1 /*
2 * Common code library for SSL test programs.
3 *
4 * In addition to the functions in this file, there is shared source code
5 * that cannot be compiled separately in "ssl_test_common_source.c".
6 *
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 */
22
23 #define MBEDTLS_ALLOW_PRIVATE_ACCESS
24
25 #include "ssl_test_lib.h"
26
27 #if defined(MBEDTLS_TEST_HOOKS)
28 #include "test/helpers.h"
29 #endif
30
31 #if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
32
my_debug(void * ctx,int level,const char * file,int line,const char * str)33 void my_debug( void *ctx, int level,
34 const char *file, int line,
35 const char *str )
36 {
37 const char *p, *basename;
38
39 /* Extract basename from file */
40 for( p = basename = file; *p != '\0'; p++ )
41 if( *p == '/' || *p == '\\' )
42 basename = p + 1;
43
44 mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
45 basename, line, level, str );
46 fflush( (FILE *) ctx );
47 }
48
49 #if defined(MBEDTLS_HAVE_TIME)
dummy_constant_time(mbedtls_time_t * time)50 mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
51 {
52 (void) time;
53 return 0x5af2a056;
54 }
55 #endif
56
57 #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
dummy_entropy(void * data,unsigned char * output,size_t len)58 static int dummy_entropy( void *data, unsigned char *output, size_t len )
59 {
60 size_t i;
61 int ret;
62 (void) data;
63
64 ret = mbedtls_entropy_func( data, output, len );
65 for( i = 0; i < len; i++ )
66 {
67 //replace result with pseudo random
68 output[i] = (unsigned char) rand();
69 }
70 return( ret );
71 }
72 #endif
73
rng_init(rng_context_t * rng)74 void rng_init( rng_context_t *rng )
75 {
76 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
77 (void) rng;
78 psa_crypto_init( );
79 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
80
81 #if defined(MBEDTLS_CTR_DRBG_C)
82 mbedtls_ctr_drbg_init( &rng->drbg );
83 #elif defined(MBEDTLS_HMAC_DRBG_C)
84 mbedtls_hmac_drbg_init( &rng->drbg );
85 #else
86 #error "No DRBG available"
87 #endif
88
89 mbedtls_entropy_init( &rng->entropy );
90 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
91 }
92
rng_seed(rng_context_t * rng,int reproducible,const char * pers)93 int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
94 {
95 #if defined(MBEDTLS_USE_PSA_CRYPTO)
96 if( reproducible )
97 {
98 mbedtls_fprintf( stderr,
99 "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n" );
100 return( -1 );
101 }
102 #endif
103 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
104 /* The PSA crypto RNG does its own seeding. */
105 (void) rng;
106 (void) pers;
107 if( reproducible )
108 {
109 mbedtls_fprintf( stderr,
110 "The PSA RNG does not support reproducible mode.\n" );
111 return( -1 );
112 }
113 return( 0 );
114 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
115 int ( *f_entropy )( void *, unsigned char *, size_t ) =
116 ( reproducible ? dummy_entropy : mbedtls_entropy_func );
117
118 if ( reproducible )
119 srand( 1 );
120
121 #if defined(MBEDTLS_CTR_DRBG_C)
122 int ret = mbedtls_ctr_drbg_seed( &rng->drbg,
123 f_entropy, &rng->entropy,
124 (const unsigned char *) pers,
125 strlen( pers ) );
126 #elif defined(MBEDTLS_HMAC_DRBG_C)
127 #if defined(MBEDTLS_SHA256_C)
128 const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
129 #elif defined(MBEDTLS_SHA512_C)
130 const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
131 #else
132 #error "No message digest available for HMAC_DRBG"
133 #endif
134 int ret = mbedtls_hmac_drbg_seed( &rng->drbg,
135 mbedtls_md_info_from_type( md_type ),
136 f_entropy, &rng->entropy,
137 (const unsigned char *) pers,
138 strlen( pers ) );
139 #else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
140 #error "No DRBG available"
141 #endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
142
143 if( ret != 0 )
144 {
145 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n",
146 (unsigned int) -ret );
147 return( ret );
148 }
149 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
150
151 return( 0 );
152 }
153
rng_free(rng_context_t * rng)154 void rng_free( rng_context_t *rng )
155 {
156 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
157 (void) rng;
158 /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs.
159 * This is ok because none of our applications try to do any crypto after
160 * deinitializing the RNG. */
161 mbedtls_psa_crypto_free( );
162 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
163
164 #if defined(MBEDTLS_CTR_DRBG_C)
165 mbedtls_ctr_drbg_free( &rng->drbg );
166 #elif defined(MBEDTLS_HMAC_DRBG_C)
167 mbedtls_hmac_drbg_free( &rng->drbg );
168 #else
169 #error "No DRBG available"
170 #endif
171
172 mbedtls_entropy_free( &rng->entropy );
173 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
174 }
175
rng_get(void * p_rng,unsigned char * output,size_t output_len)176 int rng_get( void *p_rng, unsigned char *output, size_t output_len )
177 {
178 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
179 (void) p_rng;
180 return( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
181 output, output_len ) );
182 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
183 rng_context_t *rng = p_rng;
184
185 #if defined(MBEDTLS_CTR_DRBG_C)
186 return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) );
187 #elif defined(MBEDTLS_HMAC_DRBG_C)
188 return( mbedtls_hmac_drbg_random( &rng->drbg, output, output_len ) );
189 #else
190 #error "No DRBG available"
191 #endif
192
193 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
194 }
195
key_opaque_alg_parse(const char * arg,const char ** alg1,const char ** alg2)196 int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 )
197 {
198 char* separator;
199 if( ( separator = strchr( arg, ',' ) ) == NULL )
200 return 1;
201 *separator = '\0';
202
203 *alg1 = arg;
204 *alg2 = separator + 1;
205
206 if( strcmp( *alg1, "rsa-sign-pkcs1" ) != 0 &&
207 strcmp( *alg1, "rsa-sign-pss" ) != 0 &&
208 strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 &&
209 strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 &&
210 strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 &&
211 strcmp( *alg1, "rsa-decrypt" ) != 0 &&
212 strcmp( *alg1, "ecdsa-sign" ) != 0 &&
213 strcmp( *alg1, "ecdh" ) != 0 )
214 return 1;
215
216 if( strcmp( *alg2, "rsa-sign-pkcs1" ) != 0 &&
217 strcmp( *alg2, "rsa-sign-pss" ) != 0 &&
218 strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 &&
219 strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 &&
220 strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 &&
221 strcmp( *alg2, "rsa-decrypt" ) != 0 &&
222 strcmp( *alg2, "ecdsa-sign" ) != 0 &&
223 strcmp( *alg2, "ecdh" ) != 0 &&
224 strcmp( *alg2, "none" ) != 0 )
225 return 1;
226
227 return 0;
228 }
229
230 #if defined(MBEDTLS_USE_PSA_CRYPTO)
key_opaque_set_alg_usage(const char * alg1,const char * alg2,psa_algorithm_t * psa_alg1,psa_algorithm_t * psa_alg2,psa_key_usage_t * usage,mbedtls_pk_type_t key_type)231 int key_opaque_set_alg_usage( const char *alg1, const char *alg2,
232 psa_algorithm_t *psa_alg1,
233 psa_algorithm_t *psa_alg2,
234 psa_key_usage_t *usage,
235 mbedtls_pk_type_t key_type )
236 {
237 if( strcmp( alg1, "none" ) != 0 )
238 {
239 const char * algs[] = { alg1, alg2 };
240 psa_algorithm_t *psa_algs[] = { psa_alg1, psa_alg2 };
241
242 for ( int i = 0; i < 2; i++ )
243 {
244 if( strcmp( algs[i], "rsa-sign-pkcs1" ) == 0 )
245 {
246 *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
247 *usage |= PSA_KEY_USAGE_SIGN_HASH;
248 }
249 else if( strcmp( algs[i], "rsa-sign-pss" ) == 0 )
250 {
251 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
252 *usage |= PSA_KEY_USAGE_SIGN_HASH;
253 }
254 else if( strcmp( algs[i], "rsa-sign-pss-sha256" ) == 0 )
255 {
256 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 );
257 *usage |= PSA_KEY_USAGE_SIGN_HASH;
258 }
259 else if( strcmp( algs[i], "rsa-sign-pss-sha384" ) == 0 )
260 {
261 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_384 );
262 *usage |= PSA_KEY_USAGE_SIGN_HASH;
263 }
264 else if( strcmp( algs[i], "rsa-sign-pss-sha512" ) == 0 )
265 {
266 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_512 );
267 *usage |= PSA_KEY_USAGE_SIGN_HASH;
268 }
269 else if( strcmp( algs[i], "rsa-decrypt" ) == 0 )
270 {
271 *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_CRYPT;
272 *usage |= PSA_KEY_USAGE_DECRYPT;
273 }
274 else if( strcmp( algs[i], "ecdsa-sign" ) == 0 )
275 {
276 *psa_algs[i] = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
277 *usage |= PSA_KEY_USAGE_SIGN_HASH;
278 }
279 else if( strcmp( algs[i], "ecdh" ) == 0 )
280 {
281 *psa_algs[i] = PSA_ALG_ECDH;
282 *usage |= PSA_KEY_USAGE_DERIVE;
283 }
284 else if( strcmp( algs[i], "none" ) == 0 )
285 {
286 *psa_algs[i] = PSA_ALG_NONE;
287 }
288 }
289 }
290 else
291 {
292 if( key_type == MBEDTLS_PK_ECKEY )
293 {
294 *psa_alg1 = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
295 *psa_alg2 = PSA_ALG_ECDH;
296 *usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
297 }
298 else if( key_type == MBEDTLS_PK_RSA )
299 {
300 *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
301 *psa_alg2 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
302 *usage = PSA_KEY_USAGE_SIGN_HASH;
303 }
304 else
305 {
306 return 1;
307 }
308 }
309
310 return 0;
311 }
312 #endif /* MBEDTLS_USE_PSA_CRYPTO */
313
314 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
ca_callback(void * data,mbedtls_x509_crt const * child,mbedtls_x509_crt ** candidates)315 int ca_callback( void *data, mbedtls_x509_crt const *child,
316 mbedtls_x509_crt **candidates )
317 {
318 int ret = 0;
319 mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
320 mbedtls_x509_crt *first;
321
322 /* This is a test-only implementation of the CA callback
323 * which always returns the entire list of trusted certificates.
324 * Production implementations managing a large number of CAs
325 * should use an efficient presentation and lookup for the
326 * set of trusted certificates (such as a hashtable) and only
327 * return those trusted certificates which satisfy basic
328 * parental checks, such as the matching of child `Issuer`
329 * and parent `Subject` field or matching key identifiers. */
330 ((void) child);
331
332 first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
333 if( first == NULL )
334 {
335 ret = -1;
336 goto exit;
337 }
338 mbedtls_x509_crt_init( first );
339
340 if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
341 {
342 ret = -1;
343 goto exit;
344 }
345
346 while( ca->next != NULL )
347 {
348 ca = ca->next;
349 if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
350 {
351 ret = -1;
352 goto exit;
353 }
354 }
355
356 exit:
357
358 if( ret != 0 )
359 {
360 mbedtls_x509_crt_free( first );
361 mbedtls_free( first );
362 first = NULL;
363 }
364
365 *candidates = first;
366 return( ret );
367 }
368 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
369
delayed_recv(void * ctx,unsigned char * buf,size_t len)370 int delayed_recv( void *ctx, unsigned char *buf, size_t len )
371 {
372 static int first_try = 1;
373 int ret;
374
375 if( first_try )
376 {
377 first_try = 0;
378 return( MBEDTLS_ERR_SSL_WANT_READ );
379 }
380
381 ret = mbedtls_net_recv( ctx, buf, len );
382 if( ret != MBEDTLS_ERR_SSL_WANT_READ )
383 first_try = 1; /* Next call will be a new operation */
384 return( ret );
385 }
386
delayed_send(void * ctx,const unsigned char * buf,size_t len)387 int delayed_send( void *ctx, const unsigned char *buf, size_t len )
388 {
389 static int first_try = 1;
390 int ret;
391
392 if( first_try )
393 {
394 first_try = 0;
395 return( MBEDTLS_ERR_SSL_WANT_WRITE );
396 }
397
398 ret = mbedtls_net_send( ctx, buf, len );
399 if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
400 first_try = 1; /* Next call will be a new operation */
401 return( ret );
402 }
403
404 #if !defined(MBEDTLS_TIMING_C)
idle(mbedtls_net_context * fd,int idle_reason)405 int idle( mbedtls_net_context *fd,
406 int idle_reason )
407 #else
408 int idle( mbedtls_net_context *fd,
409 mbedtls_timing_delay_context *timer,
410 int idle_reason )
411 #endif
412 {
413 int ret;
414 int poll_type = 0;
415
416 if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
417 poll_type = MBEDTLS_NET_POLL_WRITE;
418 else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
419 poll_type = MBEDTLS_NET_POLL_READ;
420 #if !defined(MBEDTLS_TIMING_C)
421 else
422 return( 0 );
423 #endif
424
425 while( 1 )
426 {
427 /* Check if timer has expired */
428 #if defined(MBEDTLS_TIMING_C)
429 if( timer != NULL &&
430 mbedtls_timing_get_delay( timer ) == 2 )
431 {
432 break;
433 }
434 #endif /* MBEDTLS_TIMING_C */
435
436 /* Check if underlying transport became available */
437 if( poll_type != 0 )
438 {
439 ret = mbedtls_net_poll( fd, poll_type, 0 );
440 if( ret < 0 )
441 return( ret );
442 if( ret == poll_type )
443 break;
444 }
445 }
446
447 return( 0 );
448 }
449
450 #if defined(MBEDTLS_TEST_HOOKS)
451
test_hooks_init(void)452 void test_hooks_init( void )
453 {
454 mbedtls_test_info_reset( );
455
456 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
457 mbedtls_test_mutex_usage_init( );
458 #endif
459 }
460
test_hooks_failure_detected(void)461 int test_hooks_failure_detected( void )
462 {
463 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
464 /* Errors are reported via mbedtls_test_info. */
465 mbedtls_test_mutex_usage_check( );
466 #endif
467
468 if( mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS )
469 return( 1 );
470 return( 0 );
471 }
472
test_hooks_free(void)473 void test_hooks_free( void )
474 {
475 }
476
477 #endif /* MBEDTLS_TEST_HOOKS */
478
479 #endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
480