• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  Common code for SSL test programs
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0
6  *
7  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
8  *  not use this file except in compliance with the License.
9  *  You may obtain a copy of the License at
10  *
11  *  http://www.apache.org/licenses/LICENSE-2.0
12  *
13  *  Unless required by applicable law or agreed to in writing, software
14  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  *  See the License for the specific language governing permissions and
17  *  limitations under the License.
18  */
19 
20 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
21 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H
22 
23 #include "mbedtls/build_info.h"
24 
25 #if defined(MBEDTLS_PLATFORM_C)
26 #include "mbedtls/platform.h"
27 #else
28 #include <stdio.h>
29 #include <stdlib.h>
30 #define mbedtls_calloc     calloc
31 #define mbedtls_free       free
32 #define mbedtls_time       time
33 #define mbedtls_time_t     time_t
34 #define mbedtls_printf     printf
35 #define mbedtls_fprintf    fprintf
36 #define mbedtls_snprintf   snprintf
37 #define mbedtls_exit            exit
38 #define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
39 #define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
40 #endif
41 
42 #undef HAVE_RNG
43 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) &&         \
44     ( defined(MBEDTLS_USE_PSA_CRYPTO) ||                \
45       defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) )
46 #define HAVE_RNG
47 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
48 #define HAVE_RNG
49 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) &&     \
50     ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) )
51 #define HAVE_RNG
52 #endif
53 
54 #if !defined(MBEDTLS_NET_C) ||                              \
55     !defined(MBEDTLS_SSL_TLS_C) ||                          \
56     defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
57 #define MBEDTLS_SSL_TEST_IMPOSSIBLE                             \
58     "MBEDTLS_NET_C and/or "                                     \
59     "MBEDTLS_SSL_TLS_C not defined, "                           \
60     "and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n"
61 #elif !defined(HAVE_RNG)
62 #define MBEDTLS_SSL_TEST_IMPOSSIBLE             \
63     "No random generator is available.\n"
64 #else
65 #undef MBEDTLS_SSL_TEST_IMPOSSIBLE
66 
67 #undef HAVE_RNG
68 
69 #include <stdio.h>
70 #include <stdlib.h>
71 #include <string.h>
72 
73 #include "mbedtls/net_sockets.h"
74 #include "mbedtls/ssl.h"
75 #include "mbedtls/entropy.h"
76 #include "mbedtls/ctr_drbg.h"
77 #include "mbedtls/hmac_drbg.h"
78 #include "mbedtls/x509.h"
79 #include "mbedtls/error.h"
80 #include "mbedtls/debug.h"
81 #include "mbedtls/timing.h"
82 #include "mbedtls/base64.h"
83 #include "test/certs.h"
84 
85 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
86 #include "psa/crypto.h"
87 #include "mbedtls/psa_util.h"
88 #endif
89 
90 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
91 #include "mbedtls/memory_buffer_alloc.h"
92 #endif
93 
94 #include <test/helpers.h>
95 
96 #include "../test/query_config.h"
97 
98 typedef struct eap_tls_keys
99 {
100     unsigned char master_secret[48];
101     unsigned char randbytes[64];
102     mbedtls_tls_prf_types tls_prf_type;
103 } eap_tls_keys;
104 
105 #if defined( MBEDTLS_SSL_DTLS_SRTP )
106 
107 /* Supported SRTP mode needs a maximum of :
108  * - 16 bytes for key (AES-128)
109  * - 14 bytes SALT
110  * One for sender, one for receiver context
111  */
112 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH    60
113 
114 typedef struct dtls_srtp_keys
115 {
116     unsigned char master_secret[48];
117     unsigned char randbytes[64];
118     mbedtls_tls_prf_types tls_prf_type;
119 } dtls_srtp_keys;
120 
121 #endif /* MBEDTLS_SSL_DTLS_SRTP */
122 
123 typedef struct
124 {
125     mbedtls_ssl_context *ssl;
126     mbedtls_net_context *net;
127 } io_ctx_t;
128 
129 void my_debug( void *ctx, int level,
130                const char *file, int line,
131                const char *str );
132 
133 mbedtls_time_t dummy_constant_time( mbedtls_time_t* time );
134 
135 #if defined(MBEDTLS_USE_PSA_CRYPTO)
136 /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use
137  * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator.
138  *
139  * The constraints are:
140  * - Without the entropy module, the PSA RNG is the only option.
141  * - Without at least one of the DRBG modules, the PSA RNG is the only option.
142  * - The PSA RNG does not support explicit seeding, so it is incompatible with
143  *   the reproducible mode used by test programs.
144  * - For good overall test coverage, there should be at least one configuration
145  *   where the test programs use the PSA RNG while the PSA RNG is itself based
146  *   on entropy+DRBG, and at least one configuration where the test programs
147  *   do not use the PSA RNG even though it's there.
148  *
149  * A simple choice that meets the constraints is to use the PSA RNG whenever
150  * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the
151  * choice to use the PSA RNG in the test programs and the choice to use
152  * PSA crypto when TLS code needs crypto have to be tied together, but it
153  * happens to be a good match. It's also a good match from an application
154  * perspective: either PSA is preferred for TLS (both for crypto and for
155  * random generation) or it isn't.
156  */
157 #define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG
158 #endif
159 
160 /** A context for random number generation (RNG).
161  */
162 typedef struct
163 {
164 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
165     unsigned char dummy;
166 #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
167     mbedtls_entropy_context entropy;
168 #if defined(MBEDTLS_CTR_DRBG_C)
169     mbedtls_ctr_drbg_context drbg;
170 #elif defined(MBEDTLS_HMAC_DRBG_C)
171     mbedtls_hmac_drbg_context drbg;
172 #else
173 #error "No DRBG available"
174 #endif
175 #endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
176 } rng_context_t;
177 
178 /** Initialize the RNG.
179  *
180  * This function only initializes the memory used by the RNG context.
181  * Before using the RNG, it must be seeded with rng_seed().
182  */
183 void rng_init( rng_context_t *rng );
184 
185 /* Seed the random number generator.
186  *
187  * \param rng           The RNG context to use. It must have been initialized
188  *                      with rng_init().
189  * \param reproducible  If zero, seed the RNG from entropy.
190  *                      If nonzero, use a fixed seed, so that the program
191  *                      will produce the same sequence of random numbers
192  *                      each time it is invoked.
193  * \param pers          A null-terminated string. Different values for this
194  *                      string cause the RNG to emit different output for
195  *                      the same seed.
196  *
197  * return 0 on success, a negative value on error.
198  */
199 int rng_seed( rng_context_t *rng, int reproducible, const char *pers );
200 
201 /** Deinitialize the RNG. Free any embedded resource.
202  *
203  * \param rng           The RNG context to deinitialize. It must have been
204  *                      initialized with rng_init().
205  */
206 void rng_free( rng_context_t *rng );
207 
208 /** Generate random data.
209  *
210  * This function is suitable for use as the \c f_rng argument to Mbed TLS
211  * library functions.
212  *
213  * \param p_rng         The random generator context. This must be a pointer to
214  *                      a #rng_context_t structure.
215  * \param output        The buffer to fill.
216  * \param output_len    The length of the buffer in bytes.
217  *
218  * \return              \c 0 on success.
219  * \return              An Mbed TLS error code on error.
220  */
221 int rng_get( void *p_rng, unsigned char *output, size_t output_len );
222 
223 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
224 /* The test implementation of the PSA external RNG is insecure. When
225  * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto
226  * function that makes use of an RNG, you must call
227  * mbedtls_test_enable_insecure_external_rng(). */
228 #include <test/fake_external_rng_for_test.h>
229 #endif
230 
231 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
232 int ca_callback( void *data, mbedtls_x509_crt const *child,
233                  mbedtls_x509_crt **candidates );
234 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
235 
236 /*
237  * Test recv/send functions that make sure each try returns
238  * WANT_READ/WANT_WRITE at least once before sucesseding
239  */
240 int delayed_recv( void *ctx, unsigned char *buf, size_t len );
241 int delayed_send( void *ctx, const unsigned char *buf, size_t len );
242 
243 /*
244  * Wait for an event from the underlying transport or the timer
245  * (Used in event-driven IO mode).
246  */
247 int idle( mbedtls_net_context *fd,
248 #if defined(MBEDTLS_TIMING_C)
249           mbedtls_timing_delay_context *timer,
250 #endif
251           int idle_reason );
252 
253 #if defined(MBEDTLS_TEST_HOOKS)
254 /** Initialize whatever test hooks are enabled by the compile-time
255  * configuration and make sense for the TLS test programs. */
256 void test_hooks_init( void );
257 
258 /** Check if any test hooks detected a problem.
259  *
260  * If a problem was detected, it's ok for the calling program to keep going,
261  * but it should ultimately exit with an error status.
262  *
263  * \note When implementing a test hook that detects errors on its own
264  *       (as opposed to e.g. leaving the error for a memory sanitizer to
265  *       report), make sure to print a message to standard error either at
266  *       the time the problem is detected or during the execution of this
267  *       function. This function does not indicate what problem was detected,
268  *       so printing a message is the only way to provide feedback in the
269  *       logs of the calling program.
270  *
271  * \return Nonzero if a problem was detected.
272  *         \c 0 if no problem was detected.
273  */
274 int test_hooks_failure_detected( void );
275 
276 /** Free any resources allocated for the sake of test hooks.
277  *
278  * Call this at the end of the program so that resource leak analyzers
279  * don't complain.
280  */
281 void test_hooks_free( void );
282 
283 #endif /* !MBEDTLS_TEST_HOOKS */
284 
285 #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */
286 #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */
287