Make the fallback behavior of mbedtls_test_rnd_buffer_rand optional

If a fallback is not explicitly configured in the mbedtls_test_rnd_buf_info structure, fail after the buffer is exhausted. There is no intended behavior change in this commit: all existing uses of mbedtls_test_rnd_buffer_rand() have been updated to set mbedtls_test_rnd_std_rand as the fallback. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-10-30 03:00:21 -04:00 · 2021-03-24 00:48:57 +01:00 · 2021-03-24 00:48:57 +01:00 · ecacc3c9d2
commit ecacc3c9d2
parent 0b1b0abe33
6 changed files with 37 additions and 4 deletions
--- a/tests/include/test/random.h
+++ b/tests/include/test/random.h
@ -36,8 +36,11 @@

 typedef struct
 {
-    unsigned char *buf;
+    unsigned char *buf; /* Pointer to a buffer of length bytes. */
    size_t length;
+    /* If fallback_f_rng is NULL, fail after delivering length bytes. */
+    int ( *fallback_f_rng )( void*, unsigned char *, size_t );
+    void *fallback_p_rng;
 } mbedtls_test_rnd_buf_info;

 /**
@ -84,7 +87,9 @@ int mbedtls_test_rnd_zero_rand( void *rng_state,
 * the random function is specified by per_call. (Can be between
 * 1 and 4)
 *
- * After the buffer is empty it will return mbedtls_test_rnd_std_rand().
+ * After the buffer is empty, this function will call the fallback RNG in the
+ * #mbedtls_test_rnd_buf_info structure if there is one, and
+ * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise.
 */
 int mbedtls_test_rnd_buffer_rand( void *rng_state,
                                  unsigned char *output,
--- a/tests/src/random.c
+++ b/tests/src/random.c
@ -35,6 +35,8 @@
 #include <test/random.h>
 #include <string.h>

+#include <mbedtls/entropy.h>
+
 int mbedtls_test_rnd_std_rand( void *rng_state,
                               unsigned char *output,
                               size_t len )
@ -91,8 +93,16 @@ int mbedtls_test_rnd_buffer_rand( void *rng_state,
    }

    if( len - use_len > 0 )
-        return( mbedtls_test_rnd_std_rand( NULL, output + use_len,
-                                           len - use_len ) );
+    {
+        if( info->fallback_f_rng != NULL )
+        {
+            return( info->fallback_f_rng( info->fallback_p_rng,
+                                          output + use_len,
+                                          len - use_len ) );
+        }
+        else
+            return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+    }

    return( 0 );
 }
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@ -240,6 +240,8 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str,

    rnd_info_A.buf = rnd_buf_A->x;
    rnd_info_A.length = rnd_buf_A->len;
+    rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_A.fallback_p_rng = NULL;

    /* Fix rnd_buf_A->x by shifting it left if necessary */
    if( grp.nbits % 8 != 0 )
@ -256,6 +258,8 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str,

    rnd_info_B.buf = rnd_buf_B->x;
    rnd_info_B.length = rnd_buf_B->len;
+    rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_B.fallback_p_rng = NULL;

    /* Fix rnd_buf_B->x by shifting it left if necessary */
    if( grp.nbits % 8 != 0 )
@ -362,9 +366,13 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z,
    mbedtls_ecdh_init( &srv );
    mbedtls_ecdh_init( &cli );

+    rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_A.fallback_p_rng = NULL;
    rnd_info_A.buf = dA->x;
    rnd_info_A.length = dA->len;

+    rnd_info_B.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info_B.fallback_p_rng = NULL;
    rnd_info_B.buf = dB->x;
    rnd_info_B.length = dB->len;

--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@ -292,6 +292,8 @@ void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str,
    TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
    TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
    TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+    rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    rnd_info.fallback_p_rng = NULL;
    rnd_info.buf = rnd_buf->x;
    rnd_info.length = rnd_buf->len;

--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@ -19,6 +19,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
    mbedtls_test_rnd_buf_info info;
    mbedtls_mpi N, E;

+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
    info.buf = rnd_buf->x;
    info.length = rnd_buf->len;

@ -268,6 +270,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
    mbedtls_mpi N, P, Q, E;
    mbedtls_test_rnd_buf_info info;

+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
    info.buf = rnd_buf->x;
    info.length = rnd_buf->len;

--- a/tests/suites/test_suite_pkcs1_v21.function
+++ b/tests/suites/test_suite_pkcs1_v21.function
@ -18,6 +18,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E,
    mbedtls_test_rnd_buf_info info;
    mbedtls_mpi N, E;

+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
    info.buf = rnd_buf->x;
    info.length = rnd_buf->len;

@ -122,6 +124,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q,
    mbedtls_test_rnd_buf_info info;
    mbedtls_mpi N, P, Q, E;

+    info.fallback_f_rng = mbedtls_test_rnd_std_rand;
+    info.fallback_p_rng = NULL;
    info.buf = rnd_buf->x;
    info.length = rnd_buf->len;