yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-03 18:40:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mbedtls-1.3'

Browse source
This commit is contained in:
Simon Butcher 2017-03-10 20:37:11 +00:00
parent a750c771fb bb4bebc26a
commit e553ff2ab3
30 changed files with 326 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
ChangeLog
View file

@ -1,14 +1,54 @@
mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch xxxx-xx-xx
= mbed TLS 1.3.19 branch released 2017-03-08
Security
* Add checks to prevent signature forgeries for very large messages while
using RSA through the PK module in 64-bit systems. The issue was caused by
some data loss when casting a size_t to an unsigned int value in the
functions rsa_verify_wrap(), rsa_sign_wrap(), rsa_alt_sign_wrap() and
pk_sign(). Found by Jean-Philippe Aumasson.
* Fixed potential livelock during the parsing of a CRL in PEM format in
mbedtls_x509_crl_parse(). A string containing a CRL followed by trailing
characters after the footer could result in the execution of an infinite
loop. The issue can be triggered remotely. Found by Greg Zaverucha,
Microsoft.
* Fixed a bug that caused freeing a buffer that was allocated on the stack,
when verifying the validity of a key on secp224k1. This could be
triggered remotely for example with a maliciously constructed certificate
and potentially could lead to remote code execution on some platforms.
Reported independently by rongsaws and Regina Wilson. #569 CVE-2017-2784
Bugfix
* Fix output certificate verification flags set by x509_crt_verify_top() when
traversing a chain of trusted CA. The issue would cause both flags,
BADCERT_NOT_TRUSTED and BADCERT_EXPIRED, to be set when the verification
conditions are not met regardless of the cause. Found by Harm Verhagen and
inestlerode. #665 #561
* Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
the input string in PEM format to extract the different components. Found
by Eyal Itkin.
* Fix unused variable/function compilation warnings in pem.c and x509_csr.c
that are reported when building mbed TLS with a config.h that does not
define POLARSSL_PEM_PARSE_C. Found by omnium21. #562
* Fixed potential arithmetic overflow in ctr_drbg_reseed() that could cause
buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflows in cipher_update() that could cause
buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflow in md2_update() that could cause buffer
bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflow in base64_decode() that could cause
buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fix potential memory leak in x509_crl_parse(). The leak was caused by
missing calls to pem_free() in cases when a
POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT error was encountered. Found and
fix proposed by Guido Vranken. #722
* Fixed the templates used to generate project and solution files for Visual
Studio 2015 as well as the files themselves, to remove a build warning
generated in Visual Studio 2015. Reported by Steve Valliere. #742
* Fix 1 byte buffer overflow in mpi_write_string() when the MPI number to
write in hexadecimal is negative and requires an odd number of digits.
Found and fixed by Guido Vranken.
= mbed TLS 1.3.18 branch 2016-10-17

2
doxygen/input/doc_mainpage.h
View file

@ -4,7 +4,7 @@
*/
/**
* @mainpage mbed TLS v1.3.18 source code documentation
* @mainpage mbed TLS v1.3.19 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in

2
doxygen/mbedtls.doxyfile
View file

@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
PROJECT_NAME = "mbed TLS v1.3.18"
PROJECT_NAME = "mbed TLS v1.3.19"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or

8
include/polarssl/version.h
View file

@ -40,16 +40,16 @@
*/
#define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 3
#define POLARSSL_VERSION_PATCH 18
#define POLARSSL_VERSION_PATCH 19
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define POLARSSL_VERSION_NUMBER 0x01031200
#define POLARSSL_VERSION_STRING "1.3.18"
#define POLARSSL_VERSION_STRING_FULL "mbed TLS 1.3.18"
#define POLARSSL_VERSION_NUMBER 0x01031300
#define POLARSSL_VERSION_STRING "1.3.19"
#define POLARSSL_VERSION_STRING_FULL "mbed TLS 1.3.19"
#if defined(POLARSSL_VERSION_C)

12
library/CMakeLists.txt
View file

@ -117,7 +117,7 @@ endif()
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedtls SHARED ${src})
set_target_properties(mbedtls PROPERTIES VERSION 1.3.18 SOVERSION 9)
set_target_properties(mbedtls PROPERTIES VERSION 1.3.19 SOVERSION 9)
target_link_libraries(mbedtls ${libs})
@ -136,10 +136,18 @@ endif(USE_SHARED_MBEDTLS_LIBRARY)
if(UNIX)
add_custom_target(polarssl
DEPENDS mbedtls # TODO: and mbedtls_static is shared is defined
DEPENDS mbedtls
COMMAND ${CMAKE_SOURCE_DIR}/scripts/polarssl_symlinks.sh ${CMAKE_BINARY_DIR}/library
)
add_custom_target(lib
DEPENDS polarssl
)
set_directory_properties(PROPERTIES
ADDITIONAL_MAKE_CLEAN_FILES "${CMAKE_BINARY_DIR}/library/libpolarssl.a"
)
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
add_dependencies(polarssl mbedtls_static)
endif()

6
library/base64.c
View file

@ -198,7 +198,11 @@ int base64_decode( unsigned char *dst, size_t *dlen,
return( 0 );
}
n = ( ( n * 6 ) + 7 ) >> 3;
/* The following expression is to calculate the following formula without
* risk of integer overflow in n:
* n = ( ( n * 6 ) + 7 ) >> 3;
*/
n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
n -= j;
if( dst == NULL || *dlen < n )

7
library/bignum.c
View file

@ -538,7 +538,12 @@ int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen )
n = mpi_msb( X );
if( radix >= 4 ) n >>= 1;
if( radix >= 16 ) n >>= 1;
n += 3;
/*
* Round up the buffer length to an even value to ensure that there is
* enough room for hexadecimal values that can be represented in an odd
* number of digits.
*/
n += 3 + ( ( n + 1 ) & 1 );
if( *slen < n )
{

4
library/cipher.c
View file

@ -315,9 +315,9 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
* If there is not enough data for a full block, cache it.
*/
if( ( ctx->operation == POLARSSL_DECRYPT &&
ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
ilen <= cipher_get_block_size( ctx ) - ctx->unprocessed_len ) ||
( ctx->operation == POLARSSL_ENCRYPT &&
ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
ilen < cipher_get_block_size( ctx ) - ctx->unprocessed_len ) )
{
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
ilen );

3
library/ctr_drbg.c
View file

@ -277,7 +277,8 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
unsigned char seed[CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0;
if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT )
if( ctx->entropy_len > CTR_DRBG_MAX_SEED_INPUT ||
len > CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );

6
library/ecp_curves.c
View file

@ -1264,7 +1264,7 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs,
int ret;
size_t i;
mpi M, R;
t_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R];
t_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
if( N->n < p_limbs )
return( 0 );
@ -1286,7 +1286,7 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs,
memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( t_uint ) );
if( shift != 0 )
MPI_CHK( mpi_shift_r( &M, shift ) );
M.n += R.n - adjust; /* Make room for multiplication by R */
M.n += R.n; /* Make room for multiplication by R */
/* N = A0 */
if( mask != 0 )
@ -1308,7 +1308,7 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs,
memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( t_uint ) );
if( shift != 0 )
MPI_CHK( mpi_shift_r( &M, shift ) );
M.n += R.n - adjust; /* Make room for multiplication by R */
M.n += R.n; /* Make room for multiplication by R */
/* N = A0 */
if( mask != 0 )

2
library/md2.c
View file

@ -155,7 +155,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
while( ilen > 0 )
{
if( ctx->left + ilen > 16 )
if( ilen > 16 - ctx->left )
fill = 16 - ctx->left;
else
fill = ilen;

20
library/pem.c
View file

@ -250,7 +250,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
enc = 0;
if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
{
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
@ -263,22 +263,22 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
#if defined(POLARSSL_DES_C)
if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
{
enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC;
s1 += 23;
if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 )
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
s1 += 16;
}
else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
{
enc_alg = POLARSSL_CIPHER_DES_CBC;
s1 += 18;
if( pem_get_iv( s1, pem_iv, 8) != 0 )
if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 )
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
s1 += 16;
@ -286,9 +286,11 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
#endif /* POLARSSL_DES_C */
#if defined(POLARSSL_AES_C)
if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
{
if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
if( s2 - s1 < 22 )
return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
enc_alg = POLARSSL_CIPHER_AES_128_CBC;
else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
enc_alg = POLARSSL_CIPHER_AES_192_CBC;
@ -298,7 +300,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
s1 += 22;
if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 )
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
s1 += 32;
@ -317,7 +319,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
( POLARSSL_AES_C || POLARSSL_DES_C ) */
}
if( s1 == s2 )
if( s1 >= s2 )
return( POLARSSL_ERR_PEM_INVALID_DATA );
len = 0;

11
library/pk.c
View file

@ -30,6 +30,8 @@
#include "polarssl/pk.h"
#include "polarssl/pk_wrap.h"
#include "polarssl/bignum.h"
#if defined(POLARSSL_RSA_C)
#include "polarssl/rsa.h"
#endif
@ -40,6 +42,8 @@
#include "polarssl/ecdsa.h"
#endif
#include <limits.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
@ -208,6 +212,11 @@ int pk_verify_ext( pk_type_t type, const void *options,
int ret;
const pk_rsassa_pss_options *pss_opts;
#if defined(POLARSSL_HAVE_INT64)
if( md_alg == POLARSSL_MD_NONE && UINT_MAX < hash_len )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
#endif /* POLARSSL_HAVE_INT64 */
if( options == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
@ -231,7 +240,7 @@ int pk_verify_ext( pk_type_t type, const void *options,
return( 0 );
#else
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
#endif
#endif /* POLARSSL_RSA_C && POLARSSL_PKCS1_V21 */
}
/* General case: no options */

18
library/pk_wrap.c
View file

@ -31,6 +31,7 @@
/* Even if RSA not activated, for the sake of RSA-alt */
#include "polarssl/rsa.h"
#include "polarssl/bignum.h"
#include <string.h>
@ -50,6 +51,8 @@
#define polarssl_free free
#endif
#include <limits.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
@ -73,6 +76,11 @@ static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
{
int ret;
#if defined(POLARSSL_HAVE_INT64)
if( md_alg == POLARSSL_MD_NONE && UINT_MAX < hash_len )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
#endif /* POLARSSL_HAVE_INT64 */
if( sig_len < ((rsa_context *) ctx)->len )
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
@ -92,6 +100,11 @@ static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
#if defined(POLARSSL_HAVE_INT64)
if( md_alg == POLARSSL_MD_NONE && UINT_MAX < hash_len )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
#endif /* POLARSSL_HAVE_INT64 */
*sig_len = ((rsa_context *) ctx)->len;
return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
@ -411,6 +424,11 @@ static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
{
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
#if defined(POLARSSL_HAVE_INT64)
if( UINT_MAX < hash_len )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
#endif /* POLARSSL_HAVE_INT64 */
*sig_len = rsa_alt->key_len_func( rsa_alt->key );
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,

7
library/x509_crl.c
View file

@ -520,16 +520,17 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( ( ret = x509_crl_parse_der( chain,
pem.buf, pem.buflen ) ) != 0 )
{
pem_free( &pem );
return( ret );
}
pem_free( &pem );
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
else if( is_pem )
{
pem_free( &pem );
return( ret );
}
pem_free( &pem );
}
while( is_pem && buflen > 0 );

31
library/x509_crt.c
View file

@ -1775,6 +1775,7 @@ static int x509_crt_verify_top(
int ca_flags = 0, check_path_cnt;
unsigned char hash[POLARSSL_MD_MAX_SIZE];
const md_info_t *md_info;
x509_crt *future_past_ca = NULL;
if( x509_time_expired( &child->valid_to ) )
*flags |= BADCERT_EXPIRED;
@ -1823,16 +1824,6 @@ static int x509_crt_verify_top(
continue;
}
if( x509_time_expired( &trust_ca->valid_to ) )
{
continue;
}
if( x509_time_future( &trust_ca->valid_from ) )
{
continue;
}
if( pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
@ -1840,11 +1831,23 @@ static int x509_crt_verify_top(
continue;
}
if( x509_time_expired( &trust_ca->valid_to ) ||
x509_time_future( &trust_ca->valid_from ) )
{
if( future_past_ca == NULL )
future_past_ca = trust_ca;
continue;
}
break;
}
if( trust_ca != NULL || ( trust_ca = future_past_ca ) != NULL )
{
/*
* Top of chain is signed by a trusted CA
*/
*flags &= ~BADCERT_NOT_TRUSTED;
break;
}
/*
@ -1864,6 +1867,12 @@ static int x509_crt_verify_top(
((void) ca_crl);
#endif
if( x509_time_expired( &trust_ca->valid_to ) )
ca_flags |= BADCERT_EXPIRED;
if( x509_time_future( &trust_ca->valid_from ) )
ca_flags |= BADCERT_FUTURE;
if( NULL != f_vrfy )
{
if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1,

20
tests/data_files/crl-malformed-trailing-spaces.pem Normal file
View file

@ -0,0 +1,20 @@
-----BEGIN X509 CRL-----
MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ
b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz
MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G
A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO
TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg
Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW
svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm
56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U=
-----END X509 CRL-----
-----BEGIN X509 CRL-----
MIIBcTCB9wIBATAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2
MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu
BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD
IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwQDaQAwZgIxAL/VFrDIYUECsS0rVpAy
6zt/CqeAZ1sa/l5LTaG1XW286n2Kibipr6EpkYZNYIQILgIxAI0wb3Py1DHPWpYf
/BFBH7C3KYq+nWTrLeEnhrjU1LzG/CiQ8lnuskya6lw/P3lJ/A==
-----END X509 CRL-----

27
tests/data_files/test-ca2_cat-future-invalid.crt Normal file
View file

@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4
AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ
Xj09kLboxuemP40IIqhQnpYptMg=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw
DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH
qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2
+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw==
-----END CERTIFICATE-----

27
tests/data_files/test-ca2_cat-past-invalid.crt Normal file
View file

@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
Fw0wMzA5MjQxNTQ5NDhaFw0xMzA5MjQxNTQ5NDhaMD4xCzAJBgNVBAYTAk5MMREw
DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2
MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5
WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p
w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E
FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ
vH4kydv7NnwwDAYIKoZIzj0EAwIFAANpADBmAjEAvQ/49lXXrLYdOIGtTaYWjpZP
tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm
l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ
H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd
BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB
PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4
AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ
Xj09kLboxuemP40IIqhQnpYptMg=
-----END CERTIFICATE-----

2
tests/scripts/generate_code.pl
View file

@ -139,7 +139,7 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\//
$param_defs .= " char *param$i = params[$i];\n";
$param_checks .= " if( verify_string( &param$i ) != 0 ) return( 2 );\n";
push @dispatch_params, "param$i";
$mapping_regex .= ":[^:\n]+";
$mapping_regex .= ":(?:\\\\.|[^:\n])+";
}
else
{

12
tests/suites/test_suite_ecp.data
View file

@ -161,11 +161,19 @@ ecp_small_check_pub:10:25:1:POLARSSL_ERR_ECP_INVALID_KEY
ECP check pubkey Montgomery #1 (too big)
depends_on:POLARSSL_ECP_DP_M255_ENABLED
ecp_check_pub_mx:POLARSSL_ECP_DP_M255:"010000000000000000000000000000000000000000000000000000000000000000":POLARSSL_ERR_ECP_INVALID_KEY
ecp_check_pub:POLARSSL_ECP_DP_M255:"010000000000000000000000000000000000000000000000000000000000000000":"0":"1":POLARSSL_ERR_ECP_INVALID_KEY
ECP check pubkey Montgomery #2 (biggest)
depends_on:POLARSSL_ECP_DP_M255_ENABLED
ecp_check_pub_mx:POLARSSL_ECP_DP_M255:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":0
ecp_check_pub:POLARSSL_ECP_DP_M255:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF":"0":"1":0
ECP check pubkey Koblitz #1 (point not on curve)
depends_on:POLARSSL_ECP_DP_SECP224K1_ENABLED
ecp_check_pub:POLARSSL_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"1":POLARSSL_ERR_ECP_INVALID_KEY
ECP check pubkey Koblitz #2 (coordinate not affine)
depends_on:POLARSSL_ECP_DP_SECP224K1_ENABLED
ecp_check_pub:POLARSSL_ECP_DP_SECP224K1:"E2000000000000BB3A13D43B323337383935321F0603551D":"100101FF040830060101FF02010A30220603551D0E041B04636FC0C0":"101":POLARSSL_ERR_ECP_INVALID_KEY
ECP write binary #0 (zero, bad format)
depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED

7
tests/suites/test_suite_ecp.function
View file

@ -196,7 +196,7 @@ exit:
/* END_CASE */
/* BEGIN_CASE */
void ecp_check_pub_mx( int grp_id, char *key_hex, int ret )
void ecp_check_pub( int grp_id, char *x_hex, char *y_hex, char *z_hex, int ret )
{
ecp_group grp;
ecp_point P;
@ -206,8 +206,9 @@ void ecp_check_pub_mx( int grp_id, char *key_hex, int ret )
TEST_ASSERT( ecp_use_known_dp( &grp, grp_id ) == 0 );
TEST_ASSERT( mpi_read_string( &P.X, 16, key_hex ) == 0 );
TEST_ASSERT( mpi_lset( &P.Z, 1 ) == 0 );
TEST_ASSERT( mpi_read_string( &P.X, 16, x_hex ) == 0 );
TEST_ASSERT( mpi_read_string( &P.Y, 16, y_hex ) == 0 );
TEST_ASSERT( mpi_read_string( &P.Z, 16, z_hex ) == 0 );
TEST_ASSERT( ecp_check_pubkey( &grp, &P ) == ret );

3
tests/suites/test_suite_mpi.data
View file

@ -46,6 +46,9 @@ mpi_read_write_string:16:"":16:"00":4:0:0
Test mpi_read_write_string #9 (Empty MPI -> dec)
mpi_read_write_string:16:"":10:"0":4:0:0
Test mpi_write_string #10 (Negative hex with odd number of digits)
mpi_read_write_string:16:"-1":16:"":3:0:POLARSSL_ERR_MPI_BUFFER_TOO_SMALL
Base test mpi_read_binary #1
mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"

9
tests/suites/test_suite_pem.data
View file

@ -15,3 +15,12 @@ pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00010203040506
PEM write (exactly two lines + 1)
pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
PEM read (DES-EDE3-CBC + invalid iv)
pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":POLARSSL_ERR_PEM_INVALID_ENC_IV
PEM read (DES-CBC + invalid iv)
pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":POLARSSL_ERR_PEM_INVALID_ENC_IV
PEM read (unknown encryption algorithm)
pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG

24
tests/suites/test_suite_pem.function
View file

@ -3,12 +3,7 @@
#include "polarssl/pem.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:POLARSSL_PEM_WRITE_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C */
void pem_write_buffer( char *start, char *end, char *buf_str, char *result_str )
{
unsigned char buf[5000];
@ -38,3 +33,20 @@ exit:
polarssl_free( check_buf );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_AES_C:POLARSSL_DES_C:POLARSSL_MD5_C:POLARSSL_CIPHER_MODE_CBC */
void pem_read_buffer( char *header, char *footer, char *data, int ret )
{
pem_context ctx;
size_t use_len = 0;
pem_init( &ctx );
TEST_ASSERT( pem_read_buffer( &ctx, header, footer,
(const unsigned char *)data, NULL, 0,
&use_len ) == ret );
exit:
pem_free( &ctx );
}
/* END_CASE */

3
tests/suites/test_suite_pk.data
View file

@ -150,3 +150,6 @@ Check pair #5 (RSA vs EC)
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_RSA_C
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":POLARSSL_ERR_PK_TYPE_MISMATCH
RSA hash_len overflow (size_t vs unsigned int)
depends_on:POLARSSL_RSA_C:POLARSSL_HAVE_INT64
pk_rsa_overflow:

35
tests/suites/test_suite_pk.function
View file

@ -5,6 +5,9 @@
#include "polarssl/ecp.h"
#include "polarssl/rsa.h"
/* For detecting 64-bit compilation */
#include "polarssl/bignum.h"
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
#define RSA_KEY_SIZE 512
@ -414,6 +417,33 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_RSA_C:POLARSSL_HAVE_INT64 */
void pk_rsa_overflow( )
{
pk_context pk;
size_t hash_len = (size_t)-1;
pk_init( &pk );
TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
#if defined(POLARSSL_PKCS1_V21)
TEST_ASSERT( pk_verify_ext( POLARSSL_PK_RSASSA_PSS, NULL, &pk,
POLARSSL_MD_NONE, NULL, hash_len, NULL, 0 ) ==
POLARSSL_ERR_PK_BAD_INPUT_DATA );
#endif /* POLARSSL_PKCS1_V21 */
TEST_ASSERT( pk_verify( &pk, POLARSSL_MD_NONE, NULL, hash_len,
NULL, 0 ) == POLARSSL_ERR_PK_BAD_INPUT_DATA );
TEST_ASSERT( pk_sign( &pk, POLARSSL_MD_NONE, NULL, hash_len, NULL, 0,
rnd_std_rand, NULL ) == POLARSSL_ERR_PK_BAD_INPUT_DATA );
exit:
pk_free( &pk );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
void pk_rsa_alt( )
{
@ -461,6 +491,11 @@ void pk_rsa_alt( )
/* Test signature */
TEST_ASSERT( pk_sign( &alt, POLARSSL_MD_NONE, hash, sizeof hash,
sig, &sig_len, rnd_std_rand, NULL ) == 0 );
#if defined(POLARSSL_HAVE_INT64)
TEST_ASSERT( pk_sign( &alt, POLARSSL_MD_NONE, hash, (size_t)-1,
NULL, NULL, rnd_std_rand, NULL ) ==
POLARSSL_ERR_PK_BAD_INPUT_DATA );
#endif /* POLARSSL_HAVE_INT64 */
TEST_ASSERT( sig_len == RSA_KEY_LEN );
TEST_ASSERT( pk_verify( &rsa, POLARSSL_MD_NONE,
hash, sizeof hash, sig, sig_len ) == 0 );

4
tests/suites/test_suite_version.data
View file

@ -1,8 +1,8 @@
Check compiletime library version
check_compiletime_version:"1.3.18"
check_compiletime_version:"1.3.19"
Check runtime library version
check_runtime_version:"1.3.18"
check_runtime_version:"1.3.19"
Check for POLARSSL_VERSION_C
check_feature:"POLARSSL_VERSION_C":0

12
tests/suites/test_suite_x509parse.data
View file

@ -194,6 +194,10 @@ X509 CRL Information EC, SHA512 Digest
depends_on:POLARSSL_PEM_PARSE_C
x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n"
X509 CRL Malformed Input (trailing spaces at end of file)
depends_on:POLARSSL_PEM_PARSE_C
x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
X509 CSR Information RSA with MD4
depends_on:POLARSSL_PEM_PARSE_C
x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n"
@ -711,6 +715,14 @@ X509 Certificate verification #85 (Not yet valid CA and valid CA)
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_ECP_DP_SECP384R1_ENABLED
x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"NULL"
X509 Certificate verification #86 (Not yet valid CA and invalid CA)
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_ECP_DP_SECP384R1_ENABLED:POLARSSL_SHA1_C:POLARSSL_SHA256_C
x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_FUTURE:"NULL"
X509 Certificate verification #87 (Expired CA and invalid CA)
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_ECP_DP_SECP384R1_ENABLED:POLARSSL_SHA1_C:POLARSSL_SHA256_C
x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_EXPIRED:"NULL"
X509 Certificate verification callback: trusted EE cert
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECDSA_C:POLARSSL_SHA256_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
x509_verify_callback:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:"depth 0 - serial 53\:A2\:CB\:4B\:12\:4E\:AD\:83\:7D\:A8\:94\:B2 - subject CN=selfsigned, OU=testing, O=PolarSSL, C=NL\n"

16
tests/suites/test_suite_x509parse.function
View file

@ -167,6 +167,22 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRL_PARSE_C */
void x509_crl_parse( char *crl_file, int result )
{
x509_crl crl;
char buf[2000];
x509_crl_init( &crl );
memset( buf, 0, 2000 );
TEST_ASSERT( x509_crl_parse_file( &crl, crl_file ) == result );
exit:
x509_crl_free( &crl );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CSR_PARSE_C */
void x509_csr_info( char *csr_file, char *result_str )
{