When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value. This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.
Also check that second and subsequent subidentifiers are terminated, and
add a test case for that. Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
During test of component build_arm_linux_gnueabi_gcc_arm5vte and
build_arm_none_eabi_gcc_m0plus. It fails with
- error: implicit declaration of function
‘test_fail_if_psa_leaking’
It happens because test_fail_if_psa_leaking is defined in
helpers.function. This block of code is not converted into C code
while compiling ssl_helpers.c. The function has been moved to
psa_crypto_helpers.c in order to fix this build error.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Since we move many functions from test_suite_ssl.function to
ssl_helpers.c in commit bd56b03. This causes various of
build errors. This commit fixes all the build errors by
- including header files
- providing function definition
- adding guards for typedef statements and functions
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Some functions are renamed in commit c463849. This change moves all
those functions which are used to set up a TLS connection from
test_suite_ssl.function into ssl_helpers.c.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
As the typedef statements and functions are renamed in commit
abfdcd8 and commit c463849 respectively. This commit aims
to align code lines to fit code standard and improve code
readability.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
With this change, the renamed typedef statements (commit abfdcd8)
are moved from test_suite_ssl.function into ssl_helpers.h
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
test_suite_ssl.function contains many functions that are used to set
up a TLS connection. To reduce its file size, those functions would
be moved to ssl_helpers.c under tests/src. As the start of this
implementation, some necessary header files are moved in advance.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
escalates into a buffer overflow in the application code
Signed-off-by: Stephan Koch <koch@oberon.ch>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
The only remaining occurrences of TEST_ASSERT are now pointer comparison,
to NULL or to a reference md_info. That is, the output of the following
command is empty:
grep TEST_ASSERT tests/suites/test_suite_md.function |
egrep -v '= NULL|== md_info|md_info =='
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Backporting note: contextual differences because we don't have
info_from_ctx in 2.28.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Not only was the size of 100 arbitrary, it's also not great for testing:
using MBEDTLS_MD_MAX_SIZE will get us an ASan error if it ever is too
small.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
For all test that want to use a hash, identify it by its numerical type
rather than a string. The motivation is that when we isolate the
MD-light subset from the larger MD, it won't have support for string
identifiers. Do the change for all tests, not just those that will
exercise functions in MD-light, for the sake of uniformity and because
numerical identifiers just feel better.
Note: mbedtls_md_info_from_string is still tested in md_info().
Note: for 2.28 the motivation of upcoming work on MD-light doesn't
apply, but the change is still backported in order keep the two branches
closer to each other (especially the .function file).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The tests here use the test certificates from the cert module where
certificates are needed. Thus, wherever there is a dependency on
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED, there is also a dependency on
MBEDTLS_CERTS_C.
Fixes `make test` when MBEDTLS_CERTS_C is disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
