Cryptography library error injection

[steven-bellock]

The time has come to inject errors into the cryptography library, and other HALs, so that code coverage can be improved. The question is how should this be implemented? I think the main requirement is that none of the files in libspdm/library should be edited to support this. So that means editing the files in libspdm/os_stub and libspdm/unit_test. One way would be to edit the cryptography implementations in library/os_stub to allow for error injection. For example

libspdm/os_stub/cryptlib_mbedtls/hash/sha.c

Lines 195 to 202 in 37e58c7

	bool libspdm_sha256_hash_all(const void *data, size_t data_size,
	uint8_t *hash_value)
	{
	int32_t ret;
	if (hash_value == NULL) {
	return false;
	}

would become (something like)

 bool libspdm_sha256_hash_all(const void *data, size_t data_size, 
                              uint8_t *hash_value) 
 { 
     int32_t ret; 
  
     #if LIBSPDM_TEST_ERROR_ENABLE
     if (m_error_libspdm_sha256_hash_all) {
         return false;
     }
     #endif /* LIBSPDM_TEST_ERROR_ENABLE */

     if (hash_value == NULL) { 
         return false; 
     } 

When LIBSPDM_TEST_ERROR_ENABLE is enabled this would lead to the creation of two new libraries, cryptlib_openssl_test and cryptlib_mbedtls_test. The Integrator would obviously need to be careful to not link to these libraries when in production.

[jyao1]

Good idea on error injection. I dont suggest we change any code in the original function. I suggest to use wrapper function. For example:

1. Use macro to rename the original crypt_func_name to crypt_func_name_internal in the header file, such as

#define libspdm_sha256_hash_all libspdm_sha256_hash_all_internal

Then when this library is built, it will expose a different symbol.

2. Create a wrapper function with original name, and call the internal function.

/* wrapper function with original name */
 bool libspdm_sha256_hash_all(const void *data, size_t data_size, 
                                                  uint8_t *hash_value)
 { 
     if (m_error_libspdm_sha256_hash_all) {
         return false;
     }

     return  libspdm_sha256_hash_all_internal (data, data_size, hash_value);
 }

The error on/off is controlled in the wrapper function.