From 45154eb20b9b2c8cdd623aa9540a69e0dd213feb Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Tue, 13 Nov 2018 18:59:17 +0200 Subject: [PATCH 01/40] Reduce Stack usage of hkdf test function `test_hkdf` in the hkdf test suites consumed stack of ~6KB with 6 buffers of ~1KB each. This causes stack overflow on some platforms with smaller stack. The buffer sizes were reduced. By testing, the sizes can be reduced even further, as the largest seen size is 82 bytes(for okm). --- tests/suites/test_suite_hkdf.function | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index c85a51a7a..020555f3b 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -14,12 +14,12 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, { int ret; size_t ikm_len, salt_len, info_len, okm_len; - unsigned char ikm[1024] = { '\0' }; - unsigned char salt[1024] = { '\0' }; - unsigned char info[1024] = { '\0' }; - unsigned char expected_okm[1024] = { '\0' }; - unsigned char okm[1024] = { '\0' }; - unsigned char okm_string[1000] = { '\0' }; + unsigned char ikm[128] = { '\0' }; + unsigned char salt[128] = { '\0' }; + unsigned char info[128] = { '\0' }; + unsigned char expected_okm[256] = { '\0' }; + unsigned char okm[256] = { '\0' }; + unsigned char okm_string[200] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); From d9ad084b2db5db8af6e5958a0025eb81a16ff191 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 14 Nov 2018 20:22:03 +0200 Subject: [PATCH 02/40] Reduce buffer size of okm Reduce the buffer size of okm to 128, to reduce stack usage. --- tests/suites/test_suite_hkdf.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 020555f3b..e41422a63 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -17,9 +17,9 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char ikm[128] = { '\0' }; unsigned char salt[128] = { '\0' }; unsigned char info[128] = { '\0' }; - unsigned char expected_okm[256] = { '\0' }; - unsigned char okm[256] = { '\0' }; - unsigned char okm_string[200] = { '\0' }; + unsigned char expected_okm[128] = { '\0' }; + unsigned char okm[128] = { '\0' }; + unsigned char okm_string[256] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); From ff7dc009cd69fccb80c4d629fca7696515991f1f Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Tue, 27 Nov 2018 11:14:06 +0200 Subject: [PATCH 03/40] Update ChangeLog Add ChangeLog entry describing the fix. --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index b39b95391..3acb22840 100644 --- a/ChangeLog +++ b/ChangeLog @@ -194,6 +194,7 @@ Bugfix replacements of standard calloc/free functions through the macros MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO. Reported by ole-de and ddhome2006. Fixes #882, #1642 and #1706. + * Reduce stack usage of hkdf tests. Fixes #2195. Changes * Removed support for Yotta as a build tool. From 6fce81637e3c0e0300d9eb9519161764f58be7b5 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 28 Jan 2019 15:01:53 +0200 Subject: [PATCH 04/40] Add explanation for okm_string size Add explanation for why the size of `okm_string` buffer is twice as `okm` buffer. --- tests/suites/test_suite_hkdf.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index e41422a63..fc0e24217 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -19,6 +19,10 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char info[128] = { '\0' }; unsigned char expected_okm[128] = { '\0' }; unsigned char okm[128] = { '\0' }; + /* + * okm_string is the string representation of okm, + * so its size is twice as the size of okm. + */ unsigned char okm_string[256] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); From 57c2a301a3e4c6f6e2c68e5527680b3794115f97 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 28 Jan 2019 15:07:55 +0200 Subject: [PATCH 05/40] Minor modifications to hkdf test 1. Fix comment grammar. 2. Rename `okm_string` to `okm_hex`. --- tests/suites/test_suite_hkdf.function | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index fc0e24217..d2d66596f 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -20,10 +20,10 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char expected_okm[128] = { '\0' }; unsigned char okm[128] = { '\0' }; /* - * okm_string is the string representation of okm, - * so its size is twice as the size of okm. + * okm_hex is the string representation of okm, + * so its size is twice the size of okm. */ - unsigned char okm_string[256] = { '\0' }; + unsigned char okm_hex[256] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); @@ -38,8 +38,8 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, TEST_ASSERT( ret == 0 ); // Run hexify on it so that it looks nicer if the assertion fails - hexify( okm_string, okm, okm_len ); - TEST_ASSERT( !strcmp( (char *)okm_string, hex_okm_string ) ); + hexify( okm_hex, okm, okm_len ); + TEST_ASSERT( !strcmp( (char *)okm_hex, hex_okm_string ) ); } /* END_CASE */ From da04b3b972eabb6985a4067a149585361aad3561 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 28 Jan 2019 15:18:15 +0200 Subject: [PATCH 06/40] Increase okm_hex buffer to contain null character Add an additional byte for the `okm_hex` buffer, to assure it is null-terminated in case `okm` is 128 bytes long. --- tests/suites/test_suite_hkdf.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index d2d66596f..3e8720734 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -21,9 +21,9 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char okm[128] = { '\0' }; /* * okm_hex is the string representation of okm, - * so its size is twice the size of okm. + * so its size is twice the size of okm, and an extra null-termination. */ - unsigned char okm_hex[256] = { '\0' }; + unsigned char okm_hex[257] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); From 4dc50bc06e8e4d1110048193f18b062c239920a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 22:06:48 +0100 Subject: [PATCH 07/40] Fix typo in documentation --- include/mbedtls/ecp.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 24017780d..065a4cc0b 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -482,7 +482,7 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); * * \note After this function is called, domain parameters * for various ECP groups can be loaded through the - * mbedtls_ecp_load() or mbedtls_ecp_tls_read_group() + * mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group() * functions. */ void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); From 6d9b762ee04e946926df239128d870381707f2cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 22:07:58 +0100 Subject: [PATCH 08/40] Add test case for ecdh_calc_secret Add a test case for doing an ECDH calculation by calling mbedtls_ecdh_get_params on both keys, then mbedtls_ecdh_calc_secret. --- tests/suites/test_suite_ecdh.data | 8 +++ tests/suites/test_suite_ecdh.function | 93 +++++++++++++++++++++++++++ 2 files changed, 101 insertions(+) diff --git a/tests/suites/test_suite_ecdh.data b/tests/suites/test_suite_ecdh.data index fe24ed46a..f90d88da8 100644 --- a/tests/suites/test_suite_ecdh.data +++ b/tests/suites/test_suite_ecdh.data @@ -79,3 +79,11 @@ ecdh_restart:MBEDTLS_ECP_DP_SECP256R1:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8A ECDH exchange legacy context depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED ecdh_exchange_legacy:MBEDTLS_ECP_DP_SECP192R1 + +ECDH calc_secret: ours first, SECP256R1 (RFC 5903) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecdh_exchange_calc_secret:MBEDTLS_ECP_DP_SECP256R1:"c6ef9c5d78ae012a011164acb397ce2088685d8f06bf9be0b283ab46476bee53":"04dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":0:"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" + +ECDH calc_secret: theirs first, SECP256R1 (RFC 5903) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecdh_exchange_calc_secret:MBEDTLS_ECP_DP_SECP256R1:"c6ef9c5d78ae012a011164acb397ce2088685d8f06bf9be0b283ab46476bee53":"04dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":1:"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 08a1686e5..175735deb 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -1,5 +1,41 @@ /* BEGIN_HEADER */ #include "mbedtls/ecdh.h" + +static int load_public_key( int grp_id, data_t *point, + mbedtls_ecp_keypair *ecp ) +{ + int ok = 0; + TEST_ASSERT( mbedtls_ecp_group_load( &ecp->grp, grp_id ) == 0 ); + TEST_ASSERT( mbedtls_ecp_point_read_binary( &ecp->grp, + &ecp->Q, + point->x, + point->len ) == 0 ); + TEST_ASSERT( mbedtls_ecp_check_pubkey( &ecp->grp, + &ecp->Q ) == 0 ); + ok = 1; +exit: + return( ok ); +} + +static int load_private_key( int grp_id, data_t *private_key, + mbedtls_ecp_keypair *ecp, + rnd_pseudo_info *rnd_info ) +{ + int ok = 0; + TEST_ASSERT( mbedtls_ecp_group_load( &ecp->grp, grp_id ) == 0 ); + TEST_ASSERT( mbedtls_mpi_read_binary( &ecp->d, + private_key->x, + private_key->len ) == 0 ); + TEST_ASSERT( mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) == 0 ); + /* Calculate the public key from the private key. */ + TEST_ASSERT( mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, + &ecp->grp.G, + &rnd_pseudo_rand, rnd_info ) == 0 ); + ok = 1; +exit: + return( ok ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -464,3 +500,60 @@ exit: mbedtls_ecdh_free( &cli ); } /* END_CASE */ + +/* BEGIN_CASE */ +void ecdh_exchange_calc_secret( int grp_id, + data_t *our_private_key, + data_t *their_point, + int ours_first, + data_t *expected ) +{ + rnd_pseudo_info rnd_info; + mbedtls_ecp_keypair our_key; + mbedtls_ecp_keypair their_key; + mbedtls_ecdh_context ecdh; + unsigned char shared_secret[MBEDTLS_ECP_MAX_BYTES]; + size_t shared_secret_length = 0; + + memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) ); + mbedtls_ecdh_init( &ecdh ); + mbedtls_ecp_keypair_init( &our_key ); + mbedtls_ecp_keypair_init( &their_key ); + + if( ! load_private_key( grp_id, our_private_key, &our_key, &rnd_info ) ) + goto exit; + if( ! load_public_key( grp_id, their_point, &their_key ) ) + goto exit; + + /* Import the keys to the ECDH calculation. */ + if( ours_first ) + { + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); + } + else + { + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); + } + + /* Perform the ECDH calculation. */ + TEST_ASSERT( mbedtls_ecdh_calc_secret( + &ecdh, + &shared_secret_length, + shared_secret, sizeof( shared_secret ), + &rnd_pseudo_rand, &rnd_info ) == 0 ); + TEST_ASSERT( shared_secret_length == expected->len ); + TEST_ASSERT( memcmp( expected->x, shared_secret, + shared_secret_length ) == 0 ); + +exit: + mbedtls_ecdh_free( &ecdh ); + mbedtls_ecp_keypair_free( &our_key ); + mbedtls_ecp_keypair_free( &their_key ); +} +/* END_CASE */ From 62a73511f19caecf56be0be664ea0b9701232e74 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 22:09:29 +0100 Subject: [PATCH 09/40] Add test case for ecdh_get_params with mismatching group Add a test case for doing an ECDH calculation by calling mbedtls_ecdh_get_params on both keys, with keys belonging to different groups. This should fail, but currently passes. --- tests/suites/test_suite_ecdh.data | 8 +++++ tests/suites/test_suite_ecdh.function | 47 +++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/tests/suites/test_suite_ecdh.data b/tests/suites/test_suite_ecdh.data index f90d88da8..af25359d3 100644 --- a/tests/suites/test_suite_ecdh.data +++ b/tests/suites/test_suite_ecdh.data @@ -87,3 +87,11 @@ ecdh_exchange_calc_secret:MBEDTLS_ECP_DP_SECP256R1:"c6ef9c5d78ae012a011164acb397 ECDH calc_secret: theirs first, SECP256R1 (RFC 5903) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecdh_exchange_calc_secret:MBEDTLS_ECP_DP_SECP256R1:"c6ef9c5d78ae012a011164acb397ce2088685d8f06bf9be0b283ab46476bee53":"04dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":1:"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" + +ECDH get_params with mismatched groups: our BP256R1, their SECP256R1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecdh_exchange_get_params_fail:MBEDTLS_ECP_DP_BP256R1:"1234567812345678123456781234567812345678123456781234567812345678":MBEDTLS_ECP_DP_SECP256R1:"04dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":0:MBEDTLS_ERR_ECP_BAD_INPUT_DATA + +ECDH get_params with mismatched groups: their SECP256R1, our BP256R1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecdh_exchange_get_params_fail:MBEDTLS_ECP_DP_BP256R1:"1234567812345678123456781234567812345678123456781234567812345678":MBEDTLS_ECP_DP_SECP256R1:"04dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":1:MBEDTLS_ERR_ECP_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index 175735deb..9a9cf5f7f 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -557,3 +557,50 @@ exit: mbedtls_ecp_keypair_free( &their_key ); } /* END_CASE */ + +/* BEGIN_CASE */ +void ecdh_exchange_get_params_fail( int our_grp_id, + data_t *our_private_key, + int their_grp_id, + data_t *their_point, + int ours_first, + int expected_ret ) +{ + rnd_pseudo_info rnd_info; + mbedtls_ecp_keypair our_key; + mbedtls_ecp_keypair their_key; + mbedtls_ecdh_context ecdh; + + memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) ); + mbedtls_ecdh_init( &ecdh ); + mbedtls_ecp_keypair_init( &our_key ); + mbedtls_ecp_keypair_init( &their_key ); + + if( ! load_private_key( our_grp_id, our_private_key, &our_key, &rnd_info ) ) + goto exit; + if( ! load_public_key( their_grp_id, their_point, &their_key ) ) + goto exit; + + if( ours_first ) + { + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == + expected_ret ); + } + else + { + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); + TEST_ASSERT( mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == + expected_ret ); + } + +exit: + mbedtls_ecdh_free( &ecdh ); + mbedtls_ecp_keypair_free( &our_key ); + mbedtls_ecp_keypair_free( &their_key ); +} +/* END_CASE */ From b47045a18e870d859cbc06b2a26634835d77a0d7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 22:10:59 +0100 Subject: [PATCH 10/40] Fix ecdh_get_params with mismatching group If mbedtls_ecdh_get_params is called with keys belonging to different groups, make it return an error the second time, rather than silently interpret the first key as being on the second curve. This makes the non-regression test added by the previous commit pass. --- library/ecdh.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index da95c60da..204a2785f 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -442,8 +442,21 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || side == MBEDTLS_ECDH_THEIRS ); - if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 ) - return( ret ); + if( ctx->grp.id == MBEDTLS_ECP_DP_NONE ) + { + /* This is the first call to get_params(). Set up the context + * for use with the group. */ + if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 ) + return( ret ); + } + else + { + /* This is not the first call to get_params(). Check that the + * current key's group is the same as the context's, which was set + * from the first key's group. */ + if( ctx->grp.id != key->grp.id ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) return( ecdh_get_params_internal( ctx, key, side ) ); From 661610c8e03c657b13ad5d86fa497e57aed5b2a5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Nov 2018 22:39:16 +0100 Subject: [PATCH 11/40] Add changelog entry for mbedtls_ecdh_get_params robustness --- ChangeLog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ChangeLog b/ChangeLog index 9b1230e20..4d347b6bd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,14 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS 2.x.x branch released xxxx-xx-xx +Security + * Make mbedtls_ecdh_get_params return an error if the second key + belongs to a different group from the first. Before, if an application + passed keys that belonged to different group, the first key's data was + interpreted according to the second group, which could lead to either + an error or a meaningless output from mbedtls_ecdh_get_params. In the + latter case, this could expose at most 5 bits of the private key. + Bugfix * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242. From 05fcf4f3c5c8a0eb22e724bec144de5bc73bc0f7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Feb 2019 12:31:25 +0100 Subject: [PATCH 12/40] Fix mbedtls_ecdh_get_params with new ECDH context The new check for matching groups in mbedtls_ecdh_get_params only worked with legacy ECDH contexts. Make it work with the new context format. --- library/ecdh.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/library/ecdh.c b/library/ecdh.c index 204a2785f..c5726877d 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -49,6 +49,16 @@ typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; #endif +static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( + const mbedtls_ecdh_context *ctx ) +{ +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ctx->grp.id ); +#else + return( ctx->grp_id ); +#endif +} + #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) /* * Generate public key (restartable version) @@ -442,7 +452,7 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || side == MBEDTLS_ECDH_THEIRS ); - if( ctx->grp.id == MBEDTLS_ECP_DP_NONE ) + if( mbedtls_ecdh_grp_id( ctx ) == MBEDTLS_ECP_DP_NONE ) { /* This is the first call to get_params(). Set up the context * for use with the group. */ @@ -454,7 +464,7 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, /* This is not the first call to get_params(). Check that the * current key's group is the same as the context's, which was set * from the first key's group. */ - if( ctx->grp.id != key->grp.id ) + if( mbedtls_ecdh_grp_id( ctx ) != key->grp.id ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } From 5612a9372bc16a37b6abf176f682ca92ae27a7c8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 20:17:33 +0100 Subject: [PATCH 13/40] New, documented pylint configuration The pylint configuration in .pylint was a modified version of the output of `pylint --generate-rcfile` from an unknown version of pylint. Replace it with a file that only contains settings that are modified from the default, with an explanation of why each setting is modified. The new .pylintrc was written from scratch, based on the output of pylint on the current version of the files and on a judgement of what to silence generically, what to silence on a case-by-case basis and what to fix. --- .pylint | 425 ---------------------------- .pylintrc | 52 ++++ tests/scripts/check-python-files.sh | 6 +- 3 files changed, 55 insertions(+), 428 deletions(-) delete mode 100644 .pylint create mode 100644 .pylintrc diff --git a/.pylint b/.pylint deleted file mode 100644 index 934f30be5..000000000 --- a/.pylint +++ /dev/null @@ -1,425 +0,0 @@ -[MASTER] - -# A comma-separated list of package or module names from where C extensions may -# be loaded. Extensions are loading into the active Python interpreter and may -# run arbitrary code -extension-pkg-whitelist= - -# Add files or directories to the blacklist. They should be base names, not -# paths. -ignore=CVS - -# Add files or directories matching the regex patterns to the blacklist. The -# regex matches against base names, not paths. -ignore-patterns= - -# Python code to execute, usually for sys.path manipulation such as -# pygtk.require(). -#init-hook= - -# Use multiple processes to speed up Pylint. -jobs=1 - -# List of plugins (as comma separated values of python modules names) to load, -# usually to register additional checkers. -load-plugins= - -# Pickle collected data for later comparisons. -persistent=yes - -# Specify a configuration file. -#rcfile= - -# Allow loading of arbitrary C extensions. Extensions are imported into the -# active Python interpreter and may run arbitrary code. -unsafe-load-any-extension=no - - -[MESSAGES CONTROL] - -# Only show warnings with the listed confidence levels. Leave empty to show -# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED -confidence= - -# Disable the message, report, category or checker with the given id(s). You -# can either give multiple identifiers separated by comma (,) or put this -# option multiple times (only on the command line, not in the configuration -# file where it should appear only once).You can also use "--disable=all" to -# disable everything first and then reenable specific checks. For example, if -# you want to run only the similarities checker, you can use "--disable=all -# --enable=similarities". If you want to run only the classes checker, but have -# no Warning level messages displayed, use"--disable=all --enable=classes -# --disable=W" -disable=print-statement,parameter-unpacking,unpacking-in-except,old-raise-syntax,backtick,long-suffix,old-ne-operator,old-octal-literal,import-star-module-level,raw-checker-failed,bad-inline-option,locally-disabled,locally-enabled,file-ignored,suppressed-message,useless-suppression,deprecated-pragma,apply-builtin,basestring-builtin,buffer-builtin,cmp-builtin,coerce-builtin,execfile-builtin,file-builtin,long-builtin,raw_input-builtin,reduce-builtin,standarderror-builtin,unicode-builtin,xrange-builtin,coerce-method,delslice-method,getslice-method,setslice-method,no-absolute-import,old-division,dict-iter-method,dict-view-method,next-method-called,metaclass-assignment,indexing-exception,raising-string,reload-builtin,oct-method,hex-method,nonzero-method,cmp-method,input-builtin,round-builtin,intern-builtin,unichr-builtin,map-builtin-not-iterating,zip-builtin-not-iterating,range-builtin-not-iterating,filter-builtin-not-iterating,using-cmp-argument,eq-without-hash,div-method,idiv-method,rdiv-method,exception-message-attribute,invalid-str-codec,sys-max-int,bad-python3-import,deprecated-string-function,deprecated-str-translate-call - -# Enable the message, report, category or checker with the given id(s). You can -# either give multiple identifier separated by comma (,) or put this option -# multiple time (only on the command line, not in the configuration file where -# it should appear only once). See also the "--disable" option for examples. -enable= - - -[REPORTS] - -# Python expression which should return a note less than 10 (10 is the highest -# note). You have access to the variables errors warning, statement which -# respectively contain the number of errors / warnings messages and the total -# number of statements analyzed. This is used by the global evaluation report -# (RP0004). -evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10) - -# Template used to display messages. This is a python new-style format string -# used to format the message information. See doc for all details -#msg-template= - -# Set the output format. Available formats are text, parseable, colorized, json -# and msvs (visual studio).You can also give a reporter class, eg -# mypackage.mymodule.MyReporterClass. -output-format=text - -# Tells whether to display a full report or only the messages -reports=no - -# Activate the evaluation score. -score=yes - - -[REFACTORING] - -# Maximum number of nested blocks for function / method body -max-nested-blocks=5 - - -[SIMILARITIES] - -# Ignore comments when computing similarities. -ignore-comments=yes - -# Ignore docstrings when computing similarities. -ignore-docstrings=yes - -# Ignore imports when computing similarities. -ignore-imports=no - -# Minimum lines number of a similarity. -min-similarity-lines=4 - - -[FORMAT] - -# Expected format of line ending, e.g. empty (any line ending), LF or CRLF. -expected-line-ending-format= - -# Regexp for a line that is allowed to be longer than the limit. -ignore-long-lines=^\s*(# )??$ - -# Number of spaces of indent required inside a hanging or continued line. -indent-after-paren=4 - -# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1 -# tab). -indent-string=' ' - -# Maximum number of characters on a single line. -max-line-length=79 - -# Maximum number of lines in a module -max-module-lines=2000 - -# List of optional constructs for which whitespace checking is disabled. `dict- -# separator` is used to allow tabulation in dicts, etc.: {1 : 1,\n222: 2}. -# `trailing-comma` allows a space between comma and closing bracket: (a, ). -# `empty-line` allows space-only lines. -no-space-check=trailing-comma,dict-separator - -# Allow the body of a class to be on the same line as the declaration if body -# contains single statement. -single-line-class-stmt=no - -# Allow the body of an if to be on the same line as the test if there is no -# else. -single-line-if-stmt=no - - -[BASIC] - -# Naming hint for argument names -argument-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Regular expression matching correct argument names -argument-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Naming hint for attribute names -attr-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Regular expression matching correct attribute names -attr-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Bad variable names which should always be refused, separated by a comma -bad-names=foo,bar,baz,toto,tutu,tata - -# Naming hint for class attribute names -class-attribute-name-hint=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ - -# Regular expression matching correct class attribute names -class-attribute-rgx=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ - -# Naming hint for class names -class-name-hint=[A-Z_][a-zA-Z0-9]+$ - -# Regular expression matching correct class names -class-rgx=[A-Z_][a-zA-Z0-9]+$ - -# Naming hint for constant names -const-name-hint=(([A-Z_][A-Z0-9_]*)|(__.*__))$ - -# Regular expression matching correct constant names -const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$ - -# Minimum line length for functions/classes that require docstrings, shorter -# ones are exempt. -docstring-min-length=-1 - -# Naming hint for function names -function-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Regular expression matching correct function names -function-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Good variable names which should always be accepted, separated by a comma -good-names=i,j,k,ex,Run,_ - -# Include a hint for the correct naming format with invalid-name -include-naming-hint=no - -# Naming hint for inline iteration names -inlinevar-name-hint=[A-Za-z_][A-Za-z0-9_]*$ - -# Regular expression matching correct inline iteration names -inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$ - -# Naming hint for method names -method-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Regular expression matching correct method names -method-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Naming hint for module names -module-name-hint=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ - -# Regular expression matching correct module names -module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ - -# Colon-delimited sets of names that determine each other's naming style when -# the name regexes allow several styles. -name-group= - -# Regular expression which should only match function or class names that do -# not require a docstring. -no-docstring-rgx=^_ - -# List of decorators that produce properties, such as abc.abstractproperty. Add -# to this list to register other decorators that produce valid properties. -property-classes=abc.abstractproperty - -# Naming hint for variable names -variable-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - -# Regular expression matching correct variable names -variable-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ - - -[TYPECHECK] - -# List of decorators that produce context managers, such as -# contextlib.contextmanager. Add to this list to register other decorators that -# produce valid context managers. -contextmanager-decorators=contextlib.contextmanager - -# List of members which are set dynamically and missed by pylint inference -# system, and so shouldn't trigger E1101 when accessed. Python regular -# expressions are accepted. -generated-members= - -# Tells whether missing members accessed in mixin class should be ignored. A -# mixin class is detected if its name ends with "mixin" (case insensitive). -ignore-mixin-members=yes - -# This flag controls whether pylint should warn about no-member and similar -# checks whenever an opaque object is returned when inferring. The inference -# can return multiple potential results while evaluating a Python object, but -# some branches might not be evaluated, which results in partial inference. In -# that case, it might be useful to still emit no-member and other checks for -# the rest of the inferred objects. -ignore-on-opaque-inference=yes - -# List of class names for which member attributes should not be checked (useful -# for classes with dynamically set attributes). This supports the use of -# qualified names. -ignored-classes=optparse.Values,thread._local,_thread._local - -# List of module names for which member attributes should not be checked -# (useful for modules/projects where namespaces are manipulated during runtime -# and thus existing member attributes cannot be deduced by static analysis. It -# supports qualified module names, as well as Unix pattern matching. -ignored-modules= - -# Show a hint with possible names when a member name was not found. The aspect -# of finding the hint is based on edit distance. -missing-member-hint=yes - -# The minimum edit distance a name should have in order to be considered a -# similar match for a missing member name. -missing-member-hint-distance=1 - -# The total number of similar names that should be taken in consideration when -# showing a hint for a missing member. -missing-member-max-choices=1 - - -[VARIABLES] - -# List of additional names supposed to be defined in builtins. Remember that -# you should avoid to define new builtins when possible. -additional-builtins= - -# Tells whether unused global variables should be treated as a violation. -allow-global-unused-variables=yes - -# List of strings which can identify a callback function by name. A callback -# name must start or end with one of those strings. -callbacks=cb_,_cb - -# A regular expression matching the name of dummy variables (i.e. expectedly -# not used). -dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_ - -# Argument names that match this expression will be ignored. Default to name -# with leading underscore -ignored-argument-names=_.*|^ignored_|^unused_ - -# Tells whether we should check for unused import in __init__ files. -init-import=no - -# List of qualified module names which can have objects that can redefine -# builtins. -redefining-builtins-modules=six.moves,future.builtins - - -[SPELLING] - -# Spelling dictionary name. Available dictionaries: none. To make it working -# install python-enchant package. -spelling-dict= - -# List of comma separated words that should not be checked. -spelling-ignore-words= - -# A path to a file that contains private dictionary; one word per line. -spelling-private-dict-file= - -# Tells whether to store unknown words to indicated private dictionary in -# --spelling-private-dict-file option instead of raising a message. -spelling-store-unknown-words=no - - -[MISCELLANEOUS] - -# List of note tags to take in consideration, separated by a comma. -notes=FIXME,XXX,TODO - - -[LOGGING] - -# Logging modules to check that the string format arguments are in logging -# function parameter format -logging-modules=logging - - -[CLASSES] - -# List of method names used to declare (i.e. assign) instance attributes. -defining-attr-methods=__init__,__new__,setUp - -# List of member names, which should be excluded from the protected access -# warning. -exclude-protected=_asdict,_fields,_replace,_source,_make - -# List of valid names for the first argument in a class method. -valid-classmethod-first-arg=cls - -# List of valid names for the first argument in a metaclass class method. -valid-metaclass-classmethod-first-arg=mcs - - -[DESIGN] - -# Maximum number of arguments for function / method -max-args=5 - -# Maximum number of attributes for a class (see R0902). -max-attributes=7 - -# Maximum number of boolean expressions in a if statement -max-bool-expr=5 - -# Maximum number of branch for function / method body -max-branches=12 - -# Maximum number of locals for function / method body -max-locals=15 - -# Maximum number of parents for a class (see R0901). -max-parents=7 - -# Maximum number of public methods for a class (see R0904). -max-public-methods=20 - -# Maximum number of return / yield for function / method body -max-returns=6 - -# Maximum number of statements in function / method body -max-statements=50 - -# Minimum number of public methods for a class (see R0903). -min-public-methods=2 - - -[IMPORTS] - -# Allow wildcard imports from modules that define __all__. -allow-wildcard-with-all=no - -# Analyse import fallback blocks. This can be used to support both Python 2 and -# 3 compatible code, which means that the block might have code that exists -# only in one or another interpreter, leading to false positives when analysed. -analyse-fallback-blocks=no - -# Deprecated modules which should not be used, separated by a comma -deprecated-modules=regsub,TERMIOS,Bastion,rexec - -# Create a graph of external dependencies in the given file (report RP0402 must -# not be disabled) -ext-import-graph= - -# Create a graph of every (i.e. internal and external) dependencies in the -# given file (report RP0402 must not be disabled) -import-graph= - -# Create a graph of internal dependencies in the given file (report RP0402 must -# not be disabled) -int-import-graph= - -# Force import order to recognize a module as part of the standard -# compatibility libraries. -known-standard-library= - -# Force import order to recognize a module as part of a third party library. -known-third-party=enchant - - -[EXCEPTIONS] - -# Exceptions that will emit a warning when being caught. Defaults to -# "Exception" -overgeneral-exceptions=Exception diff --git a/.pylintrc b/.pylintrc new file mode 100644 index 000000000..168e0b759 --- /dev/null +++ b/.pylintrc @@ -0,0 +1,52 @@ +[BASIC] +# We're ok with short funtion argument names. +# [invalid-name] +argument-rgx=[a-z_][a-z0-9_]*$ + +# Allow filter and map. +# [bad-builtin] +bad-functions=input + +# We prefer docstrings, but we don't require them on all functions. +# Require them only on long functions (for some value of long). +# [missing-docstring] +docstring-min-length=10 + +# Allow longer methods than the default. +# [invalid-name] +method-rgx=[a-z_][a-z0-9_]{2,35}$ + +# Allow module names containing a dash (but no underscore or uppercase letter). +# They are whole programs, not meant to be included by another module. +# [invalid-name] +module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+)|[a-z][-0-9a-z]+)$ + +# Some functions don't need docstrings. +# [missing-docstring] +no-docstring-rgx=(run_)main$ + +# We're ok with short local or global variable names. +# [invalid-name] +variable-rgx=[a-z_][a-z0-9_]*$ + +[DESIGN] +# Allow more than the default 7 attributes. +# [too-many-instance-attributes] +max-attributes=15 + +[FORMAT] +# Allow longer modules than the default recommended maximum. +# [too-many-lines] +max-module-lines=2000 + +[MESSAGES CONTROL] +disable= + +[REPORTS] +# Don't diplay statistics. Just the facts. +reports=no + +[VARIABLES] +# Allow unused variables if their name starts with an underscore. +# [unused-argument] +dummy-variables-rgx=_.* diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh index 009ba4cb0..a37d1d570 100755 --- a/tests/scripts/check-python-files.sh +++ b/tests/scripts/check-python-files.sh @@ -10,9 +10,9 @@ # PEP8 coding standards. if `hash pylint > /dev/null 2>&1`; then - pylint -j 2 tests/scripts/generate_test_code.py --rcfile .pylint - pylint -j 2 tests/scripts/test_generate_test_code.py --rcfile .pylint - pylint -j 2 tests/scripts/mbedtls_test.py --rcfile .pylint + pylint -j 2 tests/scripts/generate_test_code.py + pylint -j 2 tests/scripts/test_generate_test_code.py + pylint -j 2 tests/scripts/mbedtls_test.py else echo "$0: WARNING: 'pylint' not found! Skipping checks on Python files." fi From e70c6dcee0189151cf4bd7969cf475206d0d7738 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 20:25:02 +0100 Subject: [PATCH 14/40] Call pylint3, not pylint We use Python 3, so call Pylint for Python 3, not for Python 2. --- tests/scripts/check-python-files.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh index a37d1d570..e64d6b331 100755 --- a/tests/scripts/check-python-files.sh +++ b/tests/scripts/check-python-files.sh @@ -9,10 +9,10 @@ # Run 'pylint' on Python files for programming errors and helps enforcing # PEP8 coding standards. -if `hash pylint > /dev/null 2>&1`; then - pylint -j 2 tests/scripts/generate_test_code.py - pylint -j 2 tests/scripts/test_generate_test_code.py - pylint -j 2 tests/scripts/mbedtls_test.py +if `hash pylint3 > /dev/null 2>&1`; then + pylint3 -j 2 tests/scripts/generate_test_code.py + pylint3 -j 2 tests/scripts/test_generate_test_code.py + pylint3 -j 2 tests/scripts/mbedtls_test.py else - echo "$0: WARNING: 'pylint' not found! Skipping checks on Python files." + echo "$0: WARNING: 'pylint3' not found! Skipping checks on Python files." fi From 7b9fcdc2d54d89aba4e8c1d6f43e7fda9b2cce54 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 20:26:06 +0100 Subject: [PATCH 15/40] Fix pylint errors going uncaught Make check-python-files.sh run pylint on all *.py files (in directories where they are known to be present), rather than list files explicitly. Fix a bug whereby the return status of check-python-files.sh was only based on the last file passing, i.e. errors in other files were effectively ignored. Make check-python-files.sh run pylint unconditionally. Since pylint3 is not critical, make all.sh to skip running check-python-files.sh if pylint3 is not available. --- tests/scripts/all.sh | 3 +++ tests/scripts/check-python-files.sh | 8 +------- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 039b1b887..8acb0b4d8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1237,6 +1237,9 @@ component_test_zeroize () { unset gdb_disable_aslr } +support_check_python_files () { + type pylint3 >/dev/null 2>/dev/null +} component_check_python_files () { msg "Lint: Python scripts" record_status tests/scripts/check-python-files.sh diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh index e64d6b331..929041822 100755 --- a/tests/scripts/check-python-files.sh +++ b/tests/scripts/check-python-files.sh @@ -9,10 +9,4 @@ # Run 'pylint' on Python files for programming errors and helps enforcing # PEP8 coding standards. -if `hash pylint3 > /dev/null 2>&1`; then - pylint3 -j 2 tests/scripts/generate_test_code.py - pylint3 -j 2 tests/scripts/test_generate_test_code.py - pylint3 -j 2 tests/scripts/mbedtls_test.py -else - echo "$0: WARNING: 'pylint3' not found! Skipping checks on Python files." -fi +pylint3 -j 2 scripts/*.py tests/scripts/*.py From 7660549187937a27c0967deefcdc0d38cd65f343 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 20:35:31 +0100 Subject: [PATCH 16/40] check-files.py: document some classes and methods Document all classes and longer methods. Declare a static method as such. Pointed out by pylint. --- tests/scripts/check-files.py | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index 005a077c7..92cae1dc2 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -66,6 +66,9 @@ class IssueTracker(object): class PermissionIssueTracker(IssueTracker): + """Track files with bad permissions. + + Files that are not executable scripts must not be executable.""" def __init__(self): super().__init__() @@ -78,6 +81,8 @@ class PermissionIssueTracker(IssueTracker): class EndOfFileNewlineIssueTracker(IssueTracker): + """Track files that end with an incomplete line + (no newline character at the end of the last line).""" def __init__(self): super().__init__() @@ -90,6 +95,8 @@ class EndOfFileNewlineIssueTracker(IssueTracker): class Utf8BomIssueTracker(IssueTracker): + """Track files that start with a UTF-8 BOM. + Files should be ASCII or UTF-8. Valid UTF-8 does not start with a BOM.""" def __init__(self): super().__init__() @@ -102,6 +109,7 @@ class Utf8BomIssueTracker(IssueTracker): class LineEndingIssueTracker(IssueTracker): + """Track files with non-Unix line endings (i.e. files with CR).""" def __init__(self): super().__init__() @@ -112,6 +120,7 @@ class LineEndingIssueTracker(IssueTracker): class TrailingWhitespaceIssueTracker(IssueTracker): + """Track lines with trailing whitespace.""" def __init__(self): super().__init__() @@ -123,6 +132,7 @@ class TrailingWhitespaceIssueTracker(IssueTracker): class TabIssueTracker(IssueTracker): + """Track lines with tabs.""" def __init__(self): super().__init__() @@ -136,6 +146,8 @@ class TabIssueTracker(IssueTracker): class MergeArtifactIssueTracker(IssueTracker): + """Track lines with merge artifacts. + These are leftovers from a ``git merge`` that wasn't fully edited.""" def __init__(self): super().__init__() @@ -157,6 +169,7 @@ class MergeArtifactIssueTracker(IssueTracker): self.record_issue(filepath, line_number) class TodoIssueTracker(IssueTracker): + """Track lines containing ``TODO``.""" def __init__(self): super().__init__() @@ -172,8 +185,12 @@ class TodoIssueTracker(IssueTracker): class IntegrityChecker(object): + """Sanity-check files under the current directory.""" def __init__(self, log_file): + """Instantiate the sanity checker. + Check files under the current directory. + Write a report of issues to log_file.""" self.check_repo_path() self.logger = None self.setup_logger(log_file) @@ -197,7 +214,8 @@ class IntegrityChecker(object): TodoIssueTracker(), ] - def check_repo_path(self): + @staticmethod + def check_repo_path(): if not all(os.path.isdir(d) for d in ["include", "library", "tests"]): raise Exception("Must be run from Mbed TLS root") From 9df176320edc3a33104f6b9d11e2dfb327e702ec Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 20:36:52 +0100 Subject: [PATCH 17/40] abi_check.py: Document more methods --- scripts/abi_check.py | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/scripts/abi_check.py b/scripts/abi_check.py index 8f9cd0f43..5beaa8850 100755 --- a/scripts/abi_check.py +++ b/scripts/abi_check.py @@ -26,8 +26,16 @@ import tempfile class AbiChecker(object): + """API and ABI checker.""" def __init__(self, report_dir, old_rev, new_rev, keep_all_reports): + """Instantiate the API/ABI checker. + + report_dir: directory for output files + old_rev: reference git revision to compare against + new_rev: git revision to check + keep_all_reports: if false, delete old reports + """ self.repo_path = "." self.log = None self.setup_logger() @@ -42,7 +50,8 @@ class AbiChecker(object): self.git_command = "git" self.make_command = "make" - def check_repo_path(self): + @staticmethod + def check_repo_path(): current_dir = os.path.realpath('.') root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) if current_dir != root_dir: @@ -53,12 +62,15 @@ class AbiChecker(object): self.log.setLevel(logging.INFO) self.log.addHandler(logging.StreamHandler()) - def check_abi_tools_are_installed(self): + @staticmethod + def check_abi_tools_are_installed(): for command in ["abi-dumper", "abi-compliance-checker"]: if not shutil.which(command): raise Exception("{} not installed, aborting".format(command)) def get_clean_worktree_for_git_revision(self, git_rev): + """Make a separate worktree with git_rev checked out. + Do not modify the current worktree.""" self.log.info( "Checking out git worktree for revision {}".format(git_rev) ) @@ -76,6 +88,7 @@ class AbiChecker(object): return git_worktree_path def build_shared_libraries(self, git_worktree_path): + """Build the shared libraries in the specified worktree.""" my_environment = os.environ.copy() my_environment["CFLAGS"] = "-g -Og" my_environment["SHARED"] = "1" @@ -92,6 +105,9 @@ class AbiChecker(object): raise Exception("make failed, aborting") def get_abi_dumps_from_shared_libraries(self, git_ref, git_worktree_path): + """Generate the ABI dumps for the specified git revision. + It must be checked out in git_worktree_path and the shared libraries + must have been built.""" abi_dumps = {} for mbed_module in self.mbedtls_modules: output_path = os.path.join( @@ -117,6 +133,7 @@ class AbiChecker(object): return abi_dumps def cleanup_worktree(self, git_worktree_path): + """Remove the specified git worktree.""" shutil.rmtree(git_worktree_path) worktree_process = subprocess.Popen( [self.git_command, "worktree", "prune"], @@ -130,6 +147,7 @@ class AbiChecker(object): raise Exception("Worktree cleanup failed, aborting") def get_abi_dump_for_ref(self, git_rev): + """Generate the ABI dumps for the specified git revision.""" git_worktree_path = self.get_clean_worktree_for_git_revision(git_rev) self.build_shared_libraries(git_worktree_path) abi_dumps = self.get_abi_dumps_from_shared_libraries( @@ -139,6 +157,9 @@ class AbiChecker(object): return abi_dumps def get_abi_compatibility_report(self): + """Generate a report of the differences between the reference ABI + and the new ABI. ABI dumps from self.old_rev and self.new_rev must + be available.""" compatibility_report = "" compliance_return_code = 0 for mbed_module in self.mbedtls_modules: @@ -188,6 +209,8 @@ class AbiChecker(object): return compliance_return_code def check_for_abi_changes(self): + """Generate a report of ABI differences + between self.old_rev and self.new_rev.""" self.check_repo_path() self.check_abi_tools_are_installed() self.old_dumps = self.get_abi_dump_for_ref(self.old_rev) From d5240ec4c718773ce0cc23ecdad87b4332bb9dd8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 20:59:05 +0100 Subject: [PATCH 18/40] check-files.py: clean up class structure Line issue trackers are conceptually a subclass of file issue trackers: they're file issue trackers where issues arise from checking each line independently. So make it an actual subclass. Pylint pointed out the design smell: there was an abstract method that wasn't always overridden in concrete child classes. --- tests/scripts/check-files.py | 71 ++++++++++++++++++++---------------- 1 file changed, 39 insertions(+), 32 deletions(-) diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index 92cae1dc2..a6743bbfc 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -19,10 +19,12 @@ import codecs import sys -class IssueTracker(object): - """Base class for issue tracking. Issues should inherit from this and - overwrite either issue_with_line if they check the file line by line, or - overwrite check_file_for_issue if they check the file as a whole.""" +class FileIssueTracker(object): + """Base class for file-wide issue tracking. + + To implement a checker that processes a file as a whole, inherit from + this class and implement `check_file_for_issue`. + """ def __init__(self): self.heading = "" @@ -35,23 +37,14 @@ class IssueTracker(object): return False return True - def issue_with_line(self, line): - raise NotImplementedError - def check_file_for_issue(self, filepath): - with open(filepath, "rb") as f: - for i, line in enumerate(iter(f.readline, b"")): - self.check_file_line(filepath, line, i + 1) + raise NotImplementedError def record_issue(self, filepath, line_number): if filepath not in self.files_with_issues.keys(): self.files_with_issues[filepath] = [] self.files_with_issues[filepath].append(line_number) - def check_file_line(self, filepath, line, line_number): - if self.issue_with_line(line): - self.record_issue(filepath, line_number) - def output_file_issues(self, logger): if self.files_with_issues.values(): logger.info(self.heading) @@ -64,8 +57,26 @@ class IssueTracker(object): logger.info(filename) logger.info("") +class LineIssueTracker(FileIssueTracker): + """Base class for line-by-line issue tracking. -class PermissionIssueTracker(IssueTracker): + To implement a checker that processes files line by line, inherit from + this class and implement `line_with_issue`. + """ + + def issue_with_line(self, line, filepath): + raise NotImplementedError + + def check_file_line(self, filepath, line, line_number): + if self.issue_with_line(line, filepath): + self.record_issue(filepath, line_number) + + def check_file_for_issue(self, filepath): + with open(filepath, "rb") as f: + for i, line in enumerate(iter(f.readline, b"")): + self.check_file_line(filepath, line, i + 1) + +class PermissionIssueTracker(FileIssueTracker): """Track files with bad permissions. Files that are not executable scripts must not be executable.""" @@ -80,7 +91,7 @@ class PermissionIssueTracker(IssueTracker): self.files_with_issues[filepath] = None -class EndOfFileNewlineIssueTracker(IssueTracker): +class EndOfFileNewlineIssueTracker(FileIssueTracker): """Track files that end with an incomplete line (no newline character at the end of the last line).""" @@ -94,7 +105,7 @@ class EndOfFileNewlineIssueTracker(IssueTracker): self.files_with_issues[filepath] = None -class Utf8BomIssueTracker(IssueTracker): +class Utf8BomIssueTracker(FileIssueTracker): """Track files that start with a UTF-8 BOM. Files should be ASCII or UTF-8. Valid UTF-8 does not start with a BOM.""" @@ -108,18 +119,18 @@ class Utf8BomIssueTracker(IssueTracker): self.files_with_issues[filepath] = None -class LineEndingIssueTracker(IssueTracker): +class LineEndingIssueTracker(LineIssueTracker): """Track files with non-Unix line endings (i.e. files with CR).""" def __init__(self): super().__init__() self.heading = "Non Unix line endings:" - def issue_with_line(self, line): + def issue_with_line(self, line, _filepath): return b"\r" in line -class TrailingWhitespaceIssueTracker(IssueTracker): +class TrailingWhitespaceIssueTracker(LineIssueTracker): """Track lines with trailing whitespace.""" def __init__(self): @@ -127,11 +138,11 @@ class TrailingWhitespaceIssueTracker(IssueTracker): self.heading = "Trailing whitespace:" self.files_exemptions = [".md"] - def issue_with_line(self, line): + def issue_with_line(self, line, _filepath): return line.rstrip(b"\r\n") != line.rstrip() -class TabIssueTracker(IssueTracker): +class TabIssueTracker(LineIssueTracker): """Track lines with tabs.""" def __init__(self): @@ -141,11 +152,11 @@ class TabIssueTracker(IssueTracker): "Makefile", "generate_visualc_files.pl" ] - def issue_with_line(self, line): + def issue_with_line(self, line, _filepath): return b"\t" in line -class MergeArtifactIssueTracker(IssueTracker): +class MergeArtifactIssueTracker(LineIssueTracker): """Track lines with merge artifacts. These are leftovers from a ``git merge`` that wasn't fully edited.""" @@ -153,22 +164,18 @@ class MergeArtifactIssueTracker(IssueTracker): super().__init__() self.heading = "Merge artifact:" - def issue_with_line(self, filepath, line): + def issue_with_line(self, line, _filepath): # Detect leftover git conflict markers. if line.startswith(b'<<<<<<< ') or line.startswith(b'>>>>>>> '): return True if line.startswith(b'||||||| '): # from merge.conflictStyle=diff3 return True if line.rstrip(b'\r\n') == b'=======' and \ - not filepath.endswith('.md'): + not _filepath.endswith('.md'): return True return False - def check_file_line(self, filepath, line, line_number): - if self.issue_with_line(filepath, line): - self.record_issue(filepath, line_number) - -class TodoIssueTracker(IssueTracker): +class TodoIssueTracker(LineIssueTracker): """Track lines containing ``TODO``.""" def __init__(self): @@ -180,7 +187,7 @@ class TodoIssueTracker(IssueTracker): "pull_request_template.md", ] - def issue_with_line(self, line): + def issue_with_line(self, line, _filepath): return b"todo" in line.lower() From 21e85f78b899da9a5949ed7121081518d017ba10 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 21:10:04 +0100 Subject: [PATCH 19/40] check-files.py: use class fields for class-wide constants In an issue tracker, heading and files_exemptions are class-wide constants, so make them so instead of being per-instance fields. --- tests/scripts/check-files.py | 64 ++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 36 deletions(-) diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index a6743bbfc..19fc528f7 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -23,12 +23,19 @@ class FileIssueTracker(object): """Base class for file-wide issue tracking. To implement a checker that processes a file as a whole, inherit from - this class and implement `check_file_for_issue`. + this class and implement `check_file_for_issue` and define ``heading``. + + ``files_exemptions``: files whose name ends with a string in this set + will not be checked. + + ``heading``: human-readable description of the issue """ + files_exemptions = frozenset() + # heading must be defined in derived classes. + # pylint: disable=no-member + def __init__(self): - self.heading = "" - self.files_exemptions = [] self.files_with_issues = {} def should_check_file(self, filepath): @@ -81,9 +88,7 @@ class PermissionIssueTracker(FileIssueTracker): Files that are not executable scripts must not be executable.""" - def __init__(self): - super().__init__() - self.heading = "Incorrect permissions:" + heading = "Incorrect permissions:" def check_file_for_issue(self, filepath): if not (os.access(filepath, os.X_OK) == @@ -95,9 +100,7 @@ class EndOfFileNewlineIssueTracker(FileIssueTracker): """Track files that end with an incomplete line (no newline character at the end of the last line).""" - def __init__(self): - super().__init__() - self.heading = "Missing newline at end of file:" + heading = "Missing newline at end of file:" def check_file_for_issue(self, filepath): with open(filepath, "rb") as f: @@ -109,9 +112,7 @@ class Utf8BomIssueTracker(FileIssueTracker): """Track files that start with a UTF-8 BOM. Files should be ASCII or UTF-8. Valid UTF-8 does not start with a BOM.""" - def __init__(self): - super().__init__() - self.heading = "UTF-8 BOM present:" + heading = "UTF-8 BOM present:" def check_file_for_issue(self, filepath): with open(filepath, "rb") as f: @@ -122,9 +123,7 @@ class Utf8BomIssueTracker(FileIssueTracker): class LineEndingIssueTracker(LineIssueTracker): """Track files with non-Unix line endings (i.e. files with CR).""" - def __init__(self): - super().__init__() - self.heading = "Non Unix line endings:" + heading = "Non Unix line endings:" def issue_with_line(self, line, _filepath): return b"\r" in line @@ -133,10 +132,8 @@ class LineEndingIssueTracker(LineIssueTracker): class TrailingWhitespaceIssueTracker(LineIssueTracker): """Track lines with trailing whitespace.""" - def __init__(self): - super().__init__() - self.heading = "Trailing whitespace:" - self.files_exemptions = [".md"] + heading = "Trailing whitespace:" + files_exemptions = frozenset(".md") def issue_with_line(self, line, _filepath): return line.rstrip(b"\r\n") != line.rstrip() @@ -145,12 +142,11 @@ class TrailingWhitespaceIssueTracker(LineIssueTracker): class TabIssueTracker(LineIssueTracker): """Track lines with tabs.""" - def __init__(self): - super().__init__() - self.heading = "Tabs present:" - self.files_exemptions = [ - "Makefile", "generate_visualc_files.pl" - ] + heading = "Tabs present:" + files_exemptions = frozenset([ + "Makefile", + "generate_visualc_files.pl", + ]) def issue_with_line(self, line, _filepath): return b"\t" in line @@ -160,9 +156,7 @@ class MergeArtifactIssueTracker(LineIssueTracker): """Track lines with merge artifacts. These are leftovers from a ``git merge`` that wasn't fully edited.""" - def __init__(self): - super().__init__() - self.heading = "Merge artifact:" + heading = "Merge artifact:" def issue_with_line(self, line, _filepath): # Detect leftover git conflict markers. @@ -178,14 +172,12 @@ class MergeArtifactIssueTracker(LineIssueTracker): class TodoIssueTracker(LineIssueTracker): """Track lines containing ``TODO``.""" - def __init__(self): - super().__init__() - self.heading = "TODO present:" - self.files_exemptions = [ - os.path.basename(__file__), - "benchmark.c", - "pull_request_template.md", - ] + heading = "TODO present:" + files_exemptions = frozenset([ + os.path.basename(__file__), + "benchmark.c", + "pull_request_template.md", + ]) def issue_with_line(self, line, _filepath): return b"todo" in line.lower() From 6fc5215831b01df6e5376b555a1c7f4d69afef1f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 21:24:27 +0100 Subject: [PATCH 20/40] check-files.py: readability improvement in permission check --- tests/scripts/check-files.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index 19fc528f7..00fd0edfb 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -91,8 +91,9 @@ class PermissionIssueTracker(FileIssueTracker): heading = "Incorrect permissions:" def check_file_for_issue(self, filepath): - if not (os.access(filepath, os.X_OK) == - filepath.endswith((".sh", ".pl", ".py"))): + is_executable = os.access(filepath, os.X_OK) + should_be_executable = filepath.endswith((".sh", ".pl", ".py")) + if is_executable != should_be_executable: self.files_with_issues[filepath] = None From afd19dd9b6b626e3170a16eedf5b95601cea61d5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Feb 2019 21:39:42 +0100 Subject: [PATCH 21/40] Silence pylint Silence pylint in specific places where we're doing slightly unusual or dodgy, but correct. --- scripts/abi_check.py | 4 +++- tests/scripts/generate_test_code.py | 2 +- tests/scripts/mbedtls_test.py | 3 ++- tests/scripts/test_generate_test_code.py | 4 +++- 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/scripts/abi_check.py b/scripts/abi_check.py index 5beaa8850..2a90b68f7 100755 --- a/scripts/abi_check.py +++ b/scripts/abi_check.py @@ -255,7 +255,9 @@ def run_main(): ) return_code = abi_check.check_for_abi_changes() sys.exit(return_code) - except Exception: + except Exception: # pylint: disable=broad-except + # Print the backtrace and exit explicitly so as to exit with + # status 2, not 1. traceback.print_exc() sys.exit(2) diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index 125802442..1fff09992 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -238,7 +238,7 @@ class FileWrapper(io.FileIO, object): if hasattr(parent, '__next__'): line = parent.__next__() # Python 3 else: - line = parent.next() # Python 2 + line = parent.next() # Python 2 # pylint: disable=no-member if line is not None: self._line_no += 1 # Convert byte array to string with correct encoding and diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py index c7027659f..ac2912d4c 100755 --- a/tests/scripts/mbedtls_test.py +++ b/tests/scripts/mbedtls_test.py @@ -37,7 +37,8 @@ https://github.com/ARMmbed/greentea import re import os import binascii -from mbed_host_tests import BaseHostTest, event_callback + +from mbed_host_tests import BaseHostTest, event_callback # pylint: disable=import-error class TestDataParserError(Exception): diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py index 2ef12e18d..6d7113e18 100755 --- a/tests/scripts/test_generate_test_code.py +++ b/tests/scripts/test_generate_test_code.py @@ -22,7 +22,7 @@ Unit tests for generate_test_code.py """ - +# pylint: disable=wrong-import-order try: # Python 2 from StringIO import StringIO @@ -36,6 +36,7 @@ try: except ImportError: # Python 3 from unittest.mock import patch +# pylint: enable=wrong-import-order from generate_test_code import gen_dependencies, gen_dependencies_one_line from generate_test_code import gen_function_wrapper, gen_dispatch from generate_test_code import parse_until_pattern, GeneratorInputError @@ -336,6 +337,7 @@ class StringIOWrapper(StringIO, object): :param length: :return: """ + # pylint: disable=unused-argument line = super(StringIOWrapper, self).readline() if line is not None: self.line_no += 1 From 5b9e318e3463cf5b5e0aa160bffa284820a50ede Mon Sep 17 00:00:00 2001 From: irwir Date: Sat, 19 Jan 2019 19:05:56 +0300 Subject: [PATCH 22/40] Fix default port number information --- ChangeLog | 2 ++ programs/ssl/ssl_mail_client.c | 30 +++++++++++++++--------------- 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index 66ecf9783..ef26674a6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -47,6 +47,8 @@ Bugfix * Fix private key DER output in the key_app_writer example. File contents were shifted by one byte, creating an invalid ASN.1 tag. Fixed by Christian Walther in #2239. + * Fix incorrect default port number in ssl_mail_client example's usage. + Found and fixed by irwir. #2337 Changes * Include configuration file in all header files that use configuration, diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index bbe4c700b..c73297c2a 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -110,9 +110,9 @@ int main( void ) #if defined(MBEDTLS_BASE64_C) #define USAGE_AUTH \ - " authentication=%%d default: 0 (disabled)\n" \ - " user_name=%%s default: \"user\"\n" \ - " user_pwd=%%s default: \"password\"\n" + " authentication=%%d default: 0 (disabled)\n" \ + " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \ + " user_pwd=%%s default: \"" DFL_USER_PWD "\"\n" #else #define USAGE_AUTH \ " authentication options disabled. (Require MBEDTLS_BASE64_C)\n" @@ -129,17 +129,17 @@ int main( void ) #endif /* MBEDTLS_FS_IO */ #define USAGE \ - "\n usage: ssl_mail_client param=<>...\n" \ - "\n acceptable parameters:\n" \ - " server_name=%%s default: localhost\n" \ - " server_port=%%d default: 4433\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ + "\n usage: ssl_mail_client param=<>...\n" \ + "\n acceptable parameters:\n" \ + " server_name=%%s default: " DFL_SERVER_NAME "\n" \ + " server_port=%%d default: " DFL_SERVER_PORT "\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ - USAGE_AUTH \ - " mail_from=%%s default: \"\"\n" \ - " mail_to=%%s default: \"\"\n" \ - USAGE_IO \ - " force_ciphersuite= default: all enabled\n"\ + USAGE_AUTH \ + " mail_from=%%s default: \"\"\n" \ + " mail_to=%%s default: \"\"\n" \ + USAGE_IO \ + " force_ciphersuite= default: all enabled\n" \ " acceptable ciphersuite names:\n" #if defined(MBEDTLS_CHECK_PARAMS) @@ -324,7 +324,7 @@ static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char * mbedtls_printf("\n%s", buf); if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 ) { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); return -1; } @@ -336,7 +336,7 @@ static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char * if( ret <= 0 ) { - mbedtls_printf( "failed\n ! read returned %d\n\n", ret ); + mbedtls_printf( "failed\n ! mbedtls_net_recv returned %d\n\n", ret ); return -1; } From 1fea599ecc44dcaf4d31b7b3360dce47f795fde4 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 17 Jan 2019 17:51:55 -0600 Subject: [PATCH 23/40] Change Perl to Python in test builds Change references to Perl when mentioning building the tests, to Python, as this is now the script that builds the tests. Fixes #2078. --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d7a0e9d6b..94ea84b9d 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ In order to run the tests, enter: make check -The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with: +The tests need Python to be built and Perl to be run. If you don't have one of them installed, you can skip building the tests with: make no_test @@ -65,7 +65,7 @@ In order to run the tests, enter: make test -The test suites need Perl to be built. If you don't have Perl installed, you'll want to disable the test suites with: +The test suites need Python to be built and Perl to be executed. If you don't have one of these installed, you'll want to disable the test suites with: cmake -DENABLE_TESTING=Off /path/to/mbedtls_source @@ -133,7 +133,7 @@ on the build mode as seen above), it's merely prepended to it. The build files for Microsoft Visual Studio are generated for Visual Studio 2010. -The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well. However, the selftest program in `programs/test/` is still available. +The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need Python and perl environments as well. However, the selftest program in `programs/test/` is still available. Example programs ---------------- @@ -143,7 +143,7 @@ We've included example programs for a lot of different features and uses in [`pr Tests ----- -Mbed TLS includes an elaborate test suite in `tests/` that initially requires Perl to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function. +Mbed TLS includes an elaborate test suite in `tests/` that initially requires Python to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function. For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available: From af97cae27dab0de5396e341c80370d74fcb1d2e7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 1 Feb 2019 16:41:30 +0000 Subject: [PATCH 24/40] Fix 1-byte buffer overflow in mbedtls_mpi_write_string() This can only occur for negative numbers. Fixes #2404. --- library/bignum.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/bignum.c b/library/bignum.c index 47e4529be..467c3aa4b 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -602,7 +602,10 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, mbedtls_mpi_init( &T ); if( X->s == -1 ) + { *p++ = '-'; + buflen--; + } if( radix == 16 ) { From ae499753a2c345a5d42388b79350b3b7c41b6f57 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 1 Feb 2019 16:42:48 +0000 Subject: [PATCH 25/40] Adapt ChangeLog --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 66ecf9783..dc92e241a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ Features https://sweet32.info/SWEET32_CCS16.pdf. Bugfix + * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when + used with negative inputs. Found by Guido Vranken in #2404. * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242. * Run the AD too long test only if MBEDTLS_CCM_ALT is not defined. From c1fa6cdab6a75ea4bcf75505fce27a936da25142 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 4 Feb 2019 09:45:07 +0000 Subject: [PATCH 26/40] Improve documentation of mbedtls_mpi_write_string() --- library/bignum.c | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 467c3aa4b..9aed59c5e 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -582,15 +582,20 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, if( radix < 2 || radix > 16 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - n = mbedtls_mpi_bitlen( X ); - if( radix >= 4 ) n >>= 1; - if( radix >= 16 ) n >>= 1; - /* - * Round up the buffer length to an even value to ensure that there is - * enough room for hexadecimal values that can be represented in an odd - * number of digits. - */ - n += 3 + ( ( n + 1 ) & 1 ); + n = mbedtls_mpi_bitlen( X ); /* Number of bits necessary to present `n`. */ + if( radix >= 4 ) n >>= 1; /* Number of 4-adic digits necessary to present + * `n`. If radix > 4, this might be a strict + * overapproximation of the number of + * radix-adic digits needed to present `n`. */ + if( radix >= 16 ) n >>= 1; /* Number of hexadecimal digits necessary to + * present `n`. */ + + n += 1; /* NULL termination */ + n += 1; /* Compensate for the divisions above, which round down `n` + * in case it's not even. */ + n += 1; /* Potential '-'-sign. */ + n += ( n & 1 ); /* Make n even to have enough space for hexadecimal writing, + * which always uses an even number of hex-digits. */ if( buflen < n ) { From 276284fd2e6fdb564db7152814e343ab783d7325 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 6 Mar 2019 12:29:37 +0000 Subject: [PATCH 27/40] Add non-regression test for buffer overflow --- tests/suites/test_suite_mpi.data | 3 +++ tests/suites/test_suite_mpi.function | 3 +++ 2 files changed, 6 insertions(+) diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data index 8b5f97d38..425e93ad2 100644 --- a/tests/suites/test_suite_mpi.data +++ b/tests/suites/test_suite_mpi.data @@ -25,6 +25,9 @@ mpi_read_write_string:16:"-20":10:"-32":100:0:0 Base test mpi_read_write_string #3 (Negative decimal) mpi_read_write_string:16:"-23":16:"-23":100:0:0 +Base test mpi_read_write_string #4 (Buffer just fits) +mpi_read_write_string:16:"-4":4:"-10":4:0:0 + Test mpi_read_write_string #1 (Invalid character) mpi_read_write_string:10:"a28":0:"":100:MBEDTLS_ERR_MPI_INVALID_CHARACTER:0 diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index d1fa5a46c..f982385e1 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -294,6 +294,8 @@ void mpi_read_write_string( int radix_X, char * input_X, int radix_A, mbedtls_mpi_init( &X ); + memset( str, '!', sizeof( str ) ); + TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read ); if( result_read == 0 ) { @@ -301,6 +303,7 @@ void mpi_read_write_string( int radix_X, char * input_X, int radix_A, if( result_write == 0 ) { TEST_ASSERT( strcasecmp( str, input_A ) == 0 ); + TEST_ASSERT( str[len] == '!' ); } } From 870ed0008a661996924ed2da4a825491da051ef9 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 6 Mar 2019 13:43:02 +0000 Subject: [PATCH 28/40] Fix typo --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 9aed59c5e..41946183c 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -590,7 +590,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, if( radix >= 16 ) n >>= 1; /* Number of hexadecimal digits necessary to * present `n`. */ - n += 1; /* NULL termination */ + n += 1; /* Terminating null byte */ n += 1; /* Compensate for the divisions above, which round down `n` * in case it's not even. */ n += 1; /* Potential '-'-sign. */ From 86d8c673c2954e8b1a925a8d1e68b059dab07747 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 6 Mar 2019 15:21:45 +0000 Subject: [PATCH 29/40] Fix ChangeLog entry ordering --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index dc92e241a..c0c6860bb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,8 +8,6 @@ Features https://sweet32.info/SWEET32_CCS16.pdf. Bugfix - * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when - used with negative inputs. Found by Guido Vranken in #2404. * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242. * Run the AD too long test only if MBEDTLS_CCM_ALT is not defined. @@ -49,6 +47,8 @@ Bugfix * Fix private key DER output in the key_app_writer example. File contents were shifted by one byte, creating an invalid ASN.1 tag. Fixed by Christian Walther in #2239. + * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when + used with negative inputs. Found by Guido Vranken in #2404. Changes * Include configuration file in all header files that use configuration, From 61ccc131d09880baa7d37756b7d9a09183bef8e4 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 9 Nov 2018 15:30:52 +0000 Subject: [PATCH 30/40] Remove Circle CI script We are running an equivalent set of test by other means and therefore this script is no longer needed. --- circle.yml | 44 -------------------------------------------- 1 file changed, 44 deletions(-) delete mode 100644 circle.yml diff --git a/circle.yml b/circle.yml deleted file mode 100644 index eaed02a81..000000000 --- a/circle.yml +++ /dev/null @@ -1,44 +0,0 @@ -# Purpose: -# - To test and prove that a new commit in the mbed TLS repository builds -# and integrates with mbed-os properly. -# AND -# - To test and prove that the current development head of mbed TLS builds -# and integrates with the current mbed-os master branch. -# -# The script fetches all the prerequisites and builds the mbed TLS 'tls-client' -# example. This script is triggered by every commit and once each night and the -# exact behaviour depends on how it was triggered: -# - If it is a nightly build then it builds the mbed TLS development head with -# mbed-os master. -# - If it was triggered by the commit, then it builds the example with mbed TLS -# at that commit and mbed-os at the commit pointed by mbed-os.lib in the -# example repository. - -test: - override: - - cd ../mbed-os-example-tls/tls-client/ && mbed compile -m K64F -t GCC_ARM -c - -dependencies: - pre: - # Install gcc-arm - - cd .. && wget "https://launchpad.net/gcc-arm-embedded/4.9/4.9-2015-q3-update/+download/gcc-arm-none-eabi-4_9-2015q3-20150921-linux.tar.bz2" - - cd .. && tar -xvjf gcc-arm-none-eabi-4_9-2015q3-20150921-linux.tar.bz2 - - ln -s ../gcc-arm-none-eabi-4_9-2015q3/bin/* ../bin/ - # Install mbed-cli - - cd ../ && git clone https://github.com/ARMmbed/mbed-cli.git - - cd ../mbed-cli && sudo -H pip install -e . - # Get the sample application - - cd ../ && git clone git@github.com:ARMmbed/mbed-os-example-tls.git - # Get mbed-os - - cd ../mbed-os-example-tls/tls-client && mbed deploy - # Update mbed-os to master only if it is a nightly build - - > - if [ -n "${RUN_NIGHTLY_BUILD}" ]; then - cd ../mbed-os-example-tls/tls-client/mbed-os/ && mbed update master; - fi - # Import mbedtls current revision - - ln -s ../../../../../../../mbedtls/ ../mbed-os-example-tls/tls-client/mbed-os/features/mbedtls/importer/TARGET_IGNORE/mbedtls - - cd ../mbed-os-example-tls/tls-client/mbed-os/features/mbedtls/importer/ && make - override: - # Install the missing python packages - - cd ../mbed-os-example-tls/tls-client/mbed-os/ && sudo -H pip install -r requirements.txt From 60ee28b36b67d0c91cf262d15e8e0b4fb3939772 Mon Sep 17 00:00:00 2001 From: Junhwan Park Date: Wed, 17 Oct 2018 21:01:08 +0900 Subject: [PATCH 31/40] x509.c: Fix potential memory leak in X.509 self test Found and fixed by Junhwan Park in #2106. Signed-off-by: Junhwan Park --- ChangeLog | 2 ++ library/x509.c | 16 +++++++--------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 66ecf9783..e450e7b4d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -251,6 +251,8 @@ Bugfix replacements of standard calloc/free functions through the macros MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO. Reported by ole-de and ddhome2006. Fixes #882, #1642 and #1706. + * Fix potential memory leak in X.509 self test. Found and fixed by + Junhwan Park, #2106. Changes * Removed support for Yotta as a build tool. diff --git a/library/x509.c b/library/x509.c index 52b5b649f..7cc813ec6 100644 --- a/library/x509.c +++ b/library/x509.c @@ -1001,8 +1001,8 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) */ int mbedtls_x509_self_test( int verbose ) { + int ret = 0; #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) - int ret; uint32_t flags; mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; @@ -1010,6 +1010,7 @@ int mbedtls_x509_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " X.509 certificate load: " ); + mbedtls_x509_crt_init( &cacert ); mbedtls_x509_crt_init( &clicert ); ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, @@ -1019,11 +1020,9 @@ int mbedtls_x509_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); - return( ret ); + goto cleanup; } - mbedtls_x509_crt_init( &cacert ); - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, mbedtls_test_ca_crt_len ); if( ret != 0 ) @@ -1031,7 +1030,7 @@ int mbedtls_x509_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); - return( ret ); + goto cleanup; } if( verbose != 0 ) @@ -1043,20 +1042,19 @@ int mbedtls_x509_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "failed\n" ); - return( ret ); + goto cleanup; } if( verbose != 0 ) mbedtls_printf( "passed\n\n"); +cleanup: mbedtls_x509_crt_free( &cacert ); mbedtls_x509_crt_free( &clicert ); - - return( 0 ); #else ((void) verbose); - return( 0 ); #endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */ + return( ret ); } #endif /* MBEDTLS_SELF_TEST */ From b25719b0317f3cc1845c476424d3609b7e29aed8 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Thu, 7 Mar 2019 16:59:14 -0500 Subject: [PATCH 32/40] Fix errors in AEAD test function It was failing to set the key in the ENCRYPT direction before encrypting. This just happened to work for GCM and CCM. After re-encrypting, compare the length to the expected ciphertext length not the plaintext length. Again this just happens to work for GCM and CCM since they do not perform any kind of padding. --- ChangeLog | 3 +++ tests/suites/test_suite_cipher.function | 7 +++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 66ecf9783..80a5b8083 100644 --- a/ChangeLog +++ b/ChangeLog @@ -47,6 +47,9 @@ Bugfix * Fix private key DER output in the key_app_writer example. File contents were shifted by one byte, creating an invalid ASN.1 tag. Fixed by Christian Walther in #2239. + * Fix bugs in the AEAD test suite which would be exposed by ciphers which + either used both encrypt and decrypt key schedules, or which perform padding. + GCM and CCM were not affected. Fixed by Jack Lloyd. Changes * Include configuration file in all header files that use configuration, diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 773c792ca..54fe1a339 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -976,6 +976,9 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, TEST_ASSERT( memcmp( output, clear->x, clear->len ) == 0 ); /* then encrypt the clear->x and make sure we get the same ciphertext and tag->x */ + TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, + MBEDTLS_ENCRYPT ) ); + memset( output, 0xFF, sizeof( output ) ); outlen = 0; @@ -984,8 +987,8 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, my_tag, tag->len ); TEST_ASSERT( ret == 0 ); - TEST_ASSERT( outlen == clear->len ); - TEST_ASSERT( memcmp( output, cipher->x, clear->len ) == 0 ); + TEST_ASSERT( outlen == cipher->len ); + TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 ); TEST_ASSERT( memcmp( my_tag, tag->x, tag->len ) == 0 ); /* make sure we didn't overwrite */ From 9f4f8eec93dd1f32d78e0bcceddbef0ca570e66f Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 19 Mar 2019 16:16:12 +0000 Subject: [PATCH 33/40] Update library version to 2.16.1 --- ChangeLog | 2 +- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index afbe2f689..287e5e423 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS 2.x.x branch released xxxx-xx-xx += mbed TLS 2.16.1 branch released 2019-03-19 Features * Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index ffc3cecbe..6345ddc0b 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -24,7 +24,7 @@ */ /** - * @mainpage mbed TLS v2.16.0 source code documentation + * @mainpage mbed TLS v2.16.1 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 574db8d46..d1c81d858 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.16.0" +PROJECT_NAME = "mbed TLS v2.16.1" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 56e7398a2..cc736e159 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -40,16 +40,16 @@ */ #define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MINOR 16 -#define MBEDTLS_VERSION_PATCH 0 +#define MBEDTLS_VERSION_PATCH 1 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x02100000 -#define MBEDTLS_VERSION_STRING "2.16.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.0" +#define MBEDTLS_VERSION_NUMBER 0x02100100 +#define MBEDTLS_VERSION_STRING "2.16.1" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.1" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index f3c804481..720c7fa17 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -165,15 +165,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedcrypto SHARED ${src_crypto}) - set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.0 SOVERSION 3) + set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.1 SOVERSION 3) target_link_libraries(mbedcrypto ${libs}) add_library(mbedx509 SHARED ${src_x509}) - set_target_properties(mbedx509 PROPERTIES VERSION 2.16.0 SOVERSION 0) + set_target_properties(mbedx509 PROPERTIES VERSION 2.16.1 SOVERSION 0) target_link_libraries(mbedx509 ${libs} mbedcrypto) add_library(mbedtls SHARED ${src_tls}) - set_target_properties(mbedtls PROPERTIES VERSION 2.16.0 SOVERSION 12) + set_target_properties(mbedtls PROPERTIES VERSION 2.16.1 SOVERSION 12) target_link_libraries(mbedtls ${libs} mbedx509) install(TARGETS mbedtls mbedx509 mbedcrypto diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 62bb78212..40fc9237b 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.16.0" +check_compiletime_version:"2.16.1" Check runtime library version -check_runtime_version:"2.16.0" +check_runtime_version:"2.16.1" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From ab9bf63b069f937cd122cedda64a4abac713560a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 27 Feb 2019 10:46:56 +0100 Subject: [PATCH 34/40] Fix the proxy seed in Travis runs This is what we do in Jenkins, so it only makes sense to do it here as well. This will avoid random failures for no other reason than the proxy was dropping all the messages due to an unlucky PRNG seed. See https://docs.travis-ci.com/user/environment-variables/ for syntax --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 4fc31c923..c45d4081d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,7 +31,8 @@ after_failure: - tests/scripts/travis-log-failure.sh env: global: - secure: "barHldniAfXyoWOD/vcO+E6/Xm4fmcaUoC9BeKW+LwsHqlDMLvugaJnmLXkSpkbYhVL61Hzf3bo0KPJn88AFc5Rkf8oYHPjH4adMnVXkf3B9ghHCgznqHsAH3choo6tnPxaFgOwOYmLGb382nQxfE5lUdvnM/W/psQjWt66A1+k=" + - SEED=1 + - secure: "barHldniAfXyoWOD/vcO+E6/Xm4fmcaUoC9BeKW+LwsHqlDMLvugaJnmLXkSpkbYhVL61Hzf3bo0KPJn88AFc5Rkf8oYHPjH4adMnVXkf3B9ghHCgznqHsAH3choo6tnPxaFgOwOYmLGb382nQxfE5lUdvnM/W/psQjWt66A1+k=" addons: apt: From 1ec99c66b8997e0334b40ef022201d9e220ad354 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 7 Apr 2019 16:42:25 +0300 Subject: [PATCH 35/40] Remove ssl_cert_test sample app Remove the ssl_cert_test sample application, as it uses hardcoded certificates that moved, and is redundant with the x509 tests and applications. Fixes #1905. --- programs/Makefile | 6 +- programs/README.md | 2 - programs/test/CMakeLists.txt | 5 +- programs/test/ssl_cert_test.c | 274 --------------------------- visualc/VS2010/mbedTLS.sln | 13 -- visualc/VS2010/ssl_cert_test.vcxproj | 174 ----------------- 6 files changed, 2 insertions(+), 472 deletions(-) delete mode 100644 programs/test/ssl_cert_test.c delete mode 100644 visualc/VS2010/ssl_cert_test.vcxproj diff --git a/programs/Makefile b/programs/Makefile index 7d9affc5c..28c747b76 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -67,7 +67,7 @@ APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ ssl/ssl_mail_client$(EXEXT) random/gen_entropy$(EXEXT) \ random/gen_random_havege$(EXEXT) \ random/gen_random_ctr_drbg$(EXEXT) \ - test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \ + test/benchmark$(EXEXT) \ test/selftest$(EXEXT) test/udp_proxy$(EXEXT) \ test/zeroize$(EXEXT) \ test/query_compile_time_config$(EXEXT) \ @@ -241,10 +241,6 @@ ssl/mini_client$(EXEXT): ssl/mini_client.c $(DEP) echo " CC ssl/mini_client.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) ssl/mini_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ -test/ssl_cert_test$(EXEXT): test/ssl_cert_test.c $(DEP) - echo " CC test/ssl_cert_test.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/ssl_cert_test.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - test/benchmark$(EXEXT): test/benchmark.c $(DEP) echo " CC test/benchmark.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/benchmark.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index eb25a7f69..d26349d0f 100644 --- a/programs/README.md +++ b/programs/README.md @@ -99,8 +99,6 @@ In addition to providing options for testing client-side features, the `ssl_clie * [`test/selftest.c`](test/selftest.c): runs the self-test function in each library module. -* [`test/ssl_cert_test.c`](test/ssl_cert_test.c): demonstrates how to verify X.509 certificates, and (for RSA keys only) how to check that each certificate matches the corresponding private key. This program requires some test data which is not provided. - * [`test/udp_proxy.c`](test/udp_proxy.c): a UDP proxy that can inject certain failures (delay, duplicate, drop). Useful for testing DTLS. * [`test/zeroize.c`](test/zeroize.c): a test program for `mbedtls_platform_zeroize`, used by [`tests/scripts/test_zeroize.gdb`](tests/scripts/test_zeroize.gdb). diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 65ff24948..282ef58aa 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -21,9 +21,6 @@ if(TEST_CPP) target_link_libraries(cpp_dummy_build ${libs}) endif() -add_executable(ssl_cert_test ssl_cert_test.c) -target_link_libraries(ssl_cert_test ${libs}) - add_executable(udp_proxy udp_proxy.c) target_link_libraries(udp_proxy ${libs}) @@ -34,6 +31,6 @@ add_executable(query_compile_time_config query_compile_time_config.c) target_sources(query_compile_time_config PUBLIC ../ssl/query_config.c) target_link_libraries(query_compile_time_config ${libs}) -install(TARGETS selftest benchmark ssl_cert_test udp_proxy query_compile_time_config +install(TARGETS selftest benchmark udp_proxy query_compile_time_config DESTINATION "bin" PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c deleted file mode 100644 index fdf30ef40..000000000 --- a/programs/test/ssl_cert_test.c +++ /dev/null @@ -1,274 +0,0 @@ -/* - * SSL certificate functionality tests - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_snprintf snprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_X509_CRL_PARSE_C) -#include "mbedtls/certs.h" -#include "mbedtls/x509_crt.h" - -#include -#include -#endif - -#define MAX_CLIENT_CERTS 8 - -#if !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_X509_CRL_PARSE_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_RSA_C and/or MBEDTLS_X509_CRT_PARSE_C " - "MBEDTLS_FS_IO and/or MBEDTLS_X509_CRL_PARSE_C " - "not defined.\n"); - return( 0 ); -} -#else -const char *client_certificates[MAX_CLIENT_CERTS] = -{ - "client1.crt", - "client2.crt", - "server1.crt", - "server2.crt", - "cert_sha224.crt", - "cert_sha256.crt", - "cert_sha384.crt", - "cert_sha512.crt" -}; - -const char *client_private_keys[MAX_CLIENT_CERTS] = -{ - "client1.key", - "client2.key", - "server1.key", - "server2.key", - "cert_digest.key", - "cert_digest.key", - "cert_digest.key", - "cert_digest.key" -}; - -#if defined(MBEDTLS_CHECK_PARAMS) -#include "mbedtls/platform_util.h" -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) -{ - mbedtls_printf( "%s:%i: Input param failed - %s\n", - file, line, failure_condition ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); -} -#endif - -int main( void ) -{ - int ret = 1, i; - int exit_code = MBEDTLS_EXIT_FAILURE; - mbedtls_x509_crt cacert; - mbedtls_x509_crl crl; - char buf[10240]; - - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crl_init( &crl ); - - /* - * 1.1. Load the trusted CA - */ - mbedtls_printf( "\n . Loading the CA root certificate ..." ); - fflush( stdout ); - - /* - * Alternatively, you may load the CA certificates from a .pem or - * .crt file by calling mbedtls_x509_crt_parse_file( &cacert, "myca.crt" ). - */ - ret = mbedtls_x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - mbedtls_x509_crt_info( buf, 1024, "CRT: ", &cacert ); - mbedtls_printf("%s\n", buf ); - - /* - * 1.2. Load the CRL - */ - mbedtls_printf( " . Loading the CRL ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - mbedtls_x509_crl_info( buf, 1024, "CRL: ", &crl ); - mbedtls_printf("%s\n", buf ); - - for( i = 0; i < MAX_CLIENT_CERTS; i++ ) - { - /* - * 1.3. Load own certificate - */ - char name[512]; - uint32_t flags; - mbedtls_x509_crt clicert; - mbedtls_pk_context pk; - - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pk ); - - mbedtls_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]); - - mbedtls_printf( " . Loading the client certificate %s...", name ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse_file( &clicert, name ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.4. Verify certificate validity with CA certificate - */ - mbedtls_printf( " . Verify the client certificate with CA certificate..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL, - NULL ); - if( ret != 0 ) - { - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) - { - char vrfy_buf[512]; - - mbedtls_printf( " failed\n" ); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - mbedtls_printf( "%s\n", vrfy_buf ); - } - else - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_verify returned %d\n\n", ret ); - goto exit; - } - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.5. Load own private key - */ - mbedtls_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]); - - mbedtls_printf( " . Loading the client private key %s...", name ); - fflush( stdout ); - - ret = mbedtls_pk_parse_keyfile( &pk, name, NULL ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - /* - * 1.6. Verify certificate validity with private key - */ - mbedtls_printf( " . Verify the client certificate with private key..." ); - fflush( stdout ); - - - /* EC NOT IMPLEMENTED YET */ - if( ! mbedtls_pk_can_do( &clicert.pk, MBEDTLS_PK_RSA ) ) - { - mbedtls_printf( " failed\n ! certificate's key is not RSA\n\n" ); - goto exit; - } - - ret = mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa( pk )->N, &mbedtls_pk_rsa( clicert.pk )->N); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_cmp_mpi for N returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa( pk )->E, &mbedtls_pk_rsa( clicert.pk )->E); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_cmp_mpi for E returned %d\n\n", ret ); - goto exit; - } - - ret = mbedtls_rsa_check_privkey( mbedtls_pk_rsa( pk ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey returned %d\n\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); - - mbedtls_x509_crt_free( &clicert ); - mbedtls_pk_free( &pk ); - } - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crl_free( &crl ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - return( exit_code ); -} -#endif /* MBEDTLS_RSA_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && - MBEDTLS_X509_CRL_PARSE_C */ diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 85429b837..5d2c99cd3 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -183,11 +183,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_random_ctr_drbg", "gen_ {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_cert_test", "ssl_cert_test.vcxproj", "{3FE0C0E1-D9BA-6A26-380C-F293E543B914}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark.vcxproj", "{90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -552,14 +547,6 @@ Global {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.Build.0 = Release|Win32 {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.ActiveCfg = Release|x64 {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.Build.0 = Release|x64 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Debug|Win32.ActiveCfg = Debug|Win32 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Debug|Win32.Build.0 = Debug|Win32 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Debug|x64.ActiveCfg = Debug|x64 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Debug|x64.Build.0 = Debug|x64 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Release|Win32.ActiveCfg = Release|Win32 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Release|Win32.Build.0 = Release|Win32 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Release|x64.ActiveCfg = Release|x64 - {3FE0C0E1-D9BA-6A26-380C-F293E543B914}.Release|x64.Build.0 = Release|x64 {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.ActiveCfg = Debug|Win32 {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.Build.0 = Debug|Win32 {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.ActiveCfg = Debug|x64 diff --git a/visualc/VS2010/ssl_cert_test.vcxproj b/visualc/VS2010/ssl_cert_test.vcxproj deleted file mode 100644 index b8f014e36..000000000 --- a/visualc/VS2010/ssl_cert_test.vcxproj +++ /dev/null @@ -1,174 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {3FE0C0E1-D9BA-6A26-380C-F293E543B914} - Win32Proj - ssl_cert_test - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - Windows7.1SDK - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - NotSet - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ../../include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - From da6a3c4d159e0d9ddab3c4253b61fbdc23242436 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 8 Apr 2019 11:23:50 +0100 Subject: [PATCH 36/40] Give credit to OSS-Fuzz for #2404 Add "Credit to OSS-Fuzz", in addition to Guido Vranken, for identifying bug #2404. --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 0d67ef6bf..978b8b5cd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -25,7 +25,8 @@ Bugfix Junhwan Park, #2106. * Reduce stack usage of hkdf tests. Fixes #2195. * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when - used with negative inputs. Found by Guido Vranken in #2404. + used with negative inputs. Found by Guido Vranken in #2404. Credit to + OSS-Fuzz. * Fix bugs in the AEAD test suite which would be exposed by ciphers which either used both encrypt and decrypt key schedules, or which perform padding. GCM and CCM were not affected. Fixed by Jack Lloyd. From e59c4193fbb73139d10122c9f1b5f6f3f4cd95b5 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 27 Feb 2019 11:16:41 +0000 Subject: [PATCH 37/40] Fix typo in data_file generator code The file to generate is `server10_int3-bs.pem`, not `server10-bs_int3-bs.pem`. --- tests/data_files/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 43fbe16f2..d023c8d0c 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -150,7 +150,7 @@ test-int-ca3-badsign.crt: test-int-ca3.crt all_final += test-int-ca3-badsign.crt server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt cat server10.crt test-int-ca3-badsign.crt > $@ -all_final += server10-bs_int3-bs.pem +all_final += server10_int3-bs.pem rsa_pkcs1_2048_public.pem: server8.key $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@ From 7dd44b28f1eb7132901a8b1935803240810f26ca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Apr 2019 16:58:02 +0200 Subject: [PATCH 38/40] Run ssl-opt.sh on 32-bit runtime Run ssl-opt.sh on x86_32 with ASan. This may detect bugs that only show up on 32-bit platforms, for example due to size_t overflow. For this component, turn off some memory management features that are not useful, potentially slow, and may reduce ASan's effectiveness at catching buffer overflows. --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a8d067b4f..8251d10cc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -952,10 +952,16 @@ component_test_m32_o1 () { # Build again with -O1, to compile in the i386 specific inline assembly msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.pl unset MBEDTLS_MEMORY_DEBUG make CC=gcc CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address' msg "test: i386, make, gcc -O1 (ASan build)" make test + + msg "test ssl-opt.sh, i386, make, gcc-O1" + if_build_succeeded tests/ssl-opt.sh } support_test_m32_o1 () { support_test_m32_o0 "$@" From 99a3310fba7b027216530124e703066f5dfdc6d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Apr 2019 17:00:15 +0200 Subject: [PATCH 39/40] Add an "out-of-box" component Just run `make` and `make test`. And `selftest` for good measure. --- tests/scripts/all.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8251d10cc..b6fb6ff75 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -590,6 +590,17 @@ component_check_doxygen_warnings () { #### Build and test many configurations and targets ################################################################ +component_test_default_out_of_box () { + msg "build: make, default config (out-of-box)" # ~1min + make + + msg "test: main suites make, default config (out-of-box)" # ~10s + make test + + msg "selftest: make, default config (out-of-box)" # ~10s + programs/test/selftest +} + component_test_default_cmake_gcc_asan () { msg "build: cmake, gcc, ASan" # ~ 1 min 50s CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . From 0a47c4ffbb13302336c02c1ea4ab56cb37e7a3f9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Apr 2019 17:00:56 +0200 Subject: [PATCH 40/40] Clarify comment mangled by an earlier refactoring --- tests/scripts/all.sh | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b6fb6ff75..44df16249 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1193,10 +1193,8 @@ component_test_valgrind () { msg "test: main suites valgrind (Release)" make memcheck - # Optional part(s) - # Currently broken, programs don't seem to receive signals - # under valgrind on OS X - + # Optional parts (slow; currently broken on OS X because programs don't + # seem to receive signals under valgrind on OS X). if [ "$MEMORY" -gt 0 ]; then msg "test: ssl-opt.sh --memcheck (Release)" if_build_succeeded tests/ssl-opt.sh --memcheck