1 /*
2  *  Common code library for SSL test programs.
3  *
4  *  In addition to the functions in this file, there is shared source code
5  *  that cannot be compiled separately in "ssl_test_common_source.c".
6  *
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0
9  *
10  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
11  *  not use this file except in compliance with the License.
12  *  You may obtain a copy of the License at
13  *
14  *  http://www.apache.org/licenses/LICENSE-2.0
15  *
16  *  Unless required by applicable law or agreed to in writing, software
17  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  *  See the License for the specific language governing permissions and
20  *  limitations under the License.
21  */
22 
23 #define MBEDTLS_ALLOW_PRIVATE_ACCESS
24 
25 #include "ssl_test_lib.h"
26 
27 #if defined(MBEDTLS_TEST_HOOKS)
28 #include "test/helpers.h"
29 #endif
30 
31 #if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
32 
my_debug(void * ctx,int level,const char * file,int line,const char * str)33 void my_debug( void *ctx, int level,
34                const char *file, int line,
35                const char *str )
36 {
37     const char *p, *basename;
38 
39     /* Extract basename from file */
40     for( p = basename = file; *p != '\0'; p++ )
41         if( *p == '/' || *p == '\\' )
42             basename = p + 1;
43 
44     mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s",
45                      basename, line, level, str );
46     fflush( (FILE *) ctx  );
47 }
48 
49 #if defined(MBEDTLS_HAVE_TIME)
dummy_constant_time(mbedtls_time_t * time)50 mbedtls_time_t dummy_constant_time( mbedtls_time_t* time )
51 {
52     (void) time;
53     return 0x5af2a056;
54 }
55 #endif
56 
57 #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
dummy_entropy(void * data,unsigned char * output,size_t len)58 static int dummy_entropy( void *data, unsigned char *output, size_t len )
59 {
60     size_t i;
61     int ret;
62     (void) data;
63 
64     ret = mbedtls_entropy_func( data, output, len );
65     for( i = 0; i < len; i++ )
66     {
67         //replace result with pseudo random
68         output[i] = (unsigned char) rand();
69     }
70     return( ret );
71 }
72 #endif
73 
rng_init(rng_context_t * rng)74 void rng_init( rng_context_t *rng )
75 {
76 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
77     (void) rng;
78     psa_crypto_init( );
79 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
80 
81 #if defined(MBEDTLS_CTR_DRBG_C)
82     mbedtls_ctr_drbg_init( &rng->drbg );
83 #elif defined(MBEDTLS_HMAC_DRBG_C)
84     mbedtls_hmac_drbg_init( &rng->drbg );
85 #else
86 #error "No DRBG available"
87 #endif
88 
89     mbedtls_entropy_init( &rng->entropy );
90 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
91 }
92 
rng_seed(rng_context_t * rng,int reproducible,const char * pers)93 int rng_seed( rng_context_t *rng, int reproducible, const char *pers )
94 {
95 #if defined(MBEDTLS_USE_PSA_CRYPTO)
96     if( reproducible )
97     {
98         mbedtls_fprintf( stderr,
99                          "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n" );
100         return( -1 );
101     }
102 #endif
103 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
104     /* The PSA crypto RNG does its own seeding. */
105     (void) rng;
106     (void) pers;
107     if( reproducible )
108     {
109         mbedtls_fprintf( stderr,
110                          "The PSA RNG does not support reproducible mode.\n" );
111         return( -1 );
112     }
113     return( 0 );
114 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
115     int ( *f_entropy )( void *, unsigned char *, size_t ) =
116         ( reproducible ? dummy_entropy : mbedtls_entropy_func );
117 
118     if ( reproducible )
119         srand( 1 );
120 
121 #if defined(MBEDTLS_CTR_DRBG_C)
122     int ret = mbedtls_ctr_drbg_seed( &rng->drbg,
123                                      f_entropy, &rng->entropy,
124                                      (const unsigned char *) pers,
125                                      strlen( pers ) );
126 #elif defined(MBEDTLS_HMAC_DRBG_C)
127 #if defined(MBEDTLS_SHA256_C)
128     const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
129 #elif defined(MBEDTLS_SHA512_C)
130     const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
131 #else
132 #error "No message digest available for HMAC_DRBG"
133 #endif
134     int ret = mbedtls_hmac_drbg_seed( &rng->drbg,
135                                       mbedtls_md_info_from_type( md_type ),
136                                       f_entropy, &rng->entropy,
137                                       (const unsigned char *) pers,
138                                       strlen( pers ) );
139 #else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
140 #error "No DRBG available"
141 #endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
142 
143     if( ret != 0 )
144     {
145         mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
146                         (unsigned int) -ret );
147         return( ret );
148     }
149 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
150 
151     return( 0 );
152 }
153 
rng_free(rng_context_t * rng)154 void rng_free( rng_context_t *rng )
155 {
156 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
157     (void) rng;
158     /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs.
159      * This is ok because none of our applications try to do any crypto after
160      * deinitializing the RNG. */
161     mbedtls_psa_crypto_free( );
162 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
163 
164 #if defined(MBEDTLS_CTR_DRBG_C)
165     mbedtls_ctr_drbg_free( &rng->drbg );
166 #elif defined(MBEDTLS_HMAC_DRBG_C)
167     mbedtls_hmac_drbg_free( &rng->drbg );
168 #else
169 #error "No DRBG available"
170 #endif
171 
172     mbedtls_entropy_free( &rng->entropy );
173 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
174 }
175 
rng_get(void * p_rng,unsigned char * output,size_t output_len)176 int rng_get( void *p_rng, unsigned char *output, size_t output_len )
177 {
178 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
179     (void) p_rng;
180     return( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE,
181                                     output, output_len ) );
182 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
183     rng_context_t *rng = p_rng;
184 
185 #if defined(MBEDTLS_CTR_DRBG_C)
186     return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) );
187 #elif defined(MBEDTLS_HMAC_DRBG_C)
188     return( mbedtls_hmac_drbg_random( &rng->drbg, output, output_len ) );
189 #else
190 #error "No DRBG available"
191 #endif
192 
193 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
194 }
195 
key_opaque_alg_parse(const char * arg,const char ** alg1,const char ** alg2)196 int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 )
197 {
198     char* separator;
199     if( ( separator = strchr( arg, ',' ) ) == NULL )
200         return 1;
201     *separator = '\0';
202 
203     *alg1 = arg;
204     *alg2 = separator + 1;
205 
206     if( strcmp( *alg1, "rsa-sign-pkcs1" ) != 0 &&
207         strcmp( *alg1, "rsa-sign-pss" ) != 0 &&
208         strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 &&
209         strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 &&
210         strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 &&
211         strcmp( *alg1, "rsa-decrypt" ) != 0 &&
212         strcmp( *alg1, "ecdsa-sign" ) != 0 &&
213         strcmp( *alg1, "ecdh" ) != 0 )
214         return 1;
215 
216     if( strcmp( *alg2, "rsa-sign-pkcs1" ) != 0 &&
217         strcmp( *alg2, "rsa-sign-pss" ) != 0 &&
218         strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 &&
219         strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 &&
220         strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 &&
221         strcmp( *alg2, "rsa-decrypt" ) != 0 &&
222         strcmp( *alg2, "ecdsa-sign" ) != 0 &&
223         strcmp( *alg2, "ecdh" ) != 0 &&
224         strcmp( *alg2, "none" ) != 0 )
225         return 1;
226 
227     return 0;
228 }
229 
230 #if defined(MBEDTLS_USE_PSA_CRYPTO)
key_opaque_set_alg_usage(const char * alg1,const char * alg2,psa_algorithm_t * psa_alg1,psa_algorithm_t * psa_alg2,psa_key_usage_t * usage,mbedtls_pk_type_t key_type)231 int key_opaque_set_alg_usage( const char *alg1, const char *alg2,
232                               psa_algorithm_t *psa_alg1,
233                               psa_algorithm_t *psa_alg2,
234                               psa_key_usage_t *usage,
235                               mbedtls_pk_type_t key_type )
236 {
237     if( strcmp( alg1, "none" ) != 0 )
238     {
239         const char * algs[] = { alg1, alg2 };
240         psa_algorithm_t *psa_algs[] = { psa_alg1, psa_alg2 };
241 
242         for ( int i = 0; i < 2; i++ )
243         {
244             if( strcmp( algs[i], "rsa-sign-pkcs1" ) == 0 )
245             {
246                 *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
247                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
248             }
249             else if( strcmp( algs[i], "rsa-sign-pss" ) == 0 )
250             {
251                 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
252                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
253             }
254             else if( strcmp( algs[i], "rsa-sign-pss-sha256" ) == 0 )
255             {
256                 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 );
257                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
258             }
259             else if( strcmp( algs[i], "rsa-sign-pss-sha384" ) == 0 )
260             {
261                 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_384 );
262                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
263             }
264             else if( strcmp( algs[i], "rsa-sign-pss-sha512" ) == 0 )
265             {
266                 *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_512 );
267                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
268             }
269             else if( strcmp( algs[i], "rsa-decrypt" ) == 0 )
270             {
271                 *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_CRYPT;
272                 *usage |= PSA_KEY_USAGE_DECRYPT;
273             }
274             else if( strcmp( algs[i], "ecdsa-sign" ) == 0 )
275             {
276                 *psa_algs[i] = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
277                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
278             }
279             else if( strcmp( algs[i], "ecdh" ) == 0 )
280             {
281                 *psa_algs[i] = PSA_ALG_ECDH;
282                 *usage |= PSA_KEY_USAGE_DERIVE;
283             }
284             else if( strcmp( algs[i], "none" ) == 0 )
285             {
286                 *psa_algs[i] = PSA_ALG_NONE;
287             }
288         }
289     }
290     else
291     {
292         if( key_type == MBEDTLS_PK_ECKEY )
293         {
294             *psa_alg1 = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
295             *psa_alg2 = PSA_ALG_ECDH;
296             *usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
297         }
298         else if( key_type == MBEDTLS_PK_RSA )
299         {
300             *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
301             *psa_alg2 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
302             *usage = PSA_KEY_USAGE_SIGN_HASH;
303         }
304         else
305         {
306             return 1;
307         }
308     }
309 
310     return 0;
311 }
312 #endif /* MBEDTLS_USE_PSA_CRYPTO */
313 
314 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
ca_callback(void * data,mbedtls_x509_crt const * child,mbedtls_x509_crt ** candidates)315 int ca_callback( void *data, mbedtls_x509_crt const *child,
316                  mbedtls_x509_crt **candidates )
317 {
318     int ret = 0;
319     mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
320     mbedtls_x509_crt *first;
321 
322     /* This is a test-only implementation of the CA callback
323      * which always returns the entire list of trusted certificates.
324      * Production implementations managing a large number of CAs
325      * should use an efficient presentation and lookup for the
326      * set of trusted certificates (such as a hashtable) and only
327      * return those trusted certificates which satisfy basic
328      * parental checks, such as the matching of child `Issuer`
329      * and parent `Subject` field or matching key identifiers. */
330     ((void) child);
331 
332     first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
333     if( first == NULL )
334     {
335         ret = -1;
336         goto exit;
337     }
338     mbedtls_x509_crt_init( first );
339 
340     if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
341     {
342         ret = -1;
343         goto exit;
344     }
345 
346     while( ca->next != NULL )
347     {
348         ca = ca->next;
349         if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 )
350         {
351             ret = -1;
352             goto exit;
353         }
354     }
355 
356 exit:
357 
358     if( ret != 0 )
359     {
360         mbedtls_x509_crt_free( first );
361         mbedtls_free( first );
362         first = NULL;
363     }
364 
365     *candidates = first;
366     return( ret );
367 }
368 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
369 
delayed_recv(void * ctx,unsigned char * buf,size_t len)370 int delayed_recv( void *ctx, unsigned char *buf, size_t len )
371 {
372     static int first_try = 1;
373     int ret;
374 
375     if( first_try )
376     {
377         first_try = 0;
378         return( MBEDTLS_ERR_SSL_WANT_READ );
379     }
380 
381     ret = mbedtls_net_recv( ctx, buf, len );
382     if( ret != MBEDTLS_ERR_SSL_WANT_READ )
383         first_try = 1; /* Next call will be a new operation */
384     return( ret );
385 }
386 
delayed_send(void * ctx,const unsigned char * buf,size_t len)387 int delayed_send( void *ctx, const unsigned char *buf, size_t len )
388 {
389     static int first_try = 1;
390     int ret;
391 
392     if( first_try )
393     {
394         first_try = 0;
395         return( MBEDTLS_ERR_SSL_WANT_WRITE );
396     }
397 
398     ret = mbedtls_net_send( ctx, buf, len );
399     if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
400         first_try = 1; /* Next call will be a new operation */
401     return( ret );
402 }
403 
404 #if !defined(MBEDTLS_TIMING_C)
idle(mbedtls_net_context * fd,int idle_reason)405 int idle( mbedtls_net_context *fd,
406           int idle_reason )
407 #else
408 int idle( mbedtls_net_context *fd,
409           mbedtls_timing_delay_context *timer,
410           int idle_reason )
411 #endif
412 {
413     int ret;
414     int poll_type = 0;
415 
416     if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE )
417         poll_type = MBEDTLS_NET_POLL_WRITE;
418     else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ )
419         poll_type = MBEDTLS_NET_POLL_READ;
420 #if !defined(MBEDTLS_TIMING_C)
421     else
422         return( 0 );
423 #endif
424 
425     while( 1 )
426     {
427         /* Check if timer has expired */
428 #if defined(MBEDTLS_TIMING_C)
429         if( timer != NULL &&
430             mbedtls_timing_get_delay( timer ) == 2 )
431         {
432             break;
433         }
434 #endif /* MBEDTLS_TIMING_C */
435 
436         /* Check if underlying transport became available */
437         if( poll_type != 0 )
438         {
439             ret = mbedtls_net_poll( fd, poll_type, 0 );
440             if( ret < 0 )
441                 return( ret );
442             if( ret == poll_type )
443                 break;
444         }
445     }
446 
447     return( 0 );
448 }
449 
450 #if defined(MBEDTLS_TEST_HOOKS)
451 
test_hooks_init(void)452 void test_hooks_init( void )
453 {
454     mbedtls_test_info_reset( );
455 
456 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
457     mbedtls_test_mutex_usage_init( );
458 #endif
459 }
460 
test_hooks_failure_detected(void)461 int test_hooks_failure_detected( void )
462 {
463 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
464     /* Errors are reported via mbedtls_test_info. */
465     mbedtls_test_mutex_usage_check( );
466 #endif
467 
468     if( mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS )
469         return( 1 );
470     return( 0 );
471 }
472 
test_hooks_free(void)473 void test_hooks_free( void )
474 {
475 }
476 
477 #endif /* MBEDTLS_TEST_HOOKS */
478 
479 #endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
480