Commit graph

10131 commits

Author SHA1 Message Date
Gilles Peskine 7b6d8c27c8
Merge pull request #2909 from artokin/mbedtls_replay_check_fix_backport
Fix mbedtls_ssl_check_record usage with ext buf
2019-10-29 16:59:44 +01:00
Arto Kinnunen 7f8089b2ec Fix mbedtls_ssl_check_record usage with ext buf
Record checking fails if mbedtls_ssl_check_record() is called with
external buffer. Received record sequence number is available in the
incoming record but it is not available in the ssl contexts `in_ctr`-
variable that is used when decoding the sequence number.

To fix the problem, temporarily update ssl context `in_ctr` to
point to the received record header and restore value later.
2019-10-29 13:51:37 +02:00
irwir 6c0da64094 Shorter version of mbedtls_ssl_send_fatal_handshake_failure 2019-10-28 19:54:04 +03:00
Jaeden Amero b23abcb38d
Merge pull request #2898 from gilles-peskine-arm/asan-test-fail-development
Make sure Asan failures are detected in 'make test'
2019-10-22 16:30:28 +01:00
Gilles Peskine ce35cb3cc7 'make test' must fail if Asan fails
When running 'make test' with GNU make, if a test suite program
displays "PASSED", this was automatically counted as a pass. This
would in particular count as passing:
* A test suite with the substring "PASSED" in a test description.
* A test suite where all the test cases succeeded, but the final
  cleanup failed, in particular if a sanitizer reported a memory leak.

Use the test executable's return status instead to determine whether
the test suite passed. It's always 0 on PASSED unless the executable's
cleanup code fails, and it's never 0 on any failure.

Fix ARMmbed/mbed-crypto#303
2019-10-21 20:10:21 +02:00
Gilles Peskine 5ca393f7b8 Asan make builds: avoid sanitizer recovery
Some sanitizers default to displaying an error message and recovering.
This could result in a test being recorded as passing despite a
complaint from the sanitizer. Turn off sanitizer recovery to avoid
this risk.
2019-10-21 20:10:12 +02:00
Gilles Peskine 2558d30f93 Use UBsan in addition to Asan with 'make test'
When building with make with the address sanitizer enabled, also
enable the undefined behavior sanitizer.
2019-10-21 20:09:22 +02:00
Gilles Peskine 8fd5942229 Unify ASan options in make builds
Use a common set of options when building with Asan without CMake.
2019-10-21 20:09:13 +02:00
Jaeden Amero 719ae74253
Merge pull request #2884 from AndrzejKurek/iotssl-2886-fix-parallel-make-jobs-2
Fix parallel make jobs for shared target
2019-10-18 14:18:55 +01:00
Jaeden Amero 1b717c9278
Merge pull request #2887 from gilles-peskine-arm/update-crypto-20191011
Update crypto submodule
2019-10-14 09:19:07 +01:00
Gilles Peskine e601625b96 Update crypto submodule
* #272: Insert doxygen comments on old algorithms so they appear in PSA documentation
* #285: SE driver: make persistent data work
* #279: Include IANA reference in the definition of ECC curves and DH groups
* #287: DRBG documentation improvements
* #297: Fix int overflow in mbedtls_asn1_get_int (Credit to OSS-Fuzz)
2019-10-11 17:37:02 +02:00
Andrzej Kurek 8028cb19f4 Makefile: add path prefixes to other versions of libmbedcrypto library 2019-10-08 10:10:43 -04:00
Gilles Peskine 0d50d41c92
Merge pull request #2882 from gilles-peskine-arm/update-crypto-20191004
Update crypto submodule:

* https://github.com/ARMmbed/mbed-crypto/pull/277: Improve speed of PBKDF2 by caching the digest state of the passphras
* https://github.com/ARMmbed/mbed-crypto/pull/269: Add PSA API versioning
* https://github.com/ARMmbed/mbed-crypto/pull/278: Fix on target test issues
* https://github.com/ARMmbed/mbed-crypto/pull/286: Fix defgroup syntax for API version section
* https://github.com/ARMmbed/mbed-crypto/pull/75: ASN.1 tests without x509
2019-10-08 15:34:11 +02:00
Andrzej Kurek 232e8f959a Enable parallel shared target tests
Now that the dependency issues for shared target are fixed, the feature can be
enabled in tests.
2019-10-07 09:24:43 -04:00
Andrzej Kurek df2cd9e14f Makefiles: move the dependencies block to be after DLEXT definition
Having it before them resulted in incomplete dependency names, always ending
with a period.
2019-10-07 09:24:22 -04:00
Andrzej Kurek 8af3923815 Add a recipe for libmbedcrypto with a path prefix
This caused problems when running multiple jobs at once, since
there was no target matching libmbedcrypto.so with the path
prefix. It only worked if it was built first, since such file was found.
Additionally,  building of libmbedcrypto.so now waits for the static .a version.
Previously, recipes for both libmbedcrypto.a and libmbedcrypto.so could run
independently when running parallel jobs, which resulted in the .o files
being built twice. It could sometimes be a problem, since linking would start
when building one of the object files was still in progress (the previous one
existed). This in turn resulted in reading (and trying to link) a malformed file.
The "|" character is followed by "order-only-prerequisites", and in this case,
makes linking of the shared version of the library wait for the .a file.
Since it's guaranteed to be always built in the "all" target, it's fine to do that.
All of the .o files are only built once thanks to this change.
2019-10-07 09:19:18 -04:00
Gilles Peskine f70d3eb43a Uncomment X509 test that now works
The test failed due to an ASN.1 bug that the latest crypto submodule
update fixed.
2019-10-04 19:24:37 +02:00
Gilles Peskine e96658d3f5 Update error.c after a crypto submodule update 2019-10-04 19:23:00 +02:00
Gilles Peskine 714c3e1a0e Update crypto submodule
* #277: Improve speed of PBKDF2 by caching the digest state of the passphrase
* #269: Add PSA API versioning
* #278: Fix on target test issues
* #286: Fix defgroup syntax for API version section
* #75: ASN.1 tests without x509
2019-10-04 19:21:07 +02:00
Jaeden Amero 74692aeb8c Merge remote-tracking branch 'origin/pr/2488' into development
* origin/pr/2488:
  Change X.509 test cases to not rely on asn1parse limitations
2019-10-02 18:01:57 +01:00
Jaeden Amero 230b87a1ea Merge remote-tracking branch 'origin/pr/2843' into development
* origin/pr/2843: (26 commits)
  Make hyperlink a hyperlink in every markdown flavor
  Update the crypto submodule to be the same as development
  Document test case descriptions
  Restore MBEDTLS_TEST_OUTCOME_FILE after test_default_out_of_box
  ssl-opt.sh: Fix some test case descriptions
  Reject non-ASCII characters in test case descriptions
  Process input files as binary
  Factor description-checking code into a common function
  Fix cosmetic error in warnings
  Fix regex matching run_test calls in ssl-opt.sh
  all.sh: run check-test-cases.py
  Better information messages for quick checks
  Fix configuration short name in key-exchanges.pl
  Make test case descriptions unique
  New test script check-test-cases.py
  Document the test outcome file
  Create infrastructure for architecture documents in Markdown
  all.sh --outcome-file creates an outcome file
  Set meaningful test configuration names when running tests
  ssl-opt: remove semicolons from test case descriptions
  ...
2019-10-02 18:01:32 +01:00
Gilles Peskine 7334462278 Make hyperlink a hyperlink in every markdown flavor 2019-10-01 10:36:10 +02:00
Gilles Peskine 013ba71c2b Update the crypto submodule to be the same as development 2019-09-27 20:33:33 +02:00
Gilles Peskine e94bc87ebe Document test case descriptions 2019-09-27 20:24:33 +02:00
Gilles Peskine 717cd76e8a Restore MBEDTLS_TEST_OUTCOME_FILE after test_default_out_of_box
Since components run in the main process, unsetting
MBEDTLS_TEST_OUTCOME_FILE unset it in subsequent components as well.
To avoid this, save and restore the value.

(Making each component run in a subshell would be a better solution,
but it would be a much bigger change.)
2019-09-27 20:24:33 +02:00
Gilles Peskine bdcca14076 Merge remote-tracking branch 'upstream-public/pr/2858' into development 2019-09-27 11:08:51 +02:00
irwir 89af51ff39 Resolve #2801 - remove repetitive assignment to ssl->in_msg (the first value was never used) 2019-09-26 21:04:56 +03:00
irwir 734f0cf65e Resolve #2800 - move declaration to avoid unused variable warning in case MBEDTLS_SSL_PROTO_DTLS was undefined 2019-09-26 21:03:24 +03:00
irwir 40883e91a6 Resolve #2717 - remove erroneous sizeof (the operator was applied to constant integer number) 2019-09-26 21:00:56 +03:00
Gilles Peskine 2a7030429b Update crypto submodule to support EAP-TLS key derivation
Update the crypto submodule to a version where
psa_key_derivation_input_bytes() can be used with
PSA_KEY_DERIVATION_INPUT_SECRET.
2019-09-26 15:32:27 +02:00
k-stachowiak bbc1c699fc Fix potential resource leak in sslserver2 example 2019-09-26 13:43:31 +02:00
k-stachowiak 20935ebd34 Fix buffer size in an AES example 2019-09-26 11:22:02 +02:00
Gilles Peskine 0d8b86a131 ssl-opt.sh: Fix some test case descriptions
Fix copypasta in some test cases with
MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES enabled.

Add unique suffix to the two
"DTLS fragmenting: proxy MTU: auto-reduction" test cases.
2019-09-24 19:21:20 +02:00
Gilles Peskine 57870e8c67 Reject non-ASCII characters in test case descriptions
Don't require that all the tools we use to process test outcomes are
Unicode-clean.
2019-09-24 19:21:20 +02:00
Gilles Peskine f12ad58a1d Process input files as binary
Don't die if there's a non-ASCII character and we're running in an
ASCII environment.
2019-09-24 19:21:20 +02:00
Gilles Peskine 32b9421f12 Factor description-checking code into a common function
Behavior change: some error messages are slightly different.
2019-09-24 19:21:20 +02:00
Gilles Peskine 283df2e90c Fix cosmetic error in warnings 2019-09-24 19:21:20 +02:00
Gilles Peskine 168858f52d Fix regex matching run_test calls in ssl-opt.sh
No descriptions were processed before due to bugs in the regex.

Support \" inside double-quoted strings.
2019-09-24 19:21:19 +02:00
Gilles Peskine 895868bc82 all.sh: run check-test-cases.py 2019-09-24 19:21:19 +02:00
Gilles Peskine 600bb694ac Better information messages for quick checks
Call them "check" rather than "test" to distinguish them from tests
that build and run code, and for consistency with the component names.
2019-09-24 19:21:19 +02:00
Gilles Peskine a9478bab08 Fix configuration short name in key-exchanges.pl
This is testing with $kex, not without $kex, so use $kex, not "-$kex".

In test-ref-configs.pl, use $conf rather than "$conf". This is purely
a matter of Perl coding style.
2019-09-24 19:21:19 +02:00
Gilles Peskine 7a020f3d10 Make test case descriptions unique
Remove one test case which was an exact duplicate.

Tweak the description of two test cases that had the same description.
2019-09-24 19:21:19 +02:00
Gilles Peskine ba94b58127 New test script check-test-cases.py
This script checks test case descriptions in test_suite_*.data and
ssl-opt.sh.

It reports the following issues:
* Error: forbidden character in a test case description.
* Error: Duplicate test description.
* Warning: Test description is too long.
2019-09-24 19:21:19 +02:00
Gilles Peskine 508caf528a Document the test outcome file 2019-09-24 19:21:19 +02:00
Gilles Peskine d46b0869f4 Create infrastructure for architecture documents in Markdown 2019-09-24 19:21:19 +02:00
Gilles Peskine 67ffdafde6 all.sh --outcome-file creates an outcome file
By default, remove the outcome file before starting. With
--append-outcome, append to the existing outcome file if there is one.
2019-09-24 19:21:19 +02:00
Jaeden Amero d1798b4f91 Merge remote-tracking branch 'origin/pr/2821' into development
* origin/pr/2821:
  Update notification e-mail address
  Remove blocked branches
  Update Coverity secure token
2019-09-23 17:29:07 +01:00
Jaeden Amero c21a9f04f9 Merge remote-tracking branch 'origin/pr/2765' into development
* origin/pr/2765: (28 commits)
  Add set+get tests
  Consolidate tests for set with/without values
  config.py testing: also test the get command
  Compatibility redirect: add copyright notice
  Compatibility redirect: if python3 is not available, try python
  Fix config.py output when a symbol has acquired or lost a value
  Remove redundant test case
  cmake: update interpreter requirement for the test suite generator
  cmake: fix Python requirement
  Test script for config.py
  Documentation improvements
  Fix "#define ... not found" error when using the default file name
  Fix "--force set" without a value sneaking a None in
  Fix --force requiring an argument
  Fix Config.unset() making the name known
  Also search config.h near the script
  Report an error if switching to Python fails
  Fix 'config.py set' without --force
  Fix encoding errors
  Print help when invoked with no arguments
  ...
2019-09-23 17:27:44 +01:00
Gilles Peskine 311f54d0ee tls_prf: support an empty master secret
In TLS, the master secret is always a key. But EAP-TLS uses the TLS
PRF to derive an IV with an empty string for the "secret" input. The
code always stored the secret into a key slot before calling the TLS
PRF, but this doesn't work when the secret is empty, since PSA Crypto
no longer supports empty keys. Add a special case for an empty secret.
2019-09-23 18:19:22 +02:00
Gilles Peskine 16a25e005d Add set+get tests
The tests were not covering get for a symbol with a value. No symbol
has an uncommented value in the default config.h. (Actually there's
_CRT_SECURE_NO_DEPRECATE, but that's a bit of a hack that this script
is not expected to handle, so don't use it).

Add tests of "get FOO" after "set FOO" and "set FOO value", so that we
have coverage for "get FOO" when "FOO" has a value.
2019-09-19 12:19:24 +02:00