diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile index 2de5ffa7a..f76c1c0f8 100644 --- a/crypto/tests/Makefile +++ b/crypto/tests/Makefile @@ -41,7 +41,7 @@ $(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_tes -t suites/main_test.function \ -p suites/host_test.function \ -s suites \ - --help-file suites/helpers.function \ + --helpers-file suites/helpers.function \ -o . @@ -70,7 +70,7 @@ $(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data script -t suites/main_test.function \ -p suites/target_test.function \ -s suites \ - --help-file suites/helpers.function \ + --helpers-file suites/helpers.function \ -o ./TESTS/mbedcrypto/$* gen-embedded-test: $(EMBEDDED_TESTS) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 43d6e6e72..5ad20d65b 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -664,7 +664,7 @@ WARN_LOGFILE = # directories like "/usr/src/myproject". Separate the files or directories # with spaces. -INPUT = .. +INPUT = ../include input # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is @@ -696,7 +696,7 @@ RECURSIVE = YES # Note that relative paths are relative to the directory from which doxygen is # run. -EXCLUDE = ../configs ../yotta/module +EXCLUDE = # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make index 5da57084d..c0e5a0531 100644 --- a/scripts/mbed_crypto.make +++ b/scripts/mbed_crypto.make @@ -213,7 +213,7 @@ crypto/%: % $(call rename_mbedcrypto,$@) crypto/VERSION.txt: FORCE - @git describe --tags --abbrev=12 --dirty > $@ + @git describe --tags --abbrev=12 --dirty --always > $@ mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES) @echo $@ diff --git a/tests/Makefile b/tests/Makefile index 4d2edd456..b6e49bf8a 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -105,7 +105,7 @@ $(BINARIES): %$(EXEXT): %.c $(DEP) clean: ifndef WINDOWS - rm -rf $(APPS) *.c *.datax TESTS + rm -rf $(BINARIES) *.c *.datax TESTS else del /Q /F *.c *.exe *.datax ifneq ($(wildcard TESTS/.*),) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 996204662..0bce2a886 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -436,25 +436,25 @@ OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \ ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh msg "test: recursion.pl" # < 1s -tests/scripts/recursion.pl library/*.c +record_status tests/scripts/recursion.pl library/*.c msg "test: freshness of generated source files" # < 1s -tests/scripts/check-generated-files.sh +record_status tests/scripts/check-generated-files.sh msg "test: doxygen markup outside doxygen blocks" # < 1s -tests/scripts/check-doxy-blocks.pl +record_status tests/scripts/check-doxy-blocks.pl msg "test: check-files.py" # < 1s cleanup -tests/scripts/check-files.py +record_status tests/scripts/check-files.py msg "test/build: declared and exported names" # < 3s cleanup -tests/scripts/check-names.sh +record_status tests/scripts/check-names.sh msg "test: doxygen warnings" # ~ 3s cleanup -tests/scripts/doxygen.sh +record_status tests/scripts/doxygen.sh msg "test: Mbed Crypto exporter " # ~ 30s cleanup @@ -539,10 +539,10 @@ msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s make test msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s -tests/ssl-opt.sh -f RSA +if_build_succeeded tests/ssl-opt.sh -f RSA msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min -tests/compat.sh -t RSA +if_build_succeeded tests/compat.sh -t RSA msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" cleanup @@ -1071,7 +1071,6 @@ for optimization_flag in -O2 -O3 -Ofast -Os; do cleanup make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log - if_build_succeeded [ -s test_zeroize.log ] if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log if_build_succeeded not grep -i "error" test_zeroize.log rm -f test_zeroize.log @@ -1079,10 +1078,10 @@ for optimization_flag in -O2 -O3 -Ofast -Os; do done msg "Lint: Python scripts" -tests/scripts/check-python-files.sh +record_status tests/scripts/check-python-files.sh msg "uint test: generate_test_code.py" -./tests/scripts/test_generate_test_code.py +record_status ./tests/scripts/test_generate_test_code.py ################################################################ #### Termination diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index f560d0378..0fb2117a3 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -155,6 +155,12 @@ class IntegrityChecker(object): ".c", ".h", ".sh", ".pl", ".py", ".md", ".function", ".data", "Makefile", "CMakeLists.txt", "ChangeLog" ) + self.excluded_directories = ['.git', 'mbed-os'] + self.excluded_paths = list(map(os.path.normpath, [ + 'cov-int', + 'examples', + 'yotta/module' + ])) self.issues_to_check = [ PermissionIssueTracker(), EndOfFileNewlineIssueTracker(), @@ -179,12 +185,19 @@ class IntegrityChecker(object): console = logging.StreamHandler() self.logger.addHandler(console) + def prune_branch(self, root, d): + if d in self.excluded_directories: + return True + if os.path.normpath(os.path.join(root, d)) in self.excluded_paths: + return True + return False + def check_files(self): - for root, dirs, files in sorted(os.walk(".")): + for root, dirs, files in os.walk("."): + dirs[:] = sorted(d for d in dirs if not self.prune_branch(root, d)) for filename in sorted(files): filepath = os.path.join(root, filename) - if (os.path.join("yotta", "module") in filepath or - not filepath.endswith(self.files_to_check)): + if not filepath.endswith(self.files_to_check): continue for issue_to_check in self.issues_to_check: if issue_to_check.should_check_file(filepath): diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb index 617ab5544..77c812a0b 100644 --- a/tests/scripts/test_zeroize.gdb +++ b/tests/scripts/test_zeroize.gdb @@ -41,6 +41,9 @@ # number does not need to be updated often. set confirm off +# We don't need to turn off ASLR, so don't try. +set disable-randomization off + file ./programs/test/zeroize break zeroize.c:100 diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 32b1b790d..f416b3035 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -69,6 +69,18 @@ typedef struct data_tag /*----------------------------------------------------------------------------*/ /* Macros */ +/** Evaluate an expression and fail the test case if it is false. + * + * Failing the test means: + * - Mark this test case as failed. + * - Print a message identifying the failure. + * - Jump to the \c exit label. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param TEST The expression to evaluate. + */ #define TEST_ASSERT( TEST ) \ do { \ if( ! (TEST) ) \ @@ -78,6 +90,58 @@ typedef struct data_tag } \ } while( 0 ) +/** Allocate memory dynamically and fail the test case if this fails. + * + * You must set \p pointer to \c NULL before calling this macro and + * put `mbedtls_free( pointer )` in the test's cleanup code. + * + * If \p size is zero, the resulting \p pointer will be \c NULL. + * This is usually what we want in tests since API functions are + * supposed to accept null pointers when a buffer size is zero. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param size Buffer size to allocate in bytes. + * This expression may be evaluated multiple times. + * + */ +#define ASSERT_ALLOC( pointer, size ) \ + do \ + { \ + TEST_ASSERT( ( pointer ) == NULL ); \ + if( ( size ) != 0 ) \ + { \ + ( pointer ) = mbedtls_calloc( 1, ( size ) ); \ + TEST_ASSERT( ( pointer ) != NULL ); \ + } \ + } \ + while( 0 ) + +/** Compare two buffers and fail the test case if they differ. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param p1 Pointer to the start of the first buffer. + * \param size1 Size of the first buffer in bytes. + * This expression may be evaluated multiple times. + * \param p2 Pointer to the start of the second buffer. + * \param size2 Size of the second buffer in bytes. + * This expression may be evaluated multiple times. + */ +#define ASSERT_COMPARE( p1, size1, p2, size2 ) \ + do \ + { \ + TEST_ASSERT( ( size1 ) == ( size2 ) ); \ + if( ( size1 ) != 0 ) \ + TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \ + } \ + while( 0 ) + #define assert(a) if( !( a ) ) \ { \ mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 38c5fee98..0319782fa 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -691,7 +691,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA keypair, PSS-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA public key, PKCS#1 v1.5 raw @@ -699,7 +699,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA public key, PSS-SHA-256 -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 81ddee003..59cc7166d 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -419,8 +419,7 @@ static int is_oid_of_key_type( psa_key_type_t type, return( 0 ); } - TEST_ASSERT( oid_length == expected_oid_length ); - TEST_ASSERT( memcmp( oid, expected_oid, oid_length ) == 0 ); + ASSERT_COMPARE( expected_oid, expected_oid_length, oid, oid_length ); return( 1 ); exit: @@ -703,8 +702,7 @@ static int exercise_export_key( psa_key_slot_t slot, } exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); - exported = mbedtls_calloc( 1, exported_size ); - TEST_ASSERT( exported != NULL ); + ASSERT_ALLOC( exported, exported_size ); TEST_ASSERT( psa_export_key( slot, exported, exported_size, @@ -737,8 +735,7 @@ static int exercise_export_public_key( psa_key_slot_t slot ) public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ); exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ); - exported = mbedtls_calloc( 1, exported_size ); - TEST_ASSERT( exported != NULL ); + ASSERT_ALLOC( exported, exported_size ); TEST_ASSERT( psa_export_public_key( slot, exported, exported_size, @@ -856,8 +853,7 @@ void fill_slots( int max_arg ) TEST_ASSERT( psa_export_key( slot, exported, sizeof( exported ), &exported_size ) == PSA_SUCCESS ); - TEST_ASSERT( exported_size == sizeof( slot ) ); - TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 ); + ASSERT_COMPARE( &slot, sizeof( slot ), exported, exported_size ); } exit: @@ -898,13 +894,13 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; size_t buffer_size = /* Slight overapproximations */ keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; - unsigned char *buffer = mbedtls_calloc( 1, buffer_size ); + unsigned char *buffer = NULL; unsigned char *p; int ret; size_t length; TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - TEST_ASSERT( buffer != NULL ); + ASSERT_ALLOC( buffer, buffer_size ); TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p, bits, keypair ) ) >= 0 ); @@ -950,13 +946,9 @@ void import_export( data_t *data, TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); export_size = (ptrdiff_t) data->len + export_size_delta; - exported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( export_size == 0 || exported != NULL ); + ASSERT_ALLOC( exported, export_size ); if( ! canonical_input ) - { - reexported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( export_size == 0 || reexported != NULL ); - } + ASSERT_ALLOC( reexported, export_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -998,10 +990,7 @@ void import_export( data_t *data, goto exit; if( canonical_input ) - { - TEST_ASSERT( exported_length == data->len ); - TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 ); - } + ASSERT_COMPARE( data->x, data->len, exported, exported_length ); else { TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS ); @@ -1013,9 +1002,8 @@ void import_export( data_t *data, reexported, export_size, &reexported_length ) == PSA_SUCCESS ); - TEST_ASSERT( reexported_length == exported_length ); - TEST_ASSERT( memcmp( reexported, exported, - exported_length ) == 0 ); + ASSERT_COMPARE( exported, exported_length, + reexported, reexported_length ); } destroy: @@ -1054,8 +1042,7 @@ void import_export_public_key( data_t *data, TEST_ASSERT( data != NULL ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) ); export_size = (ptrdiff_t) data->len; - exported = mbedtls_calloc( 1, export_size ); - TEST_ASSERT( exported != NULL ); + ASSERT_ALLOC( exported, export_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -1367,8 +1354,7 @@ void asymmetric_encryption_key_policy( int policy_usage, &key_bits ) == PSA_SUCCESS ); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, exercise_alg ); - buffer = mbedtls_calloc( 1, buffer_length ); - TEST_ASSERT( buffer != NULL ); + ASSERT_ALLOC( buffer, buffer_length ); status = psa_asymmetric_encrypt( key_slot, exercise_alg, NULL, 0, @@ -1381,7 +1367,8 @@ void asymmetric_encryption_key_policy( int policy_usage, else TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); - memset( buffer, 0, buffer_length ); + if( buffer_length != 0 ) + memset( buffer, 0, buffer_length ); status = psa_asymmetric_decrypt( key_slot, exercise_alg, buffer, buffer_length, NULL, 0, @@ -1588,9 +1575,8 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) TEST_ASSERT( psa_hash_finish( &operation, actual_hash, sizeof( actual_hash ), &actual_hash_length ) == PSA_SUCCESS ); - TEST_ASSERT( actual_hash_length == expected_hash->len ); - TEST_ASSERT( memcmp( expected_hash->x, actual_hash, - expected_hash->len ) == 0 ); + ASSERT_COMPARE( expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length ); exit: mbedtls_psa_crypto_free( ); @@ -1786,8 +1772,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, iv, iv_size ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, input->x, input->len, @@ -1804,9 +1789,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); } exit: @@ -1861,8 +1845,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, iv, sizeof( iv ) ) == PSA_SUCCESS ); output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, @@ -1882,9 +1865,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); exit: mbedtls_free( output ); @@ -1940,8 +1922,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); TEST_ASSERT( psa_cipher_update( &operation, @@ -1962,9 +1943,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, total_output_length += function_output_length; TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); exit: mbedtls_free( output ); @@ -2020,8 +2000,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, output_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_buffer_size ); TEST_ASSERT( psa_cipher_update( &operation, input->x, input->len, @@ -2038,9 +2017,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS ); - TEST_ASSERT( total_output_length == expected_output->len ); - TEST_ASSERT( memcmp( expected_output->x, output, - expected_output->len ) == 0 ); + ASSERT_COMPARE( expected_output->x, expected_output->len, + output, total_output_length ); } exit: @@ -2096,8 +2074,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, &iv_length ) == PSA_SUCCESS ); output1_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output1 = mbedtls_calloc( 1, output1_size ); - TEST_ASSERT( output1 != NULL ); + ASSERT_ALLOC( output1, output1_size ); TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len, output1, output1_size, @@ -2111,8 +2088,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_size = output1_length; - output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( output2 != NULL ); + ASSERT_ALLOC( output2, output2_size ); TEST_ASSERT( psa_cipher_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); @@ -2129,8 +2105,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg, TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); - TEST_ASSERT( input->len == output2_length ); - TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); + ASSERT_COMPARE( input->x, input->len, output2, output2_length ); exit: mbedtls_free( output1 ); @@ -2188,8 +2163,7 @@ void cipher_verify_output_multipart( int alg_arg, &iv_length ) == PSA_SUCCESS ); output1_buffer_size = (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); - output1 = mbedtls_calloc( 1, output1_buffer_size ); - TEST_ASSERT( output1 != NULL ); + ASSERT_ALLOC( output1, output1_buffer_size ); TEST_ASSERT( (unsigned int) first_part_size < input->len ); @@ -2214,8 +2188,7 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS ); output2_buffer_size = output1_length; - output2 = mbedtls_calloc( 1, output2_buffer_size ); - TEST_ASSERT( output2 != NULL ); + ASSERT_ALLOC( output2, output2_buffer_size ); TEST_ASSERT( psa_cipher_set_iv( &operation2, iv, iv_length ) == PSA_SUCCESS ); @@ -2240,8 +2213,7 @@ void cipher_verify_output_multipart( int alg_arg, TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS ); - TEST_ASSERT( input->len == output2_length ); - TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 ); + ASSERT_COMPARE( input->x, input->len, output2, output2_length ); exit: mbedtls_free( output1 ); @@ -2282,8 +2254,7 @@ void aead_encrypt_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) ); output_size = input_data->len + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); + ASSERT_ALLOC( output_data, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2306,8 +2277,7 @@ void aead_encrypt_decrypt( int key_type_arg, if( PSA_SUCCESS == expected_result ) { - output_data2 = mbedtls_calloc( 1, output_length ); - TEST_ASSERT( output_data2 != NULL ); + ASSERT_ALLOC( output_data2, output_length ); TEST_ASSERT( psa_aead_decrypt( slot, alg, nonce->x, nonce->len, @@ -2317,8 +2287,8 @@ void aead_encrypt_decrypt( int key_type_arg, output_data2, output_length, &output_length2 ) == expected_result ); - TEST_ASSERT( memcmp( input_data->x, output_data2, - input_data->len ) == 0 ); + ASSERT_COMPARE( input_data->x, input_data->len, + output_data2, output_length2 ); } exit: @@ -2356,8 +2326,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) ); output_size = input_data->len + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); + ASSERT_ALLOC( output_data, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2376,8 +2345,8 @@ void aead_encrypt( int key_type_arg, data_t * key_data, output_data, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( memcmp( output_data, expected_result->x, - output_length ) == 0 ); + ASSERT_COMPARE( expected_result->x, expected_result->len, + output_data, output_length ); exit: psa_destroy_key( slot ); @@ -2414,8 +2383,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); output_size = input_data->len + tag_length; - output_data = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_data != NULL ); + ASSERT_ALLOC( output_data, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2436,10 +2404,8 @@ void aead_decrypt( int key_type_arg, data_t * key_data, &output_length ) == expected_result ); if( expected_result == PSA_SUCCESS ) - { - TEST_ASSERT( memcmp( output_data, expected_data->x, - output_length ) == 0 ); - } + ASSERT_COMPARE( expected_data->x, expected_data->len, + output_data, output_length ); exit: psa_destroy_key( slot ); @@ -2503,8 +2469,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); + ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, @@ -2512,9 +2477,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data, signature, signature_size, &signature_length ) == PSA_SUCCESS ); /* Verify that the signature is what is expected. */ - TEST_ASSERT( signature_length == output_data->len ); - TEST_ASSERT( memcmp( signature, output_data->x, - output_data->len ) == 0 ); + ASSERT_COMPARE( output_data->x, output_data->len, + signature, signature_length ); exit: psa_destroy_key( slot ); @@ -2543,8 +2507,7 @@ void sign_fail( int key_type_arg, data_t *key_data, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) ); TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); + ASSERT_ALLOC( signature, signature_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2608,8 +2571,7 @@ void sign_verify( int key_type_arg, data_t *key_data, key_bits, alg ); TEST_ASSERT( signature_size != 0 ); TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE ); - signature = mbedtls_calloc( 1, signature_size ); - TEST_ASSERT( signature != NULL ); + ASSERT_ALLOC( signature, signature_size ); /* Perform the signature. */ TEST_ASSERT( psa_asymmetric_sign( slot, alg, @@ -2764,8 +2726,7 @@ void asymmetric_encrypt( int key_type_arg, NULL, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output_size == 0 || output != NULL ); + ASSERT_ALLOC( output, output_size ); /* Encrypt the input */ actual_status = psa_asymmetric_encrypt( slot, alg, @@ -2781,7 +2742,8 @@ void asymmetric_encrypt( int key_type_arg, if( label->len == 0 ) { output_length = ~0; - memset( output, 0, output_size ); + if( output_size != 0 ) + memset( output, 0, output_size ); actual_status = psa_asymmetric_encrypt( slot, alg, input_data->x, input_data->len, NULL, label->len, @@ -2840,11 +2802,9 @@ void asymmetric_encrypt_decrypt( int key_type_arg, NULL, &key_bits ) == PSA_SUCCESS ); output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_size ); output2_size = input_data->len; - output2 = mbedtls_calloc( 1, output2_size ); - TEST_ASSERT( output2 != NULL ); + ASSERT_ALLOC( output2, output2_size ); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random @@ -2863,9 +2823,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, label->x, label->len, output2, output2_size, &output2_length ) == PSA_SUCCESS ); - TEST_ASSERT( output2_length == input_data->len ); - TEST_ASSERT( memcmp( input_data->x, output2, - input_data->len ) == 0 ); + ASSERT_COMPARE( input_data->x, input_data->len, + output2, output2_length ); exit: psa_destroy_key( slot ); @@ -2899,8 +2858,7 @@ void asymmetric_decrypt( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) ); output_size = key_data->len; - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2918,23 +2876,24 @@ void asymmetric_decrypt( int key_type_arg, output, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( expected_data->len == output_length ); - TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); + ASSERT_COMPARE( expected_data->x, expected_data->len, + output, output_length ); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ if( label->len == 0 ) { output_length = ~0; - memset( output, 0, output_size ); + if( output_size != 0 ) + memset( output, 0, output_size ); TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, input_data->x, input_data->len, NULL, label->len, output, output_size, &output_length ) == PSA_SUCCESS ); - TEST_ASSERT( expected_data->len == output_length ); - TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 ); + ASSERT_COMPARE( expected_data->x, expected_data->len, + output, output_length ); } exit: @@ -2968,8 +2927,7 @@ void asymmetric_decrypt_fail( int key_type_arg, TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) ); output_size = key_data->len; - output = mbedtls_calloc( 1, output_size ); - TEST_ASSERT( output != NULL ); + ASSERT_ALLOC( output, output_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -2994,7 +2952,8 @@ void asymmetric_decrypt_fail( int key_type_arg, if( label->len == 0 ) { output_length = ~0; - memset( output, 0, output_size ); + if( output_size != 0 ) + memset( output, 0, output_size ); actual_status = psa_asymmetric_decrypt( slot, alg, input_data->x, input_data->len, NULL, label->len, @@ -3082,8 +3041,7 @@ void derive_output( int alg_arg, if( output_sizes[i] == 0 ) expected_outputs[i] = NULL; } - output_buffer = mbedtls_calloc( 1, output_buffer_size ); - TEST_ASSERT( output_buffer != NULL ); + ASSERT_ALLOC( output_buffer, output_buffer_size ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -3292,13 +3250,13 @@ void derive_key_export( int alg_arg, size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT; - uint8_t *output_buffer = mbedtls_calloc( 1, capacity ); - uint8_t *export_buffer = mbedtls_calloc( 1, capacity ); + uint8_t *output_buffer = NULL; + uint8_t *export_buffer = NULL; psa_key_policy_t policy; size_t length; - TEST_ASSERT( output_buffer != NULL ); - TEST_ASSERT( export_buffer != NULL ); + ASSERT_ALLOC( output_buffer, capacity ); + ASSERT_ALLOC( export_buffer, capacity ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); psa_key_policy_init( &policy ); @@ -3362,13 +3320,13 @@ void generate_random( int bytes_arg ) { size_t bytes = bytes_arg; const unsigned char trail[] = "don't overwrite me"; - unsigned char *output = mbedtls_calloc( 1, bytes + sizeof( trail ) ); - unsigned char *changed = mbedtls_calloc( 1, bytes ); + unsigned char *output = NULL; + unsigned char *changed = NULL; size_t i; unsigned run; - TEST_ASSERT( output != NULL ); - TEST_ASSERT( bytes == 0 || changed != NULL ); + ASSERT_ALLOC( output, bytes + sizeof( trail ) ); + ASSERT_ALLOC( changed, bytes ); memcpy( output + bytes, trail, sizeof( trail ) ); TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); @@ -3378,7 +3336,8 @@ void generate_random( int bytes_arg ) * (2^(-8*number_of_runs)). */ for( run = 0; run < 10; run++ ) { - memset( output, 0, bytes ); + if( bytes != 0 ) + memset( output, 0, bytes ); TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS ); /* Check that no more than bytes have been overwritten */