| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 1 | /* | 
|  | 2 | *  Test dynamic loading of libmbed* | 
|  | 3 | * | 
|  | 4 | *  Copyright The Mbed TLS Contributors | 
| Dave Rodgman | 16799db | 2023-11-02 19:47:20 +0000 | [diff] [blame] | 5 | *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 6 | */ | 
|  | 7 |  | 
| Felix Conway | 998760a | 2025-03-24 11:37:33 +0000 | [diff] [blame] | 8 | #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS | 
|  | 9 |  | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 10 | #include "mbedtls/build_info.h" | 
|  | 11 |  | 
|  | 12 | #include "mbedtls/platform.h" | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 13 |  | 
|  | 14 | #if defined(MBEDTLS_X509_CRT_PARSE_C) | 
|  | 15 | #include "mbedtls/x509_crt.h" | 
|  | 16 | #endif | 
|  | 17 |  | 
| Gilles Peskine | 834d229 | 2021-11-12 14:30:22 +0100 | [diff] [blame] | 18 | #if defined(__APPLE__) | 
|  | 19 | #define SO_SUFFIX ".dylib" | 
|  | 20 | #else | 
|  | 21 | #define SO_SUFFIX ".so" | 
|  | 22 | #endif | 
|  | 23 |  | 
| Ronald Cron | 8126a68 | 2024-10-25 17:34:23 +0200 | [diff] [blame] | 24 | #define MBEDCRYPTO_SO_FILENAME "libmbedcrypto" SO_SUFFIX | 
|  | 25 | #define TFPSACRYPTO_SO_FILENAME "libtfpsacrypto" SO_SUFFIX | 
| Gilles Peskine | 834d229 | 2021-11-12 14:30:22 +0100 | [diff] [blame] | 26 | #define X509_SO_FILENAME "libmbedx509" SO_SUFFIX | 
|  | 27 | #define TLS_SO_FILENAME "libmbedtls" SO_SUFFIX | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 28 |  | 
|  | 29 | #include <dlfcn.h> | 
|  | 30 |  | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 31 | #define CHECK_DLERROR(function, argument)                             \ | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 32 | do                                                                  \ | 
|  | 33 | {                                                                   \ | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 34 | char *CHECK_DLERROR_error = dlerror();                        \ | 
|  | 35 | if (CHECK_DLERROR_error != NULL)                               \ | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 36 | {                                                               \ | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 37 | fprintf(stderr, "Dynamic loading error for %s(%s): %s\n",  \ | 
|  | 38 | function, argument, CHECK_DLERROR_error);         \ | 
|  | 39 | mbedtls_exit(MBEDTLS_EXIT_FAILURE);                       \ | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 40 | }                                                               \ | 
|  | 41 | }                                                                   \ | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 42 | while (0) | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 43 |  | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 44 | int main(void) | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 45 | { | 
| Gilles Peskine | b6a0299 | 2021-11-10 19:11:32 +0100 | [diff] [blame] | 46 | #if defined(MBEDTLS_MD_C) || defined(MBEDTLS_SSL_TLS_C) | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 47 | unsigned n; | 
| Gilles Peskine | b6a0299 | 2021-11-10 19:11:32 +0100 | [diff] [blame] | 48 | #endif | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 49 |  | 
|  | 50 | #if defined(MBEDTLS_SSL_TLS_C) | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 51 | void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW); | 
|  | 52 | CHECK_DLERROR("dlopen", TLS_SO_FILENAME); | 
| Gilles Peskine | 06af417 | 2025-01-08 17:26:01 +0100 | [diff] [blame] | 53 | #pragma GCC diagnostic push | 
|  | 54 | /* dlsym() returns an object pointer which is meant to be used as a | 
|  | 55 | * function pointer. This has undefined behavior in standard C, so | 
|  | 56 | * "gcc -std=c99 -pedantic" complains about it, but it is perfectly | 
|  | 57 | * fine on platforms that have dlsym(). */ | 
|  | 58 | #pragma GCC diagnostic ignored "-Wpedantic" | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 59 | const int *(*ssl_list_ciphersuites)(void) = | 
|  | 60 | dlsym(tls_so, "mbedtls_ssl_list_ciphersuites"); | 
| Gilles Peskine | 06af417 | 2025-01-08 17:26:01 +0100 | [diff] [blame] | 61 | #pragma GCC diagnostic pop | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 62 | CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites"); | 
|  | 63 | const int *ciphersuites = ssl_list_ciphersuites(); | 
|  | 64 | for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */ | 
|  | 65 | ; | 
|  | 66 | } | 
|  | 67 | mbedtls_printf("dlopen(%s): %u ciphersuites\n", | 
|  | 68 | TLS_SO_FILENAME, n); | 
|  | 69 | dlclose(tls_so); | 
|  | 70 | CHECK_DLERROR("dlclose", TLS_SO_FILENAME); | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 71 | #endif  /* MBEDTLS_SSL_TLS_C */ | 
|  | 72 |  | 
|  | 73 | #if defined(MBEDTLS_X509_CRT_PARSE_C) | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 74 | void *x509_so = dlopen(X509_SO_FILENAME, RTLD_NOW); | 
|  | 75 | CHECK_DLERROR("dlopen", X509_SO_FILENAME); | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 76 | const mbedtls_x509_crt_profile *profile = | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 77 | dlsym(x509_so, "mbedtls_x509_crt_profile_default"); | 
|  | 78 | CHECK_DLERROR("dlsym", "mbedtls_x509_crt_profile_default"); | 
|  | 79 | mbedtls_printf("dlopen(%s): Allowed md mask: %08x\n", | 
|  | 80 | X509_SO_FILENAME, (unsigned) profile->allowed_mds); | 
|  | 81 | dlclose(x509_so); | 
|  | 82 | CHECK_DLERROR("dlclose", X509_SO_FILENAME); | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 83 | #endif  /* MBEDTLS_X509_CRT_PARSE_C */ | 
|  | 84 |  | 
|  | 85 | #if defined(MBEDTLS_MD_C) | 
| Ronald Cron | 8126a68 | 2024-10-25 17:34:23 +0200 | [diff] [blame] | 86 | const char *crypto_so_filename = NULL; | 
| Ronald Cron | a33b371 | 2025-09-22 14:21:16 +0200 | [diff] [blame] | 87 | void *crypto_so = dlopen(TFPSACRYPTO_SO_FILENAME, RTLD_NOW); | 
| Ronald Cron | 8126a68 | 2024-10-25 17:34:23 +0200 | [diff] [blame] | 88 | if (dlerror() == NULL) { | 
| Ronald Cron | 8126a68 | 2024-10-25 17:34:23 +0200 | [diff] [blame] | 89 | crypto_so_filename = TFPSACRYPTO_SO_FILENAME; | 
| Ronald Cron | a33b371 | 2025-09-22 14:21:16 +0200 | [diff] [blame] | 90 | } else { | 
|  | 91 | crypto_so = dlopen(MBEDCRYPTO_SO_FILENAME, RTLD_NOW); | 
|  | 92 | CHECK_DLERROR("dlopen", MBEDCRYPTO_SO_FILENAME); | 
|  | 93 | crypto_so_filename = MBEDCRYPTO_SO_FILENAME; | 
| Ronald Cron | 8126a68 | 2024-10-25 17:34:23 +0200 | [diff] [blame] | 94 | } | 
| Gilles Peskine | 06af417 | 2025-01-08 17:26:01 +0100 | [diff] [blame] | 95 | #pragma GCC diagnostic push | 
|  | 96 | /* dlsym() returns an object pointer which is meant to be used as a | 
|  | 97 | * function pointer. This has undefined behavior in standard C, so | 
|  | 98 | * "gcc -std=c99 -pedantic" complains about it, but it is perfectly | 
|  | 99 | * fine on platforms that have dlsym(). */ | 
|  | 100 | #pragma GCC diagnostic ignored "-Wpedantic" | 
| Ari Weiler-Ofek | abcfd4c | 2025-06-17 15:18:20 +0100 | [diff] [blame] | 101 | psa_status_t (*dyn_psa_crypto_init)(void) = | 
|  | 102 | dlsym(crypto_so, "psa_crypto_init"); | 
|  | 103 | psa_status_t (*dyn_psa_hash_compute)(psa_algorithm_t, const uint8_t *, size_t, uint8_t *, | 
|  | 104 | size_t, size_t *) = | 
|  | 105 | dlsym(crypto_so, "psa_hash_compute"); | 
|  | 106 |  | 
| Gilles Peskine | 06af417 | 2025-01-08 17:26:01 +0100 | [diff] [blame] | 107 | #pragma GCC diagnostic pop | 
| Ari Weiler-Ofek | c3d54b6 | 2025-07-15 14:08:24 +0100 | [diff] [blame] | 108 | /* Demonstrate hashing a message with PSA Crypto */ | 
| Ari Weiler-Ofek | abcfd4c | 2025-06-17 15:18:20 +0100 | [diff] [blame] | 109 |  | 
|  | 110 | CHECK_DLERROR("dlsym", "psa_crypto_init"); | 
|  | 111 | CHECK_DLERROR("dlsym", "psa_hash_compute"); | 
|  | 112 |  | 
|  | 113 | psa_status_t status = dyn_psa_crypto_init(); | 
|  | 114 | if (status != PSA_SUCCESS) { | 
|  | 115 | mbedtls_fprintf(stderr, "psa_crypto_init failed: %d\n", (int) status); | 
|  | 116 | mbedtls_exit(MBEDTLS_EXIT_FAILURE); | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 117 | } | 
| Ari Weiler-Ofek | abcfd4c | 2025-06-17 15:18:20 +0100 | [diff] [blame] | 118 |  | 
|  | 119 | const uint8_t input[] = "hello world"; | 
|  | 120 | uint8_t hash[32]; // Buffer to hold the output hash | 
|  | 121 | size_t hash_len = 0; | 
|  | 122 |  | 
|  | 123 | status = dyn_psa_hash_compute(PSA_ALG_SHA_256, | 
|  | 124 | input, sizeof(input) - 1, | 
|  | 125 | hash, sizeof(hash), | 
|  | 126 | &hash_len); | 
|  | 127 | if (status != PSA_SUCCESS) { | 
|  | 128 | mbedtls_fprintf(stderr, "psa_hash_compute failed: %d\n", (int) status); | 
|  | 129 | mbedtls_exit(MBEDTLS_EXIT_FAILURE); | 
|  | 130 | } | 
|  | 131 |  | 
|  | 132 | mbedtls_printf("dlopen(%s): psa_hash_compute succeeded. SHA-256 output length: %zu\n", | 
|  | 133 | crypto_so_filename, hash_len); | 
|  | 134 |  | 
|  | 135 |  | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 136 | dlclose(crypto_so); | 
| Ronald Cron | 8126a68 | 2024-10-25 17:34:23 +0200 | [diff] [blame] | 137 | CHECK_DLERROR("dlclose", crypto_so_filename); | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 138 | #endif  /* MBEDTLS_MD_C */ | 
|  | 139 |  | 
| Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 140 | return 0; | 
| Gilles Peskine | a7c247e | 2021-11-04 12:45:19 +0100 | [diff] [blame] | 141 | } |