Commit graph

15987 commits

Author SHA1 Message Date
Gilles Peskine 8de3633c65
Merge pull request #4762 from mpg/fix-overly-aggressive-udp-proxy-2.x
[Backport 2.x] Fix bug with UDP proxy not forwarding enough
2021-07-09 11:57:52 +02:00
Manuel Pégourié-Gonnard 14134281df Fix bug with UDP proxy not forwarding enough
We previously introduced a safety check ensuring that if a datagram had
already been dropped twice, it would no longer be dropped or delayed
after that.

This missed an edge case: if a datagram is dropped once, it can be
delayed any number of times. Since "delay" is not defined in terms of
time (x seconds) but in terms of ordering with respect to other messages
(will be forwarded after the next message is forwarded), depending on
the RNG results this could result in an endless loop where all messages
are delayed until the next, which is itself delayed, etc. and no message
is ever forwarded.

The probability of this happening n times in a row is (1/d)^n, where d
is the value passed as delay=d, so for delay=5 and n=5 it's around 0.03%
which seems small but we still happened on such an occurrence in real
life:

    tests/ssl-opt.sh --seed 1625061502 -f 'DTLS proxy: 3d, min handshake, resumption$'

results (according to debug statements added for the investigation) in
the ClientHello of the second handshake being dropped once then delayed
5 times, after which the client stops re-trying and the test fails for
no interesting reason.

Make sure this doesn't happen again by putting a cap on the number of
times we fail to forward a given datagram immediately.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-07-08 12:42:59 +02:00
Manuel Pégourié-Gonnard dcb3479701
Merge pull request #4761 from mpg/fix-memleak-in-ssl-test-2.x
[backport 2.x] Fix memory leak on failure path in test code
2021-07-08 12:34:30 +02:00
Paul Elliott 7fe62cc88b Fix divide by zero if macro used with wrong key
If PSA_CIPHER_ENCRYPT_OUTPUT_SIZE was called on a non symmetric key,
then a divide by zero could happen, as PSA_CIPHER_BLOCK_LENGTH will
return 0 for such a key, and PSA_ROUND_UP_TO_MULTIPLE will divide by
the block length.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-08 11:28:15 +01:00
Manuel Pégourié-Gonnard 87e8b5ccaa Use distinct variables for distinct purposes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-07-08 10:30:38 +02:00
Manuel Pégourié-Gonnard 40e26b2600 Fix memory leak on failure path in test code
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-07-08 10:30:38 +02:00
Gilles Peskine 008cd0c4d8
Merge pull request #4757 from gilles-peskine-arm/generate_psa_tests-speedup-2.27
Backport 2.x: Speed up the generation of storage format test cases
2021-07-07 15:27:21 +02:00
Dave Rodgman e1a97cb3eb
Merge pull request #847 from ARMmbed/mbedtls-2.27.0_merge_into_release
Mbedtls 2.27.0 merge into release
2021-07-07 11:18:19 +01:00
Gilles Peskine 3008c58df9 Speed up the generation of storage format test cases
Restore the optimization done in
 HEAD^{/Speed up the generation of storage format test cases}
which was lost during refactoring made when adding support for
implicit usage flags.

There are still more than one call to the C compiler, but the extra
calls are only for some key usage test cases.

This is an internal refactoring. This commit does not change the
output of generate_psa_tests.py

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-06 21:08:46 +02:00
Dave Rodgman f71e287808
Merge pull request #843 from paul-elliott-arm/mbedtls-2.27.0rc0-pr
Mbedtls 2.27.0rc0 pr
2021-07-06 12:59:58 +01:00
Dave Rodgman 4614cb175d Fix Changelog indentation
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-05 18:50:01 +01:00
Dave Rodgman 699ccf83db Fix indentation in the Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-05 18:10:27 +01:00
Paul Elliott 610a9cc43f Bump SO version for libmbedcrypto
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-02 14:59:26 +01:00
Paul Elliott f3e1a25ef8 Revert ChangeLog change
_ALT was actually more accurate than alternative when describing
implementations in this case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-02 14:28:53 +01:00
Paul Elliott 40d3fd389a Grammar and typo changelog cleanup
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-02 11:08:07 +01:00
Paul Elliott 46c0cf7dfe Actually remove compiled changelog entries
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-02 08:29:33 +01:00
Paul Elliott 3ca4892432 Update changelog to cover #4197
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-01 18:08:30 +01:00
Paul Elliott d925ee0a6e Set ChangeLog version and release date
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-01 17:58:07 +01:00
Paul Elliott bece7374ce Bump Library Version Number
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-01 17:52:07 +01:00
Paul Elliott 671233280e Build aggregated ChangeLog
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-01 17:37:55 +01:00
Paul Elliott 4128c2032e Merge remote-tracking branch 'restricted/development_2.x-restricted' into mbedtls-2.27.0rc0-pr 2021-07-01 17:26:38 +01:00
Dave Rodgman ba940cc695
Merge pull request #4182 from gabor-mezei-arm/3258_implement_one-shot_MAC_and_cipher
[Backport 2.x] Implement one-shot cipher
2021-06-30 17:04:11 +01:00
Dave Rodgman af9b4841fb
Merge pull request #4605 from gabor-mezei-arm/3267_sign_verify_key_policies
[Backport 2.x] Key policy extension for PSA_KEY_USAGE_SIGN/VERIFY_HASH
2021-06-30 14:51:03 +01:00
gabor-mezei-arm e4be8a3bea
Remove obsolete comment
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-30 10:34:28 +02:00
gabor-mezei-arm 05dac4a20b
Give a better name for struct member
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-30 10:31:18 +02:00
Dave Rodgman 0a4046e9ca
Merge pull request #4736 from daverodgman/alert_bugfixes_2.x
Backport 2.x: Fix alert raised for invalid fragment length
2021-06-30 09:02:49 +01:00
Dave Rodgman 7ed75e21c9 Correct required config flag in ECJPAKE tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 21:15:58 +01:00
gabor-mezei-arm 252304594b
Fix minor issues
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 19:06:30 +02:00
gabor-mezei-arm a3669ac7e7
Restoring the multi-part cipher_verify_output() testing
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 18:58:42 +02:00
Gilles Peskine bdba86f4d5
Merge pull request #4718 from nick-child-ibm/hash_len_devel
Backport 2.x: pk.c: Ensure min hash_len in pk_hashlen_helper
2021-06-29 18:16:51 +02:00
gabor-mezei-arm 3ea27325c9
Fix pylint issue
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 17:21:21 +02:00
gabor-mezei-arm 809634d5d9
Check the return status of the functions first
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 16:49:51 +02:00
gabor-mezei-arm 42373bdde7
Add buffer overflow check
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 16:49:51 +02:00
gabor-mezei-arm 6f8d43df20
Remove invalid buffer overflow check
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 16:39:49 +02:00
Dave Rodgman 0dfb7dbe15 TLS UNSUPPORTED_EXTENSION error code changes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 15:21:44 +01:00
Dave Rodgman de8c91bbae Improve Changelog for TLS alert codes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 14:43:09 +01:00
gabor-mezei-arm ea840dea61
Return iterator instead of list
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:42:57 +02:00
gabor-mezei-arm 912eca3847
Rename function
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:39:56 +02:00
Nick Child 8930e14f3a test_suite_pk.function: Do not use MD_MAX_SIZE
In order to for tests to pass from the previous commit (which it mandatory for all pk verify/sign
functions to be given a hash_len that is exactly equal to the message digest length of md_alg) the
hash_len that is supplied to the fucntion cannot be MBEDTLS_MD_MAX_SIZE. This would result in all tests failing. Since the md alg for all of these funtions are SHA256, we can use mbedtls functions to get
the required length of a SHA256 digest (32 bytes). Then that number can be used for allocating the
hash buffer.

Signed-off-by: Nick Child <nick.child@ibm.com>
2021-06-29 09:31:06 -04:00
Nick Child b6d5693be2 pk.c: Ensure hash_len equals hash in pk_hashlen_helper
The function `pk_hashlen_helper` exists to ensure a valid hash_len is
used in pk_verify and pk_sign functions. This function has been
used to adjust to the corrsponding hash_len if the user passes in 0
for the hash_len argument based on the md algorithm given. If the user
does not pass in 0 as the hash_len, then it is not adjusted. This is
problematic if the user gives a hash_len and hash buffer that is less than the
associated length of the md algorithm. This error would go unchecked
and eventually lead to buffer overread when given to specific pk_sign/verify
functions, since they both ignore the hash_len argument if md_alg is not MBEDTLS_MD_NONE.

This commit, adds a conditional to `pk_hashlen_helper` so that an
error is thrown if the user specifies a hash_length (not 0) and it is
not equal to the expected for the associated message digest algorithm.
This aligns better with the api documentation where it states "If
hash_len is 0, then the length associated with md_alg is used instead,
or an error returned if it is invalid"

Signed-off-by: Nick Child <nick.child@ibm.com>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
2021-06-29 09:31:06 -04:00
gabor-mezei-arm e4b7499f74
Refactor handlibg of the key usage flags
Move implicit usage flags handling to the StorageKey class.
Create a subclass for test case data.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 15:29:24 +02:00
gabor-mezei-arm 61739e3fd3
Fix changelog entry
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:22:34 +02:00
gabor-mezei-arm 5071a2e30e
Use regexp pattern instaed of string
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:19:41 +02:00
gabor-mezei-arm 7e0d724d40
Keep the imported classes sorted
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:17:14 +02:00
gabor-mezei-arm 7b302089b1
Update key policy testing test cases
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:08:47 +02:00
gabor-mezei-arm 5eca4f2bb5
Rename test cases
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:07:34 +02:00
gabor-mezei-arm 659af9e2f3
Remove unneeded test case parameter
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-29 11:06:16 +02:00
Dave Rodgman dd5f624f32 Fix TLS alert codes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 09:45:08 +01:00
gabor-mezei-arm 7a163603ea
Add changelog entry
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 21:36:58 +02:00
gabor-mezei-arm 805c735a8b
Move key type validation to crypto_knowledge
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-06-28 21:36:58 +02:00