Merge pull request #21 from Mbed-TLS/dev/davidhorstmann-arm/add-test-generation-files

Add test generation files to framework

Author: bensze01

scripts/generate_bignum_tests.py

@@ -0,0 +1,186 @@
+#!/usr/bin/env python3
+"""Generate test data for bignum functions.
+
+With no arguments, generate all test data. With non-option arguments,
+generate only the specified files.
+
+Class structure:
+
+Child classes of test_data_generation.BaseTarget (file targets) represent an output
+file. These indicate where test cases will be written to, for all subclasses of
+this target. Multiple file targets should not reuse a `target_basename`.
+
+Each subclass derived from a file target can either be:
+  - A concrete class, representing a test function, which generates test cases.
+  - An abstract class containing shared methods and attributes, not associated
+        with a test function. An example is BignumOperation, which provides
+        common features used for bignum binary operations.
+
+Both concrete and abstract subclasses can be derived from, to implement
+additional test cases (see BignumCmp and BignumCmpAbs for examples of deriving
+from abstract and concrete classes).
+
+
+Adding test case generation for a function:
+
+A subclass representing the test function should be added, deriving from a
+file target such as BignumTarget. This test class must set/implement the
+following:
+  - test_function: the function name from the associated .function file.
+  - test_name: a descriptive name or brief summary to refer to the test
+        function.
+  - arguments(): a method to generate the list of arguments required for the
+        test_function.
+  - generate_function_tests(): a method to generate TestCases for the function.
+        This should create instances of the class with required input data, and
+        call `.create_test_case()` to yield the TestCase.
+
+Additional details and other attributes/methods are given in the documentation
+of BaseTarget in test_data_generation.py.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import sys
+
+from abc import ABCMeta
+from typing import List
+
+from mbedtls_framework import test_data_generation
+from mbedtls_framework import bignum_common
+# Import modules containing additional test classes
+# Test function classes in these modules will be registered by
+# the framework
+from mbedtls_framework import bignum_core, bignum_mod_raw, bignum_mod # pylint: disable=unused-import
+
+class BignumTarget(test_data_generation.BaseTarget):
+    #pylint: disable=too-few-public-methods
+    """Target for bignum (legacy) test case generation."""
+    target_basename = 'test_suite_bignum.generated'
+
+
+class BignumOperation(bignum_common.OperationCommon, BignumTarget,
+                      metaclass=ABCMeta):
+    #pylint: disable=abstract-method
+    """Common features for bignum operations in legacy tests."""
+    unique_combinations_only = True
+    input_values = [
+        "", "0", "-", "-0",
+        "7b", "-7b",
+        "0000000000000000123", "-0000000000000000123",
+        "1230000000000000000", "-1230000000000000000"
+    ]
+
+    def description_suffix(self) -> str:
+        #pylint: disable=no-self-use # derived classes need self
+        """Text to add at the end of the test case description."""
+        return ""
+
+    def description(self) -> str:
+        """Generate a description for the test case.
+
+        If not set, case_description uses the form A `symbol` B, where symbol
+        is used to represent the operation. Descriptions of each value are
+        generated to provide some context to the test case.
+        """
+        if not self.case_description:
+            self.case_description = "{} {} {}".format(
+                self.value_description(self.arg_a),
+                self.symbol,
+                self.value_description(self.arg_b)
+            )
+            description_suffix = self.description_suffix()
+            if description_suffix:
+                self.case_description += " " + description_suffix
+        return super().description()
+
+    @staticmethod
+    def value_description(val) -> str:
+        """Generate a description of the argument val.
+
+        This produces a simple description of the value, which is used in test
+        case naming to add context.
+        """
+        if val == "":
+            return "0 (null)"
+        if val == "-":
+            return "negative 0 (null)"
+        if val == "0":
+            return "0 (1 limb)"
+
+        if val[0] == "-":
+            tmp = "negative"
+            val = val[1:]
+        else:
+            tmp = "positive"
+        if val[0] == "0":
+            tmp += " with leading zero limb"
+        elif len(val) > 10:
+            tmp = "large " + tmp
+        return tmp
+
+
+class BignumCmp(BignumOperation):
+    """Test cases for bignum value comparison."""
+    count = 0
+    test_function = "mpi_cmp_mpi"
+    test_name = "MPI compare"
+    input_cases = [
+        ("-2", "-3"),
+        ("-2", "-2"),
+        ("2b4", "2b5"),
+        ("2b5", "2b6")
+        ]
+
+    def __init__(self, val_a, val_b) -> None:
+        super().__init__(val_a, val_b)
+        self._result = int(self.int_a > self.int_b) - int(self.int_a < self.int_b)
+        self.symbol = ["<", "==", ">"][self._result + 1]
+
+    def result(self) -> List[str]:
+        return [str(self._result)]
+
+
+class BignumCmpAbs(BignumCmp):
+    """Test cases for absolute bignum value comparison."""
+    count = 0
+    test_function = "mpi_cmp_abs"
+    test_name = "MPI compare (abs)"
+
+    def __init__(self, val_a, val_b) -> None:
+        super().__init__(val_a.strip("-"), val_b.strip("-"))
+
+
+class BignumAdd(BignumOperation):
+    """Test cases for bignum value addition."""
+    count = 0
+    symbol = "+"
+    test_function = "mpi_add_mpi"
+    test_name = "MPI add"
+    input_cases = bignum_common.combination_pairs(
+        [
+            "1c67967269c6", "9cde3",
+            "-1c67967269c6", "-9cde3",
+        ]
+    )
+
+    def __init__(self, val_a: str, val_b: str) -> None:
+        super().__init__(val_a, val_b)
+        self._result = self.int_a + self.int_b
+
+    def description_suffix(self) -> str:
+        if (self.int_a >= 0 and self.int_b >= 0):
+            return "" # obviously positive result or 0
+        if (self.int_a <= 0 and self.int_b <= 0):
+            return "" # obviously negative result or 0
+        # The sign of the result is not obvious, so indicate it
+        return ", result{}0".format('>' if self._result > 0 else
+                                    '<' if self._result < 0 else '=')
+
+    def result(self) -> List[str]:
+        return [bignum_common.quote_str("{:x}".format(self._result))]
+
+if __name__ == '__main__':
+    # Use the section of the docstring relevant to the CLI as description
+    test_data_generation.main(sys.argv[1:], "\n".join(__doc__.splitlines()[:4]))

scripts/generate_ecp_tests.py

@@ -0,0 +1,21 @@
+#!/usr/bin/env python3
+"""Generate test data for ecp functions.
+
+The command line usage, class structure and available methods are the same
+as in generate_bignum_tests.py.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+import sys
+
+from mbedtls_framework import test_data_generation
+# Import modules containing additional test classes
+# Test function classes in these modules will be registered by
+# the framework
+from mbedtls_framework import ecp # pylint: disable=unused-import
+
+if __name__ == '__main__':
+    # Use the section of the docstring relevant to the CLI as description
+    test_data_generation.main(sys.argv[1:], "\n".join(__doc__.splitlines()[:4]))

scripts/generate_pkcs7_tests.py

@@ -0,0 +1,183 @@
+#!/usr/bin/env python3
+#
+#  Copyright The Mbed TLS Contributors
+#  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+#
+
+"""
+Make fuzz like testing for pkcs7 tests
+Given a valid DER pkcs7 file add tests to the test_suite_pkcs7.data file
+ - It is expected that the pkcs7_asn1_fail( data_t *pkcs7_buf )
+    function is defined in test_suite_pkcs7.function
+ - This is not meant to be portable code, if anything it is meant to serve as
+   documentation for showing how those ugly tests in test_suite_pkcs7.data were created
+"""
+
+
+import sys
+from os.path import exists
+
+PKCS7_TEST_FILE = "../suites/test_suite_pkcs7.data"
+
+class Test: # pylint: disable=too-few-public-methods
+    """
+    A instance of a test in test_suite_pkcs7.data
+    """
+    def __init__(self, name, depends, func_call):
+        self.name = name
+        self.depends = depends
+        self.func_call = func_call
+
+    # pylint: disable=no-self-use
+    def to_string(self):
+        return "\n" + self.name + "\n" + self.depends + "\n" + self.func_call + "\n"
+
+class TestData:
+    """
+    Take in test_suite_pkcs7.data file.
+    Allow for new tests to be added.
+    """
+    mandatory_dep = "MBEDTLS_MD_CAN_SHA256"
+    test_name = "PKCS7 Parse Failure Invalid ASN1"
+    test_function = "pkcs7_asn1_fail:"
+    def __init__(self, file_name):
+        self.file_name = file_name
+        self.last_test_num, self.old_tests = self.read_test_file(file_name)
+        self.new_tests = []
+
+    # pylint: disable=no-self-use
+    def read_test_file(self, file):
+        """
+        Parse the test_suite_pkcs7.data file.
+        """
+        tests = []
+        if not exists(file):
+            print(file + " Does not exist")
+            sys.exit()
+        with open(file, "r", encoding='UTF-8') as fp:
+            data = fp.read()
+        lines = [line.strip() for line in data.split('\n') if len(line.strip()) > 1]
+        i = 0
+        while i < len(lines):
+            if "depends" in lines[i+1]:
+                tests.append(Test(lines[i], lines[i+1], lines[i+2]))
+                i += 3
+            else:
+                tests.append(Test(lines[i], None, lines[i+1]))
+                i += 2
+        latest_test_num = float(tests[-1].name.split('#')[1])
+        return latest_test_num, tests
+
+    def add(self, name, func_call):
+        self.last_test_num += 1
+        self.new_tests.append(Test(self.test_name + ": " + name +  " #" + \
+                str(self.last_test_num), "depends_on:" + self.mandatory_dep, \
+                self.test_function + '"' + func_call + '"'))
+
+    def write_changes(self):
+        with open(self.file_name, 'a', encoding='UTF-8') as fw:
+            fw.write("\n")
+            for t in self.new_tests:
+                fw.write(t.to_string())
+
+
+def asn1_mutate(data):
+    """
+    We have been given an asn1 structure representing a pkcs7.
+    We want to return an array of slightly modified versions of this data
+    they should be modified in a way which makes the structure invalid
+
+    We know that asn1 structures are:
+    |---1 byte showing data type---|----byte(s) for length of data---|---data content--|
+    We know that some data types can contain other data types.
+    Return a dictionary of reasons and mutated data types.
+    """
+
+    # off the bat just add bytes to start and end of the buffer
+    mutations = []
+    reasons = []
+    mutations.append(["00"] + data)
+    reasons.append("Add null byte to start")
+    mutations.append(data + ["00"])
+    reasons.append("Add null byte to end")
+    # for every asn1 entry we should attempt to:
+    #    - change the data type tag
+    #    - make the length longer than actual
+    #    - make the length shorter than actual
+    i = 0
+    while i < len(data):
+        tag_i = i
+        leng_i = tag_i + 1
+        data_i = leng_i + 1 + (int(data[leng_i][1], 16) if data[leng_i][0] == '8' else 0)
+        if data[leng_i][0] == '8':
+            length = int(''.join(data[leng_i + 1: data_i]), 16)
+        else:
+            length = int(data[leng_i], 16)
+
+        tag = data[tag_i]
+        print("Looking at ans1: offset " + str(i) + " tag = " + tag + \
+                ", length = " + str(length)+ ":")
+        print(''.join(data[data_i:data_i+length]))
+        # change tag to something else
+        if tag == "02":
+            # turn integers into octet strings
+            new_tag = "04"
+        else:
+            # turn everything else into an integer
+            new_tag = "02"
+        mutations.append(data[:tag_i] + [new_tag] + data[leng_i:])
+        reasons.append("Change tag " + tag + " to " + new_tag)
+
+        # change lengths to too big
+        # skip any edge cases which would cause carry over
+        if int(data[data_i - 1], 16) < 255:
+            new_length = str(hex(int(data[data_i - 1], 16) + 1))[2:]
+            if len(new_length) == 1:
+                new_length = "0"+new_length
+            mutations.append(data[:data_i -1] + [new_length] + data[data_i:])
+            reasons.append("Change length from " + str(length) + " to " \
+                    + str(length + 1))
+            # we can add another test here for tags that contain other tags \
+            # where they have more data than there containing tags account for
+            if tag in ["30", "a0", "31"]:
+                mutations.append(data[:data_i -1] + [new_length] + \
+                        data[data_i:data_i + length] + ["00"] + \
+                        data[data_i + length:])
+                reasons.append("Change contents of tag " + tag + " to contain \
+                        one unaccounted extra byte")
+        # change lengths to too small
+        if int(data[data_i - 1], 16) > 0:
+            new_length = str(hex(int(data[data_i - 1], 16) - 1))[2:]
+            if len(new_length) == 1:
+                new_length = "0"+new_length
+            mutations.append(data[:data_i -1] + [new_length] + data[data_i:])
+            reasons.append("Change length from " + str(length) + " to " + str(length - 1))
+
+        # some tag types contain other tag types so we should iterate into the data
+        if tag in ["30", "a0", "31"]:
+            i = data_i
+        else:
+            i = data_i + length
+
+    return list(zip(reasons, mutations))
+
+if __name__ == "__main__":
+    if len(sys.argv) < 2:
+        print("USAGE: " + sys.argv[0] + " <pkcs7_der_file>")
+        sys.exit()
+
+    DATA_FILE = sys.argv[1]
+    TEST_DATA = TestData(PKCS7_TEST_FILE)
+    with open(DATA_FILE, 'rb') as f:
+        DATA_STR = f.read().hex()
+    # make data an array of byte strings eg ['de','ad','be','ef']
+    HEX_DATA = list(map(''.join, [[DATA_STR[i], DATA_STR[i+1]] for i in range(0, len(DATA_STR), \
+            2)]))
+    # returns tuples of test_names and modified data buffers
+    MUT_ARR = asn1_mutate(HEX_DATA)
+
+    print("made " + str(len(MUT_ARR)) + " new tests")
+    for new_test in MUT_ARR:
+        TEST_DATA.add(new_test[0], ''.join(new_test[1]))
+
+    TEST_DATA.write_changes()