diff --git a/CMakeLists.txt b/CMakeLists.txt index 692629fc1b..1600756782 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -352,7 +352,29 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${CMAKE_CURRENT_SOURCE_DIR}/framework/tests/src/*.c ${CMAKE_CURRENT_SOURCE_DIR}/framework/tests/src/drivers/*.c) add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) + if(GEN_FILES) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/psa_test_wrappers.h + ${CMAKE_CURRENT_BINARY_DIR}/tests/src/psa_test_wrappers.c + COMMAND ${CMAKE_COMMAND} -E make_directory + ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test + ${CMAKE_CURRENT_BINARY_DIR}/tests/src + COMMAND + "${MBEDTLS_PYTHON_EXECUTABLE}" + "${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_psa_wrappers.py" + "--output-h" "${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/psa_test_wrappers.h" + "--output-c" "${CMAKE_CURRENT_BINARY_DIR}/tests/src/psa_test_wrappers.c" + DEPENDS + ${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_psa_wrappers.py + ) + add_custom_target(psa_test_wrappers + DEPENDS + ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/psa_test_wrappers.h + ${CMAKE_CURRENT_BINARY_DIR}/tests/src/psa_test_wrappers.c) + add_dependencies(mbedtls_test psa_test_wrappers) + add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_keys.h @@ -367,6 +389,8 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ) add_custom_target(test_keys_header DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_keys.h) + add_dependencies(mbedtls_test test_keys_header) + add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_certs.h @@ -382,8 +406,9 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_test_cert_macros.py ) add_custom_target(test_certs_header DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/tests/include/test/test_certs.h) - add_dependencies(mbedtls_test test_keys_header test_certs_header) + add_dependencies(mbedtls_test test_certs_header) endif() + target_include_directories(mbedtls_test PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/tests/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/framework/tests/include diff --git a/ChangeLog.d/fix-mingw-ansi-stdio.txt b/ChangeLog.d/fix-mingw-ansi-stdio.txt new file mode 100644 index 0000000000..d9293d95ca --- /dev/null +++ b/ChangeLog.d/fix-mingw-ansi-stdio.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix a build failure with MinGW when the __USE_MINGW_ANSI_STDIO option + is set. This was caused by the wrong format specifier being used to + print long long values (MBEDTLS_PRINTF_LONGLONG). diff --git a/ChangeLog.d/issue665.txt b/ChangeLog.d/issue665.txt new file mode 100644 index 0000000000..7d3da9ebce --- /dev/null +++ b/ChangeLog.d/issue665.txt @@ -0,0 +1,6 @@ +Bugfix + * Fix a bug that caused GCM tag calculations to fail, so that data was + correctly encrypted but could not be authenticated. The bug was only + observed with GCC 10.0 to 14.2 inclusive, when compiling with -O3, and + running without AESNI or AESCE. + Fixes #665. diff --git a/docs/architecture/psa-shared-memory.md b/docs/architecture/psa-shared-memory.md index 283ffc6265..89f9eede7a 100644 --- a/docs/architecture/psa-shared-memory.md +++ b/docs/architecture/psa-shared-memory.md @@ -663,7 +663,7 @@ psa_status_t mem_poison_psa_aead_update(psa_aead_operation_t *operation, There now exists a more generic mechanism for making exactly this kind of transformation - the PSA test wrappers, which exist in the files `tests/include/test/psa_test_wrappers.h` and `tests/src/psa_test_wrappers.c`. These are wrappers around all PSA functions that allow testing code to be inserted at the start and end of a PSA function call. -The test wrappers are generated by a script, although they are not automatically generated as part of the build process. Instead, they are checked into source control and must be manually updated when functions change by running `framework/scripts/generate_psa_wrappers.py`. +The test wrappers are generated by a script `framework/scripts/generate_psa_wrappers.py` as part of the product build. Poisoning code is added to these test wrappers where relevant in order to pre-poison and post-unpoison the parameters to the functions. diff --git a/framework b/framework index 875ec308e7..8ed11c99fe 160000 --- a/framework +++ b/framework @@ -1 +1 @@ -Subproject commit 875ec308e7ff34610075507b7216172ce8eb0785 +Subproject commit 8ed11c99fe9e6d4d96289ebc1e134949421be917 diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 0c5a85ac27..9a1062a583 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -381,10 +381,10 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data * const unsigned char *val, size_t val_len); +#endif /* MBEDTLS_ASN1_WRITE_C */ + #ifdef __cplusplus } #endif -#endif /* MBEDTLS_ASN1_WRITE_C */ - #endif /* MBEDTLS_ASN1_WRITE_H */ diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index e6f5dadb14..45bf390a04 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -111,7 +111,7 @@ #if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) #include #define MBEDTLS_PRINTF_SIZET PRIuPTR - #define MBEDTLS_PRINTF_LONGLONG "I64d" + #define MBEDTLS_PRINTF_LONGLONG PRId64 #else \ /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */ #define MBEDTLS_PRINTF_SIZET "zu" diff --git a/library/aesce.c b/library/aesce.c index 517ccf4a1b..06a8bdc0ac 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -88,7 +88,11 @@ # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) -# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) +# if __clang_major__ < 7 +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# else +# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) +# endif # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__GNUC__) # pragma GCC push_options diff --git a/library/alignment.h b/library/alignment.h index a17001dd91..d304133382 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -15,6 +15,7 @@ #include #include +#if !defined(MBEDTLS_ALIGNMENT_DISABLE_EFFICENT_UNALIGNED_ACCESS) //no-check-names /* * Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS for architectures where unaligned memory * accesses are known to be efficient. @@ -35,7 +36,9 @@ * device memory). */ #define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS -#endif +#endif /* __ARM_FEATURE_UNALIGNED || MBEDTLS_ARCH_IS_X86 || MBEDTLS_ARCH_IS_X64 || + * MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64 */ +#endif /* MBEDTLS_ALIGNMENT_DISABLE_EFFICENT_UNALIGNED_ACCESS */ //no-check-names #if defined(__IAR_SYSTEMS_ICC__) && \ (defined(MBEDTLS_ARCH_IS_ARM64) || defined(MBEDTLS_ARCH_IS_ARM32) \ @@ -85,13 +88,13 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; #define UINT_UNALIGNED_STRUCT typedef struct { uint16_t x; -} __attribute__((packed)) mbedtls_uint16_unaligned_t; +} __attribute__((packed, may_alias)) mbedtls_uint16_unaligned_t; typedef struct { uint32_t x; -} __attribute__((packed)) mbedtls_uint32_unaligned_t; +} __attribute__((packed, may_alias)) mbedtls_uint32_unaligned_t; typedef struct { uint64_t x; -} __attribute__((packed)) mbedtls_uint64_unaligned_t; +} __attribute__((packed, may_alias)) mbedtls_uint64_unaligned_t; #endif /* @@ -277,15 +280,15 @@ static inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) /* * Detect GCC built-in byteswap routines */ -#if defined(__GNUC__) && defined(__GNUC_PREREQ) -#if __GNUC_PREREQ(4, 8) +#if defined(__GNUC__) +#if MBEDTLS_GCC_VERSION >= 40800 #define MBEDTLS_BSWAP16 __builtin_bswap16 -#endif /* __GNUC_PREREQ(4,8) */ -#if __GNUC_PREREQ(4, 3) +#endif +#if MBEDTLS_GCC_VERSION >= 40300 #define MBEDTLS_BSWAP32 __builtin_bswap32 #define MBEDTLS_BSWAP64 __builtin_bswap64 -#endif /* __GNUC_PREREQ(4,3) */ -#endif /* defined(__GNUC__) && defined(__GNUC_PREREQ) */ +#endif +#endif /* defined(__GNUC__) */ /* * Detect Clang built-in byteswap routines diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index 6469e9f439..f1ed7f53ee 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -128,11 +128,6 @@ #error "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE defined, but feature is not supported" #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_USE_PSA_CRYPTO) && \ - !(defined(PSA_WANT_ALG_SHA_1) || defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512)) -#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" -#endif - #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) && \ !defined(PSA_WANT_ALG_SHA_256) #error "PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS defined, but not all prerequisites" diff --git a/library/pkwrite.c b/library/pkwrite.c index 2a698448be..ff6c0bfb44 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -64,22 +64,24 @@ static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, { #if defined(MBEDTLS_USE_PSA_CRYPTO) if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { - uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; - size_t tmp_len = 0; + psa_status_t status; + size_t buf_size = (size_t) (*p - buf); + size_t key_len = 0; - if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - /* Ensure there's enough space in the provided buffer before copying data into it. */ - if (tmp_len > (size_t) (*p - buf)) { - mbedtls_platform_zeroize(tmp, sizeof(tmp)); + status = psa_export_key(pk->priv_id, buf, buf_size, &key_len); + if (status == PSA_ERROR_BUFFER_TOO_SMALL) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } else if (status != PSA_SUCCESS) { + return PSA_PK_RSA_TO_MBEDTLS_ERR(status); } - *p -= tmp_len; - memcpy(*p, tmp, tmp_len); - mbedtls_platform_zeroize(tmp, sizeof(tmp)); - return (int) tmp_len; + /* We wrote to the beginning of the buffer while + * we were supposed to write to its end. */ + *p -= key_len; + memmove(*p, buf, key_len); + mbedtls_platform_zeroize(buf, *p - buf); + + return (int) key_len; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ return mbedtls_rsa_write_key(mbedtls_pk_rsa(*pk), buf, p); diff --git a/library/sha256.c b/library/sha256.c index c2a5f9c93b..4f1ac3e0fb 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -15,10 +15,6 @@ #define _GNU_SOURCE #endif -#include "common.h" - -#if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) - #if defined(__clang__) && (__clang_major__ >= 4) /* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8_A in the following #if, @@ -30,15 +26,18 @@ #endif #if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8_A) && !defined(__ARM_FEATURE_CRYPTO) -/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. - * +/* * The intrinsic declaration are guarded by predefined ACLE macros in clang: * these are normally only enabled by the -march option on the command line. * By defining the macros ourselves we gain access to those declarations without * requiring -march on the command line. * * `arm_neon.h` is included by common.h, so we put these defines - * at the top of this file, before any includes. + * at the top of this file, before any includes but after the intrinsic + * declaration. This is necessary with + * Clang <=15.x. With Clang 16.0 and above, these macro definitions are + * no longer required, but they're harmless. See + * https://reviews.llvm.org/D131064 */ #define __ARM_FEATURE_CRYPTO 1 /* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions @@ -52,6 +51,10 @@ #endif /* defined(__clang__) && (__clang_major__ >= 4) */ +#include "common.h" + +#if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) + #include "mbedtls/sha256.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" diff --git a/library/sha512.c b/library/sha512.c index c7c2d92aef..286cbdf9f0 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -10,26 +10,29 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ -#include "common.h" - -#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) - #if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ defined(__clang__) && __clang_major__ >= 7 -/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. - * +/* * The intrinsic declaration are guarded by predefined ACLE macros in clang: * these are normally only enabled by the -march option on the command line. * By defining the macros ourselves we gain access to those declarations without * requiring -march on the command line. * * `arm_neon.h` is included by common.h, so we put these defines - * at the top of this file, before any includes. + * at the top of this file, before any includes but after the intrinsic + * declaration. This is necessary with + * Clang <=15.x. With Clang 16.0 and above, these macro definitions are + * no longer required, but they're harmless. See + * https://reviews.llvm.org/D131064 */ #define __ARM_FEATURE_SHA512 1 #define MBEDTLS_ENABLE_ARM_SHA3_EXTENSIONS_COMPILER_FLAG #endif +#include "common.h" + +#if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) + #include "mbedtls/sha512.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 4889e77e04..38ef76376c 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -38,6 +38,8 @@ const char *mbedtls_ssl_named_group_to_str(uint16_t in); const char *mbedtls_ssl_get_extension_name(unsigned int extension_type); +const char *mbedtls_ssl_get_hs_msg_name(int hs_msg_type); + void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl, int level, const char *file, int line, int hs_msg_type, uint32_t extensions_mask, diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c7c24aa798..38f81bd099 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -19,6 +19,7 @@ #include "mbedtls/ssl.h" #include "ssl_misc.h" #include "debug_internal.h" +#include "ssl_debug_helpers.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/version.h" @@ -2618,7 +2619,8 @@ int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl) max_hs_frag_len : rem_len; if (frag_off == 0 && cur_hs_frag_len != hs_len) { - MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting handshake message (%u > %u)", + MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting %s handshake message (%u > %u)", + mbedtls_ssl_get_hs_msg_name(cur->p[0]), (unsigned) cur_hs_frag_len, (unsigned) max_hs_frag_len)); } @@ -4449,7 +4451,9 @@ static int ssl_load_buffered_message(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message has been buffered - load")); + MBEDTLS_SSL_DEBUG_MSG(2, ("%s handshake message has been buffered%s", + mbedtls_ssl_get_hs_msg_name(hs_buf->data[0]), + hs_buf->is_fragmented ? " and reassembled" : "")); MBEDTLS_SSL_DEBUG_BUF(3, "Buffered handshake message (incl. header)", hs_buf->data, msg_len + 12); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 30cde27923..a8687277ea 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -685,7 +685,7 @@ const char *mbedtls_ssl_get_extension_name(unsigned int extension_type) mbedtls_ssl_get_extension_id(extension_type)]; } -static const char *ssl_tls13_get_hs_msg_name(int hs_msg_type) +const char *mbedtls_ssl_get_hs_msg_name(int hs_msg_type) { switch (hs_msg_type) { case MBEDTLS_SSL_HS_CLIENT_HELLO: @@ -700,8 +700,16 @@ static const char *ssl_tls13_get_hs_msg_name(int hs_msg_type) return "EncryptedExtensions"; case MBEDTLS_SSL_HS_CERTIFICATE: return "Certificate"; + case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: + return "ServerKeyExchange"; case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return "CertificateRequest"; + case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: + return "CertificateVerify"; + case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: + return "ClientKeyExchange"; + case MBEDTLS_SSL_HS_FINISHED: + return "Finished"; } return "Unknown"; } @@ -716,7 +724,7 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, mbedtls_debug_print_msg( ssl, level, file, line, "%s: %s(%u) extension %s %s.", - ssl_tls13_get_hs_msg_name(hs_msg_type), + mbedtls_ssl_get_hs_msg_name(hs_msg_type), mbedtls_ssl_get_extension_name(extension_type), extension_type, extra_msg0, extra_msg1); @@ -727,7 +735,7 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, if (extra_msg) { mbedtls_debug_print_msg( ssl, level, file, line, - "%s: %s(%u) extension %s.", ssl_tls13_get_hs_msg_name(hs_msg_type), + "%s: %s(%u) extension %s.", mbedtls_ssl_get_hs_msg_name(hs_msg_type), mbedtls_ssl_get_extension_name(extension_type), extension_type, extra_msg); return; @@ -735,7 +743,7 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, mbedtls_debug_print_msg( ssl, level, file, line, - "%s: %s(%u) extension.", ssl_tls13_get_hs_msg_name(hs_msg_type), + "%s: %s(%u) extension.", mbedtls_ssl_get_hs_msg_name(hs_msg_type), mbedtls_ssl_get_extension_name(extension_type), extension_type); } @@ -10121,7 +10129,7 @@ static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl, const size_t context_len) { const psa_algorithm_t psa_hash_alg = mbedtls_md_psa_alg_from_type(hash_alg); - const size_t hash_len = PSA_HASH_LENGTH(hash_alg); + const size_t hash_len = PSA_HASH_LENGTH(psa_hash_alg); const unsigned char *secret = ssl->session->app_secrets.exporter_master_secret; /* The length of the label must be at most 249 bytes to fit into the HkdfLabel diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index e9539499d1..82c01e1168 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3592,6 +3592,7 @@ handshake: * 5. Verify the client certificate */ mbedtls_printf(" . Verifying peer X.509 certificate..."); + fflush(stdout); if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; @@ -3609,6 +3610,7 @@ handshake: char crt_buf[512]; mbedtls_printf(" . Peer certificate information ...\n"); + fflush(stdout); mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), " ", mbedtls_ssl_get_peer_cert(&ssl)); mbedtls_printf("%s\n", crt_buf); @@ -4061,6 +4063,7 @@ data_exchange: size_t buf_len; mbedtls_printf(" . Serializing live connection..."); + fflush(stdout); ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len); if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { @@ -4095,6 +4098,7 @@ data_exchange: size_t b64_len; mbedtls_printf(" . Save serialized context to a file... "); + fflush(stdout); mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len); @@ -4143,6 +4147,7 @@ data_exchange: if (opt.serialize == 1) { /* nothing to do here, done by context_save() already */ mbedtls_printf(" . Context has been reset... ok\n"); + fflush(stdout); } /* @@ -4155,6 +4160,7 @@ data_exchange: */ if (opt.serialize == 2) { mbedtls_printf(" . Freeing and reinitializing context..."); + fflush(stdout); mbedtls_ssl_free(&ssl); @@ -4191,6 +4197,7 @@ data_exchange: } mbedtls_printf(" . Deserializing connection..."); + fflush(stdout); if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, buf_len)) != 0) { @@ -4220,6 +4227,7 @@ data_exchange: */ close_notify: mbedtls_printf(" . Closing the connection..."); + fflush(stdout); /* No error checking, the connection might be closed already */ do { diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 86ed74eada..725cf5420e 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -15,7 +15,6 @@ set -e VERSION="" -SOVERSION="" # Parse arguments # @@ -52,7 +51,7 @@ do echo -e " --so-x509 \tSO version to bump libmbedx509 to." echo -e " --so-tls \tSO version to bump libmbedtls to." echo -e " -v|--verbose\t\tVerbose." - exit 1 + exit 0 ;; *) # print error diff --git a/scripts/generate_tls_handshake_tests.py b/scripts/generate_tls_handshake_tests.py new file mode 100755 index 0000000000..30f27b1b37 --- /dev/null +++ b/scripts/generate_tls_handshake_tests.py @@ -0,0 +1,17 @@ +#!/usr/bin/env python3 +""" +Generate miscellaneous TLS test cases relating to the handshake. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +import sys + +import framework_scripts_path # pylint: disable=unused-import + +from mbedtls_framework import tls_handshake_tests + +if __name__ == '__main__': + sys.argv[1:1] = ["--no-tls12-client-hello-defragmentation-support"] + tls_handshake_tests.main() diff --git a/scripts/make_generated_files.bat b/scripts/make_generated_files.bat index 4977cecc68..cd96e67b0b 100644 --- a/scripts/make_generated_files.bat +++ b/scripts/make_generated_files.bat @@ -23,9 +23,10 @@ python framework\scripts\generate_bignum_tests.py || exit /b 1 python framework\scripts\generate_config_tests.py || exit /b 1 python framework\scripts\generate_ecp_tests.py || exit /b 1 python framework\scripts\generate_psa_tests.py || exit /b 1 +python framework\scripts\generate_psa_wrappers.py || exit /b 1 python framework\scripts\generate_test_keys.py --output tests\include\test\test_keys.h || exit /b 1 python framework\scripts\generate_test_cert_macros.py --output tests\include\test\test_certs.h || exit /b 1 -python framework\scripts\generate_tls_handshake_tests.py || exit /b 1 +python scripts\generate_tls_handshake_tests.py || exit /b 1 python framework\scripts\generate_tls13_compat_tests.py || exit /b 1 @rem @@@@ Build @@@@ diff --git a/tests/.gitignore b/tests/.gitignore index d32d367c46..58d4e4897e 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -20,11 +20,13 @@ # Generated source files /opt-testcases/handshake-generated.sh /opt-testcases/tls13-compat.sh +/src/psa_test_wrappers.c /suites/*.generated.data /suites/test_suite_config.mbedtls_boolean.data /suites/test_suite_config.psa_boolean.data /suites/test_suite_psa_crypto_storage_format.v[0-9]*.data /suites/test_suite_psa_crypto_storage_format.current.data +/include/test/psa_test_wrappers.h /include/test/test_keys.h /include/test/test_certs.h ###END_GENERATED_FILES### diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index aacb9ec4ab..bdb30ee443 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -132,10 +132,10 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND "${MBEDTLS_PYTHON_EXECUTABLE}" - "${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_tls_handshake_tests.py" + "${PROJECT_SOURCE_DIR}/scripts/generate_tls_handshake_tests.py" DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/mbedtls_framework/tls_test_case.py - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_tls_handshake_tests.py + ${PROJECT_SOURCE_DIR}/scripts/generate_tls_handshake_tests.py ) add_custom_target(handshake-generated.sh DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/opt-testcases/handshake-generated.sh) diff --git a/tests/Makefile b/tests/Makefile index 103c4fe9db..a4c7c227bb 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -54,14 +54,15 @@ GENERATED_DATA_FILES += $(GENERATED_PSA_DATA_FILES) GENERATED_FILES = $(GENERATED_DATA_FILES) GENERATED_FILES += include/test/test_keys.h include/test/test_certs.h +GENERATED_FILES += include/test/psa_test_wrappers.h src/psa_test_wrappers.c # Generated files needed to (fully) run ssl-opt.sh .PHONY: ssl-opt opt-testcases/handshake-generated.sh: ../framework/scripts/mbedtls_framework/tls_test_case.py -opt-testcases/handshake-generated.sh: ../framework/scripts/generate_tls_handshake_tests.py +opt-testcases/handshake-generated.sh: ../scripts/generate_tls_handshake_tests.py echo " Gen $@" - $(PYTHON) ../framework/scripts/generate_tls_handshake_tests.py -o $@ + $(PYTHON) ../scripts/generate_tls_handshake_tests.py -o $@ GENERATED_FILES += opt-testcases/handshake-generated.sh ssl-opt: opt-testcases/handshake-generated.sh @@ -164,6 +165,10 @@ all: $(BINARIES) mbedtls_test: $(MBEDTLS_TEST_OBJS) +include/test/psa_test_wrappers.h src/psa_test_wrappers.c: ../framework/scripts/generate_psa_wrappers.py + echo " Gen $@" + cd .. && $(PYTHON) framework/scripts/generate_psa_wrappers.py + include/test/test_certs.h: ../framework/scripts/generate_test_cert_macros.py \ $($(PYTHON) ../framework/scripts/generate_test_cert_macros.py --list-dependencies) echo " Gen $@" @@ -180,6 +185,7 @@ ifdef RECORD_PSA_STATUS_COVERAGE_LOG # therefore the wildcard enumeration above doesn't include it. TEST_OBJS_DEPS += ../framework/tests/include/test/instrument_record_status.h endif +TEST_OBJS_DEPS += include/test/psa_test_wrappers.h TEST_OBJS_DEPS += include/test/test_certs.h include/test/test_keys.h # Rule to compile common test C files in framework diff --git a/tests/include/test/psa_test_wrappers.h b/tests/include/test/psa_test_wrappers.h deleted file mode 100644 index 134a547c85..0000000000 --- a/tests/include/test/psa_test_wrappers.h +++ /dev/null @@ -1,789 +0,0 @@ -/* Automatically generated by generate_psa_wrappers.py, do not edit! */ - -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -#ifndef TEST_PSA_TEST_WRAPPERS_H -#define TEST_PSA_TEST_WRAPPERS_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ - !defined(RECORD_PSA_STATUS_COVERAGE_LOG) - -#include -#include -#include -#include - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) -psa_status_t mbedtls_test_wrap_mbedtls_psa_inject_entropy( - const uint8_t *arg0_seed, - size_t arg1_seed_size); -#define mbedtls_psa_inject_entropy(arg0_seed, arg1_seed_size) \ - mbedtls_test_wrap_mbedtls_psa_inject_entropy(arg0_seed, arg1_seed_size) -#endif /* defined(MBEDTLS_PSA_INJECT_ENTROPY) */ - -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) -psa_status_t mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key( - mbedtls_svc_key_id_t arg0_key_id, - psa_key_lifetime_t *arg1_lifetime, - psa_drv_slot_number_t *arg2_slot_number); -#define mbedtls_psa_platform_get_builtin_key(arg0_key_id, arg1_lifetime, arg2_slot_number) \ - mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key(arg0_key_id, arg1_lifetime, arg2_slot_number) -#endif /* defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) */ - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) -psa_status_t mbedtls_test_wrap_mbedtls_psa_register_se_key( - const psa_key_attributes_t *arg0_attributes); -#define mbedtls_psa_register_se_key(arg0_attributes) \ - mbedtls_test_wrap_mbedtls_psa_register_se_key(arg0_attributes) -#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ - -psa_status_t mbedtls_test_wrap_psa_aead_abort( - psa_aead_operation_t *arg0_operation); -#define psa_aead_abort(arg0_operation) \ - mbedtls_test_wrap_psa_aead_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_aead_decrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_nonce, - size_t arg3_nonce_length, - const uint8_t *arg4_additional_data, - size_t arg5_additional_data_length, - const uint8_t *arg6_ciphertext, - size_t arg7_ciphertext_length, - uint8_t *arg8_plaintext, - size_t arg9_plaintext_size, - size_t *arg10_plaintext_length); -#define psa_aead_decrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length) \ - mbedtls_test_wrap_psa_aead_decrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length) - -psa_status_t mbedtls_test_wrap_psa_aead_decrypt_setup( - psa_aead_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg); -#define psa_aead_decrypt_setup(arg0_operation, arg1_key, arg2_alg) \ - mbedtls_test_wrap_psa_aead_decrypt_setup(arg0_operation, arg1_key, arg2_alg) - -psa_status_t mbedtls_test_wrap_psa_aead_encrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_nonce, - size_t arg3_nonce_length, - const uint8_t *arg4_additional_data, - size_t arg5_additional_data_length, - const uint8_t *arg6_plaintext, - size_t arg7_plaintext_length, - uint8_t *arg8_ciphertext, - size_t arg9_ciphertext_size, - size_t *arg10_ciphertext_length); -#define psa_aead_encrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length) \ - mbedtls_test_wrap_psa_aead_encrypt(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length) - -psa_status_t mbedtls_test_wrap_psa_aead_encrypt_setup( - psa_aead_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg); -#define psa_aead_encrypt_setup(arg0_operation, arg1_key, arg2_alg) \ - mbedtls_test_wrap_psa_aead_encrypt_setup(arg0_operation, arg1_key, arg2_alg) - -psa_status_t mbedtls_test_wrap_psa_aead_finish( - psa_aead_operation_t *arg0_operation, - uint8_t *arg1_ciphertext, - size_t arg2_ciphertext_size, - size_t *arg3_ciphertext_length, - uint8_t *arg4_tag, - size_t arg5_tag_size, - size_t *arg6_tag_length); -#define psa_aead_finish(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length) \ - mbedtls_test_wrap_psa_aead_finish(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length) - -psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce( - psa_aead_operation_t *arg0_operation, - uint8_t *arg1_nonce, - size_t arg2_nonce_size, - size_t *arg3_nonce_length); -#define psa_aead_generate_nonce(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length) \ - mbedtls_test_wrap_psa_aead_generate_nonce(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length) - -psa_status_t mbedtls_test_wrap_psa_aead_set_lengths( - psa_aead_operation_t *arg0_operation, - size_t arg1_ad_length, - size_t arg2_plaintext_length); -#define psa_aead_set_lengths(arg0_operation, arg1_ad_length, arg2_plaintext_length) \ - mbedtls_test_wrap_psa_aead_set_lengths(arg0_operation, arg1_ad_length, arg2_plaintext_length) - -psa_status_t mbedtls_test_wrap_psa_aead_set_nonce( - psa_aead_operation_t *arg0_operation, - const uint8_t *arg1_nonce, - size_t arg2_nonce_length); -#define psa_aead_set_nonce(arg0_operation, arg1_nonce, arg2_nonce_length) \ - mbedtls_test_wrap_psa_aead_set_nonce(arg0_operation, arg1_nonce, arg2_nonce_length) - -psa_status_t mbedtls_test_wrap_psa_aead_update( - psa_aead_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length, - uint8_t *arg3_output, - size_t arg4_output_size, - size_t *arg5_output_length); -#define psa_aead_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) \ - mbedtls_test_wrap_psa_aead_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) - -psa_status_t mbedtls_test_wrap_psa_aead_update_ad( - psa_aead_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length); -#define psa_aead_update_ad(arg0_operation, arg1_input, arg2_input_length) \ - mbedtls_test_wrap_psa_aead_update_ad(arg0_operation, arg1_input, arg2_input_length) - -psa_status_t mbedtls_test_wrap_psa_aead_verify( - psa_aead_operation_t *arg0_operation, - uint8_t *arg1_plaintext, - size_t arg2_plaintext_size, - size_t *arg3_plaintext_length, - const uint8_t *arg4_tag, - size_t arg5_tag_length); -#define psa_aead_verify(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length) \ - mbedtls_test_wrap_psa_aead_verify(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length) - -psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_salt, - size_t arg5_salt_length, - uint8_t *arg6_output, - size_t arg7_output_size, - size_t *arg8_output_length); -#define psa_asymmetric_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) \ - mbedtls_test_wrap_psa_asymmetric_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) - -psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_salt, - size_t arg5_salt_length, - uint8_t *arg6_output, - size_t arg7_output_size, - size_t *arg8_output_length); -#define psa_asymmetric_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) \ - mbedtls_test_wrap_psa_asymmetric_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length) - -psa_status_t mbedtls_test_wrap_psa_cipher_abort( - psa_cipher_operation_t *arg0_operation); -#define psa_cipher_abort(arg0_operation) \ - mbedtls_test_wrap_psa_cipher_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_cipher_decrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_output, - size_t arg5_output_size, - size_t *arg6_output_length); -#define psa_cipher_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) \ - mbedtls_test_wrap_psa_cipher_decrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) - -psa_status_t mbedtls_test_wrap_psa_cipher_decrypt_setup( - psa_cipher_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg); -#define psa_cipher_decrypt_setup(arg0_operation, arg1_key, arg2_alg) \ - mbedtls_test_wrap_psa_cipher_decrypt_setup(arg0_operation, arg1_key, arg2_alg) - -psa_status_t mbedtls_test_wrap_psa_cipher_encrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_output, - size_t arg5_output_size, - size_t *arg6_output_length); -#define psa_cipher_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) \ - mbedtls_test_wrap_psa_cipher_encrypt(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length) - -psa_status_t mbedtls_test_wrap_psa_cipher_encrypt_setup( - psa_cipher_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg); -#define psa_cipher_encrypt_setup(arg0_operation, arg1_key, arg2_alg) \ - mbedtls_test_wrap_psa_cipher_encrypt_setup(arg0_operation, arg1_key, arg2_alg) - -psa_status_t mbedtls_test_wrap_psa_cipher_finish( - psa_cipher_operation_t *arg0_operation, - uint8_t *arg1_output, - size_t arg2_output_size, - size_t *arg3_output_length); -#define psa_cipher_finish(arg0_operation, arg1_output, arg2_output_size, arg3_output_length) \ - mbedtls_test_wrap_psa_cipher_finish(arg0_operation, arg1_output, arg2_output_size, arg3_output_length) - -psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv( - psa_cipher_operation_t *arg0_operation, - uint8_t *arg1_iv, - size_t arg2_iv_size, - size_t *arg3_iv_length); -#define psa_cipher_generate_iv(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length) \ - mbedtls_test_wrap_psa_cipher_generate_iv(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length) - -psa_status_t mbedtls_test_wrap_psa_cipher_set_iv( - psa_cipher_operation_t *arg0_operation, - const uint8_t *arg1_iv, - size_t arg2_iv_length); -#define psa_cipher_set_iv(arg0_operation, arg1_iv, arg2_iv_length) \ - mbedtls_test_wrap_psa_cipher_set_iv(arg0_operation, arg1_iv, arg2_iv_length) - -psa_status_t mbedtls_test_wrap_psa_cipher_update( - psa_cipher_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length, - uint8_t *arg3_output, - size_t arg4_output_size, - size_t *arg5_output_length); -#define psa_cipher_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) \ - mbedtls_test_wrap_psa_cipher_update(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length) - -psa_status_t mbedtls_test_wrap_psa_copy_key( - mbedtls_svc_key_id_t arg0_source_key, - const psa_key_attributes_t *arg1_attributes, - mbedtls_svc_key_id_t *arg2_target_key); -#define psa_copy_key(arg0_source_key, arg1_attributes, arg2_target_key) \ - mbedtls_test_wrap_psa_copy_key(arg0_source_key, arg1_attributes, arg2_target_key) - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - psa_pake_cipher_suite_t *arg1_cipher_suite); -#define psa_crypto_driver_pake_get_cipher_suite(arg0_inputs, arg1_cipher_suite) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite(arg0_inputs, arg1_cipher_suite) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - uint8_t *arg1_buffer, - size_t arg2_buffer_size, - size_t *arg3_buffer_length); -#define psa_crypto_driver_pake_get_password(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_password(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - size_t *arg1_password_len); -#define psa_crypto_driver_pake_get_password_len(arg0_inputs, arg1_password_len) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len(arg0_inputs, arg1_password_len) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - uint8_t *arg1_peer_id, - size_t arg2_peer_id_size, - size_t *arg3_peer_id_length); -#define psa_crypto_driver_pake_get_peer(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_peer(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - size_t *arg1_peer_len); -#define psa_crypto_driver_pake_get_peer_len(arg0_inputs, arg1_peer_len) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len(arg0_inputs, arg1_peer_len) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - uint8_t *arg1_user_id, - size_t arg2_user_id_size, - size_t *arg3_user_id_len); -#define psa_crypto_driver_pake_get_user(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_user(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - size_t *arg1_user_len); -#define psa_crypto_driver_pake_get_user_len(arg0_inputs, arg1_user_len) \ - mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len(arg0_inputs, arg1_user_len) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -psa_status_t mbedtls_test_wrap_psa_crypto_init(void); -#define psa_crypto_init() \ - mbedtls_test_wrap_psa_crypto_init() - -psa_status_t mbedtls_test_wrap_psa_destroy_key( - mbedtls_svc_key_id_t arg0_key); -#define psa_destroy_key(arg0_key) \ - mbedtls_test_wrap_psa_destroy_key(arg0_key) - -psa_status_t mbedtls_test_wrap_psa_export_key( - mbedtls_svc_key_id_t arg0_key, - uint8_t *arg1_data, - size_t arg2_data_size, - size_t *arg3_data_length); -#define psa_export_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) \ - mbedtls_test_wrap_psa_export_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) - -psa_status_t mbedtls_test_wrap_psa_export_public_key( - mbedtls_svc_key_id_t arg0_key, - uint8_t *arg1_data, - size_t arg2_data_size, - size_t *arg3_data_length); -#define psa_export_public_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) \ - mbedtls_test_wrap_psa_export_public_key(arg0_key, arg1_data, arg2_data_size, arg3_data_length) - -psa_status_t mbedtls_test_wrap_psa_generate_key( - const psa_key_attributes_t *arg0_attributes, - mbedtls_svc_key_id_t *arg1_key); -#define psa_generate_key(arg0_attributes, arg1_key) \ - mbedtls_test_wrap_psa_generate_key(arg0_attributes, arg1_key) - -psa_status_t mbedtls_test_wrap_psa_generate_key_custom( - const psa_key_attributes_t *arg0_attributes, - const psa_custom_key_parameters_t *arg1_custom, - const uint8_t *arg2_custom_data, - size_t arg3_custom_data_length, - mbedtls_svc_key_id_t *arg4_key); -#define psa_generate_key_custom(arg0_attributes, arg1_custom, arg2_custom_data, arg3_custom_data_length, arg4_key) \ - mbedtls_test_wrap_psa_generate_key_custom(arg0_attributes, arg1_custom, arg2_custom_data, arg3_custom_data_length, arg4_key) - -psa_status_t mbedtls_test_wrap_psa_generate_key_ext( - const psa_key_attributes_t *arg0_attributes, - const psa_key_production_parameters_t *arg1_params, - size_t arg2_params_data_length, - mbedtls_svc_key_id_t *arg3_key); -#define psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key) \ - mbedtls_test_wrap_psa_generate_key_ext(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key) - -psa_status_t mbedtls_test_wrap_psa_generate_random( - uint8_t *arg0_output, - size_t arg1_output_size); -#define psa_generate_random(arg0_output, arg1_output_size) \ - mbedtls_test_wrap_psa_generate_random(arg0_output, arg1_output_size) - -psa_status_t mbedtls_test_wrap_psa_get_key_attributes( - mbedtls_svc_key_id_t arg0_key, - psa_key_attributes_t *arg1_attributes); -#define psa_get_key_attributes(arg0_key, arg1_attributes) \ - mbedtls_test_wrap_psa_get_key_attributes(arg0_key, arg1_attributes) - -psa_status_t mbedtls_test_wrap_psa_hash_abort( - psa_hash_operation_t *arg0_operation); -#define psa_hash_abort(arg0_operation) \ - mbedtls_test_wrap_psa_hash_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_hash_clone( - const psa_hash_operation_t *arg0_source_operation, - psa_hash_operation_t *arg1_target_operation); -#define psa_hash_clone(arg0_source_operation, arg1_target_operation) \ - mbedtls_test_wrap_psa_hash_clone(arg0_source_operation, arg1_target_operation) - -psa_status_t mbedtls_test_wrap_psa_hash_compare( - psa_algorithm_t arg0_alg, - const uint8_t *arg1_input, - size_t arg2_input_length, - const uint8_t *arg3_hash, - size_t arg4_hash_length); -#define psa_hash_compare(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length) \ - mbedtls_test_wrap_psa_hash_compare(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length) - -psa_status_t mbedtls_test_wrap_psa_hash_compute( - psa_algorithm_t arg0_alg, - const uint8_t *arg1_input, - size_t arg2_input_length, - uint8_t *arg3_hash, - size_t arg4_hash_size, - size_t *arg5_hash_length); -#define psa_hash_compute(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length) \ - mbedtls_test_wrap_psa_hash_compute(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length) - -psa_status_t mbedtls_test_wrap_psa_hash_finish( - psa_hash_operation_t *arg0_operation, - uint8_t *arg1_hash, - size_t arg2_hash_size, - size_t *arg3_hash_length); -#define psa_hash_finish(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length) \ - mbedtls_test_wrap_psa_hash_finish(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length) - -psa_status_t mbedtls_test_wrap_psa_hash_setup( - psa_hash_operation_t *arg0_operation, - psa_algorithm_t arg1_alg); -#define psa_hash_setup(arg0_operation, arg1_alg) \ - mbedtls_test_wrap_psa_hash_setup(arg0_operation, arg1_alg) - -psa_status_t mbedtls_test_wrap_psa_hash_update( - psa_hash_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length); -#define psa_hash_update(arg0_operation, arg1_input, arg2_input_length) \ - mbedtls_test_wrap_psa_hash_update(arg0_operation, arg1_input, arg2_input_length) - -psa_status_t mbedtls_test_wrap_psa_hash_verify( - psa_hash_operation_t *arg0_operation, - const uint8_t *arg1_hash, - size_t arg2_hash_length); -#define psa_hash_verify(arg0_operation, arg1_hash, arg2_hash_length) \ - mbedtls_test_wrap_psa_hash_verify(arg0_operation, arg1_hash, arg2_hash_length) - -psa_status_t mbedtls_test_wrap_psa_import_key( - const psa_key_attributes_t *arg0_attributes, - const uint8_t *arg1_data, - size_t arg2_data_length, - mbedtls_svc_key_id_t *arg3_key); -#define psa_import_key(arg0_attributes, arg1_data, arg2_data_length, arg3_key) \ - mbedtls_test_wrap_psa_import_key(arg0_attributes, arg1_data, arg2_data_length, arg3_key) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_abort( - psa_key_derivation_operation_t *arg0_operation); -#define psa_key_derivation_abort(arg0_operation) \ - mbedtls_test_wrap_psa_key_derivation_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_get_capacity( - const psa_key_derivation_operation_t *arg0_operation, - size_t *arg1_capacity); -#define psa_key_derivation_get_capacity(arg0_operation, arg1_capacity) \ - mbedtls_test_wrap_psa_key_derivation_get_capacity(arg0_operation, arg1_capacity) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_input_bytes( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - const uint8_t *arg2_data, - size_t arg3_data_length); -#define psa_key_derivation_input_bytes(arg0_operation, arg1_step, arg2_data, arg3_data_length) \ - mbedtls_test_wrap_psa_key_derivation_input_bytes(arg0_operation, arg1_step, arg2_data, arg3_data_length) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_input_integer( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - uint64_t arg2_value); -#define psa_key_derivation_input_integer(arg0_operation, arg1_step, arg2_value) \ - mbedtls_test_wrap_psa_key_derivation_input_integer(arg0_operation, arg1_step, arg2_value) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_input_key( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - mbedtls_svc_key_id_t arg2_key); -#define psa_key_derivation_input_key(arg0_operation, arg1_step, arg2_key) \ - mbedtls_test_wrap_psa_key_derivation_input_key(arg0_operation, arg1_step, arg2_key) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_key_agreement( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - mbedtls_svc_key_id_t arg2_private_key, - const uint8_t *arg3_peer_key, - size_t arg4_peer_key_length); -#define psa_key_derivation_key_agreement(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length) \ - mbedtls_test_wrap_psa_key_derivation_key_agreement(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_bytes( - psa_key_derivation_operation_t *arg0_operation, - uint8_t *arg1_output, - size_t arg2_output_length); -#define psa_key_derivation_output_bytes(arg0_operation, arg1_output, arg2_output_length) \ - mbedtls_test_wrap_psa_key_derivation_output_bytes(arg0_operation, arg1_output, arg2_output_length) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key( - const psa_key_attributes_t *arg0_attributes, - psa_key_derivation_operation_t *arg1_operation, - mbedtls_svc_key_id_t *arg2_key); -#define psa_key_derivation_output_key(arg0_attributes, arg1_operation, arg2_key) \ - mbedtls_test_wrap_psa_key_derivation_output_key(arg0_attributes, arg1_operation, arg2_key) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_custom( - const psa_key_attributes_t *arg0_attributes, - psa_key_derivation_operation_t *arg1_operation, - const psa_custom_key_parameters_t *arg2_custom, - const uint8_t *arg3_custom_data, - size_t arg4_custom_data_length, - mbedtls_svc_key_id_t *arg5_key); -#define psa_key_derivation_output_key_custom(arg0_attributes, arg1_operation, arg2_custom, arg3_custom_data, arg4_custom_data_length, arg5_key) \ - mbedtls_test_wrap_psa_key_derivation_output_key_custom(arg0_attributes, arg1_operation, arg2_custom, arg3_custom_data, arg4_custom_data_length, arg5_key) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext( - const psa_key_attributes_t *arg0_attributes, - psa_key_derivation_operation_t *arg1_operation, - const psa_key_production_parameters_t *arg2_params, - size_t arg3_params_data_length, - mbedtls_svc_key_id_t *arg4_key); -#define psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key) \ - mbedtls_test_wrap_psa_key_derivation_output_key_ext(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity( - psa_key_derivation_operation_t *arg0_operation, - size_t arg1_capacity); -#define psa_key_derivation_set_capacity(arg0_operation, arg1_capacity) \ - mbedtls_test_wrap_psa_key_derivation_set_capacity(arg0_operation, arg1_capacity) - -psa_status_t mbedtls_test_wrap_psa_key_derivation_setup( - psa_key_derivation_operation_t *arg0_operation, - psa_algorithm_t arg1_alg); -#define psa_key_derivation_setup(arg0_operation, arg1_alg) \ - mbedtls_test_wrap_psa_key_derivation_setup(arg0_operation, arg1_alg) - -psa_status_t mbedtls_test_wrap_psa_mac_abort( - psa_mac_operation_t *arg0_operation); -#define psa_mac_abort(arg0_operation) \ - mbedtls_test_wrap_psa_mac_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_mac_compute( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_mac, - size_t arg5_mac_size, - size_t *arg6_mac_length); -#define psa_mac_compute(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length) \ - mbedtls_test_wrap_psa_mac_compute(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length) - -psa_status_t mbedtls_test_wrap_psa_mac_sign_finish( - psa_mac_operation_t *arg0_operation, - uint8_t *arg1_mac, - size_t arg2_mac_size, - size_t *arg3_mac_length); -#define psa_mac_sign_finish(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length) \ - mbedtls_test_wrap_psa_mac_sign_finish(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length) - -psa_status_t mbedtls_test_wrap_psa_mac_sign_setup( - psa_mac_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg); -#define psa_mac_sign_setup(arg0_operation, arg1_key, arg2_alg) \ - mbedtls_test_wrap_psa_mac_sign_setup(arg0_operation, arg1_key, arg2_alg) - -psa_status_t mbedtls_test_wrap_psa_mac_update( - psa_mac_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length); -#define psa_mac_update(arg0_operation, arg1_input, arg2_input_length) \ - mbedtls_test_wrap_psa_mac_update(arg0_operation, arg1_input, arg2_input_length) - -psa_status_t mbedtls_test_wrap_psa_mac_verify( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_mac, - size_t arg5_mac_length); -#define psa_mac_verify(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length) \ - mbedtls_test_wrap_psa_mac_verify(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length) - -psa_status_t mbedtls_test_wrap_psa_mac_verify_finish( - psa_mac_operation_t *arg0_operation, - const uint8_t *arg1_mac, - size_t arg2_mac_length); -#define psa_mac_verify_finish(arg0_operation, arg1_mac, arg2_mac_length) \ - mbedtls_test_wrap_psa_mac_verify_finish(arg0_operation, arg1_mac, arg2_mac_length) - -psa_status_t mbedtls_test_wrap_psa_mac_verify_setup( - psa_mac_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg); -#define psa_mac_verify_setup(arg0_operation, arg1_key, arg2_alg) \ - mbedtls_test_wrap_psa_mac_verify_setup(arg0_operation, arg1_key, arg2_alg) - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_abort( - psa_pake_operation_t *arg0_operation); -#define psa_pake_abort(arg0_operation) \ - mbedtls_test_wrap_psa_pake_abort(arg0_operation) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_get_implicit_key( - psa_pake_operation_t *arg0_operation, - psa_key_derivation_operation_t *arg1_output); -#define psa_pake_get_implicit_key(arg0_operation, arg1_output) \ - mbedtls_test_wrap_psa_pake_get_implicit_key(arg0_operation, arg1_output) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_input( - psa_pake_operation_t *arg0_operation, - psa_pake_step_t arg1_step, - const uint8_t *arg2_input, - size_t arg3_input_length); -#define psa_pake_input(arg0_operation, arg1_step, arg2_input, arg3_input_length) \ - mbedtls_test_wrap_psa_pake_input(arg0_operation, arg1_step, arg2_input, arg3_input_length) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_output( - psa_pake_operation_t *arg0_operation, - psa_pake_step_t arg1_step, - uint8_t *arg2_output, - size_t arg3_output_size, - size_t *arg4_output_length); -#define psa_pake_output(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length) \ - mbedtls_test_wrap_psa_pake_output(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_password_key( - psa_pake_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_password); -#define psa_pake_set_password_key(arg0_operation, arg1_password) \ - mbedtls_test_wrap_psa_pake_set_password_key(arg0_operation, arg1_password) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_peer( - psa_pake_operation_t *arg0_operation, - const uint8_t *arg1_peer_id, - size_t arg2_peer_id_len); -#define psa_pake_set_peer(arg0_operation, arg1_peer_id, arg2_peer_id_len) \ - mbedtls_test_wrap_psa_pake_set_peer(arg0_operation, arg1_peer_id, arg2_peer_id_len) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_role( - psa_pake_operation_t *arg0_operation, - psa_pake_role_t arg1_role); -#define psa_pake_set_role(arg0_operation, arg1_role) \ - mbedtls_test_wrap_psa_pake_set_role(arg0_operation, arg1_role) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_user( - psa_pake_operation_t *arg0_operation, - const uint8_t *arg1_user_id, - size_t arg2_user_id_len); -#define psa_pake_set_user(arg0_operation, arg1_user_id, arg2_user_id_len) \ - mbedtls_test_wrap_psa_pake_set_user(arg0_operation, arg1_user_id, arg2_user_id_len) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_setup( - psa_pake_operation_t *arg0_operation, - const psa_pake_cipher_suite_t *arg1_cipher_suite); -#define psa_pake_setup(arg0_operation, arg1_cipher_suite) \ - mbedtls_test_wrap_psa_pake_setup(arg0_operation, arg1_cipher_suite) -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -psa_status_t mbedtls_test_wrap_psa_purge_key( - mbedtls_svc_key_id_t arg0_key); -#define psa_purge_key(arg0_key) \ - mbedtls_test_wrap_psa_purge_key(arg0_key) - -psa_status_t mbedtls_test_wrap_psa_raw_key_agreement( - psa_algorithm_t arg0_alg, - mbedtls_svc_key_id_t arg1_private_key, - const uint8_t *arg2_peer_key, - size_t arg3_peer_key_length, - uint8_t *arg4_output, - size_t arg5_output_size, - size_t *arg6_output_length); -#define psa_raw_key_agreement(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length) \ - mbedtls_test_wrap_psa_raw_key_agreement(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length) - -psa_status_t mbedtls_test_wrap_psa_sign_hash( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_hash, - size_t arg3_hash_length, - uint8_t *arg4_signature, - size_t arg5_signature_size, - size_t *arg6_signature_length); -#define psa_sign_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length) \ - mbedtls_test_wrap_psa_sign_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length) - -psa_status_t mbedtls_test_wrap_psa_sign_hash_abort( - psa_sign_hash_interruptible_operation_t *arg0_operation); -#define psa_sign_hash_abort(arg0_operation) \ - mbedtls_test_wrap_psa_sign_hash_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_sign_hash_complete( - psa_sign_hash_interruptible_operation_t *arg0_operation, - uint8_t *arg1_signature, - size_t arg2_signature_size, - size_t *arg3_signature_length); -#define psa_sign_hash_complete(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length) \ - mbedtls_test_wrap_psa_sign_hash_complete(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length) - -psa_status_t mbedtls_test_wrap_psa_sign_hash_start( - psa_sign_hash_interruptible_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg, - const uint8_t *arg3_hash, - size_t arg4_hash_length); -#define psa_sign_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length) \ - mbedtls_test_wrap_psa_sign_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length) - -psa_status_t mbedtls_test_wrap_psa_sign_message( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_signature, - size_t arg5_signature_size, - size_t *arg6_signature_length); -#define psa_sign_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length) \ - mbedtls_test_wrap_psa_sign_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length) - -psa_status_t mbedtls_test_wrap_psa_verify_hash( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_hash, - size_t arg3_hash_length, - const uint8_t *arg4_signature, - size_t arg5_signature_length); -#define psa_verify_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length) \ - mbedtls_test_wrap_psa_verify_hash(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length) - -psa_status_t mbedtls_test_wrap_psa_verify_hash_abort( - psa_verify_hash_interruptible_operation_t *arg0_operation); -#define psa_verify_hash_abort(arg0_operation) \ - mbedtls_test_wrap_psa_verify_hash_abort(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_verify_hash_complete( - psa_verify_hash_interruptible_operation_t *arg0_operation); -#define psa_verify_hash_complete(arg0_operation) \ - mbedtls_test_wrap_psa_verify_hash_complete(arg0_operation) - -psa_status_t mbedtls_test_wrap_psa_verify_hash_start( - psa_verify_hash_interruptible_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg, - const uint8_t *arg3_hash, - size_t arg4_hash_length, - const uint8_t *arg5_signature, - size_t arg6_signature_length); -#define psa_verify_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length) \ - mbedtls_test_wrap_psa_verify_hash_start(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length) - -psa_status_t mbedtls_test_wrap_psa_verify_message( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_signature, - size_t arg5_signature_length); -#define psa_verify_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length) \ - mbedtls_test_wrap_psa_verify_message(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length) - -#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ - !defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ - -#ifdef __cplusplus -} -#endif - -#endif /* TEST_PSA_TEST_WRAPPERS_H */ - -/* End of automatically generated file. */ diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 4352480ea2..0b8b0b77f7 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -126,6 +126,7 @@ check framework/scripts/generate_bignum_tests.py $(framework/scripts/generate_bi check framework/scripts/generate_config_tests.py $(framework/scripts/generate_config_tests.py --list) check framework/scripts/generate_ecp_tests.py $(framework/scripts/generate_ecp_tests.py --list) check framework/scripts/generate_psa_tests.py $(framework/scripts/generate_psa_tests.py --list) +check framework/scripts/generate_psa_wrappers.py tests/include/test/psa_test_wrappers.h tests/src/psa_test_wrappers.c check framework/scripts/generate_test_keys.py tests/include/test/test_keys.h check scripts/generate_driver_wrappers.py $library_dir/psa_crypto_driver_wrappers.h $library_dir/psa_crypto_driver_wrappers_no_static.c @@ -135,7 +136,7 @@ if in_mbedtls_repo; then check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c check framework/scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c - check framework/scripts/generate_tls_handshake_tests.py tests/opt-testcases/handshake-generated.sh + check scripts/generate_tls_handshake_tests.py tests/opt-testcases/handshake-generated.sh check framework/scripts/generate_tls13_compat_tests.py tests/opt-testcases/tls13-compat.sh check framework/scripts/generate_test_cert_macros.py tests/include/test/test_certs.h # generate_visualc_files enumerates source files (library/*.c). It doesn't @@ -143,8 +144,3 @@ if in_mbedtls_repo; then # the step that creates or updates these files. check scripts/generate_visualc_files.pl visualc/VS2017 fi - -# Generated files that are present in the repository even in the development -# branch. (This is intended to be temporary, until the generator scripts are -# fully reviewed and the build scripts support a generated header file.) -check framework/scripts/generate_psa_wrappers.py tests/include/test/psa_test_wrappers.h tests/src/psa_test_wrappers.c diff --git a/tests/scripts/components-compiler.sh b/tests/scripts/components-compiler.sh index 1eac64f54d..b764247380 100644 --- a/tests/scripts/components-compiler.sh +++ b/tests/scripts/components-compiler.sh @@ -172,3 +172,45 @@ component_test_zeroize () { done done } + +# This originated from an issue (https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/665) found +# in GCM when the library is built with GCC "10.0 <= version <= 14.2" on platforms other than +# x86 and ARM64. +component_test_tf_psa_crypto_optimized_alignment() { + msg "build: verify alignment with O3 optimizations in GCC" + + # Disable optimizations for x86 (and ARM64) so that alignment related problems in + # "alignment.h" can be tested also on standard PC. + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_AESCE_C + + # "-O3" is the optimization level that causes issues: the compiler tries to + # optimize operations order and if memory dependencies are not respected + # (as it happens in issue tf-psa-crypto#665) this completely messes up results. + EXTRA_C_FLAGS="-O3" + # Forcedly ignore "MBEDTLS_EFFICIENT_UNALIGNED_ACCESS" on x86 so that we + # can test the problematic case, i.e. the case where uint64 integers are + # accessed through "mbedtls_uint64_unaligned_t" structs. + EXTRA_C_FLAGS="$EXTRA_C_FLAGS -DMBEDTLS_ALIGNMENT_DISABLE_EFFICENT_UNALIGNED_ACCESS" + # Adding '-g3' flag doesn't affect testing, BUT it allows to dump the generated + # assembly code for "gcm.o" module for inspection. To do this use the + # following command: + # > objdump -S --disassemble out_of_source_build/drivers/builtin/CMakeFiles/builtin.dir/src/gcm.c.o > gcm.s + # A file named "gcm.s" will be generated containing a mix of C and corresponding + # assembly code. + EXTRA_C_FLAGS="$EXTRA_C_FLAGS -g3" + + make CC=gcc CFLAGS="$EXTRA_C_FLAGS" + + msg "test: verify alignment with O3 optimizations in GCC" + make test +} + +support_test_tf_psa_crypto_optimized_alignment() { + case $(gcc -dumpfullversion 2>/dev/null) in + ""|?.*) false;; # too old + 10.*|11.*|12.*|13.*) true;; + 14.[012].*) true;; + *) false;; # too recent + esac +} diff --git a/tests/src/psa_test_wrappers.c b/tests/src/psa_test_wrappers.c deleted file mode 100644 index eceb40bc70..0000000000 --- a/tests/src/psa_test_wrappers.c +++ /dev/null @@ -1,1389 +0,0 @@ -/* Automatically generated by generate_psa_wrappers.py, do not edit! */ - -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -#include - -#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ - !defined(RECORD_PSA_STATUS_COVERAGE_LOG) - -#include -#include -#include -#include - -/* Wrapper for mbedtls_psa_inject_entropy */ -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) -psa_status_t mbedtls_test_wrap_mbedtls_psa_inject_entropy( - const uint8_t *arg0_seed, - size_t arg1_seed_size) -{ - psa_status_t status = (mbedtls_psa_inject_entropy)(arg0_seed, arg1_seed_size); - return status; -} -#endif /* defined(MBEDTLS_PSA_INJECT_ENTROPY) */ - -/* Wrapper for mbedtls_psa_platform_get_builtin_key */ -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) -psa_status_t mbedtls_test_wrap_mbedtls_psa_platform_get_builtin_key( - mbedtls_svc_key_id_t arg0_key_id, - psa_key_lifetime_t *arg1_lifetime, - psa_drv_slot_number_t *arg2_slot_number) -{ - psa_status_t status = (mbedtls_psa_platform_get_builtin_key)(arg0_key_id, arg1_lifetime, arg2_slot_number); - return status; -} -#endif /* defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) */ - -/* Wrapper for mbedtls_psa_register_se_key */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) -psa_status_t mbedtls_test_wrap_mbedtls_psa_register_se_key( - const psa_key_attributes_t *arg0_attributes) -{ - psa_status_t status = (mbedtls_psa_register_se_key)(arg0_attributes); - return status; -} -#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */ - -/* Wrapper for psa_aead_abort */ -psa_status_t mbedtls_test_wrap_psa_aead_abort( - psa_aead_operation_t *arg0_operation) -{ - psa_status_t status = (psa_aead_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_aead_decrypt */ -psa_status_t mbedtls_test_wrap_psa_aead_decrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_nonce, - size_t arg3_nonce_length, - const uint8_t *arg4_additional_data, - size_t arg5_additional_data_length, - const uint8_t *arg6_ciphertext, - size_t arg7_ciphertext_length, - uint8_t *arg8_plaintext, - size_t arg9_plaintext_size, - size_t *arg10_plaintext_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length); - MBEDTLS_TEST_MEMORY_POISON(arg6_ciphertext, arg7_ciphertext_length); - MBEDTLS_TEST_MEMORY_POISON(arg8_plaintext, arg9_plaintext_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_decrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_ciphertext, arg7_ciphertext_length, arg8_plaintext, arg9_plaintext_size, arg10_plaintext_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg6_ciphertext, arg7_ciphertext_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg8_plaintext, arg9_plaintext_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_decrypt_setup */ -psa_status_t mbedtls_test_wrap_psa_aead_decrypt_setup( - psa_aead_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg) -{ - psa_status_t status = (psa_aead_decrypt_setup)(arg0_operation, arg1_key, arg2_alg); - return status; -} - -/* Wrapper for psa_aead_encrypt */ -psa_status_t mbedtls_test_wrap_psa_aead_encrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_nonce, - size_t arg3_nonce_length, - const uint8_t *arg4_additional_data, - size_t arg5_additional_data_length, - const uint8_t *arg6_plaintext, - size_t arg7_plaintext_length, - uint8_t *arg8_ciphertext, - size_t arg9_ciphertext_size, - size_t *arg10_ciphertext_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_nonce, arg3_nonce_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_additional_data, arg5_additional_data_length); - MBEDTLS_TEST_MEMORY_POISON(arg6_plaintext, arg7_plaintext_length); - MBEDTLS_TEST_MEMORY_POISON(arg8_ciphertext, arg9_ciphertext_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_encrypt)(arg0_key, arg1_alg, arg2_nonce, arg3_nonce_length, arg4_additional_data, arg5_additional_data_length, arg6_plaintext, arg7_plaintext_length, arg8_ciphertext, arg9_ciphertext_size, arg10_ciphertext_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_nonce, arg3_nonce_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_additional_data, arg5_additional_data_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg6_plaintext, arg7_plaintext_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg8_ciphertext, arg9_ciphertext_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_encrypt_setup */ -psa_status_t mbedtls_test_wrap_psa_aead_encrypt_setup( - psa_aead_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg) -{ - psa_status_t status = (psa_aead_encrypt_setup)(arg0_operation, arg1_key, arg2_alg); - return status; -} - -/* Wrapper for psa_aead_finish */ -psa_status_t mbedtls_test_wrap_psa_aead_finish( - psa_aead_operation_t *arg0_operation, - uint8_t *arg1_ciphertext, - size_t arg2_ciphertext_size, - size_t *arg3_ciphertext_length, - uint8_t *arg4_tag, - size_t arg5_tag_size, - size_t *arg6_tag_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_ciphertext, arg2_ciphertext_size); - MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_finish)(arg0_operation, arg1_ciphertext, arg2_ciphertext_size, arg3_ciphertext_length, arg4_tag, arg5_tag_size, arg6_tag_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_ciphertext, arg2_ciphertext_size); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_generate_nonce */ -psa_status_t mbedtls_test_wrap_psa_aead_generate_nonce( - psa_aead_operation_t *arg0_operation, - uint8_t *arg1_nonce, - size_t arg2_nonce_size, - size_t *arg3_nonce_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_generate_nonce)(arg0_operation, arg1_nonce, arg2_nonce_size, arg3_nonce_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_set_lengths */ -psa_status_t mbedtls_test_wrap_psa_aead_set_lengths( - psa_aead_operation_t *arg0_operation, - size_t arg1_ad_length, - size_t arg2_plaintext_length) -{ - psa_status_t status = (psa_aead_set_lengths)(arg0_operation, arg1_ad_length, arg2_plaintext_length); - return status; -} - -/* Wrapper for psa_aead_set_nonce */ -psa_status_t mbedtls_test_wrap_psa_aead_set_nonce( - psa_aead_operation_t *arg0_operation, - const uint8_t *arg1_nonce, - size_t arg2_nonce_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_nonce, arg2_nonce_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_set_nonce)(arg0_operation, arg1_nonce, arg2_nonce_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_nonce, arg2_nonce_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_update */ -psa_status_t mbedtls_test_wrap_psa_aead_update( - psa_aead_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length, - uint8_t *arg3_output, - size_t arg4_output_size, - size_t *arg5_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_update_ad */ -psa_status_t mbedtls_test_wrap_psa_aead_update_ad( - psa_aead_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_update_ad)(arg0_operation, arg1_input, arg2_input_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_aead_verify */ -psa_status_t mbedtls_test_wrap_psa_aead_verify( - psa_aead_operation_t *arg0_operation, - uint8_t *arg1_plaintext, - size_t arg2_plaintext_size, - size_t *arg3_plaintext_length, - const uint8_t *arg4_tag, - size_t arg5_tag_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_plaintext, arg2_plaintext_size); - MBEDTLS_TEST_MEMORY_POISON(arg4_tag, arg5_tag_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_aead_verify)(arg0_operation, arg1_plaintext, arg2_plaintext_size, arg3_plaintext_length, arg4_tag, arg5_tag_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_plaintext, arg2_plaintext_size); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_tag, arg5_tag_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_asymmetric_decrypt */ -psa_status_t mbedtls_test_wrap_psa_asymmetric_decrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_salt, - size_t arg5_salt_length, - uint8_t *arg6_output, - size_t arg7_output_size, - size_t *arg8_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length); - MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_asymmetric_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_asymmetric_encrypt */ -psa_status_t mbedtls_test_wrap_psa_asymmetric_encrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_salt, - size_t arg5_salt_length, - uint8_t *arg6_output, - size_t arg7_output_size, - size_t *arg8_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_salt, arg5_salt_length); - MBEDTLS_TEST_MEMORY_POISON(arg6_output, arg7_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_asymmetric_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_salt, arg5_salt_length, arg6_output, arg7_output_size, arg8_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_salt, arg5_salt_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg6_output, arg7_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_cipher_abort */ -psa_status_t mbedtls_test_wrap_psa_cipher_abort( - psa_cipher_operation_t *arg0_operation) -{ - psa_status_t status = (psa_cipher_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_cipher_decrypt */ -psa_status_t mbedtls_test_wrap_psa_cipher_decrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_output, - size_t arg5_output_size, - size_t *arg6_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_cipher_decrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_cipher_decrypt_setup */ -psa_status_t mbedtls_test_wrap_psa_cipher_decrypt_setup( - psa_cipher_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg) -{ - psa_status_t status = (psa_cipher_decrypt_setup)(arg0_operation, arg1_key, arg2_alg); - return status; -} - -/* Wrapper for psa_cipher_encrypt */ -psa_status_t mbedtls_test_wrap_psa_cipher_encrypt( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_output, - size_t arg5_output_size, - size_t *arg6_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_cipher_encrypt)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_output, arg5_output_size, arg6_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_cipher_encrypt_setup */ -psa_status_t mbedtls_test_wrap_psa_cipher_encrypt_setup( - psa_cipher_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg) -{ - psa_status_t status = (psa_cipher_encrypt_setup)(arg0_operation, arg1_key, arg2_alg); - return status; -} - -/* Wrapper for psa_cipher_finish */ -psa_status_t mbedtls_test_wrap_psa_cipher_finish( - psa_cipher_operation_t *arg0_operation, - uint8_t *arg1_output, - size_t arg2_output_size, - size_t *arg3_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_cipher_finish)(arg0_operation, arg1_output, arg2_output_size, arg3_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_cipher_generate_iv */ -psa_status_t mbedtls_test_wrap_psa_cipher_generate_iv( - psa_cipher_operation_t *arg0_operation, - uint8_t *arg1_iv, - size_t arg2_iv_size, - size_t *arg3_iv_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_cipher_generate_iv)(arg0_operation, arg1_iv, arg2_iv_size, arg3_iv_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_cipher_set_iv */ -psa_status_t mbedtls_test_wrap_psa_cipher_set_iv( - psa_cipher_operation_t *arg0_operation, - const uint8_t *arg1_iv, - size_t arg2_iv_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_iv, arg2_iv_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_cipher_set_iv)(arg0_operation, arg1_iv, arg2_iv_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_iv, arg2_iv_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_cipher_update */ -psa_status_t mbedtls_test_wrap_psa_cipher_update( - psa_cipher_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length, - uint8_t *arg3_output, - size_t arg4_output_size, - size_t *arg5_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg3_output, arg4_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_cipher_update)(arg0_operation, arg1_input, arg2_input_length, arg3_output, arg4_output_size, arg5_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_output, arg4_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_copy_key */ -psa_status_t mbedtls_test_wrap_psa_copy_key( - mbedtls_svc_key_id_t arg0_source_key, - const psa_key_attributes_t *arg1_attributes, - mbedtls_svc_key_id_t *arg2_target_key) -{ - psa_status_t status = (psa_copy_key)(arg0_source_key, arg1_attributes, arg2_target_key); - return status; -} - -/* Wrapper for psa_crypto_driver_pake_get_cipher_suite */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_cipher_suite( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - psa_pake_cipher_suite_t *arg1_cipher_suite) -{ - psa_status_t status = (psa_crypto_driver_pake_get_cipher_suite)(arg0_inputs, arg1_cipher_suite); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_driver_pake_get_password */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - uint8_t *arg1_buffer, - size_t arg2_buffer_size, - size_t *arg3_buffer_length) -{ - psa_status_t status = (psa_crypto_driver_pake_get_password)(arg0_inputs, arg1_buffer, arg2_buffer_size, arg3_buffer_length); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_driver_pake_get_password_len */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_password_len( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - size_t *arg1_password_len) -{ - psa_status_t status = (psa_crypto_driver_pake_get_password_len)(arg0_inputs, arg1_password_len); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_driver_pake_get_peer */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - uint8_t *arg1_peer_id, - size_t arg2_peer_id_size, - size_t *arg3_peer_id_length) -{ - psa_status_t status = (psa_crypto_driver_pake_get_peer)(arg0_inputs, arg1_peer_id, arg2_peer_id_size, arg3_peer_id_length); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_driver_pake_get_peer_len */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_peer_len( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - size_t *arg1_peer_len) -{ - psa_status_t status = (psa_crypto_driver_pake_get_peer_len)(arg0_inputs, arg1_peer_len); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_driver_pake_get_user */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - uint8_t *arg1_user_id, - size_t arg2_user_id_size, - size_t *arg3_user_id_len) -{ - psa_status_t status = (psa_crypto_driver_pake_get_user)(arg0_inputs, arg1_user_id, arg2_user_id_size, arg3_user_id_len); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_driver_pake_get_user_len */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_crypto_driver_pake_get_user_len( - const psa_crypto_driver_pake_inputs_t *arg0_inputs, - size_t *arg1_user_len) -{ - psa_status_t status = (psa_crypto_driver_pake_get_user_len)(arg0_inputs, arg1_user_len); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_crypto_init */ -psa_status_t mbedtls_test_wrap_psa_crypto_init(void) -{ - psa_status_t status = (psa_crypto_init)(); - return status; -} - -/* Wrapper for psa_destroy_key */ -psa_status_t mbedtls_test_wrap_psa_destroy_key( - mbedtls_svc_key_id_t arg0_key) -{ - psa_status_t status = (psa_destroy_key)(arg0_key); - return status; -} - -/* Wrapper for psa_export_key */ -psa_status_t mbedtls_test_wrap_psa_export_key( - mbedtls_svc_key_id_t arg0_key, - uint8_t *arg1_data, - size_t arg2_data_size, - size_t *arg3_data_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_export_key)(arg0_key, arg1_data, arg2_data_size, arg3_data_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_export_public_key */ -psa_status_t mbedtls_test_wrap_psa_export_public_key( - mbedtls_svc_key_id_t arg0_key, - uint8_t *arg1_data, - size_t arg2_data_size, - size_t *arg3_data_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_export_public_key)(arg0_key, arg1_data, arg2_data_size, arg3_data_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_generate_key */ -psa_status_t mbedtls_test_wrap_psa_generate_key( - const psa_key_attributes_t *arg0_attributes, - mbedtls_svc_key_id_t *arg1_key) -{ - psa_status_t status = (psa_generate_key)(arg0_attributes, arg1_key); - return status; -} - -/* Wrapper for psa_generate_key_custom */ -psa_status_t mbedtls_test_wrap_psa_generate_key_custom( - const psa_key_attributes_t *arg0_attributes, - const psa_custom_key_parameters_t *arg1_custom, - const uint8_t *arg2_custom_data, - size_t arg3_custom_data_length, - mbedtls_svc_key_id_t *arg4_key) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_custom_data, arg3_custom_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_generate_key_custom)(arg0_attributes, arg1_custom, arg2_custom_data, arg3_custom_data_length, arg4_key); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_custom_data, arg3_custom_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_generate_key_ext */ -psa_status_t mbedtls_test_wrap_psa_generate_key_ext( - const psa_key_attributes_t *arg0_attributes, - const psa_key_production_parameters_t *arg1_params, - size_t arg2_params_data_length, - mbedtls_svc_key_id_t *arg3_key) -{ - psa_status_t status = (psa_generate_key_ext)(arg0_attributes, arg1_params, arg2_params_data_length, arg3_key); - return status; -} - -/* Wrapper for psa_generate_random */ -psa_status_t mbedtls_test_wrap_psa_generate_random( - uint8_t *arg0_output, - size_t arg1_output_size) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg0_output, arg1_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_generate_random)(arg0_output, arg1_output_size); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg0_output, arg1_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_get_key_attributes */ -psa_status_t mbedtls_test_wrap_psa_get_key_attributes( - mbedtls_svc_key_id_t arg0_key, - psa_key_attributes_t *arg1_attributes) -{ - psa_status_t status = (psa_get_key_attributes)(arg0_key, arg1_attributes); - return status; -} - -/* Wrapper for psa_hash_abort */ -psa_status_t mbedtls_test_wrap_psa_hash_abort( - psa_hash_operation_t *arg0_operation) -{ - psa_status_t status = (psa_hash_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_hash_clone */ -psa_status_t mbedtls_test_wrap_psa_hash_clone( - const psa_hash_operation_t *arg0_source_operation, - psa_hash_operation_t *arg1_target_operation) -{ - psa_status_t status = (psa_hash_clone)(arg0_source_operation, arg1_target_operation); - return status; -} - -/* Wrapper for psa_hash_compare */ -psa_status_t mbedtls_test_wrap_psa_hash_compare( - psa_algorithm_t arg0_alg, - const uint8_t *arg1_input, - size_t arg2_input_length, - const uint8_t *arg3_hash, - size_t arg4_hash_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_hash_compare)(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_hash_compute */ -psa_status_t mbedtls_test_wrap_psa_hash_compute( - psa_algorithm_t arg0_alg, - const uint8_t *arg1_input, - size_t arg2_input_length, - uint8_t *arg3_hash, - size_t arg4_hash_size, - size_t *arg5_hash_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_hash_compute)(arg0_alg, arg1_input, arg2_input_length, arg3_hash, arg4_hash_size, arg5_hash_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_hash_finish */ -psa_status_t mbedtls_test_wrap_psa_hash_finish( - psa_hash_operation_t *arg0_operation, - uint8_t *arg1_hash, - size_t arg2_hash_size, - size_t *arg3_hash_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_hash, arg2_hash_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_hash_finish)(arg0_operation, arg1_hash, arg2_hash_size, arg3_hash_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_hash, arg2_hash_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_hash_setup */ -psa_status_t mbedtls_test_wrap_psa_hash_setup( - psa_hash_operation_t *arg0_operation, - psa_algorithm_t arg1_alg) -{ - psa_status_t status = (psa_hash_setup)(arg0_operation, arg1_alg); - return status; -} - -/* Wrapper for psa_hash_update */ -psa_status_t mbedtls_test_wrap_psa_hash_update( - psa_hash_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_hash_update)(arg0_operation, arg1_input, arg2_input_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_hash_verify */ -psa_status_t mbedtls_test_wrap_psa_hash_verify( - psa_hash_operation_t *arg0_operation, - const uint8_t *arg1_hash, - size_t arg2_hash_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_hash, arg2_hash_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_hash_verify)(arg0_operation, arg1_hash, arg2_hash_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_hash, arg2_hash_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_import_key */ -psa_status_t mbedtls_test_wrap_psa_import_key( - const psa_key_attributes_t *arg0_attributes, - const uint8_t *arg1_data, - size_t arg2_data_length, - mbedtls_svc_key_id_t *arg3_key) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_data, arg2_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_import_key)(arg0_attributes, arg1_data, arg2_data_length, arg3_key); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_data, arg2_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_key_derivation_abort */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_abort( - psa_key_derivation_operation_t *arg0_operation) -{ - psa_status_t status = (psa_key_derivation_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_key_derivation_get_capacity */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_get_capacity( - const psa_key_derivation_operation_t *arg0_operation, - size_t *arg1_capacity) -{ - psa_status_t status = (psa_key_derivation_get_capacity)(arg0_operation, arg1_capacity); - return status; -} - -/* Wrapper for psa_key_derivation_input_bytes */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_input_bytes( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - const uint8_t *arg2_data, - size_t arg3_data_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_data, arg3_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_key_derivation_input_bytes)(arg0_operation, arg1_step, arg2_data, arg3_data_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_data, arg3_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_key_derivation_input_integer */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_input_integer( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - uint64_t arg2_value) -{ - psa_status_t status = (psa_key_derivation_input_integer)(arg0_operation, arg1_step, arg2_value); - return status; -} - -/* Wrapper for psa_key_derivation_input_key */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_input_key( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - mbedtls_svc_key_id_t arg2_key) -{ - psa_status_t status = (psa_key_derivation_input_key)(arg0_operation, arg1_step, arg2_key); - return status; -} - -/* Wrapper for psa_key_derivation_key_agreement */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_key_agreement( - psa_key_derivation_operation_t *arg0_operation, - psa_key_derivation_step_t arg1_step, - mbedtls_svc_key_id_t arg2_private_key, - const uint8_t *arg3_peer_key, - size_t arg4_peer_key_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg3_peer_key, arg4_peer_key_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_key_derivation_key_agreement)(arg0_operation, arg1_step, arg2_private_key, arg3_peer_key, arg4_peer_key_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_peer_key, arg4_peer_key_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_key_derivation_output_bytes */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_bytes( - psa_key_derivation_operation_t *arg0_operation, - uint8_t *arg1_output, - size_t arg2_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_output, arg2_output_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_key_derivation_output_bytes)(arg0_operation, arg1_output, arg2_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_output, arg2_output_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_key_derivation_output_key */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key( - const psa_key_attributes_t *arg0_attributes, - psa_key_derivation_operation_t *arg1_operation, - mbedtls_svc_key_id_t *arg2_key) -{ - psa_status_t status = (psa_key_derivation_output_key)(arg0_attributes, arg1_operation, arg2_key); - return status; -} - -/* Wrapper for psa_key_derivation_output_key_custom */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_custom( - const psa_key_attributes_t *arg0_attributes, - psa_key_derivation_operation_t *arg1_operation, - const psa_custom_key_parameters_t *arg2_custom, - const uint8_t *arg3_custom_data, - size_t arg4_custom_data_length, - mbedtls_svc_key_id_t *arg5_key) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg3_custom_data, arg4_custom_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_key_derivation_output_key_custom)(arg0_attributes, arg1_operation, arg2_custom, arg3_custom_data, arg4_custom_data_length, arg5_key); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_custom_data, arg4_custom_data_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_key_derivation_output_key_ext */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_output_key_ext( - const psa_key_attributes_t *arg0_attributes, - psa_key_derivation_operation_t *arg1_operation, - const psa_key_production_parameters_t *arg2_params, - size_t arg3_params_data_length, - mbedtls_svc_key_id_t *arg4_key) -{ - psa_status_t status = (psa_key_derivation_output_key_ext)(arg0_attributes, arg1_operation, arg2_params, arg3_params_data_length, arg4_key); - return status; -} - -/* Wrapper for psa_key_derivation_set_capacity */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_set_capacity( - psa_key_derivation_operation_t *arg0_operation, - size_t arg1_capacity) -{ - psa_status_t status = (psa_key_derivation_set_capacity)(arg0_operation, arg1_capacity); - return status; -} - -/* Wrapper for psa_key_derivation_setup */ -psa_status_t mbedtls_test_wrap_psa_key_derivation_setup( - psa_key_derivation_operation_t *arg0_operation, - psa_algorithm_t arg1_alg) -{ - psa_status_t status = (psa_key_derivation_setup)(arg0_operation, arg1_alg); - return status; -} - -/* Wrapper for psa_mac_abort */ -psa_status_t mbedtls_test_wrap_psa_mac_abort( - psa_mac_operation_t *arg0_operation) -{ - psa_status_t status = (psa_mac_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_mac_compute */ -psa_status_t mbedtls_test_wrap_psa_mac_compute( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_mac, - size_t arg5_mac_size, - size_t *arg6_mac_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_mac_compute)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_size, arg6_mac_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_mac_sign_finish */ -psa_status_t mbedtls_test_wrap_psa_mac_sign_finish( - psa_mac_operation_t *arg0_operation, - uint8_t *arg1_mac, - size_t arg2_mac_size, - size_t *arg3_mac_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_mac_sign_finish)(arg0_operation, arg1_mac, arg2_mac_size, arg3_mac_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_mac_sign_setup */ -psa_status_t mbedtls_test_wrap_psa_mac_sign_setup( - psa_mac_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg) -{ - psa_status_t status = (psa_mac_sign_setup)(arg0_operation, arg1_key, arg2_alg); - return status; -} - -/* Wrapper for psa_mac_update */ -psa_status_t mbedtls_test_wrap_psa_mac_update( - psa_mac_operation_t *arg0_operation, - const uint8_t *arg1_input, - size_t arg2_input_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_input, arg2_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_mac_update)(arg0_operation, arg1_input, arg2_input_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_input, arg2_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_mac_verify */ -psa_status_t mbedtls_test_wrap_psa_mac_verify( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_mac, - size_t arg5_mac_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_mac, arg5_mac_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_mac_verify)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_mac, arg5_mac_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_mac, arg5_mac_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_mac_verify_finish */ -psa_status_t mbedtls_test_wrap_psa_mac_verify_finish( - psa_mac_operation_t *arg0_operation, - const uint8_t *arg1_mac, - size_t arg2_mac_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_mac, arg2_mac_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_mac_verify_finish)(arg0_operation, arg1_mac, arg2_mac_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_mac, arg2_mac_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_mac_verify_setup */ -psa_status_t mbedtls_test_wrap_psa_mac_verify_setup( - psa_mac_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg) -{ - psa_status_t status = (psa_mac_verify_setup)(arg0_operation, arg1_key, arg2_alg); - return status; -} - -/* Wrapper for psa_pake_abort */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_abort( - psa_pake_operation_t *arg0_operation) -{ - psa_status_t status = (psa_pake_abort)(arg0_operation); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_get_implicit_key */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_get_implicit_key( - psa_pake_operation_t *arg0_operation, - psa_key_derivation_operation_t *arg1_output) -{ - psa_status_t status = (psa_pake_get_implicit_key)(arg0_operation, arg1_output); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_input */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_input( - psa_pake_operation_t *arg0_operation, - psa_pake_step_t arg1_step, - const uint8_t *arg2_input, - size_t arg3_input_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_pake_input)(arg0_operation, arg1_step, arg2_input, arg3_input_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_output */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_output( - psa_pake_operation_t *arg0_operation, - psa_pake_step_t arg1_step, - uint8_t *arg2_output, - size_t arg3_output_size, - size_t *arg4_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_output, arg3_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_pake_output)(arg0_operation, arg1_step, arg2_output, arg3_output_size, arg4_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_output, arg3_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_set_password_key */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_password_key( - psa_pake_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_password) -{ - psa_status_t status = (psa_pake_set_password_key)(arg0_operation, arg1_password); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_set_peer */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_peer( - psa_pake_operation_t *arg0_operation, - const uint8_t *arg1_peer_id, - size_t arg2_peer_id_len) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_peer_id, arg2_peer_id_len); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_pake_set_peer)(arg0_operation, arg1_peer_id, arg2_peer_id_len); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_peer_id, arg2_peer_id_len); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_set_role */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_role( - psa_pake_operation_t *arg0_operation, - psa_pake_role_t arg1_role) -{ - psa_status_t status = (psa_pake_set_role)(arg0_operation, arg1_role); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_set_user */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_set_user( - psa_pake_operation_t *arg0_operation, - const uint8_t *arg1_user_id, - size_t arg2_user_id_len) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_user_id, arg2_user_id_len); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_pake_set_user)(arg0_operation, arg1_user_id, arg2_user_id_len); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_user_id, arg2_user_id_len); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_pake_setup */ -#if defined(PSA_WANT_ALG_SOME_PAKE) -psa_status_t mbedtls_test_wrap_psa_pake_setup( - psa_pake_operation_t *arg0_operation, - const psa_pake_cipher_suite_t *arg1_cipher_suite) -{ - psa_status_t status = (psa_pake_setup)(arg0_operation, arg1_cipher_suite); - return status; -} -#endif /* defined(PSA_WANT_ALG_SOME_PAKE) */ - -/* Wrapper for psa_purge_key */ -psa_status_t mbedtls_test_wrap_psa_purge_key( - mbedtls_svc_key_id_t arg0_key) -{ - psa_status_t status = (psa_purge_key)(arg0_key); - return status; -} - -/* Wrapper for psa_raw_key_agreement */ -psa_status_t mbedtls_test_wrap_psa_raw_key_agreement( - psa_algorithm_t arg0_alg, - mbedtls_svc_key_id_t arg1_private_key, - const uint8_t *arg2_peer_key, - size_t arg3_peer_key_length, - uint8_t *arg4_output, - size_t arg5_output_size, - size_t *arg6_output_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_peer_key, arg3_peer_key_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_output, arg5_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_raw_key_agreement)(arg0_alg, arg1_private_key, arg2_peer_key, arg3_peer_key_length, arg4_output, arg5_output_size, arg6_output_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_peer_key, arg3_peer_key_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_output, arg5_output_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_sign_hash */ -psa_status_t mbedtls_test_wrap_psa_sign_hash( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_hash, - size_t arg3_hash_length, - uint8_t *arg4_signature, - size_t arg5_signature_size, - size_t *arg6_signature_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_hash, arg3_hash_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_sign_hash)(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_size, arg6_signature_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_hash, arg3_hash_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_sign_hash_abort */ -psa_status_t mbedtls_test_wrap_psa_sign_hash_abort( - psa_sign_hash_interruptible_operation_t *arg0_operation) -{ - psa_status_t status = (psa_sign_hash_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_sign_hash_complete */ -psa_status_t mbedtls_test_wrap_psa_sign_hash_complete( - psa_sign_hash_interruptible_operation_t *arg0_operation, - uint8_t *arg1_signature, - size_t arg2_signature_size, - size_t *arg3_signature_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg1_signature, arg2_signature_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_sign_hash_complete)(arg0_operation, arg1_signature, arg2_signature_size, arg3_signature_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg1_signature, arg2_signature_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_sign_hash_start */ -psa_status_t mbedtls_test_wrap_psa_sign_hash_start( - psa_sign_hash_interruptible_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg, - const uint8_t *arg3_hash, - size_t arg4_hash_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_sign_hash_start)(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_sign_message */ -psa_status_t mbedtls_test_wrap_psa_sign_message( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - uint8_t *arg4_signature, - size_t arg5_signature_size, - size_t *arg6_signature_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_sign_message)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_size, arg6_signature_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_size); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_verify_hash */ -psa_status_t mbedtls_test_wrap_psa_verify_hash( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_hash, - size_t arg3_hash_length, - const uint8_t *arg4_signature, - size_t arg5_signature_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_hash, arg3_hash_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_verify_hash)(arg0_key, arg1_alg, arg2_hash, arg3_hash_length, arg4_signature, arg5_signature_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_hash, arg3_hash_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_verify_hash_abort */ -psa_status_t mbedtls_test_wrap_psa_verify_hash_abort( - psa_verify_hash_interruptible_operation_t *arg0_operation) -{ - psa_status_t status = (psa_verify_hash_abort)(arg0_operation); - return status; -} - -/* Wrapper for psa_verify_hash_complete */ -psa_status_t mbedtls_test_wrap_psa_verify_hash_complete( - psa_verify_hash_interruptible_operation_t *arg0_operation) -{ - psa_status_t status = (psa_verify_hash_complete)(arg0_operation); - return status; -} - -/* Wrapper for psa_verify_hash_start */ -psa_status_t mbedtls_test_wrap_psa_verify_hash_start( - psa_verify_hash_interruptible_operation_t *arg0_operation, - mbedtls_svc_key_id_t arg1_key, - psa_algorithm_t arg2_alg, - const uint8_t *arg3_hash, - size_t arg4_hash_length, - const uint8_t *arg5_signature, - size_t arg6_signature_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg3_hash, arg4_hash_length); - MBEDTLS_TEST_MEMORY_POISON(arg5_signature, arg6_signature_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_verify_hash_start)(arg0_operation, arg1_key, arg2_alg, arg3_hash, arg4_hash_length, arg5_signature, arg6_signature_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg3_hash, arg4_hash_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg5_signature, arg6_signature_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -/* Wrapper for psa_verify_message */ -psa_status_t mbedtls_test_wrap_psa_verify_message( - mbedtls_svc_key_id_t arg0_key, - psa_algorithm_t arg1_alg, - const uint8_t *arg2_input, - size_t arg3_input_length, - const uint8_t *arg4_signature, - size_t arg5_signature_length) -{ -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_POISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_POISON(arg4_signature, arg5_signature_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - psa_status_t status = (psa_verify_message)(arg0_key, arg1_alg, arg2_input, arg3_input_length, arg4_signature, arg5_signature_length); -#if !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) - MBEDTLS_TEST_MEMORY_UNPOISON(arg2_input, arg3_input_length); - MBEDTLS_TEST_MEMORY_UNPOISON(arg4_signature, arg5_signature_length); -#endif /* !defined(MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS) */ - return status; -} - -#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_TEST_HOOKS) && \ - !defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ - -/* End of automatically generated file. */ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ad87605d4e..c129db0946 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -10925,6 +10925,7 @@ run_test "DTLS reassembly: some fragmentation (gnutls server)" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -C "error" requires_gnutls @@ -10934,6 +10935,8 @@ run_test "DTLS reassembly: more fragmentation (gnutls server)" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ + -c "ServerKeyExchange handshake message has been buffered and reassembled" \ -C "error" requires_gnutls @@ -10943,6 +10946,8 @@ run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ "$P_CLI dtls=1 nbio=2 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ + -c "ServerKeyExchange handshake message has been buffered and reassembled" \ -C "error" requires_gnutls @@ -10953,6 +10958,7 @@ run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -c "client hello, adding renegotiation extension" \ -c "found renegotiation extension" \ -c "=> renegotiate" \ @@ -10968,6 +10974,7 @@ run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -c "client hello, adding renegotiation extension" \ -c "found renegotiation extension" \ -c "=> renegotiate" \ @@ -10983,20 +10990,17 @@ run_test "DTLS reassembly: no fragmentation (openssl server)" \ -C "found fragmented DTLS handshake message" \ -C "error" +# Minimum possible MTU for OpenSSL server: 256 bytes. +# We expect the server Certificate handshake to be fragmented and verify that +# this is the case. Depending on the configuration, other handshake messages may +# also be fragmented. requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "DTLS reassembly: some fragmentation (openssl server)" \ - "$O_SRV -dtls -mtu 256" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "DTLS reassembly: more fragmentation (openssl server)" \ +run_test "DTLS reassembly: fragmentation (openssl server)" \ "$O_SRV -dtls -mtu 256" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -C "error" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -11005,6 +11009,7 @@ run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ "$P_CLI dtls=1 nbio=2 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -C "error" # Tests for sending fragmented handshake messages with DTLS @@ -11673,7 +11678,7 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" # We use --insecure for the GnuTLS client because it expects @@ -11695,7 +11700,7 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ mtu=512 force_version=dtls12" \ "$G_CLI -u --insecure 127.0.0.1" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C @@ -11707,7 +11712,7 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" requires_config_enabled MBEDTLS_SSL_PROTO_DTLS @@ -11720,7 +11725,7 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ mtu=512 force_version=dtls12" \ "$O_CLI -dtls1_2" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" # interop tests for DTLS fragmentating with unreliable connection # @@ -11739,7 +11744,7 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" requires_gnutls_next @@ -11755,7 +11760,7 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ "$G_NEXT_CLI -u --insecure 127.0.0.1" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" ## The test below requires 1.1.1a or higher version of openssl, otherwise ## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902) @@ -11772,7 +11777,7 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" ## the test below will time out with certain seed. @@ -11790,7 +11795,7 @@ run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ "$O_CLI -dtls1_2" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" # Tests for DTLS-SRTP (RFC 5764) requires_config_enabled MBEDTLS_SSL_DTLS_SRTP @@ -12507,9 +12512,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ hs_timeout=2500-60000" \ 0 \ -c "Buffering HS message" \ - -c "Next handshake message has been buffered - load"\ + -c "Certificate handshake message has been buffered$"\ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered"\ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -12527,9 +12532,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message fragment on -c "Buffering HS message" \ -c "found fragmented DTLS handshake message"\ -c "Next handshake message 1 not or only partially buffered" \ - -c "Next handshake message has been buffered - load"\ + -c "Certificate handshake message has been buffered and reassembled"\ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -12550,10 +12555,11 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex hs_timeout=2500-60000" \ 0 \ -c "Buffering HS message" \ - -c "Next handshake message has been buffered - load"\ + -c "Certificate handshake message has been buffered and reassembled"\ + -c "ServerKeyExchange handshake message has been buffered$"\ -C "attempt to make space by freeing buffered messages" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -12577,7 +12583,7 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex -c "attempt to make space by freeing buffered future messages" \ -c "Enough space available after freeing buffered HS messages" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -12593,9 +12599,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ hs_timeout=2500-60000" \ 0 \ -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ + -C "handshake message has been buffered" \ -s "Buffering HS message" \ - -s "Next handshake message has been buffered - load" \ + -s "ClientKeyExchange handshake message has been buffered$" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -12612,9 +12618,9 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ hs_timeout=2500-60000" \ 0 \ -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ + -C "handshake message has been buffered" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load" \ + -S "handshake message has been buffered" \ -c "Injecting buffered CCS message" \ -c "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -12630,9 +12636,9 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ hs_timeout=2500-60000" \ 0 \ -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ + -C "handshake message has been buffered" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load" \ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -s "Injecting buffered CCS message" \ @@ -12868,10 +12874,11 @@ not_with_valgrind # risk of non-mbedtls peer timing out requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, openssl server, fragmentation" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_NEXT_SRV -dtls1_2 -mtu 768" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ + "$O_NEXT_SRV -dtls1_2 -mtu 256" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000 tickets=0" \ 0 \ - -c "HTTP/1.0 200 OK" + -c "HTTP/1.0 200 OK" \ + -c "Certificate handshake message has been buffered and reassembled" requires_openssl_next client_needs_more_time 8 @@ -12879,10 +12886,11 @@ not_with_valgrind # risk of non-mbedtls peer timing out requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_NEXT_SRV -dtls1_2 -mtu 768" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ + "$O_NEXT_SRV -dtls1_2 -mtu 256" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000 nbio=2 tickets=0" \ 0 \ - -c "HTTP/1.0 200 OK" + -c "HTTP/1.0 200 OK" \ + -c "Certificate handshake message has been buffered and reassembled" requires_gnutls client_needs_more_time 6 @@ -12903,10 +12911,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$G_NEXT_SRV -u --mtu 512" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000" \ 0 \ -s "Extra-header:" \ - -c "Extra-header:" + -c "Extra-header:" \ + -c "Certificate handshake message has been buffered and reassembled" requires_gnutls_next client_needs_more_time 8 @@ -12915,10 +12924,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$G_NEXT_SRV -u --mtu 512" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000 nbio=2" \ 0 \ -s "Extra-header:" \ - -c "Extra-header:" + -c "Extra-header:" \ + -c "Certificate handshake message has been buffered and reassembled" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "export keys functionality" \ @@ -14793,16 +14803,6 @@ run_test "TLS 1.2 ClientHello indicating support for deflate compression meth # Most test cases are in opt-testcases/handshake-generated.sh -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_certificate_authentication -run_test "Handshake defragmentation on server: len=32, TLS 1.2 ClientHello (unsupported)" \ - "$P_SRV debug_level=4 force_version=tls12 auth_mode=required" \ - "$O_NEXT_CLI -tls1_2 -split_send_frag 32 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ - 1 \ - -s "The SSL configuration is tls12 only" \ - -s "bad client hello message" \ - -s "SSL - A message could not be parsed due to a syntactic error" - # Test server-side buffer resizing with fragmented handshake on TLS1.2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index 46b6be4581..f0d7a029f1 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -1,12 +1,46 @@ printf "%" MBEDTLS_PRINTF_SIZET, 0 printf_int_expr:PRINTF_SIZET:sizeof(size_t):0:"0" +printf "%" MBEDTLS_PRINTF_SIZET, 1 byte +printf_int_expr:PRINTF_SIZET:sizeof(size_t):42:"42" + +printf "%" MBEDTLS_PRINTF_SIZET, 4 bytes +printf_int_expr:PRINTF_SIZET:sizeof(size_t):0xfedcba98:"4275878552" + +printf "%" MBEDTLS_PRINTF_SIZET, 8 bytes +depends_on:SIZE_MAX>=0xffffffffffffffff +printf_int_expr:PRINTF_SIZET:sizeof(size_t):0xfedcba9876543210:"18364758544493064720" + printf "%" MBEDTLS_PRINTF_LONGLONG, 0 printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0:"0" +printf "%" MBEDTLS_PRINTF_LONGLONG, 1 byte +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):42:"42" + +printf "%" MBEDTLS_PRINTF_LONGLONG, 4 bytes +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0xfedcba98:"4275878552" + +printf "%" MBEDTLS_PRINTF_LONGLONG, 8 bytes +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0x7edcba9876543210:"9141386507638288912" + +printf "%" MBEDTLS_PRINTF_LONGLONG, 8 bytes, negative +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):-0x7edcba9876543210:"-9141386507638288912" + printf "%" MBEDTLS_PRINTF_MS_TIME, 0 printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0:"0" +printf "%" MBEDTLS_PRINTF_MS_TIME, 1 byte +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):42:"42" + +printf "%" MBEDTLS_PRINTF_MS_TIME, 4 bytes +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0xfedcba98:"4275878552" + +printf "%" MBEDTLS_PRINTF_MS_TIME, 8 bytes +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0x7edcba9876543210:"9141386507638288912" + +printf "%" MBEDTLS_PRINTF_MS_TIME, 8 bytes, negative +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):-0x7edcba9876543210:"-9141386507638288912" + Debug print msg (threshold 1, level 0) debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n" diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 491bc489aa..691125e416 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -66,15 +66,59 @@ static int pk_write_any_key(mbedtls_pk_context *pk, unsigned char **p, return 0; } +static int pk_write_check_context(mbedtls_pk_context *key, + int is_public_key, int is_der, + unsigned char *check_buf, size_t check_buf_len) +{ + int ret = -1; + unsigned char *buf = NULL; + int expected_error = is_der ? + MBEDTLS_ERR_ASN1_BUF_TOO_SMALL : + MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; + + /* Test with: + * - buffer too small (all sizes) + * - buffer exactly the right size + * - buffer a bit larger - DER functions should write to the end of the + * buffer, and we can only tell the difference with a larger buffer + */ + for (size_t buf_size = 1; buf_size <= check_buf_len + 2; buf_size++) { + mbedtls_free(buf); + buf = NULL; + TEST_CALLOC(buf, buf_size); + + unsigned char *start_buf = buf; + size_t out_len = buf_size; + int expected_result = buf_size < check_buf_len ? expected_error : 0; + mbedtls_test_set_step(buf_size); + + TEST_EQUAL(pk_write_any_key(key, &start_buf, &out_len, is_public_key, + is_der), expected_result); + + if (expected_result == 0) { + TEST_MEMORY_COMPARE(start_buf, out_len, check_buf, check_buf_len); + + if (is_der) { + /* Data should be at the end of the buffer */ + TEST_ASSERT(start_buf + out_len == buf + buf_size); + } + } + } + + ret = 0; + +exit: + mbedtls_free(buf); + return ret; +} + + static void pk_write_check_common(char *key_file, int is_public_key, int is_der) { mbedtls_pk_context key; mbedtls_pk_init(&key); - unsigned char *buf = NULL; unsigned char *check_buf = NULL; - unsigned char *start_buf; - size_t buf_len, check_buf_len; - int expected_result; + size_t check_buf_len; #if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_svc_key_id_t opaque_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; @@ -100,8 +144,6 @@ static void pk_write_check_common(char *key_file, int is_public_key, int is_der) } TEST_ASSERT(check_buf_len > 0); - TEST_CALLOC(buf, check_buf_len); - if (is_public_key) { TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&key, key_file), 0); } else { @@ -109,28 +151,14 @@ static void pk_write_check_common(char *key_file, int is_public_key, int is_der) mbedtls_test_rnd_std_rand, NULL), 0); } - start_buf = buf; - buf_len = check_buf_len; - if (is_der) { - expected_result = MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } else { - expected_result = MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; + if (pk_write_check_context(&key, is_public_key, is_der, + check_buf, check_buf_len) != 0) { + goto exit; } - /* Intentionally pass a wrong size for the provided output buffer and check - * that the writing functions fails as expected. */ - for (size_t i = 1; i < buf_len; i++) { - TEST_EQUAL(pk_write_any_key(&key, &start_buf, &i, is_public_key, - is_der), expected_result); - } - TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key, - is_der), 0); - - TEST_MEMORY_COMPARE(start_buf, buf_len, check_buf, check_buf_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Verify that pk_write works also for opaque private keys */ if (!is_public_key) { - memset(buf, 0, check_buf_len); /* Turn the key PK context into an opaque one. * Note: set some practical usage for the key to make get_psa_attributes() happy. */ TEST_EQUAL(mbedtls_pk_get_psa_attributes(&key, PSA_KEY_USAGE_SIGN_MESSAGE, &key_attr), 0); @@ -138,18 +166,11 @@ static void pk_write_check_common(char *key_file, int is_public_key, int is_der) mbedtls_pk_free(&key); mbedtls_pk_init(&key); TEST_EQUAL(mbedtls_pk_setup_opaque(&key, opaque_id), 0); - start_buf = buf; - buf_len = check_buf_len; - /* Intentionally pass a wrong size for the provided output buffer and check - * that the writing functions fails as expected. */ - for (size_t i = 1; i < buf_len; i++) { - TEST_EQUAL(pk_write_any_key(&key, &start_buf, &i, is_public_key, - is_der), expected_result); - } - TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key, - is_der), 0); - TEST_MEMORY_COMPARE(start_buf, buf_len, check_buf, check_buf_len); + if (pk_write_check_context(&key, is_public_key, is_der, + check_buf, check_buf_len) != 0) { + goto exit; + } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -157,7 +178,6 @@ exit: #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_destroy_key(opaque_id); #endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_free(buf); mbedtls_free(check_buf); mbedtls_pk_free(&key); USE_PSA_DONE();