Passing a length of 0 to it is perfectly acceptable, the macro was designed to
handle it correctly.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
We only have a single integer available for two nested loops, but the loop
sizes are small enough compared to the integer's range that we can encode both
indexes. Since the integer is displayed in decimal in case of errors, use a
power of 10 to pack the two indexes together.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Currently this breaks all.sh component test_memsan_constant_flow, just as
expected, as the current implementation is not constant flow.
This will be fixed in the next commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The test function now depends on MBEDTLS_TEST_HOOKS, which is enabled by
config.py full, and since there are already components in all.sh exercising
the full config, this test function is sill exercised even with this new
dependency.
Since this is the first time a test function depends on MBEDTLS_TEST_HOOKS,
fix a bug in check-names.sh that wasn't apparent so far: headers from
library/*.h were not considered when looking for macro definitions. This
became apparent because MBEDTLS_STATIC_TESTABLE is defined in library/common.h
and started being used in library/ssl_msg.c, so was flagged as a likely typo.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The dummy implementation is not constant-flow at all for now, it's just
here as a starting point and a support for developing the tests and putting
the infrastructure in place.
Depending on the implementation strategy, there might be various corner cases
depending on where the lengths fall relative to block boundaries. So it seems
safer to just test all possible lengths in a given range than to use only a
few randomly-chosen values.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Executed "./scripts/bump_version.sh --version 2.23.0 --so-crypto 5"
A symbol has been removed from the mbedcrypto library since the last
release:
mbedtls_ecc_group_to_psa ( enum mbedtls_ecp_group_id grpid,
size_t* bits )
This is an ABI break and we need to increase the SO version.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The metadata tests depend on the corresponding feature because there
is no guarantee that the metadata is correct if the feature is
disabled. There are metadata test cases for some algorithms and key
types that are declared but not supported. These test cases are
present but can never run.
It is debatable whether having these test cases is a good thing in
case they become runnable in the future, or a bad thing because
they're dead code. We're working on detecting test cases that are
never executed for accidental reasons (e.g. typo in a dependency or
missing configuration on the CI), and having test cases that are
deliberately never executed messes this up. So remove these test
cases. If we do implement the corresponding feature, it'll be easy to
add the corresponding metadata test cases.
The features that had metadata tests but no implementations were:
* SHA-512/256 and SHA-512/224 (hypothetical dependency: MBEDTLS_SHA512_256)
* DSA (hypothetical dependency: MBEDTLS_DSA_C)
* SHA-3 and HMAC-SHA-3 (hypothetical dependency: MBEDTLS_SHA3_C)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Rework mbedtls_test_unhexify to extend its scope of usage.
Return in error when the function detects an error instead
of calling mbedtls_exit().
Improve safety by checking the output buffer is not overrun.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In test functions calling mbedtls_test_unhexify(), change the
type of the associated parameters from `char*` to `data_t`.
That way the `unhexify` operation is done by the test
framework and not by the unit test code.
Use for the new parameters of type data_t the name of the
local variable that use to store the `unhexify` version of
the `char*` parameter.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters
of mbedtls_ccm_star_encrypt_and_tag/auth_decrypt from
`char *` to `data_t` to get rid of the calls to
mbedtls_test_unhexify():
- Change the name of parameters and local variables to
clarify which ones are related to the outputs of the
library functions under test and which ones are
related to the expected values of those outputs.
- Use two different buffers to store the plain and cipher
text as expected by the library functions.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters
of aes_encrypt_ofb() from `char *` to `data_t` to get rid
of the calls to mbedtls_test_unhexify():
- Change the name of parameters and local variables to
clarify which ones are related to the outputs of the
library functions under test and which ones are
related to the expected values of those outputs.
- Add assertion on fragment_size parameter
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters
of mbedtls_nist_kw_wrap/unwrap() from `char *` to `data_t`
to get rid of the calls to mbedtls_test_unhexify():
- Change the name of parameters and local variables to
clarify which ones are related to the outputs of the
library functions under test and which ones are
related to the expected values of those outputs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters of
test_chacha20() from `char *` to `data_t` to get rid of the
calls to mbedtls_test_unhexify():
- Reduce the size of output[] buffer to 375 as its content
is "ASCII expended" into a buffer of 751 bytes.
- Align naming of variables to store and check the
output of mbedtls_chacha20_crypt(). No *dst* variables
anynore, only *output* variables.
- Use two different buffers to store the expected output
of mbedtls_chacha20_crypt() (expected_output_str[]) and
the ASCII string representation of the output of
mbedtls_chacha20_crypt() (output_string[]). Both were
stored in dst_str[] before.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters
of test_hkdf() from `char *` to `data_t` to get rid of the
calls to mbedtls_test_unhexify():
- Align naming of variables related to the expected okm
- Rename `okm_hex[]` to `okm_string[]`
- Added TEST_ASSERT( expected_okm_len <= sizeof( okm ) ) to check
that the okm[] buffer is large enough for the okm output.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters
of some test functions from `char *` to `data_t` to get
rid of the calls to mbedtls_test_unhexify():
- Align the name of source data length local variable
with the name of the local variable containing the
source data, respectively src_str and src_str_len.
- Change the type of length, index local variables
from int to size_t.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Pass the "certificate policies" extension to the callback supplied to
mbedtls_x509_crt_parse_der_with_ext_cb() if it contains unsupported
policies. This allows the callback to fully replicate the behaviour
of the deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
configuration.
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Another coverity bug - #350039
When this test discovers a key of the wrong type, it still throws it
through the export function in order to check that it too will detect
this as a not permitted action. For the buffer and buffer length
arguments it passes in a local pointer (which will most likely be NULL),
and the sizeof that pointer, as it knows that they will never be used.
Coverity rightly (imho) flagged this as suspicious - if we are going to
pass in incorrect parameters, at least make them obviously incorrect, and
ones that will not potentially cause errors if the code later changes.
There is, for example safety checks for zero length buffer, but less
protection for an insufficiently sized one.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep "\<mbedtls_test_rnd_"
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep hexcmp
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep unhexify_alloc
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep hexify
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The purpose of random.c file is to contain the helper
functions to generate random numbers that have been
in helpers.function so far.
The purpose of random.h is to contain the interface
exposed by random.c thus helper function prototypes.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The purpose of helpers.c file is to contain the helper
functions that have been in helpers.function so far and
that are not related to the mechanism of unit test
execution and not related to random number generation
(will be moved in a dedicated file).
The purpose of helpers.h is to contain the interface
exposed by helpers.c thus helper function prototypes.
Make the changes in the build systems (make and cmake)
to build helpers.c and link it to test executables
along with mbedtls library.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix for coverity bugs 349041, 349052
Allocated pointers could potentially be leaked in the case of errors.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Strict platforms cannot be expected to accept C99 code as valid
when earlier standards versions are selected.
This helps the programs build on Solaris-like platforms (e.g.
illumos).
Fixes#3420
Signed-off-by: nia <nia@netbsd.org>