From 37296a413ae093c0514a520839fead5670403507 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 10 Feb 2023 15:39:22 +0000
Subject: [PATCH 1/7] Document SIZE_MAX requirement in README.md

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 7b45a1f159..f4bf4e1420 100644
--- a/README.md
+++ b/README.md
@@ -264,6 +264,7 @@ Mbed TLS is mostly written in portable C99; however, it has a few platform requi
 - `int` and `size_t` must be at least 32 bits wide.
 - The types `uint8_t`, `uint16_t`, `uint32_t` and their signed equivalents must be available.
 - Mixed-endian platforms are not supported.
+- SIZE_MAX must be at least as big as INT_MAX and UINT_MAX.
 
 PSA cryptography API
 --------------------

From 4a5c9ee7f260e606aaa38c7e67583484510f75ae Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 10 Feb 2023 16:03:44 +0000
Subject: [PATCH 2/7] Remove redundant SIZE_MAX guards

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/ctr_drbg.c                          | 3 +--
 library/pk.c                                | 2 --
 library/pk_wrap.c                           | 8 --------
 library/psa_crypto_rsa.c                    | 2 --
 library/psa_crypto_se.c                     | 2 --
 library/ssl_msg.c                           | 4 ++--
 tests/suites/test_suite_pk.function         | 6 ------
 tests/suites/test_suite_psa_crypto.function | 6 ------
 8 files changed, 3 insertions(+), 30 deletions(-)

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 13fa6d4ebe..acc4208cc3 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -98,14 +98,13 @@ int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
     if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) {
         return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
     }
-#if SIZE_MAX > INT_MAX
+
     /* This shouldn't be an issue because
      * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible
      * configuration, but make sure anyway. */
     if (len > INT_MAX) {
         return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
     }
-#endif
 
     /* For backward compatibility with Mbed TLS <= 2.19, store the
      * entropy nonce length in a field that already exists, but isn't
diff --git a/library/pk.c b/library/pk.c
index ed3ca41cc7..05afdbc4e0 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -501,11 +501,9 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     const mbedtls_pk_rsassa_pss_options *pss_opts;
 
-#if SIZE_MAX > UINT_MAX
     if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
-#endif /* SIZE_MAX > UINT_MAX */
 
     if (options == NULL) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index fa296e8245..dc7a27f0ea 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -174,11 +174,9 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
         PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_hash_info_psa_from_md(md_alg));
     size_t rsa_len = mbedtls_rsa_get_len(rsa);
 
-#if SIZE_MAX > UINT_MAX
     if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
-#endif /* SIZE_MAX > UINT_MAX */
 
     if (sig_len < rsa_len) {
         return MBEDTLS_ERR_RSA_VERIFY_FAILED;
@@ -230,11 +228,9 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg,
     mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx;
     size_t rsa_len = mbedtls_rsa_get_len(rsa);
 
-#if SIZE_MAX > UINT_MAX
     if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
-#endif /* SIZE_MAX > UINT_MAX */
 
     if (sig_len < rsa_len) {
         return MBEDTLS_ERR_RSA_VERIFY_FAILED;
@@ -345,11 +341,9 @@ static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
 {
     mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx;
 
-#if SIZE_MAX > UINT_MAX
     if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
-#endif /* SIZE_MAX > UINT_MAX */
 
     *sig_len = mbedtls_rsa_get_len(rsa);
     if (sig_size < *sig_len) {
@@ -1330,11 +1324,9 @@ static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg,
 {
     mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
 
-#if SIZE_MAX > UINT_MAX
     if (UINT_MAX < hash_len) {
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
-#endif /* SIZE_MAX > UINT_MAX */
 
     *sig_len = rsa_alt->key_len_func(rsa_alt->key);
     if (*sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) {
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index c720615869..6e90f1cea6 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -332,11 +332,9 @@ static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg,
     /* The Mbed TLS RSA module uses an unsigned int for hash length
      * parameters. Validate that it fits so that we don't risk an
      * overflow later. */
-#if SIZE_MAX > UINT_MAX
     if (hash_length > UINT_MAX) {
         return PSA_ERROR_INVALID_ARGUMENT;
     }
-#endif
 
     /* For signatures using a hash, the hash length must be correct. */
     if (alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW) {
diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c
index b660393640..dee780f46e 100644
--- a/library/psa_crypto_se.c
+++ b/library/psa_crypto_se.c
@@ -125,12 +125,10 @@ static psa_status_t psa_get_se_driver_its_file_uid(
         return PSA_ERROR_NOT_SUPPORTED;
     }
 
-#if SIZE_MAX > UINT32_MAX
     /* ITS file sizes are limited to 32 bits. */
     if (driver->u.internal.persistent_data_size > UINT32_MAX) {
         return PSA_ERROR_NOT_SUPPORTED;
     }
-#endif
 
     /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */
     *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location;
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 4ebc8cb929..9bedc25467 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -2090,7 +2090,7 @@ int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want)
                 return ret;
             }
 
-            if ((size_t) ret > len || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) {
+            if ((size_t) ret > len) {
                 MBEDTLS_SSL_DEBUG_MSG(1,
                                       ("f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET
                                        " were requested",
@@ -2142,7 +2142,7 @@ int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl)
             return ret;
         }
 
-        if ((size_t) ret > ssl->out_left || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) {
+        if ((size_t) ret > ssl->out_left) {
             MBEDTLS_SSL_DEBUG_MSG(1,
                                   ("f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET
                                    " bytes were sent",
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index d8a8f863ec..bafd87afc3 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -1064,10 +1064,6 @@ void pk_rsa_overflow()
     size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
     unsigned char hash[50], sig[100];
 
-    if (SIZE_MAX <= UINT_MAX) {
-        return;
-    }
-
     memset(hash, 0x2a, sizeof(hash));
     memset(sig, 0, sizeof(sig));
 
@@ -1143,12 +1139,10 @@ void pk_rsa_alt()
     TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0);
 
     /* Test signature */
-#if SIZE_MAX > UINT_MAX
     TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
                                 sig, sizeof(sig), &sig_len,
                                 mbedtls_test_rnd_std_rand, NULL)
                 == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
-#endif /* SIZE_MAX > UINT_MAX */
     TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash),
                                 sig, sizeof(sig), &sig_len,
                                 mbedtls_test_rnd_std_rand, NULL)
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5e46ca0abf..0a7744fd28 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5844,7 +5844,6 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     psa_aead_abort(&operation);
 
     /* Test for generating nonce after calling set lengths with SIZE_MAX ad_data length */
-#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     if (operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM) {
@@ -5864,7 +5863,6 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
-#endif
 
     /* Test for calling set lengths with a UINT32_MAX ad_data length, after generating nonce */
 
@@ -5916,7 +5914,6 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     psa_aead_abort(&operation);
 
     /* Test for setting nonce after calling set lengths with SIZE_MAX ad_data length */
-#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     if (operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM) {
@@ -5932,7 +5929,6 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
-#endif
 
     /* Test for calling set lengths with an ad_data length of UINT32_MAX, after setting nonce */
 
@@ -5952,7 +5948,6 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     psa_aead_abort(&operation);
 
     /* Test for setting nonce after calling set lengths with plaintext length of SIZE_MAX */
-#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     if (operation.alg == PSA_ALG_GCM) {
@@ -5984,7 +5979,6 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
-#endif
 
     /* ------------------------------------------------------- */
 

From 54647737f6f334a53dbe1d63ae1e3e8c2f8fd6d3 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 10 Feb 2023 16:16:17 +0000
Subject: [PATCH 3/7] Add checks to selftest

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 programs/test/selftest.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index b4d7008e65..13423a1a6a 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -336,6 +336,32 @@ int main(int argc, char *argv[])
 #endif
     void *pointer;
 
+    /*
+     * Check some basic platform requirements as specified in README.md
+     */
+    if (SIZE_MAX < INT_MAX || SIZE_MAX < UINT_MAX) {
+        mbedtls_printf("SIZE_MAX must be at least as big as INT_MAX and UINT_MAX\n");
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    if (sizeof(int) < 4) {
+        mbedtls_printf("int must be at least 32 bits\n");
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    if (sizeof(size_t) < 4) {
+        mbedtls_printf("size_t must be at least 32 bits\n");
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
+    uint32_t endian_test = 0x12345678;
+    char *p = (char *) &endian_test;
+    if (!(p[0] == 0x12 && p[1] == 0x34 && p[2] == 0x56 && p[3] == 0x78) &&
+        !(p[3] == 0x12 && p[2] == 0x34 && p[1] == 0x56 && p[0] == 0x78)) {
+        mbedtls_printf("Mixed-endian platforms are not supported\n");
+        mbedtls_exit(MBEDTLS_EXIT_FAILURE);
+    }
+
     /*
      * The C standard doesn't guarantee that all-bits-0 is the representation
      * of a NULL pointer. We do however use that in our code for initializing

From d26d7445b835d333e9351b42154141102a573993 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sat, 11 Feb 2023 17:14:54 +0000
Subject: [PATCH 4/7] Restore guards on a couple of tests

These tests check for failures, but can only fail where SIZE_MAX
exceeds some limit (UINT_MAX or UINT32_MAX) and do not fail
in this way otherwise - so guards are needed.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_pk.function         | 2 ++
 tests/suites/test_suite_psa_crypto.function | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index bafd87afc3..a99b6c03bd 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -1139,10 +1139,12 @@ void pk_rsa_alt()
     TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0);
 
     /* Test signature */
+#if SIZE_MAX > UINT_MAX
     TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
                                 sig, sizeof(sig), &sig_len,
                                 mbedtls_test_rnd_std_rand, NULL)
                 == MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+#endif /* SIZE_MAX > UINT_MAX */
     TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash),
                                 sig, sizeof(sig), &sig_len,
                                 mbedtls_test_rnd_std_rand, NULL)
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 0a7744fd28..55e3106389 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5844,6 +5844,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     psa_aead_abort(&operation);
 
     /* Test for generating nonce after calling set lengths with SIZE_MAX ad_data length */
+#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     if (operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM) {
@@ -5863,6 +5864,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
+#endif
 
     /* Test for calling set lengths with a UINT32_MAX ad_data length, after generating nonce */
 

From a47636304208fc44167208cefa0ab2464a852576 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sat, 11 Feb 2023 18:36:23 +0000
Subject: [PATCH 5/7] Restore more test guards

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto.function | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 55e3106389..1ad0a4a793 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5916,6 +5916,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     psa_aead_abort(&operation);
 
     /* Test for setting nonce after calling set lengths with SIZE_MAX ad_data length */
+#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     if (operation.alg == PSA_ALG_CCM || operation.alg == PSA_ALG_GCM) {
@@ -5931,6 +5932,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
+#endif
 
     /* Test for calling set lengths with an ad_data length of UINT32_MAX, after setting nonce */
 

From 91e832168f42c0ce4eb4dcd601fbeebbfc596aa7 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sat, 11 Feb 2023 20:07:43 +0000
Subject: [PATCH 6/7] Restore more test guards

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto.function | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 1ad0a4a793..c8418281fd 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5952,6 +5952,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     psa_aead_abort(&operation);
 
     /* Test for setting nonce after calling set lengths with plaintext length of SIZE_MAX */
+#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     if (operation.alg == PSA_ALG_GCM) {
@@ -5967,6 +5968,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
+#endif
 
     /* Test for calling set lengths with a plaintext length of SIZE_MAX, after setting nonce */
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));

From 641288bc1e79ababff3b573c7c6f2e1aeb6568bf Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sat, 11 Feb 2023 22:02:04 +0000
Subject: [PATCH 7/7] Restore test guards

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto.function | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c8418281fd..c414b65fa6 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5971,6 +5971,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
 #endif
 
     /* Test for calling set lengths with a plaintext length of SIZE_MAX, after setting nonce */
+#if SIZE_MAX > UINT32_MAX
     PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg));
 
     PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len));
@@ -5985,6 +5986,7 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data,
     }
 
     psa_aead_abort(&operation);
+#endif
 
     /* ------------------------------------------------------- */