Commit graph

995 commits

Author SHA1 Message Date
Andres Amaya Garcia 15cbf61805 Fix ret code in aescrypt2.c 2018-07-10 17:34:23 +01:00
Simon Butcher e21597db32 Merge remote-tracking branch 'public/pr/1794' into mbedtls-2.7 2018-06-28 11:46:16 +01:00
Ron Eldor 5146ef3811 Adjust to new RSA infrastructure
Don't access the rsa cotext parameters directly, but use
the local `mbedtls_mpi` variable that were exported.
2018-06-27 11:55:59 +03:00
Ron Eldor 0d63e6229d Fix compilation errors after updating
Fix compilation errorsthat happened after new code introduced
by updating the branch. Replaced `exit` label with `cleanup`.
2018-06-27 08:49:00 +03:00
Ron Eldor 45486b135d Fix style issue
Add space before and after paranthesis.
2018-06-26 19:11:12 +03:00
Ron Eldor e1440898ca Add check for return code of bignumber code
Add check for return code of `mbedtls_mpi_write_file`
as commented by @sbutcher-arm
2018-06-26 19:11:05 +03:00
Ron Eldor 9aff65afa4 remove additional zero byte when writing pub der
Remove `- 1` for setting location of output buffer,
which added a leading zero which cause failure in ASN1 parsing.
Fixes #1257
2018-06-26 17:28:07 +03:00
Simon Butcher bb5e1c3973 Fix multiple quality issues in the source
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
2018-06-08 11:14:43 +01:00
Jaeden Amero 33be84f679 Merge remote-tracking branch 'upstream-public/pr/1502' into mbedtls-2.7-proposed 2018-04-03 19:16:12 +01:00
Andrzej Kurek ffaee0952c pk_sign: added stdlib include 2018-04-03 04:36:52 -04:00
Andrzej Kurek 350e4dc6df pk_sign: adjust return values 2018-04-03 04:04:36 -04:00
Gilles Peskine 595c84a7b1 Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed 2018-04-01 12:41:29 +02:00
Andres Amaya Garcia 504ac5c884 Make DLEXT var configurable in programs and tests makefiles 2018-03-27 20:04:18 +01:00
Andrzej Kurek d959492797 pk_sign: fix overriding and ignoring return values 2018-03-26 04:13:24 -04:00
Brendan Shanks 968cda12f3 benchmark: Fix incompatibility with C89 compilers
Initializing arrays using non-constant expressions is not permitted in
C89, and was causing errors when compiling with Metrowerks CodeWarrior
(for classic MacOS) in C89 mode. Clang also produces a warning when
compiling with '-Wc99-extensions':

test/benchmark.c:670:42: warning: initializer for aggregate is not a compile-time constant [-Wc99-extensions]
        const unsigned char *dhm_P[] = { dhm_P_2048, dhm_P_3072 };
                                         ^~~~~~~~~~
test/benchmark.c:674:42: warning: initializer for aggregate is not a compile-time constant [-Wc99-extensions]
        const unsigned char *dhm_G[] = { dhm_G_2048, dhm_G_3072 };
                                         ^~~~~~~~~~

Declaring the arrays as 'static' makes them constant expressions.

fixes #1353
2018-03-22 23:21:29 -07:00
Jaeden Amero bec9a9b57a Merge branch 'development' into development-restricted 2018-01-29 12:49:23 +00:00
Jaeden Amero 4d3e1582b0 Merge remote-tracking branch 'upstream-public/pr/1287' into development 2018-01-29 12:49:20 +00:00
Jaeden Amero 784de59ccd Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted
- Resolve ChangeLog conflicts
- Update Doxygen warning block in dhm.h to render correctly
- Prefix the exported identifier deprecated_constant_t with mbedtls_
2018-01-26 18:43:04 +00:00
Jaeden Amero 934fb55aa3 Merge remote-tracking branch 'upstream-public/pr/1036' into development 2018-01-26 15:12:43 +00:00
Jaeden Amero 005239e3ed Merge remote-tracking branch 'upstream-public/pr/1294' into development 2018-01-25 14:47:39 +00:00
Manuel Pégourié-Gonnard 4fa619fe56 Fix race condition in error printing in ssl_server2.c
The race goes this way:
1. ssl_recv() succeeds (ie no signal received yet)
2. processing the message leads to aborting handshake with ret != 0
3. reset ret if we were signaled
4. print error if ret is still non-zero
5. go back to net_accept() which can be interrupted by a signal
We print the error message only if the signal is received between steps 3 and
5, not when it arrives between steps 1 and 3.

This can cause failures in ssl-opt.sh where we check for the presence of "Last
error was..." in the server's output: if we perform step 2, the client will be
notified and exit, then ssl-opt.sh will send SIGTERM to the server, but if it
didn't get a chance to run and pass step 3 in the meantime, we're in trouble.

The purpose of step 3 was to avoid spurious "Last error" messages in the
output so that ssl-opt.sh can check for a successful run by the absence of
that message. However, it is enough to suppress that message when the last
error we get is the one we expect from being interrupted by a signal - doing
more could hide real errors.

Also, improve the messages printed when interrupted to make it easier to
distinguish the two cases - this could be used in a testing script wanted to
check that the server doesn't see the client as disconnecting unexpectedly.
2018-01-25 11:27:24 +01:00
Gilles Peskine cb1e5eb326 Merge branch 'pr_1000' into development-proposed 2018-01-23 00:57:34 +01:00
Gilles Peskine 550a2b036b Merge branch 'pr_1163' into development-proposed 2018-01-23 00:57:26 +01:00
Gilles Peskine 9e4f77c606 New MD API: rename functions from _ext to _ret
The _ext suffix suggests "new arguments", but the new functions have
the same arguments. Use _ret instead, to convey that the difference is
that the new functions return a value.
2018-01-22 11:54:42 +01:00
Gilles Peskine d91f2a26cb Merge branch 'development' into iotssl-1251-2.7
Conflict resolution:

* ChangeLog: put the new entries in their rightful place.
* library/x509write_crt.c: the change in development was whitespace
  only, so use the one from the iotssl-1251 feature branch.
2018-01-19 11:25:10 +01:00
Hanno Becker d4d60579e4 Address issues found by coverity
1) `mbedtls_rsa_import_raw` used an uninitialized return
   value when it was called without any input parameters.
   While not sensible, this is allowed and should be a
   succeeding no-op.

2) The MPI test for prime generation missed a return value
   check for a call to `mbedtls_mpi_shift_r`. This is neither
   critical nor new but should be fixed.

3) Both the RSA keygeneration example program and the
   RSA test suites contained code initializing an RSA context
   after a potentially failing call to CTR DRBG initialization,
   leaving the corresponding RSA context free call in the
   cleanup section of the respective function orphaned.
   While this defect existed before, Coverity picked up on
   it again because of newly introduced MPI's that were
   also wrongly initialized only after the call to CTR DRBG
   init. The commit fixes both the old and the new issue
   by moving the initializtion of both the RSA context and
   all MPI's prior to the first potentially failing call.
2018-01-10 07:30:47 +00:00
Hanno Becker 8bc74d6f2f Merge branch 'development' into iotssl-1619 2018-01-03 10:24:02 +00:00
Manuel Pégourié-Gonnard ae3925c774 Merge remote-tracking branch 'public/pr/1136' into development
* public/pr/1136:
  Timing self test: shorten redundant tests
  Timing self test: increased duration
  Timing self test: increased tolerance
  Timing unit tests: more protection against infinite loops
  Unit test for mbedtls_timing_hardclock
  New timing unit tests
  selftest: allow excluding a subset of the tests
  selftest: allow running a subset of the tests
  selftest: refactor to separate the list of tests from the logic
  Timing self test: print some diagnosis information
  mbedtls_timing_get_timer: don't use uninitialized memory
  timing interface documentation: minor clarifications
  Timing: fix mbedtls_set_alarm(0) on Unix/POSIX
2017-12-26 10:42:20 +01:00
Hanno Becker 32297e8314 Merge branch 'development' into iotssl-1619 2017-12-22 10:24:32 +00:00
Gilles Peskine ff79d27f5c selftest: allow excluding a subset of the tests
E.g. "selftest -x timing" runs all the self-tests except timing.
2017-12-20 21:57:48 +01:00
Gilles Peskine c82fbb4e14 selftest: allow running a subset of the tests
If given command line arguments, interpret them as test names and only
run those tests.
2017-12-20 20:23:13 +01:00
Gilles Peskine 319ac801a8 selftest: refactor to separate the list of tests from the logic
No behavior change.
2017-12-20 20:19:27 +01:00
Gilles Peskine d629411212 Merge branch 'pr_920' into development 2017-12-01 23:46:58 +01:00
Ron Eldor 0728d69d6d Change kB to KiB
Change the style of the units to KiB, according to
https://docs.mbed.com/docs/writing-and-publishing-guides/en/latest/units/
2017-11-29 12:08:35 +02:00
Gilles Peskine ea8d697fa2 Merge remote-tracking branch 'upstream-public/pr/1089' into development
Resolve trivial conflict due to additions in the same place in
tests/data_files/Makefile; minor comment/whitespace presentation
improvements.
2017-11-28 17:32:32 +01:00
Ron Eldor a0748019f1 Change KB to kB
Change KB to kB, as this is the proper way to write kilo bytes
2017-11-28 16:48:51 +02:00
Gilles Peskine 68306ed31f Merge remote-tracking branch 'upstream-public/pr/1094' into development 2017-11-23 20:02:46 +01:00
Chris Xue 9a51c032ee Fix copy paste error in the error message of mbedtls_ecp_gen_key in gen_key.c 2017-11-05 19:10:51 +00:00
Hanno Becker 7f25f850ac Adapt uses of mbedtls_rsa_complete to removed PRNG argument 2017-10-10 16:56:22 +01:00
Ron Eldor 71f68c4043 Fix ssl_server2 sample application prompt
FIx the type of server_addr parameter from %d to %s.
Issue reported by Email by Bei Jin
2017-10-06 11:59:13 +01:00
Xinyu Chen e1a94a6404 Correct the printf message of the DTLS handshake.
Make it consistent with dtls_server.c
2017-10-06 11:58:50 +01:00
Hanno Becker b953921a4e Adapt benchmark application to naming and binary format 2017-10-04 13:13:34 +01:00
Hanno Becker 17c3276a2e Improve output on bad cmd line args in programs/x509/cert_write 2017-10-03 14:56:04 +01:00
Ron Eldor 7da7cb399e Fix ssl_server2 sample application prompt
FIx the type of server_addr parameter from %d to %s.
Issue reported by Email by Bei Jin
2017-10-02 19:14:58 +01:00
Hanno Becker d4d856265e Don't use deprecated macro form of DHM moduli in benchmark program 2017-10-02 15:06:27 +01:00
Hanno Becker c6fc878eda Remove mbedtls_rsa_check_crt
This is no longer needed after the decision to not exhaustively validate private key material.
2017-10-02 13:20:15 +01:00
Xinyu Chen 00afe1c046 Correct the printf message of the DTLS handshake.
Make it consistent with dtls_server.c
2017-09-30 09:52:38 +01:00
Hanno Becker 7f3652ddf1 Fix error code printing in cert_write
Error codes can consume up to two bytes, but only one was printed so far.
2017-09-22 15:39:02 +01:00
Hanno Becker 38eff43791 Use X509 CRT version macros in cert_write program 2017-09-22 15:38:20 +01:00
Hanno Becker e1b1d0af8e Fix senseless comment 2017-09-22 15:35:16 +01:00
Hanno Becker e4ad3e8803 Allow requests of size larger than 16384 in ssl_client2 2017-09-18 16:11:42 +01:00
Hanno Becker 81535d0011 Minor style and typo corrections 2017-09-14 07:51:54 +01:00
Hanno Becker 6c13d37961 Extend cert_write example program by multiple cmd line options
This commit adds the following command line options to programs/x509/cert_write:
- version (val 1, 2, 3): Set the certificate's version (v1, v2, v3)
- authority_identifier (val 0, 1): Enable or disable the addition of the
                                   authority identifier extension.
- subject_identifier (val 0, 1): Enable or disable the addition of the
                                 subject identifier extension.
- basic_constraints (val 0, 1): Enable or disable the addition of the
                                basic constraints extension.
- md (val MD5, SHA1, SHA256, SHA512): Set the hash function used
                                      when creating the CRT.
2017-09-13 15:42:16 +01:00
Hanno Becker f073de0c25 Adapt rsa_genkey example program to use new RSA interface 2017-08-23 16:17:28 +01:00
Hanno Becker 0c2639386e Adapt rsa_encrypt example program to new RSA interface 2017-08-23 16:17:28 +01:00
Hanno Becker d6ba5e3d8b Adapt rsa_sign example program to new RSA interface 2017-08-23 16:17:28 +01:00
Hanno Becker ccef18c2ff Adapt rsa_decrypt example program to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker 40371ec783 Adapt key_app_writer example program to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker 54ebf9971d Adapt key_app example program to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker 83aad1fa86 Adapt gen_key example program to new RSA interface 2017-08-23 16:17:27 +01:00
Hanno Becker c95fad3566 Adapt dh_server example program to new RSA interface 2017-08-23 16:17:27 +01:00
Peter Huewe 38fc3a0548 Remove duplicated defintion of PRINT_ERROR
The PRINT_ERROR macros are already defined exactly the same in line
101ff, so we can remove them here.
2017-07-29 02:01:22 +02:00
Hanno Becker 840bace417 Correct comment 2017-07-28 22:28:08 +01:00
Hanno Becker ce37e6269e Reliably zeroize sensitive data in AES sample application
The AES sample application programs/aes/aescrypt2 could miss zeroizing
the stack-based key buffer in case of an error during operation. This
commit fixes this and also clears another temporary buffer as well as
all command line arguments (one of which might be the key) before exit.
2017-07-28 22:28:08 +01:00
Hanno Becker f601ec5f34 Reliably zeroize sensitive data in Crypt-and-Hash sample application
The AES sample application programs/aes/crypt_and_hash could miss
zeroizing the stack-based key buffer in case of an error during
operation. This commit fixes this and also clears all command line
arguments (one of which might be the key) before exit.
2017-07-28 22:28:08 +01:00
Ron Eldor 2a47be5012 Minor: Fix typos in program comments
Fix a couple of typos and writer's mistakes,
in some reference program applications
2017-07-27 21:44:33 +01:00
Ron Eldor ee5a0ca3bb Minor: Fix typos in program comments
Fix a couple of typos and writer's mistakes,
in some reference program applications
2017-07-19 23:33:24 +02:00
Martijn de Milliano b194a283a9 dh_server: Fixed expected number of bytes received from client when receiving public value. 2017-07-06 23:55:59 +02:00
Andres Amaya Garcia 276ebb650e Add stdlib.h include to hello.c sample 2017-07-03 11:16:57 +01:00
Andres Amaya Garcia 1ff60f437f Change examples to use the new MD API and check ret code 2017-06-28 13:26:36 +01:00
Hanno Becker 8651a43e95 Remove %zu format string from ssl_client2 and ssl_server2 2017-06-09 16:13:22 +01:00
Manuel Pégourié-Gonnard c44c3c288d Merge remote-tracking branch 'janos/iotssl-1156-ecdsa-sample-and-doc-clarification' into development
* janos/iotssl-1156-ecdsa-sample-and-doc-clarification:
  Clarify the use of ECDSA API
2017-06-08 10:16:54 +02:00
Hanno Becker e6706e62d8 Add tests for missing CA chains and bad curves.
This commit adds four tests to tests/ssl-opt.sh:
(1) & (2): Check behaviour of optional/required verification when the
trusted CA chain is empty.
(3) & (4): Check behaviour of optional/required verification when the
client receives a server certificate with an unsupported curve.
2017-06-07 11:26:59 +01:00
Gilles Peskine 682df09159 Allow SHA-1 in server tests, when the signature_algorithm extension is not used 2017-06-06 18:44:14 +02:00
Gilles Peskine bc70a1836b Test that SHA-1 defaults off
Added tests to validate that certificates signed using SHA-1 are
rejected by default, but accepted if SHA-1 is explicitly enabled.
2017-06-06 18:44:14 +02:00
Gilles Peskine cd3c845157 Allow SHA-1 in SSL renegotiation tests
In the TLS test client, allow SHA-1 as a signature hash algorithm.
Without this, the renegotation tests failed.

A previous commit had allowed SHA-1 via the certificate profile but
that only applied before the initial negotiation which includes the
signature_algorithms extension.
2017-06-06 18:44:13 +02:00
Gilles Peskine ef86ab238f Allow SHA-1 in X.509 and TLS tests
SHA-1 is now disabled by default in the X.509 layer. Explicitly enable
it in our tests for now. Updating all the test data to SHA-256 should
be done over time.
2017-06-06 18:44:13 +02:00
Janos Follath 4817e27d4d Add the CA list suppression option to ssl_server2
Adding the CA suppression list option to the 'ssl_server2' sample
program is a prerequisite for adding tests for this feature to the
integration test suite (ssl-opt.sh).
2017-05-16 10:22:37 +01:00
Ron Eldor 46cf773f2f Fix wrong output in the benchmark application
The benchmark application prints the performance in Kb/s,
While it actually calculates KB/s.
Resolves issue #850
2017-05-14 15:55:06 +03:00
Janos Follath 0a5154b8a1 Clarify the use of ECDSA API
In the ecdsa.c sample application we don't use hashing, we use ecdsa
directly on a buffer containing plain text. Although the text explains
that it should be the message hash it still can be confusing.

Any misunderstandings here are potentially very dangerous, because ECDSA
truncates the message hash if necessary and this can lead to trivial
signature forgeries if the API is misused and the message is passed
directly to the function without hashing.

This commit adds a hash computation step to the ecdsa.c sample
application and clarification to the doxygen documentation of the
ECDSA functions involved.
2017-03-10 11:31:41 +00:00
Andres AG 0b736db0f3 Remove use of inttypes.h in MSVC from ssl_server2
The sample application programs/ssl/ssl_server2.c was previously
modifies to use inttypes.h to parse a string to a 64-bit integer.
However, MSVC does not support C99, so compilation fails. This
patch modifies the sample app to use the MSVC specific parsing
functions instead of inttypes.h.
2017-03-01 23:24:35 +00:00
Ron Eldor dbe8316e23 fix for issue 1101: missing rsa context initialization
added mbedtls_rsa_init in rsa_decrypt sample application
2017-03-01 07:56:40 +00:00
Paul Bakker 2382816a84 Fix default hostname for verification used in ssl_client1 2017-02-28 22:23:41 +00:00
Andres AG cef21e4cd9 Fix examples that failed to compile without PEM 2017-02-04 22:59:46 +00:00
Andres AG 692ad84e5c Add DTLS test to check 6 byte record ctr is cmp
Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
the TLS case. Because currently there are no testing facilities to check
that renegotiation routines are triggered after X number of input/output
messages, the test consists on setting a renegotiation period that
cannot be represented in 6 bytes, but whose least-significant byte is 2.
If the library behaves correctly, the renegotiation routines will be
executed after two exchanged.
2017-01-19 16:30:57 +00:00
Simon Butcher c58d7b4074 Merge fix for X.509 compatibility issues 2016-10-13 15:54:03 +01:00
Simon Butcher e19acd5e79 Add extra compilation conditions to X.509 samples
The sample applications programs/pkey/cert_req.c and
programs/pkey/cert_write.c use the library functions
mbedtls_pk_write_csr_pem() and mbedtls_pk_write_crt_pem() respectively which
are dependent on the configuration option MBEDTLS_PEM_WRITE_C. If the option
isn't defined the build breaks.

This change adds the compilation condition MBEDTLS_PEM_WRITE_C to these
sample application.
2016-10-13 13:52:00 +01:00
Simon Butcher 41dba28a2a Add extra compilation conditions to gen_key.c #559
The sample application programs/pkey/gen_key.c uses the library function
mbedtls_pk_write_key_pem() which is dependent on the configuration option
MBEDTLS_PEM_WRITE_C. If the option isn't defined the build breaks.

This change adds the compilation condition MBEDTLS_PEM_WRITE_C to the gen_key.c
sample application.
2016-10-13 13:51:13 +01:00
Andres AG 8254b6c9f3 Clean up of formatting, and potential integer overflow fix 2016-10-13 13:51:13 +01:00
Simon Butcher ea680197f8 Minor fixes to formatting and compilation conditions 2016-10-13 13:51:12 +01:00
Simon Butcher 32bb5af7e1 Add CMAC functions to the benchmark sample application 2016-10-13 13:51:11 +01:00
Brian Murray 7b07e0e4b4 Fix build failure for thread config 2016-10-13 13:51:11 +01:00
Brian Murray 86ff986884 selftest supports cmac if only MBEDTLS_DES_C is defined
Other minor typo fixes
2016-10-13 13:51:10 +01:00
Robert Cragie 45feb6ef20 Add support for AES-128-CMAC and AES-CMAC-PRF-128 2016-10-13 13:51:07 +01:00
Andres AG 3616f6f261 Rename net.{c,h} to net_sockets.{c,h}
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Paul Bakker 2d6599284f Do not add empty cert / key in cert_app 2016-10-13 13:46:04 +01:00
Paul Bakker e9bdaa251f Actually apply debug_level settings in cert_app 2016-10-13 13:46:04 +01:00
Janos Follath 9fe6f92561 Add SHA1 guards in dh_client.c and dh_server.c
The build breaked for configurations not having MBEDTLS_SHA1_C.
2016-10-07 14:17:56 +01:00
Simon Butcher 604d399a5c Add extra compilation conditions to gen_key.c #559
The sample application programs/pkey/gen_key.c uses the library function
mbedtls_pk_write_key_pem() which is dependent on the configuration option
MBEDTLS_PEM_WRITE_C. If the option isn't defined the build breaks.

This change adds the compilation condition MBEDTLS_PEM_WRITE_C to the gen_key.c
sample application.
2016-10-07 08:48:47 +01:00
Andres AG a592dcc1c6 Clean up of formatting, and potential integer overflow fix 2016-10-06 15:23:39 +01:00