Commit graph

1968 commits

Author SHA1 Message Date
Hanno Becker f5baaaaf89 Add all.sh run with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled
With the removal of MBEDTLS_MEMORY_BUFFER_ALLOC_C from the
full config, there are no tests for it remaining in all.sh.
This commit adds a build as well as runs of `make test` and
`ssl-opt.sh` with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled to all.sh.
2019-09-09 07:15:00 -04:00
Andrzej Kurek c7f97f1c8d Adapt all.sh to removal of buffer allocator from full config
Previously, numerous all.sh tests manually disabled the buffer allocator
or memory backtracting after setting a full config as the starting point.

With the removal of MBEDTLS_MEMORY_BACKTRACE and MBEDTLS_MEMORY_BUFFER_ALLOC_C
from full configs, this is no longer necessary.
2019-09-09 07:10:39 -04:00
Jaeden Amero d7bd10dc89 Bump version to Mbed TLS 2.7.12 2019-09-06 13:28:28 +01:00
Jaeden Amero e1d93e5552 Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  ssl-opt.sh: wait for proxy to start before running the script further
2019-09-05 18:14:28 +01:00
Unknown b86bcb4f71 ssl-opt.sh: wait for proxy to start before running the script further 2019-09-04 06:09:26 -04:00
Gilles Peskine ad72522fad Merge remote-tracking branch 'upstream-restricted/mbedtls-2.7-proposed' into mbedtls-2.7-restricted 2019-08-14 16:30:13 +02:00
Gilles Peskine 3b8cf47004 Merge remote-tracking branch 'upstream-restricted/pr/508' into mbedtls-2.7-restricted 2019-08-14 16:25:10 +02:00
Gilles Peskine 298a43a77e Merge remote-tracking branch 'upstream-restricted/pr/549' into mbedtls-2.7-restricted 2019-08-14 16:24:51 +02:00
Gilles Peskine ab327dfec7 Merge remote-tracking branch 'upstream-restricted/pr/614' into mbedtls-2.7-restricted 2019-08-14 16:24:08 +02:00
Gilles Peskine 0e08fff32f Merge remote-tracking branch 'upstream-public/pr/2737' into mbedtls-2.7 2019-08-14 16:00:47 +02:00
Gilles Peskine c7ad7ed185 Merge remote-tracking branch 'upstream-public/pr/2755' into mbedtls-2.7 2019-08-14 15:59:21 +02:00
Gilles Peskine 6ad89c2a3a Exclude DTLS 1.2 only with older OpenSSL
compat.sh used to skip OpenSSL altogether for DTLS 1.2, because older
versions of OpenSSL didn't support it. But these days it is supported.

We don't want to use DTLS 1.2 with OpenSSL unconditionally, because we
still use legacy versions of OpenSSL to test with legacy ciphers. So
check whether the version we're using supports it.
2019-08-13 11:44:30 +02:00
Gilles Peskine 5d3be4a0f8
Merge pull request #640 from ARMmbed/mbedtls-2.7-proposed
Merge mbedtls-2.7 into mbedtls-2.7-restricted
2019-08-05 11:06:45 +02:00
Gilles Peskine ad8c9bf7e0
Merge pull request #2418 from RonEld/Backport2.7_2734
Backport 2.7: Update soon to be expired crl
2019-08-03 13:38:23 +02:00
Gilles Peskine d56ca658ab entropy_nv_seed: cope with SHA-256
This test case was only executed if the SHA-512 module was enabled and
MBEDTLS_ENTROPY_FORCE_SHA256 was not enabled, so "config.pl full"
didn't have a chance to reach it even if that enabled
MBEDTLS_PLATFORM_NV_SEED_ALT.

Now all it takes to enable this test is MBEDTLS_PLATFORM_NV_SEED_ALT
and its requirements, and the near-ubiquitous MD module.
2019-07-19 17:41:55 +02:00
Gilles Peskine 923f7f9637 entropy_nv_seed: clean up properly
Call mbedtls_entropy_free on test failure.

Restore the previous NV seed functions which the call to
mbedtls_platform_set_nv_seed() changed. This didn't break anything,
but only because the NV seed functions used for these tests happened
to work for the tests that got executed later in the .data file.
2019-07-19 17:41:55 +02:00
Jaeden Amero a115207830 Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  tests: Limit each log to 10 GiB
2019-07-12 10:16:03 +01:00
Ron Eldor 4f928c0f37 Create certificates with correct string formatting
For conformity, create the certificates using `cert_write` so
so they will all be `printableString`.
2019-07-10 17:23:06 +03:00
Ron Eldor 3936a0296d Update certificates to expire in 2029
Update certificates that expire on 2021, to prolong their validity,
to make tests pass three years ahead.
2019-07-10 17:23:06 +03:00
Ron Eldor ea6149ad43 Update soon to be expired crl
Update crl.pem, as it will expire on November 25 2019.
Resolves #2357.
2019-07-10 16:58:56 +03:00
Jaeden Amero 347309141f tests: Limit each log to 10 GiB
Limit log output in compat.sh and ssl-opt.sh, in case of failures with
these scripts where they may output seemingly unlimited length error
logs.

Note that ulimit -f uses units of 512 bytes, so we use 10 * 1024 * 1024
* 2 to get 10 GiB.
2019-07-10 08:50:52 +01:00
Jaeden Amero c455be6574 Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  Split _abi_compliance_command into smaller functions
  Record the commits that were compared
  Document how to build the typical argument for -s
  Allow running /somewhere/else/path/to/abi_check.py
  Allow TODO in code
  Use the docstring in the command line help
2019-07-10 08:47:27 +01:00
k-stachowiak 0f16adace4 Add a test for mlaformed ECJPAKE context 2019-07-09 10:22:13 +02:00
Gilles Peskine 950de1e331 Test that a shared library build produces a dynamically linked executable 2019-07-05 15:48:52 +02:00
Gilles Peskine 17ecb24cb8 Test that the shared library build with CMake works 2019-07-05 15:48:36 +02:00
Gilles Peskine f852f5fd15 Add a test of MBEDTLS_CONFIG_FILE
configs/README.txt documents that you can use an alternative
configuration file by defining the preprocessor symbol
MBEDTLS_CONFIG_FILE. Test this.
2019-07-05 15:48:36 +02:00
Gilles Peskine 570f7a2318 Allow TODO in code
Don't reject TODO in code. Fix #2587
2019-07-05 10:56:19 +02:00
Gilles Peskine 081daf0dd3 Use the docstring in the command line help 2019-07-05 10:56:19 +02:00
Jaeden Amero 1e61b0fb3f Merge remote-tracking branch 'restricted/pr/581' into mbedtls-2.7-restricted
* restricted/pr/581:
  Remove unnecessary empty line
  Add a test for signing content with a long ECDSA key
  Add documentation notes about the required size of the signature buffers
  Add missing MBEDTLS_ECP_C dependencies in check_config.h
  Change size of preallocated buffer for pk_sign() calls
2019-06-24 11:40:49 +01:00
Jaeden Amero c0ff88e624 Merge remote-tracking branch 'origin/pr/2702' into mbedtls-2.7
* origin/pr/2702:
  Pass -m32 to the linker as well
2019-06-21 15:55:21 +01:00
Jaeden Amero 54c800ef24 Merge remote-tracking branch 'origin/pr/2616' into mbedtls-2.7
* origin/pr/2616:
  Use 'config.pl baremetal' in all.sh
2019-06-21 15:55:21 +01:00
Jaeden Amero 0cf1776a2d Merge remote-tracking branch 'origin/pr/2451' into mbedtls-2.7
* origin/pr/2451:
  Fix #2370, minor typos and spelling mistakes
2019-06-21 15:55:21 +01:00
Jaeden Amero dd11fbccd2 Merge remote-tracking branch 'origin/pr/2320' into mbedtls-2.7
* origin/pr/2320:
  Clarify ChangeLog entry for fix to #1628
  Add Changelog entry for clang test-ref-configs.pl fix
  Enable more compiler warnings in tests/Makefile
  Change file scoping of test helpers.function
2019-06-21 15:55:21 +01:00
Jaeden Amero 35a7e4675f Merge remote-tracking branch 'origin/pr/2688' into mbedtls-2.7
* origin/pr/2688:
  Update library version to 2.7.11
2019-06-18 14:22:59 +01:00
Gilles Peskine d535f4d667 Pass -m32 to the linker as well
For unit tests and sample programs, CFLAGS=-m32 is enough to get a
32-bit build, because these programs are all compiled directly
from *.c to the executable in one shot. But with makefile rules that
first build object files and then link them, LDFLAGS=-m32 is also
needed.
2019-06-17 19:15:37 +02:00
Jaeden Amero 2fa0172ae1 Merge remote-tracking branch 'origin/pr/2483' into mbedtls-2.7
* origin/pr/2483:
  Correct placement of ChangeLog entry
  Improve documentation of mbedtls_x509_get_ext()
  Adapt ChangeLog
  Always return a high-level error code from X.509 module
  Obey bounds of ASN.1 substructures
2019-06-14 15:28:02 +01:00
Jaeden Amero 98fc5f4937 Merge remote-tracking branch 'origin/pr/2482' into mbedtls-2.7
* origin/pr/2482:
  Document support for MD2 and MD4 in programs/x509/cert_write
  Correct name of X.509 parsing test for well-formed, ill-signed CRT
  Add test cases exercising successful verification of MD2/MD4/MD5 CRT
  Add test case exercising verification of valid MD2 CRT
  Add MD[245] test CRTs to tree
  Add instructions for MD[245] test CRTs to tests/data_files/Makefile
  Add suppport for MD2 to CSR and CRT writing example programs
  Convert further x509parse tests to use lower-case hex data
  Correct placement of ChangeLog entry
  Adapt ChangeLog
  Use SHA-256 instead of MD2 in X.509 CRT parsing tests
  Consistently use lower case hex data in X.509 parsing tests
2019-06-14 08:50:16 +01:00
Jaeden Amero 6794f68d29 Update library version to 2.7.11 2019-06-11 17:31:57 +01:00
k-stachowiak 45d0ba15a0 Add a test for signing content with a long ECDSA key
Due to the way the current PK API works, it may have not been clear
for the library clients, how big output buffers they should pass
to the signing functions. Depending on the key type they depend on
MPI or EC specific compile-time constants.

Inside the library, there were places, where it was assumed that
the MPI size will always be enough, even for ECDSA signatures.
However, for very small sizes of the MBEDTLS_MPI_MAX_SIZE and
sufficiently large key, the EC signature could exceed the MPI size
and cause a stack overflow.

This test establishes both conditions -- small MPI size and the use
of a long ECDSA key -- and attempts to sign an arbitrary file.
This can cause a stack overvlow if the signature buffers are not
big enough, therefore the test is performed for an ASan build.
2019-06-10 11:48:38 +02:00
Hanno Becker 19557c2078 Always return a high-level error code from X.509 module
Some functions within the X.509 module return an ASN.1 low level
error code where instead this error code should be wrapped by a
high-level X.509 error code as in the bulk of the module.

Specifically, the following functions are affected:
- mbedtls_x509_get_ext()
- x509_get_version()
- x509_get_uid()

This commit modifies these functions to always return an
X.509 high level error code.

Care has to be taken when adapting `mbetls_x509_get_ext()`:
Currently, the callers `mbedtls_x509_crt_ext()` treat the
return code `MBEDTLS_ERR_ASN1_UNEXPECTED_TAG` specially to
gracefully detect and continue if the extension structure is not
present. Wrapping the ASN.1 error with
`MBEDTLS_ERR_X509_INVALID_EXTENSIONS` and adapting the check
accordingly would mean that an unexpected tag somewhere
down the extension parsing would be ignored by the caller.

The way out of this is the following: Luckily, the extension
structure is always the last field in the surrounding structure,
so if there is some data remaining, it must be an Extension
structure, so we don't need to deal with a tag mismatch gracefully
in the first place.

We may therefore wrap the return code from the initial call to
`mbedtls_asn1_get_tag()` in `mbedtls_x509_get_ext()` by
`MBEDTLS_ERR_X509_INVALID_EXTENSIONS` and simply remove
the special treatment of `MBEDTLS_ERR_ASN1_UNEXPECTED_TAG`
in the callers `x509_crl_get_ext()` and `x509_crt_get_ext()`.

This renders `mbedtls_x509_get_ext()` unsuitable if it ever
happened that an Extension structure is optional and does not
occur at the end of its surrounding structure, but for CRTs
and CRLs, it's fine.

The following tests need to be adapted:
- "TBSCertificate v3, issuerID wrong tag"
  The issuerID is optional, so if we look for its presence
  but find a different tag, we silently continue and try
  parsing the subjectID, and then the extensions. The tag '00'
  used in this test doesn't match either of these, and the
  previous code would hence return LENGTH_MISMATCH after
  unsucessfully trying issuerID, subjectID and Extensions.
  With the new code, any data remaining after issuerID and
  subjectID _must_ be Extension data, so we fail with
  UNEXPECTED_TAG when trying to parse the Extension data.
- "TBSCertificate v3, UIDs, invalid length"
  The test hardcodes the expectation of
  MBEDTLS_ERR_ASN1_INVALID_LENGTH, which needs to be
  wrapped in MBEDTLS_ERR_X509_INVALID_FORMAT now.

Fixes #2431.
2019-06-04 14:03:27 +01:00
Hanno Becker 1de13dbc49 Obey bounds of ASN.1 substructures
When parsing a substructure of an ASN.1 structure, no field within
the substructure must exceed the bounds of the substructure.
Concretely, the `end` pointer passed to the ASN.1 parsing routines
must be updated to point to the end of the substructure while parsing
the latter.

This was previously not the case for the routines
- x509_get_attr_type_and_value(),
- mbedtls_x509_get_crt_ext(),
- mbedtls_x509_get_crl_ext().
These functions kept using the end of the parent structure as the
`end` pointer and would hence allow substructure fields to cross
the substructure boundary. This could lead to successful parsing
of ill-formed X.509 CRTs.

This commit fixes this.

Care has to be taken when adapting `mbedtls_x509_get_crt_ext()`
and `mbedtls_x509_get_crl_ext()`, as the underlying function
`mbedtls_x509_get_ext()` returns `0` if no extensions are present
but doesn't set the variable which holds the bounds of the Extensions
structure in case the latter is present. This commit addresses
this by returning early from `mbedtls_x509_get_crt_ext()` and
`mbedtls_x509_get_crl_ext()` if parsing has reached the end of
the input buffer.

The following X.509 parsing tests need to be adapted:
- "TBSCertificate, issuer two inner set datas"
  This test exercises the X.509 CRT parser with a Subject name
  which has two empty `AttributeTypeAndValue` structures.
  This is supposed to fail with `MBEDTLS_ERR_ASN1_OUT_OF_DATA`
  because the parser should attempt to parse the first structure
  and fail because of a lack of data. Previously, it failed to
  obey the (0-length) bounds of the first AttributeTypeAndValue
  structure and would try to interpret the beginning of the second
  AttributeTypeAndValue structure as the first field of the first
  AttributeTypeAndValue structure, returning an UNEXPECTED_TAG error.
- "TBSCertificate, issuer, no full following string"
  This test exercises the parser's behaviour on an AttributeTypeAndValue
  structure which contains more data than expected; it should therefore
  fail with MBEDTLS_ERR_ASN1_LENGTH_MISMATCH. Because of the missing bounds
  check, it previously failed with UNEXPECTED_TAG because it interpreted
  the remaining byte in the first AttributeTypeAndValue structure as the
  first byte in the second AttributeTypeAndValue structure.
- "SubjectAltName repeated"
  This test should exercise two SubjectAltNames extensions in succession,
  but a wrong length values makes the second SubjectAltNames extension appear
  outside of the Extensions structure. With the new bounds in place, this
  therefore fails with a LENGTH_MISMATCH error. This commit adapts the test
  data to put the 2nd SubjectAltNames extension inside the Extensions
  structure, too.
2019-06-04 14:03:27 +01:00
Hanno Becker b6bf4967de Correct name of X.509 parsing test for well-formed, ill-signed CRT 2019-06-03 16:22:13 +01:00
Hanno Becker 958c41196a Add test cases exercising successful verification of MD2/MD4/MD5 CRT 2019-06-03 16:22:10 +01:00
Hanno Becker c6b33dbdda Add test case exercising verification of valid MD2 CRT
The X.509 parsing test suite test_suite_x509parse contains a test
exercising X.509 verification for a valid MD4/MD5 certificate in a
profile which doesn't allow MD4/MD5. This commit adds an analogous
test for MD2.
2019-06-03 16:22:08 +01:00
Hanno Becker dcb1e60521 Add MD[245] test CRTs to tree 2019-06-03 16:22:01 +01:00
Hanno Becker 067f3574b9 Add instructions for MD[245] test CRTs to tests/data_files/Makefile 2019-06-03 16:21:57 +01:00
Hanno Becker fb63a7c532 Convert further x509parse tests to use lower-case hex data 2019-06-03 16:21:32 +01:00
Jaeden Amero c03c6ac955 test: Always use make clean by itself
When running make with parallelization, running both "clean" and "lib"
with a single make invocation can lead to each target building in
parallel. It's bad if lib is partially done building something, and then
clean deletes what was built. This can lead to errors later on in the
lib target.

    $ make -j9 clean lib
      CC    aes.c
      CC    aesni.c
      CC    arc4.c
      CC    aria.c
      CC    asn1parse.c
      CC    ./library/error.c
      CC    ./library/version.c
      CC    ./library/version_features.c
      AR    libmbedcrypto.a
    ar: aes.o: No such file or directory
    Makefile:120: recipe for target 'libmbedcrypto.a' failed
    make[2]: *** [libmbedcrypto.a] Error 1
    Makefile:152: recipe for target 'libmbedcrypto.a' failed
    make[1]: *** [libmbedcrypto.a] Error 2
    Makefile:19: recipe for target 'lib' failed
    make: *** [lib] Error 2
    make: *** Waiting for unfinished jobs....

To avoid this sort of trouble, always invoke clean by itself without
other targets throughout the library. Don't run clean in parallel with
other rules. The only place where clean was run in parallel with other
targets was in list-symbols.sh.
2019-05-31 17:48:48 +01:00
Hanno Becker 29cf243781 Use SHA-256 instead of MD2 in X.509 CRT parsing tests
- Replace 'RSA with MD2' OID '2a864886f70d010102' by
  'RSA with SHA-256' OID '2a864886f70d01010b':
  Only the last byte determines the hash, and
  `MBEDTLS_OID_PKCS1_MD2 == MBEDTLS_OID_PKCS1 "\x02"`
  `MBEDTLS_OID_PKCS1_SHA256 == MBEDTLS_OID_PKCS1 "\x0b"`
  See oid.h.
- Replace MD2 dependency by SHA256 dependency.
- Adapt expected CRT info output.
2019-05-30 11:11:24 +01:00
Hanno Becker f9681e53f2 Consistently use lower case hex data in X.509 parsing tests 2019-05-30 11:11:24 +01:00