In preparation of changing the type of some parameters
of test_hkdf() from `char *` to `data_t` to get rid of the
calls to mbedtls_test_unhexify():
- Align naming of variables related to the expected okm
- Rename `okm_hex[]` to `okm_string[]`
- Added TEST_ASSERT( expected_okm_len <= sizeof( okm ) ) to check
that the okm[] buffer is large enough for the okm output.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of changing the type of some parameters
of some test functions from `char *` to `data_t` to get
rid of the calls to mbedtls_test_unhexify():
- Align the name of source data length local variable
with the name of the local variable containing the
source data, respectively src_str and src_str_len.
- Change the type of length, index local variables
from int to size_t.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of linking common test objects in programs,
add the top-level mbedtls_test target.
This target consists of the common test objects.
It is necessary to declare it at the top-level as both
tests and programs will depend on it and it is necessary
to synchronize the compilation of those objects for tests
and programs for the case of parallel building.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Use the mbedtls_test_ prefix for (c)make variables
related to test common code.
This aligns with the prefix used for the common test
functions.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove the declaration of ./include and ./library
as include directories for all targets.
Prefer being more local and declare include directories
at the target level using target_include_directories().
Note that there is no need to declare explicitely
./include as an include directory for tests as they
inherit it from the "mbed librairies".
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Pass the "certificate policies" extension to the callback supplied to
mbedtls_x509_crt_parse_der_with_ext_cb() if it contains unsupported
policies. This allows the callback to fully replicate the behaviour
of the deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
configuration.
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
These fields might be shifted accordingly in `ssl_parse_record_header()`
when receiving a connection with CID, so they require a manual update
after calling the generic `mbedtls_ssl_reset_in_out_pointers()`.
This commit also adds a regression test which is run by all.sh.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Also normalize the first line of the copyright headers.
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find scripts
find -path './.git' -prune -o '(' -name '*.c' -o -name '*.cpp' -o -name '*.fmt' -o -name '*.h' ')' -print | xargs sed -i '
# Normalize the first line of the copyright headers (no text on the first line of a block comment)
/^\/\*.*Copyright.*Arm/I {
i\
/*
s/^\// /
}
/Copyright.*Arm/I {
# Print copyright declaration
p
# Read the two lines immediately following the copyright declaration
N
N
# Insert Apache header if it is missing
/SPDX/! i\
* SPDX-License-Identifier: Apache-2.0\
*\
* Licensed under the Apache License, Version 2.0 (the "License"); you may\
* not use this file except in compliance with the License.\
* You may obtain a copy of the License at\
*\
* http://www.apache.org/licenses/LICENSE-2.0\
*\
* Unless required by applicable law or agreed to in writing, software\
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
* See the License for the specific language governing permissions and\
* limitations under the License.
# Clear copyright declaration from buffer
D
}
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Another coverity bug - #350039
When this test discovers a key of the wrong type, it still throws it
through the export function in order to check that it too will detect
this as a not permitted action. For the buffer and buffer length
arguments it passes in a local pointer (which will most likely be NULL),
and the sizeof that pointer, as it knows that they will never be used.
Coverity rightly (imho) flagged this as suspicious - if we are going to
pass in incorrect parameters, at least make them obviously incorrect, and
ones that will not potentially cause errors if the code later changes.
There is, for example safety checks for zero length buffer, but less
protection for an insufficiently sized one.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find scripts
find -path './.git' -prune -o '(' -name '*.gdb' -o -name '*.pl' -o -name '*.py' -o -name '*.sh' ')' -print | xargs sed -i '
# Remove Mbed TLS declaration if it occurs before the copyright line
1,/Copyright.*Arm/I {
/This file is part of/,$ {
/Copyright.*Arm/I! d
}
}
# Convert non-standard header in scripts/abi_check.py to the format used in the other scripts
/"""/,/"""/ {
# Cut copyright declaration
/Copyright.*Arm/I {
h
N
d
}
# Paste copyright declaration
/"""/ {
x
/./ {
s/^/# / # Add #
x # Replace orignal buffer with Copyright declaration
p # Print original buffer, insert newline
i\
s/.*// # Clear original buffer
}
x
}
}
/Copyright.*Arm/I {
# Print copyright declaration
p
# Read the two lines immediately following the copyright declaration
N
N
# Insert Apache header if it is missing
/SPDX/! {
i\
# SPDX-License-Identifier: Apache-2.0\
#\
# Licensed under the Apache License, Version 2.0 (the "License"); you may\
# not use this file except in compliance with the License.\
# You may obtain a copy of the License at\
#\
# http://www.apache.org/licenses/LICENSE-2.0\
#\
# Unless required by applicable law or agreed to in writing, software\
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
# See the License for the specific language governing permissions and\
# limitations under the License.
# Insert Mbed TLS declaration if it is missing
/This file is part of/! i\
#\
# This file is part of Mbed TLS (https://tls.mbed.org)
}
# Clear copyright declaration from buffer
D
}
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
1. When `ssl_server2` export key functionality fails,
don't exit the server, but reset it, to have the
server recover for next connection.
2. Add text filters for `export keys functionality` test in ssl-opt.sh
to check for additional output, to verify if the export suceeded.
This was discovered in the `ssl-opt.sh` script, where the server exited,
before the test tried to kill the server priocess, resulting in a
`kill: No such process` message.
Fixes#2662
Signed-off-by: Ron Eldor <Ron.Eldor@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep "\<mbedtls_test_rnd_"
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep hexcmp
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep unhexify_alloc
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Command to find the files in which lines have gone
larger than 79 characters due to the renaming:
grep '.\{80\}' \
`git diff-tree --no-commit-id --name-only -r HEAD` \
| grep hexify
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The purpose of random.c file is to contain the helper
functions to generate random numbers that have been
in helpers.function so far.
The purpose of random.h is to contain the interface
exposed by random.c thus helper function prototypes.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The purpose of helpers.c file is to contain the helper
functions that have been in helpers.function so far and
that are not related to the mechanism of unit test
execution and not related to random number generation
(will be moved in a dedicated file).
The purpose of helpers.h is to contain the interface
exposed by helpers.c thus helper function prototypes.
Make the changes in the build systems (make and cmake)
to build helpers.c and link it to test executables
along with mbedtls library.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix for coverity bugs 349041, 349052
Allocated pointers could potentially be leaked in the case of errors.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Strict platforms cannot be expected to accept C99 code as valid
when earlier standards versions are selected.
This helps the programs build on Solaris-like platforms (e.g.
illumos).
Fixes#3420
Signed-off-by: nia <nia@netbsd.org>
Just adding an empty file. The purpose of this header
file is to contain the definition of generic macros
used for the purpose of testing.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In preparation of moving the content of helpers.function
to its own compilation unit, remove/add static qualifiers
where appropriate.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Create an include folder dedicated to include files for
tests. With the upcoming work on tests for PSA crypto
drivers the number of includes specific to tests is going
to increase significantly thus create a dedicated folder.
Don't put the include files in the include folder but in
include/test folder. This way test headers can be included
using a test/* path pattern as mbedtls and psa headers
are included using an mbedtls/* and psa/* path pattern.
This makes explicit the scope of the test headers.
Move the existing includes for tests into include/test and
update the code and build systems (make and cmake)
accordingly.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add the min/max version negotiation tests from ssl-opt.sh as unit
tests for the sake of utility and easier running of tests during
development
Signed-off-by: Paul Elliott <paul.elliott@arm.com>