The child code isn't supposed to cause memory corruption, but if it does,
try to report a problem rather than mess up further.
Adapt the code to report the failure to the parent accordingly. In
particular, we need to make sure that the first byte written to the
reporting pipe is the result code in all cases, so don't jump over the
writing of the result code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the success case, we were only reporting the correct data written by the
child if the data was read in a single `read` call.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When reading data from the child, if the child reports a failure, the parent
expects the child to write an `mbedtls_test_info_t` structure, no less, no
more. To achieve this, we try reading at least one byte more, and check that
we couldn't read more than the expected size. This commit fixes two bugs:
* On success, don't require the child to fill the output buffer. This check
was only intended for the failure case, but was accidentally put in the
wrong place.
* On failure, we weren't checking that the child had written at least the
expected size, which could have been worse (we'd end up with a
child_test_info structure that's only partially initialized).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Run some code in a child process. Propagate output from the child if the
test succeeds, and propagate the test result information otherwise.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Include `"test_common.h"` as the first thing in C files, and
`<test/build_info.h>` as the first thing in header files.
This requires moving `<test/test_common.h>` to its intended location
`"test_common.h"`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The header `test_common.h` contains two kinds of things:
* Things to do at the beginning of individual C files. Specifically,
defining macros that notify system headers about what we want from them.
Keep those in `test_common.h`, which will subsequently be moved out of
the include directory.
* Things to do at the beginning of every header. In particular, read the
library configuration. Move them to a new header `build_info.h`,
which is the only one intended to be included from headers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This lets us define things that we want to have everywhere in test code. In
particular, this lets us define platform-specific symbols that influence
what system headers declare. This also takes care of including the library
configuration.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Since Mbed TLS 3.6.0, all officially supported versions of Visual Studio
a printf function family that is sufficiently compliant to C99 for our
purposes, in particular supporting `%zu` for `size_t`. The only platform
without `%zu` that we semi-officially support is older versions of MinGW,
still used in our CI. MinGW provides either a Windows legacy printf or a
standards-compliant printf depending on the value of
`__USE_MINGW_ANSI_STDIO` when compiling each C file. Force the use of the
compliant version. Don't rely on `MBEDTLS_PRINTF_SIZET`, which is defined in
`<mbedtls/debug.h>` and no longer considers the Windows legacy version in
Mbed TLS >= 4.1.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Keep TEST_EQUAL() on the function that might fail so that if a failure
happen the message will report the actual function that failed.
Documentation of the helper function is also updated.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
A new look-up table is created, "predefined_keys_psa", to list all the
predefined keys together with the corresponding PSA key type and bits.
A new look-up table was created in order not to conflict with the already
existing "predefined_keys" one.
"mbedtls_pk_helpers_get_predefined_key_data" is modified in order to
use the new look-up table.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Get rid of one subdirectory in include/ limitation.
Prefix all file basename instead of changing the
name of `include/mbedtls` to `include/libtestdriver1`.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Update test drivers for TF-PSA-Crypto test driver
based on a copy of `drivers/builtin`.
We mainly keep using what is already in place for
libtestdriver1 in Mbed TLS by still defining
MBEDTLS_TEST_LIBTESTDRIVER1.
As in TF-PSA-Crypto, the test driver is a derivative
of a clone of the built-in driver, not of the whole
library, the paths to the driver internal headers
are different. The paths are relative to
`drivers/libtestdriver1/include`.
Otherwise, `psa_key_attributes_t` is prefixed with
`libtestdriver1_` in Mbed TLS test driver but not
in TF-PSA-Crypto one. Thus in TF-PSA-Crypto case
define `libtestdriver1_psa_key_attributes_t` as
`psa_key_attributes_t`.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix clang warning related to mismatch
between function prototype and
function definition: void func(void) vs void func().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Since TF-PSA-Crypto 1.0 (threading internal interface version 4.0.0.1),
`mbedtls_mutex_free()` on an all-bits-zero mutex is defined to be a no-op.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In Mbed TLS 3.6, this error was used in the library as well as the test
framework, but since TF-PSA-Crypto 1.0, it has been removed from the
library.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The way the mutex usage verification framework plugs into the library
requires it to have access to the API type, which holds the state field. In
the new threading API, the mutable function that the framework overrides now
only receives a pointer to the platform object that is embedded in the API
object. Hence we need to calculate a pointer to the containing API object
when given a pointer to the platform object. It's ugly, but it works.
A follow-up should clean this up by changing how the mutex usage
verification framework plugs into the library. It should use a more normal
hook function mechanism instead of replacing the function pointers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
common.h has been renamed to tf_psa_crypto_common.h in the standalone
TF PSA Crypto library used in Mbed TLS 4.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
In case parsing fails and we free the pointer, we should also set it to
NULL. Otherwise, we get a double-free when the caller tries to free it
as well.
This can only happen with bad test data, but it tripped me up during
development. (I got bad test data because bignum_common.invmod()
sometimes returned a negative value, which was a surprise to me, see
previous commit.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
If the new option is defined, ignore the old option that it is gradually
replacing. This lets us transition build scripts gradually, whereby they
still enable MBEDTLS_PLATFORM_GET_ENTROPY_ALT, but the C code translates
this to MBEDTLS_PSA_DRIVER_GET_ENTROPY.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Finish aligning the prototype of `mbedtls_platform_get_entropy()` with the
prototype of the `"get_entropy"` entry point in PSA entropy drivers: move
the `estimate_bits` parameter, and add the `flags` parameter.
For the time being, no flags are supported.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Gilles Peskine