1 /*
2  *  Test dynamic loading of libmbed*
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6  */
7 
8 #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
9 
10 #include "mbedtls/build_info.h"
11 
12 #include "mbedtls/platform.h"
13 
14 #if defined(MBEDTLS_X509_CRT_PARSE_C)
15 #include "mbedtls/x509_crt.h"
16 #endif
17 
18 #if defined(__APPLE__)
19 #define SO_SUFFIX ".dylib"
20 #else
21 #define SO_SUFFIX ".so"
22 #endif
23 
24 #define MBEDCRYPTO_SO_FILENAME "libmbedcrypto" SO_SUFFIX
25 #define TFPSACRYPTO_SO_FILENAME "libtfpsacrypto" SO_SUFFIX
26 #define X509_SO_FILENAME "libmbedx509" SO_SUFFIX
27 #define TLS_SO_FILENAME "libmbedtls" SO_SUFFIX
28 
29 #include <dlfcn.h>
30 
31 #define CHECK_DLERROR(function, argument)                             \
32     do                                                                  \
33     {                                                                   \
34         char *CHECK_DLERROR_error = dlerror();                        \
35         if (CHECK_DLERROR_error != NULL)                               \
36         {                                                               \
37             fprintf(stderr, "Dynamic loading error for %s(%s): %s\n",  \
38                     function, argument, CHECK_DLERROR_error);         \
39             mbedtls_exit(MBEDTLS_EXIT_FAILURE);                       \
40         }                                                               \
41     }                                                                   \
42     while (0)
43 
main(void)44 int main(void)
45 {
46 #if defined(MBEDTLS_MD_C) || defined(MBEDTLS_SSL_TLS_C)
47     unsigned n;
48 #endif
49 
50 #if defined(MBEDTLS_SSL_TLS_C)
51     void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW);
52     CHECK_DLERROR("dlopen", TLS_SO_FILENAME);
53 #pragma GCC diagnostic push
54     /* dlsym() returns an object pointer which is meant to be used as a
55      * function pointer. This has undefined behavior in standard C, so
56      * "gcc -std=c99 -pedantic" complains about it, but it is perfectly
57      * fine on platforms that have dlsym(). */
58 #pragma GCC diagnostic ignored "-Wpedantic"
59     const int *(*ssl_list_ciphersuites)(void) =
60         dlsym(tls_so, "mbedtls_ssl_list_ciphersuites");
61 #pragma GCC diagnostic pop
62     CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites");
63     const int *ciphersuites = ssl_list_ciphersuites();
64     for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */
65         ;
66     }
67     mbedtls_printf("dlopen(%s): %u ciphersuites\n",
68                    TLS_SO_FILENAME, n);
69     dlclose(tls_so);
70     CHECK_DLERROR("dlclose", TLS_SO_FILENAME);
71 #endif  /* MBEDTLS_SSL_TLS_C */
72 
73 #if defined(MBEDTLS_X509_CRT_PARSE_C)
74     void *x509_so = dlopen(X509_SO_FILENAME, RTLD_NOW);
75     CHECK_DLERROR("dlopen", X509_SO_FILENAME);
76     const mbedtls_x509_crt_profile *profile =
77         dlsym(x509_so, "mbedtls_x509_crt_profile_default");
78     CHECK_DLERROR("dlsym", "mbedtls_x509_crt_profile_default");
79     mbedtls_printf("dlopen(%s): Allowed md mask: %08x\n",
80                    X509_SO_FILENAME, (unsigned) profile->allowed_mds);
81     dlclose(x509_so);
82     CHECK_DLERROR("dlclose", X509_SO_FILENAME);
83 #endif  /* MBEDTLS_X509_CRT_PARSE_C */
84 
85 #if defined(MBEDTLS_MD_C)
86     const char *crypto_so_filename = NULL;
87     void *crypto_so = dlopen(MBEDCRYPTO_SO_FILENAME, RTLD_NOW);
88     if (dlerror() == NULL) {
89         crypto_so_filename = MBEDCRYPTO_SO_FILENAME;
90     } else {
91         crypto_so = dlopen(TFPSACRYPTO_SO_FILENAME, RTLD_NOW);
92         CHECK_DLERROR("dlopen", TFPSACRYPTO_SO_FILENAME);
93         crypto_so_filename = TFPSACRYPTO_SO_FILENAME;
94     }
95 #pragma GCC diagnostic push
96     /* dlsym() returns an object pointer which is meant to be used as a
97      * function pointer. This has undefined behavior in standard C, so
98      * "gcc -std=c99 -pedantic" complains about it, but it is perfectly
99      * fine on platforms that have dlsym(). */
100 #pragma GCC diagnostic ignored "-Wpedantic"
101     psa_status_t (*dyn_psa_crypto_init)(void) =
102         dlsym(crypto_so, "psa_crypto_init");
103     psa_status_t (*dyn_psa_hash_compute)(psa_algorithm_t, const uint8_t *, size_t, uint8_t *,
104                                          size_t, size_t *) =
105         dlsym(crypto_so, "psa_hash_compute");
106 
107 #pragma GCC diagnostic pop
108     /* Demonstrate hashing a message with PSA Crypto */
109 
110     CHECK_DLERROR("dlsym", "psa_crypto_init");
111     CHECK_DLERROR("dlsym", "psa_hash_compute");
112 
113     psa_status_t status = dyn_psa_crypto_init();
114     if (status != PSA_SUCCESS) {
115         mbedtls_fprintf(stderr, "psa_crypto_init failed: %d\n", (int) status);
116         mbedtls_exit(MBEDTLS_EXIT_FAILURE);
117     }
118 
119     const uint8_t input[] = "hello world";
120     uint8_t hash[32]; // Buffer to hold the output hash
121     size_t hash_len = 0;
122 
123     status = dyn_psa_hash_compute(PSA_ALG_SHA_256,
124                                   input, sizeof(input) - 1,
125                                   hash, sizeof(hash),
126                                   &hash_len);
127     if (status != PSA_SUCCESS) {
128         mbedtls_fprintf(stderr, "psa_hash_compute failed: %d\n", (int) status);
129         mbedtls_exit(MBEDTLS_EXIT_FAILURE);
130     }
131 
132     mbedtls_printf("dlopen(%s): psa_hash_compute succeeded. SHA-256 output length: %zu\n",
133                    crypto_so_filename, hash_len);
134 
135 
136     dlclose(crypto_so);
137     CHECK_DLERROR("dlclose", crypto_so_filename);
138 #endif  /* MBEDTLS_MD_C */
139 
140     return 0;
141 }
142