If a fallback is not explicitly configured in the
mbedtls_test_rnd_buf_info structure, fail after the buffer is
exhausted.
There is no intended behavior change in this commit: all existing uses
of mbedtls_test_rnd_buffer_rand() have been updated to set
mbedtls_test_rnd_std_rand as the fallback.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Public structs members are considered private and should not
be used by users application.
MBEDTLS_PRIVATE(member) macro is intended to clearly indicate
which members are private.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Move the key buffer size calculation code under
tests to avoid check-names.sh to complain about
"likely macros with typos".
This removes the calculation of key buffer
sizes for the test driver from the wrapper based on
static size data. But the code is still there in test
code to be used when we go back to work on the
generation of the driver wrapper.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The macro always meant 'location', but was mistakenly named 'lifetime'.
Naming it location instead makes much more sense, and drives home the
conceptual differences between location and lifetime values.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Builtin key support for the test driver is always compiled in, and no
longer guarded by MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS.
Parsing the key slot from the buffer by cast and assign instead of memcmp.
For exporting keys, the test driver no longer reaches into the key
identifier in order to check whether a key is builtin, but rather
assumes so based on the key buffer length. It's the driver's
responsibility to be able to detect the key material it returned as part
of the get_builtin_key operation.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
As part of test_psa_crypto_drivers, define a builtin symmetric
plus an ECC key on the test driver lifetime.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
`error.c` is a file generated from `error.h` and thus cannot contain the code
that was previously added. This commit fixes that issue by moving the
`MBEDTLS_ERR_ADD` macro and associated function and function pointer into
`common.h` and `common.c`.
Also fix a typo in `tests/include/test/helpers.h` where tabs were accidentally
used instead of spaces.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Adds a macro (`MBEDTLS_ERR_ADD`) to add error codes together and check that the
result will not be corrupted. This additional check is only enabled during
testing when `MBEDTLS_TEST_HOOKS` is defined.
Also includes a reference usage example in `rsa.c` where two high-level error
codes could be incorrectly added together under the right conditions. This now
ensures that when this error occurs during testing it will be correctly
reported.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Remove cipher_generate_iv driver entry point as there
is no known use case to delegate this to a driver.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
As per drivers, pass to the Mbed TLS implementation of
the cipher multi-part operation its operation context
and not the PSA operation context.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Make use of psa_cipher_xyz_internal() functions to
simplify the transparent test driver code and
extend the algorithms it supports to all algorithms
supported by the MbedTLS library.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The primary goal of this commit is to fix various comments where
`clang -Wdocumentation` identified a discrepancy between the actual
function parameters and the documented parameters. The discrepancies
were due to copypasta, formatting issues or documentation that had
diverged from the implementation.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
ARRAY_LENGTH has a portable but unsafe implementation, and a
non-portable implementation that causes a compile-time error if the
macro is accidentally used on a pointer.
The safety check was only implemented for __GCC__-defining compilers,
but the part that triggered the compile-time error was always used. It
turns out that this part triggers a build warning with MSVC (at least
with some versions: observed with Visual Studio 2013).
```
C:\builds\workspace\mbed-tls-pr-head_PR-4141-head\src\tests\src\psa_crypto_helpers.c(52): error C2220: warning treated as error - no 'object' file generated [C:\builds\workspace\mbed-tls-pr-head_PR-4141-head\src\mbedtls_test.vcxproj]
C:\builds\workspace\mbed-tls-pr-head_PR-4141-head\src\tests\src\psa_crypto_helpers.c(52): warning C4116: unnamed type definition in parentheses [C:\builds\workspace\mbed-tls-pr-head_PR-4141-head\src\mbedtls_test.vcxproj]
```
Since a compile-time error is never triggered when the compile-time
check for the argument type is not implemented, just use the unsafe
macro directly when there's no safety check.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This ensures that test cases won't leave persistent files behind even
on failure, provided they use TEST_USES_KEY_ID(). Test cases that
don't use this macro are unaffected.
Tests that use PSA_DONE() midway and expect persistent keys to survive
must use PSA_SESSION_DONE() instead.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Merge the two identical definitions of TEST_USES_KEY_ID and
mbedtls_test_psa_purge_key_storage from
test_suite_psa_crypto_slot_management.function and
test_suite_psa_crypto_se_driver_hal.function into a single copy in
common test code so that it can be used in all test suites.
No semantic change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The const-ness has to be cast away when calling mbedtls_asn1_xxx
parsing functions. This is a known flaw in the mbedtls API
(https://github.com/ARMmbed/mbedtls/issues/803).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Move mbedtls_test_psa_exercise_key() (formerly exercise_key()) and
related functions to its own module. Export the few auxiliary
functions that are also called directly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
If the mutex usage verification framework is enabled and it detects a
mutex usage error, report this error and mark the test as failed.
This detects most usage errors, but not all cases of using
uninitialized memory (which is impossible in full generality) and not
leaks due to missing free (which will be handled in a subsequent commit).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When using pthread mutexes (MBEDTLS_THREADING_C and
MBEDTLS_THREADING_PTHREAD enabled), and when test hooks are
enabled (MBEDTLS_TEST_HOOKS), set up wrappers around the
mbedtls_mutex_xxx abstraction. In this commit, the wrapper functions
don't do anything yet.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Make USE_PSA_INIT() and USE_PSA_DONE() available in all test suites in
all cases, doing nothing if MBEDTLS_USE_PSA_CRYPTO is disabled. Use
those in preference to having explicit
defined(MBEDTLS_USE_PSA_CRYPTO) checks (but there may still be places
left where using the new macros would be better).
Also provide PSA_INIT() by symmetry with PSA_DONE(), functional
whenver MBEDTLS_PSA_CRYPTO_C is enabled, but currently unused.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Change signature test driver default forced return
value from PSA_ERROR_NOT_SUPPORTED to PSA_SUCCESS to
be able to run the PSA unit tests with hash signature
and signature verification being handled by the
transparent test driver.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>