Merge pull request #3121 from gilles-peskine-arm/invasive_testing_strategy-crypto
Invasive testing strategy Create a new header `common.h`. Introduce a configuration option `MBEDTLS_TEST_HOOKS` for test-specific code, to be used in accordance with the invasive testing strategy.
This commit is contained in:
Gilles Peskine
GitHub
commit
d6916d74c5
9 changed files with 474 additions and 0 deletions
|
|
@ -1865,6 +1865,26 @@
|
|||
*/
|
||||
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_TEST_HOOKS
|
||||
*
|
||||
* Enable features for invasive testing such as introspection functions and
|
||||
* hooks for fault injection. This enables additional unit tests.
|
||||
*
|
||||
* Merely enabling this feature should not change the behavior of the product.
|
||||
* It only adds new code, and new branching points where the default behavior
|
||||
* is the same as when this feature is disabled.
|
||||
* However, this feature increases the attack surface: there is an added
|
||||
* risk of vulnerabilities, and more gadgets that can make exploits easier.
|
||||
* Therefore this feature must never be enabled in production.
|
||||
*
|
||||
* See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more
|
||||
* information.
|
||||
*
|
||||
* Uncomment to enable invasive tests.
|
||||
*/
|
||||
//#define MBEDTLS_TEST_HOOKS
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_THREADING_ALT
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue