Commit graph

5739 commits

Author SHA1 Message Date
Gilles Peskine 6147e86e5d
Merge pull request #3350 from gilles-peskine-arm/error-include-asn1-development
Include asn1.h in error.c
2020-05-28 15:09:20 +02:00
Gilles Peskine b1ccff8725
Merge pull request #2855 from irwir/fix_x509_crt.c
Remove non-working check from x509_get_subject_alt_name
2020-05-26 18:32:16 +02:00
Gilles Peskine deacf60f79
Merge pull request #3326 from kohnakagawa/fix/utf-8_encoding_bug
fix mbedtls_x509_dn_gets to show non-ASCII string properly
2020-05-25 14:18:48 +02:00
Gilles Peskine 583cd7f442 Re-generate error.c
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-25 12:23:55 +02:00
Ørjan Malde 479d8de31d Add support for midipix, a POSIX layer for Microsoft Windows
Signed-off-by: Ørjan Malde <orjan.malde@foxi.me>
2020-05-20 18:14:45 +00:00
Koh M. Nakagawa 46b8782a72 fix mbedtls_x509_dn_gets to escape non-ASCII characters
Signed-off-by: Koh M. Nakagawa <tsunekou1019@gmail.com>
2020-05-21 01:56:55 +09:00
Manuel Pégourié-Gonnard 5eae4dd08e
Merge pull request #3301 from Patater/inline-mbedtls_ecc_group_to_psa
psa: Define mbedtls_ecc_group_to_psa() inline
2020-05-19 09:06:04 +02:00
Gilles Peskine ee61b6601e
Merge pull request #3302 from gilles-peskine-arm/psa-lifetime-persistence-indicator
Define some structure for lifetime values
2020-05-14 16:13:20 +02:00
Gilles Peskine c39a80daee
Merge pull request #3312 from sander-visser/cleanup-nullptr-deref
Scope reduction to enable NULL check to protect dereferencing.
2020-05-11 21:59:07 +02:00
Gilles Peskine 2b04f4683b Update SE support to pass a location when registering a driver
Now that lifetimes have structures and secure element drivers handle
all the lifetimes with a certain location, update driver registration
to take a location as argument rather than a lifetime.

This commit updates the Mbed TLS implementation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:15:26 +02:00
Janos Follath 1a4a3f5924
Merge pull request #3311 from sander-visser/validate-tls-mac-key-len
Add variable initialization to large SSL TLS function
2020-05-11 09:39:01 +01:00
sander-visser 3888b03e31 Add variable initialization to large SSL TLS function.
change triggered by false positive reported by Cppcheck 1.89.

Signed-off-by: sander-visser <github@visser.se>
2020-05-07 20:23:05 +02:00
sander-visser b8aa2071f6 Scope reduction to enable NULL check to protect dereferencing.
Signed-off-by: sander-visser <github@visser.se>
2020-05-06 22:05:13 +02:00
sander-visser 1abe8ee554 Expose SSL HW record acceleration error.
Fix issue with variable shadowing.

Signed-off-by: sander-visser <github@visser.se>
2020-05-06 21:29:01 +02:00
Darryl Green 2f0eb51aae psa: Define mbedtls_ecc_group_to_psa() inline
On dual world platforms, we want to run the PK module (pk.c) on the NS
side so TLS can use PSA APIs via the PK interface. PK currently has a
hard dependency on mbedtls_ecc_group_to_psa() which is declared in
crypto_extra.h, but only defined in psa_crypto.c, which is only built
for the S side.

Without this change, dual world platforms get error messages like the
following.

    [Error] @0,0: L6218E: Undefined symbol mbedtls_ecc_group_to_psa (referred from BUILD/LPC55S69_NS/ARM/mbed-os/features/mbedtls/mbed-crypto/src/pk.o)

Make mbedtls_ecc_group_to_psa() inline within crypto_extra.h so that it
is available to both NS and S world code.

Fixes #3300

Signed-off-by: Darryl Green <darryl.green@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2020-05-05 12:41:48 +01:00
Jaeden Amero 1bde9cdf71 psa: Clear bits in mbedtls_ecc_group_to_psa()
Clear bits in mbedtls_ecc_group_to_psa() to avoid static analyzers and
possibly compilers from warning that bits may be used uninitialized in
certain code paths.

For example, if mbedtls_ecc_group_to_psa() were to be inlined in
crypto_extra.h, the following compiler warning is likely.

    In file included from ../include/psa/crypto.h:3774:0,
                     from ../include/mbedtls/pk.h:49,
                     from pk.c:29:
    pk.c: In function 'mbedtls_pk_wrap_as_opaque':
    ../include/psa/crypto_struct.h:460:33: error: 'bits' may be used uninitialized in this function [-Werror=maybe-uninitialized]
             attributes->core.bits = (psa_key_bits_t) bits;
                                     ^~~~~~~~~~~~~~~~~~~~~
    pk.c:608:12: note: 'bits' was declared here
         size_t bits;
                ^~~~

Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2020-05-05 12:41:41 +01:00
Gilles Peskine d9f694960f
Merge pull request #3190 from gilles-peskine-arm/config-full-clarify-development
Clarify that the full config enables everything that can be tested together
2020-05-04 12:29:09 +02:00
Manuel Pégourié-Gonnard 1d632c26a4
Merge pull request #3239 from opatomic/win2kdns
add support for win2k
2020-05-04 12:19:45 +02:00
Gilles Peskine 9515d76171
Merge pull request #3219 from aggarg/err_optimization
Remove error_description variable from strerr functions
2020-05-04 09:37:13 +02:00
danh-arm 3b1c072bfc
Merge pull request #3217 from irwir/fix_ssl_tls.c
Avoid re-assigning zero to `ret` variable.
2020-04-29 18:07:10 +01:00
danh-arm 924a1f2f47
Merge pull request #3147 from gocarlos/gocarlos-patch-1
cmake: add option to treat compiler warnings as errors
2020-04-29 17:14:48 +01:00
irwir 19dc7844ed Merge remote-tracking branch 'upstream/development' into fix_x509_crt.c
Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-27 18:01:08 +03:00
opatomic 2b2acf1111 add support for win2k
getaddrinfo() is not available on win2k. By including wspiapi.h (if
_WIN32_WINNT is defined as value < 0x0501) then a compatibility layer
will be used when running on win2k. For more details, refer to Microsoft
docs for getaddrinfo().

Signed-off-by: opatomic <j@opatomic.com>
2020-04-24 10:40:24 -04:00
Manuel Pégourié-Gonnard b1c8e41ae3
Merge pull request #3209 from aurel32/fix-ecp_double_add_mxz
Fix wrong modulo call in ecp_double_add_mxz
2020-04-24 09:28:17 +02:00
Aurelien Jarno 66deb38d64 Fix wrong modulo call in ecp_double_add_mxz
ecp_double_add_mxz wrongly does an MPI addition followed by a call to
MOD_MUL instead of MOD_ADD. This is more visible since the
mbedtls_mpi_xxx_mod functions have been added in commit 3b3b34f608
("Replace some macros by functions").

Fix that by using mbedtls_mpi_add_mod instead. The testsuite still
passes after that change.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2020-04-23 23:16:11 +02:00
Gaurav Aggarwal cabde25289 Align with coding style
return statements use parentheses to contain their value.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-22 08:13:25 -07:00
Kenneth Soerensen 518d435e7b Fix GCC format-signedness warnings
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2020-04-22 16:01:48 +02:00
Manuel Pégourié-Gonnard 6bd4c79999
Merge pull request #3150 from irwir/fix_ssl_srv
Simplify checks in ssl_write_certificate_request
2020-04-22 09:31:00 +02:00
Gaurav Aggarwal 8663c7415a Remove error_description variable from strerr functions
This was suggested on this PR: https://github.com/ARMmbed/mbedtls/pull/3176

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-21 14:04:19 -07:00
irwir d3085ab2b8 Avoid re-assigning zero to ret variable.
Resolve #3182.

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-21 22:26:59 +03:00
Gilles Peskine 5cac337228
Merge pull request #3208 from irwir/fix_md.c
Fix "same actions in two cases of a switch statement" warning
2020-04-21 16:25:20 +02:00
Gilles Peskine dc9c47da6c
Merge pull request #3176 from aggarg/development
Add support for const error description strings
2020-04-21 13:57:11 +02:00
irwir c9bc300724 Simplify bounds check in ssl_write_certificate_request
It is sufficient to check for the strongest limit only. Using a smaller
type ensures there is no overflow (assuming size_t is at least 32 bits).

Fixes #2916

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-21 14:51:08 +03:00
Gaurav Aggarwal 6ea4fc7b53 Address review comments
1. The functions mbedtls_high_level_strerr and mbedtls_low_level_strerr
   accept any error code and extract the high-level and low-level parts
   respectively.
2. Documentation updates.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-20 16:03:46 -07:00
Gilles Peskine 1a75d0c155 Strict C99: don't use an anonymous union field
GCC and Clang accept anonymous union fields, but this is not valid ISO
C. Use a named field.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:36 +02:00
Gilles Peskine 01fd875b32 Strict C99: Don't repeat the typedef for psa_se_drv_table_entry_t
GCC and Clang accept
```
typedef struct foo foo_t;
typedef struct foo { ... } foo_t;
```
But this is not valid ISO C due to the redefinition of `foo_t`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:35 +02:00
irwir f0fec77e3e Fix "same actions in two cases of a switch statement" warning
Resolves #3202

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-20 13:56:09 +03:00
irwir 74aee1c757 Remove non-working check from x509_get_subject_alt_name (#2802)
FIx one comment.

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-19 00:55:53 +03:00
Manuel Pégourié-Gonnard 10a5b535f1 Sort lists in Makefiles and have one item per line
A file generated based on the output of `make list` from programs has been
re-generated.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:57:50 +02:00
Jaeden Amero 31f4cd9de2
Merge pull request #3192 from AndrzejKurek/max_pathlen_overflow
Guard from undefined behaviour in case of an INT_MAX max_pathlen
2020-04-16 16:29:44 +01:00
Andrzej Kurek 1605074f97
Guard from undefined behaviour in case of an INT_MAX max_pathlen
When parsing a certificate with the basic constraints extension
the max_pathlen that was read from it was incremented regardless
of its value. However, if the max_pathlen is equal to INT_MAX (which
is highly unlikely), an undefined behaviour would occur.
This commit adds a check to ensure that such value is not accepted
as valid. Relevant tests for INT_MAX and INT_MAX-1 are also introduced.
Certificates added in this commit were generated using the
test_suite_x509write, function test_x509_crt_check. Input data taken 
from the "Certificate write check Server1 SHA1" test case, so the generated
files are like the "server1.crt", but with the "is_ca" field set to 1 and
max_pathlen as described by the file name.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-15 06:15:45 -04:00
Janos Follath a18c4f35c9
Merge pull request #686 from ARMmbed/merge-2.22.0-release-to-development
Merge 2.22.0 release to development
2020-04-14 16:21:53 +01:00
Manuel Pégourié-Gonnard 5d318cc22b
Merge pull request #3130 from gbryant-arm/generic-psk
Clarify and simplify PSK
2020-04-14 10:54:01 +02:00
Janos Follath ac15f842a5 Merge remote-tracking branch 'restricted/pr/684' into mbedtls-2.22.0r0 2020-04-14 08:16:27 +01:00
Gaurav Aggarwal 3d02db23e8 Add auto-generated code markers
The presence of these markers in the original code was helpful to me in
figuring out that this portion of the code is auto-generated.
Therefore, I think those are useful and should be present.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-11 17:14:03 -07:00
Gaurav Aggarwal a4a2aa5169 Address review comments
- Use switch case instead of loop to generate faster code
- Add #if defined to address compiler error

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-09 11:58:24 -07:00
Jaeden Amero 66e21efe47
Merge pull request #3163 from AndrzejKurek/variable-buffers-renegotiation
Variable buffers & renegotiation - fixes
2020-04-09 12:11:02 +01:00
Manuel Pégourié-Gonnard 28482397d3 Merge branch 'development-restricted' into prepare-rc-2.22.0-updated
* development-restricted:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 12:17:11 +02:00
Manuel Pégourié-Gonnard 215d2e14a3 Merge remote-tracking branch 'restricted/pr/662' into development-restricted
* restricted/pr/662:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 11:53:01 +02:00
Gaurav Aggarwal a9f64006ea Add support for const error description strings
Problem
-------
mbedtls_strerror is a utility function which converts an mbedTLS error code
into a human readable string. It requires the caller to allocate a buffer every
time an error code needs to be converted to a string. It is an overkill and a
waste of RAM for resource constrained microcontrollers - where the most common
use case is to use these strings for logging.

Solution
--------
The proposed commit adds two functions:

* const char * mbedtls_high_level_strerr( int error_code );
* const char * mbedtls_low_level_strerr( int error_code );

The above two functions convert the high level and low level parts of an mbedTLS
error code to human readable strings. They return a const pointer to an
unmodifiable string which is not supposed to be modified by the caller and only
to be used for logging purposes. The caller no longer needs to allocate a
buffer.

Backward Compatibility
----------------------
The proposed change is completely backward compatible as it does not change
the existing mbedtls_strerror function and ensures that it continues to behave
the same way.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-09 01:44:52 -07:00