early-access version 1503

externals/mbedtls/tests/suites/test_suite_entropy.function

@@ -1,6 +1,8 @@
 /* BEGIN_HEADER */
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
+#include "mbedtls/md.h"
+#include "string.h"
 
 /*
  * Number of calls made to entropy_dummy_source()
@@ -47,7 +49,7 @@ static int entropy_dummy_source( void *data, unsigned char *output,
  * This might break memory checks in the future if sources need 'free-ing' then
  * as well.
  */
-static void entropy_clear_sources( mbedtls_entropy_context *ctx )
+void entropy_clear_sources( mbedtls_entropy_context *ctx )
 {
     ctx->source_count = 0;
 }
@@ -57,7 +59,7 @@ static void entropy_clear_sources( mbedtls_entropy_context *ctx )
  */
 static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
 
-static int buffer_nv_seed_read( unsigned char *buf, size_t buf_len )
+int buffer_nv_seed_read( unsigned char *buf, size_t buf_len )
 {
     if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
         return( -1 );
@@ -66,7 +68,7 @@ static int buffer_nv_seed_read( unsigned char *buf, size_t buf_len )
     return( 0 );
 }
 
-static int buffer_nv_seed_write( unsigned char *buf, size_t buf_len )
+int buffer_nv_seed_write( unsigned char *buf, size_t buf_len )
 {
     if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE )
         return( -1 );
@@ -78,7 +80,7 @@ static int buffer_nv_seed_write( unsigned char *buf, size_t buf_len )
 /*
  * NV seed read/write helpers that fill the base seedfile
  */
-static int write_nv_seed( unsigned char *buf, size_t buf_len )
+int write_nv_seed( unsigned char *buf, size_t buf_len )
 {
     FILE *f;
 
@@ -97,7 +99,7 @@ static int write_nv_seed( unsigned char *buf, size_t buf_len )
     return( 0 );
 }
 
-static int read_nv_seed( unsigned char *buf, size_t buf_len )
+int read_nv_seed( unsigned char *buf, size_t buf_len )
 {
     FILE *f;
 
@@ -123,8 +125,30 @@ static int read_nv_seed( unsigned char *buf, size_t buf_len )
  * END_DEPENDENCIES
  */
 
+/* BEGIN_CASE */
+void entropy_init_free( int reinit )
+{
+    mbedtls_entropy_context ctx;
+
+    /* Double free is not explicitly documented to work, but it is convenient
+     * to call mbedtls_entropy_free() unconditionally on an error path without
+     * checking whether it has already been called in the success path. */
+
+    mbedtls_entropy_init( &ctx );
+    mbedtls_entropy_free( &ctx );
+
+    if( reinit )
+        mbedtls_entropy_init( &ctx );
+    mbedtls_entropy_free( &ctx );
+
+    /* This test case always succeeds, functionally speaking. A plausible
+     * bug might trigger an invalid pointer dereference or a memory leak. */
+    goto exit;
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
-void entropy_seed_file( char *path, int ret )
+void entropy_seed_file( char * path, int ret )
 {
     mbedtls_entropy_context ctx;
 
@@ -139,7 +163,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void entropy_too_many_sources( )
+void entropy_too_many_sources(  )
 {
     mbedtls_entropy_context ctx;
     size_t i;
@@ -189,11 +213,14 @@ void entropy_func_len( int len, int ret )
 
     for( j = len; j < sizeof( buf ); j++ )
         TEST_ASSERT( acc[j] == 0 );
+
+exit:
+    mbedtls_entropy_free( &ctx );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void entropy_source_fail( char *path )
+void entropy_source_fail( char * path )
 {
     mbedtls_entropy_context ctx;
     int fail = -1;
@@ -260,7 +287,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
-void nv_seed_file_create()
+void nv_seed_file_create(  )
 {
     unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
 
@@ -271,7 +298,7 @@ void nv_seed_file_create()
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */
-void entropy_nv_seed_std_io()
+void entropy_nv_seed_std_io(  )
 {
     unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
     unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
@@ -300,34 +327,42 @@ void entropy_nv_seed_std_io()
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT:MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
-void entropy_nv_seed( char *read_seed_str )
+/* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */
+void entropy_nv_seed( data_t * read_seed )
 {
-    mbedtls_sha512_context accumulator;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    const mbedtls_md_info_t *md_info =
+        mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
+#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
+    const mbedtls_md_info_t *md_info =
+        mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
+#else
+#error "Unsupported entropy accumulator"
+#endif
+    mbedtls_md_context_t accumulator;
     mbedtls_entropy_context ctx;
+    int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) =
+        mbedtls_nv_seed_read;
+    int (*original_mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) =
+        mbedtls_nv_seed_write;
 
     unsigned char header[2];
     unsigned char entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
     unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
     unsigned char empty[MBEDTLS_ENTROPY_BLOCK_SIZE];
-    unsigned char read_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
     unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
     unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE];
 
     memset( entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
     memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    memset( buffer_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
     memset( empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
     memset( check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE );
     memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE );
 
-    // Set the initial NV seed to read
-    unhexify( read_seed, read_seed_str );
-    memcpy( buffer_seed, read_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
-
     // Make sure we read/write NV seed from our buffers
     mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write );
 
+    mbedtls_md_init( &accumulator );
     mbedtls_entropy_init( &ctx );
     entropy_clear_sources( &ctx );
 
@@ -335,45 +370,57 @@ void entropy_nv_seed( char *read_seed_str )
                                              MBEDTLS_ENTROPY_BLOCK_SIZE,
                                              MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 );
 
+    // Set the initial NV seed to read
+    TEST_ASSERT( read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE );
+    memcpy( buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE );
+
     // Do an entropy run
     TEST_ASSERT( mbedtls_entropy_func( &ctx, entropy, sizeof( entropy ) ) == 0 );
-
     // Determine what should have happened with manual entropy internal logic
-    // Only use the SHA-512 version to check
 
     // Init accumulator
     header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE;
-    mbedtls_sha512_starts( &accumulator, 0 );
+    TEST_ASSERT( mbedtls_md_setup( &accumulator, md_info, 0 ) == 0 );
 
     // First run for updating write_seed
     header[0] = 0;
-    mbedtls_sha512_update( &accumulator, header, 2 );
-    mbedtls_sha512_update( &accumulator, read_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    mbedtls_sha512_finish( &accumulator, buf );
+    TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 );
+    TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
+    TEST_ASSERT( mbedtls_md_update( &accumulator,
+                                    read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
+    TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 );
 
-    memset( &accumulator, 0, sizeof( mbedtls_sha512_context ) );
-    mbedtls_sha512_starts( &accumulator, 0 );
-    mbedtls_sha512_update( &accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
+    TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 );
+    TEST_ASSERT( mbedtls_md_update( &accumulator,
+                                    buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
 
-    mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, check_seed, 0 );
+    TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                             check_seed ) == 0 );
 
     // Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed)
     header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL;
-    mbedtls_sha512_update( &accumulator, header, 2 );
-    mbedtls_sha512_update( &accumulator, empty, MBEDTLS_ENTROPY_BLOCK_SIZE );
+    TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
+    TEST_ASSERT( mbedtls_md_update( &accumulator,
+                                    empty, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
 
     header[0] = 0;
-    mbedtls_sha512_update( &accumulator, header, 2 );
-    mbedtls_sha512_update( &accumulator, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    mbedtls_sha512_finish( &accumulator, buf );
+    TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 );
+    TEST_ASSERT( mbedtls_md_update( &accumulator,
+                                    check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
+    TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 );
 
-    mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, check_entropy, 0 );
+    TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                             check_entropy ) == 0 );
 
     // Check result of both NV file and entropy received with the manual calculations
     TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
     TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 );
 
+exit:
+    mbedtls_md_free( &accumulator );
     mbedtls_entropy_free( &ctx );
+    mbedtls_nv_seed_read = original_mbedtls_nv_seed_read;
+    mbedtls_nv_seed_write = original_mbedtls_nv_seed_write;
 }
 /* END_CASE */