library: debug: adjust guards for "mbedtls_debug_print_crt"

Keep MBEDTLS_PK_WRITE_C as guard only for "debug_print_pk" but let
"mbedtls_debug_print_crt" to work also when MBEDTLS_PK_WRITE_C is disabled.
In this case the only public key won't be printed, but the rest of the
certificate will be.

This commit also updates test coverage by duplicating test cases: now there
will be one case for when MBEDTLS_PK_WRITE_C is enabled and another one
for !MBEDTLS_PK_WRITE_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

include/mbedtls/debug.h

@@ -28,13 +28,12 @@
 #define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)           \
     mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) && \
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
-    defined(MBEDTLS_PK_WRITE_C)
 #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)                \
     mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
 #else
 #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)       do { } while (0)
-#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_INFO && MBEDTLS_PK_WRITE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_INFO */
 
 #else /* MBEDTLS_DEBUG_C */
 

library/debug.c

@@ -179,8 +179,9 @@ void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
                                 MBEDTLS_DEBUG_PRINT_BUF_ADD_TEXT);
 }
 
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) && \
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
-    defined(MBEDTLS_PK_WRITE_C)
+
+#if defined(MBEDTLS_PK_WRITE_C)
 static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
                            const char *file, int line,
                            const char *text, const mbedtls_pk_context *pk)
@@ -198,6 +199,7 @@ static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
                                 "failed to export public key from PK context");
     }
 }
+#endif /* MBEDTLS_PK_WRITE_C */
 
 static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level,
                                      const char *file, int line, const char *text)
@@ -247,11 +249,13 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
         mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
         debug_print_line_by_line(ssl, level, file, line, buf);
 
+#if defined(MBEDTLS_PK_WRITE_C)
         debug_print_pk(ssl, level, file, line, "crt->PK", &crt->pk);
+#endif /* MBEDTLS_PK_WRITE_C */
 
         crt = crt->next;
     }
 }
-#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO && MBEDTLS_PK_WRITE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */
 
 #endif /* MBEDTLS_DEBUG_C */

tests/suites/test_suite_debug.data

@@ -47,9 +47,19 @@ Debug print buffer #5
 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  ................\nMyFile(0999)\: 0010\:  10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f  ................\nMyFile(0999)\: 0020\:  20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f   !"#$%&'()*+,-./\nMyFile(0999)\: 0030\:  30                                               0\n"
 
 Debug print certificate #1 (RSA)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_1:!MBEDTLS_X509_REMOVE_INFO
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_1:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_PK_WRITE_C
 mbedtls_debug_print_crt:"../framework/data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: 01\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using      \: RSA with SHA1\nMyFile(0999)\: RSA key size      \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: dumping 'crt->PK' (270 bytes)\nMyFile(0999)\: 0000\:  30 82 01 0a 02 82 01 01 00 a9 02 1f 3d 40 6a d5\nMyFile(0999)\: 0010\:  55 53 8b fd 36 ee 82 65 2e 15 61 5e 89 bf b8 e8\nMyFile(0999)\: 0020\:  45 90 db ee 88 16 52 d3 f1 43 50 47 96 12 59 64\nMyFile(0999)\: 0030\:  87 6b fd 2b e0 46 f9 73 be dd cf 92 e1 91 5b ed\nMyFile(0999)\: 0040\:  66 a0 6f 89 29 79 45 80 d0 83 6a d5 41 43 77 5f\nMyFile(0999)\: 0050\:  39 7c 09 04 47 82 b0 57 39 70 ed a3 ec 15 19 1e\nMyFile(0999)\: 0060\:  a8 33 08 47 c1 05 42 a9 fd 4c c3 b4 df dd 06 1f\nMyFile(0999)\: 0070\:  4d 10 51 40 67 73 13 0f 40 f8 6d 81 25 5f 0a b1\nMyFile(0999)\: 0080\:  53 c6 30 7e 15 39 ac f9 5a ee 7f 92 9e a6 05 5b\nMyFile(0999)\: 0090\:  e7 13 97 85 b5 23 92 d9 d4 24 06 d5 09 25 89 75\nMyFile(0999)\: 00a0\:  07 dd a6 1a 8f 3f 09 19 be ad 65 2c 64 eb 95 9b\nMyFile(0999)\: 00b0\:  dc fe 41 5e 17 a6 da 6c 5b 69 cc 02 ba 14 2c 16\nMyFile(0999)\: 00c0\:  24 9c 4a dc cd d0 f7 52 67 73 f1 2d a0 23 fd 7e\nMyFile(0999)\: 00d0\:  f4 31 ca 2d 70 ca 89 0b 04 db 2e a6 4f 70 6e 9e\nMyFile(0999)\: 00e0\:  ce bd 58 89 e2 53 59 9e 6e 5a 92 65 e2 88 3f 0c\nMyFile(0999)\: 00f0\:  94 19 a3 dd e5 e8 9d 95 13 ed 29 db ab 70 12 dc\nMyFile(0999)\: 0100\:  5a ca 6b 17 ab 52 82 54 b1 02 03 01 00 01      \n"
 
+# Same as above, but with !MBEDTLS_PK_WRITE_C
+Debug print certificate #1.1 (RSA)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:PSA_WANT_ALG_SHA_1:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_PK_WRITE_C
+mbedtls_debug_print_crt:"../framework/data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: 01\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using      \: RSA with SHA1\nMyFile(0999)\: RSA key size      \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\n"
+
 Debug print certificate #2 (EC)
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:PSA_HAVE_ALG_SOME_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:!MBEDTLS_X509_REMOVE_INFO
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:PSA_HAVE_ALG_SOME_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_PK_WRITE_C
 mbedtls_debug_print_crt:"../framework/data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using      \: ECDSA with SHA256\nMyFile(0999)\: EC key size       \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: dumping 'crt->PK' (97 bytes)\nMyFile(0999)\: 0000\:  04 c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29\nMyFile(0999)\: 0010\:  43 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91\nMyFile(0999)\: 0020\:  95 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c\nMyFile(0999)\: 0030\:  2d 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e\nMyFile(0999)\: 0040\:  58 b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7\nMyFile(0999)\: 0050\:  47 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33\nMyFile(0999)\: 0060\:  1e                                             \n"
+
+# Same as above, but with !MBEDTLS_PK_WRITE_C
+Debug print certificate #2.1 (EC)
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:PSA_HAVE_ALG_SOME_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_PK_WRITE_C
+mbedtls_debug_print_crt:"../framework/data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version     \: 3\nMyFile(0999)\: serial number     \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name       \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name      \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued  on        \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on        \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using      \: ECDSA with SHA256\nMyFile(0999)\: EC key size       \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\n"

tests/suites/test_suite_debug.function

@@ -245,7 +245,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_PK_WRITE_C */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
 void mbedtls_debug_print_crt(char *crt_file, char *file, int line,
                              char *prefix, char *result_str)
 {