Don't call a macro that does `goto exit` on failure after the `exit:` label:
that would cause an infinite loop if something does go wrong.
Generally, cleanup functions don't error out, so it is unlikely to be a
problem in practice. If an error does happen during cleanup, it's probably
due to memory corruption caused by a bug that happened earlier, and that is
likely to have been detected in an earlier function. So we don't really need
to assert the return code of functions called during cleanup, and normally
we don't. Only a few places did so, wrongly.
I found the problematic places with
```
ag 'exit:[^}]*(PSA_ASSERT|TEST_ASSERT|TEST_EQUAL)' tests/suites/*.function
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In a PAKE operation that has been initialized with `PSA_PAKE_OPERATION_INIT`
or `psa_pake_operation_init()`, the content of the driver-specific part is
indeterminate. It is actually all-bits-zero on most platforms, but not all,
e.g. not with GCC 15 or CompCert. So don't assert anything about it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When initializing a PAKE operation structure, use an
auxiliary function that doesn't initialize union members to all-bits-zero.
Context: on most compilers, initializing a union to `{0}` initializes it to
all bits zero; but on some compilers, the trailing part of members other
than the first is left uninitialized. This way, we can run the tests on any
platform and validate that the code would work correctly on platforms where
union initialization is short, such as GCC 15.
This commit extends 93dd99571b to
`test_suite_psa_crypto_pake.function`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Move a bunch of files from `scripts` and `mbedtls/scripts` to the framework.
Most are not called from any scripts invoked by the CI, but a couple are.
A subsequent commit will adapt the scripts. None of these scripts are
referenced from other repositories except in documentation.
The following files will be removed, and added to `mbedtls-framework`:
* `scripts/ecp_comb_table.py`
* `scripts/massif_max.pl`
* `tests/scripts/audit-validity-dates.py` (moved to `scripts/`)
* `tests/scripts/gen_ctr_drbg.pl` (moved to `scripts/`)
* `tests/scripts/gen_gcm_decrypt.pl` (moved to `scripts/`)
* `tests/scripts/gen_gcm_encrypt.pl` (moved to `scripts/`)
* `tests/scripts/gen_pkcs1_v21_sign_verify.pl` (moved to `scripts/`)
* `tests/scripts/generate-afl-tests.sh` (moved to `scripts/`)
* `tests/scripts/generate_server9_bad_saltlen.py` (moved to `scripts/`)
* `tests/scripts/run-metatests.sh` (moved to `scripts/`)
* `tests/scripts/run_demos.py` (moved to `scripts/`)
* `tests/scripts/test_config_script.py` (moved to `scripts/`)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In DTLS reassembly tests, the server may receive a close_notify alert at the
end of a test. In this case, the Mbed TLS server logs an error, so these tests
should not check for the absence of the string "error" in the server logs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The compile time guards were too restrictive, excluding builds with
drivers, updating them will allow driver tests to run as well.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Assert that two forked children have distinct RNG states, and also that the
state is distinct from their parent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit fixes two problems:
1. In 3.6 the SSL unit test framework ignores option.cipher, we need to
enforce it manually
2. In 3.6 we still have RSA key exchange and we need to condition the
RSA test on the presence of ECDHE_RSA key exchange modes as well
Signed-off-by: Janos Follath <janos.follath@arm.com>
DEBUG_C supposed to have been removed from the test dependencies, still
being there is an oversight. Removing it was the sole purpose of
3e58109fbd.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The unit test framework always loads the client key as well, which
requires a different curve and a hash than the server key.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add a test case with a successful handshake for each test case that
causes the desired handshake failure, with minimal differences between
the two.
The reason is to have more assurance that the handshake is failing for
the desired reason (as opposed to not having done something correctly in
the test code).
Signed-off-by: Janos Follath <janos.follath@arm.com>
There are other issues that can fail with the same error code. Make sure
that the handshake fails exactly the way we want it to fail by analysing
the client logs.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We usually follow the pattern that a zero-initialised struct is safe to
free. This wasn't the case here.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This root certificate uses SECP-384 and if we don't have it in the
build, the parsing already fails even if we don't try to use it, there
is no reason to have it in the build without the SECP-384.
Signed-off-by: Janos Follath <janos.follath@arm.com>
In Mbed TLS 3.6 we still need to manually configure the RNG for TLS. Add
this to the testcase for default verify_result.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
