From 6bc5ad2bae3a8b0de35d12a5b2948cccbcd6b9a1 Mon Sep 17 00:00:00 2001 From: Paul Adelsbach Date: Mon, 1 Jun 2026 13:22:09 -0700 Subject: [PATCH] Add refactored padding test --- test-refactor/README.md | 2 +- .../misc/wh_test_check_struct_padding.c | 227 ++++++++++++++++++ test-refactor/posix/Makefile | 3 + 3 files changed, 231 insertions(+), 1 deletion(-) create mode 100644 test-refactor/misc/wh_test_check_struct_padding.c diff --git a/test-refactor/README.md b/test-refactor/README.md index cd37861f9..e4192952c 100644 --- a/test-refactor/README.md +++ b/test-refactor/README.md @@ -87,6 +87,7 @@ Translated tests: | `wh_test_flash_ramsim.c::whTest_Flash_RamSim` | `posix/wh_test_flash_ramsim.c::{whTest_FlashWriteLock, whTest_FlashEraseProgramVerify, whTest_FlashUnitOps}` | POSIX port-specific (`whTestGroup_RunOne`) | remove ramsim coupling and migrate to server group | | `wh_test_nvm_flash.c::whTest_NvmFlash` | `posix/wh_test_nvm_flash.c::whTest_NvmAddOverwriteDestroy` | POSIX port-specific (`whTestGroup_RunOne`) | remove ramsim coupling and migrate to server group | | `wh_test_posix_threadsafe_stress.c::whTest_ThreadSafeStress` | called directly from `posix/wh_test_posix_main.c` | POSIX port-specific (direct call) | | +| `wh_test_check_struct_padding.c` | `misc/wh_test_check_struct_padding.c` | Build-time (compile-only) | Wire-format `-Wpadded` audit; the POSIX Makefile compiles it with `-Wpadded -DWH_PADDING_CHECK`. Not a runtime test, so not registered in `wh_test_list.c` | Not yet migrated (still live in `wolfHSM/test/`): @@ -106,7 +107,6 @@ Not yet migrated (still live in `wolfHSM/test/`): | `wh_test_server_img_mgr.c::whTest_ServerImgMgr` | | | `wh_test_nvmflags.c::whTest_NvmFlags` | | | `wh_test_flash_fault_inject.c` | | -| `wh_test_check_struct_padding.c` | | ### Other improvements - Add callback from `wh_Server_HandleRequestMessage` to allow sleep and avoid a busy loop diff --git a/test-refactor/misc/wh_test_check_struct_padding.c b/test-refactor/misc/wh_test_check_struct_padding.c new file mode 100644 index 000000000..1e6bf04b7 --- /dev/null +++ b/test-refactor/misc/wh_test_check_struct_padding.c @@ -0,0 +1,227 @@ +/* + * Copyright (C) 2026 wolfSSL Inc. + * + * This file is part of wolfHSM. + * + * wolfHSM is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * wolfHSM is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with wolfHSM. If not, see . + */ +#ifndef WH_TEST_CHECK_STRUCT_PADDING_C_ +#define WH_TEST_CHECK_STRUCT_PADDING_C_ + +#include "wolfhsm/wh_settings.h" + +/* For each included file, define an instance of every struct for which we want + * to check padding. Then, when this file is compiled with -Wpadded it will + * generate an error if padding is wrong */ + + +#include "wolfhsm/wh_message_comm.h" +whMessageComm_ErrorResponse whMessageComm_ErrorResponse_test; +whMessageCommInitRequest whMessageCommInitRequest_test; +whMessageCommInitResponse whMessageCommInitResponse_test; +whMessageCommInfoResponse whMessageCommInfoResponse_test; + + +#include "wolfhsm/wh_message_customcb.h" +whMessageCustomCb_Request whMessageCustomCb_Request_test; +whMessageCustomCb_Response whMessageCustomCb_Response_test; + +#include "wolfhsm/wh_message_nvm.h" +whMessageNvm_SimpleResponse whMessageNvm_SimpleResponse_test; +whMessageNvm_InitRequest whMessageNvm_InitRequest_test; +whMessageNvm_InitResponse whMessageNvm_InitResponse_test; +whMessageNvm_GetAvailableResponse whMessageNvm_GetAvailableResponse_test; +whMessageNvm_AddObjectRequest whMessageNvm_AddObjectRequest_test; +whMessageNvm_ListRequest whMessageNvm_ListRequest_test; +whMessageNvm_ListResponse whMessageNvm_ListResponse_test; +whMessageNvm_GetMetadataRequest whMessageNvm_GetMetadataRequest_test; +whMessageNvm_GetMetadataResponse whMessageNvm_GetMetadataResponse_test; +whMessageNvm_DestroyObjectsRequest whMessageNvm_DestroyObjectsRequest_test; +whMessageNvm_ReadRequest whMessageNvm_ReadRequest_test; +whMessageNvm_ReadResponse whMessageNvm_ReadResponse_test; + +#if defined(WOLFHSM_CFG_DMA) +whMessageNvm_AddObjectDmaRequest whMessageNvm_AddObjectDmaRequest_test; +whMessageNvm_ReadDmaRequest whMessageNvm_ReadDmaRequest_test; +#endif + +/* Include keystore message header for new keystore message structures */ +#include "wolfhsm/wh_message_keystore.h" +whMessageKeystore_CacheRequest keyCacheReq; +whMessageKeystore_EvictRequest keyEvictReq; +whMessageKeystore_CommitRequest keyCommitReq; +whMessageKeystore_ExportRequest keyExportReq; +whMessageKeystore_EraseRequest keyEraseReq; +whMessageKeystore_CacheResponse keyCacheRes; +whMessageKeystore_EvictResponse keyEvictRes; +whMessageKeystore_CommitResponse keyCommitRes; +whMessageKeystore_ExportResponse keyExportRes; +whMessageKeystore_EraseResponse keyEraseRes; +whMessageKeystore_ExportPublicRequest keyExportPublicReq; +whMessageKeystore_ExportPublicResponse keyExportPublicRes; + +/* Include counter message header for new counter message structures */ +#include "wolfhsm/wh_message_counter.h" +whMessageCounter_InitRequest counterInitReq; +whMessageCounter_IncrementRequest counterIncrementReq; +whMessageCounter_ReadRequest counterReadReq; +whMessageCounter_DestroyRequest counterDestroyReq; +whMessageCounter_InitResponse counterInitRes; +whMessageCounter_IncrementResponse counterIncrementRes; +whMessageCounter_ReadResponse counterReadRes; +whMessageCounter_DestroyResponse counterDestroyRes; + +/* DMA keystore messages */ +whMessageKeystore_CacheDmaRequest keyCacheDmaReq; +whMessageKeystore_CacheDmaResponse keyCacheDmaRes; +whMessageKeystore_ExportDmaRequest keyExportDmaReq; +whMessageKeystore_ExportDmaResponse keyExportDmaRes; +whMessageKeystore_ExportPublicDmaRequest keyExportPublicDmaReq; +whMessageKeystore_ExportPublicDmaResponse keyExportPublicDmaRes; + +#ifndef WOLFHSM_CFG_NO_CRYPTO +/* Include crypto message header for new crypto message structures */ +#include "wolfhsm/wh_message_crypto.h" +whMessageCrypto_GenericRequestHeader cryptoGenericReqHeader; +whMessageCrypto_GenericResponseHeader cryptoGenericResHeader; +whMessageCrypto_AesCbcRequest cipherAesCbcReq; +whMessageCrypto_AesGcmRequest cipherAesGcmReq; +whMessageCrypto_RsaKeyGenRequest pkRsakgReq; +whMessageCrypto_RsaRequest pkRsaReq; +whMessageCrypto_RsaGetSizeRequest pkRsaGetSizeReq; +whMessageCrypto_EccKeyGenRequest pkEckgReq; +whMessageCrypto_EcdhRequest pkEcdhReq; +whMessageCrypto_Curve25519Request pkCurve25519Req; +whMessageCrypto_EccSignRequest pkEccSignReq; +whMessageCrypto_EccVerifyRequest pkEccVerifyReq; +whMessageCrypto_EccCheckRequest pkEccCheckReq; +whMessageCrypto_RngRequest rngReq; +whMessageCrypto_CmacAesRequest cmacReq; +whMessageCrypto_AesCbcResponse cipherAesCbcRes; +whMessageCrypto_AesGcmResponse cipherAesGcmRes; +whMessageCrypto_RsaKeyGenResponse pkRsakgRes; +whMessageCrypto_RsaResponse pkRsaRes; +whMessageCrypto_RsaGetSizeResponse pkRsaGetSizeRes; +whMessageCrypto_EccKeyGenResponse pkEckgRes; +whMessageCrypto_EcdhResponse pkEcdhRes; +whMessageCrypto_Curve25519Response pkCurve25519Res; +whMessageCrypto_EccSignResponse pkEccSignRes; +whMessageCrypto_EccVerifyResponse pkEccVerifyRes; +whMessageCrypto_EccCheckResponse pkEccCheckRes; +whMessageCrypto_RngResponse rngRes; +whMessageCrypto_CmacAesResponse cmacRes; +whMessageCrypto_Sha256Request hashSha256Req; +whMessageCrypto_Sha512Request hashSha512Req; +whMessageCrypto_Sha2Response hashSha2Res; +whMessageCrypto_HkdfRequest hkdfReq; +whMessageCrypto_HkdfResponse hkdfRes; +whMessageCrypto_MlDsaKeyGenRequest pkMldsaKeygenReq; +whMessageCrypto_MlDsaKeyGenResponse pkMldsaKeygenRes; +whMessageCrypto_MlDsaSignRequest pkMldsaSignReq; +whMessageCrypto_MlDsaSignResponse pkMldsaSignRes; +whMessageCrypto_MlDsaVerifyRequest pkMldsaVerifyReq; +whMessageCrypto_MlDsaVerifyResponse pkMldsaVerifyRes; +whMessageCrypto_MlKemKeyGenRequest pkMlkemKeygenReq; +whMessageCrypto_MlKemKeyGenResponse pkMlkemKeygenRes; +whMessageCrypto_MlKemEncapsRequest pkMlkemEncapsReq; +whMessageCrypto_MlKemEncapsResponse pkMlkemEncapsRes; +whMessageCrypto_MlKemDecapsRequest pkMlkemDecapsReq; +whMessageCrypto_MlKemDecapsResponse pkMlkemDecapsRes; + +/* DMA crypto messages */ +#if defined(WOLFHSM_CFG_DMA) +whMessageCrypto_Sha256DmaRequest hashSha256DmaReq; +whMessageCrypto_Sha512DmaRequest hashSha512DmaReq; +whMessageCrypto_Sha2DmaResponse hashSha2DmaRes; +whMessageCrypto_MlDsaKeyGenDmaRequest pqMldsaKeygenDmaReq; +whMessageCrypto_MlDsaKeyGenDmaResponse pqMldsaKeygenDmaRes; +whMessageCrypto_MlDsaSignDmaRequest pqMldsaSignDmaReq; +whMessageCrypto_MlDsaSignDmaResponse pqMldsaSignDmaRes; +whMessageCrypto_MlDsaVerifyDmaRequest pqMldsaVerifyDmaReq; +whMessageCrypto_MlDsaVerifyDmaResponse pqMldsaVerifyDmaRes; +whMessageCrypto_CmacAesDmaRequest cmacDmaReq; +whMessageCrypto_CmacAesDmaResponse cmacDmaRes; +whMessageCrypto_MlKemKeyGenDmaRequest pkMlkemKeygenDmaReq; +whMessageCrypto_MlKemKeyGenDmaResponse pkMlkemKeygenDmaRes; +whMessageCrypto_MlKemEncapsDmaRequest pkMlkemEncapsDmaReq; +whMessageCrypto_MlKemEncapsDmaResponse pkMlkemEncapsDmaRes; +whMessageCrypto_MlKemDecapsDmaRequest pkMlkemDecapsDmaReq; +whMessageCrypto_MlKemDecapsDmaResponse pkMlkemDecapsDmaRes; +#endif /* WOLFHSM_CFG_DMA */ + +#endif /* !WOLFHSM_CFG_NO_CRYPTO */ + +#ifdef WOLFHSM_CFG_SHE_EXTENSION +/* Include SHE message header for SHE message structures */ +#include "wolfhsm/wh_message_she.h" +whMessageShe_SetUidRequest sheSetUidReq; +whMessageShe_SetUidResponse sheSetUidRes; +whMessageShe_SecureBootInitRequest sheSecureBootInitReq; +whMessageShe_SecureBootInitResponse sheSecureBootInitRes; +whMessageShe_SecureBootUpdateRequest sheSecureBootUpdateReq; +whMessageShe_SecureBootUpdateResponse sheSecureBootUpdateRes; +whMessageShe_SecureBootFinishResponse sheSecureBootFinishRes; +whMessageShe_GetStatusResponse sheGetStatusRes; +whMessageShe_LoadKeyRequest sheLoadKeyReq; +whMessageShe_LoadKeyResponse sheLoadKeyRes; +whMessageShe_LoadPlainKeyRequest sheLoadPlainKeyReq; +whMessageShe_LoadPlainKeyResponse sheLoadPlainKeyRes; +whMessageShe_ExportRamKeyResponse sheExportRamKeyRes; +whMessageShe_InitRngResponse sheInitRngRes; +whMessageShe_RndResponse sheRndRes; +whMessageShe_ExtendSeedRequest sheExtendSeedReq; +whMessageShe_ExtendSeedResponse sheExtendSeedRes; +whMessageShe_EncEcbRequest sheEncEcbReq; +whMessageShe_EncEcbResponse sheEncEcbRes; +whMessageShe_EncCbcRequest sheEncCbcReq; +whMessageShe_EncCbcResponse sheEncCbcRes; +whMessageShe_DecEcbRequest sheDecEcbReq; +whMessageShe_DecEcbResponse sheDecEcbRes; +whMessageShe_DecCbcRequest sheDecCbcReq; +whMessageShe_DecCbcResponse sheDecCbcRes; +whMessageShe_GenMacRequest sheGenMacReq; +whMessageShe_GenMacResponse sheGenMacRes; +whMessageShe_VerifyMacRequest sheVerifyMacReq; +whMessageShe_VerifyMacResponse sheVerifyMacRes; +#endif /* WOLFHSM_CFG_SHE_EXTENSION */ + +#if defined(WOLFHSM_CFG_CERTIFICATE_MANAGER) +/* Include certificate manager message header for new certificate manager + * message structures */ +#include "wolfhsm/wh_message_cert.h" +whMessageCert_SimpleResponse whMessageCert_SimpleResponse_test; +whMessageCert_SetEnabledRequest whMessageCert_SetEnabledRequest_test; +whMessageCert_AddTrustedRequest whMessageCert_AddTrustedRequest_test; +whMessageCert_EraseTrustedRequest whMessageCert_EraseTrustedRequest_test; +whMessageCert_ReadTrustedRequest whMessageCert_ReadTrustedRequest_test; +whMessageCert_ReadTrustedResponse whMessageCert_ReadTrustedResponse_test; +whMessageCert_VerifyRequest whMessageCert_VerifyRequest_test; +whMessageCert_VerifyResponse whMessageCert_VerifyResponse_test; +whMessageCert_VerifyMultiRootRequest whMessageCert_VerifyMultiRootRequest_test; + +#if defined(WOLFHSM_CFG_DMA) +whMessageCert_AddTrustedDmaRequest whMessageCert_AddTrustedDmaRequest_test; +whMessageCert_ReadTrustedDmaRequest whMessageCert_ReadTrustedDmaRequest_test; +whMessageCert_VerifyDmaRequest whMessageCert_VerifyDmaRequest_test; +whMessageCert_VerifyDmaResponse whMessageCert_VerifyDmaResponse_test; +whMessageCert_VerifyMultiRootDmaRequest + whMessageCert_VerifyMultiRootDmaRequest_test; +#endif /* WOLFHSM_CFG_DMA */ + +#if defined(WOLFHSM_CFG_CERTIFICATE_MANAGER_ACERT) +whMessageCert_VerifyAcertRequest whMessageCert_VerifyAcertRequest_test; +#endif /* WOLFHSM_CFG_CERTIFICATE_MANAGER_ACERT */ +#endif /* WOLFHSM_CFG_CERTIFICATE_MANAGER */ + +#endif /* WH_TEST_CHECK_STRUCT_PADDING_C_ */ diff --git a/test-refactor/posix/Makefile b/test-refactor/posix/Makefile index f17a9cf2a..4a1247462 100644 --- a/test-refactor/posix/Makefile +++ b/test-refactor/posix/Makefile @@ -202,6 +202,9 @@ $(BUILD_DIR): $(BUILD_DIR)/internal.o: CFLAGS += -Wno-error=implicit-function-declaration $(BUILD_DIR)/wh_client_crypto.o: CFLAGS += -Wno-error=sign-compare +# Special case: compile-only struct padding check using -Wpadded +$(BUILD_DIR)/wh_test_check_struct_padding.o: CFLAGS += -Wpadded -DWH_PADDING_CHECK + $(BUILD_DIR)/%.o: %.c @echo "Compiling: $(notdir $<)" $(CC) $(CFLAGS) $(DEF) $(INC) -c -o $@ $<