1 /* 2 * Common code for SSL test programs 3 * 4 * Copyright The Mbed TLS Contributors 5 * SPDX-License-Identifier: Apache-2.0 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may 8 * not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 */ 19 20 #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 21 #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 22 23 #include "mbedtls/build_info.h" 24 25 #if defined(MBEDTLS_PLATFORM_C) 26 #include "mbedtls/platform.h" 27 #else 28 #include <stdio.h> 29 #include <stdlib.h> 30 #define mbedtls_calloc calloc 31 #define mbedtls_free free 32 #define mbedtls_time time 33 #define mbedtls_time_t time_t 34 #define mbedtls_printf printf 35 #define mbedtls_fprintf fprintf 36 #define mbedtls_snprintf snprintf 37 #define mbedtls_exit exit 38 #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS 39 #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE 40 #endif 41 42 #undef HAVE_RNG 43 #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ 44 ( defined(MBEDTLS_USE_PSA_CRYPTO) || \ 45 defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) ) 46 #define HAVE_RNG 47 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) 48 #define HAVE_RNG 49 #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ 50 ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) 51 #define HAVE_RNG 52 #endif 53 54 #if !defined(MBEDTLS_NET_C) || \ 55 !defined(MBEDTLS_SSL_TLS_C) || \ 56 defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) 57 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 58 "MBEDTLS_NET_C and/or " \ 59 "MBEDTLS_SSL_TLS_C not defined, " \ 60 "and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined.\n" 61 #elif !defined(HAVE_RNG) 62 #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 63 "No random generator is available.\n" 64 #else 65 #undef MBEDTLS_SSL_TEST_IMPOSSIBLE 66 67 #undef HAVE_RNG 68 69 #include <stdio.h> 70 #include <stdlib.h> 71 #include <string.h> 72 73 #include "mbedtls/net_sockets.h" 74 #include "mbedtls/ssl.h" 75 #include "mbedtls/entropy.h" 76 #include "mbedtls/ctr_drbg.h" 77 #include "mbedtls/hmac_drbg.h" 78 #include "mbedtls/x509.h" 79 #include "mbedtls/error.h" 80 #include "mbedtls/debug.h" 81 #include "mbedtls/timing.h" 82 #include "mbedtls/base64.h" 83 #include "test/certs.h" 84 85 #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 86 #include "psa/crypto.h" 87 #include "mbedtls/psa_util.h" 88 #endif 89 90 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) 91 #include "mbedtls/memory_buffer_alloc.h" 92 #endif 93 94 #include <test/helpers.h> 95 96 #include "../test/query_config.h" 97 98 typedef struct eap_tls_keys 99 { 100 unsigned char master_secret[48]; 101 unsigned char randbytes[64]; 102 mbedtls_tls_prf_types tls_prf_type; 103 } eap_tls_keys; 104 105 #if defined( MBEDTLS_SSL_DTLS_SRTP ) 106 107 /* Supported SRTP mode needs a maximum of : 108 * - 16 bytes for key (AES-128) 109 * - 14 bytes SALT 110 * One for sender, one for receiver context 111 */ 112 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 113 114 typedef struct dtls_srtp_keys 115 { 116 unsigned char master_secret[48]; 117 unsigned char randbytes[64]; 118 mbedtls_tls_prf_types tls_prf_type; 119 } dtls_srtp_keys; 120 121 #endif /* MBEDTLS_SSL_DTLS_SRTP */ 122 123 typedef struct 124 { 125 mbedtls_ssl_context *ssl; 126 mbedtls_net_context *net; 127 } io_ctx_t; 128 129 void my_debug( void *ctx, int level, 130 const char *file, int line, 131 const char *str ); 132 133 mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); 134 135 #if defined(MBEDTLS_USE_PSA_CRYPTO) 136 /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use 137 * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator. 138 * 139 * The constraints are: 140 * - Without the entropy module, the PSA RNG is the only option. 141 * - Without at least one of the DRBG modules, the PSA RNG is the only option. 142 * - The PSA RNG does not support explicit seeding, so it is incompatible with 143 * the reproducible mode used by test programs. 144 * - For good overall test coverage, there should be at least one configuration 145 * where the test programs use the PSA RNG while the PSA RNG is itself based 146 * on entropy+DRBG, and at least one configuration where the test programs 147 * do not use the PSA RNG even though it's there. 148 * 149 * A simple choice that meets the constraints is to use the PSA RNG whenever 150 * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the 151 * choice to use the PSA RNG in the test programs and the choice to use 152 * PSA crypto when TLS code needs crypto have to be tied together, but it 153 * happens to be a good match. It's also a good match from an application 154 * perspective: either PSA is preferred for TLS (both for crypto and for 155 * random generation) or it isn't. 156 */ 157 #define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG 158 #endif 159 160 /** A context for random number generation (RNG). 161 */ 162 typedef struct 163 { 164 #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 165 unsigned char dummy; 166 #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 167 mbedtls_entropy_context entropy; 168 #if defined(MBEDTLS_CTR_DRBG_C) 169 mbedtls_ctr_drbg_context drbg; 170 #elif defined(MBEDTLS_HMAC_DRBG_C) 171 mbedtls_hmac_drbg_context drbg; 172 #else 173 #error "No DRBG available" 174 #endif 175 #endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 176 } rng_context_t; 177 178 /** Initialize the RNG. 179 * 180 * This function only initializes the memory used by the RNG context. 181 * Before using the RNG, it must be seeded with rng_seed(). 182 */ 183 void rng_init( rng_context_t *rng ); 184 185 /* Seed the random number generator. 186 * 187 * \param rng The RNG context to use. It must have been initialized 188 * with rng_init(). 189 * \param reproducible If zero, seed the RNG from entropy. 190 * If nonzero, use a fixed seed, so that the program 191 * will produce the same sequence of random numbers 192 * each time it is invoked. 193 * \param pers A null-terminated string. Different values for this 194 * string cause the RNG to emit different output for 195 * the same seed. 196 * 197 * return 0 on success, a negative value on error. 198 */ 199 int rng_seed( rng_context_t *rng, int reproducible, const char *pers ); 200 201 /** Deinitialize the RNG. Free any embedded resource. 202 * 203 * \param rng The RNG context to deinitialize. It must have been 204 * initialized with rng_init(). 205 */ 206 void rng_free( rng_context_t *rng ); 207 208 /** Generate random data. 209 * 210 * This function is suitable for use as the \c f_rng argument to Mbed TLS 211 * library functions. 212 * 213 * \param p_rng The random generator context. This must be a pointer to 214 * a #rng_context_t structure. 215 * \param output The buffer to fill. 216 * \param output_len The length of the buffer in bytes. 217 * 218 * \return \c 0 on success. 219 * \return An Mbed TLS error code on error. 220 */ 221 int rng_get( void *p_rng, unsigned char *output, size_t output_len ); 222 223 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 224 /* The test implementation of the PSA external RNG is insecure. When 225 * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto 226 * function that makes use of an RNG, you must call 227 * mbedtls_test_enable_insecure_external_rng(). */ 228 #include <test/fake_external_rng_for_test.h> 229 #endif 230 231 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 232 int ca_callback( void *data, mbedtls_x509_crt const *child, 233 mbedtls_x509_crt **candidates ); 234 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 235 236 /* 237 * Test recv/send functions that make sure each try returns 238 * WANT_READ/WANT_WRITE at least once before sucesseding 239 */ 240 int delayed_recv( void *ctx, unsigned char *buf, size_t len ); 241 int delayed_send( void *ctx, const unsigned char *buf, size_t len ); 242 243 /* 244 * Wait for an event from the underlying transport or the timer 245 * (Used in event-driven IO mode). 246 */ 247 int idle( mbedtls_net_context *fd, 248 #if defined(MBEDTLS_TIMING_C) 249 mbedtls_timing_delay_context *timer, 250 #endif 251 int idle_reason ); 252 253 #if defined(MBEDTLS_TEST_HOOKS) 254 /** Initialize whatever test hooks are enabled by the compile-time 255 * configuration and make sense for the TLS test programs. */ 256 void test_hooks_init( void ); 257 258 /** Check if any test hooks detected a problem. 259 * 260 * If a problem was detected, it's ok for the calling program to keep going, 261 * but it should ultimately exit with an error status. 262 * 263 * \note When implementing a test hook that detects errors on its own 264 * (as opposed to e.g. leaving the error for a memory sanitizer to 265 * report), make sure to print a message to standard error either at 266 * the time the problem is detected or during the execution of this 267 * function. This function does not indicate what problem was detected, 268 * so printing a message is the only way to provide feedback in the 269 * logs of the calling program. 270 * 271 * \return Nonzero if a problem was detected. 272 * \c 0 if no problem was detected. 273 */ 274 int test_hooks_failure_detected( void ); 275 276 /** Free any resources allocated for the sake of test hooks. 277 * 278 * Call this at the end of the program so that resource leak analyzers 279 * don't complain. 280 */ 281 void test_hooks_free( void ); 282 283 #endif /* !MBEDTLS_TEST_HOOKS */ 284 285 #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */ 286 #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */ 287