Make the fallback behavior of mbedtls_test_rnd_buffer_rand optional

If a fallback is not explicitly configured in the
mbedtls_test_rnd_buf_info structure, fail after the buffer is
exhausted.

There is no intended behavior change in this commit: all existing uses
of mbedtls_test_rnd_buffer_rand() have been updated to set
mbedtls_test_rnd_std_rand as the fallback.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-03-24 00:48:57 +01:00
parent 0b1b0abe33
commit ecacc3c9d2
6 changed files with 37 additions and 4 deletions

View file

@ -36,8 +36,11 @@
typedef struct typedef struct
{ {
unsigned char *buf; unsigned char *buf; /* Pointer to a buffer of length bytes. */
size_t length; size_t length;
/* If fallback_f_rng is NULL, fail after delivering length bytes. */
int ( *fallback_f_rng )( void*, unsigned char *, size_t );
void *fallback_p_rng;
} mbedtls_test_rnd_buf_info; } mbedtls_test_rnd_buf_info;
/** /**
@ -84,7 +87,9 @@ int mbedtls_test_rnd_zero_rand( void *rng_state,
* the random function is specified by per_call. (Can be between * the random function is specified by per_call. (Can be between
* 1 and 4) * 1 and 4)
* *
* After the buffer is empty it will return mbedtls_test_rnd_std_rand(). * After the buffer is empty, this function will call the fallback RNG in the
* #mbedtls_test_rnd_buf_info structure if there is one, and
* will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise.
*/ */
int mbedtls_test_rnd_buffer_rand( void *rng_state, int mbedtls_test_rnd_buffer_rand( void *rng_state,
unsigned char *output, unsigned char *output,

View file

@ -35,6 +35,8 @@
#include <test/random.h> #include <test/random.h>
#include <string.h> #include <string.h>
#include <mbedtls/entropy.h>
int mbedtls_test_rnd_std_rand( void *rng_state, int mbedtls_test_rnd_std_rand( void *rng_state,
unsigned char *output, unsigned char *output,
size_t len ) size_t len )
@ -91,8 +93,16 @@ int mbedtls_test_rnd_buffer_rand( void *rng_state,
} }
if( len - use_len > 0 ) if( len - use_len > 0 )
return( mbedtls_test_rnd_std_rand( NULL, output + use_len, {
len - use_len ) ); if( info->fallback_f_rng != NULL )
{
return( info->fallback_f_rng( info->fallback_p_rng,
output + use_len,
len - use_len ) );
}
else
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
}
return( 0 ); return( 0 );
} }

View file

@ -240,6 +240,8 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str,
rnd_info_A.buf = rnd_buf_A->x; rnd_info_A.buf = rnd_buf_A->x;
rnd_info_A.length = rnd_buf_A->len; rnd_info_A.length = rnd_buf_A->len;
rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info_A.fallback_p_rng = NULL;
/* Fix rnd_buf_A->x by shifting it left if necessary */ /* Fix rnd_buf_A->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 ) if( grp.nbits % 8 != 0 )
@ -256,6 +258,8 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str,
rnd_info_B.buf = rnd_buf_B->x; rnd_info_B.buf = rnd_buf_B->x;
rnd_info_B.length = rnd_buf_B->len; rnd_info_B.length = rnd_buf_B->len;
rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info_B.fallback_p_rng = NULL;
/* Fix rnd_buf_B->x by shifting it left if necessary */ /* Fix rnd_buf_B->x by shifting it left if necessary */
if( grp.nbits % 8 != 0 ) if( grp.nbits % 8 != 0 )
@ -362,9 +366,13 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z,
mbedtls_ecdh_init( &srv ); mbedtls_ecdh_init( &srv );
mbedtls_ecdh_init( &cli ); mbedtls_ecdh_init( &cli );
rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info_A.fallback_p_rng = NULL;
rnd_info_A.buf = dA->x; rnd_info_A.buf = dA->x;
rnd_info_A.length = dA->len; rnd_info_A.length = dA->len;
rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info_B.fallback_p_rng = NULL;
rnd_info_B.buf = dB->x; rnd_info_B.buf = dB->x;
rnd_info_B.length = dB->len; rnd_info_B.length = dB->len;

View file

@ -292,6 +292,8 @@ void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str,
TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info.fallback_p_rng = NULL;
rnd_info.buf = rnd_buf->x; rnd_info.buf = rnd_buf->x;
rnd_info.length = rnd_buf->len; rnd_info.length = rnd_buf->len;

View file

@ -19,6 +19,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
mbedtls_test_rnd_buf_info info; mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, E; mbedtls_mpi N, E;
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x; info.buf = rnd_buf->x;
info.length = rnd_buf->len; info.length = rnd_buf->len;
@ -268,6 +270,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
mbedtls_mpi N, P, Q, E; mbedtls_mpi N, P, Q, E;
mbedtls_test_rnd_buf_info info; mbedtls_test_rnd_buf_info info;
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x; info.buf = rnd_buf->x;
info.length = rnd_buf->len; info.length = rnd_buf->len;

View file

@ -18,6 +18,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E,
mbedtls_test_rnd_buf_info info; mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, E; mbedtls_mpi N, E;
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x; info.buf = rnd_buf->x;
info.length = rnd_buf->len; info.length = rnd_buf->len;
@ -122,6 +124,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q,
mbedtls_test_rnd_buf_info info; mbedtls_test_rnd_buf_info info;
mbedtls_mpi N, P, Q, E; mbedtls_mpi N, P, Q, E;
info.fallback_f_rng = mbedtls_test_rnd_std_rand;
info.fallback_p_rng = NULL;
info.buf = rnd_buf->x; info.buf = rnd_buf->x;
info.length = rnd_buf->len; info.length = rnd_buf->len;