Commit graph

9279 commits

Author SHA1 Message Date
Raoul Strackx 75475d8465 Always revoke certificate on CRL
RFC5280 does not state that the `revocationDate` should be checked.

In addition, when no time source is available (i.e., when MBEDTLS_HAVE_TIME_DATE is not defined), `mbedtls_x509_time_is_past` always returns 0. This results in the CRL not being checked at all.

https://tools.ietf.org/html/rfc5280
Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com>
2020-08-26 11:42:52 +02:00
Gilles Peskine 14cb46de24
Merge pull request #3598 from makise-homura/mbedtls-2.16
Backport 2.16: Support building on e2k (Elbrus) architecture
2020-08-25 09:46:39 +02:00
makise-homura 8c3fa63f90 A different approach of signed-to-unsigned comparison
Suggested by @hanno-arm

Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-24 23:40:59 +03:00
Gilles Peskine d69edda8de
Merge pull request #3601 from gufe44/helpers-redirect-restore-output-2.16
[Backport 2.16] Fix bug in redirection of unit test outputs
2020-08-24 10:45:11 +02:00
gufe44 650ce76544 Fix bug in redirection of unit test outputs
Avoid replacing handle. stdout is defined as a macro on several platforms.

Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-23 22:38:51 +02:00
makise-homura 03b4ef6a05 Don't forget to free G, P, Q, ctr_drbg, and entropy
I might be wrong, but lcc's optimizer is curious about this,
and I am too: shouldn't we free allocated stuff correctly
before exiting `dh_genprime` in this certain point of code?

Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-23 00:41:59 +03:00
makise-homura 50f6a192b5 Backport e2k support to mbedtls-2.7
Covers commits ac2fd65, 0be6aa9, e74f372, e559550
from `development` branch

Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-23 00:39:15 +03:00
Gilles Peskine 0ac8a78aa7
Merge pull request #3593 from mpg/fix-compat.sh-with-ubuntu-16.04-gnutls-2.16
[backport 2.16] Fix compat.sh with ubuntu 16.04 gnutls
2020-08-21 14:18:33 +02:00
Manuel Pégourié-Gonnard 300e1b3a6f compat.sh: stop using allow_sha1
After the changes of certificates, it's no longer needed.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-21 13:01:17 +02:00
Manuel Pégourié-Gonnard 91615cf7ff compat.sh: quit using SHA-1 certificates
Replace server2.crt with server2-sha256.crt which, as the name implies, is
just the SHA-256 version of the same certificate.

Replace server1.crt with cert_sha256.crt which, as the name doesn't imply, is
associated with the same key and just have a slightly different Subject Name,
which doesn't matter in this instance.

The other certificates used in this script (server5.crt and server6.crt) are
already signed with SHA-256.

This change is motivated by the fact that recent versions of GnuTLS (or older
versions with the Debian patches) reject SHA-1 in certificates by default, as
they should. There are options to still accept it (%VERIFY_ALLOW_BROKEN and
%VERIFY_ALLOW_SIGN_WITH_SHA1) but:

- they're not available in all versions that reject SHA-1-signed certs;
- moving to SHA-2 just seems cleaner anyway.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-21 13:01:17 +02:00
Manuel Pégourié-Gonnard 0e7bdd1340 compat.sh: enable CBC-SHA-2 suites for GnuTLS
Recent GnuTLS packages on Ubuntu 16.04 have them disabled.

From /usr/share/doc/libgnutls30/changelog.Debian.gz:

gnutls28 (3.4.10-4ubuntu1.5) xenial-security; urgency=medium

  * SECURITY UPDATE: Lucky-13 issues
    [...]
    - debian/patches/CVE-2018-1084x-4.patch: hmac-sha384 and sha256
      ciphersuites were removed from defaults in lib/gnutls_priority.c,
      tests/priorities.c.

Since we do want to test the ciphersuites, explicitly re-enable them in the
server's priority string. (This is a no-op with versions of GnuTLS where those
are already enabled by default.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-21 13:01:16 +02:00
Gilles Peskine 2dcd0674e6
Merge pull request #3582 from bensze01/license-2.16
2.16 only: Fix license header in pre-commit hook
2020-08-20 09:43:56 +02:00
Bence Szépkúti 2645bcc709 Fix license header in pre-commit hook
The file was not updated to include the GPL 2.0+ header as well when it
was backported.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-08-19 17:54:47 +02:00
danh-arm 2823efabc8
Merge pull request #3580 from bensze01/copyright-2.16
[Backport 2.16] Update copyright notices to use Linux Foundation guidance
2020-08-19 16:31:50 +01:00
Bence Szépkúti a2947ac7bb Update copyright notices to use Linux Foundation guidance
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.

Also remove the now-redundant lines declaring that the files are part of
MbedTLS.

This commit was generated using the following script:

# ========================
#!/bin/sh

# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '

# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I

# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-08-19 16:37:36 +02:00
Manuel Pégourié-Gonnard daba4f67cc
Merge pull request #3555 from mpg/x509-verify-non-dns-san-2.16
[Backport 2.16]  X509 verify non-DNS SANs
2020-08-18 10:02:08 +02:00
Manuel Pégourié-Gonnard b9c64e4538
Merge pull request #3558 from gufe44/net-sockets-fixes-2.16
[Backport 2.16] NetBSD 9.0 build fixes
2020-08-18 09:13:30 +02:00
Manuel Pégourié-Gonnard 5bfa623e9b
Merge pull request #3565 from mpg/improve-ssl-opt-logs-2.16
[Backport 2.16] Improve ssl-opt.sh logs
2020-08-17 12:05:16 +02:00
gufe44 19735b69b8 Fix building on NetBSD 9.0
Fixes #2310

Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-17 07:31:06 +02:00
Manuel Pégourié-Gonnard 62870c9a7e Remove obsolete buildbot reference in compat.sh
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard a1919ad6e0 Fix misuse of printf in shell script
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard 7442f843d5 Fix added proxy command when IPv6 is used
For explicit proxy commands (included with `-p "$P_PXY <args>` in the test
case), it's the test's writer responsibility to handle IPv6; only fix the
proxy command when we're auto-adding it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard 581af9f720 Simplify test syntax
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard bedcb3eb24 Fix logic error in setting client port
We need to do this after we possibly added the proxy.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard cbd5c03343 ssl-opt.sh: include test name in log files
This is a convenience for when we get log files from failed CI runs, or attach
them to bug reports, etc.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard e63fc6d52b ssl-opt.sh: remove old buildbot-specific condition
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Manuel Pégourié-Gonnard fcf6c16470 ssl-opt.sh: add proxy to all DTLS tests
A lot of DTLS test are timing-sensitive, especially those that contain
assertions about retransmission. Sometimes some DTLS test fails intermittently
on the CI with no clear apparent reason; we need more information in the log
to understand the cause of those failures.

Adding a proxy means we'll get timing information from the proxy logs.

An alternative would be to add timing information to the debug output of
ssl_server2 and ssl_client2. But that's more complex because getting
sub-second timing info is outside the scope of the C standard, and our current
timing module only provides a APi for sub-second intervals, not absolute time.
Using the proxy is easier as it's a single point that sees all messages, so
elapsed time is fine here, and it's already implemented in the proxy output.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-14 11:00:40 +02:00
Gilles Peskine 9acf943b98
Merge pull request #3560 from gufe44/netbsd-rand-arc4random_buf-2.16
[Backport 2.16] Use arc4random_buf instead of rand on NetBSD
2020-08-13 15:27:53 +02:00
Gilles Peskine 1505e42de9
Merge pull request #3548 from mpg/check-generated-files-2.16
[Backport 2.16] Add update option to check-generated-files
2020-08-13 11:24:26 +02:00
gufe44 ba5cba838c Log change as bugfix
Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-13 06:46:57 +02:00
gufe44 d5f8c26e01 Add changelog entry
Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-13 06:46:04 +02:00
gufe44 3fa7c64edf Use arc4random_buf instead of rand on NetBSD
Avoid old implementation of rand returning numbers with cyclical lower bits. Allow tests to pass.

Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-13 06:45:27 +02:00
Gilles Peskine de7e03688d
Merge pull request #3489 from CodeMonkeyLeet/mbedtls-2.16_backport_3464
Backport 2.16: PR #3464 Dynamically allocate requested CSR write buffer size
2020-08-12 18:22:22 +02:00
Manuel Pégourié-Gonnard 58c8da2d7e Add test: DNS names should not match IP addresses
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-11 12:51:21 +02:00
Manuel Pégourié-Gonnard dfd517234d
Merge pull request #3488 from CodeMonkeyLeet/mbedtls-2.16_backport_2632
Backport 2.16: PR #2632 Avoid use of large stack buffers in CRT writing
2020-08-11 10:32:18 +02:00
Manuel Pégourié-Gonnard c703cf1aec Add a pre-commit hook that checks generated files
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-10 12:56:08 +02:00
Manuel Pégourié-Gonnard 9ad5128324 Add -u option to check-generated-files.sh
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-10 12:56:08 +02:00
Simon Leet a242f50acd Classify #3464 ChangeLog entry as Bugfix
Signed-off-by: Simon Leet <simon.leet@microsoft.com>
2020-07-18 01:14:00 +00:00
Simon Leet 1535a43149 Revise comments for x509write_csr_der_internal
Address remaining PR comments for #2118
- Add ChangeLog.d/x509write_csr_heap_alloc.txt.
- Fix parameter alignment per Gille's recommendation.
- Update comments to more explicitly describe the manipulation of buf.
- Replace use of `MBEDTLS_MPI_MAX_SIZE` as `sig` buffer size for
  call to `x509write_csr_der_internal()` with more intuitive
  `MBEDTLS_PK_SIGNATURE_MAX_SIZE`.
- Update `mbedtls_x509write_csr_der()` to return
  `MBEDTLS_ERR_X509_ALLOC_FAILED` on mbedtls_calloc error.

Signed-off-by: Simon Leet <simon.leet@microsoft.com>
2020-07-10 18:23:56 +00:00
Doru Gucea afc2717e84 Avoid stack-allocation of large memory buffers
Using a stack-buffer with a size > 2K could easily produce a stack
overflow for an embedded device which has a limited stack size.
This commit dynamically allocates the large CSR buffer.

This commit avoids using a temporary buffer for storing the OIDs.
A single buffer is used:
a) OIDs are written backwards starting with the end of the buffer;
b) OIDs are memmove'd to the beginning of the buffer;
c) signature over this OIDs is computed and written backwards from the
end of the buffer;
d) the two memory regions are compacted.

Signed-off-by: Doru Gucea <doru-cristian.gucea@nxp.com>
2020-07-10 18:19:23 +00:00
Hanno Becker f90597f21e Adapt ChangeLog 2020-07-10 18:00:25 +00:00
Hanno Becker c33e92189a Avoid use of large stack buffers in mbedtls_x509_write_crt_pem()
This commit rewrites mbedtls_x509write_crt_pem() to not use
a statically size stack buffer to temporarily store the DER
encoded form of the certificate to be written.

This is not necessary because the DER-to-PEM conversion
accepts overlapping input and output buffers.
2020-07-10 17:52:40 +00:00
Hanno Becker cfc77d49bd Improve documentation of mbedtls_pem_write_buffer()
In particular, mention that it supports overlapping input and
output buffers.
2020-07-10 17:52:20 +00:00
Hanno Becker eeea9ead3c Perform CRT writing in-place on the output buffer
The CRT writing routine mbedtls_x509write_crt_der() prepares the TBS
(to-be-signed) part of the CRT in a temporary stack-allocated buffer,
copying it to the actual output buffer at the end of the routine.

This comes at the cost of a very large stack buffer. Moreover, its size
must be hardcoded to an upper bound for the lengths of all CRTs to be
written through the routine. So far, this upper bound was set to 2Kb, which
isn't sufficient some larger certificates, as was reported e.g. in #2631.

This commit fixes this by changing mbedtls_x509write_crt_der() to write
the certificate in-place in the output buffer, thereby avoiding the use
of a statically sized stack buffer for the TBS.

Fixes #2631.
2020-07-10 17:51:54 +00:00
Hanno Becker beaf396619 Adapt x509write_crt.c to coding style
Avoid lines longer than 80 characters and fix indentation.
2020-07-10 17:50:42 +00:00
Gilles Peskine a586099fd3
Merge pull request #3475 from gilles-peskine-arm/rename-check_files-2.16
Backport 2.16: Rename Python scripts to use '_' and not '-'
2020-07-03 15:12:52 +02:00
Gilles Peskine ee69477890 Rename Python scripts to use '_' and not '-'
You can't import a Python script whose name includes '-'.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 12:06:46 +02:00
Janos Follath 5b6bebe2de
Merge pull request #714 from ARMmbed/merge-2.16.7-release-to-mbedtls-2.16
Merge 2.16.7 release to mbedtls 2.16
2020-07-01 14:44:25 +01:00
Janos Follath 15a7cd1052 Merge tag 'mbedtls-2.16.7' into merge-2.16.7-release-to-mbedtls-2.16
Mbed TLS 2.16.7
2020-07-01 11:34:02 +01:00
Janos Follath abc460236f
Merge pull request #711 from ARMmbed/mbedtls-2.16.7r0-pr
Prepare Release Candidate for Mbed TLS 2.16.7
2020-06-30 12:08:32 +01:00