2014-05-30 10:38:18 +02:00
|
|
|
/* BEGIN_HEADER */
|
2015-03-09 18:05:11 +01:00
|
|
|
#include "mbedtls/entropy.h"
|
2016-06-01 16:36:18 +02:00
|
|
|
#include "mbedtls/entropy_poll.h"
|
Merge mbedtls 2.16.6 into baremetal
Conflicts:
mbedtls.doxyfile - PROJECT_NAME - mbed TLS v2.16.6 chosen.
doc_mainpage.h - mbed TLS v2.16.6 version chosen.
hmac_drbg.h - line 260, extended description chosen.
- line 313, extended description chosen.
- line 338, extended description chosen.
version.h - 2.16.6 chosen.
CMakeLists.txt - 2.16.6 chosen.
test_suite_version.data - 2.16.6 chosen.
Makefile - 141 - manual correction - baremetal version of C_SOURCE_FILES
with variables for directories plus 2.16.6 CTAGS addition.
pkparse.c - lines 846 onwards - the asn1_get_nonzero_mpi implementation chosen.
ssl_tls.c - line 5269 - edited manually, left the ret=0, because baremetal has
a different behaviour since commit 87b5626, but added a debug
message that's new in 2.16.6.
all.sh:
- component_build_deprecated - chosen the refactored version from 2.16.6,
but with extra flags from baremetal.
- rest of the _no_xxx tests - merged make options to have PTHREAD=1 and
other changes from 2.16.6 (like -O1 instead of -O0).
- component_build_arm_none_eabi_gcc_no_64bit_multiplication - added
TINYCRYPT_BUILD=0 to the 2.16.6 version of make.
x509/req_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
x509/crl_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
x509/cert_app.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_mail_client.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_pthread_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl/ssl_fork_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_client1.c - line 54 - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_client2.c - line 54 - left baremetal log but with mbedtls_exit( 0 ) call.
- line 132 - new options of both branches added.
- skip close notify handled as in 2.16.6, but with `ssl` instead of `&ssl`.
- Merged the 2.16.6 usage split with additional baremetal usages.
- Merged options from baremetal and 2.16.6.
ssl_server.c - left baremetal log but with mbedtls_exit( 0 ) call.
ssl_server2.c - Merged the 2.16.6 usage split with additional baremetal usages.
config.pl - fixed missing defines from the documentation, removed duplicates,
and reorganised so that the documentation and excluded list
are ordered in the same way.
test_suite_x509parse.data - only added the two new pathlen tests.
x509_crt.c - change the return code by removing
MBEDTLS_ERR_X509_INVALID_EXTENSIONS, since it's added by
x509_crt_frame_parse_ext not by an "or", but by "+=".
Changelog - Assigned all entries to appropriate sections.
ssl-opt.sh - line 8263 - merged options.
- removed lines 1165 - 1176 - there was a duplicate test, probably
an artifact of previous merges.
check-files.py - sticked to old formatting.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-05-18 17:47:25 +02:00
|
|
|
#include "mbedtls/md.h"
|
2017-04-06 12:55:43 +02:00
|
|
|
#include "string.h"
|
2014-05-30 11:42:01 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Number of calls made to entropy_dummy_source()
|
|
|
|
|
*/
|
|
|
|
|
static size_t entropy_dummy_calls;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Dummy entropy source
|
|
|
|
|
*
|
|
|
|
|
* If data is NULL, write exactly the requested length.
|
|
|
|
|
* Otherwise, write the length indicated by data or error if negative
|
|
|
|
|
*/
|
|
|
|
|
static int entropy_dummy_source( void *data, unsigned char *output,
|
|
|
|
|
size_t len, size_t *olen )
|
|
|
|
|
{
|
|
|
|
|
entropy_dummy_calls++;
|
|
|
|
|
|
|
|
|
|
if( data == NULL )
|
|
|
|
|
*olen = len;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
int *d = (int *) data;
|
|
|
|
|
|
|
|
|
|
if( *d < 0 )
|
2015-04-08 12:49:31 +02:00
|
|
|
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
2014-05-30 11:42:01 +02:00
|
|
|
else
|
|
|
|
|
*olen = *d;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memset( output, 0x2a, *olen );
|
|
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
2016-06-01 16:36:18 +02:00
|
|
|
|
2016-06-01 17:34:25 +02:00
|
|
|
#if defined(MBEDTLS_ENTROPY_NV_SEED)
|
2016-06-01 16:36:18 +02:00
|
|
|
/*
|
|
|
|
|
* Ability to clear entropy sources to allow testing with just predefined
|
|
|
|
|
* entropy sources. This function or tests depending on it might break if there
|
|
|
|
|
* are internal changes to how entropy sources are registered.
|
|
|
|
|
*
|
|
|
|
|
* To be called immediately after mbedtls_entropy_init().
|
|
|
|
|
*
|
|
|
|
|
* Just resetting the counter. New sources will overwrite existing ones.
|
|
|
|
|
* This might break memory checks in the future if sources need 'free-ing' then
|
|
|
|
|
* as well.
|
|
|
|
|
*/
|
2019-06-21 13:56:05 +02:00
|
|
|
void entropy_clear_sources( mbedtls_entropy_context *ctx )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
ctx->source_count = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* NV seed read/write functions that use a buffer instead of a file
|
|
|
|
|
*/
|
|
|
|
|
static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
|
2019-06-21 13:56:05 +02:00
|
|
|
int buffer_nv_seed_read( unsigned char *buf, size_t buf_len )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
memcpy( buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-21 13:56:05 +02:00
|
|
|
int buffer_nv_seed_write( unsigned char *buf, size_t buf_len )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
memcpy( buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* NV seed read/write helpers that fill the base seedfile
|
|
|
|
|
*/
|
2019-06-21 13:56:05 +02:00
|
|
|
int write_nv_seed( unsigned char *buf, size_t buf_len )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
FILE *f;
|
|
|
|
|
|
|
|
|
|
if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) !=
|
|
|
|
|
MBEDTLS_ENTROPY_BLOCK_SIZE )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
fclose( f );
|
|
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-21 13:56:05 +02:00
|
|
|
int read_nv_seed( unsigned char *buf, size_t buf_len )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
FILE *f;
|
|
|
|
|
|
|
|
|
|
if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
if( fread( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) !=
|
|
|
|
|
MBEDTLS_ENTROPY_BLOCK_SIZE )
|
|
|
|
|
return( -1 );
|
|
|
|
|
|
|
|
|
|
fclose( f );
|
|
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
2016-06-01 17:34:25 +02:00
|
|
|
#endif /* MBEDTLS_ENTROPY_NV_SEED */
|
2014-05-30 10:38:18 +02:00
|
|
|
/* END_HEADER */
|
|
|
|
|
|
|
|
|
|
/* BEGIN_DEPENDENCIES
|
2015-04-08 12:49:31 +02:00
|
|
|
* depends_on:MBEDTLS_ENTROPY_C
|
2014-05-30 10:38:18 +02:00
|
|
|
* END_DEPENDENCIES
|
|
|
|
|
*/
|
|
|
|
|
|
2016-09-15 19:42:26 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void entropy_seed_file( char * path, int ret )
|
2014-05-30 10:38:18 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_context ctx;
|
2014-05-30 10:38:18 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_init( &ctx );
|
2014-05-30 10:38:18 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path ) == ret );
|
|
|
|
|
TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path ) == ret );
|
2014-05-30 10:38:18 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_free( &ctx );
|
2014-05-30 10:38:18 +02:00
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2014-05-30 11:42:01 +02:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void entropy_too_many_sources( )
|
2014-05-30 11:42:01 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_context ctx;
|
2014-05-30 11:42:01 +02:00
|
|
|
size_t i;
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_init( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* It's hard to tell precisely when the error will occur,
|
|
|
|
|
* since we don't know how many sources were automatically added.
|
|
|
|
|
*/
|
2015-04-08 12:49:31 +02:00
|
|
|
for( i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++ )
|
2015-06-19 10:26:32 +02:00
|
|
|
(void) mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL,
|
|
|
|
|
16, MBEDTLS_ENTROPY_SOURCE_WEAK );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
2015-06-19 10:26:32 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL,
|
|
|
|
|
16, MBEDTLS_ENTROPY_SOURCE_WEAK )
|
2015-04-08 12:49:31 +02:00
|
|
|
== MBEDTLS_ERR_ENTROPY_MAX_SOURCES );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_free( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2017-09-07 09:09:33 +02:00
|
|
|
/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */
|
2014-05-30 11:42:01 +02:00
|
|
|
void entropy_func_len( int len, int ret )
|
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_context ctx;
|
|
|
|
|
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
|
|
|
|
|
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 };
|
2014-05-30 11:42:01 +02:00
|
|
|
size_t i, j;
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_init( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
|
|
|
|
/*
|
2015-04-08 12:49:31 +02:00
|
|
|
* See comments in mbedtls_entropy_self_test()
|
2014-05-30 11:42:01 +02:00
|
|
|
*/
|
|
|
|
|
for( i = 0; i < 8; i++ )
|
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, len ) == ret );
|
2014-05-30 11:42:01 +02:00
|
|
|
for( j = 0; j < sizeof( buf ); j++ )
|
|
|
|
|
acc[j] |= buf[j];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if( ret == 0 )
|
|
|
|
|
for( j = 0; j < (size_t) len; j++ )
|
|
|
|
|
TEST_ASSERT( acc[j] != 0 );
|
|
|
|
|
|
|
|
|
|
for( j = len; j < sizeof( buf ); j++ )
|
|
|
|
|
TEST_ASSERT( acc[j] == 0 );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2020-01-07 12:15:40 +01:00
|
|
|
/* BEGIN_CASE depends_on:ENTROPY_SOURCE_COUNT_MORE_THAN_TWO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void entropy_source_fail( char * path )
|
2014-05-30 11:42:01 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_context ctx;
|
2014-05-30 11:42:01 +02:00
|
|
|
int fail = -1;
|
|
|
|
|
unsigned char buf[16];
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_init( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
2015-06-19 10:26:32 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
|
|
|
|
|
&fail, 16,
|
|
|
|
|
MBEDTLS_ENTROPY_SOURCE_WEAK )
|
2014-05-30 11:42:01 +02:00
|
|
|
== 0 );
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) )
|
|
|
|
|
== MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
|
|
|
|
TEST_ASSERT( mbedtls_entropy_gather( &ctx )
|
|
|
|
|
== MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
2016-09-15 19:42:26 +02:00
|
|
|
#if defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_NV_SEED)
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path )
|
|
|
|
|
== MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
|
|
|
|
TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path )
|
|
|
|
|
== MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
|
2014-05-30 11:42:01 +02:00
|
|
|
#else
|
|
|
|
|
((void) path);
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_free( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2020-01-07 12:15:40 +01:00
|
|
|
/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:ENTROPY_SOURCE_COUNT_MORE_THAN_TWO */
|
2014-05-30 11:42:01 +02:00
|
|
|
void entropy_threshold( int threshold, int chunk_size, int result )
|
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_context ctx;
|
|
|
|
|
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
|
2014-05-30 11:42:01 +02:00
|
|
|
int ret;
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_init( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source,
|
2015-06-19 10:26:32 +02:00
|
|
|
&chunk_size, threshold,
|
|
|
|
|
MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
|
|
|
|
entropy_dummy_calls = 0;
|
2015-04-08 12:49:31 +02:00
|
|
|
ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) );
|
2014-05-30 11:42:01 +02:00
|
|
|
|
|
|
|
|
if( result >= 0 )
|
|
|
|
|
{
|
|
|
|
|
TEST_ASSERT( ret == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
#if defined(MBEDTLS_ENTROPY_NV_SEED)
|
|
|
|
|
// Two times as much calls due to the NV seed update
|
|
|
|
|
result *= 2;
|
|
|
|
|
#endif
|
2014-05-30 11:42:01 +02:00
|
|
|
TEST_ASSERT( entropy_dummy_calls == (size_t) result );
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
TEST_ASSERT( ret == result );
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_free( &ctx );
|
2014-05-30 11:42:01 +02:00
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2016-06-01 16:36:18 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
|
2017-05-30 15:23:15 +02:00
|
|
|
void nv_seed_file_create( )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
|
|
|
|
|
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( write_nv_seed( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2016-06-01 17:57:11 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */
|
2017-05-30 15:23:15 +02:00
|
|
|
void entropy_nv_seed_std_io( )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
|
|
|
|
unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
|
|
|
|
|
memset( io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
|
|
|
|
|
mbedtls_platform_set_nv_seed( mbedtls_platform_std_nv_seed_read,
|
|
|
|
|
mbedtls_platform_std_nv_seed_write );
|
|
|
|
|
|
|
|
|
|
/* Check if platform NV read and write manipulate the same data */
|
|
|
|
|
TEST_ASSERT( write_nv_seed( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_nv_seed_read( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) ==
|
|
|
|
|
MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
|
|
|
|
|
memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
|
|
|
|
|
/* Check if platform NV write and raw read manipulate the same data */
|
|
|
|
|
TEST_ASSERT( mbedtls_nv_seed_write( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) ==
|
|
|
|
|
MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
TEST_ASSERT( read_nv_seed( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2019-06-12 19:33:42 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */
|
2018-06-29 12:05:32 +02:00
|
|
|
void entropy_nv_seed( data_t * read_seed )
|
2016-06-01 16:36:18 +02:00
|
|
|
{
|
2019-06-12 19:33:42 +02:00
|
|
|
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
|
2020-05-19 11:56:05 +02:00
|
|
|
const mbedtls_md_handle_t md_info =
|
2019-06-12 19:33:42 +02:00
|
|
|
mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
|
|
|
|
|
#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
|
2020-05-19 11:56:05 +02:00
|
|
|
const mbedtls_md_handle_t md_info =
|
2019-06-12 19:33:42 +02:00
|
|
|
mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
|
|
|
|
|
#else
|
|
|
|
|
#error "Unsupported entropy accumulator"
|
|
|
|
|
#endif
|
|
|
|
|
mbedtls_md_context_t accumulator;
|
2016-06-01 16:36:18 +02:00
|
|
|
mbedtls_entropy_context ctx;
|
2019-06-12 19:31:29 +02:00
|
|
|
int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) =
|
|
|
|
|
mbedtls_nv_seed_read;
|
|
|
|
|
int (*original_mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) =
|
|
|
|
|
mbedtls_nv_seed_write;
|
2016-06-01 16:36:18 +02:00
|
|
|
|
|
|
|
|
unsigned char header[2];
|
|
|
|
|
unsigned char entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
unsigned char empty[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
|
|
|
|
|
|
|
|
|
memset( entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
memset( empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
memset( check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
|
|
|
|
|
// Make sure we read/write NV seed from our buffers
|
|
|
|
|
mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write );
|
|
|
|
|
|
2019-06-12 19:33:42 +02:00
|
|
|
mbedtls_md_init( &accumulator );
|
2016-06-01 16:36:18 +02:00
|
|
|
mbedtls_entropy_init( &ctx );
|
|
|
|
|
entropy_clear_sources( &ctx );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_entropy_add_source( &ctx, mbedtls_nv_seed_poll, NULL,
|
|
|
|
|
MBEDTLS_ENTROPY_BLOCK_SIZE,
|
|
|
|
|
MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 );
|
|
|
|
|
|
2019-06-12 19:33:42 +02:00
|
|
|
// Set the initial NV seed to read
|
|
|
|
|
TEST_ASSERT( read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
memcpy( buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
|
|
|
|
|
2016-06-01 16:36:18 +02:00
|
|
|
// Do an entropy run
|
|
|
|
|
TEST_ASSERT( mbedtls_entropy_func( &ctx, entropy, sizeof( entropy ) ) == 0 );
|
|
|
|
|
// Determine what should have happened with manual entropy internal logic
|
|
|
|
|
|
|
|
|
|
// Init accumulator
|
|
|
|
|
header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE;
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md_setup( &accumulator, md_info, 0 ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
|
|
|
|
// First run for updating write_seed
|
|
|
|
|
header[0] = 0;
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator,
|
|
|
|
|
read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator,
|
|
|
|
|
buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
|
|
|
|
|
check_seed ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
|
|
|
|
// Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed)
|
|
|
|
|
header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL;
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator,
|
|
|
|
|
empty, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
|
|
|
|
header[0] = 0;
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_update( &accumulator,
|
|
|
|
|
check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
2019-06-12 19:33:42 +02:00
|
|
|
TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
|
|
|
|
|
check_entropy ) == 0 );
|
2016-06-01 16:36:18 +02:00
|
|
|
|
|
|
|
|
// Check result of both NV file and entropy received with the manual calculations
|
|
|
|
|
TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
|
|
|
|
|
|
2019-06-12 19:31:29 +02:00
|
|
|
exit:
|
2019-06-12 19:33:42 +02:00
|
|
|
mbedtls_md_free( &accumulator );
|
2016-06-01 16:36:18 +02:00
|
|
|
mbedtls_entropy_free( &ctx );
|
2019-06-12 19:31:29 +02:00
|
|
|
mbedtls_nv_seed_read = original_mbedtls_nv_seed_read;
|
|
|
|
|
mbedtls_nv_seed_write = original_mbedtls_nv_seed_write;
|
2016-06-01 16:36:18 +02:00
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
|
|
|
|
|
2017-09-07 09:09:33 +02:00
|
|
|
/* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */
|
2016-09-15 19:42:26 +02:00
|
|
|
void entropy_selftest( int result )
|
2014-05-30 10:38:18 +02:00
|
|
|
{
|
2016-09-09 10:10:28 +02:00
|
|
|
TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result );
|
2014-05-30 10:38:18 +02:00
|
|
|
}
|
|
|
|
|
/* END_CASE */
|