mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-29 21:33:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188

Browse Source 
Fix build of v3.6 (issues #9186 and #9188)
This commit is contained in:
Gilles Peskine 2024-08-12 09:34:17 +00:00 committed by GitHub
commit 0858fdca38
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
64 changed files with 428 additions and 394 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CMakeLists.txt
View File

@ -204,7 +204,7 @@ if(CMAKE_COMPILER_IS_GNU)
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
OUTPUT_VARIABLE GCC_VERSION)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes")
if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat=2 -Wno-format-nonliteral")
endif()
@ -238,7 +238,7 @@ if(CMAKE_COMPILER_IS_GNU)
endif(CMAKE_COMPILER_IS_GNU)
if(CMAKE_COMPILER_IS_CLANG)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral")
set(CMAKE_C_FLAGS_RELEASE "-O2")
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")

3
ChangeLog.d/fix-clang-psa-build-without-dhm.txt Normal file
View File

@ -0,0 +1,3 @@
Bugfix
* Fix Clang compilation error when MBEDTLS_USE_PSA_CRYPTO is enabled
but MBEDTLS_DHM_C is disabled. Reported by Michael Schuster in #9188.

3
ChangeLog.d/fix-server-mode-only-build.txt Normal file
View File

@ -0,0 +1,3 @@
Bugfix
* Fix server mode only build when MBEDTLS_SSL_SRV_C is enabled but
MBEDTLS_SSL_CLI_C is disabled. Reported by M-Bab on GitHub in #9186.

2
framework

@ -1 +1 @@
Subproject commit 331565b041f794df2da76394b3b0039abce30355
Subproject commit 6a1dc7daa9e861fb873dd4b9f13ebfbd6f82f6dc

4
library/CMakeLists.txt
View File

@ -201,11 +201,11 @@ else()
endif()
if(CMAKE_COMPILER_IS_GNUCC)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations")
endif(CMAKE_COMPILER_IS_GNUCC)
if(CMAKE_COMPILER_IS_CLANG)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
endif(CMAKE_COMPILER_IS_CLANG)
if(CMAKE_COMPILER_IS_MSVC)

2
library/ssl_misc.h
View File

@ -1507,7 +1507,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_SSL_CLI_C)
#if defined(MBEDTLS_SSL_CLI_C) || defined(MBEDTLS_SSL_SRV_C)
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_conf_has_static_psk(mbedtls_ssl_config const *conf);
#endif

2
library/ssl_tls12_server.c
View File

@ -3921,7 +3921,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t destruction_status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t ecpoint_len;
size_t ecpoint_len;
mbedtls_ssl_handshake_params *handshake = ssl->handshake;

2
programs/cipher/cipher_aead_demo.c
View File

@ -79,7 +79,7 @@ const unsigned char msg2_part2[] = { 0x15, 0x16, 0x17 };
const unsigned char key_bytes[32] = { 0x2a };
/* Print the contents of a buffer in hex */
void print_buf(const char *title, unsigned char *buf, size_t len)
static void print_buf(const char *title, unsigned char *buf, size_t len)
{
printf("%s:", title);
for (size_t i = 0; i < len; i++) {

3
programs/fuzz/common.h
View File

@ -23,3 +23,6 @@ int dummy_random(void *p_rng, unsigned char *output, size_t output_len);
int dummy_entropy(void *data, unsigned char *output, size_t len);
int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout);
/* Implemented in the fuzz_*.c sources and required by onefile.c */
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);

1
programs/fuzz/fuzz_pkcs7.c
View File

@ -1,5 +1,6 @@
#include <stdint.h>
#include "mbedtls/pkcs7.h"
#include "common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

1
programs/fuzz/fuzz_pubkey.c
View File

@ -1,6 +1,7 @@
#include <stdint.h>
#include <stdlib.h>
#include "mbedtls/pk.h"
#include "common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

1
programs/fuzz/fuzz_x509crl.c
View File

@ -1,5 +1,6 @@
#include <stdint.h>
#include "mbedtls/x509_crl.h"
#include "common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

1
programs/fuzz/fuzz_x509crt.c
View File

@ -1,5 +1,6 @@
#include <stdint.h>
#include "mbedtls/x509_crt.h"
#include "common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

1
programs/fuzz/fuzz_x509csr.c
View File

@ -1,5 +1,6 @@
#include <stdint.h>
#include "mbedtls/x509_csr.h"
#include "common.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
{

3
programs/fuzz/onefile.c
View File

@ -1,14 +1,13 @@
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
#include "common.h"
/* This file doesn't use any Mbed TLS function, but grab mbedtls_config.h anyway
* in case it contains platform-specific #defines related to malloc or
* stdio functions. */
#include "mbedtls/build_info.h"
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
int main(int argc, char **argv)
{
FILE *fp;

4
programs/hash/md_hmac_demo.c
View File

@ -57,7 +57,7 @@ const unsigned char msg2_part2[] = { 0x06, 0x06 };
const unsigned char key_bytes[32] = { 0 };
/* Print the contents of a buffer in hex */
void print_buf(const char *title, unsigned char *buf, size_t len)
static void print_buf(const char *title, unsigned char *buf, size_t len)
{
printf("%s:", title);
for (size_t i = 0; i < len; i++) {
@ -87,7 +87,7 @@ void print_buf(const char *title, unsigned char *buf, size_t len)
* This function demonstrates computation of the HMAC of two messages using
* the multipart API.
*/
int hmac_demo(void)
static int hmac_demo(void)
{
int ret;
const mbedtls_md_type_t alg = MBEDTLS_MD_SHA256;

4
programs/pkey/gen_key.c
View File

@ -39,8 +39,8 @@ int main(void)
#define DEV_RANDOM_THRESHOLD 32
int dev_random_entropy_poll(void *data, unsigned char *output,
size_t len, size_t *olen)
static int dev_random_entropy_poll(void *data, unsigned char *output,
size_t len, size_t *olen)
{
FILE *file;
size_t ret, left = len;

2
programs/psa/aead_demo.c
View File

@ -82,7 +82,7 @@ const unsigned char msg2_part2[] = { 0x15, 0x16, 0x17 };
const unsigned char key_bytes[32] = { 0x2a };
/* Print the contents of a buffer in hex */
void print_buf(const char *title, uint8_t *buf, size_t len)
static void print_buf(const char *title, uint8_t *buf, size_t len)
{
printf("%s:", title);
for (size_t i = 0; i < len; i++) {

4
programs/psa/hmac_demo.c
View File

@ -59,7 +59,7 @@ const unsigned char msg2_part2[] = { 0x06, 0x06 };
const unsigned char key_bytes[32] = { 0 };
/* Print the contents of a buffer in hex */
void print_buf(const char *title, uint8_t *buf, size_t len)
static void print_buf(const char *title, uint8_t *buf, size_t len)
{
printf("%s:", title);
for (size_t i = 0; i < len; i++) {
@ -90,7 +90,7 @@ void print_buf(const char *title, uint8_t *buf, size_t len)
* This function demonstrates computation of the HMAC of two messages using
* the multipart API.
*/
psa_status_t hmac_demo(void)
static psa_status_t hmac_demo(void)
{
psa_status_t status;
const psa_algorithm_t alg = PSA_ALG_HMAC(PSA_ALG_SHA_256);

4
programs/psa/psa_constant_names.c
View File

@ -192,7 +192,7 @@ typedef enum {
TYPE_STATUS,
} signed_value_type;
int process_signed(signed_value_type type, long min, long max, char **argp)
static int process_signed(signed_value_type type, long min, long max, char **argp)
{
for (; *argp != NULL; argp++) {
char buffer[200];
@ -231,7 +231,7 @@ typedef enum {
TYPE_KEY_USAGE,
} unsigned_value_type;
int process_unsigned(unsigned_value_type type, unsigned long max, char **argp)
static int process_unsigned(unsigned_value_type type, unsigned long max, char **argp)
{
for (; *argp != NULL; argp++) {
char buffer[200];

4
programs/ssl/ssl_client2.c
View File

@ -597,8 +597,8 @@ static int my_verify(void *data, mbedtls_x509_crt *crt,
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
static int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
{
int ret;
unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];

36
programs/ssl/ssl_context_info.c
View File

@ -111,12 +111,12 @@ const char buf_ln_err[] = "Buffer does not have enough data to complete the pars
/*
* Basic printing functions
*/
void print_version(void)
static void print_version(void)
{
printf("%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR);
}
void print_usage(void)
static void print_usage(void)
{
print_version();
printf("\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n"
@ -138,7 +138,7 @@ void print_usage(void)
);
}
void printf_dbg(const char *str, ...)
static void printf_dbg(const char *str, ...)
{
if (debug) {
va_list args;
@ -151,7 +151,7 @@ void printf_dbg(const char *str, ...)
}
MBEDTLS_PRINTF_ATTRIBUTE(1, 2)
void printf_err(const char *str, ...)
static void printf_err(const char *str, ...)
{
va_list args;
va_start(args, str);
@ -165,7 +165,7 @@ void printf_err(const char *str, ...)
/*
* Exit from the program in case of error
*/
void error_exit(void)
static void error_exit(void)
{
if (NULL != b64_file) {
fclose(b64_file);
@ -176,7 +176,7 @@ void error_exit(void)
/*
* This function takes the input arguments of this program
*/
void parse_arguments(int argc, char *argv[])
static void parse_arguments(int argc, char *argv[])
{
int i = 1;
@ -223,7 +223,7 @@ void parse_arguments(int argc, char *argv[])
/*
* This function prints base64 code to the stdout
*/
void print_b64(const uint8_t *b, size_t len)
static void print_b64(const uint8_t *b, size_t len)
{
size_t i = 0;
const uint8_t *end = b + len;
@ -247,8 +247,8 @@ void print_b64(const uint8_t *b, size_t len)
* /p in_line number of bytes in one line
* /p prefix prefix for the new lines
*/
void print_hex(const uint8_t *b, size_t len,
const size_t in_line, const char *prefix)
static void print_hex(const uint8_t *b, size_t len,
const size_t in_line, const char *prefix)
{
size_t i = 0;
const uint8_t *end = b + len;
@ -271,7 +271,7 @@ void print_hex(const uint8_t *b, size_t len,
/*
* Print the value of time_t in format e.g. 2020-01-23 13:05:59
*/
void print_time(const uint64_t *time)
static void print_time(const uint64_t *time)
{
#if defined(MBEDTLS_HAVE_TIME)
char buf[20];
@ -292,7 +292,7 @@ void print_time(const uint64_t *time)
/*
* Print the input string if the bit is set in the value
*/
void print_if_bit(const char *str, int bit, int val)
static void print_if_bit(const char *str, int bit, int val)
{
if (bit & val) {
printf("\t%s\n", str);
@ -302,7 +302,7 @@ void print_if_bit(const char *str, int bit, int val)
/*
* Return pointer to hardcoded "enabled" or "disabled" depending on the input value
*/
const char *get_enabled_str(int is_en)
static const char *get_enabled_str(int is_en)
{
return (is_en) ? "enabled" : "disabled";
}
@ -310,7 +310,7 @@ const char *get_enabled_str(int is_en)
/*
* Return pointer to hardcoded MFL string value depending on the MFL code at the input
*/
const char *get_mfl_str(int mfl_code)
static const char *get_mfl_str(int mfl_code)
{
switch (mfl_code) {
case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
@ -343,7 +343,7 @@ const char *get_mfl_str(int mfl_code)
* \retval number of bytes written in to the b64 buffer or 0 in case no more
* data was found
*/
size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
static size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
{
int valid_balance = 0; /* balance between valid and invalid characters */
size_t len = 0;
@ -443,7 +443,7 @@ size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
* /p ssl pointer to serialized certificate
* /p len number of bytes in the buffer
*/
void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
static void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
{
enum { STRLEN = 4096 };
mbedtls_x509_crt crt;
@ -509,8 +509,8 @@ void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
* /p len number of bytes in the buffer
* /p session_cfg_flag session configuration flags
*/
void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
int session_cfg_flag)
static void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
int session_cfg_flag)
{
const struct mbedtls_ssl_ciphersuite_t *ciphersuite_info;
int ciphersuite_id;
@ -746,7 +746,7 @@ void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
* /p ssl pointer to serialized session
* /p len number of bytes in the buffer
*/
void print_deserialized_ssl_context(const uint8_t *ssl, size_t len)
static void print_deserialized_ssl_context(const uint8_t *ssl, size_t len)
{
const uint8_t *end = ssl + len;
uint32_t session_len;

51
programs/ssl/ssl_server2.c
View File

@ -756,7 +756,7 @@ struct _sni_entry {
sni_entry *next;
};
void sni_free(sni_entry *head)
static void sni_free(sni_entry *head)
{
sni_entry *cur = head, *next;
@ -786,7 +786,7 @@ void sni_free(sni_entry *head)
*
* Modifies the input string! This is not production quality!
*/
sni_entry *sni_parse(char *sni_string)
static sni_entry *sni_parse(char *sni_string)
{
sni_entry *cur = NULL, *new = NULL;
char *p = sni_string;
@ -878,8 +878,8 @@ error:
/*
* SNI callback.
*/
int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
static int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
{
const sni_entry *cur = (const sni_entry *) p_info;
@ -909,7 +909,7 @@ int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
/*
* server certificate selection callback.
*/
int cert_callback(mbedtls_ssl_context *ssl)
static int cert_callback(mbedtls_ssl_context *ssl)
{
const sni_entry *cur = (sni_entry *) mbedtls_ssl_get_user_data_p(ssl);
if (cur != NULL) {
@ -954,7 +954,7 @@ struct _psk_entry {
/*
* Free a list of psk_entry's
*/
int psk_free(psk_entry *head)
static int psk_free(psk_entry *head)
{
psk_entry *next;
@ -985,7 +985,7 @@ int psk_free(psk_entry *head)
*
* Modifies the input string! This is not production quality!
*/
psk_entry *psk_parse(char *psk_string)
static psk_entry *psk_parse(char *psk_string)
{
psk_entry *cur = NULL, *new = NULL;
char *p = psk_string;
@ -1027,8 +1027,8 @@ error:
/*
* PSK callback
*/
int psk_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
static int psk_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
{
psk_entry *cur = (psk_entry *) p_info;
@ -1055,7 +1055,7 @@ static mbedtls_net_context listen_fd, client_fd;
/* Interruption handler to ensure clean exit (for valgrind testing) */
#if !defined(_WIN32)
static int received_sigterm = 0;
void term_handler(int sig)
static void term_handler(int sig)
{
((void) sig);
received_sigterm = 1;
@ -1105,11 +1105,11 @@ typedef struct {
void *p_rng;
} ssl_async_key_context_t;
int ssl_async_set_key(ssl_async_key_context_t *ctx,
mbedtls_x509_crt *cert,
mbedtls_pk_context *pk,
int pk_take_ownership,
unsigned delay)
static int ssl_async_set_key(ssl_async_key_context_t *ctx,
mbedtls_x509_crt *cert,
mbedtls_pk_context *pk,
int pk_take_ownership,
unsigned delay)
{
if (ctx->slots_used >= sizeof(ctx->slots) / sizeof(*ctx->slots)) {
return -1;
@ -1332,8 +1332,8 @@ static psa_status_t psa_setup_psk_key_slot(mbedtls_svc_key_id_t *slot,
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
static int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
{
int ret;
unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
@ -1376,16 +1376,17 @@ int report_cid_usage(mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_HAVE_TIME)
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) && \
defined(MBEDTLS_HAVE_TIME)
static inline void put_unaligned_uint32(void *p, uint32_t x)
{
memcpy(p, &x, sizeof(x));
}
/* Functions for session ticket tests */
int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session,
unsigned char *start, const unsigned char *end,
size_t *tlen, uint32_t *ticket_lifetime)
static int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session,
unsigned char *start, const unsigned char *end,
size_t *tlen, uint32_t *ticket_lifetime)
{
int ret;
unsigned char *p = start;
@ -1410,8 +1411,8 @@ int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session,
return 0;
}
int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
unsigned char *buf, size_t len)
static int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
unsigned char *buf, size_t len)
{
int ret;
((void) p_ticket);
@ -1467,9 +1468,9 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
return ret;
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_HAVE_TIME */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C && MBEDTLS_HAVE_TIME */
int parse_cipher(char *buf)
static int parse_cipher(char *buf)
{
if (strcmp(buf, "AES-128-CCM")) {
return MBEDTLS_CIPHER_AES_128_CCM;

62
programs/ssl/ssl_test_common_source.c
View File

@ -12,13 +12,13 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
void eap_tls_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
static void eap_tls_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
{
eap_tls_keys *keys = (eap_tls_keys *) p_expkey;
@ -36,13 +36,13 @@ void eap_tls_key_derivation(void *p_expkey,
keys->tls_prf_type = tls_prf_type;
}
void nss_keylog_export(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
static void nss_keylog_export(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
{
char nss_keylog_line[200];
size_t const client_random_len = 32;
@ -106,13 +106,13 @@ exit:
}
#if defined(MBEDTLS_SSL_DTLS_SRTP)
void dtls_srtp_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
static void dtls_srtp_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
{
dtls_srtp_keys *keys = (dtls_srtp_keys *) p_expkey;
@ -131,8 +131,8 @@ void dtls_srtp_key_derivation(void *p_expkey,
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
int ssl_check_record(mbedtls_ssl_context const *ssl,
unsigned char const *buf, size_t len)
static int ssl_check_record(mbedtls_ssl_context const *ssl,
unsigned char const *buf, size_t len)
{
int my_ret = 0, ret_cr1, ret_cr2;
unsigned char *tmp_buf;
@ -195,7 +195,7 @@ cleanup:
return my_ret;
}
int recv_cb(void *ctx, unsigned char *buf, size_t len)
static int recv_cb(void *ctx, unsigned char *buf, size_t len)
{
io_ctx_t *io_ctx = (io_ctx_t *) ctx;
size_t recv_len;
@ -223,8 +223,8 @@ int recv_cb(void *ctx, unsigned char *buf, size_t len)
return (int) recv_len;
}
int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout)
static int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout)
{
io_ctx_t *io_ctx = (io_ctx_t *) ctx;
int ret;
@ -248,7 +248,7 @@ int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
return (int) recv_len;
}
int send_cb(void *ctx, unsigned char const *buf, size_t len)
static int send_cb(void *ctx, unsigned char const *buf, size_t len)
{
io_ctx_t *io_ctx = (io_ctx_t *) ctx;
@ -319,8 +319,8 @@ uint16_t ssl_sig_algs_for_test[] = {
/** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function
* for more info.
*/
int x509_crt_verify_info(char *buf, size_t size, const char *prefix,
uint32_t flags)
static int x509_crt_verify_info(char *buf, size_t size, const char *prefix,
uint32_t flags)
{
#if !defined(MBEDTLS_X509_REMOVE_INFO)
return mbedtls_x509_crt_verify_info(buf, size, prefix, flags);
@ -352,7 +352,8 @@ int x509_crt_verify_info(char *buf, size_t size, const char *prefix,
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_print_supported_sig_algs(void)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static void mbedtls_print_supported_sig_algs(void)
{
mbedtls_printf("supported signature algorithms:\n");
mbedtls_printf("\trsa_pkcs1_sha256 ");
@ -373,3 +374,4 @@ void mbedtls_print_supported_sig_algs(void)
mbedtls_printf("ecdsa_sha1\n");
mbedtls_printf("\n");
}
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */

36
programs/test/metatest.c
View File

@ -76,13 +76,13 @@ void(*volatile do_nothing_with_object_but_the_compiler_does_not_know)(void *) =
/* Test framework features */
/****************************************************************/
void meta_test_fail(const char *name)
static void meta_test_fail(const char *name)
{
(void) name;
mbedtls_test_fail("Forced test failure", __LINE__, __FILE__);
}
void meta_test_not_equal(const char *name)
static void meta_test_not_equal(const char *name)
{
int left = 20;
int right = 10;
@ -94,7 +94,7 @@ exit:
;
}
void meta_test_not_le_s(const char *name)
static void meta_test_not_le_s(const char *name)
{
int left = 20;
int right = 10;
@ -106,7 +106,7 @@ exit:
;
}
void meta_test_not_le_u(const char *name)
static void meta_test_not_le_u(const char *name)
{
size_t left = 20;
size_t right = 10;
@ -122,16 +122,16 @@ exit:
/* Platform features */
/****************************************************************/
void null_pointer_dereference(const char *name)
static void null_pointer_dereference(const char *name)
{
(void) name;
volatile char *volatile p;
set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p));
/* Undefined behavior (read from null data pointer) */
mbedtls_printf("%p -> %u\n", p, (unsigned) *p);
mbedtls_printf("%p -> %u\n", (void *) p, (unsigned) *p);
}
void null_pointer_call(const char *name)
static void null_pointer_call(const char *name)
{
(void) name;
unsigned(*volatile p)(void);
@ -148,7 +148,7 @@ void null_pointer_call(const char *name)
/* Memory */
/****************************************************************/
void read_after_free(const char *name)
static void read_after_free(const char *name)
{
(void) name;
volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
@ -158,7 +158,7 @@ void read_after_free(const char *name)
mbedtls_printf("%u\n", (unsigned) *p);
}
void double_free(const char *name)
static void double_free(const char *name)
{
(void) name;
volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
@ -168,7 +168,7 @@ void double_free(const char *name)
free_but_the_compiler_does_not_know((void *) p);
}
void read_uninitialized_stack(const char *name)
static void read_uninitialized_stack(const char *name)
{
(void) name;
char buf[1];
@ -182,7 +182,7 @@ void read_uninitialized_stack(const char *name)
}
}
void memory_leak(const char *name)
static void memory_leak(const char *name)
{
(void) name;
volatile char *p = calloc_but_the_compiler_does_not_know(1, 1);
@ -196,7 +196,7 @@ void memory_leak(const char *name)
* %(start), %(offset) and %(count) are decimal integers.
* %(direction) is either the character 'r' for read or 'w' for write.
*/
void test_memory_poison(const char *name)
static void test_memory_poison(const char *name)
{
size_t start = 0, offset = 0, count = 0;
char direction = 'r';
@ -254,7 +254,7 @@ void test_memory_poison(const char *name)
/* Threading */
/****************************************************************/
void mutex_lock_not_initialized(const char *name)
static void mutex_lock_not_initialized(const char *name)
{
(void) name;
#if defined(MBEDTLS_THREADING_C)
@ -270,7 +270,7 @@ exit:
#endif
}
void mutex_unlock_not_initialized(const char *name)
static void mutex_unlock_not_initialized(const char *name)
{
(void) name;
#if defined(MBEDTLS_THREADING_C)
@ -286,7 +286,7 @@ exit:
#endif
}
void mutex_free_not_initialized(const char *name)
static void mutex_free_not_initialized(const char *name)
{
(void) name;
#if defined(MBEDTLS_THREADING_C)
@ -300,7 +300,7 @@ void mutex_free_not_initialized(const char *name)
#endif
}
void mutex_double_init(const char *name)
static void mutex_double_init(const char *name)
{
(void) name;
#if defined(MBEDTLS_THREADING_C)
@ -315,7 +315,7 @@ void mutex_double_init(const char *name)
#endif
}
void mutex_double_free(const char *name)
static void mutex_double_free(const char *name)
{
(void) name;
#if defined(MBEDTLS_THREADING_C)
@ -330,7 +330,7 @@ void mutex_double_free(const char *name)
#endif
}
void mutex_leak(const char *name)
static void mutex_leak(const char *name)
{
(void) name;
#if defined(MBEDTLS_THREADING_C)

4
programs/test/selftest.c
View File

@ -241,7 +241,7 @@ static void create_entropy_seed_file(void)
}
#endif
int mbedtls_entropy_self_test_wrapper(int verbose)
static int mbedtls_entropy_self_test_wrapper(int verbose)
{
#if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
create_entropy_seed_file();
@ -252,7 +252,7 @@ int mbedtls_entropy_self_test_wrapper(int verbose)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
int mbedtls_memory_buffer_alloc_free_and_self_test(int verbose)
static int mbedtls_memory_buffer_alloc_free_and_self_test(int verbose)
{
if (verbose != 0) {
#if defined(MBEDTLS_MEMORY_DEBUG)

16
programs/test/udp_proxy.c
View File

@ -483,7 +483,7 @@ typedef struct {
} packet;
/* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */
void print_packet(const packet *p, const char *why)
static void print_packet(const packet *p, const char *why)
{
#if defined(MBEDTLS_TIMING_C)
if (why == NULL) {
@ -527,7 +527,7 @@ typedef enum {
static inject_clihlo_state_t inject_clihlo_state;
static packet initial_clihlo;
int send_packet(const packet *p, const char *why)
static int send_packet(const packet *p, const char *why)
{
int ret;
mbedtls_net_context *dst = p->dst;
@ -616,13 +616,13 @@ int send_packet(const packet *p, const char *why)
static size_t prev_len;
static packet prev[MAX_DELAYED_MSG];
void clear_pending(void)
static void clear_pending(void)
{
memset(&prev, 0, sizeof(prev));
prev_len = 0;
}
void delay_packet(packet *delay)
static void delay_packet(packet *delay)
{
if (prev_len == MAX_DELAYED_MSG) {
return;
@ -631,7 +631,7 @@ void delay_packet(packet *delay)
memcpy(&prev[prev_len++], delay, sizeof(packet));
}
int send_delayed(void)
static int send_delayed(void)
{
uint8_t offset;
int ret;
@ -663,9 +663,9 @@ int send_delayed(void)
static unsigned char held[2048] = { 0 };
#define HOLD_MAX 2
int handle_message(const char *way,
mbedtls_net_context *dst,
mbedtls_net_context *src)
static int handle_message(const char *way,
mbedtls_net_context *dst,
mbedtls_net_context *src)
{
int ret;
packet cur;

2
programs/test/zeroize.c
View File

@ -23,7 +23,7 @@
#define BUFFER_LEN 1024
void usage(void)
static void usage(void)
{
mbedtls_printf("Zeroize is a simple program to assist with testing\n");
mbedtls_printf("the mbedtls_platform_zeroize() function by using the\n");

4
programs/util/pem2der.c
View File

@ -45,8 +45,8 @@ struct options {
const char *output_file; /* where to store the output */
} opt;
int convert_pem_to_der(const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen)
static int convert_pem_to_der(const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen)
{
int ret;
const unsigned char *s1, *s2, *end = input + ilen;

26
programs/x509/cert_req.c
View File

@ -94,22 +94,22 @@ int main(void)
* global options
*/
struct options {
const char *filename; /* filename of the key file */
const char *password; /* password for the key file */
int debug_level; /* level of debugging */
const char *filename; /* filename of the key file */
const char *password; /* password for the key file */
int debug_level; /* level of debugging */
const char *output_file; /* where to store the constructed key file */
const char *subject_name; /* subject name for certificate request */
mbedtls_x509_san_list *san_list; /* subjectAltName for certificate request */
unsigned char key_usage; /* key usage flags */
int force_key_usage; /* Force adding the KeyUsage extension */
unsigned char ns_cert_type; /* NS cert type */
int force_ns_cert_type; /* Force adding NsCertType extension */
mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */
const char *subject_name; /* subject name for certificate request */
mbedtls_x509_san_list *san_list; /* subjectAltName for certificate request */
unsigned char key_usage; /* key usage flags */
int force_key_usage; /* Force adding the KeyUsage extension */
unsigned char ns_cert_type; /* NS cert type */
int force_ns_cert_type; /* Force adding NsCertType extension */
mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */
} opt;
int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
static int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
{
int ret;
FILE *f;

10
programs/x509/cert_write.c
View File

@ -204,9 +204,9 @@ struct options {
int format; /* format */
} opt;
int write_certificate(mbedtls_x509write_cert *crt, const char *output_file,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
static int write_certificate(mbedtls_x509write_cert *crt, const char *output_file,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng)
{
int ret;
FILE *f;
@ -249,8 +249,8 @@ int write_certificate(mbedtls_x509write_cert *crt, const char *output_file,
return 0;
}
int parse_serial_decimal_format(unsigned char *obuf, size_t obufmax,
const char *ibuf, size_t *len)
static int parse_serial_decimal_format(unsigned char *obuf, size_t obufmax,
const char *ibuf, size_t *len)
{
unsigned long long int dec;
unsigned int remaining_bytes = sizeof(dec);

2
programs/x509/load_roots.c
View File

@ -48,7 +48,7 @@ struct options {
} opt;
int read_certificates(const char *const *filenames)
static int read_certificates(const char *const *filenames)
{
mbedtls_x509_crt cas;
int ret = 0;

4
tests/scripts/components-configuration-tls.sh
View File

@ -244,14 +244,14 @@ component_build_no_ssl_srv () {
msg "build: full config except SSL server, make, gcc" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_SSL_SRV_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -Wmissing-prototypes'
}
component_build_no_ssl_cli () {
msg "build: full config except SSL client, make, gcc" # ~ 30s
scripts/config.py full
scripts/config.py unset MBEDTLS_SSL_CLI_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1'
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -Wmissing-prototypes'
}
component_test_no_max_fragment_length () {

2
tests/src/asn1_helpers.c
View File

@ -15,6 +15,8 @@
#include <mbedtls/asn1.h>
#include <test/asn1_helpers.h>
int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end,
size_t min_bits, size_t max_bits,
int must_be_odd)

4
tests/src/drivers/platform_builtin_keys.c
View File

@ -10,6 +10,8 @@
#include <test/helpers.h>
#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
#include <psa/crypto.h>
#include <psa/crypto_extra.h>
@ -76,3 +78,5 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
return PSA_ERROR_DOES_NOT_EXIST;
}
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */

3
tests/src/psa_memory_poisoning_wrappers.c
View File

@ -4,7 +4,8 @@
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include "test/memory.h"
#include <test/memory.h>
#include <test/psa_memory_poisoning_wrappers.h>
#include "psa_crypto_invasive.h"

16
tests/src/test_helpers/ssl_helpers.c
View File

@ -950,10 +950,10 @@ int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
/*
* Write application data. Increase write counter if necessary.
*/
int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl,
unsigned char *buf, int buf_len,
int *written,
const int expected_fragments)
static int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl,
unsigned char *buf, int buf_len,
int *written,
const int expected_fragments)
{
int ret;
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is
@ -997,10 +997,10 @@ exit:
* Read application data and increase read counter and fragments counter
* if necessary.
*/
int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl,
unsigned char *buf, int buf_len,
int *read, int *fragments,
const int expected_fragments)
static int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl,
unsigned char *buf, int buf_len,
int *read, int *fragments,
const int expected_fragments)
{
int ret;
/* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is

2
tests/suites/test_suite_debug.function
View File

@ -9,7 +9,7 @@ struct buffer_data {
char *ptr;
};
void string_debug(void *data, int level, const char *file, int line, const char *str)
static void string_debug(void *data, int level, const char *file, int line, const char *str)
{
struct buffer_data *buffer = (struct buffer_data *) data;
char *p = buffer->ptr;

2
tests/suites/test_suite_pkcs7.function
View File

@ -17,7 +17,7 @@
* END_DEPENDENCIES
*/
/* BEGIN_SUITE_HELPERS */
int pkcs7_parse_buffer(unsigned char *pkcs7_buf, int buflen)
static int pkcs7_parse_buffer(unsigned char *pkcs7_buf, int buflen)
{
int res;
mbedtls_pkcs7 pkcs7;

16
tests/suites/test_suite_ssl.function
View File

@ -1623,11 +1623,11 @@ void ssl_tls13_derive_secret(int hash_alg,
unsigned char const *lbl = NULL;
size_t lbl_len;
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
if (label_idx == (int) tls13_label_ ## name) \
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
if (label_idx == (int) tls13_label_ ## name) \
{ \
lbl = mbedtls_ssl_tls13_labels.name; \
lbl_len = sizeof(mbedtls_ssl_tls13_labels.name); \
lbl_len = sizeof(mbedtls_ssl_tls13_labels.name); \
}
MBEDTLS_SSL_TLS1_3_LABEL_LIST
#undef MBEDTLS_SSL_TLS1_3_LABEL
@ -1667,7 +1667,7 @@ void ssl_tls13_derive_early_secrets(int hash_alg,
/* Double-check that we've passed sane parameters. */
psa_algorithm_t alg = (psa_algorithm_t) hash_alg;
size_t const hash_len = PSA_HASH_LENGTH(alg);
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
secret->len == hash_len &&
transcript->len == hash_len &&
traffic_expected->len == hash_len &&
@ -1701,7 +1701,7 @@ void ssl_tls13_derive_handshake_secrets(int hash_alg,
/* Double-check that we've passed sane parameters. */
psa_algorithm_t alg = (psa_algorithm_t) hash_alg;
size_t const hash_len = PSA_HASH_LENGTH(alg);
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
secret->len == hash_len &&
transcript->len == hash_len &&
client_expected->len == hash_len &&
@ -1736,7 +1736,7 @@ void ssl_tls13_derive_application_secrets(int hash_alg,
/* Double-check that we've passed sane parameters. */
psa_algorithm_t alg = (psa_algorithm_t) hash_alg;
size_t const hash_len = PSA_HASH_LENGTH(alg);
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
secret->len == hash_len &&
transcript->len == hash_len &&
client_expected->len == hash_len &&
@ -1772,7 +1772,7 @@ void ssl_tls13_derive_resumption_secrets(int hash_alg,
/* Double-check that we've passed sane parameters. */
psa_algorithm_t alg = (psa_algorithm_t) hash_alg;
size_t const hash_len = PSA_HASH_LENGTH(alg);
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
secret->len == hash_len &&
transcript->len == hash_len &&
resumption_expected->len == hash_len);
@ -1803,7 +1803,7 @@ void ssl_tls13_create_psk_binder(int hash_alg,
/* Double-check that we've passed sane parameters. */
psa_algorithm_t alg = (psa_algorithm_t) hash_alg;
size_t const hash_len = PSA_HASH_LENGTH(alg);
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
TEST_ASSERT(PSA_ALG_IS_HASH(alg) &&
transcript->len == hash_len &&
binder_expected->len == hash_len);

61
tests/suites/test_suite_x509parse.function
View File

@ -60,7 +60,10 @@ const mbedtls_x509_crt_profile profile_sha512 =
1024,
};
int verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_FS_IO)
static int verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
{
((void) data);
((void) crt);
@ -70,7 +73,7 @@ int verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32
return 0;
}
int verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
static int verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
{
((void) data);
((void) crt);
@ -80,8 +83,10 @@ int verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_
return 0;
}
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
int ca_callback_fail(void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates)
#if defined(MBEDTLS_X509_CRL_PARSE_C) && \
defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
static int ca_callback_fail(void *data, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidates)
{
((void) data);
((void) child);
@ -89,9 +94,9 @@ int ca_callback_fail(void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt
return -1;
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
int ca_callback(void *data, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidates)
static int ca_callback(void *data, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidates)
{
int ret = 0;
mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data;
@ -138,10 +143,9 @@ exit:
*candidates = first;
return ret;
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
#endif /* MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
int verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
static int verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
{
int *levels = (int *) data;
@ -158,7 +162,7 @@ int verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint3
}
/* strsep() not available on Windows */
char *mystrsep(char **stringp, const char *delim)
static char *mystrsep(char **stringp, const char *delim)
{
const char *p;
char *ret = *stringp;
@ -186,19 +190,18 @@ done:
return ret;
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
typedef struct {
char buf[512];
char *p;
} verify_print_context;
void verify_print_init(verify_print_context *ctx)
static void verify_print_init(verify_print_context *ctx)
{
memset(ctx, 0, sizeof(verify_print_context));
ctx->p = ctx->buf;
}
int verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
static int verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags)
{
int ret;
verify_print_context *ctx = (verify_print_context *) data;
@ -226,8 +229,8 @@ int verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint3
return 0;
}
int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
char **buf, size_t *size)
static int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
char **buf, size_t *size)
{
int ret;
size_t i;
@ -316,9 +319,10 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san,
return 0;
}
#endif /* MBEDTLS_FS_IO */
int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid,
int critical, const unsigned char *cp, const unsigned char *end)
static int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid,
int critical, const unsigned char *cp, const unsigned char *end)
{
(void) crt;
(void) critical;
@ -416,9 +420,14 @@ int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_X509_CSR_PARSE_C)
int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid,
int critical, const unsigned char *cp, const unsigned char *end)
#if defined(MBEDTLS_X509_CSR_PARSE_C) && \
!defined(MBEDTLS_X509_REMOVE_INFO)
static int parse_csr_ext_accept_cb(void *p_ctx,
mbedtls_x509_csr const *csr,
mbedtls_x509_buf const *oid,
int critical,
const unsigned char *cp,
const unsigned char *end)
{
(void) p_ctx;
(void) csr;
@ -430,8 +439,12 @@ int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x5
return 0;
}
int parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid,
int critical, const unsigned char *cp, const unsigned char *end)
static int parse_csr_ext_reject_cb(void *p_ctx,
mbedtls_x509_csr const *csr,
mbedtls_x509_buf const *oid,
int critical,
const unsigned char *cp,
const unsigned char *end)
{
(void) p_ctx;
(void) csr;
@ -443,7 +456,7 @@ int parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x5
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
}
#endif /* MBEDTLS_X509_CSR_PARSE_C */
#endif /* MBEDTLS_X509_CSR_PARSE_C && !MBEDTLS_X509_REMOVE_INFO */
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */

24
tests/suites/test_suite_x509write.function
View File

@ -10,27 +10,31 @@
#include "mbedtls/pk.h"
#include "mbedtls/psa_util.h"
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len)
#if defined(MBEDTLS_PEM_WRITE_C) && \
defined(MBEDTLS_X509_CRT_WRITE_C) && \
defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_MD_CAN_SHA1) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
static int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len)
{
return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL,
olen, input, output, output_max_len);
}
int mbedtls_rsa_sign_func(void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig)
static int mbedtls_rsa_sign_func(void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig)
{
return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng,
md_alg, hashlen, hash, sig);
}
size_t mbedtls_rsa_key_len_func(void *ctx)
static size_t mbedtls_rsa_key_len_func(void *ctx)
{
return ((const mbedtls_rsa_context *) ctx)->len;
}
#endif /* MBEDTLS_RSA_C */
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)

4
tf-psa-crypto/tests/suites/helpers.function
View File

@ -55,8 +55,8 @@
/* Indicates whether we expect mbedtls_entropy_init
* to initialize some strong entropy source. */
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
(!defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
(!defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
defined(ENTROPY_NV_SEED))
#define ENTROPY_HAVE_STRONG
#endif

8
tf-psa-crypto/tests/suites/host_test.function
View File

@ -8,7 +8,7 @@
*
* \return 0 if success else 1
*/
int verify_string(char **str)
static int verify_string(char **str)
{
if ((*str)[0] != '"' ||
(*str)[strlen(*str) - 1] != '"') {
@ -32,7 +32,7 @@ int verify_string(char **str)
*
* \return 0 if success else 1
*/
int verify_int(char *str, intmax_t *p_value)
static int verify_int(char *str, intmax_t *p_value)
{
char *end = NULL;
errno = 0;
@ -80,7 +80,7 @@ int verify_int(char *str, intmax_t *p_value)
*
* \return 0 if success else -1
*/
int get_line(FILE *f, char *buf, size_t len)
static int get_line(FILE *f, char *buf, size_t len)
{
char *ret;
int i = 0, str_len = 0, has_string = 0;
@ -485,7 +485,7 @@ static void try_chdir_if_supported(const char *argv0)
*
* \return Program exit status.
*/
int execute_tests(int argc, const char **argv)
static int execute_tests(int argc, const char **argv)
{
/* Local Configurations and options */
const char *default_filename = "DATA_FILE";

8
tf-psa-crypto/tests/suites/main_test.function
View File

@ -69,7 +69,7 @@ __MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE
*
* \return 0 if exp_id is found. 1 otherwise.
*/
int get_expression(int32_t exp_id, intmax_t *out_value)
static int get_expression(int32_t exp_id, intmax_t *out_value)
{
int ret = KEY_VALUE_MAPPING_FOUND;
@ -100,7 +100,7 @@ int get_expression(int32_t exp_id, intmax_t *out_value)
*
* \return DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED
*/
int dep_check(int dep_id)
static int dep_check(int dep_id)
{
int ret = DEPENDENCY_NOT_SUPPORTED;
@ -155,7 +155,7 @@ TestWrapper_t test_funcs[] =
* DISPATCH_TEST_FN_NOT_FOUND if not found
* DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
*/
int dispatch_test(size_t func_idx, void **params)
static int dispatch_test(size_t func_idx, void **params)
{
int ret = DISPATCH_TEST_SUCCESS;
TestWrapper_t fp = NULL;
@ -193,7 +193,7 @@ int dispatch_test(size_t func_idx, void **params)
* DISPATCH_TEST_FN_NOT_FOUND if not found
* DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
*/
int check_test(size_t func_idx)
static int check_test(size_t func_idx)
{
int ret = DISPATCH_TEST_SUCCESS;
TestWrapper_t fp = NULL;

2
tf-psa-crypto/tests/suites/test_suite_alignment.function
View File

@ -10,7 +10,7 @@
/*
* Convert a string of the form "abcd" (case-insensitive) to a uint64_t.
*/
int parse_hex_string(char *hex_string, uint64_t *result)
static int parse_hex_string(char *hex_string, uint64_t *result)
{
uint8_t raw[8] = { 0 };
size_t olen;

4
tf-psa-crypto/tests/suites/test_suite_asn1parse.function
View File

@ -122,8 +122,8 @@ exit:
return ERR_PARSE_INCONSISTENCY;
}
int get_len_step(const data_t *input, size_t buffer_size,
size_t actual_length)
static int get_len_step(const data_t *input, size_t buffer_size,
size_t actual_length)
{
unsigned char *buf = NULL;
unsigned char *p = NULL;

6
tf-psa-crypto/tests/suites/test_suite_asn1write.function
View File

@ -12,7 +12,7 @@ typedef struct {
size_t size;
} generic_write_data_t;
int generic_write_start_step(generic_write_data_t *data)
static int generic_write_start_step(generic_write_data_t *data)
{
mbedtls_test_set_step(data->size);
mbedtls_free(data->output);
@ -26,8 +26,8 @@ exit:
return 0;
}
int generic_write_finish_step(generic_write_data_t *data,
const data_t *expected, int ret)
static int generic_write_finish_step(generic_write_data_t *data,
const data_t *expected, int ret)
{
int ok = 0;

8
tf-psa-crypto/tests/suites/test_suite_bignum.function
View File

@ -32,6 +32,7 @@ static int sign_is_valid(const mbedtls_mpi *X)
return 1;
}
#if defined(MBEDTLS_GENPRIME)
typedef struct mbedtls_test_mpi_random {
data_t *data;
size_t pos;
@ -44,9 +45,9 @@ typedef struct mbedtls_test_mpi_random {
* test) are stored in the data member of the state structure. Each number is in
* the format that mbedtls_mpi_read_string understands and is chunk_len long.
*/
int mbedtls_test_mpi_miller_rabin_determinizer(void *state,
unsigned char *buf,
size_t len)
static int mbedtls_test_mpi_miller_rabin_determinizer(void *state,
unsigned char *buf,
size_t len)
{
mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random *) state;
@ -73,6 +74,7 @@ int mbedtls_test_mpi_miller_rabin_determinizer(void *state,
return 0;
}
#endif /* MBEDTLS_GENPRIME */
/* Random generator that is told how many bytes to return. */
static int f_rng_bytes_left(void *state, unsigned char *buf, size_t len)

2
tf-psa-crypto/tests/suites/test_suite_cipher.function
View File

@ -129,7 +129,7 @@ exit:
* return 1 if it is,
* 0 if it isn't.
*/
int buffer_is_all_zero(const uint8_t *buf, size_t size)
static int buffer_is_all_zero(const uint8_t *buf, size_t size)
{
for (size_t i = 0; i < size; i++) {
if (buf[i] != 0) {

6
tf-psa-crypto/tests/suites/test_suite_common.function
View File

@ -1,7 +1,11 @@
/* BEGIN_HEADER */
#include "common.h"
void fill_arrays(unsigned char *a, unsigned char *b, unsigned char *r1, unsigned char *r2, size_t n)
static void fill_arrays(unsigned char *a,
unsigned char *b,
unsigned char *r1,
unsigned char *r2,
size_t n)
{
for (size_t i = 0; i < n; i++) {
a[i] = (unsigned char) i * 3;

1
tf-psa-crypto/tests/suites/test_suite_ctr_drbg.function
View File

@ -96,6 +96,7 @@ exit:
}
static const int thread_random_reps = 10;
void *thread_random_function(void *ctx); /* only used conditionally in ctr_drbg_threads */
void *thread_random_function(void *ctx)
{
unsigned char out[16];

6
tf-psa-crypto/tests/suites/test_suite_dhm.function
View File

@ -1,9 +1,9 @@
/* BEGIN_HEADER */
#include "mbedtls/dhm.h"
int check_get_value(const mbedtls_dhm_context *ctx,
mbedtls_dhm_parameter param,
const mbedtls_mpi *expected)
static int check_get_value(const mbedtls_dhm_context *ctx,
mbedtls_dhm_parameter param,
const mbedtls_mpi *expected)
{
mbedtls_mpi actual;
int ok = 0;

13
tf-psa-crypto/tests/suites/test_suite_entropy.function
View File

@ -60,12 +60,14 @@ static void entropy_clear_sources(mbedtls_entropy_context *ctx)
}
#if defined(MBEDTLS_ENTROPY_NV_SEED)
#if defined(MBEDTLS_MD_LIGHT) && defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
/*
* NV seed read/write functions that use a buffer instead of a file
*/
static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE];
int buffer_nv_seed_read(unsigned char *buf, size_t buf_len)
static int buffer_nv_seed_read(unsigned char *buf, size_t buf_len)
{
if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) {
return -1;
@ -75,7 +77,7 @@ int buffer_nv_seed_read(unsigned char *buf, size_t buf_len)
return 0;
}
int buffer_nv_seed_write(unsigned char *buf, size_t buf_len)
static int buffer_nv_seed_write(unsigned char *buf, size_t buf_len)
{
if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) {
return -1;
@ -84,7 +86,9 @@ int buffer_nv_seed_write(unsigned char *buf, size_t buf_len)
memcpy(buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE);
return 0;
}
#endif /* MBEDTLS_MD_LIGHT && MBEDTLS_PLATFORM_NV_SEED_ALT */
#if defined(MBEDTLS_FS_IO)
/*
* NV seed read/write helpers that fill the base seedfile
*/
@ -111,7 +115,8 @@ static int write_nv_seed(unsigned char *buf, size_t buf_len)
return 0;
}
int read_nv_seed(unsigned char *buf, size_t buf_len)
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
static int read_nv_seed(unsigned char *buf, size_t buf_len)
{
FILE *f;
@ -133,6 +138,8 @@ int read_nv_seed(unsigned char *buf, size_t buf_len)
return 0;
}
#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ENTROPY_NV_SEED */
/* END_HEADER */

6
tf-psa-crypto/tests/suites/test_suite_lmots.function
View File

@ -2,8 +2,8 @@
#include "lmots.h"
#include "mbedtls/lms.h"
#if defined(MBEDTLS_TEST_HOOKS)
int check_lmots_private_key_for_leak(unsigned char *sig)
#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_LMS_PRIVATE)
static int check_lmots_private_key_for_leak(unsigned char *sig)
{
size_t idx;
@ -18,7 +18,7 @@ int check_lmots_private_key_for_leak(unsigned char *sig)
exit:
return -1;
}
#endif /* defined(MBEDTLS_TEST_HOOKS) */
#endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_LMS_PRIVATE */
/* END_HEADER */

38
tf-psa-crypto/tests/suites/test_suite_pk.function
View File

@ -221,9 +221,9 @@ exit:
}
#if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
psa_status_t pk_psa_import_key(const unsigned char *key_data, size_t key_len,
psa_key_type_t type, psa_key_usage_t usage,
psa_algorithm_t alg, mbedtls_svc_key_id_t *key)
static psa_status_t pk_psa_import_key(const unsigned char *key_data, size_t key_len,
psa_key_type_t type, psa_key_usage_t usage,
psa_algorithm_t alg, mbedtls_svc_key_id_t *key)
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status;
@ -320,11 +320,11 @@ exit:
* for volatile keys.
* \param[out] key Identifier of the "generated" (actually imported) PSA key.
*/
psa_status_t pk_psa_setup(psa_key_type_t type, size_t bits,
psa_key_usage_t usage, psa_algorithm_t alg,
psa_algorithm_t enrollment_alg,
mbedtls_svc_key_id_t persistent_key_id,
mbedtls_svc_key_id_t *key)
static psa_status_t pk_psa_setup(psa_key_type_t type, size_t bits,
psa_key_usage_t usage, psa_algorithm_t alg,
psa_algorithm_t enrollment_alg,
mbedtls_svc_key_id_t persistent_key_id,
mbedtls_svc_key_id_t *key)
{
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
@ -467,19 +467,19 @@ exit:
}
#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len)
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
static int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len)
{
return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx,
mbedtls_test_rnd_std_rand, NULL,
olen, input, output, output_max_len);
}
int mbedtls_rsa_sign_func(void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig)
static int mbedtls_rsa_sign_func(void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig)
{
((void) f_rng);
((void) p_rng);
@ -487,11 +487,11 @@ int mbedtls_rsa_sign_func(void *ctx,
mbedtls_test_rnd_std_rand, NULL,
md_alg, hashlen, hash, sig);
}
size_t mbedtls_rsa_key_len_func(void *ctx)
static size_t mbedtls_rsa_key_len_func(void *ctx)
{
return ((const mbedtls_rsa_context *) ctx)->len;
}
#endif /* MBEDTLS_RSA_C */
#endif /* MBEDTLS_RSA_C && MBEDTLS_PK_RSA_ALT_SUPPORT */
typedef enum {
/* The values are compatible with thinking of "from pair" as a boolean. */
@ -618,7 +618,7 @@ exit:
/* Create a copy of a PSA key with same usage and algorithm policy and destroy
* the original one. */
mbedtls_svc_key_id_t psa_copy_and_destroy(mbedtls_svc_key_id_t orig_key_id)
static mbedtls_svc_key_id_t psa_copy_and_destroy(mbedtls_svc_key_id_t orig_key_id)
{
psa_key_attributes_t orig_attr = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t new_attr = PSA_KEY_ATTRIBUTES_INIT;

2
tf-psa-crypto/tests/suites/test_suite_platform.function
View File

@ -18,7 +18,7 @@
#else
#include <unistd.h>
#endif
void sleep_ms(int milliseconds)
static void sleep_ms(int milliseconds)
{
#if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \
defined(__MINGW32__) || defined(_WIN64)

66
tf-psa-crypto/tests/suites/test_suite_psa_crypto.function
View File

@ -39,28 +39,6 @@
#define ASSERT_OPERATION_IS_ACTIVE(operation) TEST_ASSERT(operation.id != 0)
#define ASSERT_OPERATION_IS_INACTIVE(operation) TEST_ASSERT(operation.id == 0)
#if defined(PSA_WANT_ALG_JPAKE)
int ecjpake_operation_setup(psa_pake_operation_t *operation,
psa_pake_cipher_suite_t *cipher_suite,
psa_pake_role_t role,
mbedtls_svc_key_id_t key,
size_t key_available)
{
PSA_ASSERT(psa_pake_abort(operation));
PSA_ASSERT(psa_pake_setup(operation, cipher_suite));
PSA_ASSERT(psa_pake_set_role(operation, role));
if (key_available) {
PSA_ASSERT(psa_pake_set_password_key(operation, key));
}
return 0;
exit:
return 1;
}
#endif
/** An invalid export length that will never be set by psa_export_key(). */
static const size_t INVALID_EXPORT_LENGTH = ~0U;
@ -175,12 +153,12 @@ static int construct_fake_rsa_key(unsigned char *buffer,
}
#endif /* MBEDTLS_ASN1_WRITE_C */
int exercise_mac_setup(psa_key_type_t key_type,
const unsigned char *key_bytes,
size_t key_length,
psa_algorithm_t alg,
psa_mac_operation_t *operation,
psa_status_t *status)
static int exercise_mac_setup(psa_key_type_t key_type,
const unsigned char *key_bytes,
size_t key_length,
psa_algorithm_t alg,
psa_mac_operation_t *operation,
psa_status_t *status)
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -207,12 +185,12 @@ exit:
return 0;
}
int exercise_cipher_setup(psa_key_type_t key_type,
const unsigned char *key_bytes,
size_t key_length,
psa_algorithm_t alg,
psa_cipher_operation_t *operation,
psa_status_t *status)
static int exercise_cipher_setup(psa_key_type_t key_type,
const unsigned char *key_bytes,
size_t key_length,
psa_algorithm_t alg,
psa_cipher_operation_t *operation,
psa_status_t *status)
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -285,14 +263,14 @@ exit:
/* Assert that a key isn't reported as having a slot number. */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#define ASSERT_NO_SLOT_NUMBER(attributes) \
do \
{ \
psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number; \
TEST_EQUAL(psa_get_key_slot_number( \
attributes, \
do \
{ \
psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number; \
TEST_EQUAL(psa_get_key_slot_number( \
attributes, \
&ASSERT_NO_SLOT_NUMBER_slot_number), \
PSA_ERROR_INVALID_ARGUMENT); \
} \
} \
while (0)
#else /* MBEDTLS_PSA_CRYPTO_SE_C */
#define ASSERT_NO_SLOT_NUMBER(attributes) \
@ -1314,6 +1292,7 @@ exit:
#if defined(MBEDTLS_THREADING_PTHREAD)
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
typedef struct same_key_context {
data_t *data;
mbedtls_svc_key_id_t key;
@ -1330,7 +1309,7 @@ same_key_context;
/* Attempt to import the key in ctx. This handles any valid error codes
* and reports an error for any invalid codes. This function also insures
* that once imported by some thread, all threads can use the key. */
void *thread_import_key(void *ctx)
static void *thread_import_key(void *ctx)
{
mbedtls_svc_key_id_t returned_key_id;
same_key_context *skc = (struct same_key_context *) ctx;
@ -1404,7 +1383,7 @@ exit:
return NULL;
}
void *thread_use_and_destroy_key(void *ctx)
static void *thread_use_and_destroy_key(void *ctx)
{
same_key_context *skc = (struct same_key_context *) ctx;
@ -1432,6 +1411,7 @@ void *thread_use_and_destroy_key(void *ctx)
exit:
return NULL;
}
#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
typedef struct generate_key_context {
psa_key_type_t type;
@ -1444,7 +1424,7 @@ typedef struct generate_key_context {
int reps;
}
generate_key_context;
void *thread_generate_key(void *ctx)
static void *thread_generate_key(void *ctx)
{
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT;

30
tf-psa-crypto/tests/suites/test_suite_psa_crypto_metadata.function
View File

@ -80,17 +80,17 @@
* Unconditionally mask flag into the ambient variable
* classification_flags_tested.
*/
#define TEST_CLASSIFICATION_MACRO(cond, flag, alg, flags) \
#define TEST_CLASSIFICATION_MACRO(cond, flag, alg, flags) \
do \
{ \
if (cond) \
if (cond) \
{ \
if ((flags) & (flag)) \
TEST_ASSERT(PSA_##flag(alg)); \
if ((flags) & (flag)) \
TEST_ASSERT(PSA_##flag(alg)); \
else \
TEST_ASSERT(!PSA_##flag(alg)); \
TEST_ASSERT(!PSA_##flag(alg)); \
} \
classification_flags_tested |= (flag); \
classification_flags_tested |= (flag); \
} \
while (0)
@ -106,7 +106,7 @@
* The expected parity is even so that 0 is considered a valid encoding.
*
* Return a nonzero value if value has even parity and 0 otherwise. */
int has_even_parity(uint32_t value)
static int has_even_parity(uint32_t value)
{
value ^= value >> 16;
value ^= value >> 8;
@ -116,7 +116,7 @@ int has_even_parity(uint32_t value)
#define TEST_PARITY(value) \
TEST_ASSERT(has_even_parity(value))
void algorithm_classification(psa_algorithm_t alg, unsigned flags)
static void algorithm_classification(psa_algorithm_t alg, unsigned flags)
{
unsigned classification_flags_tested = 0;
TEST_CLASSIFICATION_MACRO(1, ALG_IS_VENDOR_DEFINED, alg, flags);
@ -155,7 +155,7 @@ void algorithm_classification(psa_algorithm_t alg, unsigned flags)
exit:;
}
void key_type_classification(psa_key_type_t type, unsigned flags)
static void key_type_classification(psa_key_type_t type, unsigned flags)
{
unsigned classification_flags_tested = 0;
@ -192,9 +192,9 @@ void key_type_classification(psa_key_type_t type, unsigned flags)
exit:;
}
void mac_algorithm_core(psa_algorithm_t alg, int classification_flags,
psa_key_type_t key_type, size_t key_bits,
size_t length)
static void mac_algorithm_core(psa_algorithm_t alg, int classification_flags,
psa_key_type_t key_type, size_t key_bits,
size_t length)
{
/* Algorithm classification */
TEST_ASSERT(!PSA_ALG_IS_HASH(alg));
@ -218,9 +218,9 @@ void mac_algorithm_core(psa_algorithm_t alg, int classification_flags,
exit:;
}
void aead_algorithm_core(psa_algorithm_t alg, int classification_flags,
psa_key_type_t key_type, size_t key_bits,
size_t tag_length)
static void aead_algorithm_core(psa_algorithm_t alg, int classification_flags,
psa_key_type_t key_type, size_t key_bits,
size_t tag_length)
{
/* Algorithm classification */
TEST_ASSERT(!PSA_ALG_IS_HASH(alg));

8
tf-psa-crypto/tests/suites/test_suite_psa_crypto_op_fail.function
View File

@ -27,11 +27,11 @@ static int test_equal_status(const char *test,
* run, it would be better to clarify the expectations and reconcile the
* library and the test case generator.
*/
#define TEST_STATUS(expr1, expr2) \
do { \
#define TEST_STATUS(expr1, expr2) \
do { \
if (!test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \
expr1, expr2)) \
goto exit; \
expr1, expr2)) \
goto exit; \
} while (0)
/* END_HEADER */

34
tf-psa-crypto/tests/suites/test_suite_psa_crypto_pake.function
View File

@ -71,9 +71,9 @@ static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
* we're corrupting.
*/
#define DO_ROUND_CONDITIONAL_INJECT(this_stage, buf) \
if (this_stage == err_stage) \
{ \
*(buf + 7) ^= 1; \
if (this_stage == err_stage) \
{ \
*(buf + 7) ^= 1; \
}
#define DO_ROUND_CONDITIONAL_CHECK_FAILURE(this_stage, function) \
@ -84,20 +84,20 @@ static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' };
}
#define DO_ROUND_UPDATE_OFFSETS(main_buf_offset, step_offset, step_size) \
{ \
step_offset = main_buf_offset; \
main_buf_offset += step_size; \
{ \
step_offset = main_buf_offset; \
main_buf_offset += step_size; \
}
#define DO_ROUND_CHECK_FAILURE() \
if (err_stage != ERR_NONE && status != PSA_SUCCESS) \
#define DO_ROUND_CHECK_FAILURE() \
if (err_stage != ERR_NONE && status != PSA_SUCCESS) \
{ \
TEST_EQUAL(status, expected_error_arg); \
TEST_EQUAL(status, expected_error_arg); \
break; \
} \
else \
{ \
TEST_EQUAL(status, PSA_SUCCESS); \
TEST_EQUAL(status, PSA_SUCCESS); \
}
#if defined(PSA_WANT_ALG_JPAKE)
@ -550,15 +550,15 @@ exit:
* - terminated with failure otherwise (either no error was expected at this
* stage or a different error code was expected)
*/
#define SETUP_ALWAYS_CHECK_STEP(test_function, this_check_err_stage) \
#define SETUP_ALWAYS_CHECK_STEP(test_function, this_check_err_stage) \
status = test_function; \
if (err_stage != this_check_err_stage) \
if (err_stage != this_check_err_stage) \
{ \
PSA_ASSERT(status); \
PSA_ASSERT(status); \
} \
else \
{ \
TEST_EQUAL(status, expected_error); \
TEST_EQUAL(status, expected_error); \
goto exit; \
}
@ -572,10 +572,10 @@ exit:
* The test succeeds if the returned error is exactly the expected one,
* otherwise it fails.
*/
#define SETUP_CONDITIONAL_CHECK_STEP(test_function, this_check_err_stage) \
if (err_stage == this_check_err_stage) \
#define SETUP_CONDITIONAL_CHECK_STEP(test_function, this_check_err_stage) \
if (err_stage == this_check_err_stage) \
{ \
TEST_EQUAL(test_function, expected_error); \
TEST_EQUAL(test_function, expected_error); \
goto exit; \
}
/* END_HEADER */

54
tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal.function
View File

@ -14,8 +14,8 @@
#endif
/* Same in library/psa_crypto.c */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
#define BUILTIN_ALG_ANY_HKDF 1
#endif
@ -36,11 +36,11 @@
/** The location and lifetime used for tests that use a single driver. */
#define TEST_DRIVER_LOCATION 1
#define TEST_SE_PERSISTENT_LIFETIME \
#define TEST_SE_PERSISTENT_LIFETIME \
(PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \
PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION))
#define TEST_SE_VOLATILE_LIFETIME \
#define TEST_SE_VOLATILE_LIFETIME \
(PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \
PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION))
@ -54,13 +54,13 @@
*
* Use this macro to assert on guarantees provided by the core.
*/
#define DRIVER_ASSERT_RETURN(TEST) \
do { \
if (!(TEST)) \
{ \
mbedtls_test_fail( #TEST, __LINE__, __FILE__); \
return PSA_ERROR_DETECTED_BY_DRIVER; \
} \
#define DRIVER_ASSERT_RETURN(TEST) \
do { \
if (!(TEST)) \
{ \
mbedtls_test_fail( #TEST, __LINE__, __FILE__); \
return PSA_ERROR_DETECTED_BY_DRIVER; \
} \
} while (0)
/** Like #TEST_ASSERT for use in a driver method, with cleanup.
@ -70,14 +70,14 @@
*
* Use this macro to assert on guarantees provided by the core.
*/
#define DRIVER_ASSERT(TEST) \
do { \
if (!(TEST)) \
{ \
mbedtls_test_fail( #TEST, __LINE__, __FILE__); \
#define DRIVER_ASSERT(TEST) \
do { \
if (!(TEST)) \
{ \
mbedtls_test_fail( #TEST, __LINE__, __FILE__); \
status = PSA_ERROR_DETECTED_BY_DRIVER; \
goto exit; \
} \
} \
} while (0)
/** Like #PSA_ASSERT for a PSA API call that calls a driver underneath.
@ -91,16 +91,16 @@
* case, the test driver code is expected to have called mbedtls_test_fail()
* already, so we make sure not to overwrite the failure information.
*/
#define PSA_ASSERT_VIA_DRIVER(expr, expected_status) \
do { \
psa_status_t PSA_ASSERT_VIA_DRIVER_status = (expr); \
if (PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER) \
goto exit; \
if (PSA_ASSERT_VIA_DRIVER_status != (expected_status)) \
{ \
#define PSA_ASSERT_VIA_DRIVER(expr, expected_status) \
do { \
psa_status_t PSA_ASSERT_VIA_DRIVER_status = (expr); \
if (PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER) \
goto exit; \
if (PSA_ASSERT_VIA_DRIVER_status != (expected_status)) \
{ \
mbedtls_test_fail( #expr, __LINE__, __FILE__); \
goto exit; \
} \
goto exit; \
} \
} while (0)
@ -599,7 +599,7 @@ exit:
* If this changes, the storage format version must change.
* See psa_get_se_driver_its_file_uid() in psa_crypto_se.c.
*/
psa_storage_uid_t file_uid_for_location(psa_key_location_t location)
static psa_storage_uid_t file_uid_for_location(psa_key_location_t location)
{
if (location > PSA_MAX_SE_LOCATION) {
return 0;

68
tf-psa-crypto/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
View File

@ -6,7 +6,7 @@
/** The location and lifetime used for tests that use a single driver. */
#define TEST_DRIVER_LOCATION 1
#define TEST_SE_PERSISTENT_LIFETIME \
#define TEST_SE_PERSISTENT_LIFETIME \
(PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \
PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION))
@ -162,11 +162,11 @@ static psa_status_t mock_import(psa_drv_se_context_t *drv_context,
return mock_import_data.return_value;
}
psa_status_t mock_export(psa_drv_se_context_t *context,
psa_key_slot_number_t slot_number,
uint8_t *p_data,
size_t data_size,
size_t *p_data_length)
static psa_status_t mock_export(psa_drv_se_context_t *context,
psa_key_slot_number_t slot_number,
uint8_t *p_data,
size_t data_size,
size_t *p_data_length)
{
(void) context;
(void) p_data;
@ -179,11 +179,11 @@ psa_status_t mock_export(psa_drv_se_context_t *context,
return mock_export_data.return_value;
}
psa_status_t mock_export_public(psa_drv_se_context_t *context,
psa_key_slot_number_t slot_number,
uint8_t *p_data,
size_t data_size,
size_t *p_data_length)
static psa_status_t mock_export_public(psa_drv_se_context_t *context,
psa_key_slot_number_t slot_number,
uint8_t *p_data,
size_t data_size,
size_t *p_data_length)
{
(void) context;
(void) p_data;
@ -196,14 +196,14 @@ psa_status_t mock_export_public(psa_drv_se_context_t *context,
return mock_export_public_data.return_value;
}
psa_status_t mock_sign(psa_drv_se_context_t *context,
psa_key_slot_number_t key_slot,
psa_algorithm_t alg,
const uint8_t *p_hash,
size_t hash_length,
uint8_t *p_signature,
size_t signature_size,
size_t *p_signature_length)
static psa_status_t mock_sign(psa_drv_se_context_t *context,
psa_key_slot_number_t key_slot,
psa_algorithm_t alg,
const uint8_t *p_hash,
size_t hash_length,
uint8_t *p_signature,
size_t signature_size,
size_t *p_signature_length)
{
(void) context;
(void) p_hash;
@ -219,13 +219,13 @@ psa_status_t mock_sign(psa_drv_se_context_t *context,
return mock_sign_data.return_value;
}
psa_status_t mock_verify(psa_drv_se_context_t *context,
psa_key_slot_number_t key_slot,
psa_algorithm_t alg,
const uint8_t *p_hash,
size_t hash_length,
const uint8_t *p_signature,
size_t signature_length)
static psa_status_t mock_verify(psa_drv_se_context_t *context,
psa_key_slot_number_t key_slot,
psa_algorithm_t alg,
const uint8_t *p_hash,
size_t hash_length,
const uint8_t *p_signature,
size_t signature_length)
{
(void) context;
(void) p_hash;
@ -240,11 +240,11 @@ psa_status_t mock_verify(psa_drv_se_context_t *context,
return mock_verify_data.return_value;
}
psa_status_t mock_allocate(psa_drv_se_context_t *drv_context,
void *persistent_data,
const psa_key_attributes_t *attributes,
psa_key_creation_method_t method,
psa_key_slot_number_t *key_slot)
static psa_status_t mock_allocate(psa_drv_se_context_t *drv_context,
void *persistent_data,
const psa_key_attributes_t *attributes,
psa_key_creation_method_t method,
psa_key_slot_number_t *key_slot)
{
(void) drv_context;
(void) persistent_data;
@ -258,9 +258,9 @@ psa_status_t mock_allocate(psa_drv_se_context_t *drv_context,
return mock_allocate_data.return_value;
}
psa_status_t mock_destroy(psa_drv_se_context_t *context,
void *persistent_data,
psa_key_slot_number_t slot_number)
static psa_status_t mock_destroy(psa_drv_se_context_t *context,
void *persistent_data,
psa_key_slot_number_t slot_number)
{
(void) context;
(void) persistent_data;

10
tf-psa-crypto/tests/suites/test_suite_psa_its.function
View File

@ -19,11 +19,11 @@
#define PSA_ITS_STORAGE_PREFIX ""
#define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx"
#define PSA_ITS_STORAGE_SUFFIX ".psa_its"
#define PSA_ITS_STORAGE_FILENAME_LENGTH \
(sizeof(PSA_ITS_STORAGE_PREFIX) - 1 + /*prefix without terminating 0*/ \
16 + /*UID (64-bit number in hex)*/ \
16 + /*UID (64-bit number in hex)*/ \
sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 + /*suffix without terminating 0*/ \
#define PSA_ITS_STORAGE_FILENAME_LENGTH \
(sizeof(PSA_ITS_STORAGE_PREFIX) - 1 + /*prefix without terminating 0*/ \
16 + /*UID (64-bit number in hex)*/ \
16 + /*UID (64-bit number in hex)*/ \
sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 + /*suffix without terminating 0*/ \
1 /*terminating null byte*/)
#define PSA_ITS_STORAGE_TEMP \
PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX