1*62c56f98SSadaf Ebrahimi /* 2*62c56f98SSadaf Ebrahimi * Common code for SSL test programs 3*62c56f98SSadaf Ebrahimi * 4*62c56f98SSadaf Ebrahimi * Copyright The Mbed TLS Contributors 5*62c56f98SSadaf Ebrahimi * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 6*62c56f98SSadaf Ebrahimi */ 7*62c56f98SSadaf Ebrahimi 8*62c56f98SSadaf Ebrahimi #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 9*62c56f98SSadaf Ebrahimi #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H 10*62c56f98SSadaf Ebrahimi 11*62c56f98SSadaf Ebrahimi #include "mbedtls/build_info.h" 12*62c56f98SSadaf Ebrahimi 13*62c56f98SSadaf Ebrahimi #include "mbedtls/platform.h" 14*62c56f98SSadaf Ebrahimi #include "mbedtls/md.h" 15*62c56f98SSadaf Ebrahimi 16*62c56f98SSadaf Ebrahimi #undef HAVE_RNG 17*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ 18*62c56f98SSadaf Ebrahimi (defined(MBEDTLS_USE_PSA_CRYPTO) || \ 19*62c56f98SSadaf Ebrahimi defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)) 20*62c56f98SSadaf Ebrahimi #define HAVE_RNG 21*62c56f98SSadaf Ebrahimi #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) 22*62c56f98SSadaf Ebrahimi #define HAVE_RNG 23*62c56f98SSadaf Ebrahimi #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ 24*62c56f98SSadaf Ebrahimi (defined(MBEDTLS_MD_CAN_SHA256) || defined(MBEDTLS_MD_CAN_SHA512)) 25*62c56f98SSadaf Ebrahimi #define HAVE_RNG 26*62c56f98SSadaf Ebrahimi #endif 27*62c56f98SSadaf Ebrahimi 28*62c56f98SSadaf Ebrahimi #if !defined(MBEDTLS_NET_C) || \ 29*62c56f98SSadaf Ebrahimi !defined(MBEDTLS_SSL_TLS_C) 30*62c56f98SSadaf Ebrahimi #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 31*62c56f98SSadaf Ebrahimi "MBEDTLS_NET_C and/or " \ 32*62c56f98SSadaf Ebrahimi "MBEDTLS_SSL_TLS_C not defined." 33*62c56f98SSadaf Ebrahimi #elif !defined(HAVE_RNG) 34*62c56f98SSadaf Ebrahimi #define MBEDTLS_SSL_TEST_IMPOSSIBLE \ 35*62c56f98SSadaf Ebrahimi "No random generator is available.\n" 36*62c56f98SSadaf Ebrahimi #else 37*62c56f98SSadaf Ebrahimi #undef MBEDTLS_SSL_TEST_IMPOSSIBLE 38*62c56f98SSadaf Ebrahimi 39*62c56f98SSadaf Ebrahimi #undef HAVE_RNG 40*62c56f98SSadaf Ebrahimi 41*62c56f98SSadaf Ebrahimi #include <stdio.h> 42*62c56f98SSadaf Ebrahimi #include <stdlib.h> 43*62c56f98SSadaf Ebrahimi #include <string.h> 44*62c56f98SSadaf Ebrahimi 45*62c56f98SSadaf Ebrahimi #include "mbedtls/net_sockets.h" 46*62c56f98SSadaf Ebrahimi #include "mbedtls/ssl.h" 47*62c56f98SSadaf Ebrahimi #include "mbedtls/ssl_ciphersuites.h" 48*62c56f98SSadaf Ebrahimi #include "mbedtls/entropy.h" 49*62c56f98SSadaf Ebrahimi #include "mbedtls/ctr_drbg.h" 50*62c56f98SSadaf Ebrahimi #include "mbedtls/hmac_drbg.h" 51*62c56f98SSadaf Ebrahimi #include "mbedtls/x509.h" 52*62c56f98SSadaf Ebrahimi #include "mbedtls/error.h" 53*62c56f98SSadaf Ebrahimi #include "mbedtls/debug.h" 54*62c56f98SSadaf Ebrahimi #include "mbedtls/timing.h" 55*62c56f98SSadaf Ebrahimi #include "mbedtls/base64.h" 56*62c56f98SSadaf Ebrahimi #include "test/certs.h" 57*62c56f98SSadaf Ebrahimi 58*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 59*62c56f98SSadaf Ebrahimi #include "psa/crypto.h" 60*62c56f98SSadaf Ebrahimi #include "mbedtls/psa_util.h" 61*62c56f98SSadaf Ebrahimi #endif 62*62c56f98SSadaf Ebrahimi 63*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) 64*62c56f98SSadaf Ebrahimi #include "mbedtls/memory_buffer_alloc.h" 65*62c56f98SSadaf Ebrahimi #endif 66*62c56f98SSadaf Ebrahimi 67*62c56f98SSadaf Ebrahimi #include <test/helpers.h> 68*62c56f98SSadaf Ebrahimi 69*62c56f98SSadaf Ebrahimi #include "../test/query_config.h" 70*62c56f98SSadaf Ebrahimi 71*62c56f98SSadaf Ebrahimi #define ALPN_LIST_SIZE 10 72*62c56f98SSadaf Ebrahimi #define GROUP_LIST_SIZE 25 73*62c56f98SSadaf Ebrahimi #define SIG_ALG_LIST_SIZE 5 74*62c56f98SSadaf Ebrahimi 75*62c56f98SSadaf Ebrahimi typedef struct eap_tls_keys { 76*62c56f98SSadaf Ebrahimi unsigned char master_secret[48]; 77*62c56f98SSadaf Ebrahimi unsigned char randbytes[64]; 78*62c56f98SSadaf Ebrahimi mbedtls_tls_prf_types tls_prf_type; 79*62c56f98SSadaf Ebrahimi } eap_tls_keys; 80*62c56f98SSadaf Ebrahimi 81*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_SSL_DTLS_SRTP) 82*62c56f98SSadaf Ebrahimi 83*62c56f98SSadaf Ebrahimi /* Supported SRTP mode needs a maximum of : 84*62c56f98SSadaf Ebrahimi * - 16 bytes for key (AES-128) 85*62c56f98SSadaf Ebrahimi * - 14 bytes SALT 86*62c56f98SSadaf Ebrahimi * One for sender, one for receiver context 87*62c56f98SSadaf Ebrahimi */ 88*62c56f98SSadaf Ebrahimi #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 89*62c56f98SSadaf Ebrahimi 90*62c56f98SSadaf Ebrahimi typedef struct dtls_srtp_keys { 91*62c56f98SSadaf Ebrahimi unsigned char master_secret[48]; 92*62c56f98SSadaf Ebrahimi unsigned char randbytes[64]; 93*62c56f98SSadaf Ebrahimi mbedtls_tls_prf_types tls_prf_type; 94*62c56f98SSadaf Ebrahimi } dtls_srtp_keys; 95*62c56f98SSadaf Ebrahimi 96*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_DTLS_SRTP */ 97*62c56f98SSadaf Ebrahimi 98*62c56f98SSadaf Ebrahimi typedef struct { 99*62c56f98SSadaf Ebrahimi mbedtls_ssl_context *ssl; 100*62c56f98SSadaf Ebrahimi mbedtls_net_context *net; 101*62c56f98SSadaf Ebrahimi } io_ctx_t; 102*62c56f98SSadaf Ebrahimi 103*62c56f98SSadaf Ebrahimi void my_debug(void *ctx, int level, 104*62c56f98SSadaf Ebrahimi const char *file, int line, 105*62c56f98SSadaf Ebrahimi const char *str); 106*62c56f98SSadaf Ebrahimi 107*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_HAVE_TIME) 108*62c56f98SSadaf Ebrahimi mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); 109*62c56f98SSadaf Ebrahimi #endif 110*62c56f98SSadaf Ebrahimi 111*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 112*62c56f98SSadaf Ebrahimi /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use 113*62c56f98SSadaf Ebrahimi * mbedtls_psa_get_random() rather than entropy+DRBG as a random generator. 114*62c56f98SSadaf Ebrahimi * 115*62c56f98SSadaf Ebrahimi * The constraints are: 116*62c56f98SSadaf Ebrahimi * - Without the entropy module, the PSA RNG is the only option. 117*62c56f98SSadaf Ebrahimi * - Without at least one of the DRBG modules, the PSA RNG is the only option. 118*62c56f98SSadaf Ebrahimi * - The PSA RNG does not support explicit seeding, so it is incompatible with 119*62c56f98SSadaf Ebrahimi * the reproducible mode used by test programs. 120*62c56f98SSadaf Ebrahimi * - For good overall test coverage, there should be at least one configuration 121*62c56f98SSadaf Ebrahimi * where the test programs use the PSA RNG while the PSA RNG is itself based 122*62c56f98SSadaf Ebrahimi * on entropy+DRBG, and at least one configuration where the test programs 123*62c56f98SSadaf Ebrahimi * do not use the PSA RNG even though it's there. 124*62c56f98SSadaf Ebrahimi * 125*62c56f98SSadaf Ebrahimi * A simple choice that meets the constraints is to use the PSA RNG whenever 126*62c56f98SSadaf Ebrahimi * MBEDTLS_USE_PSA_CRYPTO is enabled. There's no real technical reason the 127*62c56f98SSadaf Ebrahimi * choice to use the PSA RNG in the test programs and the choice to use 128*62c56f98SSadaf Ebrahimi * PSA crypto when TLS code needs crypto have to be tied together, but it 129*62c56f98SSadaf Ebrahimi * happens to be a good match. It's also a good match from an application 130*62c56f98SSadaf Ebrahimi * perspective: either PSA is preferred for TLS (both for crypto and for 131*62c56f98SSadaf Ebrahimi * random generation) or it isn't. 132*62c56f98SSadaf Ebrahimi */ 133*62c56f98SSadaf Ebrahimi #define MBEDTLS_TEST_USE_PSA_CRYPTO_RNG 134*62c56f98SSadaf Ebrahimi #endif 135*62c56f98SSadaf Ebrahimi 136*62c56f98SSadaf Ebrahimi /** A context for random number generation (RNG). 137*62c56f98SSadaf Ebrahimi */ 138*62c56f98SSadaf Ebrahimi typedef struct { 139*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) 140*62c56f98SSadaf Ebrahimi unsigned char dummy; 141*62c56f98SSadaf Ebrahimi #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 142*62c56f98SSadaf Ebrahimi mbedtls_entropy_context entropy; 143*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CTR_DRBG_C) 144*62c56f98SSadaf Ebrahimi mbedtls_ctr_drbg_context drbg; 145*62c56f98SSadaf Ebrahimi #elif defined(MBEDTLS_HMAC_DRBG_C) 146*62c56f98SSadaf Ebrahimi mbedtls_hmac_drbg_context drbg; 147*62c56f98SSadaf Ebrahimi #else 148*62c56f98SSadaf Ebrahimi #error "No DRBG available" 149*62c56f98SSadaf Ebrahimi #endif 150*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ 151*62c56f98SSadaf Ebrahimi } rng_context_t; 152*62c56f98SSadaf Ebrahimi 153*62c56f98SSadaf Ebrahimi /** Initialize the RNG. 154*62c56f98SSadaf Ebrahimi * 155*62c56f98SSadaf Ebrahimi * This function only initializes the memory used by the RNG context. 156*62c56f98SSadaf Ebrahimi * Before using the RNG, it must be seeded with rng_seed(). 157*62c56f98SSadaf Ebrahimi */ 158*62c56f98SSadaf Ebrahimi void rng_init(rng_context_t *rng); 159*62c56f98SSadaf Ebrahimi 160*62c56f98SSadaf Ebrahimi /* Seed the random number generator. 161*62c56f98SSadaf Ebrahimi * 162*62c56f98SSadaf Ebrahimi * \param rng The RNG context to use. It must have been initialized 163*62c56f98SSadaf Ebrahimi * with rng_init(). 164*62c56f98SSadaf Ebrahimi * \param reproducible If zero, seed the RNG from entropy. 165*62c56f98SSadaf Ebrahimi * If nonzero, use a fixed seed, so that the program 166*62c56f98SSadaf Ebrahimi * will produce the same sequence of random numbers 167*62c56f98SSadaf Ebrahimi * each time it is invoked. 168*62c56f98SSadaf Ebrahimi * \param pers A null-terminated string. Different values for this 169*62c56f98SSadaf Ebrahimi * string cause the RNG to emit different output for 170*62c56f98SSadaf Ebrahimi * the same seed. 171*62c56f98SSadaf Ebrahimi * 172*62c56f98SSadaf Ebrahimi * return 0 on success, a negative value on error. 173*62c56f98SSadaf Ebrahimi */ 174*62c56f98SSadaf Ebrahimi int rng_seed(rng_context_t *rng, int reproducible, const char *pers); 175*62c56f98SSadaf Ebrahimi 176*62c56f98SSadaf Ebrahimi /** Deinitialize the RNG. Free any embedded resource. 177*62c56f98SSadaf Ebrahimi * 178*62c56f98SSadaf Ebrahimi * \param rng The RNG context to deinitialize. It must have been 179*62c56f98SSadaf Ebrahimi * initialized with rng_init(). 180*62c56f98SSadaf Ebrahimi */ 181*62c56f98SSadaf Ebrahimi void rng_free(rng_context_t *rng); 182*62c56f98SSadaf Ebrahimi 183*62c56f98SSadaf Ebrahimi /** Generate random data. 184*62c56f98SSadaf Ebrahimi * 185*62c56f98SSadaf Ebrahimi * This function is suitable for use as the \c f_rng argument to Mbed TLS 186*62c56f98SSadaf Ebrahimi * library functions. 187*62c56f98SSadaf Ebrahimi * 188*62c56f98SSadaf Ebrahimi * \param p_rng The random generator context. This must be a pointer to 189*62c56f98SSadaf Ebrahimi * a #rng_context_t structure. 190*62c56f98SSadaf Ebrahimi * \param output The buffer to fill. 191*62c56f98SSadaf Ebrahimi * \param output_len The length of the buffer in bytes. 192*62c56f98SSadaf Ebrahimi * 193*62c56f98SSadaf Ebrahimi * \return \c 0 on success. 194*62c56f98SSadaf Ebrahimi * \return An Mbed TLS error code on error. 195*62c56f98SSadaf Ebrahimi */ 196*62c56f98SSadaf Ebrahimi int rng_get(void *p_rng, unsigned char *output, size_t output_len); 197*62c56f98SSadaf Ebrahimi 198*62c56f98SSadaf Ebrahimi /** Parse command-line option: key_opaque_algs 199*62c56f98SSadaf Ebrahimi * 200*62c56f98SSadaf Ebrahimi * 201*62c56f98SSadaf Ebrahimi * \param arg String value of key_opaque_algs 202*62c56f98SSadaf Ebrahimi * Coma-separated pair of values among the following: 203*62c56f98SSadaf Ebrahimi * - "rsa-sign-pkcs1" 204*62c56f98SSadaf Ebrahimi * - "rsa-sign-pss" 205*62c56f98SSadaf Ebrahimi * - "rsa-decrypt" 206*62c56f98SSadaf Ebrahimi * - "ecdsa-sign" 207*62c56f98SSadaf Ebrahimi * - "ecdh" 208*62c56f98SSadaf Ebrahimi * - "none" (only acceptable for the second value). 209*62c56f98SSadaf Ebrahimi * \param alg1 Address of pointer to alg #1 210*62c56f98SSadaf Ebrahimi * \param alg2 Address of pointer to alg #2 211*62c56f98SSadaf Ebrahimi * 212*62c56f98SSadaf Ebrahimi * \return \c 0 on success. 213*62c56f98SSadaf Ebrahimi * \return \c 1 on parse failure. 214*62c56f98SSadaf Ebrahimi */ 215*62c56f98SSadaf Ebrahimi int key_opaque_alg_parse(const char *arg, const char **alg1, const char **alg2); 216*62c56f98SSadaf Ebrahimi 217*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO) 218*62c56f98SSadaf Ebrahimi /** Parse given opaque key algorithms to obtain psa algs and usage 219*62c56f98SSadaf Ebrahimi * that will be passed to mbedtls_pk_wrap_as_opaque(). 220*62c56f98SSadaf Ebrahimi * 221*62c56f98SSadaf Ebrahimi * 222*62c56f98SSadaf Ebrahimi * \param alg1 input string opaque key algorithm #1 223*62c56f98SSadaf Ebrahimi * \param alg2 input string opaque key algorithm #2 224*62c56f98SSadaf Ebrahimi * \param psa_alg1 output PSA algorithm #1 225*62c56f98SSadaf Ebrahimi * \param psa_alg2 output PSA algorithm #2 226*62c56f98SSadaf Ebrahimi * \param usage output key usage 227*62c56f98SSadaf Ebrahimi * \param key_type key type used to set default psa algorithm/usage 228*62c56f98SSadaf Ebrahimi * when alg1 in "none" 229*62c56f98SSadaf Ebrahimi * 230*62c56f98SSadaf Ebrahimi * \return \c 0 on success. 231*62c56f98SSadaf Ebrahimi * \return \c 1 on parse failure. 232*62c56f98SSadaf Ebrahimi */ 233*62c56f98SSadaf Ebrahimi int key_opaque_set_alg_usage(const char *alg1, const char *alg2, 234*62c56f98SSadaf Ebrahimi psa_algorithm_t *psa_alg1, 235*62c56f98SSadaf Ebrahimi psa_algorithm_t *psa_alg2, 236*62c56f98SSadaf Ebrahimi psa_key_usage_t *usage, 237*62c56f98SSadaf Ebrahimi mbedtls_pk_type_t key_type); 238*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */ 239*62c56f98SSadaf Ebrahimi 240*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) 241*62c56f98SSadaf Ebrahimi /* The test implementation of the PSA external RNG is insecure. When 242*62c56f98SSadaf Ebrahimi * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto 243*62c56f98SSadaf Ebrahimi * function that makes use of an RNG, you must call 244*62c56f98SSadaf Ebrahimi * mbedtls_test_enable_insecure_external_rng(). */ 245*62c56f98SSadaf Ebrahimi #include <test/fake_external_rng_for_test.h> 246*62c56f98SSadaf Ebrahimi #endif 247*62c56f98SSadaf Ebrahimi 248*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 249*62c56f98SSadaf Ebrahimi int ca_callback(void *data, mbedtls_x509_crt const *child, 250*62c56f98SSadaf Ebrahimi mbedtls_x509_crt **candidates); 251*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 252*62c56f98SSadaf Ebrahimi 253*62c56f98SSadaf Ebrahimi /* 254*62c56f98SSadaf Ebrahimi * Test recv/send functions that make sure each try returns 255*62c56f98SSadaf Ebrahimi * WANT_READ/WANT_WRITE at least once before succeeding 256*62c56f98SSadaf Ebrahimi */ 257*62c56f98SSadaf Ebrahimi int delayed_recv(void *ctx, unsigned char *buf, size_t len); 258*62c56f98SSadaf Ebrahimi int delayed_send(void *ctx, const unsigned char *buf, size_t len); 259*62c56f98SSadaf Ebrahimi 260*62c56f98SSadaf Ebrahimi /* 261*62c56f98SSadaf Ebrahimi * Wait for an event from the underlying transport or the timer 262*62c56f98SSadaf Ebrahimi * (Used in event-driven IO mode). 263*62c56f98SSadaf Ebrahimi */ 264*62c56f98SSadaf Ebrahimi int idle(mbedtls_net_context *fd, 265*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_TIMING_C) 266*62c56f98SSadaf Ebrahimi mbedtls_timing_delay_context *timer, 267*62c56f98SSadaf Ebrahimi #endif 268*62c56f98SSadaf Ebrahimi int idle_reason); 269*62c56f98SSadaf Ebrahimi 270*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_TEST_HOOKS) 271*62c56f98SSadaf Ebrahimi /** Initialize whatever test hooks are enabled by the compile-time 272*62c56f98SSadaf Ebrahimi * configuration and make sense for the TLS test programs. */ 273*62c56f98SSadaf Ebrahimi void test_hooks_init(void); 274*62c56f98SSadaf Ebrahimi 275*62c56f98SSadaf Ebrahimi /** Check if any test hooks detected a problem. 276*62c56f98SSadaf Ebrahimi * 277*62c56f98SSadaf Ebrahimi * If a problem was detected, it's ok for the calling program to keep going, 278*62c56f98SSadaf Ebrahimi * but it should ultimately exit with an error status. 279*62c56f98SSadaf Ebrahimi * 280*62c56f98SSadaf Ebrahimi * \note When implementing a test hook that detects errors on its own 281*62c56f98SSadaf Ebrahimi * (as opposed to e.g. leaving the error for a memory sanitizer to 282*62c56f98SSadaf Ebrahimi * report), make sure to print a message to standard error either at 283*62c56f98SSadaf Ebrahimi * the time the problem is detected or during the execution of this 284*62c56f98SSadaf Ebrahimi * function. This function does not indicate what problem was detected, 285*62c56f98SSadaf Ebrahimi * so printing a message is the only way to provide feedback in the 286*62c56f98SSadaf Ebrahimi * logs of the calling program. 287*62c56f98SSadaf Ebrahimi * 288*62c56f98SSadaf Ebrahimi * \return Nonzero if a problem was detected. 289*62c56f98SSadaf Ebrahimi * \c 0 if no problem was detected. 290*62c56f98SSadaf Ebrahimi */ 291*62c56f98SSadaf Ebrahimi int test_hooks_failure_detected(void); 292*62c56f98SSadaf Ebrahimi 293*62c56f98SSadaf Ebrahimi /** Free any resources allocated for the sake of test hooks. 294*62c56f98SSadaf Ebrahimi * 295*62c56f98SSadaf Ebrahimi * Call this at the end of the program so that resource leak analyzers 296*62c56f98SSadaf Ebrahimi * don't complain. 297*62c56f98SSadaf Ebrahimi */ 298*62c56f98SSadaf Ebrahimi void test_hooks_free(void); 299*62c56f98SSadaf Ebrahimi 300*62c56f98SSadaf Ebrahimi #endif /* !MBEDTLS_TEST_HOOKS */ 301*62c56f98SSadaf Ebrahimi 302*62c56f98SSadaf Ebrahimi /* Helper functions for FFDH groups. */ 303*62c56f98SSadaf Ebrahimi int parse_groups(const char *groups, uint16_t *group_list, size_t group_list_len); 304*62c56f98SSadaf Ebrahimi 305*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */ 306*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */ 307