Commit graph

4249 commits

Author SHA1 Message Date
Hanno Becker 3169dad48b Add unit tests for TLS 1.3 record encryption
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-28 10:32:23 +01:00
Hanno Becker a711f6e277 Add 'build+unit test' test for experimental TLS 1.3 code to all.sh
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-28 10:32:23 +01:00
Gilles Peskine 30e0bb4a24 Run assemble_changelog.py in all.sh
Avoid nasty surprises where it would fail when we want to make a release.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:55:10 +02:00
Gilles Peskine 344da1cbd3 Some .pem files are openssl output and have tabs and that's ok
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:55:10 +02:00
Gilles Peskine d2df86f005 .dsw files are Visual Studio stuff
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:55:09 +02:00
Gilles Peskine 12b180a0b9 Permit empty files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:55:09 +02:00
Gilles Peskine ee40e76943 Normalize line endings
Convert all text files to Unix line endings unless they're Windows
stuff.

Make sure that all text files have a trailing newline.

Remove whitespace at the end of lines.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:55:08 +02:00
Gilles Peskine 3e2ee3cedc Check only files checked into Git
We're only interested in files that are committed and pushed to be
included in Mbed TLS, not in any other files that may be lying around.
So ask git for the list of file names.

This script is primarily intended to run on the CI, and there it runs
on a fresh Git checkout plus potentially some other checkouts or
leftovers from a previous part of the CI job. It should also run
reasonably well on developer machines, where there may be various
additional files. In both cases, git is available.

Ad hoc directory exclusions are no longer needed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine d4a853dbd7 Exclude binary files from text checks
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine 0598db84c3 Regex mechanism for check-specific exemptions
Suffixes are convenient but not always sufficient.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine c1d1b669db Check all files by default
Have an explicit list of exemptions for specific checks rather than
whitelisting files to check. Some checks, such as permissions, should
apply to all files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine 05a51a8a72 More accurate variable name
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Koh M. Nakagawa 46b8782a72 fix mbedtls_x509_dn_gets to escape non-ASCII characters
Signed-off-by: Koh M. Nakagawa <tsunekou1019@gmail.com>
2020-05-21 01:56:55 +09:00
Jonas 923d579369 Add test cases to check rng failure
Signed-off-by: Jonas <jonas.lejeune4420@gmail.com>
2020-05-13 14:25:47 +09:00
Gilles Peskine 344e15b010 Update SE support to pass a location when registering a driver
Now that lifetimes have structures and secure element drivers handle
all the lifetimes with a certain location, update driver registration
to take a location as argument rather than a lifetime.

This commit updates the tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:15:26 +02:00
Gilles Peskine d9f694960f
Merge pull request #3190 from gilles-peskine-arm/config-full-clarify-development
Clarify that the full config enables everything that can be tested together
2020-05-04 12:29:09 +02:00
Gilles Peskine 39461b04f6
Merge pull request #3218 from gilles-peskine-arm/travis-rationalize
Rationalize Travis builds
2020-05-04 12:10:51 +02:00
Gilles Peskine 18487f62d8 all.sh: on arm builds (GCC or Arm Compiler), show the code size
Just show the code size in the logs, for human consumption.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-30 23:14:08 +02:00
Gilles Peskine 6e2fb86c1e all.sh: add a Cortex-M0+ build
It's pretty fast and adds a little variety.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-30 23:14:08 +02:00
Gilles Peskine 6537588d76 all.sh: build_arm_none_eabi_gcc: do optimize
Otherwise the bignum assembly code is not used.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-30 23:14:04 +02:00
Gilles Peskine 6d06134e93 Rename --arm-gcc-prefix to --arm-none-eabi-gcc-prefix
This is supposed to be for GCC (or a compiler with a compatible
command line interface) targeting arm-none-eabi, so name it
accordingly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-30 18:41:35 +02:00
Gilles Peskine dd2feead99
Merge pull request #3229 from gabor-mezei-arm/development
Fix spurious message about outcome file when running all.sh
2020-04-30 18:01:18 +02:00
Gilles Peskine 8386ea22b2 all.sh: explain the testing around deprecated features
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-30 09:07:29 +02:00
Gilles Peskine af387e0ce1 check-files: support Windows .bat files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-26 00:43:56 +02:00
Gilles Peskine 60f267bb1e all.sh: make the arm-gcc cross-compiler prefix configurable
Make it possible to use a compiler that isn't in $PATH, or that's
installed with a different name, or even a compiler for a different
target such as arm-linux-gnueabi.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-25 22:34:28 +02:00
Gilles Peskine 97bea01ff4 all.sh: run selftest in the full config and with ASan
Almost everything the selftest program does is in the test suites. But
just in case run the selftest program itself once in the full
configuration, and once in the default configuration with ASan, in
addition to running it out of box.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-25 22:34:23 +02:00
Kenneth Soerensen 518d435e7b Fix GCC format-signedness warnings
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2020-04-22 16:01:48 +02:00
gabor-mezei-arm 88d7eee00b Check for empty string in outcome file name
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-04-22 11:07:34 +02:00
Gilles Peskine 30de2e84ef Make no_deprecated naming more consistent
Use "no_deprecated" both in the name of the configuration and in the
name of all.sh components, rather than a mixture of "no_deprecated"
and "non_deprecated".

Make all.sh component names more consistent.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 21:39:22 +02:00
Jaeden Amero 3a7ca1d0cb
Merge pull request #3194 from piotr-now/serialized_to_file
Saving the serialized context to a file
2020-04-20 15:50:12 +01:00
Gilles Peskine 1093d9f9af all.sh: reorganize testing around deprecated features
build_deprecated combined the testing of deprecated features, and
testing of the build without deprecated features. Also, it violated the
component naming convention by being called build_xxx but running tests.

Replace it by:
* test_default_no_deprecated: check that you can remove deprecated
  features from the default build.
* test_full_no_deprecated: check that the library builds when deprecated
  features are disabled (and incidentally that the tests run).
* test_no_deprecated_warning: check that there are no warnings when
  deprecated features are disabled and MBEDTLS_DEPRECATED_WARNING
  is enabled.
* test_deprecated: test the deprecated features.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:46:56 +02:00
Gilles Peskine 3a584aecca Enable SSLv3 in the full config
It's deprecated, but not otherwise counter-indicated for the full
config: it doesn't conflict with anything and enabling it doesn't make
testing harder (especially since it defaults off in compat.sh).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:36 +02:00
Gilles Peskine e094a18f6b Strict C99: check it in the full config
Ensure that there is a build with -pedantic in the full config, not
just in "exotic" configurations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:36 +02:00
Gilles Peskine 31f88a29de Strict C99: make sure that fileno() is declared
<stdio.h> only declares the non-ISO-C function fileno() if an
appropriate POSIX symbol is defined or if using a compiler such as GCC
in non-pedantic mode. Define the appropriate POSIX symbol.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:36 +02:00
Gilles Peskine dc6d838a73 Enable MBEDTLS_PSA_CRYPTO_SE_C in config full
It started out as be experimental, but it is now robust enough not to
break the rest, so there's no reason to leave it out.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-20 15:39:32 +02:00
Gilles Peskine b72df54f9b
Merge pull request #2840 from k-stachowiak/check-bounds-of-test-intex-in-suites
Add lower bound check to function index lookup
2020-04-20 15:19:55 +02:00
Gilles Peskine 5a2710e9af
Merge pull request #3120 from gilles-peskine-arm/check-windows-files
Check Windows files for sanity as well
2020-04-20 13:59:27 +02:00
Gilles Peskine bb6b163cb0
Merge pull request #3162 from mpg/sort-lists
Improve formatting of lists in Makefile, CMakeLists.txt and .gitignore
2020-04-20 10:16:32 +02:00
Gilles Peskine 5c34ee14d3
Merge pull request #3118 from gilles-peskine-arm/pylint-up-to-2.4-development
Pass Pylint up to 2.4
2020-04-20 09:47:40 +02:00
Piotr Nowicki 3de298f18f Saving the serialized context to a file
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-17 16:26:43 +02:00
Manuel Pégourié-Gonnard 6f830251a1 Sort lists in CMakeLists.txt files
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:58:54 +02:00
Gilles Peskine 5f69cbe2cc
Merge pull request #3155 from ronald-cron-arm/unmet-dependencies-buffer-overflow-fix
Unmet dependencies buffer overflow fix
2020-04-17 10:08:14 +02:00
Jaeden Amero 31f4cd9de2
Merge pull request #3192 from AndrzejKurek/max_pathlen_overflow
Guard from undefined behaviour in case of an INT_MAX max_pathlen
2020-04-16 16:29:44 +01:00
Jaeden Amero ed9e4779ab
Merge pull request #3127 from piotr-now/ssl_base64_dump
Add program for deserializing from base64 code
2020-04-16 12:00:25 +01:00
Piotr Nowicki 9978e6ee14 Add tests for the ssl_context_info program
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-15 16:21:36 +02:00
Andrzej Kurek 1605074f97
Guard from undefined behaviour in case of an INT_MAX max_pathlen
When parsing a certificate with the basic constraints extension
the max_pathlen that was read from it was incremented regardless
of its value. However, if the max_pathlen is equal to INT_MAX (which
is highly unlikely), an undefined behaviour would occur.
This commit adds a check to ensure that such value is not accepted
as valid. Relevant tests for INT_MAX and INT_MAX-1 are also introduced.
Certificates added in this commit were generated using the
test_suite_x509write, function test_x509_crt_check. Input data taken 
from the "Certificate write check Server1 SHA1" test case, so the generated
files are like the "server1.crt", but with the "is_ca" field set to 1 and
max_pathlen as described by the file name.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-15 06:15:45 -04:00
Gilles Peskine 6710e15921 Enable X509_ALLOW_EXTENSIONS_NON_V3 in config full and fix tests
Enable MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 in the full config. There's
no reason to keep it out. We weren't testing it at all on the CI.

Add a missing dependency on !MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 to
some test cases that either were testing that v3 extensions are only
accepted in v3 certificates, or where parsing returns a different
error when MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 is enabled.

Add a few positive and negative test cases with
MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 enabled.

Fix one test case with MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 where the
intended output of mbedtls_x509_crt_info had changed in
890819a597 but the test case was missed
because it was never executed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-14 21:32:53 +02:00
Gilles Peskine 72d40fc6ca Fix build failure with MBEDTLS_PLATFORM_NV_SEED_ALT
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-14 21:32:53 +02:00
Gilles Peskine 32e889dfc3 Document and fix the MBEDTLS_xxx_ALT logic for the full config
The intended logic around MBEDTLS_xxx_ALT is to exclude them from full
because they require the alternative implementation of one or more
library functions, except that MBEDTLS_PLATFORM_xxx_ALT are different:
they're alternative implementations of a platform function and they
have a built-in default, so they should be included in full. Document
this.

Fix a bug whereby MBEDTLS_PLATFORM_xxx_ALT didn't catch symbols where
xxx contains an underscore. As a consequence,
MBEDTLS_PLATFORM_GMTIME_R_ALT and MBEDTLS_PLATFORM_NV_SEED_ALT are now
enabled in the full config. Explicitly exclude
MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT because it behaves like the
non-platform ones, requiring an extra build-time dependency.
Explicitly exclude MBEDTLS_PLATFORM_NV_SEED_ALT from baremetal
because it requires MBEDTLS_ENTROPY_NV_SEED, and likewise explicitly
unset it from builds that unset MBEDTLS_ENTROPY_NV_SEED.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-14 21:23:48 +02:00
Janos Follath ac15f842a5 Merge remote-tracking branch 'restricted/pr/684' into mbedtls-2.22.0r0 2020-04-14 08:16:27 +01:00
Gilles Peskine e0c84ac4d2 Pylint: explicitly note why we're doing an unchecked subprocess.run
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine 8b022359e8 Pylint: minor code simplifications
Simplify the code in minor ways. Each of this changes fixes a warning
from Pylint 2.4 that doesn't appear with Pylint 1.7.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine 184c096e95 Pylint: abide by useless-object-inheritance warnings
Inheriting from object is a remainder of Python 2 habits and is just
clutter in Python 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine dd4c1c6fe7 mbedtls_test.py: drop compatibility with Python 2
Python 2 is no longer supported upstream. Actively drop compatibility
with Python 2.

Removing the inheritance of a class on object pacifies recent versions
of Pylint (useless-object-inheritance).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine aaee444c68 Document more methods in Python scripts
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine c877c24ed0 Enable extra features that have tests
The "full" configuration excludes some deprecated or experimental
features. Enable the ones that have tests, don't have extra
requirements and don't turn off some other feature.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:52 +02:00
Gilles Peskine b3d0bab10b MBEDTLS_MEMORY_BACKTRACE is no longer included in the full config
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:52 +02:00
Gilles Peskine 40be51ffe3 Add a few echo statements to make the logs easier to follow
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:50 +02:00
Gilles Peskine bfcb6e16ab Create a large enough seedfile
The seedfile needs to have the size of the entropy accumulator, which
is 64 bytes (512 bits) since the entropy accumulator uses SHA-512 and
the seed size needs to be the same as the hash output (or larger).

We used to enable MBEDTLS_ENTROPY_FORCE_SHA256 in the full config, so
the entropy accumulator was 256 bits (32 bytes), and therefore a
32-byte seedfile worked. But we no longer turn on this option in the
full config, so the 32-byte seedfile no longer works.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:09 +02:00
Gilles Peskine 5757d54261 If 'make lcov' failed, exit immediately
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:02 +02:00
Gilles Peskine ca51b474dc Note that we keep going even if some tests fail
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:00 +02:00
Gilles Peskine 6d6ee98c14 Exit with a failure status if some tests failed
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-09 18:28:14 +02:00
Jaeden Amero 66e21efe47
Merge pull request #3163 from AndrzejKurek/variable-buffers-renegotiation
Variable buffers & renegotiation - fixes
2020-04-09 12:11:02 +01:00
Andrzej Kurek 8ea6872889
Improve pointer calculations when resizing I/O buffers
This commit introduces two changes:
- Add in_msg and out_msg calculations for buffer upsizing. This was previously
considered as unnecessary, but renegotiation using certain ciphersuites needs
this.
- Improving the way out_msg and in_msg pointers are calculated, so that even 
if no resizing is introduced, the pointers remain the same;

New tests added:
- various renegotiation schemes with a range of MFL's and ciphersuites;
- an ssl-opt.sh test exercising two things that were problematic: renegotiation
with TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 and a server MFL that's smaller
than the one negotiated by the client.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:33:00 -04:00
Andrzej Kurek 90c6e84a9c
Split the maximum fragment length into two - an input and output MFL
Since the server might want to have a different maximum fragment length
for the outgoing messages than the negotiated one - introduce a new way of
computing it. This commit also adds additional ssl-opt.sh tests ensuring
that the maximum fragment lengths are set as expected. 
mbedtls_ssl_get_max_frag_len() is now a deprecated function,
being an alias to mbedtls_ssl_get_output_max_frag_len(). The behaviour
of this function is the same as before.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:30:34 -04:00
Janos Follath 876e0259d5 Bump version to Mbed TLS 2.22.0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 17:15:18 +01:00
Gilles Peskine 3124164f81
Merge pull request #3132 from mpg/fix-reconnect
Fix issues in handling of client reconnecting from the same port
2020-04-02 19:21:01 +02:00
Ronald Cron 67a8a37b91 unit test: Indicate missing unmet dependencies
The identifiers of the unmet dependencies of a test case are
stored in a buffer of fixed size that can be potentially to
small to store all the unmet dependencies. Indicate in test
reports if some unmet dependencies are missing.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-04-02 14:18:49 +02:00
Ronald Cron e1a05a534a unit tests main: Fix potential buffer overflow
Fix potential buffer overflow when tracking the unmet dependencies
of a test case. The identifiers of unmet dependencies are stored
in an array of fixed size. Ensure that we don't overrun the array.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-04-02 14:18:26 +02:00
Gilles Peskine d703a2ee19 In Windows files, detect CR without LF as well as LF without CR
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 13:37:16 +02:00
Gilles Peskine 545e13f4c1 Check that Windows files have Windows line endings
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 11:09:52 +02:00
Gilles Peskine 2c61873a0d Also check Windows files
Check Windows files for some issues, including permissions. Omit the
checks related to special characters (whitespace, line endings,
encoding) as appropriate.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 11:09:52 +02:00
Gilles Peskine 5308f12fc6 Sort the list for easier maintenance
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 11:09:50 +02:00
Gilles Peskine 6a45d1e4ce List each item on a separate line for easier maintenance
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 11:08:46 +02:00
Gilles Peskine 6e8d5a00b2 Clarify confusion between file names and suffixes of file names
To test a file name exactly, prepend a / to the base name.

files_to_check actually checks suffixes, not file names, so rename it
to extensions_to_check.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 11:06:17 +02:00
Gilles Peskine 06725c985f Fix intermittent crash in test suites with outcome file enabled
Fix an intermittent crash when running test suites in non-verbose
mode (i.e. with -v off) and with the outcome file enabled. The
array unmet_dependencies was only filled in verbose mode, but was used
in write_outcome_result regardless.

Since unmet_dependencies only ever contains strings that are integers
written out in decimal, store the integer instead. Do this
unconditionally since it doesn't cost any extra memory.

It would be better to record the dependency names, both in the verbose
output and in the outcome file. But the dependency names are not
currently available at runtime.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-30 22:00:23 +02:00
Manuel Pégourié-Gonnard b6929891d6 Adjust timeout of tests with "no resend" assertions
There are currently 4 tests in ssl-opt.sh with either -C "resend" or -S
"resend", that is, asserting that no retransmission will occur. They sometimes
fail on loaded CI machines as one side doesn't send a message fast enough,
causing the other side to retransmit, causing the test to fail.

(For the "reconnect" test there was an other issue causing random failures,
fixed in a previous commit, but even after that fix the test would still
sometimes randomly fail, even if much more rarely.)

While it's a hard problem to fix in a general and perfect way, in practice the
probability of failures can be drastically reduced by making the timeout
values much larger.

For some tests, where retransmissions are actually expected, this would have
the negative effect of increasing the average running time of the test, as
each side would wait for longer before it starts retransmission, so we have a
trade-off between average running time and probability of spurious failures.

But for tests where retransmission is not expected, there is no such trade-off
as the expected running time of the test (assuming the code is correct most of
the time) is not impacted by the timeout value. So the only negative effect of
increasing the timeout value is on the worst-case running time on the test,
which is much less important, as test should only fail quite rarely.

This commit addresses the easy case of tests that don't expect retransmission
by increasing the value of their timeout range to 10s-20s. This value
corresponds to the value used for tests that assert `-S "autoreduction"` which
are in the same case and where the current value seems acceptable so far.

It also represents an increase, compared to the values before this commit, of
a factor 20 for the "reconnect" tests which were frequently observed to fail
in the CI, and of a factor 10 for the first two "DTLS proxy" tests, which were
observed to fail much less frequently, so hopefully the new values are enough
to reduce the probability of spurious failures to an acceptable level.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-27 10:50:05 +01:00
Manuel Pégourié-Gonnard baad2de6d8 Add negative test for hard reconnect cookie check
The server must check client reachability (we chose to do that by checking a
cookie) before destroying the existing association (RFC 6347 section 4.2.8).
Let's make sure we do, by having a proxy-in-the-middle inject a ClientHello -
the server should notice, but not destroy the connection.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-27 10:50:05 +01:00
Gilles Peskine 5d324b203a Merge remote-tracking branch 'upstream-crypto/development' into HEAD
Conflicts:
* .github/issue_template.md, .github/pull_request_template.md:
  The changes in Mbed Crypto are not relevant to Mbed TLS. Keep the
  mbedtls versions.
2020-03-25 15:47:43 +01:00
Jaeden Amero dfd5ea239d
Merge pull request #3117 from AndrzejKurek/null_buffer_tests
Increase test coverage by adding AES and CAMELLIA empty buffer tests
2020-03-25 18:04:48 +04:00
Gilles Peskine 3b310c69a5 Add a note to some invasive tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:55:48 +01:00
Gilles Peskine d414c32a16
Merge pull request #3113 from mpg/ssl-opt-names
Improve some test names in ssl-opt.sh
2020-03-24 19:48:09 +01:00
Gilles Peskine 13c95c4d74 Make check_python_files non-optional in all.sh
check_python_files was optional in all.sh because we used to have CI
machines where pylint wasn't available. But this had the downside that
check_python_files kept breaking because it wasn't checked in the CI.
Now our CI has pylint and check_python_files should not be optional.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 19:25:34 +01:00
Gilles Peskine 56e99d623d Make sure to use a Python 3 pylint
On some systems, such as Ubuntu up to 19.04, `pylint` is for Python 2
and `pylint3` is for Python 3, so we should not use `pylint` even if
it's available.

Use the Python module instead of the trivial shell wrapper. This way
we can make sure to use the correct Python version.

Fix #3111

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 19:23:41 +01:00
Andrzej Kurek 1b7a780e65
Increase test coverage by adding AES and CAMELLIA empty buffer tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-24 13:18:58 -04:00
Manuel Pégourié-Gonnard 9e2c80fa24 Improve some test names in ssl-opt.sh
- "Default" should only be used for tests that actually use the defaults (ie,
  not passing options on the command line, except maybe debug/dtls)
- All tests in the "Encrypt then MAC" group should start with that string as a
  common prefix

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-24 10:53:39 +01:00
Gilles Peskine 5e7d6fd240 Merge 'mbedtls/development' into merge-crypto-unremoved-20200304
Merge the latest state of the target branch (mbedtls/development) into the
pull request to merge mbed-crypto into mbedtls.

Conflicts:

* ChangeLog: add/add conflict. Resolve by using the usual section order.
2020-03-23 18:02:07 +01:00
Gilles Peskine 049fefff90 Add dependencies on !MBEDTLS_SHA512_NO_SHA384 to x509/ssl unit tests
Add dependencies on !MBEDTLS_SHA512_NO_SHA384 to X.509 and SSL unit
tests that use SHA-384 (identified based on having a description that
contains "SHA384" or "SHA-384").
2020-03-23 17:55:32 +01:00
Gilles Peskine 6eb45f99f0 Add missing dependency on MBEDTLS_CIPHER_MODE_CBC 2020-03-23 17:55:32 +01:00
Gilles Peskine 19e841e19f Fix warning about a potentially initialized variable
The variable drop_len is only used under conditions where it has been
initialized, but this is somewhat fragile and not obvious for a
compiler to see.
2020-03-23 17:55:32 +01:00
Gilles Peskine eccd888717 Rename identifiers containing double-underscore
Rename identifiers containing double-underscore (`__`) to avoid `__`.
The reason to avoid double-underscore is that all identifiers
containing double-underscore are reserved in C++. Rename all such
identifiers that appear in any public header, including ssl_internal.h
which is in principle private but in practice is installed with the
public headers.

This commit makes check-names.sh pass.

```
perl -i -pe 's/\bMBEDTLS_SSL__ECP_RESTARTABLE\b/MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED/g; s/\bMBEDTLS_KEY_EXCHANGE_(_\w+)_(_\w+)\b/MBEDTLS_KEY_EXCHANGE${1}${2}/g' include/mbedtls/*.h library/*.c programs/*/*.c scripts/data_files/rename-1.3-2.0.txt tests/suites/*.function
```
2020-03-23 17:55:32 +01:00
Gilles Peskine 7415f2fd12 Add comment to help syntax highlighting in editors
Restore this change which was accidentally reverted during the merge
of Mbed Crypto.
2020-03-23 17:55:32 +01:00
Gilles Peskine aae57bffd9 Remove remaining references to the crypto subdirectory 2020-03-23 17:55:31 +01:00
Gilles Peskine 4e616f893b Remove config-default.h
This file was the default mbedtls configuration in the mbedtls-psa
fork. It is no longer relevant.
2020-03-23 17:55:31 +01:00
Gilles Peskine a57a80e213 Restore full tls coverage to remaining scripts
Look for any other invocation of test scripts that was removed: look for a change that removes a line (`^-.*…`) containing one of the names of a test script (without its path because it may be used with a relative path). Look for `ssl-opt.sh` and `compat.sh`, as well any file in `tests/scripts` that only exists in tls.
```
git diff 'HEAD^{/^Merge}~1' HEAD --diff-filter=M -- . ':!library/error.c' ':!library/version_features.c' ':!programs/test/query_config.c' ':!visualc' ':!*.pdf' ':!*.der' | grep -E "^-.*($(comm -23 <(git ls-tree -r --name-only 'HEAD^{/^Merge}~1') <(git ls-tree -r --name-only $(git merge-base upstream-crypto/development 'HEAD^{/^Merge}^2')) | sed -n 's!^tests/scripts/!!p' | sed 's/\./\\./g' | tr '\n' '|')ssl-opt\.sh|compat\.sh)" | grep -v '^---'
```
This only turns up changes in `basic-in-docker.sh`.
2020-03-23 17:55:31 +01:00
Gilles Peskine 636c26ad75 Restore full tls coverage to all.sh
The merge of mbed-crypto removed some tls coverage. Restore it. Also
remove references to the `crypto` subdirectory brought by the mbedtls
side of the merge. In more detail:

* `tests/scripts/all.sh`:
    * `fuzz` in comments (×2): restore it.
    * `CTEST_OUTPUT_ON_FAILURE=1`: don't remove it.
    * `cd crypto` for `make clean`: don't restore it.
    * `cleanup`: do restore `programs/fuzz/Makefile`. Don't go into `crypto`. Keep only one copy of the calls to `rm` in `cmake_subproject`.
    * Comment legacy options: don't remove it.
    * `crypto/Makefile` and `pre_check_seedfile`: don't restore either. See below regarding the lack of need for `pre_check_seedfile`.
    * blank line in `pre_print_configuration`: restore it.
    * blank line before `#### Build and test`: restore it.
    * SSL tests in `component_test_full_cmake_gcc_asan` and zlib components: restore it.
    * `component_test_no_pem_no_fs` (×2): the merge placed two copies in different locations. Reconcile them: unset PSA storage like in crypto, and call `ssl-opt.sh` like in tls. Put the merged version at the tls location.
    * `component_test_everest`: do add it at the tls location.
    * `component_test_small_mbedtls_ssl_dtls_max_buffering`: restore the tls value.
    * `component_test_new_ecdh_context`…: move `component_test_new_ecdh_context` before `component_test_everest` and add a calls to `compat.sh` and `ssl-opt.sh` like in `component_test_everest`. Remove the redundant crypto-only `component_test_everest`. Don't remove `component_test_psa_collect_statuses`.
    * `component_test_full_cmake_clang`: don't remove `clang` in the `msg` call. Don't remove the call to `test_psa_constant_names.py`.
    * `component_test_full_make_gcc_o0`: remove it. It's subsumed by `component_test_gcc_opt`.
    * `component_build_deprecated`: don't remove anything.
    * `component_test_memory_buffer_allocator`: restore `ssl-opt.sh`.
    * `component_test_when_no_ciphersuites_have_mac`: restore it.
    * `component_test_platform_calloc_macro`: don't restore `unset MBEDTLS_MEMORY_BUFFER_ALLOC_C` which is now redundant. Don't restore explicit flags instead of `$ASAN_CFLAGS`.
    * `component_test_aes_fewer_tables`…: don't remove it.
    * `component_test_m32_o1`: restore SSL testing.
    * `component_test_m32_everest`: restore SSL testing.
    * `component_test_min_mpi_window_size`…: don't remove it.
    * `component_test_valgrind`: do restore the tls version of the comment.
    * `run_component`: don't remove the seedfile creation. This is better than `pre_check_seedfile` (see below).
    * `pre_check_seedfile`: don't restore it. `pre_check_seedfile` (from tls) creates a seedfile once and for all. This is not good enough if a component fails in such a way as to leave a broken seedfile, or if a component leaves a seedfile with a size that's wrong for the next component to run. Instead (from crypto), `run_component` creates a sufficiently large seedfile before each component.
2020-03-23 17:55:31 +01:00
Gilles Peskine b99bd39b4e Merge mbed-crypto into mbedtls: the merge commit
Merge `unremove-non-crypto` into `mbedtls/development`. The branch
`unremove-non-crypto` was obtained by starting from `mbed-crypto/development`,
then reverting many commits that removed X.509 and TLS functionality when Mbed
Crypto forked from Mbed TLS (the “unremoval”), then make a few tweaks to
facilitate the merge.

The unremoval step restored old versions of some tls files. If a file doesn't
exist in mbed-crypto, check out the mbedtls version, regardless of what
happened during the unremoval of tls files in the crypto tree. Also
unconditionally take the mbedtls version of a few files where the
modifications are completely project-specific and are not relevant in
mbed-crypto:

* `.github/issue_template.md`: completely different. We may want to reconcile
  them independently as a follow-up.
* `.travis.yml`: would only be reverted to an earlier tls version.
* `README.md`: completely different. We may want to reconcile them
  independently as a follow-up.
* `doxygen/input/doc_mainpage.h`: the changes in crypto were minimal and not
  relevant except as a stopgap as mbed-crypto did not have its own product
  versioning in the Doxygen documentation.
* `tests/.jenkins/Jenkinsfile`: completely different.
* `tests/data_files/Makefile`: there were no changes in mbed-crypto,
  but the unremoval step restored an old version.

Shell script for everything to do after the merge apart from the conflict
resolution:
```
tls_files=($(comm -23 <(git ls-tree -r --name-only HEAD) <(git ls-tree -r --name-only $(git merge-base upstream-crypto/development MERGE_HEAD))))
tls_files+=($tls_files .github/issue_template.md .travis.yml README.md doxygen/input/doc_mainpage.h tests/.jenkins/Jenkinsfile tests/data_files/Makefile)
git checkout --theirs HEAD -- $tls_files
git add -- $tls_files
```

Resolve the remaining conflicts:

* `library/CMakeLists.txt`:
    * Keep the TLS definition of `src_crypto`
    * `USE_SHARED_MBEDTLS_LIBRARY`: keep all three libraries, with both
      `include` and `crypto/include` in `target_include_directories`, all with
      version `2.21.0`.
* `programs/Makefile`:
    * Reconcile the APPS lists (add/add from a differently-formatted common
      ancestor): insert the `psa/*` from crypto into the tls list.
    * Keep the `fuzz` target defined only in tls version.
    * Keep the recipe (only in tls version) cleaning `ssl_pthread_server`
      stuff for the `clean` target.
* `scripts/config.py`:
    * `include_in_full`: add/add conflict. Keep both.
* `tests/scripts/all.sh`:
    * `component_test_no_use_psa_crypto_full_cmake_asan`: partially old
      version in crypto. Take the tls version.
    * `component_test_malloc_0_null` and more: take
      `component_test_malloc_0_null` from crypto (with `config.py` rather than
      `config.pl`, and with `$ASAN_FLAGS` rather than an explicit list), but
      add the call to `ssl-opt.sh` from tls. Take the other components from
      crypto.

With this commit, building and running the unit tests with both `make ` and
`cmake` work in the default configuration on Linux. Other platforms, build
systems and configurations are likely not to work, and there is some
regression in test coverage.

There is some loss of functionality because the unremoval step restored older
versions of tls content. This commit contains the latest tls version of
tls-only files, but some changes from the tls side in files that existed on
both sides have regressed. Most problematic changes are hunks that remove some
tls-specific feature and contain either a C preprocessor symbol identifying a
tls-specific module or option, or the name of a tls-specific file. Hunks
that remove a tls-specific preprocessor symbol can be identified with the
regular expression `^-.*MBEDTLS_(ERR_)?(PKCS11|X509|NET|SSL)_`.

Subsequent commits will revert a few parts of the patch from this merge commit
in order to restore the tls functionality that it removes, ensure that the
test coverage includes what was covered in either branch, and fix test
failures.
2020-03-23 17:54:46 +01:00
Gilles Peskine 3b46cd3f15 Invoke config.py instead of config.pl in reverted content
perl -i -pe 's/\bconfig\.pl/config.py/g' $(git grep -l -Fw config.pl
-- . '#!tests/scripts/test_config_script.py')
2020-03-19 14:23:45 +01:00
Gilles Peskine 69e8f7ffe3 Revert "all.sh: Remove dependency on TLS, NET, and X.509"
This reverts commit 9b90f2e294.

Conflicts:
* tests/scripts/all.sh: do the same changes, dancing around the new
  outcome file feature and components added in the same places.
  Make sure that the components that are getting added back are at the
  same locations as where they are now in mbedtls.
2020-03-19 14:23:45 +01:00
Gilles Peskine 920b77524d Revert "recursion.pl: Don't depend on X.509"
This reverts commit e23737c618.
2020-03-19 14:23:45 +01:00
Gilles Peskine 7dc97048d6 Revert "Remove tests that depend on TLS or X.509"
This reverts commit 9afb2e9921.

Conflicts:
* include/CMakeLists.txt
  * "Make config.h available" comment: there has been a change
    adjacent to where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * compat.sh: there has been a change immediately before where it was
    removed. Just re-add what was removed.
2020-03-19 14:17:54 +01:00
Gilles Peskine 1a9c624fce Revert "tests: Use parent module includes when used as a submodule"
This reverts commit 120d571e8e.

Conflicts:
* tests/CMakeLists.txt:
  * target_include_directories: the instruction whose addition is to
    be reverted has changed. Remove what is there now.
2020-03-19 14:13:59 +01:00
Gilles Peskine 5748757615 Revert "tests: Exclude version suite when used as a submodule"
This reverts commit 1264c2a86f.
2020-03-19 14:13:22 +01:00
Gilles Peskine b85b20dfdc Revert "tests: Add a crypto prefix to submodule tests"
This reverts commit b478bb6ddb.

Conflicts:
* tests/CMakeLists.txt: revert the introduction of exe_name, but keep
  the addition of ${CMAKE_SOURCE_DIR}/crypto/library/ to
  target_include_directories.
2020-03-19 14:13:13 +01:00
Gilles Peskine 6bbe783908 Revert "Remove pkcs11-helper option"
This reverts commit d832f187f7.

Conflicts:
* CMakeLists.txt:
  * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before
    where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before
    where it was removed. Just re-add what was removed.
2020-03-19 14:07:55 +01:00
Gilles Peskine 5bb8bec1de Revert "Remove zlib"
This reverts commit d874a1fd14.

Conflicts:
* CMakeLists.txt:
  * ENABLE_ZLIB_SUPPORT: there has been a change immediately after
    where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * ENABLE_ZLIB_SUPPORT: there has been a change immediately after
    where it was removed. Just re-add what was removed.
2020-03-19 14:07:55 +01:00
Gilles Peskine 70824f2c9e Revert "Remove programs that depend on TLS or X.509"
This reverts commit 0688e4f266.

Run scripts/generate_visualc_files.pl to account for the added programs.
2020-03-19 14:07:55 +01:00
Gilles Peskine 4fa9f9f744 Revert "programs, tests: Depend only on libmbedcrypto"
This reverts commit 986a15199d.
2020-03-19 14:07:55 +01:00
Gilles Peskine 722a7e6940 Revert "Only build libmbedcrypto"
This reverts commit 8298d70bee.

Conflicts:
* library/Makefile: removal of SOEXT_X509 and SOEXT_TLS vs change of
  value of SOEXT_CRYPTO. Keep all, with the new value of SOEXT_CRYPTO.
2020-03-19 14:07:55 +01:00
Gilles Peskine 12230eb5c8 Revert "Remove irrelevant configs"
This reverts commit 1ad37309e4.

Conflicts:
* tests/scripts/test-ref-configs.pl:
    * config-ccm-psk-tls1_2.h: there has been an addition of
      "config-symmetric-only.h" at the place where the configurations
      that are added back were removed. Keep this configuration.
2020-03-19 14:04:59 +01:00
Gilles Peskine 9d28c426d1 Revert "check-names: Enable referencing Mbed TLS macros"
This reverts commit 7fcc7bc576.
2020-03-19 13:55:04 +01:00
Gilles Peskine 4e1174967a Revert "config: Remove TLS and NET options"
This reverts commit 1c66e48670.

Conflicts:
* include/mbedtls/check_config.h:
    * MBEDTLS_SSL_PROTO_SSL3: there has been an addition (of
      MBEDTLS_SHA512_NO_SHA384) at the place where it was removed. Re-add it
      after (alphabetical order).
    * MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of
      MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed.
      Re-add it after (alphabetical order).
    * MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of
      MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it
      after (alphabetical order).
* include/mbedtls/config.h:
    * MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of
      MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed.
      Re-add it after (alphabetical order).
    * MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of
      MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it
      after (alphabetical order).
* library/version_features.c: re-generate by running
  scripts/generate_features.pl.
* programs/test/query_config.c: re-generate by running
  scripts/generate_query_config.pl.
* scripts/config.pl: this file has been replaced by config.py. Port
  the reversed changes to config.py:
    * Revert removing three symbols from the list of symbols to
      exclude from full.
    * Revert removing one symbol (MBEDTLS_NET_C) from the list of symbols
      to exclude from baremetal.
* scripts/footprint.sh:
    * Re-add the line to unset MBEDTLS_NET_C, but with config.py instead of
      config.pl.
* tests/scripts/all.sh:
    * component_test_no_platform: re-add the line to unset MBEDTLS_NET_C, but
      with config.py instead of config.pl.
    * component_build_arm_none_eabi_gcc,
    component_build_arm_none_eabi_gcc_no_udbl_division,
    component_build_arm_none_eabi_gcc_no_64bit_multiplication,
    component_build_armcc: these components now use the baremetal
    configuration, so they do not need to turn off MBEDTLS_NET_C explicitly.
2020-03-19 13:55:04 +01:00
Gilles Peskine 252e391cca Revert "config: Remove X.509 options"
This reverts commit bb1f701212.

* include/mbedtls/check_config.h:
    * MBEDTLS_X509_RSASSA_PSS_SUPPORT: there has been an addition (of
      MBEDTLS_SHA512_NO_SHA384) at the place where it was removed.
      Re-add it before MBEDTLS_SHA512_NO_SHA384 to keep it grouped
      with MBEDTLS_RSA_C.

Conflicts:
* scripts/config.pl: this file has been replaced by config.py. Port
  the reversed changes to config.py:
    * Revert removing three symbols from the list of symbols to
      exclude from full.
2020-03-19 13:53:18 +01:00
Jaeden Amero 4fca6b1a15
Merge pull request #377 from sbutcher-arm/gcc7-warning-fix
Fix warning with gcc7 - maximum allocation exceeded
2020-03-17 22:44:23 +04:00
Simon Butcher e30d03e4f4 Change the use of pylint to optionally use pylint3
Pylint when installed as a distro package can be installed as pylint3, whilst as
a PEP egg, it can be installed as pylint.

This commit changes the scripts to first use pylint if installed, and optionally
look for pylint3 if not installed. This is to allow a preference for the PEP
version over the distro version, assuming the PEP one is more likely to be
the correct one.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
2020-03-16 11:38:02 +00:00
Manuel Pégourié-Gonnard 21d1cbccda
Merge pull request #2262 from andresag01/iotssl-2544-deprecate-record-accel
Fix compilation failure when MBEDTLS_SSL_HW_RECORD_ACCEL is enabled
2020-03-16 10:37:16 +01:00
Piotr Nowicki 438bf3b667 App data with 1/n-1 splitting in test suite
Counting of the fragments has been shifted from the writing section to
the reading. This is more reliable because one reading is made for one
fragment and during one write the library can internally divide data
into two fragments

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-03-12 16:57:05 +01:00
Jaeden Amero c31f970a46
Merge pull request #3075 from AndrzejKurek/variable-buffer-size
Variable buffer size
2020-03-10 21:46:35 +04:00
Jaeden Amero 55727c33eb
Merge pull request #3088 from AndrzejKurek/ssl-mocks-coverity
test_suite_ssl: fix coverity issues with uninitialized members
2020-03-09 19:14:47 +04:00
Andrzej Kurek 89bdc580ca
test_suite_ssl: check for errors during queue setup
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-09 06:31:18 -04:00
Andrzej Kurek 45916ba916
test_suite_ssl: fix coverity issues with uninitialized members
Initialize variables to NULL before doing any operations that might fail.
This fixes a case where the allocation fails on the first context, which 
previously made the code free the second, uninitialized context.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-05 14:47:01 -05:00
Gilles Peskine 32d90b3919 Revert "Remove unused test data files"
This reverts commit ef24980e66.
2020-03-04 15:39:14 +01:00
Gilles Peskine 84a63fad5b Revert "tests: Update generator with Mbed Crypto comments"
This reverts commit dfcf84aea5.
2020-03-04 15:39:14 +01:00
Piotr Nowicki 0937ed29b9
Add an acceptance test for memory usage after handshake
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-04 09:28:35 -05:00
Andrzej Kurek 0afa2a1b65
Add I/O buffer resizing in handshake init and free
Add a conditional buffer resizing feature. Introduce tests exercising
it in various setups (serialization, renegotiation, mfl manipulations).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-04 09:28:16 -05:00
Gilles Peskine 3d5f05b9fb
Merge pull request #376 from gilles-peskine-arm/paths-mergeability-crypto
Modify path handling in some build scripts to be closer to mbedtls
2020-03-04 11:19:59 +01:00
Manuel Pégourié-Gonnard 68192fcd3a Fix remaining occurrences of config.pl in all.sh
The .pl version is now a compat wrapper around the .py script. Better call the
.py script directly.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-04 10:53:13 +01:00
Simon Butcher 49f8e3157c Fix warning with gcc7/maximum allocation exceeded
Adds an additional boundary check to the test parameter bytes_arg in
generate_random() in test_suite_psa_crypto.function.

This is to check against a possible underflow, and to avoid a warning,
"argument ... exceeds maximum object size", (-Werror=alloc-size-larger-than)
that GCC 7 generates.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
2020-03-03 17:28:05 +00:00
Darryl Green aad82f9bbb
Add variable buffer length tests to all.sh
Exercise the feature alone, with record splitting and DTLS connection ID.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Darryl Green <darryl.green@arm.com>
2020-03-03 10:44:57 -05:00
Manuel Pégourié-Gonnard f03c13c046
Merge pull request #3050 from mpg/skip-close-notify-dev
Fix possible close_notify/ClientHello confusion
2020-03-03 12:11:48 +01:00
Gilles Peskine 26e4fdc6cd Move MEMORY_BUFFER_ALLOC components to align the order with mbedtls
No code change. This commit just moves two functions to make the order
of component definitions match the one in mbedtls.
2020-03-02 21:15:04 +01:00
Piotr Nowicki bde7ee88a6
Add DTLS handshake fragmentation test
For this test it is good to have a handshake messages length as big as
possible, so for the server the certificate verification mode is
changed from default NONE to REQUIRED. It requires the client to send
certificate date to the server during handshake

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-02-27 09:31:42 -05:00
Andrzej Kurek 8a6ff15079
test_suite_ssl refactoring: provide default options structure for tests
Create and provide a structure with default options so that the caller won't have
to pass all of the parameters each time the handshake is called. In the future
this can be improved so that the options are passed as a string, just like in
ssl-opt.sh.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-02-26 09:10:14 -05:00
Andrzej Kurek 316da1f86e
test_suite_ssl refactoring: merge renegotiation test into handshake
Move the renegotiation test to a shared handshake function to simplify further
addition of tests.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-02-26 09:03:47 -05:00
Andrzej Kurek 9e9efdc277
test_suite_ssl refactoring: merge tls & dtls application data tests
Move the app data tests to a shared handshake function to simplify further 
addition of tests.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-02-26 09:00:18 -05:00
Manuel Pégourié-Gonnard dd8807f52d Add build with MBEDTLS_SSL_HW_RECORD_ACCEL to all.sh
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-26 09:56:27 +01:00
Manuel Pégourié-Gonnard 56941fe6a2 Fix possible close_notify/ClientHello confusion
The ssl-opt.sh test cases using session resumption tend to fail occasionally
on the CI due to a race condition in how ssl_server2 and ssl_client2 handle
the reconnection cycle.

The server does the following in order:
- S1 send application data
- S2 send a close_notify alert
- S3 close the client socket
- S4 wait for a "new connection" (actually a new datagram)
- S5 start a handshake

The client does the following in order:
- C1 wait for and read application data from the server
- C2 send a close_notify alert
- C3 close the server socket
- C4 reset session data and re-open a server socket
- C5 start a handshake

If the client has been able to send the close_notify (C2) and if has been
delivered to the server before if closes the client socket (S3), when the
server reaches S4, the datagram that we start the new connection will be the
ClientHello and everything will be fine.

However if S3 wins the race and happens before the close_notify is delivered,
in S4 the close_notify is what will be seen as the first datagram in a new
connection, and then in S5 this will rightfully be rejected as not being a
valid ClientHello and the server will close the connection (and go wait for
another one). The client will then fail to read from the socket and exit
non-zero and the ssl-opt.sh harness will correctly report this as a failure.

In order to avoid this race condition in test using ssl_client2 and
ssl_server2, this commits introduces a new command-line option
skip_close_notify to ssl_client2 and uses it in all ssl-opt.sh tests that use
session resumption with DTLS and ssl_server2.

This works because ssl_server2 knows how many messages it expects in each
direction and in what order, and closes the connection after that rather than
relying on close_notify (which is also why there was a race in the first
place).

Tests that use another server (in practice there are two of them, using
OpenSSL as a server) wouldn't work with skip_close_notify, as the server won't
close the connection until the client sends a close_notify, but for the same
reason they don't need it (there is no race between receiving close_notify and
closing as the former is the cause of the later).

An alternative approach would be to make ssl_server2 keep the connection open
until it receives a close_notify. Unfortunately it creates problems for tests
where we simulate a lossy network, as the close_notify could be lost (and the
client can't retransmit it). We could modify udp_proxy with an option to never
drop alert messages, but when TLS 1.3 comes that would no longer work as the
type of messages will be encrypted.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-26 09:33:45 +01:00
Piotr Nowicki 95e9eb8d91 Add test for renegotiation in DTLS
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-02-25 14:15:00 +01:00
Piotr Nowicki 6a7f01c237 Add test with sending application data via DTLS
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-02-25 14:10:15 +01:00
Jaeden Amero 20b3a68e70
Merge pull request #3042 from AndrzejKurek/dtls-handshake-serialization
Dtls handshake serialization test
2020-02-24 14:56:00 +04:00
Janos Follath 6fc816ae7c
Merge pull request #3038 from gilles-peskine-arm/align-crypto-programs
Side-port from crypto: programs/
2020-02-24 10:36:39 +00:00
Andrzej Kurek da2b67806b
Add a dtls handshake test with context serialization
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-02-24 04:56:53 -05:00
Jaeden Amero a08e699afc
Merge pull request #3036 from AndrzejKurek/dtls-handshake-tests
DTLS handshake tests
2020-02-21 15:18:52 +04:00
Gilles Peskine 9ab9621511 Move 3rdparty mentions to a separate line
This makes it easier to merge changes related to adding or removing
3rdparty items.

No semantic change.
2020-02-19 20:13:29 +01:00
Janos Follath 84d2fd4ee2 Bump version to Mbed TLS 2.21.0 2020-02-19 14:35:16 +00:00
Janos Follath cf4a40ba0a
Merge pull request #370 from yanesca/update-version-2.21.0
Bump version to Mbed TLS 2.21.0
2020-02-19 14:21:11 +00:00
Janos Follath bc7c2424c9 Bump version to Mbed TLS 2.21.0 2020-02-19 11:51:13 +00:00
Manuel Pégourié-Gonnard 9bbe328752 Test each failure mode of pk_parse_key_pkcs1_der()
(Only the top-level ones, ie, for each call to eg asn1_get_mpi(), ensure
there's at least one test case that makes this call fail in one way, but don't
test the various ways to make asn1_get_mpi fail - that should be covered
elsewhere.)

- the new checks added by the previous commits needed exercising
- existing tests sometimes had wrong descriptions or where passing for the
  wrong reason (eg with the "length mismatch" test, the function actually
failed before reaching the length check)
- while at it, add tests for the rest as well

The valid minimal-size key was generated with:

openssl genrsa 128 2>/dev/null | openssl rsa -outform der 2>/dev/null | xxd -p
2020-02-18 10:31:29 +01:00
Manuel Pégourié-Gonnard b65370f97d Clean up test function pk_parse_key
- remove incorrect compile-time dependency (the individual cases already have
  correct run-time dependency information)
- remove unused argument
- remove unused stack buffer
- remove useless code block
2020-02-18 10:18:43 +01:00
Andrzej Kurek 941962eb91 Add DTLS handshake tests for the mocked ssl test suite
Starting with TLS 1.1
2020-02-12 09:18:19 -05:00