Commit graph

13595 commits

Author SHA1 Message Date
Gilles Peskine cd65f4ccac Add empty-output-buffer test cases for single-part hash functions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-26 00:11:23 +02:00
Gilles Peskine e92c68a878 Note that a failure in cleanup is intentional
In the cleanup code for persistent_key_load_key_from_storage(), we
only attempt to reopen the key so that it will be deleted if it exists
at that point. It's intentional that we do nothing if psa_open_key()
fails here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-26 00:11:23 +02:00
Gilles Peskine 64f13ef6ab Add missing cleanup to some multipart operation tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-26 00:11:23 +02:00
Gilles Peskine a09713c795 test cleanup: Annotate file removal after a failed creation
Let static analyzers know that it's ok if remove() fails here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-25 22:50:18 +02:00
Gilles Peskine 169ca7f06d psa_crypto_storage: Annotate file removal after a failed creation
Let static analyzers know that it's ok if psa_its_remove() fails here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-25 22:50:06 +02:00
Gilles Peskine bab1b52048 psa_its: Annotate file removal after a failed creation
Let static analyzers know that it's ok if remove() fails here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-25 22:49:19 +02:00
Gilles Peskine 14613bcd75 Fix parity tests to actually fail the test on error
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-25 22:30:31 +02:00
Gilles Peskine ed19762a22
Merge pull request #3574 from makise-homura/e2k_support
Support building on e2k (Elbrus) architecture
2020-08-25 09:46:36 +02:00
makise-homura af9513bb48 A different approach of signed-to-unsigned comparison
Suggsted by @hanno-arm

Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-24 23:42:49 +03:00
Gilles Peskine 0f343ac87f
Merge pull request #3528 from gufe44/helpers-redirect-restore-output
Fix bug in redirection of unit test outputs
2020-08-24 10:45:08 +02:00
Manuel Pégourié-Gonnard 6edfe60e0d
Merge pull request #2182 from hanno-arm/key_pwd
Add support for password protected key files to ssl_server2 and ssl_client2
2020-08-24 09:42:38 +02:00
makise-homura e014fece50 Don't forget to free G, P, Q, ctr_drbg, and entropy
I might be wrong, but lcc's optimizer is curious about this,
and I am too: shouldn't we free allocated stuff correctly
before exiting `dh_genprime` in this certain point of code?

Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-22 23:56:46 +03:00
Gilles Peskine 5fe5b823d4
Merge pull request #3590 from mpg/fix-compat.sh-with-ubuntu-16.04-gnutls
Fix compat.sh with ubuntu 16.04 gnutls
2020-08-21 14:18:25 +02:00
Manuel Pégourié-Gonnard 6c77bc6de2 compat.sh: stop using allow_sha1
After the changes of certificates, it's no longer needed.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-21 12:34:05 +02:00
Manuel Pégourié-Gonnard 499bf4c0c8 compat.sh: quit using SHA-1 certificates
Replace server2.crt with server2-sha256.crt which, as the name implies, is
just the SHA-256 version of the same certificate.

Replace server1.crt with cert_sha256.crt which, as the name doesn't imply, is
associated with the same key and just have a slightly different Subject Name,
which doesn't matter in this instance.

The other certificates used in this script (server5.crt and server6.crt) are
already signed with SHA-256.

This change is motivated by the fact that recent versions of GnuTLS (or older
versions with the Debian patches) reject SHA-1 in certificates by default, as
they should. There are options to still accept it (%VERIFY_ALLOW_BROKEN and
%VERIFY_ALLOW_SIGN_WITH_SHA1) but:

- they're not available in all versions that reject SHA-1-signed certs;
- moving to SHA-2 just seems cleaner anyway.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-21 12:25:30 +02:00
Manuel Pégourié-Gonnard 244d06637f compat.sh: enable CBC-SHA-2 suites for GnuTLS
Recent GnuTLS packages on Ubuntu 16.04 have them disabled.

From /usr/share/doc/libgnutls30/changelog.Debian.gz:

gnutls28 (3.4.10-4ubuntu1.5) xenial-security; urgency=medium

  * SECURITY UPDATE: Lucky-13 issues
    [...]
    - debian/patches/CVE-2018-1084x-4.patch: hmac-sha384 and sha256
      ciphersuites were removed from defaults in lib/gnutls_priority.c,
      tests/priorities.c.

Since we do want to test the ciphersuites, explicitly re-enable them in the
server's priority string. (This is a no-op with versions of GnuTLS where those
are already enabled by default.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-21 12:06:47 +02:00
Manuel Pégourié-Gonnard 1a6af8489e
Merge pull request #3578 from gilles-peskine-arm/md_setup-leak-development
Fix memory leak in mbedtls_md_setup with HMAC
2020-08-21 09:19:12 +02:00
gufe44 067f6e01f1 Fix bug in redirection of unit test outputs
Avoid replacing handle. stdout is defined as a macro on several platforms.

Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-21 08:32:26 +02:00
Gilles Peskine c57497e655
Merge pull request #3584 from mpg/fix-changelog-file-location
Fix location of a ChangeLog entry file
2020-08-20 11:50:05 +02:00
Manuel Pégourié-Gonnard eb528eef57 Fix location of a ChangeLog entry file
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-20 10:35:26 +02:00
danh-arm e8582ba0f3
Merge pull request #3546 from bensze01/copyright
Update copyright notices to use Linux Foundation guidance
2020-08-19 15:59:42 +01:00
Gilles Peskine d15c740df6 Fix memory leak in mbedtls_md_setup with HMAC
mbedtls_md_setup() allocates a hash-specific context and then, if
requested, an extra HMAC context. If the second allocation failed, the
hash context was not freed.

Fix this by ensuring that the mbedtls_md_context_t object is always in
a consistent state, in particular, that the md_info field is always
set. For robustness, ensure that the object is in a consistent state
even on errors (other than BAD_INPUT_DATA if the object was not in a
consistent state on entry).

Fix #3486

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-19 12:04:56 +02:00
Bence Szépkúti 1e14827beb Update copyright notices to use Linux Foundation guidance
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.

Also remove the now-redundant lines declaring that the files are part of
MbedTLS.

This commit was generated using the following script:

# ========================
#!/bin/sh

# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '

# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I

# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-08-19 10:35:41 +02:00
makise-homura e5595501ce Fix e2k support changelog snippet
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-19 01:33:15 +03:00
makise-homura e74f372330 Get back -Wsigned-one-bit-field and fix sources according to it
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-18 23:57:48 +03:00
makise-homura 0be6aa9957 Get back -Wsign-compare and fix sources according to it
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-18 23:52:53 +03:00
makise-homura ac2fd6524a Support building on e2k (Elbrus) architecture
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-18 21:59:46 +03:00
Hanno Becker 721f7c1e64 Add minimal client authentication test to ssl-opt.sh
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 12:17:32 +01:00
Hanno Becker 2f54a3c2e4 Add tests to ssl-opt.sh exercising new key_pwd[2] parameters
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 12:17:28 +01:00
Hanno Becker 226eedb5f3 Add password protected version of key for data_files/server{2,5}.key
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 12:14:00 +01:00
Manuel Pégourié-Gonnard 98944cd756
Merge pull request #3404 from mpg/improve-ssl-opt-logs
Improve ssl-opt.sh logs
2020-08-17 12:04:36 +02:00
Hanno Becker 2d3ac68336 Parse key-file and -password parameters in same place in ssl_client2
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 09:44:44 +01:00
Hanno Becker bffa54f4eb Add usage string for key_pwd argument in ssl_client2 program
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 09:44:41 +01:00
Hanno Becker 34ce81f896 Avoid overly long usage string literal in ssl_server2 program
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-17 09:40:54 +01:00
Gilles Peskine c60c30eb68
Merge pull request #3557 from Ouss4/assert
Ensure that only one definition of ASSERT is present
2020-08-14 23:24:04 +02:00
Hanno Becker fa452c4566 Fix guard in ECJPAKE tests in ssl-opt.sh
Three tests were guarded by `MBEDTLS_KEY_EXCHANGE_ECJPAKE`,
not `MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED`, as it should be.

Curiously, the guard still functioned as intended, perhaps
because `MBEDTLS_KEY_EXCHANGE_ECJPAKE` is a prefix of
`MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED`.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-14 15:42:49 +01:00
Hanno Becker ee63af6f8f Adapt ssl-opt.sh to modified ciphersuite log format
The debug output for supported ciphersuites has been changed
from `deadbeef` to `0xdeadbeef` in a previous commit, but the
test script `ssl-opt.sh` grepping for lines in the debug log
to determine test success/failure hadn't been adjusted accordingly.

This commit fixes this.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-14 15:41:23 +01:00
Manuel Pégourié-Gonnard 8ca03a7b68
Merge pull request #3554 from mpg/x509-verify-non-dns-san-dev
X509 verify non-DNS SANs
2020-08-14 11:32:22 +02:00
Hanno Becker 063f3bba90 Add ChangeLog entry
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-08-14 10:02:36 +01:00
Hanno Becker 5c5efdfcf9 Fix format specifier in ssl_ciphersuite_match() 2020-08-14 09:59:26 +01:00
Hanno Becker 3c88c65426 Fix debug format specifier in ClientHello ciphersuite log 2020-08-14 09:59:26 +01:00
Hanno Becker ecea07d6c3 Unify ciphersuite related debug output on client and server
The client previously reproted the offered ciphersuites through
their numerical identifier only, while the server reported them
through their name.

This commit modifies the debug output on client and server to
both use the format `ID (NAME)` for the ciphersuites.
2020-08-14 09:58:51 +01:00
Hanno Becker ca04fdc2cc Add support for password protected key file to ssl_client2
The example application programs/ssl/ssl_client2 allows the
configuration of a client CRT through the parameters
- crt_file, key_file
However, password protected key files are not supported.

This commit adds a new command line option
- key_pwd
which allow to specify a password for the key file specified
in the key_file parameter.
2020-08-14 09:58:51 +01:00
Hanno Becker e58a630cb0 Add support for password protected key file to ssl_server2
The example application programs/ssl/ssl_server2 allows the
configuration of up to two CRTs through the command line
parameters
- crt_file, key_file
- crt_file2, key_file2.
However, password protected key files are not supported.

This commit adds command line options
- key_pwd
- key_pwd2
which allow to specify passwords for the key files specified
in key_file and key_file2, respectively.
2020-08-14 09:58:51 +01:00
Gilles Peskine 3890f7cd3d
Merge pull request #3540 from gufe44/netbsd-rand-arc4random_buf
Use arc4random_buf instead of rand on NetBSD
2020-08-13 15:27:45 +02:00
Gilles Peskine 9ec3648ab3
Merge pull request #3495 from mpg/check-generated-files
Add update option to check-generated-files
2020-08-13 11:24:23 +02:00
gufe44 29fcac3263 Log change as bugfix
Signed-off-by: gufe44 <gu981@protonmail.com>
2020-08-13 06:24:42 +02:00
Ouss4 e0b2687a2d Undef ASSERT before defining it to ensure that no previous definition
has sneaked in through included files.

Signed-off-by: Ouss4 <abdelatif.guettouche@gmail.com>
2020-08-12 20:02:25 +01:00
Manuel Pégourié-Gonnard 204e05404f Add ChangeLog entry for X.509 CN-type vulnerability
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-11 10:24:21 +02:00
Manuel Pégourié-Gonnard f58e5cc4f4 Improve documentation of cn in x509_crt_verify()
Mention explicitly that only DNS names are supported so far, and while at it
explain where the name is searched.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-11 10:24:21 +02:00