1 /* 2 * Common code for SSL test programs 3 * 4 * Copyright The Mbed TLS Contributors 5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 6 */ 7 8 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 9 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 10 11 #include "mbedtls/build_info.h" 12 13 #include "mbedtls/platform.h" 14 #include "mbedtls/md.h" 15 16 #undef HAVE_RNG 17 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 18 #define HAVE_RNG 19 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) 20 #define HAVE_RNG 21 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ 22 (defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512)) 23 #define HAVE_RNG 24 #endif 25 26 #if !defined(MBEDTLS_NET_C) || \ 27 !defined(MBEDTLS_SSL_TLS_C) 28 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 29 "MBEDTLS_NET_C and/or " \ 30 "MBEDTLS_SSL_TLS_C not defined." 31 #elif !defined(HAVE_RNG) 32 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 33 "No random generator is available.\n" 34 #else 35 #undef MBEDTLS_SSL_TEST_IMPOSSIBLE 36 37 #undef HAVE_RNG 38 39 #include <stdio.h> 40 #include <stdlib.h> 41 #include <string.h> 42 43 #include "mbedtls/net_sockets.h" 44 #include "mbedtls/ssl.h" 45 #include "mbedtls/ssl_ciphersuites.h" 46 #include "mbedtls/entropy.h" 47 #include "mbedtls/ctr_drbg.h" 48 #include "mbedtls/hmac_drbg.h" 49 #include "mbedtls/x509.h" 50 #include "mbedtls/error.h" 51 #include "mbedtls/debug.h" 52 #include "mbedtls/timing.h" 53 #include "mbedtls/base64.h" 54 #include "test/certs.h" 55 56 #include "psa/crypto.h" 57 #include "mbedtls/psa_util.h" 58 59 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) 60 #include "mbedtls/memory_buffer_alloc.h" 61 #endif 62 63 #include <test/helpers.h> 64 65 #include "query_config.h" 66 67 #define ALPN_LIST_SIZE 10 68 #define GROUP_LIST_SIZE 25 69 #define SIG_ALG_LIST_SIZE 5 70 71 typedef struct eap_tls_keys { 72 unsigned char master_secret[48]; 73 unsigned char randbytes[64]; 74 mbedtls_tls_prf_types tls_prf_type; 75 } eap_tls_keys; 76 77 #if defined(MBEDTLS_SSL_DTLS_SRTP) 78 79 /* Supported SRTP mode needs a maximum of : 80 * - 16 bytes for key (AES-128) 81 * - 14 bytes SALT 82 * One for sender, one for receiver context 83 */ 84 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 85 86 typedef struct dtls_srtp_keys { 87 unsigned char master_secret[48]; 88 unsigned char randbytes[64]; 89 mbedtls_tls_prf_types tls_prf_type; 90 } dtls_srtp_keys; 91 92 #endif /* MBEDTLS_SSL_DTLS_SRTP */ 93 94 typedef struct { 95 mbedtls_ssl_context *ssl; 96 mbedtls_net_context *net; 97 } io_ctx_t; 98 99 void my_debug(void *ctx, int level, 100 const char *file, int line, 101 const char *str); 102 103 #if defined(MBEDTLS_HAVE_TIME) 104 mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); 105 #endif 106 107 #define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG 108 109 /** A context for random number generation (RNG). 110 */ 111 typedef struct { 112 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 113 unsigned char dummy; 114 #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 115 mbedtls_entropy_context entropy; 116 #if defined(MBEDTLS_CTR_DRBG_C) 117 mbedtls_ctr_drbg_context drbg; 118 #elif defined(MBEDTLS_HMAC_DRBG_C) 119 mbedtls_hmac_drbg_context drbg; 120 #else 121 #error "No DRBG available" 122 #endif 123 #endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 124 } rng_context_t; 125 126 /** Initialize the RNG. 127 * 128 * This function only initializes the memory used by the RNG context. 129 * Before using the RNG, it must be seeded with rng_seed(). 130 */ 131 void rng_init(rng_context_t *rng); 132 133 /* Seed the random number generator. 134 * 135 * \param rng The RNG context to use. It must have been initialized 136 * with rng_init(). 137 * \param reproducible If zero, seed the RNG from entropy. 138 * If nonzero, use a fixed seed, so that the program 139 * will produce the same sequence of random numbers 140 * each time it is invoked. 141 * \param pers A null-terminated string. Different values for this 142 * string cause the RNG to emit different output for 143 * the same seed. 144 * 145 * return 0 on success, a negative value on error. 146 */ 147 int rng_seed(rng_context_t *rng, int reproducible, const char *pers); 148 149 /** Deinitialize the RNG. Free any embedded resource. 150 * 151 * \param rng The RNG context to deinitialize. It must have been 152 * initialized with rng_init(). 153 */ 154 void rng_free(rng_context_t *rng); 155 156 /** Generate random data. 157 * 158 * This function is suitable for use as the \c f_rng argument to Mbed TLS 159 * library functions. 160 * 161 * \param p_rng The random generator context. This must be a pointer to 162 * a #rng_context_t structure. 163 * \param output The buffer to fill. 164 * \param output_len The length of the buffer in bytes. 165 * 166 * \return \c 0 on success. 167 * \return An Mbed TLS error code on error. 168 */ 169 int rng_get(void *p_rng, unsigned char *output, size_t output_len); 170 171 /** Parse command-line option: key_opaque_algs 172 * 173 * 174 * \param arg String value of key_opaque_algs 175 * Coma-separated pair of values among the following: 176 * - "rsa-sign-pkcs1" 177 * - "rsa-sign-pss" 178 * - "ecdsa-sign" 179 * - "ecdh" 180 * - "none" (only acceptable for the second value). 181 * \param alg1 Address of pointer to alg #1 182 * \param alg2 Address of pointer to alg #2 183 * 184 * \return \c 0 on success. 185 * \return \c 1 on parse failure. 186 */ 187 int key_opaque_alg_parse(const char *arg, const char **alg1, const char **alg2); 188 189 /** Parse given opaque key algorithms to obtain psa algs and usage 190 * that will be passed to mbedtls_pk_wrap_as_opaque(). 191 * 192 * 193 * \param alg1 input string opaque key algorithm #1 194 * \param alg2 input string opaque key algorithm #2 195 * \param psa_alg1 output PSA algorithm #1 196 * \param psa_alg2 output PSA algorithm #2 197 * \param usage output key usage 198 * \param key_type key type used to set default psa algorithm/usage 199 * when alg1 in "none" 200 * 201 * \return \c 0 on success. 202 * \return \c 1 on parse failure. 203 */ 204 int key_opaque_set_alg_usage(const char *alg1, const char *alg2, 205 psa_algorithm_t *psa_alg1, 206 psa_algorithm_t *psa_alg2, 207 psa_key_usage_t *usage, 208 mbedtls_pk_type_t key_type); 209 210 #if defined(MBEDTLS_PK_C) 211 /** Turn a non-opaque PK context into an opaque one with folowing steps: 212 * - extract the key data and attributes from the PK context. 213 * - import the key material into PSA. 214 * - free the provided PK context and re-initilize it as an opaque PK context 215 * wrapping the PSA key imported in the above step. 216 * 217 * \param[in,out] pk On input, the non-opaque PK context which contains the 218 * key to be wrapped. On output, the re-initialized PK 219 * context which represents the opaque version of the one 220 * provided as input. 221 * \param[in] psa_alg The primary algorithm that will be associated to the 222 * PSA key. 223 * \param[in] psa_alg2 The enrollment algorithm that will be associated to the 224 * PSA key. 225 * \param[in] psa_usage The PSA key usage policy. 226 * \param[out] key_id The PSA key identifier of the imported key. 227 * 228 * \return \c 0 on sucess. 229 * \return \c -1 on failure. 230 */ 231 int pk_wrap_as_opaque(mbedtls_pk_context *pk, psa_algorithm_t psa_alg, psa_algorithm_t psa_alg2, 232 psa_key_usage_t psa_usage, mbedtls_svc_key_id_t *key_id); 233 #endif /* MBEDTLS_PK_C */ 234 235 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 236 /* The test implementation of the PSA external RNG is insecure. When 237 * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto 238 * function that makes use of an RNG, you must call 239 * mbedtls_test_enable_insecure_external_rng(). */ 240 #include <test/fake_external_rng_for_test.h> 241 #endif 242 243 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 244 int ca_callback(void *data, mbedtls_x509_crt const *child, 245 mbedtls_x509_crt **candidates); 246 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 247 248 /* 249 * Test recv/send functions that make sure each try returns 250 * WANT_READ/WANT_WRITE at least once before succeeding 251 */ 252 int delayed_recv(void *ctx, unsigned char *buf, size_t len); 253 int delayed_send(void *ctx, const unsigned char *buf, size_t len); 254 255 /* 256 * Wait for an event from the underlying transport or the timer 257 * (Used in event-driven IO mode). 258 */ 259 int idle(mbedtls_net_context *fd, 260 #if defined(MBEDTLS_TIMING_C) 261 mbedtls_timing_delay_context *timer, 262 #endif 263 int idle_reason); 264 265 #if defined(MBEDTLS_TEST_HOOKS) 266 /** Initialize whatever test hooks are enabled by the compile-time 267 * configuration and make sense for the TLS test programs. */ 268 void test_hooks_init(void); 269 270 /** Check if any test hooks detected a problem. 271 * 272 * If a problem was detected, it's ok for the calling program to keep going, 273 * but it should ultimately exit with an error status. 274 * 275 * \note When implementing a test hook that detects errors on its own 276 * (as opposed to e.g. leaving the error for a memory sanitizer to 277 * report), make sure to print a message to standard error either at 278 * the time the problem is detected or during the execution of this 279 * function. This function does not indicate what problem was detected, 280 * so printing a message is the only way to provide feedback in the 281 * logs of the calling program. 282 * 283 * \return Nonzero if a problem was detected. 284 * \c 0 if no problem was detected. 285 */ 286 int test_hooks_failure_detected(void); 287 288 /** Free any resources allocated for the sake of test hooks. 289 * 290 * Call this at the end of the program so that resource leak analyzers 291 * don't complain. 292 */ 293 void test_hooks_free(void); 294 295 #endif /* !MBEDTLS_TEST_HOOKS */ 296 297 /* Helper functions for FFDH groups. */ 298 int parse_groups(const char *groups, uint16_t *group_list, size_t group_list_len); 299 300 #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */ 301 #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */ 302