Commit graph

1810 commits

Author SHA1 Message Date
Ron Eldor ef72faf2bb Style fixes
1. Adjust to 80 colums where possible.
2. Add \ remove spaces where needed.
3. Fix alignments.

Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Ron Eldor 311b95aafe Fix compilation errors
Fix compilation errors when `MBEDTLS_DTLS_SRTP` not set
1. Add file missed in previous commmit.
2. In sample applications, set `DFL_FORCE_SRTP_PROFILE` to 0.

Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Ron Eldor 12c6eaddd5 Fix mki issues
1. Set correct mki from the `use_srtp` extension.
2. Use mki value received from the client as the mki used by server.
3. Use `mbedtls_ssl_dtls_srtp_set_mki_value()` as a client API only.

Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Ron Eldor 6ea64518ad Add dtls-srtp to client and server examples
Add dtls-srtp to `ssl_client2` and `ssl_server2` examples,
for reference and for allowing in tests.

Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2020-10-29 01:14:49 +01:00
Gilles Peskine 935b4f96f9
Merge pull request #3407 from RcColes/development
Increase compatibility with external cmake
2020-10-28 12:29:14 +01:00
Gilles Peskine 2d0b7231f7
Merge pull request #3712 from jdurkop/psa-crypto-config-ecdsa-3670
Introduce MBEDTLS_PSA_CRYPTO_CONFIG and use it for ECDSA
2020-10-27 17:40:04 +01:00
Steven Cooreman 88ebb2d7d0 Include public and public-ish PSA headers in CPP check
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-10-22 11:55:50 +02:00
Nayna Jain d696e7d91e programs/ssl: Fix incorrect EOF check in ssl_context_info.c
In `read_next_b64_code()`, the result of fgetc() is stored into a char,
but later compared against EOF, which is generally -1.  On platforms
where char is unsigned, this generates a compiler warning/error that the
comparison will never be true (causing a build failure).  The value will
never match, with the function ultimately bailing with a "Too many bad
symbols are detected" error.

On platforms with signed char, EOF is detected, but a file containing a
0xFF character will causes a premature end of file exit of the loop.

Fix this by changing the result to an int.

Fixes #3794.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: David Brown <david.brown@linaro.org>
2020-10-20 13:31:32 -06:00
Raef Coles 995c66f702 Build: Add MBEDTLS_TARGET_PREFIX
Allows required targets to have prefixes added to them, so that external
projects can avoid target names clashing.

Signed-off-by: Raef Coles <raef.coles@arm.com>
2020-10-20 13:44:44 +01:00
Ronald Cron 8f24a8bb34
Merge pull request #3595 from gilles-peskine-arm/cert-gen-cleanup-202008-development
Minor cleanups in certificate generation
2020-10-15 13:32:53 +02:00
Gilles Peskine ef94c4fcf4
Merge pull request #3474 from ronald-cron-arm/common-mbedtls_param_failed
Common mbedtls_param_failed()
2020-10-06 22:15:42 +02:00
gabor-mezei-arm de47217580
Do not print any messages if query_config option is used
To preserve the behaviour of the query_config option all message
is omitted it it is used.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-10-05 11:34:50 +02:00
gabor-mezei-arm f1f7b29d76
Fix overiding of return value.
If MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED is defined, then the return value will be overridden by the extra code running after the removed return instruction.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-10-05 11:34:50 +02:00
gabor-mezei-arm 785958577e
Use goto exit instead of direct return
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-10-05 11:34:50 +02:00
gabor-mezei-arm a9eecf1b19
If query_config is used only the config value is printed.
The extra code running after the removed return instruction should not generate any output. Only the read config value must be printed.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-10-05 11:34:41 +02:00
John Durkop 2542c21ba8 Add MBEDTLS_PSA_CRYPTO_CONFIG to test program
Since the recent changes required the addition of a new definition
in mbedtls/config.h, we also need to update query_config.c to account
for the new MBEDTLS_PSA_CRYPTO_CONFIG setting.

Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-09-24 21:06:35 -07:00
Cameron Nemo e18d09de37 fix(programs/psa): commit python3 generated file
Python should not be required for the build when the no_test target is
used. This commit adds the generated file to the source tree and the
check-generated-files script, and removes the generation from (c)make.

Fixes #3524

Signed-off-by: Cameron Nemo <cnemo@tutanota.com>
2020-09-24 20:57:46 -07:00
Gilles Peskine dc57c25e30
Merge pull request #3527 from ronald-cron-arm/key-extended-id
PSA key identifiers rework
2020-09-15 16:06:06 +02:00
Dave Rodgman e5874e1903
Merge pull request #3525 from HowJMay/typo
Fix typo in comment
2020-09-10 12:39:25 +01:00
HowJMay ccbd622ed7 Fix typo in comment
Fix typo in program/pkey/ecdh_curve25519.c

Signed-off-by: HowJMay <vulxj0j8j8@gmail.com>
2020-09-10 08:25:36 +08:00
Steven Cooreman 0d59f7b092 Add configuration flag MBEDTLS_PSA_CRYPTO_DRIVERS
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-04 14:22:26 +02:00
Steven Cooreman a70d588f74 Add initial test driver conforming to the new spec
Also adjusted the different makefiles accordingly.
Note: driver lifetime is currently statically defined in the header, but
this will be replaced in the future based on autogeneration of lifetime
values by a script (TBD)

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-04 14:22:26 +02:00
Ronald Cron 71016a9ea7 psa: Rename psa_key_file_id_t to mbedtls_svc_key_id_t
With PSA crypto v1.0.0, a volatile key identifier may
contain a owner identifier but no file is associated
to it. Thus rename the type psa_key_file_id_t to
mbedtls_svc_key_id_t to avoid a direct link with a
file when a key identifier involves an owner
identifier.

The new type name is prefixed by mbedtls to highlight
that the type is specific to Mbed TLS implementation
and not defined in the PSA Cryptography API
specification.

The svc in the type name stands for service as this
is the key identifier type from the point of view of
the service providing the Cryptography services.
The service can be completely provided by the present
library or partially in case of a multi-client service.

As a consequence rename as well:
. MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER to
  MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
. PSA_KEY_ID_INIT to MBEDTLS_SVC_KEY_ID_INIT
. PSA_KEY_FILE_GET_KEY_ID to MBEDTLS_SVC_KEY_ID_GET_KEY_ID
. psa_key_file_id_make to mbedtls_svc_key_id_make

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-09-02 14:27:07 +02:00
Janos Follath d2ce916b58 Merge branch 'development-restricted' 2020-08-26 14:15:34 +01:00
Janos Follath d4ac4e037b
Merge pull request #736 from mpg/cf-varpos-copy-dev-restricted
Constant-flow copy of HMAC from variable position
2020-08-25 14:35:55 +01:00
Gilles Peskine ed19762a22
Merge pull request #3574 from makise-homura/e2k_support
Support building on e2k (Elbrus) architecture
2020-08-25 09:46:36 +02:00
Manuel Pégourié-Gonnard 6edfe60e0d
Merge pull request #2182 from hanno-arm/key_pwd
Add support for password protected key files to ssl_server2 and ssl_client2
2020-08-24 09:42:38 +02:00
makise-homura e014fece50 Don't forget to free G, P, Q, ctr_drbg, and entropy
I might be wrong, but lcc's optimizer is curious about this,
and I am too: shouldn't we free allocated stuff correctly
before exiting `dh_genprime` in this certain point of code?

Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-22 23:56:46 +03:00
Gilles Peskine 384e274670 cert_req: discover hash algorithms automatically
Discover hash algorithms automatically rather than hard-coding a list,
as was previously done in cert_write.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-21 20:43:32 +02:00
Gilles Peskine 18292fe205 cert_write: discover hash algorithms automatically
Discover hash algorithms automatically rather than hard-coding a list.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-21 20:42:32 +02:00
Dan Handley abccfc1684 Merge development into development-restricted
* development:
  Update copyright notices to use Linux Foundation guidance
  Undef ASSERT before defining it to ensure that no previous definition has sneaked in through included files.
  Add ChangeLog entry for X.509 CN-type vulnerability
  Improve documentation of cn in x509_crt_verify()
  Fix comparison between different name types
  Add test: DNS names should not match IP addresses
  Remove obsolete buildbot reference in compat.sh
  Fix misuse of printf in shell script
  Fix added proxy command when IPv6 is used
  Simplify test syntax
  Fix logic error in setting client port
  ssl-opt.sh: include test name in log files
  ssl-opt.sh: remove old buildbot-specific condition
  ssl-opt.sh: add proxy to all DTLS tests

Signed-off-by: Dan Handley <dan.handley@arm.com>
2020-08-20 11:07:12 +01:00
Manuel Pégourié-Gonnard 73afa37507 Add option to test constant-flow with valgrind
Currently the new component in all.sh fails because
mbedtls_ssl_cf_memcpy_offset() is not actually constant flow - this is on
purpose to be able to verify that the new test works.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-20 10:22:41 +02:00
Bence Szépkúti 1e14827beb Update copyright notices to use Linux Foundation guidance
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.

Also remove the now-redundant lines declaring that the files are part of
MbedTLS.

This commit was generated using the following script:

# ========================
#!/bin/sh

# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '

# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I

# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-08-19 10:35:41 +02:00
Hanno Becker 2d3ac68336 Parse key-file and -password parameters in same place in ssl_client2
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 09:44:44 +01:00
Hanno Becker bffa54f4eb Add usage string for key_pwd argument in ssl_client2 program
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 09:44:41 +01:00
Hanno Becker 34ce81f896 Avoid overly long usage string literal in ssl_server2 program
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 09:40:54 +01:00
Hanno Becker ca04fdc2cc Add support for password protected key file to ssl_client2
The example application programs/ssl/ssl_client2 allows the
configuration of a client CRT through the parameters
- crt_file, key_file
However, password protected key files are not supported.

This commit adds a new command line option
- key_pwd
which allow to specify a password for the key file specified
in the key_file parameter.
2020-08-14 09:58:51 +01:00
Hanno Becker e58a630cb0 Add support for password protected key file to ssl_server2
The example application programs/ssl/ssl_server2 allows the
configuration of up to two CRTs through the command line
parameters
- crt_file, key_file
- crt_file2, key_file2.
However, password protected key files are not supported.

This commit adds command line options
- key_pwd
- key_pwd2
which allow to specify passwords for the key files specified
in key_file and key_file2, respectively.
2020-08-14 09:58:51 +01:00
Manuel Pégourié-Gonnard eaa0739143
Merge pull request #716 from mpg/ct-varlen-hmac
Add constant-flow variable-length HMAC function
2020-08-10 12:40:33 +02:00
Manuel Pégourié-Gonnard 6240defd17 Add MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
This option allows to test the constant-flow nature of selected code, using
MemSan and the fundamental observation behind ctgrind that the set of
operations allowed on undefined memory by dynamic analysers is the same as the
set of operations allowed on secret data to avoid leaking it to a local
attacker via side channels, namely, any operation except branching and
dereferencing.

(This isn't the full story, as on some CPUs some instructions have variable
execution depending on the inputs, most notably division and on some cores
multiplication. However, testing that no branch or memory access depends on
secret data is already a good start.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-07-15 12:26:22 +02:00
Paul Elliott 75e27032d3 Rename DH Family Macros According to PSA Spec
Rename PSA_DH_GROUP_xxx to PSA_DH_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_GROUP to PSA_KEY_TYPE_DH_GET_FAMILY and rename
psa_dh_group_t to psa_dh_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 16:59:49 +01:00
Paul Elliott 8ff510ac26 Rename ECC Family Macros According to PSA Spec
Rename PSA_ECC_CURVE_xxx to PSA_ECC_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_CURVE to PSA_KEY_TYPE_ECC_GET_FAMILY and rename
psa_ecc_curve_t to psa_ecc_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 16:59:30 +01:00
Ronald Cron a123614699 tests: Move mbedtls_param_failed() to test common code
This makes the implementation of mbedtls_param_failed()
for testing purpose available to programs. Thus removing
the ad-hoc implementations in programs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-02 09:59:38 +02:00
Janos Follath be9a5752c2 Merge tag 'mbedtls-2.23.0' into merge-2.23.0-release-to-development
Mbed TLS 2.23.0
2020-07-01 11:23:17 +01:00
Ronald Cron 00890e3d10 programs: psa: Link against mbedcrypto not mbedtls
All programs in programs/psa are crypto only thus
just link against mbedcrypto instead of mbedtls.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron 7d8661618b Use mbedtls_test_unhexify in programs
Use mbedtls_test_unhexify in programs instead of ad-hoc
implementations.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron 8dc0af2d4b programs: Link to tests common code
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron bfd45f1f11 programs: cmake: Use list of executables
Use list of executables to:
- factorize the code to define executables
- highlight the similarities and differences of the executable definitions
- avoid list duplication

Use alphabetic order for executables in lists.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:34:35 +02:00
Ronald Cron 0b90c9d747 programs: cmake: Fix relative path warnings
The path to source files were relative which triggered
warnings when generating the build system.

Move to absolute paths based on CMAKE_CURRENT_SOURCE_DIR.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:34:35 +02:00
Ronald Cron 27731130cf programs: ssl: cmake: Add missing executables
Add the executables missing in the list of executables
to install.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:34:11 +02:00
Ronald Cron 5df1be91f3 programs: ssl: cmake: Reorder declaration of executables
Reorder declaration of executables in alphabetic order.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:33:04 +02:00
Janos Follath 4d1884916b Merge branch 'development-restricted' into mbedtls-2.23.0r0 2020-06-25 09:17:25 +01:00
Gilles Peskine e81dc00df4
Merge pull request #3422 from niacat/net-sockets-fixes
NetBSD 9.0 build fixes
2020-06-22 23:33:53 +02:00
Janos Follath 0c00407432
Merge pull request #3430 from bensze01/license
[Forward-port] Add Apache-2.0 headers to all source files
2020-06-18 15:54:26 +01:00
Manuel Pégourié-Gonnard d335f2b6cb
Merge pull request #3421 from niacat/posix_c_source
Define _POSIX_C_SOURCE to be 200112L, as a minimum for C99.
2020-06-18 13:01:38 +02:00
Bence Szépkúti 869746577a Add Apache-2.0 headers to all source files
Also normalize the first line of the copyright headers.

This commit was generated using the following script:

# ========================
#!/bin/sh

# Find scripts
find -path './.git' -prune -o '(' -name '*.c' -o -name '*.cpp' -o -name '*.fmt' -o -name '*.h' ')' -print | xargs sed -i '

# Normalize the first line of the copyright headers (no text on the first line of a block comment)
/^\/\*.*Copyright.*Arm/I {
  i\
/*
  s/^\// /
}

/Copyright.*Arm/I {

  # Print copyright declaration
  p

  # Read the two lines immediately following the copyright declaration
  N
  N

  # Insert Apache header if it is missing
  /SPDX/! i\
 *  SPDX-License-Identifier: Apache-2.0\
 *\
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may\
 *  not use this file except in compliance with the License.\
 *  You may obtain a copy of the License at\
 *\
 *  http://www.apache.org/licenses/LICENSE-2.0\
 *\
 *  Unless required by applicable law or agreed to in writing, software\
 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
 *  See the License for the specific language governing permissions and\
 *  limitations under the License.

  # Clear copyright declaration from buffer
  D
}
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-06-16 17:38:44 +02:00
Bence Szépkúti c7da1fe381 Add Apache-2.0 headers to all scripts
This commit was generated using the following script:

# ========================
#!/bin/sh

# Find scripts
find -path './.git' -prune -o '(' -name '*.gdb' -o -name '*.pl' -o -name '*.py' -o -name '*.sh' ')' -print | xargs sed -i '

# Remove Mbed TLS declaration if it occurs before the copyright line
1,/Copyright.*Arm/I {
  /This file is part of/,$ {
    /Copyright.*Arm/I! d
  }
}

# Convert non-standard header in scripts/abi_check.py to the format used in the other scripts
/"""/,/"""/ {

  # Cut copyright declaration
  /Copyright.*Arm/I {
    h
    N
    d
  }

  # Paste copyright declaration
  /"""/ {
    x
    /./ {
      s/^/# /    # Add #
      x          # Replace orignal buffer with Copyright declaration
      p          # Print original buffer, insert newline
      i\

      s/.*//     # Clear original buffer
    }
    x
  }
}

/Copyright.*Arm/I {

  # Print copyright declaration
  p

  # Read the two lines immediately following the copyright declaration
  N
  N

  # Insert Apache header if it is missing
  /SPDX/! {
    i\
# SPDX-License-Identifier: Apache-2.0\
#\
# Licensed under the Apache License, Version 2.0 (the "License"); you may\
# not use this file except in compliance with the License.\
# You may obtain a copy of the License at\
#\
# http://www.apache.org/licenses/LICENSE-2.0\
#\
# Unless required by applicable law or agreed to in writing, software\
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
# See the License for the specific language governing permissions and\
# limitations under the License.

    # Insert Mbed TLS declaration if it is missing
    /This file is part of/! i\
#\
# This file is part of Mbed TLS (https://tls.mbed.org)
  }

  # Clear copyright declaration from buffer
  D
}
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-06-15 12:05:47 +02:00
Bence Szépkúti 700ee44545 Add missing copyright dates to scripts and sources
To find any files with a missing copyright declaration, use the following script:

# ========================
#!/bin/sh

# Find files with copyright declarations, and list their file extensions
exts=$(grep -Ril --exclude-dir .git --exclude-dir 3rdparty\
                 --exclude-dir programs/fuzz 'Copyright.*Arm' | sed '
  s/.*\///
  s/.*\./*./
  s/.*/-name "&"/
' | sort -u | sed -n '
  :l
    N
    $!bl
  s/\n/ -o /gp
')

# Find files with file extensions that ususally include copyright extensions,
# but don't include a copyright declaration themselves.
eval "find\
  '(' -path './.git' -o -path './3rdparty' -o -path './programs/fuzz' ')' -prune\
  -o ! -path './tests/data_files/format_pkcs12.fmt'\
     ! -path './programs/psa/psa_constant_names_generated.c'\
     '(' $exts ')' -print" | xargs grep -Li 'Copyright.*Arm'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-06-15 12:05:46 +02:00
Ron Eldor 65d8c2651d Show failure in ssl-opts.sh when key export fails
1. When `ssl_server2` export key functionality fails,
don't exit the server, but reset it, to have the
server recover for next connection.
2. Add text filters for `export keys functionality` test in ssl-opt.sh
to check for additional output, to verify if the export suceeded.

This was discovered in the `ssl-opt.sh` script, where the server exited,
before the test tried to kill the server priocess, resulting in a
`kill: No such process` message.

Fixes #2662

Signed-off-by: Ron Eldor <Ron.Eldor@arm.com>
2020-06-15 11:21:41 +03:00
nia 1c0c837ddc Define _POSIX_C_SOURCE to be 200112L, as a minimum for C99.
Strict platforms cannot be expected to accept C99 code as valid
when earlier standards versions are selected.

This helps the programs build on Solaris-like platforms (e.g.
illumos).

Fixes #3420

Signed-off-by: nia <nia@netbsd.org>
2020-06-11 18:39:28 +01:00
nia 7eb0e62f64 ssl_mail_client: Define _XOPEN_SOURCE=600 for gethostname
Fixes building this program on NetBSD 9.0.

Signed-off-by: nia <nia@netbsd.org>
2020-06-11 14:05:34 +01:00
danh-arm 15fee93121
Merge pull request #3363 from bensze01/zeroize
Remove hardcoded line number from the zeroize test
2020-06-10 11:31:38 +01:00
okhowang(王沛文) 3c1b090e58 Use FindPython3 when cmake version >= 3.15.0
Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-06-10 10:21:50 +08:00
Bence Szépkúti 5620d71d58 Remove hardcoded line number from the zeroize test
Instead, we insert a comment containing GDB_BREAK_HERE in the line we
want to break at, and let the gdb script search for it.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-06-09 12:52:04 +02:00
Manuel Pégourié-Gonnard 1a3f9edc08 Add config.h option MBEDTLS_ECP_NO_INTERNAL_RNG
No effect so far, except on dependency checking, as the feature it's meant to
disable isn't implemented yet (so the descriptions in config.h and the
ChangeLog entry are anticipation for now).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-08 09:09:20 +02:00
Janos Follath bba4c17b7a
Merge pull request #3315 from hanno-arm/tls13-experimental-macro
Add support for TLS 1.3 record protection routines
2020-06-04 15:51:54 +01:00
Manuel Pégourié-Gonnard 6abc20e0e3
Merge pull request #3378 from mpg/fix-ctr-drbg-deps
Fix undeclared dependencies on CTR_DRBG (and add test)
2020-06-03 10:55:52 +02:00
Gilles Peskine d6916d74c5
Merge pull request #3121 from gilles-peskine-arm/invasive_testing_strategy-crypto
Invasive testing strategy

Create a new header `common.h`.

Introduce a configuration option `MBEDTLS_TEST_HOOKS` for test-specific code, to be used in accordance with the invasive testing strategy.
2020-06-02 16:55:48 +02:00
Gilles Peskine 73b394290a
Merge pull request #3367 from hug-dev/psa-constants-in-build-dir
Generate PSA constant names in CMake build dir
2020-06-02 12:29:46 +02:00
Hanno Becker ceef848eb6 Rename TLS 1.3 padding granularity macro
This is to avoid confusion with the class of macros

MBEDTLS_SSL_PROTO_TLS1_X

which have an underscore between major and minor version number.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-06-02 06:16:00 +01:00
Hanno Becker 3427f1dad2 Update query_config.c
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-31 08:51:29 +01:00
Manuel Pégourié-Gonnard a89040c7f5 Fix undeclared deps on CTR_DRBG in programs/fuzz
While at it, fix a few other obvious ones such as ENTROPY and TIMING_C when
applicable.

A non-regression test for CTR_DRBG will be added in a follow-up commit.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-05-29 11:27:08 +02:00
Hugues de Valon 235c72d3cb Generate PSA constant names in CMake build dir
This commit modifies the generate_psa_constants.py script to take as
input argument the location of where to write the
psa_constant_names_generated.c file.
For make-based build system, this commit does not change anything.
For CMake build system, this commit modifies the generation location of
that file to be inside the build directory and include it from there in
psa_constant_names.c

Fix #3365

Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>
2020-05-28 16:51:21 +01:00
Hanno Becker 81f3662ae8 Update query_config.c
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-28 10:32:23 +01:00
Gilles Peskine ee40e76943 Normalize line endings
Convert all text files to Unix line endings unless they're Windows
stuff.

Make sure that all text files have a trailing newline.

Remove whitespace at the end of lines.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:55:08 +02:00
danh-arm 4850263bb5
Merge pull request #3319 from Kxuan/development
Fix typo in program benchmark.
2020-05-18 10:10:25 +01:00
Gilles Peskine e24fc7b0a1
Merge pull request #2595 from k-stachowiak/unified-exit-in-examples
Unify the example programs' termination
2020-05-12 10:46:47 +02:00
k-stachowiak 297896e6db Remove obsolete comment 2020-05-11 22:11:10 +02:00
Zhai Zhaoxuan e22da99224
Fix typo in program benchmark.
Signed-off-by: Zhai Zhaoxuan <kxuanobj@gmail.com>
2020-05-09 23:50:32 +08:00
Gilles Peskine d9f694960f
Merge pull request #3190 from gilles-peskine-arm/config-full-clarify-development
Clarify that the full config enables everything that can be tested together
2020-05-04 12:29:09 +02:00
Kenneth Soerensen 518d435e7b Fix GCC format-signedness warnings
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2020-04-22 16:01:48 +02:00
Jaeden Amero 3a7ca1d0cb
Merge pull request #3194 from piotr-now/serialized_to_file
Saving the serialized context to a file
2020-04-20 15:50:12 +01:00
Gilles Peskine b2971ff942 Strict C99: don't use extremely large string literals
Don't use string literals that are longer than 4095 bytes, which is
the minimum that C99 compilers are required to support. Compilers are
extremely likely to support longer literals, but `gcc -std=c99 -pedantic`
complains.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:36 +02:00
Gilles Peskine a5fc939bdd Strict C99: don't use a signed* when an unsigned* is expected
It works in practice on almost every platform, given that we're only
using the wrong type in cases where the value is guaranteed to stay
within the value bits of a signed int. But even in this case it may or
may not be strictly conforming. Anyway `gcc -std=c99 -pedantic`
rejects it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:36 +02:00
Gilles Peskine 23352a39a9
Merge pull request #3177 from mpg/fix-overflow-benchmark-dev
Fix arithmetic overflow in benchmark
2020-04-20 12:02:45 +02:00
Piotr Nowicki 3de298f18f Saving the serialized context to a file
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-17 16:26:43 +02:00
Piotr Nowicki 136bebf934 Add missing newline character
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-17 14:47:33 +02:00
Manuel Pégourié-Gonnard 6ff11895f4 Sort lists in .gitignore files
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:58:54 +02:00
Manuel Pégourié-Gonnard 6f830251a1 Sort lists in CMakeLists.txt files
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:58:54 +02:00
Manuel Pégourié-Gonnard 10a5b535f1 Sort lists in Makefiles and have one item per line
A file generated based on the output of `make list` from programs has been
re-generated.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:57:50 +02:00
Manuel Pégourié-Gonnard 5edd388da0 Get rid of a magic value in benchmark.c
Also update its value while at it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:28:25 +02:00
Piotr Nowicki 97dcb1c8f2 Add required configuration to the ssl_context_info
Required:
  MBEDTLS_X509_CRT_PARSE_C
  MBEDTLS_ERROR_C

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 16:40:48 +02:00
Piotr Nowicki 02cc3fb070 Add dynamic buffer allocation and size checking
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 16:40:48 +02:00
Piotr Nowicki bc876d4516 Rename program 'ssl_base64_dump' to 'ssl_context_info'
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 16:40:48 +02:00
Piotr Nowicki f86192f72a Add support for Microsoft Visual Studio
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 16:40:48 +02:00
Piotr Nowicki e5fa8b7cdf Add certificate printing
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 16:40:42 +02:00
Piotr Nowicki 4e192000fa Add session deserializing (not completed)
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki ab3ecd8ac2 Print more information and add TODOs
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki 6b2baf99f1 Print mbedtls version and configuration
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki c7d681c5bd Add base64 code decoding
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki 6842c9bde8 Add printing the read base64 code
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki 14d3105f78 Add reading base64 code from file
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki 88ebbbf0fe Add function for parsing arguments
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Piotr Nowicki 9370f90d46 Initial work on the ssl dump program from base64 code
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-14 10:46:23 +02:00
Jaeden Amero 66e21efe47
Merge pull request #3163 from AndrzejKurek/variable-buffers-renegotiation
Variable buffers & renegotiation - fixes
2020-04-09 12:11:02 +01:00
Andrzej Kurek 90c6e84a9c
Split the maximum fragment length into two - an input and output MFL
Since the server might want to have a different maximum fragment length
for the outgoing messages than the negotiated one - introduce a new way of
computing it. This commit also adds additional ssl-opt.sh tests ensuring
that the maximum fragment lengths are set as expected. 
mbedtls_ssl_get_max_frag_len() is now a deprecated function,
being an alias to mbedtls_ssl_get_output_max_frag_len(). The behaviour
of this function is the same as before.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:30:34 -04:00
Manuel Pégourié-Gonnard e52fd3fa55 Fix integer overflow in benchmark program
When building with MBEDTLS_MEMORY_DEBUG enabled, and running the ecdh part,
the benchmark program would start writing a very large number of space
characters on stdout, and would have to be killed because it never seemed to
terminate.

This was due to an integer overflow in computing how many space to leave after
the title in order to get memory measurements aligned, which resulted in up
to SIZE_MAX spaces being printed.

This commit just fixes the overflow, the next commit is going to fix the magic
number (12).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-09 10:11:17 +02:00
Gilles Peskine 3124164f81
Merge pull request #3132 from mpg/fix-reconnect
Fix issues in handling of client reconnecting from the same port
2020-04-02 19:21:01 +02:00
Manuel Pégourié-Gonnard f4563b4c8b Fix some style issues in udp_proxy
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-31 12:07:13 +02:00
Manuel Pégourié-Gonnard 2353636225
Merge pull request #3013 from eozturk1/development
Fix debug message by using the correct function name called
2020-03-31 09:53:20 +02:00
Manuel Pégourié-Gonnard baad2de6d8 Add negative test for hard reconnect cookie check
The server must check client reachability (we chose to do that by checking a
cookie) before destroying the existing association (RFC 6347 section 4.2.8).
Let's make sure we do, by having a proxy-in-the-middle inject a ClientHello -
the server should notice, but not destroy the connection.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-27 10:50:05 +01:00
Gilles Peskine fea6eaf5e3 Declare MBEDTLS_TEST_HOOKS in config.h
When this option is enabled, the product includes additional
interfaces that enable additional tests. This option should not be
enabled in production, but is included in the "full" build to enable
the extra tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:45 +01:00
Gilles Peskine 3ed2de9f54 Refresh generated files 2020-03-23 21:54:07 +01:00
Gilles Peskine 5e7d6fd240 Merge 'mbedtls/development' into merge-crypto-unremoved-20200304
Merge the latest state of the target branch (mbedtls/development) into the
pull request to merge mbed-crypto into mbedtls.

Conflicts:

* ChangeLog: add/add conflict. Resolve by using the usual section order.
2020-03-23 18:02:07 +01:00
Gilles Peskine 5ec51f923a Future-proof make clean under Windows
In Windows cmd, `del foo` succeeds if `foo` doesn't exist, but
`del *.ext` fails if `*.ext` doesn't match any files. Therefore we use
the idiom `if exist *.ext del *.ext` to delete files matching
wildcards.

We've accidentally used `if exist $(some_list) del $(some_list)`, and
that's wrong, because it's only syntactically correct if
`$(some_list)` contains exactly one element. As long as `$(some_list)`
contains actual file names and not wildcards, just use `del $(some_list)`.
2020-03-23 17:55:32 +01:00
Gilles Peskine eccd888717 Rename identifiers containing double-underscore
Rename identifiers containing double-underscore (`__`) to avoid `__`.
The reason to avoid double-underscore is that all identifiers
containing double-underscore are reserved in C++. Rename all such
identifiers that appear in any public header, including ssl_internal.h
which is in principle private but in practice is installed with the
public headers.

This commit makes check-names.sh pass.

```
perl -i -pe 's/\bMBEDTLS_SSL__ECP_RESTARTABLE\b/MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED/g; s/\bMBEDTLS_KEY_EXCHANGE_(_\w+)_(_\w+)\b/MBEDTLS_KEY_EXCHANGE${1}${2}/g' include/mbedtls/*.h library/*.c programs/*/*.c scripts/data_files/rename-1.3-2.0.txt tests/suites/*.function
```
2020-03-23 17:55:32 +01:00
Gilles Peskine aae57bffd9 Remove remaining references to the crypto subdirectory 2020-03-23 17:55:31 +01:00
Gilles Peskine 37940d923e Restore linking against all libraries in the cmake_subproject test 2020-03-23 17:55:31 +01:00
Gilles Peskine 4973196e5a Restore fuzz to the cmake build 2020-03-23 17:55:31 +01:00
Gilles Peskine b22d0cfa99 Re-generate automatically generated files
```
scripts/generate_features.pl
scripts/generate_errors.pl
scripts/generate_query_config.pl
scripts/generate_visualc_files.pl
```
2020-03-23 17:55:31 +01:00
Gilles Peskine b99bd39b4e Merge mbed-crypto into mbedtls: the merge commit
Merge `unremove-non-crypto` into `mbedtls/development`. The branch
`unremove-non-crypto` was obtained by starting from `mbed-crypto/development`,
then reverting many commits that removed X.509 and TLS functionality when Mbed
Crypto forked from Mbed TLS (the “unremoval”), then make a few tweaks to
facilitate the merge.

The unremoval step restored old versions of some tls files. If a file doesn't
exist in mbed-crypto, check out the mbedtls version, regardless of what
happened during the unremoval of tls files in the crypto tree. Also
unconditionally take the mbedtls version of a few files where the
modifications are completely project-specific and are not relevant in
mbed-crypto:

* `.github/issue_template.md`: completely different. We may want to reconcile
  them independently as a follow-up.
* `.travis.yml`: would only be reverted to an earlier tls version.
* `README.md`: completely different. We may want to reconcile them
  independently as a follow-up.
* `doxygen/input/doc_mainpage.h`: the changes in crypto were minimal and not
  relevant except as a stopgap as mbed-crypto did not have its own product
  versioning in the Doxygen documentation.
* `tests/.jenkins/Jenkinsfile`: completely different.
* `tests/data_files/Makefile`: there were no changes in mbed-crypto,
  but the unremoval step restored an old version.

Shell script for everything to do after the merge apart from the conflict
resolution:
```
tls_files=($(comm -23 <(git ls-tree -r --name-only HEAD) <(git ls-tree -r --name-only $(git merge-base upstream-crypto/development MERGE_HEAD))))
tls_files+=($tls_files .github/issue_template.md .travis.yml README.md doxygen/input/doc_mainpage.h tests/.jenkins/Jenkinsfile tests/data_files/Makefile)
git checkout --theirs HEAD -- $tls_files
git add -- $tls_files
```

Resolve the remaining conflicts:

* `library/CMakeLists.txt`:
    * Keep the TLS definition of `src_crypto`
    * `USE_SHARED_MBEDTLS_LIBRARY`: keep all three libraries, with both
      `include` and `crypto/include` in `target_include_directories`, all with
      version `2.21.0`.
* `programs/Makefile`:
    * Reconcile the APPS lists (add/add from a differently-formatted common
      ancestor): insert the `psa/*` from crypto into the tls list.
    * Keep the `fuzz` target defined only in tls version.
    * Keep the recipe (only in tls version) cleaning `ssl_pthread_server`
      stuff for the `clean` target.
* `scripts/config.py`:
    * `include_in_full`: add/add conflict. Keep both.
* `tests/scripts/all.sh`:
    * `component_test_no_use_psa_crypto_full_cmake_asan`: partially old
      version in crypto. Take the tls version.
    * `component_test_malloc_0_null` and more: take
      `component_test_malloc_0_null` from crypto (with `config.py` rather than
      `config.pl`, and with `$ASAN_FLAGS` rather than an explicit list), but
      add the call to `ssl-opt.sh` from tls. Take the other components from
      crypto.

With this commit, building and running the unit tests with both `make ` and
`cmake` work in the default configuration on Linux. Other platforms, build
systems and configurations are likely not to work, and there is some
regression in test coverage.

There is some loss of functionality because the unremoval step restored older
versions of tls content. This commit contains the latest tls version of
tls-only files, but some changes from the tls side in files that existed on
both sides have regressed. Most problematic changes are hunks that remove some
tls-specific feature and contain either a C preprocessor symbol identifying a
tls-specific module or option, or the name of a tls-specific file. Hunks
that remove a tls-specific preprocessor symbol can be identified with the
regular expression `^-.*MBEDTLS_(ERR_)?(PKCS11|X509|NET|SSL)_`.

Subsequent commits will revert a few parts of the patch from this merge commit
in order to restore the tls functionality that it removes, ensure that the
test coverage includes what was covered in either branch, and fix test
failures.
2020-03-23 17:54:46 +01:00
Gilles Peskine 7e771c767f Link test programs that only use platform functions with mbedcrypto
Even if other higher-level libraries were added, these programs would
only link with the crypto library, which is the one that contains
platform functions.
2020-03-19 14:23:45 +01:00
Gilles Peskine f66346eaf8 Revert "Remove Diffie-Hellman examples"
This reverts commit bea98b4581.

Conflicts:
* programs/Makefile:
  * APPS: the layout of the definition has changed. re-add dh_client
    and dh_server appropriately.

Run scripts/generate_visualc_files.pl to account for the added programs.
2020-03-19 14:23:45 +01:00
Gilles Peskine 1bc9c135b3 Revert "selftest: Remove X.509 selftest"
This reverts commit 47a3635fc7.
2020-03-19 14:23:45 +01:00
Gilles Peskine 169087482f Revert "pkey: Remove dependency on X.509"
This reverts commit bf564c77fa.
2020-03-19 14:23:45 +01:00
Gilles Peskine 9e277f4408 Revert "cpp_dummy_build: Remove X.509 dependency"
This reverts commit 4c1fdb5129.
2020-03-19 14:23:45 +01:00
Gilles Peskine 6bbe783908 Revert "Remove pkcs11-helper option"
This reverts commit d832f187f7.

Conflicts:
* CMakeLists.txt:
  * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before
    where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before
    where it was removed. Just re-add what was removed.
2020-03-19 14:07:55 +01:00
Gilles Peskine 5bb8bec1de Revert "Remove zlib"
This reverts commit d874a1fd14.

Conflicts:
* CMakeLists.txt:
  * ENABLE_ZLIB_SUPPORT: there has been a change immediately after
    where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * ENABLE_ZLIB_SUPPORT: there has been a change immediately after
    where it was removed. Just re-add what was removed.
2020-03-19 14:07:55 +01:00
Gilles Peskine 70824f2c9e Revert "Remove programs that depend on TLS or X.509"
This reverts commit 0688e4f266.

Run scripts/generate_visualc_files.pl to account for the added programs.
2020-03-19 14:07:55 +01:00
Gilles Peskine 4fa9f9f744 Revert "programs, tests: Depend only on libmbedcrypto"
This reverts commit 986a15199d.
2020-03-19 14:07:55 +01:00
Gilles Peskine 4e1174967a Revert "config: Remove TLS and NET options"
This reverts commit 1c66e48670.

Conflicts:
* include/mbedtls/check_config.h:
    * MBEDTLS_SSL_PROTO_SSL3: there has been an addition (of
      MBEDTLS_SHA512_NO_SHA384) at the place where it was removed. Re-add it
      after (alphabetical order).
    * MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of
      MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed.
      Re-add it after (alphabetical order).
    * MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of
      MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it
      after (alphabetical order).
* include/mbedtls/config.h:
    * MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of
      MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed.
      Re-add it after (alphabetical order).
    * MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of
      MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it
      after (alphabetical order).
* library/version_features.c: re-generate by running
  scripts/generate_features.pl.
* programs/test/query_config.c: re-generate by running
  scripts/generate_query_config.pl.
* scripts/config.pl: this file has been replaced by config.py. Port
  the reversed changes to config.py:
    * Revert removing three symbols from the list of symbols to
      exclude from full.
    * Revert removing one symbol (MBEDTLS_NET_C) from the list of symbols
      to exclude from baremetal.
* scripts/footprint.sh:
    * Re-add the line to unset MBEDTLS_NET_C, but with config.py instead of
      config.pl.
* tests/scripts/all.sh:
    * component_test_no_platform: re-add the line to unset MBEDTLS_NET_C, but
      with config.py instead of config.pl.
    * component_build_arm_none_eabi_gcc,
    component_build_arm_none_eabi_gcc_no_udbl_division,
    component_build_arm_none_eabi_gcc_no_64bit_multiplication,
    component_build_armcc: these components now use the baremetal
    configuration, so they do not need to turn off MBEDTLS_NET_C explicitly.
2020-03-19 13:55:04 +01:00
Gilles Peskine 252e391cca Revert "config: Remove X.509 options"
This reverts commit bb1f701212.

* include/mbedtls/check_config.h:
    * MBEDTLS_X509_RSASSA_PSS_SUPPORT: there has been an addition (of
      MBEDTLS_SHA512_NO_SHA384) at the place where it was removed.
      Re-add it before MBEDTLS_SHA512_NO_SHA384 to keep it grouped
      with MBEDTLS_RSA_C.

Conflicts:
* scripts/config.pl: this file has been replaced by config.py. Port
  the reversed changes to config.py:
    * Revert removing three symbols from the list of symbols to
      exclude from full.
2020-03-19 13:53:18 +01:00
Gilles Peskine 458b8f2a59 Revert "Remove unused TLS, NET, and X.509 files"
This reverts commit a4308b29a4.
2020-03-19 13:36:33 +01:00
Jaeden Amero c31f970a46
Merge pull request #3075 from AndrzejKurek/variable-buffer-size
Variable buffer size
2020-03-10 21:46:35 +04:00
Gilles Peskine 40f17dc803 Revert "Remove certs.h"
This reverts commit b8e4ae18cf.
2020-03-04 15:39:14 +01:00
Piotr Nowicki 0937ed29b9
Add an acceptance test for memory usage after handshake
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-04 09:28:35 -05:00
Gilles Peskine 59e584949d
Merge pull request #3067 from gilles-peskine-arm/fuzz_pubkey-rsa_export
Fix fuzz_pubkey on valid RSA keys
2020-03-04 11:23:14 +01:00
Darryl Green b33cc7688e
Add I/O buffer length fields to mbedtls_ssl_context
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Darryl Green <darryl.green@arm.com>
2020-03-03 10:44:49 -05:00
Manuel Pégourié-Gonnard f03c13c046
Merge pull request #3050 from mpg/skip-close-notify-dev
Fix possible close_notify/ClientHello confusion
2020-03-03 12:11:48 +01:00
Gilles Peskine ae463e6505 Move EXTRA_GENERATED mentions to a separate line
This makes reconciliation with other branches that don't have
it (mbedtls, backports) easier.
2020-02-26 14:44:40 +01:00
Manuel Pégourié-Gonnard 56941fe6a2 Fix possible close_notify/ClientHello confusion
The ssl-opt.sh test cases using session resumption tend to fail occasionally
on the CI due to a race condition in how ssl_server2 and ssl_client2 handle
the reconnection cycle.

The server does the following in order:
- S1 send application data
- S2 send a close_notify alert
- S3 close the client socket
- S4 wait for a "new connection" (actually a new datagram)
- S5 start a handshake

The client does the following in order:
- C1 wait for and read application data from the server
- C2 send a close_notify alert
- C3 close the server socket
- C4 reset session data and re-open a server socket
- C5 start a handshake

If the client has been able to send the close_notify (C2) and if has been
delivered to the server before if closes the client socket (S3), when the
server reaches S4, the datagram that we start the new connection will be the
ClientHello and everything will be fine.

However if S3 wins the race and happens before the close_notify is delivered,
in S4 the close_notify is what will be seen as the first datagram in a new
connection, and then in S5 this will rightfully be rejected as not being a
valid ClientHello and the server will close the connection (and go wait for
another one). The client will then fail to read from the socket and exit
non-zero and the ssl-opt.sh harness will correctly report this as a failure.

In order to avoid this race condition in test using ssl_client2 and
ssl_server2, this commits introduces a new command-line option
skip_close_notify to ssl_client2 and uses it in all ssl-opt.sh tests that use
session resumption with DTLS and ssl_server2.

This works because ssl_server2 knows how many messages it expects in each
direction and in what order, and closes the connection after that rather than
relying on close_notify (which is also why there was a race in the first
place).

Tests that use another server (in practice there are two of them, using
OpenSSL as a server) wouldn't work with skip_close_notify, as the server won't
close the connection until the client sends a close_notify, but for the same
reason they don't need it (there is no race between receiving close_notify and
closing as the former is the cause of the later).

An alternative approach would be to make ssl_server2 keep the connection open
until it receives a close_notify. Unfortunately it creates problems for tests
where we simulate a lossy network, as the close_notify could be lost (and the
client can't retransmit it). We could modify udp_proxy with an option to never
drop alert messages, but when TLS 1.3 comes that would no longer work as the
type of messages will be encrypted.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-26 09:33:45 +01:00
Gilles Peskine d7fb66fd13 If a key is not of a supported type, something went wrong 2020-02-25 19:54:27 +01:00
Gilles Peskine e60b365a5e EC keys can have the type MBEDTLS_PK_ECKEY_DH too 2020-02-25 19:54:07 +01:00
Gilles Peskine f02b984f86 Sanity check on elliptic curve keys: check that the group is known 2020-02-25 19:52:44 +01:00
Gilles Peskine 8d36696e1f Fix fuzz_pubkey failure on valid RSA keys
On a valid RSA public key, mbedtls_rsa_export should succeed if you
ask for the public fields, but fail if you ask for private fields. The
code was expecting to succeed when asking for private fields, so
failed on every valid RSA public key.
2020-02-25 19:51:07 +01:00
Gilles Peskine 6fc21f630c Add a calloc self-test
Add a very basic test of calloc to the selftest program. The selftest
program acts in its capacity as a platform compatibility checker rather
than in its capacity as a test of the library.

The main objective is to report whether calloc returns NULL for a size
of 0. Also observe whether a free/alloc sequence returns the address
that was just freed and whether a size overflow is properly detected.
2020-02-11 19:26:27 +01:00
Gilles Peskine db0cb2578c Fix CTR_DRBG benchmark
You can't reuse a CTR_DRBG context without free()ing it and
re-init()ing. This generally happened to work, but was never
guaranteed. It could have failed with alternative implementations of
the AES module because mbedtls_ctr_drbg_seed() calls
mbedtls_aes_init() on a context which is already initialized if
mbedtls_ctr_drbg_seed() hasn't been called before, plausibly causing a
memory leak. Calling free() and seed() with no intervening init fails
when MBEDTLS_THREADING_C is enabled and all-bits-zero is not a valid
mutex representation. So add the missing free() and init().
2020-02-11 19:26:27 +01:00
Gilles Peskine e732f04443 cmake: link programs that only use x509 with libmbedx509
When building with CMake, for sample programs that only use
functionality in libmbedcrypto and libmbedx509, link with
libmbedx509, not with libmbedtls.

cert_app makes a TLS connection, so do link it with libmbedtls.
2020-02-11 19:26:27 +01:00
Gilles Peskine e123395317 cmake: link programs that only use crypto with libmbedcrypto
When building with CMake, for sample programs that only use
functionality in libmbedcrypto (i.e. crypto and platform), link with
libmbedcrypto, not with libmbedtls.

This doesn't change the result, because the linker skips libraries in
which no symbol is used, but it changes the build dependencies, and it
has the advantage of bringing programs/*/CMakeLists.txt closer to the
corresponding files under crypto/.

The programs concerned are crypto sample and test programs, and
programs that only use (potential) platform functions such as
mbedtls_printf. dh_client and dh_server keep linking with mbedtls
because they use functions from the net_sockets module.
2020-02-11 19:26:27 +01:00
Jaeden Amero 7cb47de12a query_config: Move to programs/test
As the SSL programs, like ssl_client2 and ssl_server2, are dependent on
SSL and therefore about to be removed, the only consumer of query_config
is the query_compile_time_config test. As such, it makes sense to move
query_config to be next to what uses it.
2020-02-11 19:26:27 +01:00