Merge remote-tracking branch 'public/pr/2881' into baremetal

This commit is contained in:
Simon Butcher 2019-10-08 18:39:34 +01:00
commit 3a9d8a54e4
12 changed files with 2165 additions and 94 deletions

View file

@ -59,6 +59,16 @@ Changes
* Reduce RAM consumption during session renegotiation by not storing
the peer CRT chain and session ticket twice.
= mbed TLS 2.16.x branch released xxxx-xx-xx
Bugfix
* Remove redundant line for getting the bitlen of a bignum, since the variable
holding the returned value is overwritten a line after.
Found by irwir in #2377.
Changes
* Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
from the cipher abstraction layer. Fixes #2198.
= mbed TLS 2.16.3 branch released 2019-09-06

View file

@ -344,6 +344,14 @@
#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites"
#endif
#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites"
#endif
#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
#endif

View file

@ -2338,8 +2338,6 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds,
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) );
i = mbedtls_mpi_bitlen( X );
for( i = 0; i < rounds; i++ )
{
/*

View file

@ -26,6 +26,8 @@
# MBEDTLS_ECP_DP_M221_ENABLED
# MBEDTLS_ECP_DP_M383_ENABLED
# MBEDTLS_ECP_DP_M511_ENABLED
# MBEDTLS_MEMORY_BACKTRACE
# MBEDTLS_MEMORY_BUFFER_ALLOC_C
# MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
# MBEDTLS_NO_PLATFORM_ENTROPY
# MBEDTLS_REMOVE_ARC4_CIPHERSUITES
@ -47,6 +49,8 @@
# MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
# MBEDTLS_ZLIB_SUPPORT
# MBEDTLS_PKCS11_C
# MBEDTLS_NO_UDBL_DIVISION
# MBEDTLS_NO_64BIT_MULTIPLICATION
# and any symbol beginning _ALT
#
@ -96,6 +100,9 @@ MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
MBEDTLS_ECP_DP_M221_ENABLED
MBEDTLS_ECP_DP_M383_ENABLED
MBEDTLS_ECP_DP_M511_ENABLED
MBEDTLS_MEMORY_DEBUG
MBEDTLS_MEMORY_BACKTRACE
MBEDTLS_MEMORY_BUFFER_ALLOC_C
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
MBEDTLS_NO_PLATFORM_ENTROPY
MBEDTLS_RSA_NO_CRT

View file

@ -633,6 +633,22 @@ component_test_default_cmake_gcc_asan () {
if_build_succeeded tests/compat.sh
}
component_test_full_cmake_gcc_asan () {
msg "build: full config, cmake, gcc, ASan"
scripts/config.pl full
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: main suites (inc. selftests) (full config, ASan build)"
make test
msg "test: ssl-opt.sh (full config, ASan build)"
if_build_succeeded tests/ssl-opt.sh
msg "test: compat.sh (full config, ASan build)"
if_build_succeeded tests/compat.sh
}
component_test_ref_configs () {
msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
@ -793,7 +809,6 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () {
component_test_full_cmake_clang () {
msg "build: cmake, full config, clang" # ~ 50s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
CC=clang cmake -D LINK_WITH_PTHREAD=1 -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
make
@ -1004,7 +1019,6 @@ component_test_check_params_functionality () {
scripts/config.pl full # includes CHECK_PARAMS
# Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed().
scripts/config.pl unset MBEDTLS_CHECK_PARAMS_ASSERT
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
# Only build and run tests. Do not build sample programs, because
# they don't have a mbedtls_param_failed() function.
make CC=gcc CFLAGS='-Werror -O1' lib test
@ -1014,8 +1028,6 @@ component_test_check_params_without_platform () {
msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C"
scripts/config.pl full # includes CHECK_PARAMS
# Keep MBEDTLS_PARAM_FAILED as assert.
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT
@ -1030,7 +1042,6 @@ component_test_check_params_without_platform () {
component_test_check_params_silent () {
msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()"
scripts/config.pl full # includes CHECK_PARAMS
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
# Set MBEDTLS_PARAM_FAILED to nothing.
sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H"
make CC=gcc PTHREAD=1 CFLAGS='-Werror -O1' all test
@ -1051,7 +1062,6 @@ component_test_no_platform () {
scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT
scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_FS_IO
# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
# to re-enable platform integration features otherwise disabled in C99 builds
@ -1092,6 +1102,34 @@ component_build_no_sockets () {
make CC=gcc PTHREAD=1 CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
}
component_test_memory_buffer_allocator_backtrace () {
msg "build: default config with memory buffer allocator and backtrace enabled"
scripts/config.pl set MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl set MBEDTLS_PLATFORM_MEMORY
scripts/config.pl set MBEDTLS_MEMORY_BACKTRACE
scripts/config.pl set MBEDTLS_MEMORY_DEBUG
CC=gcc cmake .
make
msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE"
make test
}
component_test_memory_buffer_allocator () {
msg "build: default config with memory buffer allocator"
scripts/config.pl set MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl set MBEDTLS_PLATFORM_MEMORY
CC=gcc cmake .
make
msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C"
make test
msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C"
# MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out.
if_build_succeeded tests/ssl-opt.sh -e '^DTLS proxy'
}
component_test_no_max_fragment_length () {
# Run max fragment length tests with MFL disabled
msg "build: default config except MFL extension (ASan build)" # ~ 30s
@ -1262,9 +1300,6 @@ component_test_m32_o0 () {
# Build once with -O0, to compile out the i386 specific inline assembly
msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_MEMORY_DEBUG
make CC=gcc PTHREAD=1 CFLAGS='-O0 -Werror -Wall -Wextra -m32 -fsanitize=address' LDFLAGS='-m32'
msg "test: i386, make, gcc -O0 (ASan build)"
@ -1281,9 +1316,6 @@ component_test_m32_o1 () {
# Build again with -O1, to compile in the i386 specific inline assembly
msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_MEMORY_DEBUG
make CC=gcc PTHREAD=1 CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address' LDFLAGS='-m32'
msg "test: i386, make, gcc -O1 (ASan build)"
@ -1346,7 +1378,6 @@ component_test_have_int64 () {
component_test_no_udbl_division () {
msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
make CFLAGS='-Werror -O1'
@ -1357,7 +1388,6 @@ component_test_no_udbl_division () {
component_test_no_64bit_multiplication () {
msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
make CFLAGS='-Werror -O1'

View file

@ -75,7 +75,7 @@ uint8_t receive_byte()
c[1] = greentea_getc();
c[2] = '\0';
assert( unhexify( &byte, c ) != 2 );
TEST_HELPER_ASSERT( unhexify( &byte, c ) != 2 );
return( byte );
}
@ -90,18 +90,19 @@ uint8_t receive_byte()
uint32_t receive_uint32()
{
uint32_t value;
const uint8_t c[9] = { greentea_getc(),
const uint8_t c_be[8] = { greentea_getc(),
greentea_getc(),
greentea_getc(),
greentea_getc(),
greentea_getc(),
greentea_getc(),
greentea_getc(),
greentea_getc(),
'\0'
greentea_getc()
};
assert( unhexify( &value, c ) != 8 );
return( (uint32_t)value );
const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2],
c_be[3], c_be[0], c_be[1], '\0' };
TEST_HELPER_ASSERT( unhexify( (uint8_t*)&value, c ) != 8 );
return( value );
}
/**
@ -368,13 +369,13 @@ int execute_tests( int args, const char ** argv )
void ** params = NULL;
uint8_t * data = NULL, * p = NULL;
GREENTEA_SETUP( 180, "mbedtls_test" );
GREENTEA_SETUP( 800, "mbedtls_test" );
greentea_send_kv( "GO", " " );
while ( 1 )
{
ret = 0;
test_info.failed = 0;
test_info.result = TEST_RESULT_SUCCESS;
data_len = 0;
data = receive_data( &data_len );
@ -432,7 +433,7 @@ int execute_tests( int args, const char ** argv )
if ( ret )
send_failure( ret );
else
send_status( test_info.failed );
send_status( test_info.result );
}
return( 0 );
}

File diff suppressed because it is too large Load diff

View file

@ -572,7 +572,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
char * input_E, data_t * result_str,
int result )
{
unsigned char hash_result[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
mbedtls_pk_restart_ctx *rs_ctx = NULL;
@ -587,7 +587,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
mbedtls_pk_init( &pk );
memset( hash_result, 0x00, 1000 );
memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
rsa = mbedtls_pk_rsa( pk );
@ -621,7 +621,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
data_t * result_str, int pk_type,
int mgf1_hash_id, int salt_len, int result )
{
unsigned char hash_result[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
mbedtls_pk_rsassa_pss_options pss_opts;
@ -630,7 +630,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
mbedtls_pk_init( &pk );
memset( hash_result, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
rsa = mbedtls_pk_rsa( pk );
@ -880,7 +880,7 @@ void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
char * input_N, int radix_E, char * input_E,
data_t * result, int ret )
{
unsigned char output[1000];
unsigned char output[300];
rnd_pseudo_info rnd_info;
mbedtls_rsa_context *rsa;
mbedtls_pk_context pk;
@ -915,7 +915,7 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
int radix_N, char * input_N, int radix_E,
char * input_E, data_t * clear, int ret )
{
unsigned char output[1000];
unsigned char output[256];
rnd_pseudo_info rnd_info;
mbedtls_mpi N, P, Q, E;
mbedtls_rsa_context *rsa;
@ -1040,8 +1040,8 @@ void pk_rsa_alt( )
mbedtls_rsa_context raw;
mbedtls_pk_context rsa, alt;
mbedtls_pk_debug_item dbg_items[10];
unsigned char hash[50], sig[1000];
unsigned char msg[50], ciph[1000], test[1000];
unsigned char hash[50], sig[64];
unsigned char msg[50], ciph[64], test[50];
size_t sig_len, ciph_len, test_len;
int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;

View file

@ -14,7 +14,7 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
data_t * message_str, data_t * rnd_buf,
data_t * result_hex_str, int result )
{
unsigned char output[1000];
unsigned char output[128];
mbedtls_rsa_context ctx;
rnd_buf_info info;
mbedtls_mpi N, E;
@ -24,7 +24,7 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -54,7 +54,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
char * seed, data_t * message_str,
int result )
{
unsigned char output[1000];
unsigned char output[128];
mbedtls_rsa_context ctx;
size_t output_len;
rnd_pseudo_info rnd_info;
@ -65,7 +65,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@ -248,8 +248,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
data_t * message_str, data_t * rnd_buf,
data_t * result_hex_str, int result )
{
unsigned char hash_result[1000];
unsigned char output[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
unsigned char output[128];
mbedtls_rsa_context ctx;
mbedtls_mpi N, P, Q, E;
rnd_buf_info info;
@ -261,8 +261,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
@ -300,14 +300,14 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
int hash, data_t * message_str, char * salt,
data_t * result_str, int result )
{
unsigned char hash_result[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
((void) salt);
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
memset( hash_result, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );

View file

@ -14,7 +14,7 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N,
data_t * message_str, data_t * rnd_buf,
data_t * result_hex_str, int result )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx;
rnd_buf_info info;
mbedtls_mpi N, E;
@ -24,7 +24,7 @@ void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N,
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -54,7 +54,7 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P,
char * seed, data_t * message_str,
int result )
{
unsigned char output[1000];
unsigned char output[64];
mbedtls_rsa_context ctx;
size_t output_len;
rnd_pseudo_info rnd_info;
@ -66,7 +66,7 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P,
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@ -79,11 +79,12 @@ void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P,
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, 1000 ) == result );
TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, &output_len,
message_str->x, output,
sizeof( output ) ) == result );
if( result == 0 )
{
TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
}
@ -101,8 +102,8 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
data_t * message_str, data_t * rnd_buf,
data_t * result_hex_str, int result )
{
unsigned char hash_result[1000];
unsigned char output[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
unsigned char output[256];
mbedtls_rsa_context ctx;
rnd_buf_info info;
mbedtls_mpi N, P, Q, E;
@ -114,8 +115,8 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
@ -154,14 +155,14 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N,
int hash, data_t * message_str, char * salt,
data_t * result_str, int result )
{
unsigned char hash_result[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
((void) salt);
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash );
memset( hash_result, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -193,14 +194,14 @@ void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N,
data_t * result_str, int result_simple,
int result_full )
{
unsigned char hash_result[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context ctx;
size_t hash_len;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash );
memset( hash_result, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );

View file

@ -264,7 +264,7 @@ mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V1
RSA PKCS1 Decrypt #1 (Verify)
depends_on:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":0
mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0
RSA PKCS1 Encrypt #2 (Data too large)
depends_on:MBEDTLS_PKCS1_V15
@ -272,7 +272,7 @@ mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c
RSA PKCS1 Decrypt #2 (Data too small)
depends_on:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
RSA PKCS1 Decrypt #4 (Output buffer too small)
depends_on:MBEDTLS_PKCS1_V15

View file

@ -472,8 +472,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
char * input_N, int radix_E, char * input_E,
data_t * result_hex_str, int result )
{
unsigned char hash_result[1000];
unsigned char output[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
unsigned char output[256];
mbedtls_rsa_context ctx;
mbedtls_mpi N, P, Q, E;
rnd_pseudo_info rnd_info;
@ -482,8 +482,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( hash_result, 0x00, 1000 );
memset( output, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@ -524,14 +524,14 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
char * input_N, int radix_E, char * input_E,
data_t * result_str, int result )
{
unsigned char hash_result[1000];
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( hash_result, 0x00, 1000 );
memset( hash_result, 0x00, sizeof( hash_result ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -561,7 +561,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
int radix_N, char * input_N, int radix_E,
char * input_E, data_t * result_hex_str )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx;
mbedtls_mpi N, P, Q, E;
rnd_pseudo_info rnd_info;
@ -570,7 +570,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
@ -597,7 +597,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
{
int res;
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output) );
res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
&rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
@ -631,7 +631,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result,
char * input_N, int radix_E, char * input_E,
data_t * result_str, int correct )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
@ -692,7 +692,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
int radix_E, char * input_E,
data_t * result_hex_str, int result )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx;
rnd_pseudo_info rnd_info;
@ -702,7 +702,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -733,14 +733,14 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
int radix_E, char * input_E,
data_t * result_hex_str, int result )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx;
mbedtls_mpi N, E;
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -773,7 +773,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
int max_output, data_t * result_hex_str,
int result )
{
unsigned char output[1000];
unsigned char output[32];
mbedtls_rsa_context ctx;
size_t output_len;
rnd_pseudo_info rnd_info;
@ -784,7 +784,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
mbedtls_rsa_init( &ctx, padding_mode, 0 );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
@ -819,7 +819,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
char * input_N, int radix_E, char * input_E,
data_t * result_hex_str, int result )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
mbedtls_mpi N, E;
@ -827,7 +827,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
@ -851,7 +851,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
if( result == 0 )
{
@ -873,7 +873,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
char * input_E, data_t * result_hex_str,
int result )
{
unsigned char output[1000];
unsigned char output[256];
mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
mbedtls_mpi N, P, Q, E;
rnd_pseudo_info rnd_info;
@ -900,7 +900,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
/* repeat three times to test updating of blinding values */
for( i = 0; i < 3; i++ )
{
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
message_str->x, output ) == result );
if( result == 0 )
@ -917,7 +917,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
memset( output, 0x00, 1000 );
memset( output, 0x00, sizeof( output ) );
TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
message_str->x, output ) == result );
if( result == 0 )
@ -1581,11 +1581,11 @@ void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
int successive )
{
/* Exported buffers */
unsigned char bufNe[1000];
unsigned char bufPe[1000];
unsigned char bufQe[1000];
unsigned char bufDe[1000];
unsigned char bufEe[1000];
unsigned char bufNe[256];
unsigned char bufPe[128];
unsigned char bufQe[128];
unsigned char bufDe[256];
unsigned char bufEe[1];
mbedtls_rsa_context ctx;