Merge remote-tracking branch 'public/pr/1771' into mbedtls-2.1

This commit is contained in:
Simon Butcher 2018-06-28 11:38:18 +01:00
commit e5828ce06c
23 changed files with 70 additions and 89 deletions

View file

@ -1461,7 +1461,7 @@ Features
issuer_key_identifier, etc) issuer_key_identifier, etc)
* Optional blinding for RSA, DHM and EC * Optional blinding for RSA, DHM and EC
* Support for multiple active certificate / key pairs in SSL servers for * Support for multiple active certificate / key pairs in SSL servers for
the same host (Not to be confused with SNI!) the same host (Not to be confused with SNI!)
Changes Changes
* Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 * Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2
@ -1692,7 +1692,7 @@ Changes
PKCS#8 private key formats PKCS#8 private key formats
* Added mechanism to provide alternative implementations for all * Added mechanism to provide alternative implementations for all
symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in
config.h) config.h)
* PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated * PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module old PBKDF2 module
@ -1704,7 +1704,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly * ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM instead of the x509parse_crt() wrapper that can also parse PEM
certificates certificates
* x509parse_crtpath() is now reentrant and uses more portable stat() * x509parse_crtpath() is now reentrant and uses more portable stat()
* Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
@ -1862,7 +1862,7 @@ Bugfix
* mpi_exp_mod() now correctly handles negative base numbers (Closes ticket * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
#52) #52)
* Handle encryption with private key and decryption with public key as per * Handle encryption with private key and decryption with public key as per
RFC 2313 RFC 2313
* Handle empty certificate subject names * Handle empty certificate subject names
* Prevent reading over buffer boundaries on X509 certificate parsing * Prevent reading over buffer boundaries on X509 certificate parsing
* mpi_add_abs() now correctly handles adding short numbers to long numbers * mpi_add_abs() now correctly handles adding short numbers to long numbers
@ -1893,7 +1893,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly * ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM instead of the x509parse_crt() wrapper that can also parse PEM
certificates certificates
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
* ssl_write_certificate_request() can handle empty ca_chain * ssl_write_certificate_request() can handle empty ca_chain
@ -1974,16 +1974,16 @@ Bugfix
Features Features
* Added ssl_session_reset() to allow better multi-connection pools of * Added ssl_session_reset() to allow better multi-connection pools of
SSL contexts without needing to set all non-connection-specific SSL contexts without needing to set all non-connection-specific
data and pointers again. Adapted ssl_server to use this functionality. data and pointers again. Adapted ssl_server to use this functionality.
* Added ssl_set_max_version() to allow clients to offer a lower maximum * Added ssl_set_max_version() to allow clients to offer a lower maximum
supported version to a server to help buggy server implementations. supported version to a server to help buggy server implementations.
(Closes ticket #36) (Closes ticket #36)
* Added cipher_get_cipher_mode() and cipher_get_cipher_operation() * Added cipher_get_cipher_mode() and cipher_get_cipher_operation()
introspection functions (Closes ticket #40) introspection functions (Closes ticket #40)
* Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator * Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
* Added a generic entropy accumulator that provides support for adding * Added a generic entropy accumulator that provides support for adding
custom entropy sources and added some generic and platform dependent custom entropy sources and added some generic and platform dependent
entropy sources entropy sources
Changes Changes
* Documentation for AES and Camellia in modes CTR and CFB128 clarified. * Documentation for AES and Camellia in modes CTR and CFB128 clarified.
@ -2116,7 +2116,7 @@ Bugfixes
* Corrected parsing of UTCTime dates before 1990 and * Corrected parsing of UTCTime dates before 1990 and
after 1950 after 1950
* Support more exotic OID's when parsing certificates * Support more exotic OID's when parsing certificates
(found by Mads Kiilerich) (found by Mads Kiilerich)
* Support more exotic name representations when parsing * Support more exotic name representations when parsing
certificates (found by Mads Kiilerich) certificates (found by Mads Kiilerich)
* Replaced the expired test certificates * Replaced the expired test certificates
@ -2146,7 +2146,7 @@ Note: Most of these features have been donated by Fox-IT
status, objects and configuration status, objects and configuration
+ Added verification callback on certificate chain + Added verification callback on certificate chain
verification to allow external blacklisting verification to allow external blacklisting
+ Additional example programs to show usage + Additional example programs to show usage
* Added support for PKCS#11 through the use of the * Added support for PKCS#11 through the use of the
libpkcs11-helper library libpkcs11-helper library

2
include/mbedtls/ssl.h Executable file → Normal file
View file

@ -1587,7 +1587,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
* *
* \param ssl SSL context * \param ssl SSL context
* \param hostname the server hostname, may be NULL to clear hostname * \param hostname the server hostname, may be NULL to clear hostname
*
* \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN. * \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
* *
* \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on * \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on

View file

@ -205,7 +205,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
int ret; int ret;
size_t len = 0; size_t len = 0;
// TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit // DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers. // should be 0 for positive numbers and 1 for negative numbers.
// //

View file

@ -1890,8 +1890,6 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
} }
// TODO: Retrieve PSK identity hint and callback to app
//
*p += len; *p += len;
ret = 0; ret = 0;
@ -2464,9 +2462,6 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
goto exit; goto exit;
} }
// TODO: handshake_failure alert for an anonymous server to request
// client authentication
/* /*
* struct { * struct {
* ClientCertificateType certificate_types<1..2^8-1>; * ClientCertificateType certificate_types<1..2^8-1>;
@ -2538,7 +2533,6 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
{ {
/* Ignored, see comments about hash in write_certificate_verify */ /* Ignored, see comments about hash in write_certificate_verify */
// TODO: should check the signature part against our pk_key though
size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
#if defined(MBEDTLS_DEBUG_C) #if defined(MBEDTLS_DEBUG_C)
@ -2580,7 +2574,6 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* Ignore certificate_authorities, we only have one cert anyway */ /* Ignore certificate_authorities, we only have one cert anyway */
// TODO: should not send cert if no CA matches
dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );

View file

@ -3744,7 +3744,6 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl )
return( ret ); return( ret );
} }
// TODO: what's the purpose of these lines? is in_len used?
ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 ); ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 );
ssl->in_len[1] = (unsigned char)( ssl->in_msglen ); ssl->in_len[1] = (unsigned char)( ssl->in_msglen );
} }
@ -5170,7 +5169,6 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint );
// TODO TLS/1.2 Hash length is determined by cipher suite (Page 63)
hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12; hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12;
#if defined(MBEDTLS_SSL_RENEGOTIATION) #if defined(MBEDTLS_SSL_RENEGOTIATION)

View file

@ -522,9 +522,6 @@ static int x509_get_subject_alt_name( unsigned char **p,
/* /*
* X.509 v3 extensions * X.509 v3 extensions
* *
* TODO: Perform all of the basic constraints tests required by the RFC
* TODO: Set values for undetected extensions to a sane default?
*
*/ */
static int x509_get_crt_ext( unsigned char **p, static int x509_get_crt_ext( unsigned char **p,
const unsigned char *end, const unsigned char *end,
@ -1638,12 +1635,6 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
if( ca == NULL ) if( ca == NULL )
return( flags ); return( flags );
/*
* TODO: What happens if no CRL is present?
* Suggestion: Revocation state should be unknown if no CRL is present.
* For backwards compatibility this is not yet implemented.
*/
while( crl_list != NULL ) while( crl_list != NULL )
{ {
if( crl_list->version == 0 || if( crl_list->version == 0 ||

View file

@ -214,7 +214,6 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
mbedtls_x509_csr_free( csr ); mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
} }
// TODO Parse Attributes / extension requests
p += len; p += len;

0
tests/scripts/run-test-suites.pl Normal file → Executable file
View file

View file

@ -53,3 +53,4 @@ void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
mbedtls_ssl_free( &ssl ); mbedtls_ssl_free( &ssl );
} }
/* END_CASE */ /* END_CASE */

View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

View file

@ -44,11 +44,11 @@ To build and run this example you must have:
7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 7. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
8. Press the Reset button on the board. 8. Press the Reset button on the board.