbedtls_test_info; + +#ifdef MBEDTLS_THREADING_C +mbedtls_threading_mutex_t mbedtls_test_info_mutex; +#endif /* MBEDTLS_THREADING_C */ + +/*----------------------------------------------------------------------------*/ +/* Mbedtls Test Info accessors + * + * NOTE - there are two types of accessors here: public accessors and internal + * accessors. The public accessors have prototypes in helpers.h and lock + * mbedtls_test_info_mutex (if mutexes are enabled). The _internal accessors, + * which are expected to be used from this module *only*, do not lock the mutex. + * These are designed to be called from within public functions which already + * hold the mutex. The main reason for this difference is the need to set + * multiple test data values atomically (without releasing the mutex) to prevent + * race conditions. */ + +mbedtls_test_result_t mbedtls_test_get_result(void) +{ + mbedtls_test_result_t result; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + result = mbedtls_test_info.result; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return result; +} + +static void mbedtls_test_set_result_internal(mbedtls_test_result_t result, const char *test, + int line_no, const char *filename) +{ + /* Internal function only - mbedtls_test_info_mutex should be held prior + * to calling this function. */ + + mbedtls_test_info.result = result; + mbedtls_test_info.test = test; + mbedtls_test_info.line_no = line_no; + mbedtls_test_info.filename = filename; +} + +const char *mbedtls_test_get_test(void) +{ + const char *test; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + test = mbedtls_test_info.test; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return test; +} +const char *mbedtls_get_test_filename(void) +{ + const char *filename; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + /* It should be ok just to pass back the pointer here, as it is going to + * be a pointer into non changing data. */ + filename = mbedtls_test_info.filename; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return filename; +} + +int mbedtls_test_get_line_no(void) +{ + int line_no; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + line_no = mbedtls_test_info.line_no; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return line_no; +} + +void mbedtls_test_increment_step(void) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + ++mbedtls_test_info.step; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +unsigned long mbedtls_test_get_step(void) +{ + unsigned long step; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + step = mbedtls_test_info.step; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return step; +} + +static void mbedtls_test_reset_step_internal(void) +{ + /* Internal function only - mbedtls_test_info_mutex should be held prior + * to calling this function. */ + + mbedtls_test_info.step = (unsigned long) (-1); +} + +void mbedtls_test_set_step(unsigned long step) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + mbedtls_test_info.step = step; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +void mbedtls_test_get_line1(char *line) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + memcpy(line, mbedtls_test_info.line1, MBEDTLS_TEST_LINE_LENGTH); + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +static void mbedtls_test_set_line1_internal(const char *line) +{ + /* Internal function only - mbedtls_test_info_mutex should be held prior + * to calling this function. */ + + if (line == NULL) { + memset(mbedtls_test_info.line1, 0, MBEDTLS_TEST_LINE_LENGTH); + } else { + memcpy(mbedtls_test_info.line1, line, MBEDTLS_TEST_LINE_LENGTH); + } +} + +void mbedtls_test_get_line2(char *line) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + memcpy(line, mbedtls_test_info.line2, MBEDTLS_TEST_LINE_LENGTH); + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +static void mbedtls_test_set_line2_internal(const char *line) +{ + /* Internal function only - mbedtls_test_info_mutex should be held prior + * to calling this function. */ + + if (line == NULL) { + memset(mbedtls_test_info.line2, 0, MBEDTLS_TEST_LINE_LENGTH); + } else { + memcpy(mbedtls_test_info.line2, line, MBEDTLS_TEST_LINE_LENGTH); + } +} + + +#if defined(MBEDTLS_TEST_MUTEX_USAGE) +const char *mbedtls_test_get_mutex_usage_error(void) +{ + const char *usage_error; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + usage_error = mbedtls_test_info.mutex_usage_error; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return usage_error; +} + +void mbedtls_test_set_mutex_usage_error(const char *msg) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + if (mbedtls_test_info.mutex_usage_error == NULL || msg == NULL) { + mbedtls_test_info.mutex_usage_error = msg; + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} +#endif // #if defined(MBEDTLS_TEST_MUTEX_USAGE) + +#if defined(MBEDTLS_BIGNUM_C) + +unsigned mbedtls_test_get_case_uses_negative_0(void) +{ + unsigned test_case_uses_negative_0 = 0; +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + test_case_uses_negative_0 = mbedtls_test_info.case_uses_negative_0; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return test_case_uses_negative_0; +} + +static void mbedtls_test_set_case_uses_negative_0_internal(unsigned uses) +{ + /* Internal function only - mbedtls_test_info_mutex should be held prior + * to calling this function. */ + + mbedtls_test_info.case_uses_negative_0 = uses; +} + +void mbedtls_test_increment_case_uses_negative_0(void) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + ++mbedtls_test_info.case_uses_negative_0; + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +#endif /* MBEDTLS_BIGNUM_C */ + +#ifdef MBEDTLS_TEST_MUTEX_USAGE +mbedtls_threading_mutex_t *mbedtls_test_get_info_mutex(void) +{ + return &mbedtls_test_info_mutex; +} + +#endif /* MBEDTLS_TEST_MUTEX_USAGE */ + +/*----------------------------------------------------------------------------*/ +/* Helper Functions */ + +int mbedtls_test_platform_setup(void) +{ + int ret = 0; + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) \ + && !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) \ + && defined(MBEDTLS_TEST_MEMORY_CAN_POISON) + mbedtls_poison_test_hooks_setup(); +#endif + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + /* Make sure that injected entropy is present. Otherwise + * psa_crypto_init() will fail. This is not necessary for test suites + * that don't use PSA, but it's harmless (except for leaving a file + * behind). */ + ret = mbedtls_test_inject_entropy_restore(); + if (ret != 0) { + return ret; + } +#endif + +#if defined(MBEDTLS_PLATFORM_C) + ret = mbedtls_platform_setup(&platform_ctx); +#endif /* MBEDTLS_PLATFORM_C */ + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_init(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return ret; +} + +void mbedtls_test_platform_teardown(void) +{ +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) \ + && !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) \ + && defined(MBEDTLS_TEST_MEMORY_CAN_POISON) + mbedtls_poison_test_hooks_teardown(); +#endif +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_free(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + +#if defined(MBEDTLS_PLATFORM_C) + mbedtls_platform_teardown(&platform_ctx); +#endif /* MBEDTLS_PLATFORM_C */ +} + +int mbedtls_test_ascii2uc(const char c, unsigned char *uc) +{ + if ((c >= '0') && (c <= '9')) { + *uc = c - '0'; + } else if ((c >= 'a') && (c <= 'f')) { + *uc = c - 'a' + 10; + } else if ((c >= 'A') && (c <= 'F')) { + *uc = c - 'A' + 10; + } else { + return -1; + } + + return 0; +} + +static void mbedtls_test_fail_internal(const char *test, int line_no, const char *filename) +{ + /* Internal function only - mbedtls_test_info_mutex should be held prior + * to calling this function. */ + + /* Don't use accessor, we already hold mutex. */ + if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) { + /* If we have already recorded the test as having failed then don't + * overwrite any previous information about the failure. */ + mbedtls_test_set_result_internal(MBEDTLS_TEST_RESULT_FAILED, test, line_no, filename); + } +} + +void mbedtls_test_fail(const char *test, int line_no, const char *filename) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + mbedtls_test_fail_internal(test, line_no, filename); + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +void mbedtls_test_skip(const char *test, int line_no, const char *filename) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + mbedtls_test_set_result_internal(MBEDTLS_TEST_RESULT_SKIPPED, test, line_no, filename); + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +void mbedtls_test_info_reset(void) +{ +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + mbedtls_test_set_result_internal(MBEDTLS_TEST_RESULT_SUCCESS, 0, 0, 0); + mbedtls_test_reset_step_internal(); + mbedtls_test_set_line1_internal(NULL); + mbedtls_test_set_line2_internal(NULL); + +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_test_set_case_uses_negative_0_internal(0); +#endif + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ +} + +int mbedtls_test_equal(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2) +{ + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); + + if (value1 == value2) { + return 1; + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + /* Don't use accessor, as we already hold mutex. */ + if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) { + /* If we've already recorded the test as having failed then don't + * overwrite any previous information about the failure. */ + + char buf[MBEDTLS_TEST_LINE_LENGTH]; + mbedtls_test_fail_internal(test, line_no, filename); + (void) mbedtls_snprintf(buf, sizeof(buf), + "lhs = 0x%016llx = %lld", + value1, (long long) value1); + mbedtls_test_set_line1_internal(buf); + (void) mbedtls_snprintf(buf, sizeof(buf), + "rhs = 0x%016llx = %lld", + value2, (long long) value2); + mbedtls_test_set_line2_internal(buf); + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return 0; +} + +int mbedtls_test_le_u(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2) +{ + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); + + if (value1 <= value2) { + return 1; + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + /* Don't use accessor, we already hold mutex. */ + if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) { + /* If we've already recorded the test as having failed then don't + * overwrite any previous information about the failure. */ + + char buf[MBEDTLS_TEST_LINE_LENGTH]; + mbedtls_test_fail_internal(test, line_no, filename); + (void) mbedtls_snprintf(buf, sizeof(buf), + "lhs = 0x%016llx = %llu", + value1, value1); + mbedtls_test_set_line1_internal(buf); + (void) mbedtls_snprintf(buf, sizeof(buf), + "rhs = 0x%016llx = %llu", + value2, value2); + mbedtls_test_set_line2_internal(buf); + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return 0; +} + +int mbedtls_test_le_s(const char *test, int line_no, const char *filename, + long long value1, long long value2) +{ + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); + + if (value1 <= value2) { + return 1; + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_lock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + /* Don't use accessor, we already hold mutex. */ + if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) { + /* If we've already recorded the test as having failed then don't + * overwrite any previous information about the failure. */ + + char buf[MBEDTLS_TEST_LINE_LENGTH]; + mbedtls_test_fail_internal(test, line_no, filename); + (void) mbedtls_snprintf(buf, sizeof(buf), + "lhs = 0x%016llx = %lld", + (unsigned long long) value1, value1); + mbedtls_test_set_line1_internal(buf); + (void) mbedtls_snprintf(buf, sizeof(buf), + "rhs = 0x%016llx = %lld", + (unsigned long long) value2, value2); + mbedtls_test_set_line2_internal(buf); + } + +#ifdef MBEDTLS_THREADING_C + mbedtls_mutex_unlock(&mbedtls_test_info_mutex); +#endif /* MBEDTLS_THREADING_C */ + + return 0; +} + +int mbedtls_test_unhexify(unsigned char *obuf, + size_t obufmax, + const char *ibuf, + size_t *len) +{ + unsigned char uc, uc2; + + *len = strlen(ibuf); + + /* Must be even number of bytes. */ + if ((*len) & 1) { + return -1; + } + *len /= 2; + + if ((*len) > obufmax) { + return -1; + } + + while (*ibuf != 0) { + if (mbedtls_test_ascii2uc(*(ibuf++), &uc) != 0) { + return -1; + } + + if (mbedtls_test_ascii2uc(*(ibuf++), &uc2) != 0) { + return -1; + } + + *(obuf++) = (uc << 4) | uc2; + } + + return 0; +} + +void mbedtls_test_hexify(unsigned char *obuf, + const unsigned char *ibuf, + int len) +{ + unsigned char l, h; + + while (len != 0) { + h = *ibuf / 16; + l = *ibuf % 16; + + if (h < 10) { + *obuf++ = '0' + h; + } else { + *obuf++ = 'a' + h - 10; + } + + if (l < 10) { + *obuf++ = '0' + l; + } else { + *obuf++ = 'a' + l - 10; + } + + ++ibuf; + len--; + } +} + +unsigned char *mbedtls_test_zero_alloc(size_t len) +{ + void *p; + size_t actual_len = (len != 0) ? len : 1; + + p = mbedtls_calloc(1, actual_len); + TEST_HELPER_ASSERT(p != NULL); + + memset(p, 0x00, actual_len); + + return p; +} + +unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen) +{ + unsigned char *obuf; + size_t len; + + *olen = strlen(ibuf) / 2; + + if (*olen == 0) { + return mbedtls_test_zero_alloc(*olen); + } + + obuf = mbedtls_calloc(1, *olen); + TEST_HELPER_ASSERT(obuf != NULL); + TEST_HELPER_ASSERT(mbedtls_test_unhexify(obuf, *olen, ibuf, &len) == 0); + + return obuf; +} + +int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, + uint32_t a_len, uint32_t b_len) +{ + int ret = 0; + uint32_t i = 0; + + if (a_len != b_len) { + return -1; + } + + for (i = 0; i < a_len; i++) { + if (a[i] != b[i]) { + ret = -1; + break; + } + } + return ret; +} + +#if defined(MBEDTLS_TEST_HOOKS) +void mbedtls_test_err_add_check(int high, int low, + const char *file, int line) +{ + /* Error codes are always negative (a value of zero is a success) however + * their positive opposites can be easier to understand. The following + * examples given in comments have been made positive for ease of + * understanding. The structure of an error code is such: + * + * shhhhhhhhlllllll + * + * s = sign bit. + * h = high level error code (includes high level module ID (bits 12..14) + * and module-dependent error code (bits 7..11)). + * l = low level error code. + */ + if (high > -0x1000 && high != 0) { + /* high < 0001000000000000 + * No high level module ID bits are set. + */ + mbedtls_test_fail("'high' is not a high-level error code", + line, file); + } else if (high < -0x7F80) { + /* high > 0111111110000000 + * Error code is greater than the largest allowed high level module ID. + */ + mbedtls_test_fail("'high' error code is greater than 15 bits", + line, file); + } else if ((high & 0x7F) != 0) { + /* high & 0000000001111111 + * Error code contains low level error code bits. + */ + mbedtls_test_fail("'high' contains a low-level error code", + line, file); + } else if (low < -0x007F) { + /* low > 0000000001111111 + * Error code contains high or module level error code bits. + */ + mbedtls_test_fail("'low' error code is greater than 7 bits", + line, file); + } else if (low > 0) { + mbedtls_test_fail("'low' error code is greater than zero", + line, file); + } +} +#endif /* MBEDTLS_TEST_HOOKS */ diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c new file mode 100644 index 0000000000..e1ea2b5c81 --- /dev/null +++ b/tests/src/psa_crypto_helpers.c @@ -0,0 +1,207 @@ +/** \file psa_crypto_helpers.c + * + * \brief Helper functions to test PSA crypto functionality. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include +#include +#include + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + +#include + +static mbedtls_svc_key_id_t key_ids_used_in_test[9]; +static size_t num_key_ids_used; + +int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id) +{ + size_t i; + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) > + PSA_MAX_PERSISTENT_KEY_IDENTIFIER) { + /* Don't touch key id values that designate non-key files. */ + return 1; + } + for (i = 0; i < num_key_ids_used; i++) { + if (mbedtls_svc_key_id_equal(key_id, key_ids_used_in_test[i])) { + return 1; + } + } + if (num_key_ids_used == ARRAY_LENGTH(key_ids_used_in_test)) { + return 0; + } + key_ids_used_in_test[num_key_ids_used] = key_id; + ++num_key_ids_used; + return 1; +} + +void mbedtls_test_psa_purge_key_storage(void) +{ + size_t i; + for (i = 0; i < num_key_ids_used; i++) { + psa_destroy_persistent_key(key_ids_used_in_test[i]); + } + num_key_ids_used = 0; +} + +void mbedtls_test_psa_purge_key_cache(void) +{ + size_t i; + for (i = 0; i < num_key_ids_used; i++) { + psa_purge_key(key_ids_used_in_test[i]); + } +} + +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + +const char *mbedtls_test_helper_is_psa_leaking(void) +{ + mbedtls_psa_stats_t stats; + + mbedtls_psa_get_stats(&stats); + +#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) && \ + !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + /* When AES_C is not defined and PSA does not have an external RNG, + * then CTR_DRBG uses PSA to perform AES-ECB. In this scenario 1 key + * slot is used internally from PSA to hold the AES key and it should + * not be taken into account when evaluating remaining open slots. */ + if (stats.volatile_slots > 1) { + return "A volatile slot has not been closed properly."; + } +#else + if (stats.volatile_slots != 0) { + return "A volatile slot has not been closed properly."; + } +#endif + if (stats.persistent_slots != 0) { + return "A persistent slot has not been closed properly."; + } + if (stats.external_slots != 0) { + return "An external slot has not been closed properly."; + } + if (stats.half_filled_slots != 0) { + return "A half-filled slot has not been cleared properly."; + } + if (stats.locked_slots != 0) { + return "Some slots are still marked as locked."; + } + + return NULL; +} + +#if defined(RECORD_PSA_STATUS_COVERAGE_LOG) +/** Name of the file where return statuses are logged by #RECORD_STATUS. */ +#define STATUS_LOG_FILE_NAME "statuses.log" + +psa_status_t mbedtls_test_record_status(psa_status_t status, + const char *func, + const char *file, int line, + const char *expr) +{ + /* We open the log file on first use. + * We never close the log file, so the record_status feature is not + * compatible with resource leak detectors such as Asan. + */ + static FILE *log; + if (log == NULL) { + log = fopen(STATUS_LOG_FILE_NAME, "a"); + } + fprintf(log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr); + return status; +} +#endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ + +psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags) +{ + psa_key_usage_t updated_usage = usage_flags; + + if (usage_flags & PSA_KEY_USAGE_SIGN_HASH) { + updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + } + + if (usage_flags & PSA_KEY_USAGE_VERIFY_HASH) { + updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + + return updated_usage; +} + +int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename) +{ + const char *msg = mbedtls_test_helper_is_psa_leaking(); + if (msg == NULL) { + return 0; + } else { + mbedtls_test_fail(msg, line_no, filename); + return 1; + } +} + +uint64_t mbedtls_test_parse_binary_string(data_t *bin_string) +{ + uint64_t result = 0; + TEST_LE_U(bin_string->len, 8); + for (size_t i = 0; i < bin_string->len; i++) { + result = result << 8 | bin_string->x[i]; + } +exit: + return result; /* returns 0 if len > 8 */ +} + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + +#include +#include + +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len) +{ + size_t actual_len = 0; + psa_status_t status = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + 0, len, buf, &actual_len); + if (status != 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } + if (actual_len != len) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + return 0; +} + +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len) +{ + psa_status_t status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + len, buf, 0); + if (status != 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } + return 0; +} + +int mbedtls_test_inject_entropy_restore(void) +{ + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; + for (size_t i = 0; i < sizeof(buf); i++) { + buf[i] = (unsigned char) i; + } + psa_status_t status = mbedtls_psa_inject_entropy(buf, sizeof(buf)); + /* It's ok if the file was just created, or if it already exists. */ + if (status != PSA_SUCCESS && status != PSA_ERROR_NOT_PERMITTED) { + return status; + } + return PSA_SUCCESS; +} + +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/src/psa_crypto_stubs.c b/tests/src/psa_crypto_stubs.c new file mode 100644 index 0000000000..81d7f4b328 --- /dev/null +++ b/tests/src/psa_crypto_stubs.c @@ -0,0 +1,75 @@ +/** \file psa_crypto_stubs.c + * + * \brief Stub functions when MBEDTLS_PSA_CRYPTO_CLIENT is enabled but + * MBEDTLS_PSA_CRYPTO_C is disabled. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size) +{ + (void) output; + (void) output_size; + + return PSA_ERROR_COMMUNICATION_FAILURE; +} + +psa_status_t psa_export_key(mbedtls_svc_key_id_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + (void) key; + (void) data; + (void) data_size; + (void) data_length; + return PSA_ERROR_COMMUNICATION_FAILURE; +} + +psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + (void) key; + (void) data; + (void) data_size; + (void) data_length; + return PSA_ERROR_COMMUNICATION_FAILURE; +} + +psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, + psa_key_attributes_t *attributes) +{ + (void) key; + (void) attributes; + return PSA_ERROR_COMMUNICATION_FAILURE; +} + +psa_status_t psa_hash_abort(psa_hash_operation_t *operation) +{ + (void) operation; + return PSA_ERROR_COMMUNICATION_FAILURE; +} + +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + mbedtls_svc_key_id_t *key) +{ + (void) attributes; + (void) data; + (void) data_length; + (void) key; + return PSA_ERROR_COMMUNICATION_FAILURE; +} + +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c new file mode 100644 index 0000000000..b2232764a7 --- /dev/null +++ b/tests/src/psa_exercise_key.c @@ -0,0 +1,1335 @@ +/** Code to exercise a PSA key object, i.e. validate that it seems well-formed + * and can do what it is supposed to do. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include +#include + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + +#include +#include + +#include +#include +#include + +#if defined(MBEDTLS_PK_C) +#include +#endif +#if defined(MBEDTLS_ECP_C) +#include +#endif +#if defined(MBEDTLS_RSA_C) +#include +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +static int lifetime_is_dynamic_secure_element(psa_key_lifetime_t lifetime) +{ + return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) != + PSA_KEY_LOCATION_LOCAL_STORAGE; +} +#endif + +static int check_key_attributes_sanity(mbedtls_svc_key_id_t key, + int key_destroyable) +{ + int ok = 0; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_lifetime_t lifetime; + mbedtls_svc_key_id_t id; + psa_key_type_t type; + size_t bits; + psa_status_t status = psa_get_key_attributes(key, &attributes); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + psa_reset_key_attributes(&attributes); + return 1; + } + PSA_ASSERT(status); + lifetime = psa_get_key_lifetime(&attributes); + id = psa_get_key_id(&attributes); + type = psa_get_key_type(&attributes); + bits = psa_get_key_bits(&attributes); + + /* Persistence */ + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { + TEST_ASSERT( + (PSA_KEY_ID_VOLATILE_MIN <= + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) && + (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= + PSA_KEY_ID_VOLATILE_MAX)); + } else { + TEST_ASSERT( + (PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) && + (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= PSA_KEY_ID_USER_MAX)); + } +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + /* MBEDTLS_PSA_CRYPTO_SE_C does not support thread safety. */ + if (key_destroyable == 0) { + /* randomly-generated 64-bit constant, should never appear in test data */ + psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21; + status = psa_get_key_slot_number(&attributes, &slot_number); + if (lifetime_is_dynamic_secure_element(lifetime)) { + /* Mbed TLS currently always exposes the slot number to + * applications. This is not mandated by the PSA specification + * and may change in future versions. */ + TEST_EQUAL(status, 0); + TEST_ASSERT(slot_number != 0xec94d4a5058a1a21); + } else { + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); + } + } +#endif + + /* Type and size */ + TEST_ASSERT(type != 0); + TEST_ASSERT(bits != 0); + TEST_ASSERT(bits <= PSA_MAX_KEY_BITS); + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + TEST_ASSERT(bits % 8 == 0); + } + + /* MAX macros concerning specific key types */ + if (PSA_KEY_TYPE_IS_ECC(type)) { + TEST_ASSERT(bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS); + } else if (PSA_KEY_TYPE_IS_RSA(type)) { + TEST_ASSERT(bits <= PSA_VENDOR_RSA_MAX_KEY_BITS); + } + TEST_ASSERT(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE); + + ok = 1; + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + return ok; +} + +static int exercise_mac_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + const unsigned char input[] = "foo"; + unsigned char mac[PSA_MAC_MAX_SIZE] = { 0 }; + size_t mac_length = sizeof(mac); + psa_status_t status = PSA_SUCCESS; + /* Convert wildcard algorithm to exercisable algorithm */ + if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { + alg = PSA_ALG_TRUNCATED_MAC(alg, PSA_MAC_TRUNCATED_LENGTH(alg)); + } + + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + status = psa_mac_sign_setup(&operation, key, alg); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + PSA_ASSERT(psa_mac_abort(&operation)); + return 1; + } + PSA_ASSERT(status); + PSA_ASSERT(psa_mac_update(&operation, + input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + mac, sizeof(mac), + &mac_length)); + } + + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { + psa_status_t verify_status = + (usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + status = psa_mac_verify_setup(&operation, key, alg); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + PSA_ASSERT(psa_mac_abort(&operation)); + return 1; + } + PSA_ASSERT(status); + PSA_ASSERT(psa_mac_update(&operation, + input, sizeof(input))); + TEST_EQUAL(psa_mac_verify_finish(&operation, mac, mac_length), + verify_status); + } + + return 1; + +exit: + psa_mac_abort(&operation); + return 0; +} + +static int exercise_cipher_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 }; + size_t iv_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; + const unsigned char plaintext[16] = "Hello, world..."; + unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)"; + size_t ciphertext_length = sizeof(ciphertext); + unsigned char decrypted[sizeof(ciphertext)]; + size_t part_length; + psa_status_t status = PSA_SUCCESS; + + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_type = psa_get_key_type(&attributes); + iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); + + if (usage & PSA_KEY_USAGE_ENCRYPT) { + status = psa_cipher_encrypt_setup(&operation, key, alg); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + PSA_ASSERT(psa_cipher_abort(&operation)); + return 1; + } + PSA_ASSERT(status); + if (iv_length != 0) { + PSA_ASSERT(psa_cipher_generate_iv(&operation, + iv, sizeof(iv), + &iv_length)); + } + PSA_ASSERT(psa_cipher_update(&operation, + plaintext, sizeof(plaintext), + ciphertext, sizeof(ciphertext), + &ciphertext_length)); + PSA_ASSERT(psa_cipher_finish(&operation, + ciphertext + ciphertext_length, + sizeof(ciphertext) - ciphertext_length, + &part_length)); + ciphertext_length += part_length; + } + + if (usage & PSA_KEY_USAGE_DECRYPT) { + int maybe_invalid_padding = 0; + if (!(usage & PSA_KEY_USAGE_ENCRYPT)) { + maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg); + } + status = psa_cipher_decrypt_setup(&operation, key, alg); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + PSA_ASSERT(psa_cipher_abort(&operation)); + return 1; + } + PSA_ASSERT(status); + if (iv_length != 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, iv_length)); + } + PSA_ASSERT(psa_cipher_update(&operation, + ciphertext, ciphertext_length, + decrypted, sizeof(decrypted), + &part_length)); + status = psa_cipher_finish(&operation, + decrypted + part_length, + sizeof(decrypted) - part_length, + &part_length); + /* For a stream cipher, all inputs are valid. For a block cipher, + * if the input is some arbitrary data rather than an actual + ciphertext, a padding error is likely. */ + if (maybe_invalid_padding) { + TEST_ASSERT(status == PSA_SUCCESS || + status == PSA_ERROR_INVALID_PADDING); + } else { + PSA_ASSERT(status); + } + } + + return 1; + +exit: + psa_cipher_abort(&operation); + psa_reset_key_attributes(&attributes); + return 0; +} + +static int exercise_aead_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + unsigned char nonce[PSA_AEAD_NONCE_MAX_SIZE] = { 0 }; + size_t nonce_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; + unsigned char plaintext[16] = "Hello, world..."; + unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)"; + size_t ciphertext_length = sizeof(ciphertext); + size_t plaintext_length = sizeof(ciphertext); + psa_status_t status = PSA_SUCCESS; + + /* Convert wildcard algorithm to exercisable algorithm */ + if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { + alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, PSA_ALG_AEAD_GET_TAG_LENGTH(alg)); + } + + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_type = psa_get_key_type(&attributes); + nonce_length = PSA_AEAD_NONCE_LENGTH(key_type, alg); + + if (usage & PSA_KEY_USAGE_ENCRYPT) { + status = psa_aead_encrypt(key, alg, + nonce, nonce_length, + NULL, 0, + plaintext, sizeof(plaintext), + ciphertext, sizeof(ciphertext), + &ciphertext_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + } + + if (usage & PSA_KEY_USAGE_DECRYPT) { + psa_status_t verify_status = + (usage & PSA_KEY_USAGE_ENCRYPT ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + status = psa_aead_decrypt(key, alg, + nonce, nonce_length, + NULL, 0, + ciphertext, ciphertext_length, + plaintext, sizeof(plaintext), + &plaintext_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + TEST_ASSERT(status == verify_status); + } + + return 1; + +exit: + psa_reset_key_attributes(&attributes); + return 0; +} + +static int can_sign_or_verify_message(psa_key_usage_t usage, + psa_algorithm_t alg) +{ + /* Sign-the-unspecified-hash algorithms can only be used with + * {sign,verify}_hash, not with {sign,verify}_message. */ + if (alg == PSA_ALG_ECDSA_ANY || alg == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) { + return 0; + } + return usage & (PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE); +} + +static int exercise_signature_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + /* If the policy allows signing with any hash, just pick one. */ + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); + if (PSA_ALG_IS_SIGN_HASH(alg) && hash_alg == PSA_ALG_ANY_HASH && + usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE)) { +#if defined(KNOWN_SUPPORTED_HASH_ALG) + hash_alg = KNOWN_SUPPORTED_HASH_ALG; + alg ^= PSA_ALG_ANY_HASH ^ hash_alg; +#else + TEST_FAIL("No hash algorithm for hash-and-sign testing"); +#endif + } + psa_status_t status = PSA_SUCCESS; + + if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH) && + PSA_ALG_IS_SIGN_HASH(alg)) { + unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 }; + size_t payload_length = 16; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + size_t signature_length = sizeof(signature); + + /* Some algorithms require the payload to have the size of + * the hash encoded in the algorithm. Use this input size + * even for algorithms that allow other input sizes. */ + if (hash_alg != 0) { + payload_length = PSA_HASH_LENGTH(hash_alg); + } + + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + status = psa_sign_hash(key, alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + } + + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { + psa_status_t verify_status = + (usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + status = psa_verify_hash(key, alg, + payload, payload_length, + signature, signature_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + TEST_ASSERT(status == verify_status); + } + } + + if (can_sign_or_verify_message(usage, alg)) { + unsigned char message[256] = "Hello, world..."; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + size_t message_length = 16; + size_t signature_length = sizeof(signature); + + if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + status = psa_sign_message(key, alg, + message, message_length, + signature, sizeof(signature), + &signature_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + } + + if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { + psa_status_t verify_status = + (usage & PSA_KEY_USAGE_SIGN_MESSAGE ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + status = psa_verify_message(key, alg, + message, message_length, + signature, signature_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + TEST_ASSERT(status == verify_status); + } + } + + return 1; + +exit: + return 0; +} + +static int exercise_asymmetric_encryption_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + unsigned char plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = + "Hello, world..."; + unsigned char ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = + "(wabblewebblewibblewobblewubble)"; + size_t ciphertext_length = sizeof(ciphertext); + size_t plaintext_length = 16; + psa_status_t status = PSA_SUCCESS; + if (usage & PSA_KEY_USAGE_ENCRYPT) { + status = psa_asymmetric_encrypt(key, alg, + plaintext, plaintext_length, + NULL, 0, + ciphertext, sizeof(ciphertext), + &ciphertext_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + } + + if (usage & PSA_KEY_USAGE_DECRYPT) { + status = psa_asymmetric_decrypt(key, alg, + ciphertext, ciphertext_length, + NULL, 0, + plaintext, sizeof(plaintext), + &plaintext_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + TEST_ASSERT(status == PSA_SUCCESS || + ((usage & PSA_KEY_USAGE_ENCRYPT) == 0 && + (status == PSA_ERROR_INVALID_ARGUMENT || + status == PSA_ERROR_INVALID_PADDING))); + } + + return 1; + +exit: + return 0; +} + +int mbedtls_test_psa_setup_key_derivation_wrap( + psa_key_derivation_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const unsigned char *input1, size_t input1_length, + const unsigned char *input2, size_t input2_length, + size_t capacity, int key_destroyable) +{ + PSA_ASSERT(psa_key_derivation_setup(operation, alg)); + psa_status_t status = PSA_SUCCESS; + if (PSA_ALG_IS_HKDF(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length)); + status = psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length)); + } else if (PSA_ALG_IS_HKDF_EXTRACT(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length)); + status = psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + } else if (PSA_ALG_IS_HKDF_EXPAND(alg)) { + status = psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length)); + } else if (PSA_ALG_IS_TLS12_PRF(alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SEED, + input1, input1_length)); + status = psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_LABEL, + input2, input2_length)); + } else if (PSA_ALG_IS_PBKDF2(alg)) { + PSA_ASSERT(psa_key_derivation_input_integer(operation, + PSA_KEY_DERIVATION_INPUT_COST, + 1U)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input2, + input2_length)); + status = psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_PASSWORD, + key); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + return 1; + } + PSA_ASSERT(status); + } else if (alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + input1, input1_length)); + } else { + TEST_FAIL("Key derivation algorithm not supported"); + } + + if (capacity != SIZE_MAX) { + PSA_ASSERT(psa_key_derivation_set_capacity(operation, capacity)); + } + + return 1; + +exit: + return 0; +} + + +static int exercise_key_derivation_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + unsigned char input1[] = "Input 1"; + size_t input1_length = sizeof(input1); + unsigned char input2[] = "Input 2"; + size_t input2_length = sizeof(input2); + unsigned char output[1]; + size_t capacity = sizeof(output); + + if (usage & PSA_KEY_USAGE_DERIVE) { + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1, input1_length, + input2, input2_length, + capacity, key_destroyable)) { + goto exit; + } + + psa_status_t status = psa_key_derivation_output_bytes(&operation, + output, + capacity); + if (key_destroyable && status == PSA_ERROR_BAD_STATE) { + /* The key has been destroyed. */ + PSA_ASSERT(psa_key_derivation_abort(&operation)); + } else { + PSA_ASSERT(status); + PSA_ASSERT(psa_key_derivation_abort(&operation)); + } + } + + return 1; + +exit: + return 0; +} + +/* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ +psa_status_t mbedtls_test_psa_key_agreement_with_self( + psa_key_derivation_operation_t *operation, + mbedtls_svc_key_id_t key, int key_destroyable) +{ + psa_key_type_t private_key_type; + psa_key_type_t public_key_type; + size_t key_bits; + uint8_t *public_key = NULL; + size_t public_key_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + psa_status_t status = psa_get_key_attributes(key, &attributes); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + psa_reset_key_attributes(&attributes); + return PSA_SUCCESS; + } + PSA_ASSERT(status); + + private_key_type = psa_get_key_type(&attributes); + key_bits = psa_get_key_bits(&attributes); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); + public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); + TEST_CALLOC(public_key, public_key_length); + status = psa_export_public_key(key, public_key, public_key_length, + &public_key_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + status = PSA_SUCCESS; + goto exit; + } + PSA_ASSERT(status); + + status = psa_key_derivation_key_agreement( + operation, PSA_KEY_DERIVATION_INPUT_SECRET, key, + public_key, public_key_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + status = PSA_SUCCESS; + goto exit; + } +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + mbedtls_free(public_key); + return status; +} + +/* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ +psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( + psa_algorithm_t alg, + mbedtls_svc_key_id_t key, + int key_destroyable) +{ + psa_key_type_t private_key_type; + psa_key_type_t public_key_type; + size_t key_bits; + uint8_t *public_key = NULL; + size_t public_key_length; + uint8_t output[1024]; + size_t output_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + psa_status_t status = psa_get_key_attributes(key, &attributes); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + psa_reset_key_attributes(&attributes); + return PSA_SUCCESS; + } + PSA_ASSERT(status); + + private_key_type = psa_get_key_type(&attributes); + key_bits = psa_get_key_bits(&attributes); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); + public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); + TEST_CALLOC(public_key, public_key_length); + status = psa_export_public_key(key, + public_key, public_key_length, + &public_key_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + status = PSA_SUCCESS; + goto exit; + } + PSA_ASSERT(status); + + status = psa_raw_key_agreement(alg, key, + public_key, public_key_length, + output, sizeof(output), &output_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + status = PSA_SUCCESS; + goto exit; + } + if (status == PSA_SUCCESS) { + TEST_ASSERT(output_length <= + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(private_key_type, + key_bits)); + TEST_ASSERT(output_length <= + PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE); + } + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + mbedtls_free(public_key); + return status; +} + +static int exercise_raw_key_agreement_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + int ok = 0; + + if (usage & PSA_KEY_USAGE_DERIVE) { + /* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ + PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key, + key_destroyable)); + } + ok = 1; + +exit: + return ok; +} + +static int exercise_key_agreement_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + unsigned char input[1] = { 0 }; + unsigned char output[1]; + int ok = 0; + psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); + psa_status_t expected_key_agreement_status = PSA_SUCCESS; + + if (usage & PSA_KEY_USAGE_DERIVE) { + /* We need two keys to exercise key agreement. Exercise the + * private key against its own public key. */ + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SEED, + input, sizeof(input))); + } + + if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + input, sizeof(input))); + } + + /* For HKDF_EXPAND input secret may fail as secret size may not match + to expected PRK size. In practice it means that key bits must match + hash length. Otherwise test should fail with INVALID_ARGUMENT. */ + if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = psa_get_key_attributes(key, &attributes); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + ok = 1; + } + PSA_ASSERT(status); + size_t key_bits = psa_get_key_bits(&attributes); + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); + + if (PSA_BITS_TO_BYTES(key_bits) != PSA_HASH_LENGTH(hash_alg)) { + expected_key_agreement_status = PSA_ERROR_INVALID_ARGUMENT; + } + } + + TEST_EQUAL(mbedtls_test_psa_key_agreement_with_self(&operation, key, + key_destroyable), + expected_key_agreement_status); + + if (expected_key_agreement_status != PSA_SUCCESS) { + return 1; + } + + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_LABEL, + input, sizeof(input))); + } else if (PSA_ALG_IS_HKDF(kdf_alg) || PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + input, sizeof(input))); + } + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, + sizeof(output))); + PSA_ASSERT(psa_key_derivation_abort(&operation)); + } + ok = 1; + +exit: + return ok; +} + +int mbedtls_test_psa_exported_key_sanity_check( + psa_key_type_t type, size_t bits, + const uint8_t *exported, size_t exported_length) +{ + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits)); + + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); + } else + +#if defined(MBEDTLS_ASN1_PARSE_C) + if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + uint8_t *p = (uint8_t *) exported; + const uint8_t *end = exported + exported_length; + size_t len; + /* RSAPrivateKey ::= SEQUENCE { + * version INTEGER, -- must be 0 + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * } + */ + TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED), 0); + TEST_EQUAL(len, end - p); + if (!mbedtls_test_asn1_skip_integer(&p, end, 0, 0, 0)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) { + goto exit; + } + /* Require d to be at least half the size of n. */ + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits, 1)) { + goto exit; + } + /* Require p and q to be at most half the size of n, rounded up. */ + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { + goto exit; + } + TEST_EQUAL(p - end, 0); + + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else +#endif /* MBEDTLS_ASN1_PARSE_C */ + + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + /* Just the secret value */ + TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); + + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else + +#if defined(MBEDTLS_ASN1_PARSE_C) + if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) { + uint8_t *p = (uint8_t *) exported; + const uint8_t *end = exported + exported_length; + size_t len; + /* RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER } -- e + */ + TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED), + 0); + TEST_EQUAL(len, end - p); + if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) { + goto exit; + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) { + goto exit; + } + TEST_EQUAL(p - end, 0); + + + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } else +#endif /* MBEDTLS_ASN1_PARSE_C */ + + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { + + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + + if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_MONTGOMERY) { + /* The representation of an ECC Montgomery public key is + * the raw compressed point */ + TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length); + } else if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_TWISTED_EDWARDS) { + /* The representation of an ECC Edwards public key is + * the raw compressed point */ + TEST_EQUAL(PSA_BITS_TO_BYTES(bits + 1), exported_length); + } else { + /* The representation of an ECC Weierstrass public key is: + * - The byte 0x04; + * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; + * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; + * - where m is the bit size associated with the curve. + */ + TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length); + TEST_EQUAL(exported[0], 4); + } + } else + if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) || PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) { + TEST_ASSERT(exported_length == + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } else { + (void) exported; + TEST_FAIL("Sanity check not implemented for this key type"); + } + +#if defined(MBEDTLS_DES_C) + if (type == PSA_KEY_TYPE_DES) { + /* Check the parity bits. */ + unsigned i; + for (i = 0; i < bits / 8; i++) { + unsigned bit_count = 0; + unsigned m; + for (m = 1; m <= 0x100; m <<= 1) { + if (exported[i] & m) { + ++bit_count; + } + } + TEST_ASSERT(bit_count % 2 != 0); + } + } +#endif + + return 1; + +exit: + return 0; +} + +static int exercise_export_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + int key_destroyable) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t *exported = NULL; + size_t exported_size = 0; + size_t exported_length = 0; + int ok = 0; + + psa_status_t status = psa_get_key_attributes(key, &attributes); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + psa_reset_key_attributes(&attributes); + return 1; + } + PSA_ASSERT(status); + + exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( + psa_get_key_type(&attributes), + psa_get_key_bits(&attributes)); + TEST_CALLOC(exported, exported_size); + + status = psa_export_key(key, exported, exported_size, &exported_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + ok = 1; + goto exit; + } else if ((usage & PSA_KEY_USAGE_EXPORT) == 0 && + !PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(&attributes))) { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + ok = 1; + goto exit; + } + PSA_ASSERT(status); + ok = mbedtls_test_psa_exported_key_sanity_check( + psa_get_key_type(&attributes), psa_get_key_bits(&attributes), + exported, exported_length); + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + mbedtls_free(exported); + return ok; +} + +static int exercise_export_public_key(mbedtls_svc_key_id_t key, + int key_destroyable) +{ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t public_type; + uint8_t *exported = NULL; + size_t exported_size = 0; + size_t exported_length = 0; + int ok = 0; + + psa_status_t status = psa_get_key_attributes(key, &attributes); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + psa_reset_key_attributes(&attributes); + return 1; + } + PSA_ASSERT(status); + if (!PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(&attributes))) { + exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( + psa_get_key_type(&attributes), + psa_get_key_bits(&attributes)); + TEST_CALLOC(exported, exported_size); + + status = psa_export_public_key(key, exported, + exported_size, &exported_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + ok = 1; + goto exit; + } + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); + ok = 1; + goto exit; + } + + public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( + psa_get_key_type(&attributes)); + exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, + psa_get_key_bits(&attributes)); + TEST_CALLOC(exported, exported_size); + + status = psa_export_public_key(key, exported, + exported_size, &exported_length); + if (key_destroyable && status == PSA_ERROR_INVALID_HANDLE) { + /* The key has been destroyed. */ + ok = 1; + goto exit; + } + PSA_ASSERT(status); + ok = mbedtls_test_psa_exported_key_sanity_check( + public_type, psa_get_key_bits(&attributes), + exported, exported_length); + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + mbedtls_free(exported); + return ok; +} + +int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg, + int key_destroyable) +{ + int ok = 0; + + if (!check_key_attributes_sanity(key, key_destroyable)) { + return 0; + } + + if (alg == 0) { + ok = 1; /* If no algorithm, do nothing (used for raw data "keys"). */ + } else if (PSA_ALG_IS_MAC(alg)) { + ok = exercise_mac_key(key, usage, alg, key_destroyable); + } else if (PSA_ALG_IS_CIPHER(alg)) { + ok = exercise_cipher_key(key, usage, alg, key_destroyable); + } else if (PSA_ALG_IS_AEAD(alg)) { + ok = exercise_aead_key(key, usage, alg, key_destroyable); + } else if (PSA_ALG_IS_SIGN(alg)) { + ok = exercise_signature_key(key, usage, alg, key_destroyable); + } else if (PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) { + ok = exercise_asymmetric_encryption_key(key, usage, alg, + key_destroyable); + } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) { + ok = exercise_key_derivation_key(key, usage, alg, key_destroyable); + } else if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + ok = exercise_raw_key_agreement_key(key, usage, alg, key_destroyable); + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { + ok = exercise_key_agreement_key(key, usage, alg, key_destroyable); + } else { + TEST_FAIL("No code to exercise this category of algorithm"); + } + + ok = ok && exercise_export_key(key, + usage, + key_destroyable); + ok = ok && exercise_export_public_key(key, + key_destroyable); + +exit: + return ok; +} + +psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, + psa_algorithm_t alg) +{ + if (PSA_ALG_IS_MAC(alg) || PSA_ALG_IS_SIGN(alg)) { + if (PSA_ALG_IS_SIGN_HASH(alg)) { + if (PSA_ALG_SIGN_GET_HASH(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; + } + } else if (PSA_ALG_IS_SIGN_MESSAGE(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; + } + + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_HASH : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH; + } else if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg) || + PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; + } else if (PSA_ALG_IS_KEY_DERIVATION(alg) || + PSA_ALG_IS_KEY_AGREEMENT(alg)) { + return PSA_KEY_USAGE_DERIVE; + } else { + return 0; + } + +} + +int mbedtls_test_can_exercise_psa_algorithm(psa_algorithm_t alg) +{ + /* Reject algorithms that we know are not supported. Default to + * attempting exercise, so that if an algorithm is missing from this + * function, the result will be a test failure and not silently + * omitting exercise. */ +#if !defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) + if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_RSA_PSS) + if (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) + if (PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_ECDSA) + if (PSA_ALG_IS_ECDSA(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + return 0; + } +#endif +#if !defined(PSA_WANT_ALG_ECDH) + if (PSA_ALG_IS_ECDH(alg)) { + return 0; + } +#endif + (void) alg; + return 1; +} + +#if defined(MBEDTLS_PK_C) +int mbedtls_test_key_consistency_psa_pk(mbedtls_svc_key_id_t psa_key, + const mbedtls_pk_context *pk) +{ + psa_key_attributes_t psa_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_attributes_t pk_attributes = PSA_KEY_ATTRIBUTES_INIT; + int ok = 0; + + PSA_ASSERT(psa_get_key_attributes(psa_key, &psa_attributes)); + psa_key_type_t psa_type = psa_get_key_type(&psa_attributes); + mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk); + + TEST_ASSERT(PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_type) || + PSA_KEY_TYPE_IS_KEY_PAIR(psa_type)); + TEST_EQUAL(psa_get_key_bits(&psa_attributes), mbedtls_pk_get_bitlen(pk)); + + uint8_t pk_public_buffer[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; + const uint8_t *pk_public = NULL; + size_t pk_public_length = 0; + + switch (pk_type) { +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_PK_RSA: + TEST_ASSERT(PSA_KEY_TYPE_IS_RSA(psa_type)); + const mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); + uint8_t *const end = pk_public_buffer + sizeof(pk_public_buffer); + uint8_t *cursor = end; + TEST_LE_U(1, mbedtls_rsa_write_pubkey(rsa, + pk_public_buffer, &cursor)); + pk_public = cursor; + pk_public_length = end - pk_public; + break; +#endif + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + TEST_ASSERT(PSA_KEY_TYPE_IS_ECC(psa_type)); + TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(psa_type), pk->ec_family); + pk_public = pk->pub_raw; + pk_public_length = pk->pub_raw_len; + break; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA) + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + TEST_ASSERT(PSA_KEY_TYPE_IS_ECC(psa_get_key_type(&psa_attributes))); + const mbedtls_ecp_keypair *ec = mbedtls_pk_ec_ro(*pk); + TEST_EQUAL(mbedtls_ecp_write_public_key( + ec, MBEDTLS_ECP_PF_UNCOMPRESSED, &pk_public_length, + pk_public_buffer, sizeof(pk_public_buffer)), 0); + pk_public = pk_public_buffer; + break; +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_PK_USE_PSA_EC_DATA */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + case MBEDTLS_PK_OPAQUE: + PSA_ASSERT(psa_get_key_attributes(pk->priv_id, &pk_attributes)); + psa_key_type_t pk_psa_type = psa_get_key_type(&pk_attributes); + TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(psa_type), + PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(pk_psa_type)); + PSA_ASSERT(psa_export_public_key(psa_key, + pk_public_buffer, + sizeof(pk_public_buffer), + &pk_public_length)); + pk_public = pk_public_buffer; + break; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + default: + TEST_FAIL("pk type not supported"); + } + + uint8_t psa_public[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; + size_t psa_public_length = 0; + PSA_ASSERT(psa_export_public_key(psa_key, + psa_public, sizeof(psa_public), + &psa_public_length)); + TEST_MEMORY_COMPARE(pk_public, pk_public_length, + psa_public, psa_public_length); + + ok = 1; + +exit: + psa_reset_key_attributes(&psa_attributes); + psa_reset_key_attributes(&pk_attributes); + return ok; +} +#endif /* MBEDTLS_PK_C */ + +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ diff --git a/tests/src/psa_memory_poisoning_wrappers.c b/tests/src/psa_memory_poisoning_wrappers.c new file mode 100644 index 0000000000..05cba18ee7 --- /dev/null +++ b/tests/src/psa_memory_poisoning_wrappers.c @@ -0,0 +1,31 @@ +/** Helper functions for memory poisoning in tests. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#include "test/memory.h" + +#include "psa_crypto_invasive.h" + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) \ + && defined(MBEDTLS_TEST_MEMORY_CAN_POISON) + +void mbedtls_poison_test_hooks_setup(void) +{ + psa_input_pre_copy_hook = mbedtls_test_memory_unpoison; + psa_input_post_copy_hook = mbedtls_test_memory_poison; + psa_output_pre_copy_hook = mbedtls_test_memory_unpoison; + psa_output_post_copy_hook = mbedtls_test_memory_poison; +} + +void mbedtls_poison_test_hooks_teardown(void) +{ + psa_input_pre_copy_hook = NULL; + psa_input_post_copy_hook = NULL; + psa_output_pre_copy_hook = NULL; + psa_output_post_copy_hook = NULL; +} + +#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C && + MBEDTLS_TEST_MEMORY_CAN_POISON */ diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c new file mode 100644 index 0000000000..24e05c8c6a --- /dev/null +++ b/tests/src/psa_test_wrappers.c @@ -0,0 +1,1353 @@ +/* Automatically generated by generate_psa_wrappers.py, do not edit! */ + +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ + !defined(RECORD_PSA_STATUS_COVERAGE_LOG) + +#include + +#include +#include +#include + +/* Wrapper for mbedtls_psa_inject_entropy */ +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +psa_status_t mbedtls_test_wrap_mbedtls_psa_inject_entropy( + const uint8_t *arg0_seed, + size_t arg1_seed_size) +{ + psa_status_t status = (mbedtls_psa_inject_entropy)(arg0_seed, arg1_seed_size); + return status; +} +#endif /* defined(MBEDTLS_PSA_INJECT_ENTROPY) */ + +/* Wrapper for mbedtls_psa_platform_get_builtin_key */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +psa_status_t mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key( + mbedtls_svc_key_id_t arg0_key_id, + psa_key_lifetime_t *arg1_lifetime, + psa_drv_slot_number_t *arg2_slot_number) +{ + psa_status_t status = (mbedtls_psa_platform_get_builtin_key)(arg0_key_id, arg1_lifetime, arg2_slot_number); + return status; +} +#endif /* defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) */ + +/* Wrapper for mbedtls_psa_register_se_key */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +psa_status_t mbedtls_test_wrap_mbedtls_psa_register_se_key( + const psa_key_attributes_t *arg0_attributes) +{ + psa_status_t status = (mbedtls_psa_register_se_key)(arg0_attributes); + return status; +} +#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ + +/* Wrapper for psa_aead_abort */ +psa_status_t mbedtls_test_wrap_psa_aead_abort( + psa_aead_operation_t *arg0_operation) +{ + psa_status_t status = (psa_aead_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_aead_decrypt */ +psa_status_t mbedtls_test_wrap_psa_aead_decrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_nonce, + size_t arg3_nonce_length, + const uint8_t *arg4_additional_data, + size_t arg5_additional_data_length, + const uint8_t *arg6_ciphertext, + size_t arg7_ciphertext_length, + uint8_t *arg8_plaintext, + size_t arg9_plaintext_size, + size_t *arg10_plaintext_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length); + MBEDTLS_TEST_MEMORY_POISON(arg6_ciphertext, arg7_ciphertext_length); + MBEDTLS_TEST_MEMORY_POISON(arg8_plaintext, arg9_plaintext_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg6_ciphertext, arg7_ciphertext_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg8_plaintext, arg9_plaintext_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_decrypt_setup */ +psa_status_t mbedtls_test_wrap_psa_aead_decrypt_setup( + psa_aead_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg) +{ + psa_status_t status = (psa_aead_decrypt_setup)(arg0_operation, arg1_key, arg2_alg); + return status; +} + +/* Wrapper for psa_aead_encrypt */ +psa_status_t mbedtls_test_wrap_psa_aead_encrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_nonce, + size_t arg3_nonce_length, + const uint8_t *arg4_additional_data, + size_t arg5_additional_data_length, + const uint8_t *arg6_plaintext, + size_t arg7_plaintext_length, + uint8_t *arg8_ciphertext, + size_t arg9_ciphertext_size, + size_t *arg10_ciphertext_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length); + MBEDTLS_TEST_MEMORY_POISON(arg6_plaintext, arg7_plaintext_length); + MBEDTLS_TEST_MEMORY_POISON(arg8_ciphertext, arg9_ciphertext_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg6_plaintext, arg7_plaintext_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg8_ciphertext, arg9_ciphertext_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_encrypt_setup */ +psa_status_t mbedtls_test_wrap_psa_aead_encrypt_setup( + psa_aead_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg) +{ + psa_status_t status = (psa_aead_encrypt_setup)(arg0_operation, arg1_key, arg2_alg); + return status; +} + +/* Wrapper for psa_aead_finish */ +psa_status_t mbedtls_test_wrap_psa_aead_finish( + psa_aead_operation_t *arg0_operation, + uint8_t *arg1_ciphertext, + size_t arg2_ciphertext_size, + size_t *arg3_ciphertext_length, + uint8_t *arg4_tag, + size_t arg5_tag_size, + size_t *arg6_tag_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_ciphertext, arg2_ciphertext_size); + MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_finish)(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_ciphertext, arg2_ciphertext_size); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_generate_nonce */ +psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce( + psa_aead_operation_t *arg0_operation, + uint8_t *arg1_nonce, + size_t arg2_nonce_size, + size_t *arg3_nonce_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_generate_nonce)(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_set_lengths */ +psa_status_t mbedtls_test_wrap_psa_aead_set_lengths( + psa_aead_operation_t *arg0_operation, + size_t arg1_ad_length, + size_t arg2_plaintext_length) +{ + psa_status_t status = (psa_aead_set_lengths)(arg0_operation, arg1_ad_length, arg2_plaintext_length); + return status; +} + +/* Wrapper for psa_aead_set_nonce */ +psa_status_t mbedtls_test_wrap_psa_aead_set_nonce( + psa_aead_operation_t *arg0_operation, + const uint8_t *arg1_nonce, + size_t arg2_nonce_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_set_nonce)(arg0_operation, arg1_nonce, arg2_nonce_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_update */ +psa_status_t mbedtls_test_wrap_psa_aead_update( + psa_aead_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length, + uint8_t *arg3_output, + size_t arg4_output_size, + size_t *arg5_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_update_ad */ +psa_status_t mbedtls_test_wrap_psa_aead_update_ad( + psa_aead_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_update_ad)(arg0_operation, arg1_input, arg2_input_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_aead_verify */ +psa_status_t mbedtls_test_wrap_psa_aead_verify( + psa_aead_operation_t *arg0_operation, + uint8_t *arg1_plaintext, + size_t arg2_plaintext_size, + size_t *arg3_plaintext_length, + const uint8_t *arg4_tag, + size_t arg5_tag_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_plaintext, arg2_plaintext_size); + MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_aead_verify)(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_plaintext, arg2_plaintext_size); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_asymmetric_decrypt */ +psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_salt, + size_t arg5_salt_length, + uint8_t *arg6_output, + size_t arg7_output_size, + size_t *arg8_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length); + MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_asymmetric_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_asymmetric_encrypt */ +psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_salt, + size_t arg5_salt_length, + uint8_t *arg6_output, + size_t arg7_output_size, + size_t *arg8_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length); + MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_asymmetric_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_cipher_abort */ +psa_status_t mbedtls_test_wrap_psa_cipher_abort( + psa_cipher_operation_t *arg0_operation) +{ + psa_status_t status = (psa_cipher_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_cipher_decrypt */ +psa_status_t mbedtls_test_wrap_psa_cipher_decrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_output, + size_t arg5_output_size, + size_t *arg6_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_cipher_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_cipher_decrypt_setup */ +psa_status_t mbedtls_test_wrap_psa_cipher_decrypt_setup( + psa_cipher_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg) +{ + psa_status_t status = (psa_cipher_decrypt_setup)(arg0_operation, arg1_key, arg2_alg); + return status; +} + +/* Wrapper for psa_cipher_encrypt */ +psa_status_t mbedtls_test_wrap_psa_cipher_encrypt( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_output, + size_t arg5_output_size, + size_t *arg6_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_cipher_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_cipher_encrypt_setup */ +psa_status_t mbedtls_test_wrap_psa_cipher_encrypt_setup( + psa_cipher_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg) +{ + psa_status_t status = (psa_cipher_encrypt_setup)(arg0_operation, arg1_key, arg2_alg); + return status; +} + +/* Wrapper for psa_cipher_finish */ +psa_status_t mbedtls_test_wrap_psa_cipher_finish( + psa_cipher_operation_t *arg0_operation, + uint8_t *arg1_output, + size_t arg2_output_size, + size_t *arg3_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_cipher_finish)(arg0_operation, arg1_output, arg2_output_size, arg3_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_cipher_generate_iv */ +psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv( + psa_cipher_operation_t *arg0_operation, + uint8_t *arg1_iv, + size_t arg2_iv_size, + size_t *arg3_iv_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_cipher_generate_iv)(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_cipher_set_iv */ +psa_status_t mbedtls_test_wrap_psa_cipher_set_iv( + psa_cipher_operation_t *arg0_operation, + const uint8_t *arg1_iv, + size_t arg2_iv_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_cipher_set_iv)(arg0_operation, arg1_iv, arg2_iv_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_cipher_update */ +psa_status_t mbedtls_test_wrap_psa_cipher_update( + psa_cipher_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length, + uint8_t *arg3_output, + size_t arg4_output_size, + size_t *arg5_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_cipher_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_copy_key */ +psa_status_t mbedtls_test_wrap_psa_copy_key( + mbedtls_svc_key_id_t arg0_source_key, + const psa_key_attributes_t *arg1_attributes, + mbedtls_svc_key_id_t *arg2_target_key) +{ + psa_status_t status = (psa_copy_key)(arg0_source_key, arg1_attributes, arg2_target_key); + return status; +} + +/* Wrapper for psa_crypto_driver_pake_get_cipher_suite */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + psa_pake_cipher_suite_t *arg1_cipher_suite) +{ + psa_status_t status = (psa_crypto_driver_pake_get_cipher_suite)(arg0_inputs, arg1_cipher_suite); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_driver_pake_get_password */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + uint8_t *arg1_buffer, + size_t arg2_buffer_size, + size_t *arg3_buffer_length) +{ + psa_status_t status = (psa_crypto_driver_pake_get_password)(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_driver_pake_get_password_len */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + size_t *arg1_password_len) +{ + psa_status_t status = (psa_crypto_driver_pake_get_password_len)(arg0_inputs, arg1_password_len); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_driver_pake_get_peer */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + uint8_t *arg1_peer_id, + size_t arg2_peer_id_size, + size_t *arg3_peer_id_length) +{ + psa_status_t status = (psa_crypto_driver_pake_get_peer)(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_driver_pake_get_peer_len */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + size_t *arg1_peer_len) +{ + psa_status_t status = (psa_crypto_driver_pake_get_peer_len)(arg0_inputs, arg1_peer_len); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_driver_pake_get_user */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + uint8_t *arg1_user_id, + size_t arg2_user_id_size, + size_t *arg3_user_id_len) +{ + psa_status_t status = (psa_crypto_driver_pake_get_user)(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_driver_pake_get_user_len */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len( + const psa_crypto_driver_pake_inputs_t *arg0_inputs, + size_t *arg1_user_len) +{ + psa_status_t status = (psa_crypto_driver_pake_get_user_len)(arg0_inputs, arg1_user_len); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_crypto_init */ +psa_status_t mbedtls_test_wrap_psa_crypto_init(void) +{ + psa_status_t status = (psa_crypto_init)(); + return status; +} + +/* Wrapper for psa_destroy_key */ +psa_status_t mbedtls_test_wrap_psa_destroy_key( + mbedtls_svc_key_id_t arg0_key) +{ + psa_status_t status = (psa_destroy_key)(arg0_key); + return status; +} + +/* Wrapper for psa_export_key */ +psa_status_t mbedtls_test_wrap_psa_export_key( + mbedtls_svc_key_id_t arg0_key, + uint8_t *arg1_data, + size_t arg2_data_size, + size_t *arg3_data_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_export_key)(arg0_key, arg1_data, arg2_data_size, arg3_data_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_export_public_key */ +psa_status_t mbedtls_test_wrap_psa_export_public_key( + mbedtls_svc_key_id_t arg0_key, + uint8_t *arg1_data, + size_t arg2_data_size, + size_t *arg3_data_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_export_public_key)(arg0_key, arg1_data, arg2_data_size, arg3_data_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_generate_key */ +psa_status_t mbedtls_test_wrap_psa_generate_key( + const psa_key_attributes_t *arg0_attributes, + mbedtls_svc_key_id_t *arg1_key) +{ + psa_status_t status = (psa_generate_key)(arg0_attributes, arg1_key); + return status; +} + +/* Wrapper for psa_generate_key_ext */ +psa_status_t mbedtls_test_wrap_psa_generate_key_ext( + const psa_key_attributes_t *arg0_attributes, + const psa_key_production_parameters_t *arg1_params, + size_t arg2_params_data_length, + mbedtls_svc_key_id_t *arg3_key) +{ + psa_status_t status = (psa_generate_key_ext)(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key); + return status; +} + +/* Wrapper for psa_generate_random */ +psa_status_t mbedtls_test_wrap_psa_generate_random( + uint8_t *arg0_output, + size_t arg1_output_size) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg0_output, arg1_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_generate_random)(arg0_output, arg1_output_size); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg0_output, arg1_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_get_key_attributes */ +psa_status_t mbedtls_test_wrap_psa_get_key_attributes( + mbedtls_svc_key_id_t arg0_key, + psa_key_attributes_t *arg1_attributes) +{ + psa_status_t status = (psa_get_key_attributes)(arg0_key, arg1_attributes); + return status; +} + +/* Wrapper for psa_hash_abort */ +psa_status_t mbedtls_test_wrap_psa_hash_abort( + psa_hash_operation_t *arg0_operation) +{ + psa_status_t status = (psa_hash_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_hash_clone */ +psa_status_t mbedtls_test_wrap_psa_hash_clone( + const psa_hash_operation_t *arg0_source_operation, + psa_hash_operation_t *arg1_target_operation) +{ + psa_status_t status = (psa_hash_clone)(arg0_source_operation, arg1_target_operation); + return status; +} + +/* Wrapper for psa_hash_compare */ +psa_status_t mbedtls_test_wrap_psa_hash_compare( + psa_algorithm_t arg0_alg, + const uint8_t *arg1_input, + size_t arg2_input_length, + const uint8_t *arg3_hash, + size_t arg4_hash_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_hash_compare)(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_hash_compute */ +psa_status_t mbedtls_test_wrap_psa_hash_compute( + psa_algorithm_t arg0_alg, + const uint8_t *arg1_input, + size_t arg2_input_length, + uint8_t *arg3_hash, + size_t arg4_hash_size, + size_t *arg5_hash_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_hash_compute)(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_hash_finish */ +psa_status_t mbedtls_test_wrap_psa_hash_finish( + psa_hash_operation_t *arg0_operation, + uint8_t *arg1_hash, + size_t arg2_hash_size, + size_t *arg3_hash_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_hash, arg2_hash_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_hash_finish)(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_hash, arg2_hash_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_hash_setup */ +psa_status_t mbedtls_test_wrap_psa_hash_setup( + psa_hash_operation_t *arg0_operation, + psa_algorithm_t arg1_alg) +{ + psa_status_t status = (psa_hash_setup)(arg0_operation, arg1_alg); + return status; +} + +/* Wrapper for psa_hash_update */ +psa_status_t mbedtls_test_wrap_psa_hash_update( + psa_hash_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_hash_update)(arg0_operation, arg1_input, arg2_input_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_hash_verify */ +psa_status_t mbedtls_test_wrap_psa_hash_verify( + psa_hash_operation_t *arg0_operation, + const uint8_t *arg1_hash, + size_t arg2_hash_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_hash, arg2_hash_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_hash_verify)(arg0_operation, arg1_hash, arg2_hash_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_hash, arg2_hash_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_import_key */ +psa_status_t mbedtls_test_wrap_psa_import_key( + const psa_key_attributes_t *arg0_attributes, + const uint8_t *arg1_data, + size_t arg2_data_length, + mbedtls_svc_key_id_t *arg3_key) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_import_key)(arg0_attributes, arg1_data, arg2_data_length, arg3_key); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_key_derivation_abort */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_abort( + psa_key_derivation_operation_t *arg0_operation) +{ + psa_status_t status = (psa_key_derivation_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_key_derivation_get_capacity */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_get_capacity( + const psa_key_derivation_operation_t *arg0_operation, + size_t *arg1_capacity) +{ + psa_status_t status = (psa_key_derivation_get_capacity)(arg0_operation, arg1_capacity); + return status; +} + +/* Wrapper for psa_key_derivation_input_bytes */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_input_bytes( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + const uint8_t *arg2_data, + size_t arg3_data_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_data, arg3_data_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_key_derivation_input_bytes)(arg0_operation, arg1_step, arg2_data, arg3_data_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_data, arg3_data_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_key_derivation_input_integer */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_input_integer( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + uint64_t arg2_value) +{ + psa_status_t status = (psa_key_derivation_input_integer)(arg0_operation, arg1_step, arg2_value); + return status; +} + +/* Wrapper for psa_key_derivation_input_key */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_input_key( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + mbedtls_svc_key_id_t arg2_key) +{ + psa_status_t status = (psa_key_derivation_input_key)(arg0_operation, arg1_step, arg2_key); + return status; +} + +/* Wrapper for psa_key_derivation_key_agreement */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_key_agreement( + psa_key_derivation_operation_t *arg0_operation, + psa_key_derivation_step_t arg1_step, + mbedtls_svc_key_id_t arg2_private_key, + const uint8_t *arg3_peer_key, + size_t arg4_peer_key_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg3_peer_key, arg4_peer_key_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_key_derivation_key_agreement)(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_peer_key, arg4_peer_key_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_key_derivation_output_bytes */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_output_bytes( + psa_key_derivation_operation_t *arg0_operation, + uint8_t *arg1_output, + size_t arg2_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_key_derivation_output_bytes)(arg0_operation, arg1_output, arg2_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_key_derivation_output_key */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key( + const psa_key_attributes_t *arg0_attributes, + psa_key_derivation_operation_t *arg1_operation, + mbedtls_svc_key_id_t *arg2_key) +{ + psa_status_t status = (psa_key_derivation_output_key)(arg0_attributes, arg1_operation, arg2_key); + return status; +} + +/* Wrapper for psa_key_derivation_output_key_ext */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext( + const psa_key_attributes_t *arg0_attributes, + psa_key_derivation_operation_t *arg1_operation, + const psa_key_production_parameters_t *arg2_params, + size_t arg3_params_data_length, + mbedtls_svc_key_id_t *arg4_key) +{ + psa_status_t status = (psa_key_derivation_output_key_ext)(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key); + return status; +} + +/* Wrapper for psa_key_derivation_set_capacity */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity( + psa_key_derivation_operation_t *arg0_operation, + size_t arg1_capacity) +{ + psa_status_t status = (psa_key_derivation_set_capacity)(arg0_operation, arg1_capacity); + return status; +} + +/* Wrapper for psa_key_derivation_setup */ +psa_status_t mbedtls_test_wrap_psa_key_derivation_setup( + psa_key_derivation_operation_t *arg0_operation, + psa_algorithm_t arg1_alg) +{ + psa_status_t status = (psa_key_derivation_setup)(arg0_operation, arg1_alg); + return status; +} + +/* Wrapper for psa_mac_abort */ +psa_status_t mbedtls_test_wrap_psa_mac_abort( + psa_mac_operation_t *arg0_operation) +{ + psa_status_t status = (psa_mac_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_mac_compute */ +psa_status_t mbedtls_test_wrap_psa_mac_compute( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_mac, + size_t arg5_mac_size, + size_t *arg6_mac_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_mac_compute)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_mac_sign_finish */ +psa_status_t mbedtls_test_wrap_psa_mac_sign_finish( + psa_mac_operation_t *arg0_operation, + uint8_t *arg1_mac, + size_t arg2_mac_size, + size_t *arg3_mac_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_mac_sign_finish)(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_mac_sign_setup */ +psa_status_t mbedtls_test_wrap_psa_mac_sign_setup( + psa_mac_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg) +{ + psa_status_t status = (psa_mac_sign_setup)(arg0_operation, arg1_key, arg2_alg); + return status; +} + +/* Wrapper for psa_mac_update */ +psa_status_t mbedtls_test_wrap_psa_mac_update( + psa_mac_operation_t *arg0_operation, + const uint8_t *arg1_input, + size_t arg2_input_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_mac_update)(arg0_operation, arg1_input, arg2_input_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_mac_verify */ +psa_status_t mbedtls_test_wrap_psa_mac_verify( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_mac, + size_t arg5_mac_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_mac_verify)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_mac_verify_finish */ +psa_status_t mbedtls_test_wrap_psa_mac_verify_finish( + psa_mac_operation_t *arg0_operation, + const uint8_t *arg1_mac, + size_t arg2_mac_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_mac_verify_finish)(arg0_operation, arg1_mac, arg2_mac_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_mac_verify_setup */ +psa_status_t mbedtls_test_wrap_psa_mac_verify_setup( + psa_mac_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg) +{ + psa_status_t status = (psa_mac_verify_setup)(arg0_operation, arg1_key, arg2_alg); + return status; +} + +/* Wrapper for psa_pake_abort */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_abort( + psa_pake_operation_t *arg0_operation) +{ + psa_status_t status = (psa_pake_abort)(arg0_operation); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_get_implicit_key */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_get_implicit_key( + psa_pake_operation_t *arg0_operation, + psa_key_derivation_operation_t *arg1_output) +{ + psa_status_t status = (psa_pake_get_implicit_key)(arg0_operation, arg1_output); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_input */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_input( + psa_pake_operation_t *arg0_operation, + psa_pake_step_t arg1_step, + const uint8_t *arg2_input, + size_t arg3_input_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_pake_input)(arg0_operation, arg1_step, arg2_input, arg3_input_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_output */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_output( + psa_pake_operation_t *arg0_operation, + psa_pake_step_t arg1_step, + uint8_t *arg2_output, + size_t arg3_output_size, + size_t *arg4_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_output, arg3_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_pake_output)(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_output, arg3_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_set_password_key */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_password_key( + psa_pake_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_password) +{ + psa_status_t status = (psa_pake_set_password_key)(arg0_operation, arg1_password); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_set_peer */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_peer( + psa_pake_operation_t *arg0_operation, + const uint8_t *arg1_peer_id, + size_t arg2_peer_id_len) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_peer_id, arg2_peer_id_len); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_pake_set_peer)(arg0_operation, arg1_peer_id, arg2_peer_id_len); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_peer_id, arg2_peer_id_len); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_set_role */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_role( + psa_pake_operation_t *arg0_operation, + psa_pake_role_t arg1_role) +{ + psa_status_t status = (psa_pake_set_role)(arg0_operation, arg1_role); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_set_user */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_set_user( + psa_pake_operation_t *arg0_operation, + const uint8_t *arg1_user_id, + size_t arg2_user_id_len) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_user_id, arg2_user_id_len); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_pake_set_user)(arg0_operation, arg1_user_id, arg2_user_id_len); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_user_id, arg2_user_id_len); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_pake_setup */ +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t mbedtls_test_wrap_psa_pake_setup( + psa_pake_operation_t *arg0_operation, + const psa_pake_cipher_suite_t *arg1_cipher_suite) +{ + psa_status_t status = (psa_pake_setup)(arg0_operation, arg1_cipher_suite); + return status; +} +#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ + +/* Wrapper for psa_purge_key */ +psa_status_t mbedtls_test_wrap_psa_purge_key( + mbedtls_svc_key_id_t arg0_key) +{ + psa_status_t status = (psa_purge_key)(arg0_key); + return status; +} + +/* Wrapper for psa_raw_key_agreement */ +psa_status_t mbedtls_test_wrap_psa_raw_key_agreement( + psa_algorithm_t arg0_alg, + mbedtls_svc_key_id_t arg1_private_key, + const uint8_t *arg2_peer_key, + size_t arg3_peer_key_length, + uint8_t *arg4_output, + size_t arg5_output_size, + size_t *arg6_output_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_peer_key, arg3_peer_key_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_raw_key_agreement)(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_peer_key, arg3_peer_key_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_sign_hash */ +psa_status_t mbedtls_test_wrap_psa_sign_hash( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_hash, + size_t arg3_hash_length, + uint8_t *arg4_signature, + size_t arg5_signature_size, + size_t *arg6_signature_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_hash, arg3_hash_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_sign_hash)(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_hash, arg3_hash_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_sign_hash_abort */ +psa_status_t mbedtls_test_wrap_psa_sign_hash_abort( + psa_sign_hash_interruptible_operation_t *arg0_operation) +{ + psa_status_t status = (psa_sign_hash_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_sign_hash_complete */ +psa_status_t mbedtls_test_wrap_psa_sign_hash_complete( + psa_sign_hash_interruptible_operation_t *arg0_operation, + uint8_t *arg1_signature, + size_t arg2_signature_size, + size_t *arg3_signature_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg1_signature, arg2_signature_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_sign_hash_complete)(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg1_signature, arg2_signature_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_sign_hash_start */ +psa_status_t mbedtls_test_wrap_psa_sign_hash_start( + psa_sign_hash_interruptible_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg, + const uint8_t *arg3_hash, + size_t arg4_hash_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_sign_hash_start)(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_sign_message */ +psa_status_t mbedtls_test_wrap_psa_sign_message( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + uint8_t *arg4_signature, + size_t arg5_signature_size, + size_t *arg6_signature_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_sign_message)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_size); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_verify_hash */ +psa_status_t mbedtls_test_wrap_psa_verify_hash( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_hash, + size_t arg3_hash_length, + const uint8_t *arg4_signature, + size_t arg5_signature_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_hash, arg3_hash_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_verify_hash)(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_hash, arg3_hash_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_verify_hash_abort */ +psa_status_t mbedtls_test_wrap_psa_verify_hash_abort( + psa_verify_hash_interruptible_operation_t *arg0_operation) +{ + psa_status_t status = (psa_verify_hash_abort)(arg0_operation); + return status; +} + +/* Wrapper for psa_verify_hash_complete */ +psa_status_t mbedtls_test_wrap_psa_verify_hash_complete( + psa_verify_hash_interruptible_operation_t *arg0_operation) +{ + psa_status_t status = (psa_verify_hash_complete)(arg0_operation); + return status; +} + +/* Wrapper for psa_verify_hash_start */ +psa_status_t mbedtls_test_wrap_psa_verify_hash_start( + psa_verify_hash_interruptible_operation_t *arg0_operation, + mbedtls_svc_key_id_t arg1_key, + psa_algorithm_t arg2_alg, + const uint8_t *arg3_hash, + size_t arg4_hash_length, + const uint8_t *arg5_signature, + size_t arg6_signature_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length); + MBEDTLS_TEST_MEMORY_POISON(arg5_signature, arg6_signature_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_verify_hash_start)(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg5_signature, arg6_signature_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +/* Wrapper for psa_verify_message */ +psa_status_t mbedtls_test_wrap_psa_verify_message( + mbedtls_svc_key_id_t arg0_key, + psa_algorithm_t arg1_alg, + const uint8_t *arg2_input, + size_t arg3_input_length, + const uint8_t *arg4_signature, + size_t arg5_signature_length) +{ +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + psa_status_t status = (psa_verify_message)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length); +#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) + MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); + MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_length); +#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ + return status; +} + +#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ + !defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ + +/* End of automatically generated file. */ diff --git a/tests/src/random.c b/tests/src/random.c new file mode 100644 index 0000000000..d041f36a1f --- /dev/null +++ b/tests/src/random.c @@ -0,0 +1,136 @@ +/** + * \file random.c + * + * \brief This file contains the helper functions to generate random numbers + * for the purpose of testing. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +/* + * for arc4random_buf() from + */ +#if defined(__NetBSD__) +#define _NETBSD_SOURCE 1 +#elif defined(__OpenBSD__) +#define _BSD_SOURCE 1 +#endif + +#include +#include +#include + +#include +#include + +int mbedtls_test_rnd_std_rand(void *rng_state, + unsigned char *output, + size_t len) +{ +#if !defined(__OpenBSD__) && !defined(__NetBSD__) + size_t i; + + if (rng_state != NULL) { + rng_state = NULL; + } + + for (i = 0; i < len; ++i) { + output[i] = rand(); + } +#else + if (rng_state != NULL) { + rng_state = NULL; + } + + arc4random_buf(output, len); +#endif /* !OpenBSD && !NetBSD */ + + return 0; +} + +int mbedtls_test_rnd_zero_rand(void *rng_state, + unsigned char *output, + size_t len) +{ + if (rng_state != NULL) { + rng_state = NULL; + } + + memset(output, 0, len); + + return 0; +} + +int mbedtls_test_rnd_buffer_rand(void *rng_state, + unsigned char *output, + size_t len) +{ + mbedtls_test_rnd_buf_info *info = (mbedtls_test_rnd_buf_info *) rng_state; + size_t use_len; + + if (rng_state == NULL) { + return mbedtls_test_rnd_std_rand(NULL, output, len); + } + + use_len = len; + if (len > info->length) { + use_len = info->length; + } + + if (use_len) { + memcpy(output, info->buf, use_len); + info->buf += use_len; + info->length -= use_len; + } + + if (len - use_len > 0) { + if (info->fallback_f_rng != NULL) { + return info->fallback_f_rng(info->fallback_p_rng, + output + use_len, + len - use_len); + } else { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + } + + return 0; +} + +int mbedtls_test_rnd_pseudo_rand(void *rng_state, + unsigned char *output, + size_t len) +{ + mbedtls_test_rnd_pseudo_info *info = + (mbedtls_test_rnd_pseudo_info *) rng_state; + uint32_t i, *k, sum, delta = 0x9E3779B9; + unsigned char result[4], *out = output; + + if (rng_state == NULL) { + return mbedtls_test_rnd_std_rand(NULL, output, len); + } + + k = info->key; + + while (len > 0) { + size_t use_len = (len > 4) ? 4 : len; + sum = 0; + + for (i = 0; i < 32; i++) { + info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + + info->v1) ^ (sum + k[sum & 3]); + sum += delta; + info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + + info->v0) ^ (sum + k[(sum>>11) & 3]); + } + + MBEDTLS_PUT_UINT32_BE(info->v0, result, 0); + memcpy(out, result, use_len); + len -= use_len; + out += 4; + } + + return 0; +} diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c new file mode 100644 index 0000000000..255849fdc2 --- /dev/null +++ b/tests/src/test_helpers/ssl_helpers.c @@ -0,0 +1,2575 @@ +/** \file ssl_helpers.c + * + * \brief Helper functions to set up a TLS connection. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include "mbedtls/psa_util.h" + +#if defined(MBEDTLS_SSL_TLS_C) +int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len) +{ + (void) p_rng; + for (size_t i = 0; i < output_len; i++) { + output[i] = rand(); + } + + return 0; +} + +void mbedtls_test_ssl_log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str) +{ + mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx; + + (void) level; + (void) line; + (void) file; + + if (NULL != p && + NULL != p->pattern && + NULL != strstr(str, p->pattern)) { + p->counter++; + } +} + +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts) +{ +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + static int rng_seed = 0xBEEF; + + srand(rng_seed); + rng_seed += 0xD0; +#endif + + memset(opts, 0, sizeof(*opts)); + + opts->cipher = ""; + opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3; + opts->pk_alg = MBEDTLS_PK_RSA; + opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; + opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; + opts->cli_msg_len = 100; + opts->srv_msg_len = 100; + opts->expected_cli_fragments = 1; + opts->expected_srv_fragments = 1; + opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; + opts->resize_buffers = 1; + opts->early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; + opts->max_early_data_size = -1; +#if defined(MBEDTLS_SSL_CACHE_C) + TEST_CALLOC(opts->cache, 1); + mbedtls_ssl_cache_init(opts->cache); +#if defined(MBEDTLS_HAVE_TIME) + TEST_EQUAL(mbedtls_ssl_cache_get_timeout(opts->cache), + MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT); +#endif +exit: + return; +#endif +} + +void mbedtls_test_free_handshake_options( + mbedtls_test_handshake_test_options *opts) +{ +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free(opts->cache); + mbedtls_free(opts->cache); +#else + (void) opts; +#endif +} + +#if defined(MBEDTLS_TEST_HOOKS) +static void set_chk_buf_ptr_args( + mbedtls_ssl_chk_buf_ptr_args *args, + unsigned char *cur, unsigned char *end, size_t need) +{ + args->cur = cur; + args->end = end; + args->need = need; +} + +static void reset_chk_buf_ptr_args(mbedtls_ssl_chk_buf_ptr_args *args) +{ + memset(args, 0, sizeof(*args)); +} +#endif /* MBEDTLS_TEST_HOOKS */ + +void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf) +{ + memset(buf, 0, sizeof(*buf)); +} + +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity) +{ + buf->buffer = (unsigned char *) mbedtls_calloc(capacity, + sizeof(unsigned char)); + if (NULL == buf->buffer) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + buf->capacity = capacity; + + return 0; +} + +void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf) +{ + if (buf->buffer != NULL) { + mbedtls_free(buf->buffer); + } + + memset(buf, 0, sizeof(*buf)); +} + +int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, + const unsigned char *input, size_t input_len) +{ + size_t overflow = 0; + + if ((buf == NULL) || (buf->buffer == NULL)) { + return -1; + } + + /* Reduce input_len to a number that fits in the buffer. */ + if ((buf->content_length + input_len) > buf->capacity) { + input_len = buf->capacity - buf->content_length; + } + + if (input == NULL) { + return (input_len == 0) ? 0 : -1; + } + + /* Check if the buffer has not come full circle and free space is not in + * the middle */ + if (buf->start + buf->content_length < buf->capacity) { + + /* Calculate the number of bytes that need to be placed at lower memory + * address */ + if (buf->start + buf->content_length + input_len + > buf->capacity) { + overflow = (buf->start + buf->content_length + input_len) + % buf->capacity; + } + + memcpy(buf->buffer + buf->start + buf->content_length, input, + input_len - overflow); + memcpy(buf->buffer, input + input_len - overflow, overflow); + + } else { + /* The buffer has come full circle and free space is in the middle */ + memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, + input, input_len); + } + + buf->content_length += input_len; + return (input_len > INT_MAX) ? INT_MAX : (int) input_len; +} + +int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, + unsigned char *output, size_t output_len) +{ + size_t overflow = 0; + + if ((buf == NULL) || (buf->buffer == NULL)) { + return -1; + } + + if (output == NULL && output_len == 0) { + return 0; + } + + if (buf->content_length < output_len) { + output_len = buf->content_length; + } + + /* Calculate the number of bytes that need to be drawn from lower memory + * address */ + if (buf->start + output_len > buf->capacity) { + overflow = (buf->start + output_len) % buf->capacity; + } + + if (output != NULL) { + memcpy(output, buf->buffer + buf->start, output_len - overflow); + memcpy(output + output_len - overflow, buf->buffer, overflow); + } + + buf->content_length -= output_len; + buf->start = (buf->start + output_len) % buf->capacity; + + return (output_len > INT_MAX) ? INT_MAX : (int) output_len; +} + +int mbedtls_test_ssl_message_queue_setup( + mbedtls_test_ssl_message_queue *queue, size_t capacity) +{ + queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); + if (NULL == queue->messages) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + + queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity; + queue->pos = 0; + queue->num = 0; + + return 0; +} + +void mbedtls_test_ssl_message_queue_free( + mbedtls_test_ssl_message_queue *queue) +{ + if (queue == NULL) { + return; + } + + if (queue->messages != NULL) { + mbedtls_free(queue->messages); + } + + memset(queue, 0, sizeof(*queue)); +} + +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len) +{ + int place; + if (queue == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + + if (queue->num >= queue->capacity) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + place = (queue->pos + queue->num) % queue->capacity; + queue->messages[place] = len; + queue->num++; + return (len > INT_MAX) ? INT_MAX : (int) len; +} + +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len) +{ + size_t message_length; + if (queue == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + if (queue->num == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + message_length = queue->messages[queue->pos]; + queue->messages[queue->pos] = 0; + queue->num--; + queue->pos++; + queue->pos %= queue->capacity; + if (queue->pos < 0) { + queue->pos += queue->capacity; + } + + return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX : + (message_length > buf_len) ? (int) buf_len : (int) message_length; +} + +/* + * Take a peek on the info about the next message length from the queue. + * This will be the oldest inserted message length(fifo). + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. + * \retval 0, if the peek was successful. + * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is + * too small to fit the message. In this case the \p msg_len will be + * set to the full message length so that the + * caller knows what portion of the message can be dropped. + */ +static int test_ssl_message_queue_peek_info( + mbedtls_test_ssl_message_queue *queue, + size_t buf_len, size_t *msg_len) +{ + if (queue == NULL || msg_len == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + if (queue->num == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + *msg_len = queue->messages[queue->pos]; + return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; +} + +void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket) +{ + memset(socket, 0, sizeof(*socket)); +} + +void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket) +{ + if (socket == NULL) { + return; + } + + if (socket->input != NULL) { + mbedtls_test_ssl_buffer_free(socket->input); + mbedtls_free(socket->input); + } + + if (socket->output != NULL) { + mbedtls_test_ssl_buffer_free(socket->output); + mbedtls_free(socket->output); + } + + if (socket->peer != NULL) { + memset(socket->peer, 0, sizeof(*socket->peer)); + } + + memset(socket, 0, sizeof(*socket)); +} + +int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, + mbedtls_test_mock_socket *peer2, + size_t bufsize) +{ + int ret = -1; + + peer1->output = + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); + if (peer1->output == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_test_ssl_buffer_init(peer1->output); + if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) { + goto exit; + } + + peer2->output = + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); + if (peer2->output == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_test_ssl_buffer_init(peer2->output); + if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) { + goto exit; + } + + peer1->peer = peer2; + peer2->peer = peer1; + peer1->input = peer2->output; + peer2->input = peer1->output; + + peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; + ret = 0; + +exit: + + if (ret != 0) { + mbedtls_test_mock_socket_close(peer1); + mbedtls_test_mock_socket_close(peer2); + } + + return ret; +} + +int mbedtls_test_mock_tcp_send_b(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + return mbedtls_test_ssl_buffer_put(socket->output, buf, len); +} + +int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + return mbedtls_test_ssl_buffer_get(socket->input, buf, len); +} + +int mbedtls_test_mock_tcp_send_nb(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + if (socket->output->capacity == socket->output->content_length) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + return mbedtls_test_ssl_buffer_put(socket->output, buf, len); +} + +int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + if (socket->input->content_length == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + return mbedtls_test_ssl_buffer_get(socket->input, buf, len); +} + +void mbedtls_test_message_socket_init( + mbedtls_test_message_socket_context *ctx) +{ + ctx->queue_input = NULL; + ctx->queue_output = NULL; + ctx->socket = NULL; +} + +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx) +{ + int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); + if (ret != 0) { + return ret; + } + ctx->queue_input = queue_input; + ctx->queue_output = queue_output; + ctx->socket = socket; + mbedtls_test_mock_socket_init(socket); + + return 0; +} + +void mbedtls_test_message_socket_close( + mbedtls_test_message_socket_context *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_test_ssl_message_queue_free(ctx->queue_input); + mbedtls_test_mock_socket_close(ctx->socket); + memset(ctx, 0, sizeof(*ctx)); +} + +int mbedtls_test_mock_tcp_send_msg(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_ssl_message_queue *queue; + mbedtls_test_mock_socket *socket; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; + + if (context == NULL || context->socket == NULL + || context->queue_output == NULL) { + return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; + } + + queue = context->queue_output; + socket = context->socket; + + if (queue->num >= queue->capacity) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) { + return MBEDTLS_TEST_ERROR_SEND_FAILED; + } + + return mbedtls_test_ssl_message_queue_push_info(queue, len); +} + +int mbedtls_test_mock_tcp_recv_msg(void *ctx, + unsigned char *buf, size_t buf_len) +{ + mbedtls_test_ssl_message_queue *queue; + mbedtls_test_mock_socket *socket; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; + size_t drop_len = 0; + size_t msg_len; + int ret; + + if (context == NULL || context->socket == NULL + || context->queue_input == NULL) { + return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; + } + + queue = context->queue_input; + socket = context->socket; + + /* Peek first, so that in case of a socket error the data remains in + * the queue. */ + ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len); + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { + /* Calculate how much to drop */ + drop_len = msg_len - buf_len; + + /* Set the requested message len to be buffer length */ + msg_len = buf_len; + } else if (ret != 0) { + return ret; + } + + if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { + return MBEDTLS_TEST_ERROR_RECV_FAILED; + } + + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { + /* Drop the remaining part of the message */ + if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != + (int) drop_len) { + /* Inconsistent state - part of the message was read, + * and a part couldn't. Not much we can do here, but it should not + * happen in test environment, unless forced manually. */ + } + } + mbedtls_test_ssl_message_queue_pop_info(queue, buf_len); + + return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len; +} + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + +/* + * Deinitializes certificates from endpoint represented by \p ep. + */ +static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) +{ + mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert); + if (cert != NULL) { + if (cert->ca_cert != NULL) { + mbedtls_x509_crt_free(cert->ca_cert); + mbedtls_free(cert->ca_cert); + cert->ca_cert = NULL; + } + if (cert->cert != NULL) { + mbedtls_x509_crt_free(cert->cert); + mbedtls_free(cert->cert); + cert->cert = NULL; + } + if (cert->pkey != NULL) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { + psa_destroy_key(cert->pkey->priv_id); + } +#endif + mbedtls_pk_free(cert->pkey); + mbedtls_free(cert->pkey); + cert->pkey = NULL; + } + } +} + +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg, + int opaque_alg, int opaque_alg2, + int opaque_usage) +{ + int i = 0; + int ret = -1; + mbedtls_test_ssl_endpoint_certificate *cert = NULL; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; +#endif + + if (ep == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + cert = &(ep->cert); + TEST_CALLOC(cert->ca_cert, 1); + TEST_CALLOC(cert->cert, 1); + TEST_CALLOC(cert->pkey, 1); + + mbedtls_x509_crt_init(cert->ca_cert); + mbedtls_x509_crt_init(cert->cert); + mbedtls_pk_init(cert->pkey); + + /* Load the trusted CA */ + + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der( + cert->ca_cert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + TEST_ASSERT(ret == 0); + } + + /* Load own certificate and private key */ + + if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, + mbedtls_test_srv_crt_rsa_sha256_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa_der, + mbedtls_test_srv_key_rsa_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_ec_der, + mbedtls_test_srv_crt_ec_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_ec_der, + mbedtls_test_srv_key_ec_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } + } else { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_rsa_der, + mbedtls_test_cli_crt_rsa_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_rsa_der, + mbedtls_test_cli_key_rsa_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_ec_der, + mbedtls_test_cli_crt_ec_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_ec_der, + mbedtls_test_cli_key_ec_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (opaque_alg != 0) { + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + /* Use a fake key usage to get a successful initial guess for the PSA attributes. */ + TEST_EQUAL(mbedtls_pk_get_psa_attributes(cert->pkey, PSA_KEY_USAGE_SIGN_HASH, + &key_attr), 0); + /* Then manually usage, alg and alg2 as requested by the test. */ + psa_set_key_usage_flags(&key_attr, opaque_usage); + psa_set_key_algorithm(&key_attr, opaque_alg); + if (opaque_alg2 != PSA_ALG_NONE) { + psa_set_key_enrollment_algorithm(&key_attr, opaque_alg2); + } + TEST_EQUAL(mbedtls_pk_import_into_psa(cert->pkey, &key_attr, &key_slot), 0); + mbedtls_pk_free(cert->pkey); + mbedtls_pk_init(cert->pkey); + TEST_EQUAL(mbedtls_pk_setup_opaque(cert->pkey, key_slot), 0); + } +#else + (void) opaque_alg; + (void) opaque_alg2; + (void) opaque_usage; +#endif + + mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, + cert->pkey); + TEST_ASSERT(ret == 0); + TEST_ASSERT(ep->conf.key_cert != NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL); + TEST_ASSERT(ret == 0); + TEST_ASSERT(ep->conf.key_cert == NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, + cert->pkey); + TEST_ASSERT(ret == 0); + +exit: + if (ret != 0) { + test_ssl_endpoint_certificate_free(ep); + } + + return ret; +} + +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, + mbedtls_test_handshake_test_options *options, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue) +{ + int ret = -1; + uintptr_t user_data_n; + + if (dtls_context != NULL && + (input_queue == NULL || output_queue == NULL)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + + } + + if (ep == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + memset(ep, 0, sizeof(*ep)); + + ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; + + mbedtls_ssl_init(&(ep->ssl)); + mbedtls_ssl_config_init(&(ep->conf)); + mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL); + + TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL); + TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0); + TEST_ASSERT(mbedtls_ssl_get_user_data_p(&ep->ssl) == NULL); + TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0); + + (void) mbedtls_test_rnd_std_rand(NULL, + (void *) &user_data_n, + sizeof(user_data_n)); + mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n); + mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n); + + if (dtls_context != NULL) { + TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue, + 100, &(ep->socket), + dtls_context) == 0); + } else { + mbedtls_test_mock_socket_init(&(ep->socket)); + } + + /* Non-blocking callbacks without timeout */ + if (dtls_context != NULL) { + mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, + mbedtls_test_mock_tcp_send_msg, + mbedtls_test_mock_tcp_recv_msg, + NULL); + } else { + mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), + mbedtls_test_mock_tcp_send_nb, + mbedtls_test_mock_tcp_recv_nb, + NULL); + } + + ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, + (dtls_context != NULL) ? + MBEDTLS_SSL_TRANSPORT_DATAGRAM : + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT); + TEST_ASSERT(ret == 0); + + if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) { + if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_min_tls_version(&(ep->conf), + options->client_min_version); + } + + if (options->client_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_max_tls_version(&(ep->conf), + options->client_max_version); + } + } else { + if (options->server_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_min_tls_version(&(ep->conf), + options->server_min_version); + } + + if (options->server_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_max_tls_version(&(ep->conf), + options->server_max_version); + } + } + + if (options->group_list != NULL) { + mbedtls_ssl_conf_groups(&(ep->conf), options->group_list); + } + + mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED); + +#if defined(MBEDTLS_SSL_EARLY_DATA) + mbedtls_ssl_conf_early_data(&(ep->conf), options->early_data); +#if defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && + (options->max_early_data_size >= 0)) { + mbedtls_ssl_conf_max_early_data_size(&(ep->conf), + options->max_early_data_size); + } +#endif +#if defined(MBEDTLS_SSL_ALPN) + /* check that alpn_list contains at least one valid entry */ + if (options->alpn_list[0] != NULL) { + mbedtls_ssl_conf_alpn_protocols(&(ep->conf), options->alpn_list); + } +#endif +#endif + +#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) { + mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache, + mbedtls_ssl_cache_get, + mbedtls_ssl_cache_set); + } +#endif + + ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); + TEST_ASSERT(ret == 0); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { + mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); + } +#endif + +#if defined(MBEDTLS_DEBUG_C) +#if defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && + options->srv_log_fun != NULL) { + mbedtls_ssl_conf_dbg(&(ep->conf), options->srv_log_fun, + options->srv_log_obj); + } +#endif +#if defined(MBEDTLS_SSL_CLI_C) + if (endpoint_type == MBEDTLS_SSL_IS_CLIENT && + options->cli_log_fun != NULL) { + mbedtls_ssl_conf_dbg(&(ep->conf), options->cli_log_fun, + options->cli_log_obj); + } +#endif +#endif /* MBEDTLS_DEBUG_C */ + + ret = mbedtls_test_ssl_endpoint_certificate_init(ep, options->pk_alg, + options->opaque_alg, + options->opaque_alg2, + options->opaque_usage); + TEST_ASSERT(ret == 0); + + TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n); + mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep); + TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n); + mbedtls_ssl_set_user_data_p(&ep->ssl, ep); + +exit: + return ret; +} + +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context) +{ + test_ssl_endpoint_certificate_free(ep); + + mbedtls_ssl_free(&(ep->ssl)); + mbedtls_ssl_config_free(&(ep->conf)); + + if (context != NULL) { + mbedtls_test_message_socket_close(context); + } else { + mbedtls_test_mock_socket_close(&(ep->socket)); + } +} + +int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state) +{ + enum { BUFFSIZE = 1024 }; + int max_steps = 1000; + int ret = 0; + + if (ssl == NULL || second_ssl == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + /* Perform communication via connected sockets */ + while ((ssl->state != state) && (--max_steps >= 0)) { + /* If /p second_ssl ends the handshake procedure before /p ssl then + * there is no need to call the next step */ + if (!mbedtls_ssl_is_handshake_over(second_ssl)) { + ret = mbedtls_ssl_handshake_step(second_ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + + /* We only care about the \p ssl state and returns, so we call it last, + * to leave the iteration as soon as the state is as expected. */ + ret = mbedtls_ssl_handshake_step(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + + return (max_steps >= 0) ? ret : -1; +} + +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +/* + * Write application data. Increase write counter if necessary. + */ +int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, + unsigned char *buf, int buf_len, + int *written, + const int expected_fragments) +{ + int ret; + /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is + * a valid no-op for TLS connections. */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0); + } + + ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); + if (ret > 0) { + *written += ret; + } + + if (expected_fragments == 0) { + /* Used for DTLS and the message size larger than MFL. In that case + * the message can not be fragmented and the library should return + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned + * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */ + return ret; + } else if (expected_fragments == 1) { + /* Used for TLS/DTLS and the message size lower than MFL */ + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + /* Used for TLS and the message size larger than MFL */ + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } + + return 0; + +exit: + /* Some of the tests failed */ + return -1; +} + +/* + * Read application data and increase read counter and fragments counter + * if necessary. + */ +int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, + unsigned char *buf, int buf_len, + int *read, int *fragments, + const int expected_fragments) +{ + int ret; + /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is + * a valid no-op for TLS connections. */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0); + } + + ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); + if (ret > 0) { + (*fragments)++; + *read += ret; + } + + if (expected_fragments == 0) { + TEST_ASSERT(ret == 0); + } else if (expected_fragments == 1) { + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } + + return 0; + +exit: + /* Some of the tests failed */ + return -1; +} + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, + int *forced_ciphersuite) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); + forced_ciphersuite[1] = 0; + + ciphersuite_info = + mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); + + TEST_ASSERT(ciphersuite_info != NULL); + TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version); + TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version); + + if (conf->max_tls_version > ciphersuite_info->max_tls_version) { + conf->max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version; + } + if (conf->min_tls_version < ciphersuite_info->min_tls_version) { + conf->min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version; + } + + mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); + +exit: + return; +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \ + defined(MBEDTLS_SSL_SRV_C) +static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) +{ + (void) p_info; + (void) ssl; + (void) name; + (void) name_len; + + return 0; +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && + MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED && + MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES) +int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, + const unsigned char *iv, + size_t iv_len, + const unsigned char *input, + size_t ilen, + unsigned char *output, + size_t *olen) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; + size_t part_len; + + status = psa_cipher_encrypt_setup(&cipher_op, + transform->psa_key_enc, + transform->psa_alg); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + status = psa_cipher_set_iv(&cipher_op, iv, iv_len); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + status = psa_cipher_update(&cipher_op, input, ilen, output, ilen, olen); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + status = psa_cipher_finish(&cipher_op, output + *olen, ilen - *olen, + &part_len); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + *olen += part_len; + return 0; +#else + return mbedtls_cipher_crypt(&transform->cipher_ctx_enc, + iv, iv_len, input, ilen, output, olen); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC && + MBEDTLS_SSL_HAVE_AES */ + +static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type, + mbedtls_cipher_mode_t *cipher_mode, + size_t *key_bits, size_t *iv_len) +{ + switch (cipher_type) { + case MBEDTLS_CIPHER_AES_128_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 128; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_AES_256_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 256; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_ARIA_128_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 128; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_ARIA_256_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 256; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_CAMELLIA_128_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 128; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_CAMELLIA_256_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 256; + *iv_len = 16; + break; + + case MBEDTLS_CIPHER_AES_128_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_192_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_256_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 256; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_128_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_192_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_256_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 256; + *iv_len = 12; + break; + + case MBEDTLS_CIPHER_AES_128_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_192_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_256_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 256; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_128_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_192_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_256_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 256; + *iv_len = 12; + break; + + case MBEDTLS_CIPHER_CHACHA20_POLY1305: + *cipher_mode = MBEDTLS_MODE_CHACHAPOLY; + *key_bits = 256; + *iv_len = 12; + break; + + case MBEDTLS_CIPHER_NULL: + *cipher_mode = MBEDTLS_MODE_STREAM; + *key_bits = 0; + *iv_len = 0; + break; + + default: + *cipher_mode = MBEDTLS_MODE_NONE; + *key_bits = 0; + *iv_len = 0; + } +} + +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, + mbedtls_ssl_protocol_version tls_version, + size_t cid0_len, + size_t cid1_len) +{ + mbedtls_cipher_mode_t cipher_mode = MBEDTLS_MODE_NONE; + size_t key_bits = 0; + int ret = 0; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_type_t key_type; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_algorithm_t alg; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; +#else + mbedtls_cipher_info_t const *cipher_info; +#endif + + size_t keylen, maclen, ivlen = 0; + unsigned char *key0 = NULL, *key1 = NULL; + unsigned char *md0 = NULL, *md1 = NULL; + unsigned char iv_enc[16], iv_dec[16]; + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + unsigned char cid0[SSL_CID_LEN_MIN]; + unsigned char cid1[SSL_CID_LEN_MIN]; + + mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); + mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); +#else + ((void) cid0_len); + ((void) cid1_len); +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + maclen = 0; + mbedtls_test_ssl_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type, + &cipher_mode, &key_bits, &ivlen); + + /* Pick keys */ + keylen = key_bits / 8; + /* Allocate `keylen + 1` bytes to ensure that we get + * a non-NULL pointers from `mbedtls_calloc` even if + * `keylen == 0` in the case of the NULL cipher. */ + CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); + CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); + memset(key0, 0x1, keylen); + memset(key1, 0x2, keylen); + +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + /* Pick cipher */ + cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); + CHK(cipher_info != NULL); + CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); + CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); + + /* Setup cipher contexts */ + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if (cipher_mode == MBEDTLS_MODE_CBC) { + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + } +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_ENCRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_DECRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_ENCRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_DECRYPT) + == 0); +#endif /* !MBEDTLS_USE_PSA_CRYPTO */ + + /* Setup MAC contexts */ +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) + if (cipher_mode == MBEDTLS_MODE_CBC || + cipher_mode == MBEDTLS_MODE_STREAM) { +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) hash_id); + CHK(md_info != NULL); +#endif + maclen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) hash_id); + CHK(maclen != 0); + /* Pick hash keys */ + CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); + CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); + memset(md0, 0x5, maclen); + memset(md1, 0x6, maclen); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + alg = mbedtls_md_psa_alg_from_type(hash_id); + + CHK(alg != 0); + + t_out->psa_mac_alg = PSA_ALG_HMAC(alg); + t_in->psa_mac_alg = PSA_ALG_HMAC(alg); + t_in->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; + t_out->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; + t_in->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; + t_out->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; + + psa_reset_key_attributes(&attributes); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(alg)); + psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); + + CHK(psa_import_key(&attributes, + md0, maclen, + &t_in->psa_mac_enc) == PSA_SUCCESS); + + CHK(psa_import_key(&attributes, + md1, maclen, + &t_out->psa_mac_enc) == PSA_SUCCESS); + + if (cipher_mode == MBEDTLS_MODE_STREAM || + etm == MBEDTLS_SSL_ETM_DISABLED) { + /* mbedtls_ct_hmac() requires the key to be exportable */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_VERIFY_HASH); + } else { + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + } + + CHK(psa_import_key(&attributes, + md1, maclen, + &t_in->psa_mac_dec) == PSA_SUCCESS); + + CHK(psa_import_key(&attributes, + md0, maclen, + &t_out->psa_mac_dec) == PSA_SUCCESS); +#else + CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); + + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, + md0, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, + md0, maclen) == 0); +#endif + } +#else + ((void) hash_id); +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + + + /* Pick IV's (regardless of whether they + * are being used by the transform). */ + memset(iv_enc, 0x3, sizeof(iv_enc)); + memset(iv_dec, 0x4, sizeof(iv_dec)); + + /* + * Setup transforms + */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ + defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) + t_out->encrypt_then_mac = etm; + t_in->encrypt_then_mac = etm; +#else + ((void) etm); +#endif + + t_out->tls_version = tls_version; + t_in->tls_version = tls_version; + t_out->ivlen = ivlen; + t_in->ivlen = ivlen; + + switch (cipher_mode) { + case MBEDTLS_MODE_GCM: + case MBEDTLS_MODE_CCM: +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { + t_out->fixed_ivlen = 12; + t_in->fixed_ivlen = 12; + } else +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + { + t_out->fixed_ivlen = 4; + t_in->fixed_ivlen = 4; + } + t_out->maclen = 0; + t_in->maclen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->taglen = 16; + t_in->taglen = 16; + break; + case 1: /* Partial tag */ + t_out->taglen = 8; + t_in->taglen = 8; + break; + default: + ret = 1; + goto cleanup; + } + break; + + case MBEDTLS_MODE_CHACHAPOLY: + t_out->fixed_ivlen = 12; + t_in->fixed_ivlen = 12; + t_out->maclen = 0; + t_in->maclen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->taglen = 16; + t_in->taglen = 16; + break; + case 1: /* Partial tag */ + t_out->taglen = 8; + t_in->taglen = 8; + break; + default: + ret = 1; + goto cleanup; + } + break; + + case MBEDTLS_MODE_STREAM: + case MBEDTLS_MODE_CBC: + t_out->fixed_ivlen = 0; /* redundant, must be 0 */ + t_in->fixed_ivlen = 0; /* redundant, must be 0 */ + t_out->taglen = 0; + t_in->taglen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->maclen = maclen; + t_in->maclen = maclen; + break; + default: + ret = 1; + goto cleanup; + } + break; + default: + ret = 1; + goto cleanup; + break; + } + + /* Setup IV's */ + + memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); + memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + /* Add CID */ + memcpy(&t_in->in_cid, cid0, cid0_len); + memcpy(&t_in->out_cid, cid1, cid1_len); + t_in->in_cid_len = (uint8_t) cid0_len; + t_in->out_cid_len = (uint8_t) cid1_len; + memcpy(&t_out->in_cid, cid1, cid1_len); + memcpy(&t_out->out_cid, cid0, cid0_len); + t_out->in_cid_len = (uint8_t) cid1_len; + t_out->out_cid_len = (uint8_t) cid0_len; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = mbedtls_ssl_cipher_to_psa(cipher_type, + t_in->taglen, + &alg, + &key_type, + &key_bits); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + t_in->psa_alg = alg; + t_out->psa_alg = alg; + + if (alg != MBEDTLS_SSL_NULL_CIPHER) { + psa_reset_key_attributes(&attributes); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + status = psa_import_key(&attributes, + key0, + PSA_BITS_TO_BYTES(key_bits), + &t_in->psa_key_enc); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + status = psa_import_key(&attributes, + key1, + PSA_BITS_TO_BYTES(key_bits), + &t_out->psa_key_enc); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + + status = psa_import_key(&attributes, + key1, + PSA_BITS_TO_BYTES(key_bits), + &t_in->psa_key_dec); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + status = psa_import_key(&attributes, + key0, + PSA_BITS_TO_BYTES(key_bits), + &t_out->psa_key_dec); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +cleanup: + + mbedtls_free(key0); + mbedtls_free(key1); + + mbedtls_free(md0); + mbedtls_free(md1); + + return ret; +} + +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, + mbedtls_ssl_transform *transform_out) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; +#endif + + /* Serialized version of record header for MAC purposes */ + unsigned char add_data[13]; + memcpy(add_data, record->ctr, 8); + add_data[8] = record->type; + add_data[9] = record->ver[0]; + add_data[10] = record->ver[1]; + add_data[11] = (record->data_len >> 8) & 0xff; + add_data[12] = (record->data_len >> 0) & 0xff; + + /* MAC with additional data */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + size_t sign_mac_length = 0; + TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_setup(&operation, + transform_out->psa_mac_enc, + transform_out->psa_mac_alg)); + TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, add_data, 13)); + TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, + record->buf + record->data_offset, + record->data_len)); + /* Use a temporary buffer for the MAC, because with the truncated HMAC + * extension, there might not be enough room in the record for the + * full-length MAC. */ + unsigned char mac[PSA_HASH_MAX_SIZE]; + TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_finish(&operation, + mac, sizeof(mac), + &sign_mac_length)); +#else + TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, + record->buf + record->data_offset, + record->data_len)); + /* Use a temporary buffer for the MAC, because with the truncated HMAC + * extension, there might not be enough room in the record for the + * full-length MAC. */ + unsigned char mac[MBEDTLS_MD_MAX_SIZE]; + TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac)); +#endif + memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen); + record->data_len += transform_out->maclen; + + return 0; + +exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_mac_abort(&operation); +#endif + return -1; +} +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type, + const char *crt_file) +{ + (void) ticket_len; + +#if defined(MBEDTLS_HAVE_TIME) + session->start = mbedtls_time(NULL) - 42; +#endif + session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; + + TEST_ASSERT(endpoint_type == MBEDTLS_SSL_IS_CLIENT || + endpoint_type == MBEDTLS_SSL_IS_SERVER); + + session->endpoint = endpoint_type; + session->ciphersuite = 0xabcd; + session->id_len = sizeof(session->id); + memset(session->id, 66, session->id_len); + memset(session->master, 17, sizeof(session->master)); + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO) + if (crt_file != NULL && strlen(crt_file) != 0) { + mbedtls_x509_crt tmp_crt; + int ret; + + mbedtls_x509_crt_init(&tmp_crt); + ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); + if (ret != 0) { + return ret; + } + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* Move temporary CRT. */ + session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); + if (session->peer_cert == NULL) { + return -1; + } + *session->peer_cert = tmp_crt; + memset(&tmp_crt, 0, sizeof(tmp_crt)); +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + /* Calculate digest of temporary CRT. */ + session->peer_cert_digest = + mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); + if (session->peer_cert_digest == NULL) { + return -1; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE); + size_t hash_size = 0; + psa_status_t status = psa_hash_compute( + psa_alg, tmp_crt.raw.p, + tmp_crt.raw.len, + session->peer_cert_digest, + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN, + &hash_size); + ret = PSA_TO_MBEDTLS_ERR(status); +#else + ret = mbedtls_md(mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), + tmp_crt.raw.p, tmp_crt.raw.len, + session->peer_cert_digest); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (ret != 0) { + return ret; + } + session->peer_cert_digest_type = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; + session->peer_cert_digest_len = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + mbedtls_x509_crt_free(&tmp_crt); + } +#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ + (void) crt_file; +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ + session->verify_result = 0xdeadbeef; + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_CLI_C) + if (ticket_len != 0) { + session->ticket = mbedtls_calloc(1, ticket_len); + if (session->ticket == NULL) { + return -1; + } + memset(session->ticket, 33, ticket_len); + } + session->ticket_len = ticket_len; + session->ticket_lifetime = 86401; +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_HAVE_TIME) + if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { + session->ticket_creation_time = mbedtls_ms_time() - 42; + } +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + session->mfl_code = 1; +#endif +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + session->encrypt_then_mac = 1; +#endif + +exit: + return 0; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type) +{ + ((void) ticket_len); + session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; + session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ? + MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER; + session->ciphersuite = 0xabcd; + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + session->ticket_age_add = 0x87654321; + session->ticket_flags = 0x7; + session->resumption_key_len = 32; + memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); +#endif + +#if defined(MBEDTLS_SSL_SRV_C) + if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) + int ret = mbedtls_ssl_session_set_ticket_alpn(session, "ALPNExample"); + if (ret != 0) { + return -1; + } +#endif +#if defined(MBEDTLS_HAVE_TIME) + session->ticket_creation_time = mbedtls_ms_time() - 42; +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_CLI_C) + if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_HAVE_TIME) + session->ticket_reception_time = mbedtls_ms_time() - 40; +#endif + session->ticket_lifetime = 0xfedcba98; + + session->ticket_len = ticket_len; + if (ticket_len != 0) { + session->ticket = mbedtls_calloc(1, ticket_len); + if (session->ticket == NULL) { + return -1; + } + memset(session->ticket, 33, ticket_len); + } +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + char hostname[] = "hostname example"; + session->hostname = mbedtls_calloc(1, sizeof(hostname)); + if (session->hostname == NULL) { + return -1; + } + memcpy(session->hostname, hostname, sizeof(hostname)); +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + } +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_EARLY_DATA) + session->max_early_data_size = 0x87654321; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + session->record_size_limit = 2048; +#endif + + return 0; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + +int mbedtls_test_ssl_exchange_data( + mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2) +{ + unsigned char *msg_buf_1 = malloc(msg_len_1); + unsigned char *msg_buf_2 = malloc(msg_len_2); + unsigned char *in_buf_1 = malloc(msg_len_2); + unsigned char *in_buf_2 = malloc(msg_len_1); + int msg_type, ret = -1; + + /* Perform this test with two message types. At first use a message + * consisting of only 0x00 for the client and only 0xFF for the server. + * At the second time use message with generated data */ + for (msg_type = 0; msg_type < 2; msg_type++) { + int written_1 = 0; + int written_2 = 0; + int read_1 = 0; + int read_2 = 0; + int fragments_1 = 0; + int fragments_2 = 0; + + if (msg_type == 0) { + memset(msg_buf_1, 0x00, msg_len_1); + memset(msg_buf_2, 0xff, msg_len_2); + } else { + int i, j = 0; + for (i = 0; i < msg_len_1; i++) { + msg_buf_1[i] = j++ & 0xFF; + } + for (i = 0; i < msg_len_2; i++) { + msg_buf_2[i] = (j -= 5) & 0xFF; + } + } + + while (read_1 < msg_len_2 || read_2 < msg_len_1) { + /* ssl_1 sending */ + if (msg_len_1 > written_1) { + ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, + msg_len_1, &written_1, + expected_fragments_1); + if (expected_fragments_1 == 0) { + /* This error is expected when the message is too large and + * cannot be fragmented */ + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); + msg_len_1 = 0; + } else { + TEST_ASSERT(ret == 0); + } + } + + /* ssl_2 sending */ + if (msg_len_2 > written_2) { + ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, + msg_len_2, &written_2, + expected_fragments_2); + if (expected_fragments_2 == 0) { + /* This error is expected when the message is too large and + * cannot be fragmented */ + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); + msg_len_2 = 0; + } else { + TEST_ASSERT(ret == 0); + } + } + + /* ssl_1 reading */ + if (read_1 < msg_len_2) { + ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, + msg_len_2, &read_1, + &fragments_2, + expected_fragments_2); + TEST_ASSERT(ret == 0); + } + + /* ssl_2 reading */ + if (read_2 < msg_len_1) { + ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, + msg_len_1, &read_2, + &fragments_1, + expected_fragments_1); + TEST_ASSERT(ret == 0); + } + } + + ret = -1; + TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); + TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); + TEST_ASSERT(fragments_1 == expected_fragments_1); + TEST_ASSERT(fragments_2 == expected_fragments_2); + } + + ret = 0; + +exit: + free(msg_buf_1); + free(in_buf_1); + free(msg_buf_2); + free(in_buf_2); + + return ret; +} + +/* + * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints + * must be initialized and connected beforehand. + * + * \retval 0 on success, otherwise error code. + */ +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ + (defined(MBEDTLS_SSL_RENEGOTIATION) || \ + defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)) +static int exchange_data(mbedtls_ssl_context *ssl_1, + mbedtls_ssl_context *ssl_2) +{ + return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1, + ssl_2, 256, 1); +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && + (MBEDTLS_SSL_RENEGOTIATION || + MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +static int check_ssl_version( + mbedtls_ssl_protocol_version expected_negotiated_version, + const mbedtls_ssl_context *ssl) +{ + const char *version_string = mbedtls_ssl_get_version(ssl); + mbedtls_ssl_protocol_version version_number = + mbedtls_ssl_get_version_number(ssl); + + TEST_EQUAL(ssl->tls_version, expected_negotiated_version); + + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_EQUAL(version_string[0], 'D'); + ++version_string; + } + + switch (expected_negotiated_version) { + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2); + TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0); + break; + + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3); + TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0); + break; + + default: + TEST_FAIL( + "Version check not implemented for this protocol version"); + } + + return 1; + +exit: + return 0; +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options) +{ + /* forced_ciphersuite needs to last until the end of the handshake */ + int forced_ciphersuite[2]; + enum { BUFFSIZE = 17000 }; + mbedtls_test_ssl_endpoint client, server; +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) + const char *psk_identity = "foo"; +#endif +#if defined(MBEDTLS_TIMING_C) + mbedtls_timing_delay_context timer_client, timer_server; +#endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + unsigned char *context_buf = NULL; + size_t context_buf_len; +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int ret = -1; +#endif + int expected_handshake_result = options->expected_handshake_result; + + MD_OR_USE_PSA_INIT(); + mbedtls_platform_zeroize(&client, sizeof(client)); + mbedtls_platform_zeroize(&server, sizeof(server)); + mbedtls_test_ssl_message_queue server_queue, client_queue; + mbedtls_test_message_socket_context server_context, client_context; + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun || options->srv_log_fun) { + mbedtls_debug_set_threshold(4); + } +#endif + + /* Client side */ + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, + options, &client_context, + &client_queue, + &server_queue) == 0); +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif + } else { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, + options, NULL, NULL, + NULL) == 0); + } + + if (strlen(options->cipher) > 0) { + set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); + } + + /* Server side */ + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, + options, &server_context, + &server_queue, + &client_queue) == 0); +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif + } else { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, + options, NULL, NULL, + NULL) == 0); + } + + mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), + (unsigned char) options->mfl) + == 0); + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), + (unsigned char) options->mfl) + == 0); +#else + TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) + if (options->psk_str != NULL && options->psk_str->len > 0) { + TEST_ASSERT(mbedtls_ssl_conf_psk( + &client.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); + + TEST_ASSERT(mbedtls_ssl_conf_psk( + &server.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); +#if defined(MBEDTLS_SSL_SRV_C) + mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); +#endif + } +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if (options->renegotiate) { + mbedtls_ssl_conf_renegotiation(&(server.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + mbedtls_ssl_conf_renegotiation(&(client.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + + mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), + options->legacy_renegotiation); + mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), + options->legacy_renegotiation); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE) == 0); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + + if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) { + expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; + } + + TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl), + &(server.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER) + == expected_handshake_result); + + if (expected_handshake_result != 0) { + /* Connection will have failed by this point, skip to cleanup */ + goto exit; + } + + TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1); + + /* Make sure server state is moved to HANDSHAKE_OVER also. */ + TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl), + &(client.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), + 0); + + TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); + /* Check that both sides have negotiated the expected version. */ + mbedtls_test_set_step(0); + if (!check_ssl_version(options->expected_negotiated_version, + &client.ssl)) { + goto exit; + } + + mbedtls_test_set_step(1); + if (!check_ssl_version(options->expected_negotiated_version, + &server.ssl)) { + goto exit; + } + + if (options->expected_ciphersuite != 0) { + TEST_EQUAL(server.ssl.session->ciphersuite, + options->expected_ciphersuite); + } + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* A server, when using DTLS, might delay a buffer resize to happen + * after it receives a message, so we force it. */ + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif + + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + /* Start data exchanging test */ + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); + } +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if (options->serialize == 1) { + TEST_ASSERT(options->dtls == 1); + + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, + 0, &context_buf_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + + context_buf = mbedtls_calloc(1, context_buf_len); + TEST_ASSERT(context_buf != NULL); + + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, + context_buf_len, + &context_buf_len) + == 0); + + mbedtls_ssl_free(&(server.ssl)); + mbedtls_ssl_init(&(server.ssl)); + + TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); + + mbedtls_ssl_set_bio(&(server.ssl), &server_context, + mbedtls_test_mock_tcp_send_msg, + mbedtls_test_mock_tcp_recv_msg, + NULL); + + mbedtls_ssl_set_user_data_p(&server.ssl, &server); + +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, + context_buf_len) == 0); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + /* Validate buffer sizes after context deserialization */ + if (options->resize_buffers != 0) { + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif + /* Retest writing/reading */ + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); + } + } +#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if (options->renegotiate) { + /* Start test with renegotiation */ + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + /* After calling this function for the server, it only sends a handshake + * request. All renegotiation should happen during data exchanging */ + TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_PENDING); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + + /* After calling mbedtls_ssl_renegotiate for the client, + * all renegotiation should happen inside this function. + * However in this test, we cannot perform simultaneous communication + * between client and server so this function will return waiting error + * on the socket. All rest of renegotiation should happen + * during data exchanging */ + ret = mbedtls_ssl_renegotiate(&(client.ssl)); +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + TEST_ASSERT(ret == 0 || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + /* Validate buffer sizes after renegotiation */ + if (options->resize_buffers != 0) { + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client); + TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client); + TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server); + TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); + +exit: + mbedtls_test_ssl_endpoint_free(&client, + options->dtls != 0 ? &client_context : NULL); + mbedtls_test_ssl_endpoint_free(&server, + options->dtls != 0 ? &server_context : NULL); +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun || options->srv_log_fun) { + mbedtls_debug_set_threshold(0); + } +#endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if (context_buf != NULL) { + mbedtls_free(context_buf); + } +#endif + MD_OR_USE_PSA_DONE(); +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_TEST_HOOKS) +int mbedtls_test_tweak_tls13_certificate_msg_vector_len( + unsigned char *buf, unsigned char **end, int tweak, + int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args) +{ +/* + * The definition of the tweaks assume that the certificate list contains only + * one certificate. + */ + +/* + * struct { + * opaque cert_data<1..2^24-1>; + * Extension extensions<0..2^16-1>; + * } CertificateEntry; + * + * struct { + * opaque certificate_request_context<0..2^8-1>; + * CertificateEntry certificate_list<0..2^24-1>; + * } Certificate; + */ + unsigned char *p_certificate_request_context_len = buf; + size_t certificate_request_context_len = buf[0]; + + unsigned char *p_certificate_list_len = + buf + 1 + certificate_request_context_len; + unsigned char *certificate_list = p_certificate_list_len + 3; + size_t certificate_list_len = + MBEDTLS_GET_UINT24_BE(p_certificate_list_len, 0); + + unsigned char *p_cert_data_len = certificate_list; + unsigned char *cert_data = p_cert_data_len + 3; + size_t cert_data_len = MBEDTLS_GET_UINT24_BE(p_cert_data_len, 0); + + unsigned char *p_extensions_len = cert_data + cert_data_len; + unsigned char *extensions = p_extensions_len + 2; + size_t extensions_len = MBEDTLS_GET_UINT16_BE(p_extensions_len, 0); + + *expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR; + + switch (tweak) { + case 1: + /* Failure when checking if the certificate request context length + * and certificate list length can be read + */ + *end = buf + 3; + set_chk_buf_ptr_args(args, buf, *end, 4); + break; + + case 2: + /* Invalid certificate request context length. + */ + *p_certificate_request_context_len = + (unsigned char) certificate_request_context_len + 1; + reset_chk_buf_ptr_args(args); + break; + + case 3: + /* Failure when checking if certificate_list data can be read. */ + MBEDTLS_PUT_UINT24_BE(certificate_list_len + 1, + p_certificate_list_len, 0); + set_chk_buf_ptr_args(args, certificate_list, *end, + certificate_list_len + 1); + break; + + case 4: + /* Failure when checking if the cert_data length can be read. */ + MBEDTLS_PUT_UINT24_BE(2, p_certificate_list_len, 0); + set_chk_buf_ptr_args(args, p_cert_data_len, certificate_list + 2, 3); + break; + + case 5: + /* Failure when checking if cert_data data can be read. */ + MBEDTLS_PUT_UINT24_BE(certificate_list_len - 3 + 1, + p_cert_data_len, 0); + set_chk_buf_ptr_args(args, cert_data, + certificate_list + certificate_list_len, + certificate_list_len - 3 + 1); + break; + + case 6: + /* Failure when checking if the extensions length can be read. */ + MBEDTLS_PUT_UINT24_BE(certificate_list_len - extensions_len - 1, + p_certificate_list_len, 0); + set_chk_buf_ptr_args( + args, p_extensions_len, + certificate_list + certificate_list_len - extensions_len - 1, 2); + break; + + case 7: + /* Failure when checking if extensions data can be read. */ + MBEDTLS_PUT_UINT16_BE(extensions_len + 1, p_extensions_len, 0); + + set_chk_buf_ptr_args( + args, extensions, + certificate_list + certificate_list_len, extensions_len + 1); + break; + + default: + return -1; + } + + return 0; +} +#endif /* MBEDTLS_TEST_HOOKS */ + +/* + * Functions for tests based on tickets. Implementations of the + * write/parse ticket interfaces as defined by mbedtls_ssl_ticket_write/parse_t. + * Basically same implementations as in ticket.c without the encryption. That + * way we can tweak easily tickets characteristics to simulate misbehaving + * peers. + */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +int mbedtls_test_ticket_write( + void *p_ticket, const mbedtls_ssl_session *session, + unsigned char *start, const unsigned char *end, + size_t *tlen, uint32_t *lifetime) +{ + int ret; + ((void) p_ticket); + + if ((ret = mbedtls_ssl_session_save(session, start, end - start, + tlen)) != 0) { + return ret; + } + + /* Maximum ticket lifetime as defined in RFC 8446 */ + *lifetime = 7 * 24 * 3600; + + return 0; +} + +int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, + unsigned char *buf, size_t len) +{ + ((void) p_ticket); + + return mbedtls_ssl_session_load(session, buf, len); +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \ + defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +int mbedtls_test_get_tls13_ticket( + mbedtls_test_handshake_test_options *client_options, + mbedtls_test_handshake_test_options *server_options, + mbedtls_ssl_session *session) +{ + int ret = -1; + unsigned char buf[64]; + mbedtls_test_ssl_endpoint client_ep, server_ep; + + mbedtls_platform_zeroize(&client_ep, sizeof(client_ep)); + mbedtls_platform_zeroize(&server_ep, sizeof(server_ep)); + + ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, + client_options, NULL, NULL, NULL); + TEST_EQUAL(ret, 0); + + ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, + server_options, NULL, NULL, NULL); + TEST_EQUAL(ret, 0); + + mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, + mbedtls_test_ticket_write, + mbedtls_test_ticket_parse, + NULL); + + ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), + &(server_ep.socket), 1024); + TEST_EQUAL(ret, 0); + + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), 0); + + TEST_EQUAL(server_ep.ssl.handshake->new_session_tickets_count, 0); + + do { + ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); + } while (ret != MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET); + + ret = mbedtls_ssl_get_session(&(client_ep.ssl), session); + TEST_EQUAL(ret, 0); + +exit: + mbedtls_test_ssl_endpoint_free(&client_ep, NULL); + mbedtls_test_ssl_endpoint_free(&server_ep, NULL); + + return ret; +} +#endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SRV_C && + MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS && + MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/tests/src/test_memory.c b/tests/src/test_memory.c new file mode 100644 index 0000000000..ac9dde6163 --- /dev/null +++ b/tests/src/test_memory.c @@ -0,0 +1,60 @@ +/** + * \file memory.c + * + * \brief Helper functions related to testing memory management. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include +#include + +#if defined(MBEDTLS_TEST_MEMORY_CAN_POISON) +#include +#include +#endif + +#if defined(MBEDTLS_TEST_MEMORY_CAN_POISON) + +_Thread_local unsigned int mbedtls_test_memory_poisoning_count = 0; + +static void align_for_asan(const unsigned char **p_ptr, size_t *p_size) +{ + uintptr_t start = (uintptr_t) *p_ptr; + uintptr_t end = start + (uintptr_t) *p_size; + /* ASan can only poison regions with 8-byte alignment, and only poisons a + * region if it's fully within the requested range. We want to poison the + * whole requested region and don't mind a few extra bytes. Therefore, + * align start down to an 8-byte boundary, and end up to an 8-byte + * boundary. */ + start = start & ~(uintptr_t) 7; + end = (end + 7) & ~(uintptr_t) 7; + *p_ptr = (const unsigned char *) start; + *p_size = end - start; +} + +void mbedtls_test_memory_poison(const unsigned char *ptr, size_t size) +{ + if (mbedtls_test_memory_poisoning_count == 0) { + return; + } + if (size == 0) { + return; + } + align_for_asan(&ptr, &size); + __asan_poison_memory_region(ptr, size); +} + +void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size) +{ + if (size == 0) { + return; + } + align_for_asan(&ptr, &size); + __asan_unpoison_memory_region(ptr, size); +} +#endif /* Memory poisoning */ diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c new file mode 100644 index 0000000000..c1686c21ad --- /dev/null +++ b/tests/src/threading_helpers.c @@ -0,0 +1,354 @@ +/** Mutex usage verification framework. */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#include +#include + +#include "mbedtls/threading.h" + +#if defined(MBEDTLS_THREADING_C) + +#if defined(MBEDTLS_THREADING_PTHREAD) + +static int threading_thread_create_pthread(mbedtls_test_thread_t *thread, void *(*thread_func)( + void *), void *thread_data) +{ + if (thread == NULL || thread_func == NULL) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } + + if (pthread_create(&thread->thread, NULL, thread_func, thread_data)) { + return MBEDTLS_ERR_THREADING_THREAD_ERROR; + } + + return 0; +} + +static int threading_thread_join_pthread(mbedtls_test_thread_t *thread) +{ + if (thread == NULL) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } + + if (pthread_join(thread->thread, NULL) != 0) { + return MBEDTLS_ERR_THREADING_THREAD_ERROR; + } + + return 0; +} + +int (*mbedtls_test_thread_create)(mbedtls_test_thread_t *thread, void *(*thread_func)(void *), + void *thread_data) = threading_thread_create_pthread; +int (*mbedtls_test_thread_join)(mbedtls_test_thread_t *thread) = threading_thread_join_pthread; + +#endif /* MBEDTLS_THREADING_PTHREAD */ + +#if defined(MBEDTLS_THREADING_ALT) + +static int threading_thread_create_fail(mbedtls_test_thread_t *thread, + void *(*thread_func)(void *), + void *thread_data) +{ + (void) thread; + (void) thread_func; + (void) thread_data; + + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; +} + +static int threading_thread_join_fail(mbedtls_test_thread_t *thread) +{ + (void) thread; + + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; +} + +int (*mbedtls_test_thread_create)(mbedtls_test_thread_t *thread, void *(*thread_func)(void *), + void *thread_data) = threading_thread_create_fail; +int (*mbedtls_test_thread_join)(mbedtls_test_thread_t *thread) = threading_thread_join_fail; + +#endif /* MBEDTLS_THREADING_ALT */ + +#if defined(MBEDTLS_TEST_MUTEX_USAGE) + +#include "mbedtls/threading.h" + +/** Mutex usage verification framework. + * + * The mutex usage verification code below aims to detect bad usage of + * Mbed TLS's mutex abstraction layer at runtime. Note that this is solely + * about the use of the mutex itself, not about checking whether the mutex + * correctly protects whatever it is supposed to protect. + * + * The normal usage of a mutex is: + * ``` + * digraph mutex_states { + * "UNINITIALIZED"; // the initial state + * "IDLE"; + * "FREED"; + * "LOCKED"; + * "UNINITIALIZED" -> "IDLE" [label="init"]; + * "FREED" -> "IDLE" [label="init"]; + * "IDLE" -> "LOCKED" [label="lock"]; + * "LOCKED" -> "IDLE" [label="unlock"]; + * "IDLE" -> "FREED" [label="free"]; + * } + * ``` + * + * All bad transitions that can be unambiguously detected are reported. + * An attempt to use an uninitialized mutex cannot be detected in general + * since the memory content may happen to denote a valid state. For the same + * reason, a double init cannot be detected. + * All-bits-zero is the state of a freed mutex, which is distinct from an + * initialized mutex, so attempting to use zero-initialized memory as a mutex + * without calling the init function is detected. + * + * The framework attempts to detect missing calls to init and free by counting + * calls to init and free. If there are more calls to init than free, this + * means that a mutex is not being freed somewhere, which is a memory leak + * on platforms where a mutex consumes resources other than the + * mbedtls_threading_mutex_t object itself. If there are more calls to free + * than init, this indicates a missing init, which is likely to be detected + * by an attempt to lock the mutex as well. A limitation of this framework is + * that it cannot detect scenarios where there is exactly the same number of + * calls to init and free but the calls don't match. A bug like this is + * unlikely to happen uniformly throughout the whole test suite though. + * + * If an error is detected, this framework will report what happened and the + * test case will be marked as failed. Unfortunately, the error report cannot + * indicate the exact location of the problematic call. To locate the error, + * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error(). + */ +enum value_of_mutex_state_field { + /* Potential values for the state field of mbedtls_threading_mutex_t. + * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for + * compatibility with threading_mutex_init_pthread() and + * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero + * value. */ + MUTEX_FREED = 0, //! < Set by mbedtls_test_wrap_mutex_free + MUTEX_IDLE = 1, //! < Set by mbedtls_test_wrap_mutex_init and by mbedtls_test_wrap_mutex_unlock + MUTEX_LOCKED = 2, //! < Set by mbedtls_test_wrap_mutex_lock +}; + +typedef struct { + void (*init)(mbedtls_threading_mutex_t *); + void (*free)(mbedtls_threading_mutex_t *); + int (*lock)(mbedtls_threading_mutex_t *); + int (*unlock)(mbedtls_threading_mutex_t *); +} mutex_functions_t; +static mutex_functions_t mutex_functions; + +/** + * The mutex used to guard live_mutexes below and access to the status variable + * in every mbedtls_threading_mutex_t. + * Note that we are not reporting any errors when locking and unlocking this + * mutex. This is for a couple of reasons: + * + * 1. We have no real way of reporting any errors with this mutex - we cannot + * report it back to the caller, as the failure was not that of the mutex + * passed in. We could fail the test, but again this would indicate a problem + * with the test code that did not exist. + * + * 2. Any failure to lock is unlikely to be intermittent, and will thus not + * give false test results - the overall result would be to turn off the + * testing. This is not a situation that is likely to happen with normal + * testing and we still have TSan to fall back on should this happen. + */ +mbedtls_threading_mutex_t mbedtls_test_mutex_mutex; + +/** + * The total number of calls to mbedtls_mutex_init(), minus the total number + * of calls to mbedtls_mutex_free(). + * + * Do not read or write without holding mbedtls_test_mutex_mutex (above). Reset + * to 0 after each test case. + */ +static int live_mutexes; + +static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex, + const char *msg) +{ + (void) mutex; + + mbedtls_test_set_mutex_usage_error(msg); + mbedtls_fprintf(stdout, "[mutex: %s] ", msg); + /* Don't mark the test as failed yet. This way, if the test fails later + * for a functional reason, the test framework will report the message + * and location for this functional reason. If the test passes, + * mbedtls_test_mutex_usage_check() will mark it as failed. */ +} + +static int mbedtls_test_mutex_can_test(mbedtls_threading_mutex_t *mutex) +{ + /* If we attempt to run tests on this mutex then we are going to run into a + * couple of problems: + * 1. If any test on this mutex fails, we are going to deadlock when + * reporting that failure, as we already hold the mutex at that point. + * 2. Given the 'global' position of the initialization and free of this + * mutex, it will be shown as leaked on the first test run. */ + if (mutex == mbedtls_test_get_info_mutex()) { + return 0; + } + + return 1; +} + +static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex) +{ + mutex_functions.init(mutex); + + if (mbedtls_test_mutex_can_test(mutex)) { + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + mutex->state = MUTEX_IDLE; + ++live_mutexes; + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); + } + } +} + +static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex) +{ + if (mbedtls_test_mutex_can_test(mutex)) { + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + + switch (mutex->state) { + case MUTEX_FREED: + mbedtls_test_mutex_usage_error(mutex, "free without init or double free"); + break; + case MUTEX_IDLE: + mutex->state = MUTEX_FREED; + --live_mutexes; + break; + case MUTEX_LOCKED: + mbedtls_test_mutex_usage_error(mutex, "free without unlock"); + break; + default: + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); + break; + } + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); + } + } + + mutex_functions.free(mutex); +} + +static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex) +{ + /* Lock the passed in mutex first, so that the only way to change the state + * is to hold the passed in and internal mutex - otherwise we create a race + * condition. */ + int ret = mutex_functions.lock(mutex); + + if (mbedtls_test_mutex_can_test(mutex)) { + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + switch (mutex->state) { + case MUTEX_FREED: + mbedtls_test_mutex_usage_error(mutex, "lock without init"); + break; + case MUTEX_IDLE: + if (ret == 0) { + mutex->state = MUTEX_LOCKED; + } + break; + case MUTEX_LOCKED: + mbedtls_test_mutex_usage_error(mutex, "double lock"); + break; + default: + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); + break; + } + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); + } + } + + return ret; +} + +static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex) +{ + /* Lock the internal mutex first and change state, so that the only way to + * change the state is to hold the passed in and internal mutex - otherwise + * we create a race condition. */ + if (mbedtls_test_mutex_can_test(mutex)) { + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + switch (mutex->state) { + case MUTEX_FREED: + mbedtls_test_mutex_usage_error(mutex, "unlock without init"); + break; + case MUTEX_IDLE: + mbedtls_test_mutex_usage_error(mutex, "unlock without lock"); + break; + case MUTEX_LOCKED: + mutex->state = MUTEX_IDLE; + break; + default: + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); + break; + } + mutex_functions.unlock(&mbedtls_test_mutex_mutex); + } + } + + return mutex_functions.unlock(mutex); +} + +void mbedtls_test_mutex_usage_init(void) +{ + mutex_functions.init = mbedtls_mutex_init; + mutex_functions.free = mbedtls_mutex_free; + mutex_functions.lock = mbedtls_mutex_lock; + mutex_functions.unlock = mbedtls_mutex_unlock; + mbedtls_mutex_init = &mbedtls_test_wrap_mutex_init; + mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free; + mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock; + mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock; + + mutex_functions.init(&mbedtls_test_mutex_mutex); +} + +void mbedtls_test_mutex_usage_check(void) +{ + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + if (live_mutexes != 0) { + /* A positive number (more init than free) means that a mutex resource + * is leaking (on platforms where a mutex consumes more than the + * mbedtls_threading_mutex_t object itself). The (hopefully) rare + * case of a negative number means a missing init somewhere. */ + mbedtls_fprintf(stdout, "[mutex: %d leaked] ", live_mutexes); + live_mutexes = 0; + mbedtls_test_set_mutex_usage_error("missing free"); + } + if (mbedtls_test_get_mutex_usage_error() != NULL && + mbedtls_test_get_result() != MBEDTLS_TEST_RESULT_FAILED) { + /* Functionally, the test passed. But there was a mutex usage error, + * so mark the test as failed after all. */ + mbedtls_test_fail("Mutex usage error", __LINE__, __FILE__); + } + mbedtls_test_set_mutex_usage_error(NULL); + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); + } +} + +void mbedtls_test_mutex_usage_end(void) +{ + mbedtls_mutex_init = mutex_functions.init; + mbedtls_mutex_free = mutex_functions.free; + mbedtls_mutex_lock = mutex_functions.lock; + mbedtls_mutex_unlock = mutex_functions.unlock; + + mutex_functions.free(&mbedtls_test_mutex_mutex); +} + +#endif /* MBEDTLS_TEST_MUTEX_USAGE */ + +#endif /* MBEDTLS_THREADING_C */