1 /*
2  *  Common code library for SSL test programs.
3  *
4  *  In addition to the functions in this file, there is shared source code
5  *  that cannot be compiled separately in "ssl_test_common_source.c".
6  *
7  *  Copyright The Mbed TLS Contributors
8  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  */
10 
11 #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
12 
13 #include "ssl_test_lib.h"
14 
15 #if defined(MBEDTLS_TEST_HOOKS)
16 #include "test/threading_helpers.h"
17 #endif
18 
19 #if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
20 
21 #define ARRAY_LENGTH(x)     (sizeof(x)/sizeof(x[0]))
22 
my_debug(void * ctx,int level,const char * file,int line,const char * str)23 void my_debug(void *ctx, int level,
24               const char *file, int line,
25               const char *str)
26 {
27     const char *p, *basename;
28 
29     /* Extract basename from file */
30     for (p = basename = file; *p != '\0'; p++) {
31         if (*p == '/' || *p == '\\') {
32             basename = p + 1;
33         }
34     }
35 
36     mbedtls_fprintf((FILE *) ctx, "%s:%04d: |%d| %s",
37                     basename, line, level, str);
38     fflush((FILE *) ctx);
39 }
40 
41 #if defined(MBEDTLS_HAVE_TIME)
dummy_constant_time(mbedtls_time_t * time)42 mbedtls_time_t dummy_constant_time(mbedtls_time_t *time)
43 {
44     (void) time;
45     return 0x5af2a056;
46 }
47 #endif
48 
49 #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
dummy_entropy(void * data,unsigned char * output,size_t len)50 static int dummy_entropy(void *data, unsigned char *output, size_t len)
51 {
52     size_t i;
53     int ret;
54     (void) data;
55 
56     ret = mbedtls_entropy_func(data, output, len);
57     for (i = 0; i < len; i++) {
58         //replace result with pseudo random
59         output[i] = (unsigned char) rand();
60     }
61     return ret;
62 }
63 #endif
64 
rng_init(rng_context_t * rng)65 void rng_init(rng_context_t *rng)
66 {
67 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
68     (void) rng;
69     psa_crypto_init();
70 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
71 
72 #if defined(MBEDTLS_CTR_DRBG_C)
73     mbedtls_ctr_drbg_init(&rng->drbg);
74 #elif defined(MBEDTLS_HMAC_DRBG_C)
75     mbedtls_hmac_drbg_init(&rng->drbg);
76 #else
77 #error "No DRBG available"
78 #endif
79 
80     mbedtls_entropy_init(&rng->entropy);
81 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
82 }
83 
rng_seed(rng_context_t * rng,int reproducible,const char * pers)84 int rng_seed(rng_context_t *rng, int reproducible, const char *pers)
85 {
86     if (reproducible) {
87         mbedtls_fprintf(stderr,
88                         "reproducible mode is not supported.\n");
89         return -1;
90     }
91 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
92     /* The PSA crypto RNG does its own seeding. */
93     (void) rng;
94     (void) pers;
95     if (reproducible) {
96         mbedtls_fprintf(stderr,
97                         "The PSA RNG does not support reproducible mode.\n");
98         return -1;
99     }
100     return 0;
101 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
102     int (*f_entropy)(void *, unsigned char *, size_t) =
103         (reproducible ? dummy_entropy : mbedtls_entropy_func);
104 
105     if (reproducible) {
106         srand(1);
107     }
108 
109 #if defined(MBEDTLS_CTR_DRBG_C)
110     int ret = mbedtls_ctr_drbg_seed(&rng->drbg,
111                                     f_entropy, &rng->entropy,
112                                     (const unsigned char *) pers,
113                                     strlen(pers));
114 #elif defined(MBEDTLS_HMAC_DRBG_C)
115 #if defined(PSA_WANT_ALG_SHA_256)
116     const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
117 #elif defined(PSA_WANT_ALG_SHA_512)
118     const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
119 #else
120 #error "No message digest available for HMAC_DRBG"
121 #endif
122     int ret = mbedtls_hmac_drbg_seed(&rng->drbg,
123                                      mbedtls_md_info_from_type(md_type),
124                                      f_entropy, &rng->entropy,
125                                      (const unsigned char *) pers,
126                                      strlen(pers));
127 #else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
128 #error "No DRBG available"
129 #endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */
130 
131     if (ret != 0) {
132         mbedtls_printf(" failed\n  ! mbedtls_ctr_drbg_seed returned -0x%x\n",
133                        (unsigned int) -ret);
134         return ret;
135     }
136 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
137 
138     return 0;
139 }
140 
rng_free(rng_context_t * rng)141 void rng_free(rng_context_t *rng)
142 {
143 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
144     (void) rng;
145     /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs.
146      * This is ok because none of our applications try to do any crypto after
147      * deinitializing the RNG. */
148     mbedtls_psa_crypto_free();
149 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
150 
151 #if defined(MBEDTLS_CTR_DRBG_C)
152     mbedtls_ctr_drbg_free(&rng->drbg);
153 #elif defined(MBEDTLS_HMAC_DRBG_C)
154     mbedtls_hmac_drbg_free(&rng->drbg);
155 #else
156 #error "No DRBG available"
157 #endif
158 
159     mbedtls_entropy_free(&rng->entropy);
160 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
161 }
162 
rng_get(void * p_rng,unsigned char * output,size_t output_len)163 int rng_get(void *p_rng, unsigned char *output, size_t output_len)
164 {
165 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
166     (void) p_rng;
167     return mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE,
168                                   output, output_len);
169 #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
170     rng_context_t *rng = p_rng;
171 
172 #if defined(MBEDTLS_CTR_DRBG_C)
173     return mbedtls_ctr_drbg_random(&rng->drbg, output, output_len);
174 #elif defined(MBEDTLS_HMAC_DRBG_C)
175     return mbedtls_hmac_drbg_random(&rng->drbg, output, output_len);
176 #else
177 #error "No DRBG available"
178 #endif
179 
180 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
181 }
182 
key_opaque_alg_parse(const char * arg,const char ** alg1,const char ** alg2)183 int key_opaque_alg_parse(const char *arg, const char **alg1, const char **alg2)
184 {
185     char *separator;
186     if ((separator = strchr(arg, ',')) == NULL) {
187         return 1;
188     }
189     *separator = '\0';
190 
191     *alg1 = arg;
192     *alg2 = separator + 1;
193 
194     if (strcmp(*alg1, "rsa-sign-pkcs1") != 0 &&
195         strcmp(*alg1, "rsa-sign-pss") != 0 &&
196         strcmp(*alg1, "rsa-sign-pss-sha256") != 0 &&
197         strcmp(*alg1, "rsa-sign-pss-sha384") != 0 &&
198         strcmp(*alg1, "rsa-sign-pss-sha512") != 0 &&
199         strcmp(*alg1, "ecdsa-sign") != 0 &&
200         strcmp(*alg1, "ecdh") != 0) {
201         return 1;
202     }
203 
204     if (strcmp(*alg2, "rsa-sign-pkcs1") != 0 &&
205         strcmp(*alg2, "rsa-sign-pss") != 0 &&
206         strcmp(*alg1, "rsa-sign-pss-sha256") != 0 &&
207         strcmp(*alg1, "rsa-sign-pss-sha384") != 0 &&
208         strcmp(*alg1, "rsa-sign-pss-sha512") != 0 &&
209         strcmp(*alg2, "ecdsa-sign") != 0 &&
210         strcmp(*alg2, "ecdh") != 0 &&
211         strcmp(*alg2, "none") != 0) {
212         return 1;
213     }
214 
215     return 0;
216 }
217 
key_opaque_set_alg_usage(const char * alg1,const char * alg2,psa_algorithm_t * psa_alg1,psa_algorithm_t * psa_alg2,psa_key_usage_t * usage,mbedtls_pk_type_t key_type)218 int key_opaque_set_alg_usage(const char *alg1, const char *alg2,
219                              psa_algorithm_t *psa_alg1,
220                              psa_algorithm_t *psa_alg2,
221                              psa_key_usage_t *usage,
222                              mbedtls_pk_type_t key_type)
223 {
224     if (strcmp(alg1, "none") != 0) {
225         const char *algs[] = { alg1, alg2 };
226         psa_algorithm_t *psa_algs[] = { psa_alg1, psa_alg2 };
227 
228         for (int i = 0; i < 2; i++) {
229             if (strcmp(algs[i], "rsa-sign-pkcs1") == 0) {
230                 *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH);
231                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
232             } else if (strcmp(algs[i], "rsa-sign-pss") == 0) {
233                 *psa_algs[i] = PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH);
234                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
235             } else if (strcmp(algs[i], "rsa-sign-pss-sha256") == 0) {
236                 *psa_algs[i] = PSA_ALG_RSA_PSS(PSA_ALG_SHA_256);
237                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
238             } else if (strcmp(algs[i], "rsa-sign-pss-sha384") == 0) {
239                 *psa_algs[i] = PSA_ALG_RSA_PSS(PSA_ALG_SHA_384);
240                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
241             } else if (strcmp(algs[i], "rsa-sign-pss-sha512") == 0) {
242                 *psa_algs[i] = PSA_ALG_RSA_PSS(PSA_ALG_SHA_512);
243                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
244             } else if (strcmp(algs[i], "ecdsa-sign") == 0) {
245                 *psa_algs[i] = PSA_ALG_ECDSA(PSA_ALG_ANY_HASH);
246                 *usage |= PSA_KEY_USAGE_SIGN_HASH;
247             } else if (strcmp(algs[i], "ecdh") == 0) {
248                 *psa_algs[i] = PSA_ALG_ECDH;
249                 *usage |= PSA_KEY_USAGE_DERIVE;
250             } else if (strcmp(algs[i], "none") == 0) {
251                 *psa_algs[i] = PSA_ALG_NONE;
252             }
253         }
254     } else {
255         if (key_type == MBEDTLS_PK_ECKEY) {
256             *psa_alg1 = PSA_ALG_ECDSA(PSA_ALG_ANY_HASH);
257             *psa_alg2 = PSA_ALG_ECDH;
258             *usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
259         } else if (key_type == MBEDTLS_PK_RSA) {
260             *psa_alg1 = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH);
261             *psa_alg2 = PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH);
262             *usage = PSA_KEY_USAGE_SIGN_HASH;
263         } else {
264             return 1;
265         }
266     }
267 
268     return 0;
269 }
270 
271 #if defined(MBEDTLS_PK_C)
pk_wrap_as_opaque(mbedtls_pk_context * pk,psa_algorithm_t psa_alg,psa_algorithm_t psa_alg2,psa_key_usage_t psa_usage,mbedtls_svc_key_id_t * key_id)272 int pk_wrap_as_opaque(mbedtls_pk_context *pk, psa_algorithm_t psa_alg, psa_algorithm_t psa_alg2,
273                       psa_key_usage_t psa_usage, mbedtls_svc_key_id_t *key_id)
274 {
275     int ret;
276     psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
277 
278     ret = mbedtls_pk_get_psa_attributes(pk, PSA_KEY_USAGE_SIGN_HASH, &key_attr);
279     if (ret != 0) {
280         return ret;
281     }
282     psa_set_key_usage_flags(&key_attr, psa_usage);
283     psa_set_key_algorithm(&key_attr, psa_alg);
284     if (psa_alg2 != PSA_ALG_NONE) {
285         psa_set_key_enrollment_algorithm(&key_attr, psa_alg2);
286     }
287     ret = mbedtls_pk_import_into_psa(pk, &key_attr, key_id);
288     if (ret != 0) {
289         return ret;
290     }
291     mbedtls_pk_free(pk);
292     mbedtls_pk_init(pk);
293     ret = mbedtls_pk_wrap_psa(pk, *key_id);
294     if (ret != 0) {
295         return ret;
296     }
297 
298     return 0;
299 }
300 #endif /* MBEDTLS_PK_C */
301 
302 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
ca_callback(void * data,mbedtls_x509_crt const * child,mbedtls_x509_crt ** candidates)303 int ca_callback(void *data, mbedtls_x509_crt const *child,
304                 mbedtls_x509_crt **candidates)
305 {
306     int ret = 0;
307     mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
308     mbedtls_x509_crt *first;
309 
310     /* This is a test-only implementation of the CA callback
311      * which always returns the entire list of trusted certificates.
312      * Production implementations managing a large number of CAs
313      * should use an efficient presentation and lookup for the
314      * set of trusted certificates (such as a hashtable) and only
315      * return those trusted certificates which satisfy basic
316      * parental checks, such as the matching of child `Issuer`
317      * and parent `Subject` field or matching key identifiers. */
318     ((void) child);
319 
320     first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
321     if (first == NULL) {
322         ret = -1;
323         goto exit;
324     }
325     mbedtls_x509_crt_init(first);
326 
327     if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
328         ret = -1;
329         goto exit;
330     }
331 
332     while (ca->next != NULL) {
333         ca = ca->next;
334         if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) {
335             ret = -1;
336             goto exit;
337         }
338     }
339 
340 exit:
341 
342     if (ret != 0) {
343         mbedtls_x509_crt_free(first);
344         mbedtls_free(first);
345         first = NULL;
346     }
347 
348     *candidates = first;
349     return ret;
350 }
351 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
352 
delayed_recv(void * ctx,unsigned char * buf,size_t len)353 int delayed_recv(void *ctx, unsigned char *buf, size_t len)
354 {
355     static int first_try = 1;
356     int ret;
357 
358     if (first_try) {
359         first_try = 0;
360         return MBEDTLS_ERR_SSL_WANT_READ;
361     }
362 
363     ret = mbedtls_net_recv(ctx, buf, len);
364     if (ret != MBEDTLS_ERR_SSL_WANT_READ) {
365         first_try = 1; /* Next call will be a new operation */
366     }
367     return ret;
368 }
369 
delayed_send(void * ctx,const unsigned char * buf,size_t len)370 int delayed_send(void *ctx, const unsigned char *buf, size_t len)
371 {
372     static int first_try = 1;
373     int ret;
374 
375     if (first_try) {
376         first_try = 0;
377         return MBEDTLS_ERR_SSL_WANT_WRITE;
378     }
379 
380     ret = mbedtls_net_send(ctx, buf, len);
381     if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
382         first_try = 1; /* Next call will be a new operation */
383     }
384     return ret;
385 }
386 
387 #if !defined(MBEDTLS_TIMING_C)
idle(mbedtls_net_context * fd,int idle_reason)388 int idle(mbedtls_net_context *fd,
389          int idle_reason)
390 #else
391 int idle(mbedtls_net_context *fd,
392          mbedtls_timing_delay_context *timer,
393          int idle_reason)
394 #endif
395 {
396     int ret;
397     int poll_type = 0;
398 
399     if (idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE) {
400         poll_type = MBEDTLS_NET_POLL_WRITE;
401     } else if (idle_reason == MBEDTLS_ERR_SSL_WANT_READ) {
402         poll_type = MBEDTLS_NET_POLL_READ;
403     }
404 #if !defined(MBEDTLS_TIMING_C)
405     else {
406         return 0;
407     }
408 #endif
409 
410     while (1) {
411         /* Check if timer has expired */
412 #if defined(MBEDTLS_TIMING_C)
413         if (timer != NULL &&
414             mbedtls_timing_get_delay(timer) == 2) {
415             break;
416         }
417 #endif /* MBEDTLS_TIMING_C */
418 
419         /* Check if underlying transport became available */
420         if (poll_type != 0) {
421             ret = mbedtls_net_poll(fd, poll_type, 0);
422             if (ret < 0) {
423                 return ret;
424             }
425             if (ret == poll_type) {
426                 break;
427             }
428         }
429     }
430 
431     return 0;
432 }
433 
434 #if defined(MBEDTLS_TEST_HOOKS)
435 
test_hooks_init(void)436 void test_hooks_init(void)
437 {
438     mbedtls_test_info_reset();
439 
440 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
441     mbedtls_test_mutex_usage_init();
442 #endif
443 }
444 
test_hooks_failure_detected(void)445 int test_hooks_failure_detected(void)
446 {
447 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
448     /* Errors are reported via mbedtls_test_info. */
449     mbedtls_test_mutex_usage_check();
450 #endif
451 
452     if (mbedtls_test_get_result() != MBEDTLS_TEST_RESULT_SUCCESS) {
453         return 1;
454     }
455     return 0;
456 }
457 
test_hooks_free(void)458 void test_hooks_free(void)
459 {
460 #if defined(MBEDTLS_TEST_MUTEX_USAGE)
461     mbedtls_test_mutex_usage_end();
462 #endif
463 }
464 
465 #endif /* MBEDTLS_TEST_HOOKS */
466 
467 static const struct {
468     uint16_t tls_id;
469     const char *name;
470     uint8_t is_supported;
471 } tls_id_group_name_table[] =
472 {
473 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521)
474     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 1 },
475 #else
476     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 0 },
477 #endif
478 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
479     { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 1 },
480 #else
481     { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 0 },
482 #endif
483 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384)
484     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 1 },
485 #else
486     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 0 },
487 #endif
488 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
489     { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 1 },
490 #else
491     { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 0 },
492 #endif
493 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256)
494     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 1 },
495 #else
496     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 0 },
497 #endif
498 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256)
499     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 1 },
500 #else
501     { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 0 },
502 #endif
503 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
504     { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 1 },
505 #else
506     { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 0 },
507 #endif
508 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255)
509     { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 1 },
510 #else
511     { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 0 },
512 #endif
513 #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448)
514     { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 1 },
515 #else
516     { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 0 },
517 #endif
518 #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \
519     defined(PSA_WANT_ALG_FFDH)
520 #if defined(PSA_WANT_DH_RFC7919_2048)
521     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", 1 },
522 #else /* PSA_WANT_DH_RFC7919_2048 */
523     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", 0 },
524 #endif /* PSA_WANT_DH_RFC7919_2048 */
525 #if defined(PSA_WANT_DH_RFC7919_3072)
526     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 1 },
527 #else /* PSA_WANT_DH_RFC7919_3072 */
528     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 0 },
529 #endif /* PSA_WANT_DH_RFC7919_3072 */
530 #if defined(PSA_WANT_DH_RFC7919_4096)
531     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 1 },
532 #else /* PSA_WANT_DH_RFC7919_4096 */
533     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 0 },
534 #endif /* PSA_WANT_DH_RFC7919_4096 */
535 #if defined(PSA_WANT_DH_RFC7919_6144)
536     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 1 },
537 #else /* PSA_WANT_DH_RFC7919_6144 */
538     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 0 },
539 #endif /* PSA_WANT_DH_RFC7919_6144 */
540 #if defined(PSA_WANT_DH_RFC7919_8192)
541     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 1 },
542 #else /* PSA_WANT_DH_RFC7919_8192 */
543     { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 0 },
544 #endif /* PSA_WANT_DH_RFC7919_8192 */
545 #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED && PSA_WANT_ALG_FFDH */
546     { 0, NULL, 0 },
547 };
548 
mbedtls_ssl_get_curve_tls_id_from_name(const char * name)549 static uint16_t mbedtls_ssl_get_curve_tls_id_from_name(const char *name)
550 {
551     if (name == NULL) {
552         return 0;
553     }
554 
555     for (int i = 0; tls_id_group_name_table[i].tls_id != 0; i++) {
556         if (strcmp(tls_id_group_name_table[i].name, name) == 0) {
557             return tls_id_group_name_table[i].tls_id;
558         }
559     }
560 
561     return 0;
562 }
563 
mbedtls_ssl_print_supported_groups_list(void)564 static void mbedtls_ssl_print_supported_groups_list(void)
565 {
566     for (int i = 0; tls_id_group_name_table[i].tls_id != 0; i++) {
567         if (tls_id_group_name_table[i].is_supported == 1) {
568             mbedtls_printf("%s ", tls_id_group_name_table[i].name);
569         }
570     }
571 }
572 
parse_groups(const char * groups,uint16_t * group_list,size_t group_list_len)573 int parse_groups(const char *groups, uint16_t *group_list, size_t group_list_len)
574 {
575     char *p = (char *) groups;
576     char *q = NULL;
577     size_t i = 0;
578 
579     if (strcmp(p, "none") == 0) {
580         group_list[0] = 0;
581     } else if (strcmp(p, "default") != 0) {
582         /* Leave room for a final NULL in group list */
583         while (i < group_list_len - 1 && *p != '\0') {
584             uint16_t curve_tls_id;
585             q = p;
586 
587             /* Terminate the current string */
588             while (*p != ',' && *p != '\0') {
589                 p++;
590             }
591             if (*p == ',') {
592                 *p++ = '\0';
593             }
594 
595             if ((curve_tls_id = mbedtls_ssl_get_curve_tls_id_from_name(q)) != 0) {
596                 group_list[i++] = curve_tls_id;
597             } else {
598                 mbedtls_printf("unknown group %s\n", q);
599                 mbedtls_printf("supported groups: ");
600                 mbedtls_ssl_print_supported_groups_list();
601                 mbedtls_printf("\n");
602                 return -1;
603             }
604         }
605 
606         mbedtls_printf("Number of groups: %u\n", (unsigned int) i);
607 
608         if (i == group_list_len - 1 && *p != '\0') {
609             mbedtls_printf("groups list too long, maximum %u",
610                            (unsigned int) (group_list_len - 1));
611             return -1;
612         }
613 
614         group_list[i] = 0;
615     }
616 
617     return 0;
618 }
619 
620 #endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */
621