1 /* 2 * Common code for SSL test programs 3 * 4 * Copyright The Mbed TLS Contributors 5 * SPDX-License-Identifier: Apache-2.0 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may 8 * not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 */ 19 20 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 21 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 22 23 #if !defined(MBEDTLS_CONFIG_FILE) 24 #include "mbedtls/config.h" 25 #else 26 #include MBEDTLS_CONFIG_FILE 27 #endif 28 29 #if defined(MBEDTLS_PLATFORM_C) 30 #include "mbedtls/platform.h" 31 #else 32 #include <stdio.h> 33 #include <stdlib.h> 34 #define mbedtls_calloc calloc 35 #define mbedtls_free free 36 #define mbedtls_time time 37 #define mbedtls_time_t time_t 38 #define mbedtls_printf printf 39 #define mbedtls_fprintf fprintf 40 #define mbedtls_snprintf snprintf 41 #define mbedtls_exit exit 42 #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS 43 #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE 44 #endif 45 46 #undef HAVE_RNG 47 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ 48 ( defined(MBEDTLS_USE_PSA_CRYPTO) || \ 49 defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) ) 50 #define HAVE_RNG 51 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) 52 #define HAVE_RNG 53 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ 54 ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) 55 #define HAVE_RNG 56 #endif 57 58 #if !defined(MBEDTLS_NET_C) || \ 59 !defined(MBEDTLS_SSL_TLS_C) || \ 60 defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) 61 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 62 "MBEDTLS_NET_C and/or " \ 63 "MBEDTLS_SSL_TLS_C not defined, " \ 64 "and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" 65 #elif !defined(HAVE_RNG) 66 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 67 "No random generator is available.\n" 68 #else 69 #undef MBEDTLS_SSL_TEST_IMPOSSIBLE 70 71 #undef HAVE_RNG 72 73 #include <stdio.h> 74 #include <stdlib.h> 75 #include <string.h> 76 77 #include "mbedtls/net_sockets.h" 78 #include "mbedtls/ssl.h" 79 #include "mbedtls/entropy.h" 80 #include "mbedtls/ctr_drbg.h" 81 #include "mbedtls/hmac_drbg.h" 82 #include "mbedtls/certs.h" 83 #include "mbedtls/x509.h" 84 #include "mbedtls/error.h" 85 #include "mbedtls/debug.h" 86 #include "mbedtls/timing.h" 87 #include "mbedtls/base64.h" 88 89 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 90 #include "psa/crypto.h" 91 #include "mbedtls/psa_util.h" 92 #endif 93 94 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) 95 #include "mbedtls/memory_buffer_alloc.h" 96 #endif 97 98 #include <test/helpers.h> 99 100 #include "../test/query_config.h" 101 102 #if defined(MBEDTLS_SSL_EXPORT_KEYS) 103 104 typedef struct eap_tls_keys 105 { 106 unsigned char master_secret[48]; 107 unsigned char randbytes[64]; 108 mbedtls_tls_prf_types tls_prf_type; 109 } eap_tls_keys; 110 111 #if defined( MBEDTLS_SSL_DTLS_SRTP ) 112 113 /* Supported SRTP mode needs a maximum of : 114 * - 16 bytes for key (AES-128) 115 * - 14 bytes SALT 116 * One for sender, one for receiver context 117 */ 118 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 119 120 typedef struct dtls_srtp_keys 121 { 122 unsigned char master_secret[48]; 123 unsigned char randbytes[64]; 124 mbedtls_tls_prf_types tls_prf_type; 125 } dtls_srtp_keys; 126 127 #endif /* MBEDTLS_SSL_DTLS_SRTP */ 128 129 #endif /* MBEDTLS_SSL_EXPORT_KEYS */ 130 131 typedef struct 132 { 133 mbedtls_ssl_context *ssl; 134 mbedtls_net_context *net; 135 } io_ctx_t; 136 137 void my_debug( void *ctx, int level, 138 const char *file, int line, 139 const char *str ); 140 141 mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); 142 143 #if defined(MBEDTLS_USE_PSA_CRYPTO) 144 /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use 145 * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator. 146 * 147 * The constraints are: 148 * - Without the entropy module, the PSA RNG is the only option. 149 * - Without at least one of the DRBG modules, the PSA RNG is the only option. 150 * - The PSA RNG does not support explicit seeding, so it is incompatible with 151 * the reproducible mode used by test programs. 152 * - For good overall test coverage, there should be at least one configuration 153 * where the test programs use the PSA RNG while the PSA RNG is itself based 154 * on entropy+DRBG, and at least one configuration where the test programs 155 * do not use the PSA RNG even though it's there. 156 * 157 * A simple choice that meets the constraints is to use the PSA RNG whenever 158 * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the 159 * choice to use the PSA RNG in the test programs and the choice to use 160 * PSA crypto when TLS code needs crypto have to be tied together, but it 161 * happens to be a good match. It's also a good match from an application 162 * perspective: either PSA is preferred for TLS (both for crypto and for 163 * random generation) or it isn't. 164 */ 165 #define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG 166 #endif 167 168 /** A context for random number generation (RNG). 169 */ 170 typedef struct 171 { 172 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 173 unsigned char dummy; 174 #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 175 mbedtls_entropy_context entropy; 176 #if defined(MBEDTLS_CTR_DRBG_C) 177 mbedtls_ctr_drbg_context drbg; 178 #elif defined(MBEDTLS_HMAC_DRBG_C) 179 mbedtls_hmac_drbg_context drbg; 180 #else 181 #error "No DRBG available" 182 #endif 183 #endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 184 } rng_context_t; 185 186 /** Initialize the RNG. 187 * 188 * This function only initializes the memory used by the RNG context. 189 * Before using the RNG, it must be seeded with rng_seed(). 190 */ 191 void rng_init( rng_context_t *rng ); 192 193 /* Seed the random number generator. 194 * 195 * \param rng The RNG context to use. It must have been initialized 196 * with rng_init(). 197 * \param reproducible If zero, seed the RNG from entropy. 198 * If nonzero, use a fixed seed, so that the program 199 * will produce the same sequence of random numbers 200 * each time it is invoked. 201 * \param pers A null-terminated string. Different values for this 202 * string cause the RNG to emit different output for 203 * the same seed. 204 * 205 * return 0 on success, a negative value on error. 206 */ 207 int rng_seed( rng_context_t *rng, int reproducible, const char *pers ); 208 209 /** Deinitialize the RNG. Free any embedded resource. 210 * 211 * \param rng The RNG context to deinitialize. It must have been 212 * initialized with rng_init(). 213 */ 214 void rng_free( rng_context_t *rng ); 215 216 /** Generate random data. 217 * 218 * This function is suitable for use as the \c f_rng argument to Mbed TLS 219 * library functions. 220 * 221 * \param p_rng The random generator context. This must be a pointer to 222 * a #rng_context_t structure. 223 * \param output The buffer to fill. 224 * \param output_len The length of the buffer in bytes. 225 * 226 * \return \c 0 on success. 227 * \return An Mbed TLS error code on error. 228 */ 229 int rng_get( void *p_rng, unsigned char *output, size_t output_len ); 230 231 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 232 /* The test implementation of the PSA external RNG is insecure. When 233 * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto 234 * function that makes use of an RNG, you must call 235 * mbedtls_test_enable_insecure_external_rng(). */ 236 #include <test/fake_external_rng_for_test.h> 237 #endif 238 239 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 240 int ca_callback( void *data, mbedtls_x509_crt const *child, 241 mbedtls_x509_crt **candidates ); 242 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 243 244 /* 245 * Test recv/send functions that make sure each try returns 246 * WANT_READ/WANT_WRITE at least once before sucesseding 247 */ 248 int delayed_recv( void *ctx, unsigned char *buf, size_t len ); 249 int delayed_send( void *ctx, const unsigned char *buf, size_t len ); 250 251 /* 252 * Wait for an event from the underlying transport or the timer 253 * (Used in event-driven IO mode). 254 */ 255 int idle( mbedtls_net_context *fd, 256 #if defined(MBEDTLS_TIMING_C) 257 mbedtls_timing_delay_context *timer, 258 #endif 259 int idle_reason ); 260 261 #if defined(MBEDTLS_TEST_HOOKS) 262 /** Initialize whatever test hooks are enabled by the compile-time 263 * configuration and make sense for the TLS test programs. */ 264 void test_hooks_init( void ); 265 266 /** Check if any test hooks detected a problem. 267 * 268 * If a problem was detected, it's ok for the calling program to keep going, 269 * but it should ultimately exit with an error status. 270 * 271 * \note When implementing a test hook that detects errors on its own 272 * (as opposed to e.g. leaving the error for a memory sanitizer to 273 * report), make sure to print a message to standard error either at 274 * the time the problem is detected or during the execution of this 275 * function. This function does not indicate what problem was detected, 276 * so printing a message is the only way to provide feedback in the 277 * logs of the calling program. 278 * 279 * \return Nonzero if a problem was detected. 280 * \c 0 if no problem was detected. 281 */ 282 int test_hooks_failure_detected( void ); 283 284 /** Free any resources allocated for the sake of test hooks. 285 * 286 * Call this at the end of the program so that resource leak analyzers 287 * don't complain. 288 */ 289 void test_hooks_free( void ); 290 291 #endif /* !MBEDTLS_TEST_HOOKS */ 292 293 #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */ 294 #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */ 295
