Merge pull request #8196 from tgonzalezorlandoarm/tg/check_test_cases
Backport 2.28: Make check_test_cases.py recognize test case name templates in ssl-opt.sh
diff --git a/ChangeLog.d/8372.txt b/ChangeLog.d/8372.txt
new file mode 100644
index 0000000..4a72edf
--- /dev/null
+++ b/ChangeLog.d/8372.txt
@@ -0,0 +1,3 @@
+Features
+ * AES-NI is now supported in Windows builds with clang and clang-cl.
+ Resolves #8372.
diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h
index 0da40a0..c9fe2bf 100644
--- a/include/mbedtls/aesni.h
+++ b/include/mbedtls/aesni.h
@@ -58,7 +58,7 @@
* macros that may change in future releases.
*/
#undef MBEDTLS_AESNI_HAVE_INTRINSICS
-#if defined(_MSC_VER)
+#if defined(_MSC_VER) && !defined(__clang__)
/* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support
* VS 2013 and up for other reasons anyway, so no need to check the version. */
#define MBEDTLS_AESNI_HAVE_INTRINSICS
@@ -66,7 +66,7 @@
/* GCC-like compilers: currently, we only support intrinsics if the requisite
* target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2`
* or `clang -maes -mpclmul`). */
-#if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__)
+#if (defined(__GNUC__) || defined(__clang__)) && defined(__AES__) && defined(__PCLMUL__)
#define MBEDTLS_AESNI_HAVE_INTRINSICS
#endif
diff --git a/library/aesni.c b/library/aesni.c
index 77c1f90..3f62a2e 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -193,7 +193,7 @@
const unsigned char a[16],
const unsigned char b[16])
{
- __m128i aa, bb, cc, dd;
+ __m128i aa = { 0 }, bb = { 0 }, cc, dd;
/* The inputs are in big-endian order, so byte-reverse them */
for (size_t i = 0; i < 16; i++) {
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f5223fb..6a39800 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2169,8 +2169,8 @@
}
/* get size of the buffer needed */
- mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl),
- NULL, 0, &session_data_len);
+ (void) mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl),
+ NULL, 0, &session_data_len);
session_data = mbedtls_calloc(1, session_data_len);
if (session_data == NULL) {
mbedtls_printf(" failed\n ! alloc %u bytes for session data\n",
diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h
index f942889..d67e487 100644
--- a/tests/include/test/macros.h
+++ b/tests/include/test/macros.h
@@ -153,6 +153,38 @@
} \
} while (0)
+/** Allocate memory dynamically and fail the test case if this fails.
+ * The allocated memory will be filled with zeros.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free(pointer)` in the test's cleanup code.
+ *
+ * If \p item_count is zero, the resulting \p pointer will not be \c NULL.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer An lvalue where the address of the allocated buffer
+ * will be stored.
+ * This expression may be evaluated multiple times.
+ * \param item_count Number of elements to allocate.
+ * This expression may be evaluated multiple times.
+ *
+ * Note: if passing size 0, mbedtls_calloc may return NULL. In this case,
+ * we reattempt to allocate with the smallest possible buffer to assure a
+ * non-NULL pointer.
+ */
+#define TEST_CALLOC_NONNULL(pointer, item_count) \
+ do { \
+ TEST_ASSERT((pointer) == NULL); \
+ (pointer) = mbedtls_calloc(sizeof(*(pointer)), \
+ (item_count)); \
+ if (((pointer) == NULL) && ((item_count) == 0)) { \
+ (pointer) = mbedtls_calloc(1, 1); \
+ } \
+ TEST_ASSERT((pointer) != NULL); \
+ } while (0)
+
/* For backwards compatibility */
#define ASSERT_ALLOC(pointer, item_count) TEST_CALLOC(pointer, item_count)
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index 06f391f..d8ff49e 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -432,6 +432,50 @@
fflush(outcome_file);
}
+#if defined(__unix__) || \
+ (defined(__APPLE__) && defined(__MACH__))
+#define MBEDTLS_HAVE_CHDIR
+#endif
+
+#if defined(MBEDTLS_HAVE_CHDIR)
+/** Try chdir to the directory containing argv0.
+ *
+ * Failures are silent.
+ */
+static void try_chdir_if_supported(const char *argv0)
+{
+ /* We might want to allow backslash as well, for Windows. But then we also
+ * need to consider chdir() vs _chdir(), and different conventions
+ * regarding paths in argv[0] (naively enabling this code with
+ * backslash support on Windows leads to chdir into the wrong directory
+ * on the CI). */
+ const char *slash = strrchr(argv0, '/');
+ if (slash == NULL) {
+ return;
+ }
+ size_t path_size = slash - argv0 + 1;
+ char *path = mbedtls_calloc(1, path_size);
+ if (path == NULL) {
+ return;
+ }
+ memcpy(path, argv0, path_size - 1);
+ path[path_size - 1] = 0;
+ int ret = chdir(path);
+ if (ret != 0) {
+ mbedtls_fprintf(stderr, "%s: note: chdir(\"%s\") failed.\n",
+ __func__, path);
+ }
+ mbedtls_free(path);
+}
+#else /* MBEDTLS_HAVE_CHDIR */
+/* No chdir() or no support for parsing argv[0] on this platform. */
+static void try_chdir_if_supported(const char *argv0)
+{
+ (void) argv0;
+ return;
+}
+#endif /* MBEDTLS_HAVE_CHDIR */
+
/**
* \brief Desktop implementation of execute_tests().
* Parses command line and executes tests from
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 335ce84..a69442d 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -278,6 +278,21 @@
mbedtls_test_hook_error_add = &mbedtls_test_err_add_check;
#endif
+ /* Try changing to the directory containing the executable, if
+ * using the default data file. This allows running the executable
+ * from another directory (e.g. the project root) and still access
+ * the .datax file as well as data files used by test cases
+ * (typically from tests/data_files).
+ *
+ * Note that we do this before the platform setup (which may access
+ * files such as a random seed). We also do this before accessing
+ * test-specific files such as the outcome file, which is arguably
+ * not desirable and should be fixed later.
+ */
+ if (argc == 1) {
+ try_chdir_if_supported(argv[0]);
+ }
+
int ret = mbedtls_test_platform_setup();
if (ret != 0) {
mbedtls_fprintf(stderr,
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index 4c6ee6f..a4627de 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -31,15 +31,13 @@
data_t *result)
{
mbedtls_ctr_drbg_context ctx;
+ mbedtls_ctr_drbg_init(&ctx);
unsigned char buf[64];
size_t entropy_chunk_len = (size_t) entropy_len_arg;
-
TEST_ASSERT(entropy_chunk_len <= sizeof(buf));
test_offset_idx = 0;
- mbedtls_ctr_drbg_init(&ctx);
-
test_max_idx = entropy->len;
/* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, <ignored>)
diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function
index 5d8487c..9b1df8f 100644
--- a/tests/suites/test_suite_entropy.function
+++ b/tests/suites/test_suite_entropy.function
@@ -102,6 +102,7 @@
if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) !=
MBEDTLS_ENTROPY_BLOCK_SIZE) {
+ fclose(f);
return -1;
}
@@ -124,6 +125,7 @@
if (fread(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) !=
MBEDTLS_ENTROPY_BLOCK_SIZE) {
+ fclose(f);
return -1;
}
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index d1f7813..97fd92a 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -31,13 +31,13 @@
static void pk_write_check_common(char *key_file, int is_public_key, int is_der)
{
mbedtls_pk_context key;
+ mbedtls_pk_init(&key);
unsigned char *buf = NULL;
unsigned char *check_buf = NULL;
unsigned char *start_buf;
size_t buf_len, check_buf_len;
int ret;
- mbedtls_pk_init(&key);
USE_PSA_INIT();
/* Note: if mbedtls_pk_load_file() successfully reads the file, then
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 15232a4..ff0ccdd 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -1290,7 +1290,7 @@
mbedtls_svc_key_id_t returned_id;
mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_attributes_t drv_attributes;
+ psa_key_attributes_t drv_attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
size_t signature_length;
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 0a35aa9..2eb1c4e 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -19,6 +19,7 @@
{
enum { MSGLEN = 10 };
mbedtls_test_ssl_buffer buf;
+ mbedtls_test_ssl_buffer_init(&buf);
unsigned char input[MSGLEN];
unsigned char output[MSGLEN];
@@ -38,8 +39,6 @@
/* Make sure calling put and get on a buffer that hasn't been set up results
* in error. */
- mbedtls_test_ssl_buffer_init(&buf);
-
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
== -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output))
@@ -1186,7 +1185,7 @@
(size_t) cid0_len,
(size_t) cid1_len) == 0);
- TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL);
+ TEST_CALLOC(buf, buflen);
while (num_records-- > 0) {
mbedtls_ssl_transform *t_dec, *t_enc;
@@ -1336,7 +1335,7 @@
(size_t) cid0_len,
(size_t) cid1_len) == 0);
- TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL);
+ TEST_CALLOC(buf, buflen);
for (mode = 1; mode <= 3; mode++) {
seen_success = 0;
@@ -1637,7 +1636,7 @@
/* Serialize it */
TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len)
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
- TEST_ASSERT((buf = mbedtls_calloc(1, len)) != NULL);
+ TEST_CALLOC(buf, len);
TEST_ASSERT(mbedtls_ssl_session_save(&original, buf, len, &len)
== 0);
@@ -1792,7 +1791,8 @@
for (bad_len = 1; bad_len < good_len; bad_len++) {
/* Allocate exact size so that asan/valgrind can detect any overwrite */
mbedtls_free(buf);
- TEST_ASSERT((buf = mbedtls_calloc(1, bad_len)) != NULL);
+ buf = NULL;
+ TEST_CALLOC(buf, bad_len);
TEST_ASSERT(mbedtls_ssl_session_save(&session, buf, bad_len,
&test_len)
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
@@ -1824,7 +1824,7 @@
&session, ticket_len, crt_file) == 0);
TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len)
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL);
- TEST_ASSERT((good_buf = mbedtls_calloc(1, good_len)) != NULL);
+ TEST_CALLOC(good_buf, good_len);
TEST_ASSERT(mbedtls_ssl_session_save(&session, good_buf, good_len,
&good_len) == 0);
mbedtls_ssl_session_free(&session);
@@ -1833,8 +1833,8 @@
for (bad_len = 0; bad_len < good_len; bad_len++) {
/* Allocate exact size so that asan/valgrind can detect any overread */
mbedtls_free(bad_buf);
- bad_buf = mbedtls_calloc(1, bad_len ? bad_len : 1);
- TEST_ASSERT(bad_buf != NULL);
+ bad_buf = NULL;
+ TEST_CALLOC_NONNULL(bad_buf, bad_len);
memcpy(bad_buf, good_buf, bad_len);
TEST_ASSERT(mbedtls_ssl_session_load(&session, bad_buf, bad_len)
@@ -1908,6 +1908,8 @@
*byte ^= corrupted_bit;
}
}
+
+exit:
USE_PSA_DONE();
}
/* END_CASE */
@@ -2270,8 +2272,10 @@
size_t len;
mbedtls_ssl_init(&ssl);
- USE_PSA_INIT();
mbedtls_ssl_config_init(&conf);
+
+ USE_PSA_INIT();
+
TEST_EQUAL(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER,
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT),
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 6e32792..8c72e5a 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -431,7 +431,6 @@
TEST_EQUAL(strcmp(buf, result_str), 0);
exit:
-
mbedtls_x509_crt_free(&crt);
USE_PSA_DONE();
}
@@ -675,7 +674,7 @@
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
/* CRLs aren't supported with CA callbacks, so skip the CA callback
* version of the test if CRLs are in use. */
- if (crl_file == NULL || strcmp(crl_file, "") == 0) {
+ if (strcmp(crl_file, "") == 0) {
flags = 0;
res = mbedtls_x509_crt_verify_with_ca_cb(&crt,
@@ -864,9 +863,8 @@
TEST_EQUAL(ret, exp_ret);
- mbedtls_free(name);
-
exit:
+ mbedtls_free(name);
USE_PSA_DONE();
}
/* END_CASE */
@@ -1252,6 +1250,7 @@
int ret;
USE_PSA_INIT();
+
oid.tag = MBEDTLS_ASN1_OID;
oid.p = buf->x;
oid.len = buf->len;
@@ -1279,6 +1278,7 @@
char num_buf[100];
USE_PSA_INIT();
+
memset(num_buf, 0x2a, sizeof(num_buf));
oid.tag = MBEDTLS_ASN1_OID;
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index b4509e2..ad0f2a6 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -457,16 +457,16 @@
int ret;
size_t len = 0;
mbedtls_asn1_named_data *names = NULL;
- mbedtls_x509_name parsed, *parsed_cur, *parsed_prv;
- unsigned char buf[1024], out[1024], *c;
+ mbedtls_x509_name parsed;
+ memset(&parsed, 0, sizeof(parsed));
+ mbedtls_x509_name *parsed_cur = NULL;
+ mbedtls_x509_name *parsed_prv = NULL;
+ unsigned char buf[1024] = { 0 };
+ unsigned char out[1024] = { 0 };
+ unsigned char *c = buf + sizeof(buf);
USE_PSA_INIT();
- memset(&parsed, 0, sizeof(parsed));
- memset(out, 0, sizeof(out));
- memset(buf, 0, sizeof(buf));
- c = buf + sizeof(buf);
-
ret = mbedtls_x509_string_to_names(&names, name);
TEST_ASSERT(ret == result);