• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * \file platform_util.h
3  *
4  * \brief Common and shared functions used by multiple modules in the Mbed TLS
5  *        library.
6  */
7 /*
8  *  Copyright The Mbed TLS Contributors
9  *  SPDX-License-Identifier: Apache-2.0
10  *
11  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
12  *  not use this file except in compliance with the License.
13  *  You may obtain a copy of the License at
14  *
15  *  http://www.apache.org/licenses/LICENSE-2.0
16  *
17  *  Unless required by applicable law or agreed to in writing, software
18  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
19  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20  *  See the License for the specific language governing permissions and
21  *  limitations under the License.
22  */
23 #ifndef MBEDTLS_PLATFORM_UTIL_H
24 #define MBEDTLS_PLATFORM_UTIL_H
25 
26 #include "mbedtls/build_info.h"
27 
28 #include <stddef.h>
29 #if defined(MBEDTLS_HAVE_TIME_DATE)
30 #include "mbedtls/platform_time.h"
31 #include <time.h>
32 #endif /* MBEDTLS_HAVE_TIME_DATE */
33 
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37 
38 /* Internal macros meant to be called only from within the library. */
39 #define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret )  \
40     do {                                            \
41         if( !(cond) )                               \
42         {                                           \
43             return( ret );                          \
44         }                                           \
45     } while( 0 )
46 
47 /* Internal macro meant to be called only from within the library. */
48 #define MBEDTLS_INTERNAL_VALIDATE( cond )           \
49     do {                                            \
50         if( !(cond) )                               \
51         {                                           \
52             return;                                 \
53         }                                           \
54     } while( 0 )
55 
56 /* Internal helper macros for deprecating API constants. */
57 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
58 #if defined(MBEDTLS_DEPRECATED_WARNING)
59 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
60 MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t;
61 #define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL )       \
62     ( (mbedtls_deprecated_string_constant_t) ( VAL ) )
63 MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
64 #define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL )       \
65     ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) )
66 #else /* MBEDTLS_DEPRECATED_WARNING */
67 #define MBEDTLS_DEPRECATED
68 #define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL
69 #define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL
70 #endif /* MBEDTLS_DEPRECATED_WARNING */
71 #endif /* MBEDTLS_DEPRECATED_REMOVED */
72 
73 /* Implementation of the check-return facility.
74  * See the user documentation in mbedtls_config.h.
75  *
76  * Do not use this macro directly to annotate function: instead,
77  * use one of MBEDTLS_CHECK_RETURN_CRITICAL or MBEDTLS_CHECK_RETURN_TYPICAL
78  * depending on how important it is to check the return value.
79  */
80 #if !defined(MBEDTLS_CHECK_RETURN)
81 #if defined(__GNUC__)
82 #define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
83 #elif defined(_MSC_VER) && _MSC_VER >= 1700
84 #include <sal.h>
85 #define MBEDTLS_CHECK_RETURN _Check_return_
86 #else
87 #define MBEDTLS_CHECK_RETURN
88 #endif
89 #endif
90 
91 /** Critical-failure function
92  *
93  * This macro appearing at the beginning of the declaration of a function
94  * indicates that its return value should be checked in all applications.
95  * Omitting the check is very likely to indicate a bug in the application
96  * and will result in a compile-time warning if #MBEDTLS_CHECK_RETURN
97  * is implemented for the compiler in use.
98  *
99  * \note  The use of this macro is a work in progress.
100  *        This macro may be added to more functions in the future.
101  *        Such an extension is not considered an API break, provided that
102  *        there are near-unavoidable circumstances under which the function
103  *        can fail. For example, signature/MAC/AEAD verification functions,
104  *        and functions that require a random generator, are considered
105  *        return-check-critical.
106  */
107 #define MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN
108 
109 /** Ordinary-failure function
110  *
111  * This macro appearing at the beginning of the declaration of a function
112  * indicates that its return value should be generally be checked in portable
113  * applications. Omitting the check will result in a compile-time warning if
114  * #MBEDTLS_CHECK_RETURN is implemented for the compiler in use and
115  * #MBEDTLS_CHECK_RETURN_WARNING is enabled in the compile-time configuration.
116  *
117  * You can use #MBEDTLS_IGNORE_RETURN to explicitly ignore the return value
118  * of a function that is annotated with #MBEDTLS_CHECK_RETURN.
119  *
120  * \note  The use of this macro is a work in progress.
121  *        This macro will be added to more functions in the future.
122  *        Eventually this should appear before most functions returning
123  *        an error code (as \c int in the \c mbedtls_xxx API or
124  *        as ::psa_status_t in the \c psa_xxx API).
125  */
126 #if defined(MBEDTLS_CHECK_RETURN_WARNING)
127 #define MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN
128 #else
129 #define MBEDTLS_CHECK_RETURN_TYPICAL
130 #endif
131 
132 /** Benign-failure function
133  *
134  * This macro appearing at the beginning of the declaration of a function
135  * indicates that it is rarely useful to check its return value.
136  *
137  * This macro has an empty expansion. It exists for documentation purposes:
138  * a #MBEDTLS_CHECK_RETURN_OPTIONAL annotation indicates that the function
139  * has been analyzed for return-check usefuless, whereas the lack of
140  * an annotation indicates that the function has not been analyzed and its
141  * return-check usefulness is unknown.
142  */
143 #define MBEDTLS_CHECK_RETURN_OPTIONAL
144 
145 /** \def MBEDTLS_IGNORE_RETURN
146  *
147  * Call this macro with one argument, a function call, to suppress a warning
148  * from #MBEDTLS_CHECK_RETURN due to that function call.
149  */
150 #if !defined(MBEDTLS_IGNORE_RETURN)
151 /* GCC doesn't silence the warning with just (void)(result).
152  * (void)!(result) is known to work up at least up to GCC 10, as well
153  * as with Clang and MSVC.
154  *
155  * https://gcc.gnu.org/onlinedocs/gcc-3.4.6/gcc/Non_002dbugs.html
156  * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
157  * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34
158  */
159 #define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) )
160 #endif
161 
162 /**
163  * \brief       Securely zeroize a buffer
164  *
165  *              The function is meant to wipe the data contained in a buffer so
166  *              that it can no longer be recovered even if the program memory
167  *              is later compromised. Call this function on sensitive data
168  *              stored on the stack before returning from a function, and on
169  *              sensitive data stored on the heap before freeing the heap
170  *              object.
171  *
172  *              It is extremely difficult to guarantee that calls to
173  *              mbedtls_platform_zeroize() are not removed by aggressive
174  *              compiler optimizations in a portable way. For this reason, Mbed
175  *              TLS provides the configuration option
176  *              MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
177  *              mbedtls_platform_zeroize() to use a suitable implementation for
178  *              their platform and needs
179  *
180  * \param buf   Buffer to be zeroized
181  * \param len   Length of the buffer in bytes
182  *
183  */
184 void mbedtls_platform_zeroize( void *buf, size_t len );
185 
186 #if defined(MBEDTLS_HAVE_TIME_DATE)
187 /**
188  * \brief      Platform-specific implementation of gmtime_r()
189  *
190  *             The function is a thread-safe abstraction that behaves
191  *             similarly to the gmtime_r() function from Unix/POSIX.
192  *
193  *             Mbed TLS will try to identify the underlying platform and
194  *             make use of an appropriate underlying implementation (e.g.
195  *             gmtime_r() for POSIX and gmtime_s() for Windows). If this is
196  *             not possible, then gmtime() will be used. In this case, calls
197  *             from the library to gmtime() will be guarded by the mutex
198  *             mbedtls_threading_gmtime_mutex if MBEDTLS_THREADING_C is
199  *             enabled. It is recommended that calls from outside the library
200  *             are also guarded by this mutex.
201  *
202  *             If MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, then Mbed TLS will
203  *             unconditionally use the alternative implementation for
204  *             mbedtls_platform_gmtime_r() supplied by the user at compile time.
205  *
206  * \param tt     Pointer to an object containing time (in seconds) since the
207  *               epoch to be converted
208  * \param tm_buf Pointer to an object where the results will be stored
209  *
210  * \return      Pointer to an object of type struct tm on success, otherwise
211  *              NULL
212  */
213 struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
214                                       struct tm *tm_buf );
215 #endif /* MBEDTLS_HAVE_TIME_DATE */
216 
217 #ifdef __cplusplus
218 }
219 #endif
220 
221 #endif /* MBEDTLS_PLATFORM_UTIL_H */
222