1 /* 2 * Common code for SSL test programs 3 * 4 * Copyright The Mbed TLS Contributors 5 * SPDX-License-Identifier: Apache-2.0 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may 8 * not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 */ 19 20 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 21 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 22 23 #include "mbedtls/build_info.h" 24 25 #include "mbedtls/platform.h" 26 27 #undef HAVE_RNG 28 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ 29 ( defined(MBEDTLS_USE_PSA_CRYPTO) || \ 30 defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) ) 31 #define HAVE_RNG 32 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) 33 #define HAVE_RNG 34 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ 35 ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) 36 #define HAVE_RNG 37 #endif 38 39 #if !defined(MBEDTLS_NET_C) || \ 40 !defined(MBEDTLS_SSL_TLS_C) 41 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 42 "MBEDTLS_NET_C and/or " \ 43 "MBEDTLS_SSL_TLS_C not defined." 44 #elif !defined(HAVE_RNG) 45 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 46 "No random generator is available.\n" 47 #else 48 #undef MBEDTLS_SSL_TEST_IMPOSSIBLE 49 50 #undef HAVE_RNG 51 52 #include <stdio.h> 53 #include <stdlib.h> 54 #include <string.h> 55 56 #include "mbedtls/net_sockets.h" 57 #include "mbedtls/ssl.h" 58 #include "mbedtls/ssl_ciphersuites.h" 59 #include "mbedtls/entropy.h" 60 #include "mbedtls/ctr_drbg.h" 61 #include "mbedtls/hmac_drbg.h" 62 #include "mbedtls/x509.h" 63 #include "mbedtls/error.h" 64 #include "mbedtls/debug.h" 65 #include "mbedtls/timing.h" 66 #include "mbedtls/base64.h" 67 #include "test/certs.h" 68 69 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 70 #include "psa/crypto.h" 71 #include "mbedtls/psa_util.h" 72 #endif 73 74 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) 75 #include "mbedtls/memory_buffer_alloc.h" 76 #endif 77 78 #include <test/helpers.h> 79 80 #include "../test/query_config.h" 81 82 typedef struct eap_tls_keys 83 { 84 unsigned char master_secret[48]; 85 unsigned char randbytes[64]; 86 mbedtls_tls_prf_types tls_prf_type; 87 } eap_tls_keys; 88 89 #if defined( MBEDTLS_SSL_DTLS_SRTP ) 90 91 /* Supported SRTP mode needs a maximum of : 92 * - 16 bytes for key (AES-128) 93 * - 14 bytes SALT 94 * One for sender, one for receiver context 95 */ 96 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 97 98 typedef struct dtls_srtp_keys 99 { 100 unsigned char master_secret[48]; 101 unsigned char randbytes[64]; 102 mbedtls_tls_prf_types tls_prf_type; 103 } dtls_srtp_keys; 104 105 #endif /* MBEDTLS_SSL_DTLS_SRTP */ 106 107 typedef struct 108 { 109 mbedtls_ssl_context *ssl; 110 mbedtls_net_context *net; 111 } io_ctx_t; 112 113 void my_debug( void *ctx, int level, 114 const char *file, int line, 115 const char *str ); 116 117 #if defined(MBEDTLS_HAVE_TIME) 118 mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); 119 #endif 120 121 #if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 122 /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use 123 * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator. 124 * 125 * The constraints are: 126 * - Without the entropy module, the PSA RNG is the only option. 127 * - Without at least one of the DRBG modules, the PSA RNG is the only option. 128 * - The PSA RNG does not support explicit seeding, so it is incompatible with 129 * the reproducible mode used by test programs. 130 * - For good overall test coverage, there should be at least one configuration 131 * where the test programs use the PSA RNG while the PSA RNG is itself based 132 * on entropy+DRBG, and at least one configuration where the test programs 133 * do not use the PSA RNG even though it's there. 134 * 135 * A simple choice that meets the constraints is to use the PSA RNG whenever 136 * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the 137 * choice to use the PSA RNG in the test programs and the choice to use 138 * PSA crypto when TLS code needs crypto have to be tied together, but it 139 * happens to be a good match. It's also a good match from an application 140 * perspective: either PSA is preferred for TLS (both for crypto and for 141 * random generation) or it isn't. 142 */ 143 #define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG 144 #endif 145 146 /** A context for random number generation (RNG). 147 */ 148 typedef struct 149 { 150 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 151 unsigned char dummy; 152 #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 153 mbedtls_entropy_context entropy; 154 #if defined(MBEDTLS_CTR_DRBG_C) 155 mbedtls_ctr_drbg_context drbg; 156 #elif defined(MBEDTLS_HMAC_DRBG_C) 157 mbedtls_hmac_drbg_context drbg; 158 #else 159 #error "No DRBG available" 160 #endif 161 #endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 162 } rng_context_t; 163 164 /** Initialize the RNG. 165 * 166 * This function only initializes the memory used by the RNG context. 167 * Before using the RNG, it must be seeded with rng_seed(). 168 */ 169 void rng_init( rng_context_t *rng ); 170 171 /* Seed the random number generator. 172 * 173 * \param rng The RNG context to use. It must have been initialized 174 * with rng_init(). 175 * \param reproducible If zero, seed the RNG from entropy. 176 * If nonzero, use a fixed seed, so that the program 177 * will produce the same sequence of random numbers 178 * each time it is invoked. 179 * \param pers A null-terminated string. Different values for this 180 * string cause the RNG to emit different output for 181 * the same seed. 182 * 183 * return 0 on success, a negative value on error. 184 */ 185 int rng_seed( rng_context_t *rng, int reproducible, const char *pers ); 186 187 /** Deinitialize the RNG. Free any embedded resource. 188 * 189 * \param rng The RNG context to deinitialize. It must have been 190 * initialized with rng_init(). 191 */ 192 void rng_free( rng_context_t *rng ); 193 194 /** Generate random data. 195 * 196 * This function is suitable for use as the \c f_rng argument to Mbed TLS 197 * library functions. 198 * 199 * \param p_rng The random generator context. This must be a pointer to 200 * a #rng_context_t structure. 201 * \param output The buffer to fill. 202 * \param output_len The length of the buffer in bytes. 203 * 204 * \return \c 0 on success. 205 * \return An Mbed TLS error code on error. 206 */ 207 int rng_get( void *p_rng, unsigned char *output, size_t output_len ); 208 209 /** Parse command-line option: key_opaque_algs 210 * 211 * 212 * \param arg String value of key_opaque_algs 213 * Coma-separated pair of values among the following: 214 * - "rsa-sign-pkcs1" 215 * - "rsa-sign-pss" 216 * - "rsa-decrypt" 217 * - "ecdsa-sign" 218 * - "ecdh" 219 * - "none" (only acceptable for the second value). 220 * \param alg1 Address of pointer to alg #1 221 * \param alg2 Address of pointer to alg #2 222 * 223 * \return \c 0 on success. 224 * \return \c 1 on parse failure. 225 */ 226 int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 ); 227 228 #if defined(MBEDTLS_USE_PSA_CRYPTO) 229 /** Parse given opaque key algorithms to obtain psa algs and usage 230 * that will be passed to mbedtls_pk_wrap_as_opaque(). 231 * 232 * 233 * \param alg1 input string opaque key algorithm #1 234 * \param alg2 input string opaque key algorithm #2 235 * \param psa_alg1 output PSA algorithm #1 236 * \param psa_alg2 output PSA algorithm #2 237 * \param usage output key usage 238 * \param key_type key type used to set default psa algorithm/usage 239 * when alg1 in "none" 240 * 241 * \return \c 0 on success. 242 * \return \c 1 on parse failure. 243 */ 244 int key_opaque_set_alg_usage( const char *alg1, const char *alg2, 245 psa_algorithm_t *psa_alg1, 246 psa_algorithm_t *psa_alg2, 247 psa_key_usage_t *usage, 248 mbedtls_pk_type_t key_type ); 249 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 250 251 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 252 /* The test implementation of the PSA external RNG is insecure. When 253 * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto 254 * function that makes use of an RNG, you must call 255 * mbedtls_test_enable_insecure_external_rng(). */ 256 #include <test/fake_external_rng_for_test.h> 257 #endif 258 259 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 260 int ca_callback( void *data, mbedtls_x509_crt const *child, 261 mbedtls_x509_crt **candidates ); 262 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 263 264 /* 265 * Test recv/send functions that make sure each try returns 266 * WANT_READ/WANT_WRITE at least once before succeeding 267 */ 268 int delayed_recv( void *ctx, unsigned char *buf, size_t len ); 269 int delayed_send( void *ctx, const unsigned char *buf, size_t len ); 270 271 /* 272 * Wait for an event from the underlying transport or the timer 273 * (Used in event-driven IO mode). 274 */ 275 int idle( mbedtls_net_context *fd, 276 #if defined(MBEDTLS_TIMING_C) 277 mbedtls_timing_delay_context *timer, 278 #endif 279 int idle_reason ); 280 281 #if defined(MBEDTLS_TEST_HOOKS) 282 /** Initialize whatever test hooks are enabled by the compile-time 283 * configuration and make sense for the TLS test programs. */ 284 void test_hooks_init( void ); 285 286 /** Check if any test hooks detected a problem. 287 * 288 * If a problem was detected, it's ok for the calling program to keep going, 289 * but it should ultimately exit with an error status. 290 * 291 * \note When implementing a test hook that detects errors on its own 292 * (as opposed to e.g. leaving the error for a memory sanitizer to 293 * report), make sure to print a message to standard error either at 294 * the time the problem is detected or during the execution of this 295 * function. This function does not indicate what problem was detected, 296 * so printing a message is the only way to provide feedback in the 297 * logs of the calling program. 298 * 299 * \return Nonzero if a problem was detected. 300 * \c 0 if no problem was detected. 301 */ 302 int test_hooks_failure_detected( void ); 303 304 /** Free any resources allocated for the sake of test hooks. 305 * 306 * Call this at the end of the program so that resource leak analyzers 307 * don't complain. 308 */ 309 void test_hooks_free( void ); 310 311 #endif /* !MBEDTLS_TEST_HOOKS */ 312 313 #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */ 314 #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */ 315