From 38495a38243598cc2939b2cd917a43aed4050e4c Mon Sep 17 00:00:00 2001 From: Andres AG Date: Tue, 12 Jul 2016 16:54:33 +0100 Subject: [PATCH 01/38] Use MAKEFLAGS to pass args to make in all.sh Modify the script at tests/scripts/all.sh to export the variable MAKEFLAGS with -j if it was not set before. This should decrease the total runtime of tests/scripts/all.sh by letting make run multiple jobs in parallel. Also, add a check at the top of the script to cause a failure if the environment is not Linux. --- tests/scripts/all.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f40d52f4d..ff60c278b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -22,8 +22,11 @@ # Abort on errors (and uninitialised variables) set -eu -if [ -d library -a -d include -a -d tests ]; then :; else - err_msg "Must be run from mbed TLS root" +if [ "$( uname )" != "Linux" ]; then + echo "This script only works in Linux" >&2 + exit 1 +elif [ -d library -a -d include -a -d tests ]; then :; else + echo "Must be run from mbed TLS root" >&2 exit 1 fi @@ -42,6 +45,11 @@ FORCE=0 : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} +# if MAKEFLAGS is not set add the -j option to speed up invocations of make +if [ -n "${MAKEFLAGS+set}" ]; then + export MAKEFLAGS="-j" +fi + usage() { printf "Usage: $0\n" From 2cb4739ad27dfdd52c33a627562fa03af508a4d8 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 4 Nov 2016 12:23:11 +0000 Subject: [PATCH 02/38] Fix multiple erroneously named source files in comments This fixes many incorrect references to filenames in the comments in config.h. --- include/mbedtls/config.h | 62 ++++++++++++++++++++-------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 6fc9c772a..0f7e29bcf 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1525,7 +1525,7 @@ * library/pkwrite.c * library/x509_create.c * library/x509write_crt.c - * library/mbedtls_x509write_csr.c + * library/x509write_csr.c */ #define MBEDTLS_ASN1_WRITE_C @@ -1886,7 +1886,7 @@ * * Enable the generic message digest layer. * - * Module: library/mbedtls_md.c + * Module: library/md.c * Caller: * * Uncomment to enable generic message digest wrappers. @@ -1898,7 +1898,7 @@ * * Enable the MD2 hash algorithm. * - * Module: library/mbedtls_md2.c + * Module: library/md2.c * Caller: * * Uncomment to enable support for (rare) MD2-signed X.509 certs. @@ -1910,7 +1910,7 @@ * * Enable the MD4 hash algorithm. * - * Module: library/mbedtls_md4.c + * Module: library/md4.c * Caller: * * Uncomment to enable support for (rare) MD4-signed X.509 certs. @@ -1922,8 +1922,8 @@ * * Enable the MD5 hash algorithm. * - * Module: library/mbedtls_md5.c - * Caller: library/mbedtls_md.c + * Module: library/md5.c + * Caller: library/md.c * library/pem.c * library/ssl_tls.c * @@ -1980,11 +1980,11 @@ * library/rsa.c * library/x509.c * library/x509_create.c - * library/mbedtls_x509_crl.c - * library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c * library/x509write_crt.c - * library/mbedtls_x509write_csr.c + * library/x509write_csr.c * * This modules translates between OIDs and internal values. */ @@ -2012,9 +2012,9 @@ * Module: library/pem.c * Caller: library/dhm.c * library/pkparse.c - * library/mbedtls_x509_crl.c - * library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c + * library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -2030,7 +2030,7 @@ * Module: library/pem.c * Caller: library/pkwrite.c * library/x509write_crt.c - * library/mbedtls_x509write_csr.c + * library/x509write_csr.c * * Requires: MBEDTLS_BASE64_C * @@ -2060,8 +2060,8 @@ * Enable the generic public (asymetric) key parser. * * Module: library/pkparse.c - * Caller: library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c + * Caller: library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_PK_C * @@ -2152,8 +2152,8 @@ * * Enable the RIPEMD-160 hash algorithm. * - * Module: library/mbedtls_ripemd160.c - * Caller: library/mbedtls_md.c + * Module: library/ripemd160.c + * Caller: library/md.c * */ #define MBEDTLS_RIPEMD160_C @@ -2181,8 +2181,8 @@ * * Enable the SHA1 cryptographic hash algorithm. * - * Module: library/mbedtls_sha1.c - * Caller: library/mbedtls_md.c + * Module: library/sha1.c + * Caller: library/md.c * library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c @@ -2197,9 +2197,9 @@ * * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. * - * Module: library/mbedtls_sha256.c + * Module: library/sha256.c * Caller: library/entropy.c - * library/mbedtls_md.c + * library/md.c * library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c @@ -2214,9 +2214,9 @@ * * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. * - * Module: library/mbedtls_sha512.c + * Module: library/sha512.c * Caller: library/entropy.c - * library/mbedtls_md.c + * library/md.c * library/ssl_cli.c * library/ssl_srv.c * @@ -2364,9 +2364,9 @@ * Enable X.509 core for using certificates. * * Module: library/x509.c - * Caller: library/mbedtls_x509_crl.c - * library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c + * Caller: library/x509_crl.c + * library/x509_crt.c + * library/x509_csr.c * * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, * MBEDTLS_PK_PARSE_C @@ -2380,7 +2380,7 @@ * * Enable X.509 certificate parsing. * - * Module: library/mbedtls_x509_crt.c + * Module: library/x509_crt.c * Caller: library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c @@ -2396,8 +2396,8 @@ * * Enable X.509 CRL parsing. * - * Module: library/mbedtls_x509_crl.c - * Caller: library/mbedtls_x509_crt.c + * Module: library/x509_crl.c + * Caller: library/x509_crt.c * * Requires: MBEDTLS_X509_USE_C * @@ -2410,7 +2410,7 @@ * * Enable X.509 Certificate Signing Request (CSR) parsing. * - * Module: library/mbedtls_x509_csr.c + * Module: library/x509_csr.c * Caller: library/x509_crt_write.c * * Requires: MBEDTLS_X509_USE_C From 2adecba01f754bf317dc1a7c89782cfa85c98d64 Mon Sep 17 00:00:00 2001 From: Brian J Murray Date: Sun, 6 Nov 2016 04:45:15 -0800 Subject: [PATCH 03/38] Clarify Comments and Fix Typos (#651) Fixes many typos, and errors in comments. * Clarifies many comments * Grammar correction in config.pl help text * Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE. * Comment typo fix (Dont => Don't) * Comment typo fix (assure => ensure) * Comment typo fix (byes => bytes) * Added citation for quoted standard * Comment typo fix (one complement => 1's complement) The is some debate about whether to prefer "one's complement", "ones' complement", or "1's complement". The more recent RFCs related to TLS (RFC 6347, RFC 4347, etc) use " 1's complement", so I followed that convention. * Added missing ")" in comment * Comment alignment * Incorrect comment after #endif --- include/mbedtls/rsa.h | 2 +- include/mbedtls/x509.h | 2 +- library/cmac.c | 4 ++-- library/net_sockets.c | 2 +- library/pkparse.c | 12 ++++++------ library/ssl_tls.c | 9 +++++---- library/x509.c | 2 +- scripts/config.pl | 2 +- 8 files changed, 18 insertions(+), 17 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 35185dfda..54653dfdc 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -206,7 +206,7 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rs * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note This function does NOT take care of message - * padding. Also, be sure to set input[0] = 0 or assure that + * padding. Also, be sure to set input[0] = 0 or ensure that * input is smaller than N. * * \note The input and output buffers must be large diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 54dac166b..f219bf128 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -157,7 +157,7 @@ #define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13) #define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14) -#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */ +#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* * Storage format identifiers diff --git a/library/cmac.c b/library/cmac.c index ee2fe056c..04aca7ce1 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -62,7 +62,7 @@ #if defined(MBEDTLS_SELF_TEST) #include #define mbedtls_printf printf -#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C || MBEDTLS_DES_C */ +#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_PLATFORM_C */ /* Implementation that should never be optimized out by the compiler */ @@ -80,7 +80,7 @@ static void mbedtls_zeroize( void *v, size_t n ) { * with R_64 = 0x1B and R_128 = 0x87 * * Input and output MUST NOT point to the same buffer - * Block size must be 8 byes or 16 bytes - the block sizes for DES and AES. + * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES. */ static int cmac_multiply_by_u( unsigned char *output, const unsigned char *input, diff --git a/library/net_sockets.c b/library/net_sockets.c index cc06cbfad..6a013e979 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -238,7 +238,7 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char } } - /* I we ever get there, it's a success */ + /* Bind was successful */ ret = 0; break; } diff --git a/library/pkparse.c b/library/pkparse.c index 275429e60..efdf43746 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1187,12 +1187,12 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #endif /* MBEDTLS_PEM_PARSE_C */ /* - * At this point we only know it's not a PEM formatted key. Could be any - * of the known DER encoded private key formats - * - * We try the different DER format parsers to see if one passes without - * error - */ + * At this point we only know it's not a PEM formatted key. Could be any + * of the known DER encoded private key formats + * + * We try the different DER format parsers to see if one passes without + * error + */ #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen, pwd, pwdlen ) ) == 0 ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 84a04ae53..121c13526 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3428,7 +3428,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { - /* Dont check write errors as we can't do anything here. + /* Don't check write errors as we can't do anything here. * If the error is permanent we'll catch it later, * if it's not, then hopefully it'll work next time. */ (void) ssl->f_send( ssl->p_bio, ssl->out_buf, len ); @@ -6006,8 +6006,9 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot const char **p; /* - * "Empty strings MUST NOT be included and byte strings MUST NOT be - * truncated". Check lengths now rather than later. + * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings + * MUST NOT be truncated." + * We check lengths now rather than later. */ tot_len = 0; for( p = protos; *p != NULL; p++ ) @@ -7585,7 +7586,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, * and, for DTLS, to/from TLS equivalent. * * For TLS this is the identity. - * For DTLS, use one complement (v -> 255 - v, and then map as follows: + * For DTLS, use 1's complement (v -> 255 - v, and then map as follows: * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) */ diff --git a/library/x509.c b/library/x509.c index fad390d85..4df542e42 100644 --- a/library/x509.c +++ b/library/x509.c @@ -661,7 +661,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50 /* * X.509 Extensions (No parsing of extensions, pointer should - * be either manually updated or extensions should be parsed! + * be either manually updated or extensions should be parsed!) */ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag ) diff --git a/scripts/config.pl b/scripts/config.pl index 8921a874a..2757f17fe 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -70,7 +70,7 @@ Options used: $config_file -o | --force - If the symbol isn't present in the configuration - file when setting it's value, a #define is + file when setting its value, a #define is appended to the end of the file. EOU From 3249cb780b73e3ebc7087b265c837dc814967980 Mon Sep 17 00:00:00 2001 From: Simon B Date: Thu, 3 Nov 2016 01:11:37 +0000 Subject: [PATCH 04/38] Fix various compiler warnings with MSVC Fixes various compiler warnings found with Microsoft Visual Studio 2015 (and earlier versions). --- library/cmac.c | 13 +++++++------ library/platform.c | 4 ++-- library/x509_crt.c | 2 +- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/library/cmac.c b/library/cmac.c index 04aca7ce1..0fa5b58f5 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -105,7 +105,7 @@ static int cmac_multiply_by_u( unsigned char *output, return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } - for( i = blocksize - 1; i >= 0; i-- ) + for( i = (int)blocksize - 1; i >= 0; i-- ) { output[i] = input[i] << 1 | overflow; overflow = input[i] >> 7; @@ -209,7 +209,7 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, if( ctx == NULL || ctx->cipher_info == NULL || key == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( ( retval = mbedtls_cipher_setkey( ctx, key, keybits, + if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits, MBEDTLS_ENCRYPT ) ) != 0 ) return( retval ); @@ -244,8 +244,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, { mbedtls_cmac_context_t* cmac_ctx; unsigned char *state; - int n, j, ret = 0; - size_t olen, block_size; + int ret = 0; + size_t n, j, olen, block_size; if( ctx == NULL || ctx->cipher_info == NULL || input == NULL || ctx->cmac_ctx == NULL ) @@ -280,8 +280,9 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, /* n is the number of blocks including any final partial block */ n = ( ilen + block_size - 1 ) / block_size; - /* Iterate across the input data in block sized chunks */ - for( j = 0; j < n - 1; j++ ) + /* Iterate across the input data in block sized chunks, excluding any + * final partial or complete block */ + for( j = 1; j < n; j++ ) { cmac_xor_block( state, input, state, block_size ); diff --git a/library/platform.c b/library/platform.c index 2591c45d7..8b336c38e 100644 --- a/library/platform.c +++ b/library/platform.c @@ -237,7 +237,7 @@ int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ) } fclose( file ); - return( n ); + return( (int)n ); } int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ) @@ -255,7 +255,7 @@ int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ) } fclose( file ); - return( n ); + return( (int)n ); } #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ diff --git a/library/x509_crt.c b/library/x509_crt.c index 60e14f90e..80af7259c 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1122,7 +1122,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) p = filename + len; filename[len++] = '*'; - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir, + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir, MAX_PATH - 3 ); if( w_ret == 0 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); From 9b3e3c4942fb43cd53076167488f7bce3ae115b9 Mon Sep 17 00:00:00 2001 From: Simon B Date: Thu, 3 Nov 2016 01:12:50 +0000 Subject: [PATCH 05/38] Fix config of compiler warning flags with MSVC Compiler warnings were being configured twice and not suppressed on the test suites with Microsoft Visual Studio. --- CMakeLists.txt | 4 +++- tests/CMakeLists.txt | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a7ebfc155..3e47224ea 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -92,7 +92,9 @@ if(CMAKE_COMPILER_IS_CLANG) endif(CMAKE_COMPILER_IS_CLANG) if(MSVC) - set(CMAKE_C_FLAGS_CHECK "/WX") + # Strictest warnings, and treat as errors + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") endif(MSVC) if(CMAKE_BUILD_TYPE STREQUAL "Coverage") diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 21583c40a..bedf21b2e 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -39,7 +39,9 @@ if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG) endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG) if(MSVC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /w") # no warnings here + # If a warning level has been defined, suppress all warnings for test code + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-") endif(MSVC) add_test_suite(aes aes.ecb) From ea67eeb4e8e6cdbaa8770935a848b11d231217bb Mon Sep 17 00:00:00 2001 From: Andres AG Date: Wed, 2 Nov 2016 10:17:00 +0000 Subject: [PATCH 06/38] Remove unused var warnings in windows unittests --- tests/suites/main_test.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index afff5a482..a7bb41de3 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -261,7 +261,9 @@ int main(int argc, const char *argv[]) char buf[5000]; char *params[50]; void *pointer; +#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) int stdout_fd = -1; +#endif /* __unix__ || __APPLE__ __MACH__ */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) From c57c097cd5e53954e9e42ee0dfd0acfe9a457fe3 Mon Sep 17 00:00:00 2001 From: Jaakko Korhonen Date: Wed, 16 Nov 2016 10:56:30 +0200 Subject: [PATCH 07/38] Fixed typo in README.md Removed an extra e from agreement. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3bae47d6f..f069d9871 100644 --- a/README.md +++ b/README.md @@ -165,7 +165,7 @@ We gratefully accept bug reports and contributions from the community. There are - We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions should be fully tested before submission. - As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted. -To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an mbed account and [accepting the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an mbed account, a slightly different agreeement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to ARM as described in the instructions given. +To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an mbed account and [accepting the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to ARM as described in the instructions given. ### Making a Contribution From f95c1764faa8218c95b1f03b4d0cf7a1ad60f1e2 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 10 Nov 2016 17:25:58 +0000 Subject: [PATCH 08/38] Make the test builds much stricter for warnings Tighten up the test options in all.sh, test-ref-configs.pl and curves.pl to ensure the builds are strict for all warnings, warnings are treated as errors, and that wherever possible builds are strict to the C99 standard. (Note that builds that use the Unix sockets API cannot be). --- tests/scripts/all.sh | 53 ++++++++++++++++++------------- tests/scripts/curves.pl | 3 +- tests/scripts/test-ref-configs.pl | 16 +++++++--- 3 files changed, 44 insertions(+), 28 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6b3396059..5a764e73c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -285,16 +285,16 @@ OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min tests/ssl-opt.sh -msg "build: cmake, full config, clang" # ~ 50s +msg "build: cmake, full config, clang, C99" # ~ 50s cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests -CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check . -make +CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . +CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic' make msg "test: main suites (full config)" # ~ 5s -make test +CFLAGS='-Werror -Wall -Wextra' make test msg "test: ssl-opt.sh default (full config)" # ~ 1s tests/ssl-opt.sh -f Default @@ -314,15 +314,17 @@ tests/scripts/key-exchanges.pl msg "build: Unix make, -Os (gcc)" # ~ 30s cleanup -CC=gcc CFLAGS='-Werror -Os' make +CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' make -# this is meant to cath missing #define mbedtls_printf etc -# disable fsio to catch some more missing #include -msg "build: full config except platform/fsio, make, gcc" # ~ 30s +# Full configuration build, without platform support, file IO and net sockets. +# This should catch missing mbedtls_printf definitions, and by disabling file +# IO, it should catch missing '#include ' +msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_PLATFORM_C +scripts/config.pl unset MBEDTLS_NET_C scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT @@ -332,7 +334,8 @@ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl unset MBEDTLS_FS_IO -CC=gcc CFLAGS='-Werror -O0' make +CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0' make lib programs +CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' make test # catch compile bugs in _uninit functions msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s @@ -341,29 +344,31 @@ cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED -CC=gcc CFLAGS='-Werror -O0' make +CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' make msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_SSL_SRV_C -CC=gcc CFLAGS='-Werror -O0' make +CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' make msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_SSL_CLI_C -CC=gcc CFLAGS='-Werror -O0' make +CC=gcc CFLAGS='-Werror -Wall -Werror -O0' make +# Note, C99 compliance can also be tested with the sockets support disabled, +# as that requires a POSIX platform (which isn't the same as C99). msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux -CC=gcc CFLAGS='-Werror -O0 -std=c99 -pedantic' make lib +CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' make lib msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" cleanup @@ -389,7 +394,7 @@ fi if uname -a | grep -F x86_64 >/dev/null; then msg "build: i386, make, gcc" # ~ 30s cleanup -CC=gcc CFLAGS='-Werror -m32' make +CC=gcc CFLAGS='-Werror -Wall -Wextra -m32' make fi # x86_64 msg "build: arm-none-eabi-gcc, make" # ~ 10s @@ -407,7 +412,7 @@ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit -CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS=-Werror make lib +CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' make lib msg "build: armcc, make" cleanup @@ -428,15 +433,19 @@ scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME -CC=armcc AR=armar WARNING_CFLAGS= make lib +CC=armcc AR=armar WARNING_CFLAGS='--strict --c99' make lib if which i686-w64-mingw32-gcc >/dev/null; then -msg "build: cross-mingw64, make" # ~ 30s -cleanup -CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS=-Werror WINDOWS_BUILD=1 make -WINDOWS_BUILD=1 make clean -CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS=-Werror WINDOWS_BUILD=1 SHARED=1 make -WINDOWS_BUILD=1 make clean + msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s + cleanup + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 make lib programs + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 make test + WINDOWS_BUILD=1 make clean + + msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS'=-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make lib programs + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS'=-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make test + WINDOWS_BUILD=1 make clean fi # MemSan currently only available on Linux 64 bits diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl index 85eb7e651..bd13f52cc 100755 --- a/tests/scripts/curves.pl +++ b/tests/scripts/curves.pl @@ -49,7 +49,8 @@ for my $curve (@curves) { system( "scripts/config.pl unset $curve" ) and abort "Failed to disable $curve\n"; - system( "make lib" ) and abort "Failed to build lib: $curve\n"; + system( "CFLAGS='-Werror -Wall -Wextra' make lib" ) + and abort "Failed to build lib: $curve\n"; system( "cd tests && make" ) and abort "Failed to build tests: $curve\n"; system( "make test" ) and abort "Failed test suite: $curve\n"; diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 8f4738cb4..a9a89f1ce 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -1,9 +1,15 @@ #!/usr/bin/perl -# test standard configurations: -# - build -# - run test suite -# - run compat.sh +# test-ref-configs.pl +# +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2013-2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# For each reference configuration file in the configs directory, build the +# configuration, run the test suites and compat.sh # # Usage: tests/scripts/test-ref-configs.pl [config-name [...]] @@ -63,7 +69,7 @@ while( my ($conf, $data) = each %configs ) { system( "cp configs/$conf $config_h" ) and abort "Failed to activate $conf\n"; - system( "make CFLAGS='-Os -Werror'" ) and abort "Failed to build: $conf\n"; + system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n"; system( "make test" ) and abort "Failed test suite: $conf\n"; my $compat = $data->{'compat'}; From 097618b4c6184516e723225984fb9ee56ad456d3 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 10 Nov 2016 17:28:55 +0000 Subject: [PATCH 09/38] Fix compiler warning in debug.c --- library/debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/debug.c b/library/debug.c index a9cd814be..f9229b360 100644 --- a/library/debug.c +++ b/library/debug.c @@ -71,7 +71,7 @@ static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, */ #if defined(MBEDTLS_THREADING_C) char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */ - mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", ssl, str ); + mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str ); ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr ); #else ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); From 532c94dcb77126002e770b0a7a6baca8cdf3526e Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 10 Nov 2016 17:30:18 +0000 Subject: [PATCH 10/38] Fix formatting issues in net_sockets.c --- library/net_sockets.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/net_sockets.c b/library/net_sockets.c index 6a013e979..80be6ec6a 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -133,7 +133,8 @@ void mbedtls_net_init( mbedtls_net_context *ctx ) /* * Initiate a TCP connection with host:port and the given protocol */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ) +int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, + const char *port, int proto ) { int ret; struct addrinfo hints, *addr_list, *cur; @@ -322,7 +323,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx, { /* TCP: actual accept() */ ret = client_ctx->fd = (int) accept( bind_ctx->fd, - (struct sockaddr *) &client_addr, &n ); + (struct sockaddr *) &client_addr, &n ); } else { From 91aef338329652da9f2e5ad2be9d7f11fd51882b Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 17 Nov 2016 09:20:50 +0000 Subject: [PATCH 11/38] Fix mingw test build to avoid executing the tests Changed the mingw build target to avoid building mingw test suites and then attempting to run them which was failing on Linux. --- tests/scripts/all.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5a764e73c..122827074 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -439,12 +439,14 @@ if which i686-w64-mingw32-gcc >/dev/null; then msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s cleanup CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 make lib programs - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 make test + + # note Make tests only builds the tests, but doesn't run them + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 make tests WINDOWS_BUILD=1 make clean msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS'=-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make lib programs - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS'=-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make test + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make lib programs + CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make tests WINDOWS_BUILD=1 make clean fi From 002bc6262b3c73bf847f99d997a7960976813ce2 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 17 Nov 2016 09:27:45 +0000 Subject: [PATCH 12/38] Make mingw test build a requirement of all.sh Changed the mingw test build to be a required test of the all.sh script. --- tests/scripts/all.sh | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 122827074..6e2490961 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -209,7 +209,7 @@ export GNUTLS_SERV="$GNUTLS_SERV" # Make sure the tools we need are available. check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$GNUTLS_CLI" "$GNUTLS_SERV" \ "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \ - "arm-none-eabi-gcc" "armcc" + "arm-none-eabi-gcc" "armcc" "i686-w64-mingw32-gcc" # # Test Suites to be executed @@ -435,20 +435,18 @@ scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME CC=armcc AR=armar WARNING_CFLAGS='--strict --c99' make lib -if which i686-w64-mingw32-gcc >/dev/null; then - msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s - cleanup - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 make lib programs +msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s +cleanup +CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 make lib programs - # note Make tests only builds the tests, but doesn't run them - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 make tests - WINDOWS_BUILD=1 make clean +# note Make tests only builds the tests, but doesn't run them +CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 make tests +WINDOWS_BUILD=1 make clean - msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make lib programs - CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make tests - WINDOWS_BUILD=1 make clean -fi +msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s +CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make lib programs +CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 make tests +WINDOWS_BUILD=1 make clean # MemSan currently only available on Linux 64 bits if uname -a | grep 'Linux.*x86_64' >/dev/null; then From b67c897ded14e184af74adafaab4288cf8623082 Mon Sep 17 00:00:00 2001 From: DSiekmeier Date: Thu, 13 Oct 2016 08:08:13 +0200 Subject: [PATCH 13/38] removed outdated comment --- include/mbedtls/ssl.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ba499d2bd..2c021900b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2513,7 +2513,6 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); * \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS * \param preset a MBEDTLS_SSL_PRESET_XXX value - * (currently unused). * * \note See \c mbedtls_ssl_conf_transport() for notes on DTLS. * From d473c1f359b71d6d8e191d619d8b86a738e89c8a Mon Sep 17 00:00:00 2001 From: Simon B Date: Sat, 12 Nov 2016 22:34:10 +0000 Subject: [PATCH 14/38] Remove need for elevated command line in Windows Changes use of mklink in Windows test builds, to create junctions instead of directory symbolic links. This removes the need for an elevated command prompt when running cmake to create the Visual Studio project files. --- tests/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index bedf21b2e..dc2797968 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -115,7 +115,7 @@ if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) if (CMAKE_HOST_UNIX) set(command ln -s ${target} ${link}) else() - set(command cmd.exe /c mklink /d ${link} ${target}) + set(command cmd.exe /c mklink /j ${link} ${target}) endif() execute_process(COMMAND ${command} From ee7157e7359b861c20c87c19d87bca1a21bf419e Mon Sep 17 00:00:00 2001 From: Andres AG Date: Wed, 7 Dec 2016 10:25:19 +0000 Subject: [PATCH 15/38] Fix redefinition of macro ssl_set_bio Fix redefinition of macro ssl_set_bio to undefined symbol mbedtls_ssl_set_bio_timeout in compat-1.3.h. --- ChangeLog | 6 ++++++ include/mbedtls/compat-1.3.h | 1 - scripts/data_files/rename-1.3-2.0.txt | 1 - 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index f96786d72..b5f8812cd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS x.x.x branch released xxxx-xx-xx + +Bugfix + * Fix redefinition of macro ssl_set_bio to undefined symbol + mbedtls_ssl_set_bio_timeout in compat-1.3.h. #673 + = mbed TLS 2.4.0 branch released 2016-10-17 Security diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h index 27abbd972..af51b5f82 100644 --- a/include/mbedtls/compat-1.3.h +++ b/include/mbedtls/compat-1.3.h @@ -2453,7 +2453,6 @@ #define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support #define ssl_set_authmode mbedtls_ssl_conf_authmode #define ssl_set_bio mbedtls_ssl_set_bio -#define ssl_set_bio mbedtls_ssl_set_bio_timeout #define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain #define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting #define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites diff --git a/scripts/data_files/rename-1.3-2.0.txt b/scripts/data_files/rename-1.3-2.0.txt index 397f6beae..cb3381ab8 100644 --- a/scripts/data_files/rename-1.3-2.0.txt +++ b/scripts/data_files/rename-1.3-2.0.txt @@ -1996,7 +1996,6 @@ ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols ssl_set_arc4_support mbedtls_ssl_conf_arc4_support ssl_set_authmode mbedtls_ssl_conf_authmode ssl_set_bio mbedtls_ssl_set_bio -ssl_set_bio_timeout mbedtls_ssl_set_bio_timeout ssl_set_ca_chain mbedtls_ssl_conf_ca_chain ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites From 0368cb7f1c0a6f244fd004d3153eecd9218e5ed1 Mon Sep 17 00:00:00 2001 From: Andres AG Date: Wed, 7 Dec 2016 15:05:53 +0000 Subject: [PATCH 16/38] Fix unused variable/function compilation warnings This PR fixes a number of unused variable/function compilation warnings that arise when using a config.h that does not define the macro MBEDTLS_PEM_PARSE_C. --- ChangeLog | 7 +++++++ library/pem.c | 2 +- library/x509_crt.c | 2 +- library/x509_csr.c | 2 +- 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index f96786d72..cbf509ff9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,12 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS x.x.x branch released xxxx-xx-xx + +Bugfix + * Fix unused variable/function compilation warnings in pem.c, x509_crt.c and + x509_csr.c that are reported when building mbed TLS with a config.h that + does not define MBEDTLS_PEM_PARSE_C. #562 + = mbed TLS 2.4.0 branch released 2016-10-17 Security diff --git a/library/pem.c b/library/pem.c index 1ee3966e1..b6ad53b7d 100644 --- a/library/pem.c +++ b/library/pem.c @@ -44,12 +44,12 @@ #define mbedtls_free free #endif +#if defined(MBEDTLS_PEM_PARSE_C) /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if defined(MBEDTLS_PEM_PARSE_C) void mbedtls_pem_init( mbedtls_pem_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_pem_context ) ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 80af7259c..056dc16fe 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -969,8 +969,8 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *bu */ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ) { - int success = 0, first_error = 0, total_failed = 0; #if defined(MBEDTLS_PEM_PARSE_C) + int success = 0, first_error = 0, total_failed = 0; int buf_format = MBEDTLS_X509_FORMAT_DER; #endif diff --git a/library/x509_csr.c b/library/x509_csr.c index 603d06b64..f92b66c58 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -265,8 +265,8 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, */ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) { - int ret; #if defined(MBEDTLS_PEM_PARSE_C) + int ret; size_t use_len; mbedtls_pem_context pem; #endif From cd13bd2819a891b6bb19669c28e69c22be445ce2 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 13 Dec 2016 11:51:04 +0000 Subject: [PATCH 17/38] Update CMAC test vectors. --- ChangeLog | 7 ++ library/cmac.c | 224 +++++++++++++++++++++++++++++-------------------- 2 files changed, 139 insertions(+), 92 deletions(-) diff --git a/ChangeLog b/ChangeLog index f96786d72..0372c218f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,12 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS 2.4.x branch released 2016-xx-xx + +Changes + * Update to CMAC test data, taken from - NIST Special Publication 800-38B - + Recommendation for Block Cipher Modes of Operation: The CMAC Mode for + Authentication – October 2016 + = mbed TLS 2.4.0 branch released 2016-10-17 Security diff --git a/library/cmac.c b/library/cmac.c index 0fa5b58f5..b2fe713a0 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -26,7 +26,7 @@ * * - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The * CMAC Mode for Authentication - * http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38b.pdf + * http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf * * - RFC 4493 - The AES-CMAC Algorithm * https://tools.ietf.org/html/rfc4493 @@ -470,8 +470,9 @@ exit: #if defined(MBEDTLS_SELF_TEST) /* - * CMAC test data from SP800-38B Appendix D.1 (corrected) - * http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf + * CMAC test data for SP800-38B + * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf + * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf * * AES-CMAC-PRF-128 test data from RFC 4615 * https://tools.ietf.org/html/rfc4615#page-4 @@ -483,128 +484,148 @@ exit: #if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) /* All CMAC test inputs are truncated from the same 64 byte buffer. */ static const unsigned char test_message[] = { - 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, - 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, - 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, - 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, - 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, - 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, - 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, - 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 + /* PT */ + 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, + 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, + 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, + 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, + 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, + 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, + 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }; #endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) /* Truncation point of message for AES CMAC tests */ static const unsigned int aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = { + /* Mlen */ 0, 16, - 40, + 20, 64 }; -/* AES 128 CMAC Test Data */ +/* CMAC-AES128 Test Data */ static const unsigned char aes_128_key[16] = { - 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, - 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c + 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }; static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { { - 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66, - 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde + /* K1 */ + 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66, + 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde }, { - 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc, - 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b + /* K2 */ + 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc, + 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b } }; static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { { - 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, - 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 + /* Example #1 */ + 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, + 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 }, { - 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, - 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c + /* Example #2 */ + 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c }, { - 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30, - 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 + /* Example #3 */ + 0x7d, 0x85, 0x44, 0x9e, 0xa6, 0xea, 0x19, 0xc8, + 0x23, 0xa7, 0xbf, 0x78, 0x83, 0x7d, 0xfa, 0xde }, { - 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, - 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe + /* Example #4 */ + 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, + 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe } }; -/* AES 192 CMAC Test Data */ +/* CMAC-AES192 Test Data */ static const unsigned char aes_192_key[24] = { - 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, - 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, - 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b + 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, + 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, + 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }; static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { { - 0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27, - 0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96 + /* K1 */ + 0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27, + 0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96 }, { - 0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e, - 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c + /* K2 */ + 0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e, + 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c } }; static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { { - 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5, - 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67 + /* Example #1 */ + 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5, + 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67 }, { - 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, - 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84 + /* Example #2 */ + 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, + 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84 }, { - 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad, - 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e + /* Example #3 */ + 0x3d, 0x75, 0xc1, 0x94, 0xed, 0x96, 0x07, 0x04, + 0x44, 0xa9, 0xfa, 0x7e, 0xc7, 0x40, 0xec, 0xf8 }, { - 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79, - 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11 + /* Example #4 */ + 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79, + 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11 } }; -/* AES 256 CMAC Test Data */ +/* CMAC-AES256 Test Data */ static const unsigned char aes_256_key[32] = { - 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, - 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, - 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, - 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 + 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, + 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, + 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, + 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }; static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { { - 0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac, - 0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f + /* K1 */ + 0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac, + 0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f }, { - 0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58, - 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9 + /* K2 */ + 0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58, + 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9 } }; static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { { - 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e, - 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83 + /* Example #1 */ + 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e, + 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83 }, { - 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, - 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c + /* Example #2 */ + 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, + 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c }, { - 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2, - 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6 + /* Example #3 */ + 0x15, 0x67, 0x27, 0xdc, 0x08, 0x78, 0x94, 0x4a, + 0x02, 0x3c, 0x1f, 0xe0, 0x3b, 0xad, 0x6d, 0x93 }, { - 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5, - 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10 + /* Example #4 */ + 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5, + 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10 } }; #endif /* MBEDTLS_AES_C */ @@ -613,66 +634,84 @@ static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTL /* Truncation point of message for 3DES CMAC tests */ static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = { 0, - 8, + 16, 20, 32 }; -/* 3DES 2 Key CMAC Test Data */ +/* CMAC-TDES (Generation) - 2 Key Test Data */ static const unsigned char des3_2key_key[24] = { - 0x4c, 0xf1, 0x51, 0x34, 0xa2, 0x85, 0x0d, 0xd5, - 0x8a, 0x3d, 0x10, 0xba, 0x80, 0x57, 0x0d, 0x38, - 0x4c, 0xf1, 0x51, 0x34, 0xa2, 0x85, 0x0d, 0xd5 + /* Key1 */ + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + /* Key2 */ + 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xEF, 0x01, + /* Key3 */ + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; static const unsigned char des3_2key_subkeys[2][8] = { { - 0x8e, 0xcf, 0x37, 0x3e, 0xd7, 0x1a, 0xfa, 0xef + /* K1 */ + 0x0d, 0xd2, 0xcb, 0x7a, 0x3d, 0x88, 0x88, 0xd9 }, { - 0x1d, 0x9e, 0x6e, 0x7d, 0xae, 0x35, 0xf5, 0xc5 + /* K2 */ + 0x1b, 0xa5, 0x96, 0xf4, 0x7b, 0x11, 0x11, 0xb2 } }; static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = { { - 0xbd, 0x2e, 0xbf, 0x9a, 0x3b, 0xa0, 0x03, 0x61 + /* Sample #1 */ + 0x79, 0xce, 0x52, 0xa7, 0xf7, 0x86, 0xa9, 0x60 }, { - 0x4f, 0xf2, 0xab, 0x81, 0x3c, 0x53, 0xce, 0x83 + /* Sample #2 */ + 0xcc, 0x18, 0xa0, 0xb7, 0x9a, 0xf2, 0x41, 0x3b }, { - 0x62, 0xdd, 0x1b, 0x47, 0x19, 0x02, 0xbd, 0x4e + /* Sample #3 */ + 0xc0, 0x6d, 0x37, 0x7e, 0xcd, 0x10, 0x19, 0x69 }, { - 0x31, 0xb1, 0xe4, 0x31, 0xda, 0xbc, 0x4e, 0xb8 + /* Sample #4 */ + 0x9c, 0xd3, 0x35, 0x80, 0xf9, 0xb6, 0x4d, 0xfb } }; -/* 3DES 3 Key CMAC Test Data */ +/* CMAC-TDES (Generation) - 3 Key Test Data */ static const unsigned char des3_3key_key[24] = { - 0x8a, 0xa8, 0x3b, 0xf8, 0xcb, 0xda, 0x10, 0x62, - 0x0b, 0xc1, 0xbf, 0x19, 0xfb, 0xb6, 0xcd, 0x58, - 0xbc, 0x31, 0x3d, 0x4a, 0x37, 0x1c, 0xa8, 0xb5 + /* Key1 */ + 0x01, 0x23, 0x45, 0x67, 0x89, 0xaa, 0xcd, 0xef, + /* Key2 */ + 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, + /* Key3 */ + 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23 }; static const unsigned char des3_3key_subkeys[2][8] = { { - 0x91, 0x98, 0xe9, 0xd3, 0x14, 0xe6, 0x53, 0x5f + /* K1 */ + 0x9d, 0x74, 0xe7, 0x39, 0x33, 0x17, 0x96, 0xc0 }, { - 0x23, 0x31, 0xd3, 0xa6, 0x29, 0xcc, 0xa6, 0xa5 + /* K2 */ + 0x3a, 0xe9, 0xce, 0x72, 0x66, 0x2f, 0x2d, 0x9b } }; static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = { { - 0xb7, 0xa6, 0x88, 0xe1, 0x22, 0xff, 0xaf, 0x95 + /* Sample #1 */ + 0x7d, 0xb0, 0xd3, 0x7d, 0xf9, 0x36, 0xc5, 0x50 }, { - 0x8e, 0x8f, 0x29, 0x31, 0x36, 0x28, 0x37, 0x97 + /* Sample #2 */ + 0x30, 0x23, 0x9c, 0xf1, 0xf5, 0x2e, 0x66, 0x09 }, { - 0x74, 0x3d, 0xdb, 0xe0, 0xce, 0x2d, 0xc2, 0xed + /* Sample #3 */ + 0x6c, 0x9f, 0x3e, 0xe4, 0x92, 0x3f, 0x6b, 0xe2 }, { - 0x33, 0xe6, 0xb1, 0x09, 0x24, 0x00, 0xea, 0xe5 + /* Sample #4 */ + 0x99, 0x42, 0x9b, 0xd0, 0xbF, 0x79, 0x04, 0xe5 } }; @@ -681,8 +720,9 @@ static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED #if defined(MBEDTLS_AES_C) /* AES AES-CMAC-PRF-128 Test Data */ static const unsigned char PRFK[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + /* Key */ + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xed, 0xcb }; @@ -693,25 +733,25 @@ static const size_t PRFKlen[NB_PRF_TESTS] = { 10 }; -/* PRF M */ +/* Message */ static const unsigned char PRFM[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 }; static const unsigned char PRFT[NB_PRF_TESTS][16] = { { - 0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b, - 0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a + 0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b, + 0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a }, { - 0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52, - 0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d + 0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52, + 0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d }, { - 0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee, - 0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d + 0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee, + 0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d } }; #endif /* MBEDTLS_AES_C */ From 1808dc01bd2eb596bb234711a52af33fc19f9d9d Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 13 Dec 2016 14:14:03 +0000 Subject: [PATCH 18/38] Update library version number to 2.4.1 --- ChangeLog | 2 +- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0372c218f..0a857ba76 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS 2.4.x branch released 2016-xx-xx += mbed TLS 2.4.1 branch released 2016-12-13 Changes * Update to CMAC test data, taken from - NIST Special Publication 800-38B - diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index f2fcc8b04..079416712 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -21,7 +21,7 @@ */ /** - * @mainpage mbed TLS v2.4.0 source code documentation + * @mainpage mbed TLS v2.4.1 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 344be8c79..e58794e0f 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.4.0" +PROJECT_NAME = "mbed TLS v2.4.1" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 6c0cc9b08..327034630 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -39,16 +39,16 @@ */ #define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MINOR 4 -#define MBEDTLS_VERSION_PATCH 0 +#define MBEDTLS_VERSION_PATCH 1 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x02040000 -#define MBEDTLS_VERSION_STRING "2.4.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.0" +#define MBEDTLS_VERSION_NUMBER 0x02040100 +#define MBEDTLS_VERSION_STRING "2.4.1" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.1" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6eb11f203..8882ddf6a 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -140,15 +140,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedcrypto SHARED ${src_crypto}) - set_target_properties(mbedcrypto PROPERTIES VERSION 2.4.0 SOVERSION 0) + set_target_properties(mbedcrypto PROPERTIES VERSION 2.4.1 SOVERSION 0) target_link_libraries(mbedcrypto ${libs}) add_library(mbedx509 SHARED ${src_x509}) - set_target_properties(mbedx509 PROPERTIES VERSION 2.4.0 SOVERSION 0) + set_target_properties(mbedx509 PROPERTIES VERSION 2.4.1 SOVERSION 0) target_link_libraries(mbedx509 ${libs} mbedcrypto) add_library(mbedtls SHARED ${src_tls}) - set_target_properties(mbedtls PROPERTIES VERSION 2.4.0 SOVERSION 10) + set_target_properties(mbedtls PROPERTIES VERSION 2.4.1 SOVERSION 10) target_link_libraries(mbedtls ${libs} mbedx509) install(TARGETS mbedtls mbedx509 mbedcrypto diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 52f09edae..22e608f80 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.4.0" +check_compiletime_version:"2.4.1" Check runtime library version -check_runtime_version:"2.4.0" +check_runtime_version:"2.4.1" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From f4957a8855335a4d30fe801f242d5109b5b4cd92 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Wed, 14 Dec 2016 15:27:22 +0000 Subject: [PATCH 19/38] Clarify CMAC API Added additional text to cmac.h to make the API clearer. --- include/mbedtls/cmac.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 75e0b97c4..9a2b96bc9 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -58,9 +58,13 @@ struct mbedtls_cmac_context_t /** * \brief Set the CMAC key and prepare to authenticate the input * data. - * Should be called with an initialised cipher context. + * Should be called with an initialized cipher context. * - * \param ctx Cipher context + * \param ctx Cipher context. This should be a cipher context, + * initialized to be one of the following types: + * MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB, + * MBEDTLS_CIPHER_AES_256_ECB or + * MBEDTLS_CIPHER_DES_EDE3_ECB. * \param key CMAC key * \param keybits length of the CMAC key in bits * (must be acceptable by the cipher) @@ -115,7 +119,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); /** - * \brief Output = Generic_CMAC( hmac key, input buffer ) + * \brief Output = Generic_CMAC( cmac key, input buffer ) * * \param cipher_info message digest info * \param key CMAC key From 87bb577cfb2ae300a53e0dd31fa54f8bdfeffbea Mon Sep 17 00:00:00 2001 From: Andres AG Date: Tue, 27 Sep 2016 15:05:15 +0100 Subject: [PATCH 20/38] Add ARM Compiler 6 build tests to all.sh --- scripts/output_env.sh | 27 +++++++++++++++++++++++---- tests/scripts/all.sh | 40 ++++++++++++++++++++++++++++++++++++---- 2 files changed, 59 insertions(+), 8 deletions(-) diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 441fe18fb..fc3f66645 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -22,11 +22,30 @@ echo "* Operating system and architecture:" uname -a echo -if `hash armcc > /dev/null 2>&1`; then - echo "* armcc:" - armcc --vsn | head -n 2 +if [ -n "${ARMC5_CC+set}" ]; then + if `hash "$ARMC5_CC" > /dev/null 2>&1`; then + echo "* $ARMC5_CC at environment variable 'ARMC5_CC':" + $ARMC5_CC --vsn | head -n 2 + else + echo "* $ARMC5_CC at environment variable 'ARMC5_CC' not found!" + fi else - echo "* armcc not found!" + if `hash armcc > /dev/null 2>&1`; then + echo "* armcc:" + armcc --vsn | head -n 2 + else + echo "* armcc not found!" + fi +fi + +if [ -n "${ARMC6_CC+set}" ]; then + echo + if `hash "$ARMC6_CC" > /dev/null 2>&1`; then + echo "* $ARMC6_CC at environment variable 'ARMC6_CC':" + $ARMC6_CC --vsn | head -n 2 + else + echo "* $ARMC6_CC at environment variable 'ARMC6_CC' not found!" + fi fi echo diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d73c9262d..0a5c234c5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -45,6 +45,8 @@ RELEASE=0 : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} +: ${ARMC5_BIN_DIR:=/usr/bin} +: ${ARMC6_BIN_DIR:=/usr/bin} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -n "${MAKEFLAGS+set}" ]; then @@ -66,6 +68,8 @@ usage() printf " --gnutls-serv=\t\tPath to GnuTLS server executable to use for most tests.\n" printf " --gnutls-legacy-cli=\t\tPath to GnuTLS client executable to use for legacy tests.\n" printf " --gnutls-legacy-serv=\t\tPath to GnuTLS server executable to use for legacy tests.\n" + printf " --armc5-bin-dir=\t\tPath to the ARM Compiler 5 bin directory.\n" + printf " --armc6-bin-dir=\t\tPath to the ARM Compiler 6 bin directory.\n" } # remove built files as well as the cmake cache/config @@ -152,6 +156,14 @@ while [ $# -gt 0 ]; do shift GNUTLS_LEGACY_SERV="$1" ;; + --armc5-bin-dir) + shift + ARMC5_BIN_DIR="$1" + ;; + --armc6-bin-dir) + shift + ARMC6_BIN_DIR="$1" + ;; --help|-h|*) usage exit 1 @@ -204,6 +216,13 @@ echo "GNUTLS_CLI: $GNUTLS_CLI" echo "GNUTLS_SERV: $GNUTLS_SERV" echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" +echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" +echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" + +ARMC5_CC="$ARMC5_BIN_DIR/armcc" +ARMC5_AR="$ARMC5_BIN_DIR/armar" +ARMC6_CC="$ARMC6_BIN_DIR/armclang" +ARMC6_AR="$ARMC6_BIN_DIR/armar" # To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh # we just export the variables they require @@ -217,7 +236,7 @@ export GNUTLS_SERV="$GNUTLS_SERV" # Make sure the tools we need are available. check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$GNUTLS_CLI" "$GNUTLS_SERV" \ "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \ - "arm-none-eabi-gcc" "armcc" + "arm-none-eabi-gcc" "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR" # # Test Suites to be executed @@ -233,7 +252,8 @@ check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$GNUTLS_CLI" "$GNUTLS_SERV" \ msg "info: output_env.sh" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \ GNUTLS_SERV="$GNUTLS_SERV" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \ - GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" scripts/output_env.sh + GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" ARMC5_CC="$ARMC5_CC" \ + ARMC6_CC="$ARMC6_CC" scripts/output_env.sh msg "test: recursion.pl" # < 1s tests/scripts/recursion.pl library/*.c @@ -417,7 +437,7 @@ scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS=-Werror make lib -msg "build: armcc, make" +msg "build: ARM Compiler 5, make" cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full @@ -436,7 +456,19 @@ scripts/config.pl unset MBEDTLS_THREADING_C scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME -CC=armcc AR=armar WARNING_CFLAGS= make lib + +CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS= make lib +make clean + +msg "build: ARM Compiler 6 (arm-arm-none-eabi), make" +ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" \ + CFLAGS="--target=arm-arm-none-eabi" WARNING_CFLAGS= make lib +make clean + +msg "build: ARM Compiler 6 (aarch64-arm-none-eabi), make" +ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" \ + CFLAGS="--target=aarch64-arm-none-eabi" WARNING_CFLAGS= make lib +make clean if which i686-w64-mingw32-gcc >/dev/null; then msg "build: cross-mingw64, make" # ~ 30s From 31f9b5bdd87a2ec935e61218eecb7fb95b51c6e3 Mon Sep 17 00:00:00 2001 From: Andres AG Date: Tue, 4 Oct 2016 17:14:38 +0100 Subject: [PATCH 21/38] Modify output_env.sh to make it extensible --- scripts/output_env.sh | 183 +++++++++++++----------------------------- tests/scripts/all.sh | 2 +- 2 files changed, 56 insertions(+), 129 deletions(-) diff --git a/scripts/output_env.sh b/scripts/output_env.sh index fc3f66645..1afaac33e 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -1,5 +1,5 @@ -#!/bin/sh -# +#! /usr/bin/env sh + # output_env.sh # # This file is part of mbed TLS (https://tls.mbed.org) @@ -17,163 +17,92 @@ # - version of libc, clang, asan and valgrind if installed # - version of gnuTLS and OpenSSL -echo -echo "* Operating system and architecture:" -uname -a +print_version() +{ + BIN="$1" + shift + ARGS="$1" + shift + FAIL_MSG="$1" + shift -echo -if [ -n "${ARMC5_CC+set}" ]; then - if `hash "$ARMC5_CC" > /dev/null 2>&1`; then - echo "* $ARMC5_CC at environment variable 'ARMC5_CC':" - $ARMC5_CC --vsn | head -n 2 - else - echo "* $ARMC5_CC at environment variable 'ARMC5_CC' not found!" + if ! `type "$BIN" > /dev/null 2>&1`; then + echo "* $FAIL_MSG" + return 0 fi -else - if `hash armcc > /dev/null 2>&1`; then - echo "* armcc:" - armcc --vsn | head -n 2 - else - echo "* armcc not found!" - fi -fi -if [ -n "${ARMC6_CC+set}" ]; then - echo - if `hash "$ARMC6_CC" > /dev/null 2>&1`; then - echo "* $ARMC6_CC at environment variable 'ARMC6_CC':" - $ARMC6_CC --vsn | head -n 2 - else - echo "* $ARMC6_CC at environment variable 'ARMC6_CC' not found!" - fi -fi + BIN=`which "$BIN"` + VERSION_STR=`$BIN $ARGS 2>&1` + # Apply all filters + while [ $# -gt 0 ]; do + FILTER="$1" + shift + VERSION_STR=`echo "$VERSION_STR" | $FILTER` + done + + echo "* ${BIN##*/}: $BIN: $VERSION_STR" +} + +print_version "uname" "-a" "" echo -if `hash arm-none-eabi-gcc > /dev/null 2>&1`; then - echo "* gcc-arm:" - arm-none-eabi-gcc --version | head -n 1 -else - echo "* gcc-arm not found!" -fi +: ${ARMC5_CC:=armcc} +print_version "$ARMC5_CC" "--vsn" "armcc not found!" "head -n 2" echo -if `hash gcc > /dev/null 2>&1`; then - echo "* gcc:" - gcc --version | head -n 1 -else - echo "* gcc not found!" -fi +: ${ARMC6_CC:=armclang} +print_version "$ARMC6_CC" "--vsn" "armclang not found!" "head -n 2" echo -if `hash clang > /dev/null 2>&1`; then - echo "* clang:" - clang --version | head -n 2 - clang -v 2>&1 | grep Selected -else - echo "* clang not found!" -fi +print_version "arm-none-eabi-gcc" "--version" "gcc-arm not found!" "head -n 1" echo -if `hash ldd > /dev/null 2>&1`; then - echo "* libc:" - ldd --version | head -n 1 -else - echo "* No ldd present: can't determine libc version!" -fi +print_version "gcc" "--version" "gcc not found!" "head -n 1" echo -if `hash valgrind > /dev/null 2>&1`; then - echo "* valgrind:" - valgrind --version -else - echo "* valgrind not found!" -fi +print_version "clang" "--version" "clang not found" "head -n 2" echo -if `hash openssl > /dev/null 2>&1`; then - echo "* openssl:" - openssl version -else - echo "* openssl not found!" -fi -if [ -n "${OPENSSL+set}" ]; then - echo - if `hash "$OPENSSL" > /dev/null 2>&1`; then - echo "* $OPENSSL at environment variable 'OPENSSL':" - $OPENSSL version - else - echo "* $OPENSSL at environment variable 'OPENSSL' not found!" - fi -fi +print_version "ldd" "--version" \ + "No ldd present: can't determine libc version!" \ + "head -n 1" +echo + +print_version "valgrind" "--version" "valgrind not found!" +echo + +: ${OPENSSL:=openssl} +print_version "$OPENSSL" "version" "openssl not found!" +echo if [ -n "${OPENSSL_LEGACY+set}" ]; then + print_version "$OPENSSL_LEGACY" "version" "openssl legacy version not found!" echo - if `hash "$OPENSSL_LEGACY" > /dev/null 2>&1`; then - echo "* $OPENSSL_LEGACY at environment variable 'OPENSSL_LEGACY':" - $OPENSSL_LEGACY version - else - echo "* $OPENSSL_LEGACY at environment variable 'OPENSSL_LEGACY' not found!" - fi fi +: ${GNUTLS_CLI:=gnutls-cli} +print_version "$GNUTLS_CLI" "--version" "gnuTLS client not found!" "head -n 1" echo -if `hash gnutls-cli > /dev/null 2>&1`; then - echo "* gnuTLS client:" - gnutls-cli --version | head -n 1 -else - echo "* gnuTLS client not found!" -fi +: ${GNUTLS_SERV:=gnutls-serv} +print_version "$GNUTLS_SERV" "--version" "gnuTLS server not found!" "head -n 1" echo -if `hash gnutls-serv > /dev/null 2>&1`; then - echo "* gnuTLS server:" - gnutls-serv --version | head -n 1 -else - echo "* gnuTLS server not found!" -fi - -if [ -n "${GNUTLS_CLI+set}" ]; then - echo - if `hash "$GNUTLS_CLI" > /dev/null 2>&1`; then - echo "* $GNUTLS_CLI at environment variable 'GNUTLS_CLI':" - $GNUTLS_CLI --version | head -n 1 - else - echo "* $GNUTLS_CLI at environment variable 'GNUTLS_CLI' not found!" - fi -fi - -if [ -n "${GNUTLS_SERV+set}" ]; then - echo - if `hash "$GNUTLS_SERV" > /dev/null 2>&1`; then - echo "* $GNUTLS_SERV at environment variable 'GNUTLS_SERV':" - $GNUTLS_SERV --version | head -n 1 - else - echo "* $GNUTLS_SERV at environment variable 'GNUTLS_SERV' not found!" - fi -fi if [ -n "${GNUTLS_LEGACY_CLI+set}" ]; then + print_version "$GNUTLS_LEGACY_CLI" "--version" \ + "gnuTLS client legacy version not found!" \ + "head -n 1" echo - if `hash "$GNUTLS_LEGACY_CLI" > /dev/null 2>&1`; then - echo "* $GNUTLS_LEGACY_CLI at environment variable 'GNUTLS_LEGACY_CLI':" - $GNUTLS_LEGACY_CLI --version | head -n 1 - else - echo "* $GNUTLS_LEGACY_CLI at environment variable 'GNUTLS_LEGACY_CLI' not found!" - fi fi if [ -n "${GNUTLS_LEGACY_SERV+set}" ]; then + print_version "$GNUTLS_LEGACY_SERV" "--version" \ + "gnuTLS server legacy version not found!" \ + "head -n 1" echo - if `hash "$GNUTLS_LEGACY_SERV" > /dev/null 2>&1`; then - echo "* $GNUTLS_LEGACY_SERV at environment variable 'GNUTLS_LEGACY_SERV':" - $GNUTLS_LEGACY_SERV --version | head -n 1 - else - echo "* $GNUTLS_LEGACY_SERV at environment variable 'GNUTLS_LEGACY_SERV' not found!" - fi fi -echo if `hash dpkg > /dev/null 2>&1`; then echo "* asan:" dpkg -s libasan2 2> /dev/null | grep -i version @@ -182,6 +111,4 @@ if `hash dpkg > /dev/null 2>&1`; then else echo "* No dpkg present: can't determine asan version!" fi - echo - diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0a5c234c5..d8e7a21cc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#! /usr/bin/env sh # all.sh # From a5cd9730471abdb4a81d8f0384f3e0c04f4be35e Mon Sep 17 00:00:00 2001 From: Andres AG Date: Mon, 17 Oct 2016 15:23:10 +0100 Subject: [PATCH 22/38] Add -march argument to armc6 build tests --- tests/scripts/all.sh | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d8e7a21cc..5fe9fd877 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -98,6 +98,16 @@ msg() echo "******************************************************************" } +armc6_build_test() +{ + FLAGS="$1" + + msg "build: ARM Compiler 6 ($FLAGS), make" + ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ + WARNING_CFLAGS= make lib + make clean +} + err_msg() { echo "$1" >&2 @@ -460,15 +470,11 @@ scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS= make lib make clean -msg "build: ARM Compiler 6 (arm-arm-none-eabi), make" -ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" \ - CFLAGS="--target=arm-arm-none-eabi" WARNING_CFLAGS= make lib -make clean - -msg "build: ARM Compiler 6 (aarch64-arm-none-eabi), make" -ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" \ - CFLAGS="--target=aarch64-arm-none-eabi" WARNING_CFLAGS= make lib -make clean +armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a" +armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m" +armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a" +armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main" +armc6_build_test "--target=aarch64-arm-none-eabi" if which i686-w64-mingw32-gcc >/dev/null; then msg "build: cross-mingw64, make" # ~ 30s From 49f00bd81d460a42b0852ae914c3a9abea6ad4ba Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 5 Jan 2017 16:20:56 +0000 Subject: [PATCH 23/38] Clarify use of armcc in all.sh --- tests/scripts/all.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5fe9fd877..6dbe54458 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -282,6 +282,8 @@ msg "test: doxygen warnings" # ~ 3s cleanup tests/scripts/doxygen.sh +# Note - use of yotta is deprecated, and yotta also requires armcc to be on the +# path, and uses whatever version of armcc it finds there. msg "build: create and build yotta module" # ~ 30s cleanup tests/scripts/yotta-build.sh From cb587009d679812dc27979c867cdc0e056a132e6 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 6 Jan 2017 16:14:44 +0000 Subject: [PATCH 24/38] Fix all.sh test builds with recent glibc and clang Fixes strict C99 builds in all.sh with glibc version >2.19 where platform support wasn't being compiled in automatically. Also fixes C99 syntax with armclang. --- tests/scripts/all.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 32f79fefc..ea9690173 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -104,7 +104,7 @@ armc6_build_test() msg "build: ARM Compiler 6 ($FLAGS), make" ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ - WARNING_CFLAGS='--strict --c99' make lib + WARNING_CFLAGS='-xc -std=c99' make lib make clean } @@ -375,7 +375,9 @@ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.pl unset MBEDTLS_FS_IO -CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0' make lib programs +# Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, +# to re-enable platform integration features otherwise disabled in C99 builds +CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' make lib programs CC=gcc CFLAGS='-Werror -Wall -Wextra -O0' make test # catch compile bugs in _uninit functions From 14918fbda4da2a857f2166f57f5c90e151cd001b Mon Sep 17 00:00:00 2001 From: Jaakko Korhonen Date: Mon, 9 Jan 2017 11:07:46 +0200 Subject: [PATCH 25/38] Fixed typo in ssl.h --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ba499d2bd..69fc502f0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1146,7 +1146,7 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) * * \note See the documentation of \c mbedtls_ssl_set_timer_t and * \c mbedtls_ssl_get_timer_t for the conventions this pair of - * callbacks must fallow. + * callbacks must follow. * * \note On some platforms, timing.c provides * \c mbedtls_timing_set_delay() and From 18c5c59b5b99107889e57f989eb818f2df79c084 Mon Sep 17 00:00:00 2001 From: Andres AG Date: Thu, 15 Dec 2016 17:01:16 +0000 Subject: [PATCH 26/38] Fix renegotiation at incorrect times in DTLS Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared 64 bits of record counter instead of 48 bits as described in RFC 6347 Section 4.3.1. This would cause the function's return value to be occasionally incorrect and the renegotiation routines to be triggered at unexpected times. --- ChangeLog | 9 +++++++++ include/mbedtls/ssl.h | 6 ++++-- library/ssl_tls.c | 16 ++++++++++++---- 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0a857ba76..43aa8bb4e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,14 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS x.x.x branch released xxxx-xx-xx + +Bugfix + * Fix incorrect renegotiation condition in ssl_check_ctr_renegotiate() that + would compare 64 bits of the record counter instead of 48 bits as indicated + in RFC 6347 Section 4.3.1. This could cause the execution of the + renegotiation routines at unexpected times when the protocol is DTLS. Found + by wariua. #687 + = mbed TLS 2.4.1 branch released 2016-12-13 Changes diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2c021900b..19fc1f192 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2183,7 +2183,7 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_ /** * \brief Set record counter threshold for periodic renegotiation. - * (Default: 2^64 - 256.) + * (Default: 2^48 - 1) * * Renegotiation is automatically triggered when a record * counter (outgoing or ingoing) crosses the defined @@ -2194,9 +2194,11 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_ * Lower values can be used to enforce policies such as "keys * must be refreshed every N packets with cipher X". * + * \note When the transport is set to MBEDTLS_SSL_TRANSPORT_DATAGRAM, + * the maximum renegotiation period is 2^48 - 1. + * * \param conf SSL configuration * \param period The threshold value: a big-endian 64-bit number. - * Set to 2^64 - 1 to disable periodic renegotiation */ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, const unsigned char period[8] ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 121c13526..abad0b385 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6482,6 +6482,10 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) */ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) { + size_t ep_len = ssl_ep_len( ssl ); + int in_ctr_cmp; + int out_ctr_cmp; + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) @@ -6489,8 +6493,12 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) return( 0 ); } - if( memcmp( ssl->in_ctr, ssl->conf->renego_period, 8 ) <= 0 && - memcmp( ssl->out_ctr, ssl->conf->renego_period, 8 ) <= 0 ) + in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len ); + out_ctr_cmp = memcmp( ssl->out_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len ); + + if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) { return( 0 ); } @@ -7231,8 +7239,8 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_RENEGOTIATION) conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; - memset( conf->renego_period, 0xFF, 7 ); - conf->renego_period[7] = 0x00; + memset( conf->renego_period, 0x00, 2 ); + memset( conf->renego_period + 2, 0xFF, 6 ); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) From 692ad84e5cd73670786faae4c01d4d4840523f68 Mon Sep 17 00:00:00 2001 From: Andres AG Date: Thu, 19 Jan 2017 16:30:57 +0000 Subject: [PATCH 27/38] Add DTLS test to check 6 byte record ctr is cmp Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in the TLS case. Because currently there are no testing facilities to check that renegotiation routines are triggered after X number of input/output messages, the test consists on setting a renegotiation period that cannot be represented in 6 bytes, but whose least-significant byte is 2. If the library behaves correctly, the renegotiation routines will be executed after two exchanged. --- programs/ssl/ssl_server2.c | 27 +++++++++++++++++++++------ tests/ssl-opt.sh | 13 +++++++++++++ 2 files changed, 34 insertions(+), 6 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 18bda599f..d98b669b5 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -63,6 +63,8 @@ int main( void ) #include #include #include +#include +#include #if !defined(_WIN32) #include @@ -113,7 +115,7 @@ int main( void ) #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 #define DFL_RENEGO_DELAY -2 -#define DFL_RENEGO_PERIOD -1 +#define DFL_RENEGO_PERIOD ( (uint64_t)-1 ) #define DFL_EXCHANGES 1 #define DFL_MIN_VERSION -1 #define DFL_MAX_VERSION -1 @@ -292,7 +294,7 @@ int main( void ) " renegotiation=%%d default: 0 (disabled)\n" \ " renegotiate=%%d default: 0 (disabled)\n" \ " renego_delay=%%d default: -2 (library default)\n" \ - " renego_period=%%d default: (library default)\n" + " renego_period=%%d default: (2^64 - 1 for TLS, 2^48 - 1 for DTLS)\n" #else #define USAGE_RENEGO "" #endif @@ -351,6 +353,19 @@ int main( void ) " force_ciphersuite= default: all enabled\n" \ " acceptable ciphersuite names:\n" + +#define PUT_UINT64_BE(out_be,in_le,i) \ +{ \ + (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF ); \ + (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF ); \ + (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF ); \ + (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF ); \ + (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF ); \ + (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF ); \ + (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8 ) & 0xFF ); \ + (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ +} + /* * global options */ @@ -377,7 +392,7 @@ struct options int allow_legacy; /* allow legacy renegotiation */ int renegotiate; /* attempt renegotiation? */ int renego_delay; /* delay before enforcing renegotiation */ - int renego_period; /* period for automatic renegotiation */ + uint64_t renego_period; /* period for automatic renegotiation */ int exchanges; /* number of data exchanges */ int min_version; /* minimum protocol version accepted */ int max_version; /* maximum protocol version accepted */ @@ -1041,8 +1056,8 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "renego_period" ) == 0 ) { - opt.renego_period = atoi( q ); - if( opt.renego_period < 2 || opt.renego_period > 255 ) + if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 || + opt.renego_period < 2 ) goto usage; } else if( strcmp( p, "exchanges" ) == 0 ) @@ -1757,7 +1772,7 @@ int main( int argc, char *argv[] ) if( opt.renego_period != DFL_RENEGO_PERIOD ) { - renego_period[7] = opt.renego_period; + PUT_UINT64_BE( renego_period, opt.renego_period, 0 ); mbedtls_ssl_conf_renegotiation_period( &conf, renego_period ); } #endif diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 57155b89d..41fbc3d29 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1601,6 +1601,19 @@ run_test "Renegotiation: DTLS, server-initiated" \ -s "=> renegotiate" \ -s "write hello request" +run_test "Renegotiation: DTLS, renego_period overflow" \ + "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \ + "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -s "record counter limit reached: renegotiate" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + requires_gnutls run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ "$G_SRV -u --mtu 4096" \ From 1bef2266e5109c4d0a4d3fd1962662c161274062 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 2 Feb 2017 13:08:37 +0000 Subject: [PATCH 28/38] Clarify fix for #673 in Changelog Clarified fix, and added credit. --- ChangeLog | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index a404c56da..4b7536c33 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,8 +3,9 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS x.x.x branch released xxxx-xx-xx Bugfix - * Fix redefinition of macro ssl_set_bio to undefined symbol - mbedtls_ssl_set_bio_timeout in compat-1.3.h. #673 + * Fix the redefinition of macro ssl_set_bio to an undefined symbol + mbedtls_ssl_set_bio_timeout in compat-1.3.h, by removing it. + Found by omlib-lin. #673 = mbed TLS 2.4.1 branch released 2016-12-13 From d9440b15e6a0a89739f009b7b15ca6c6471c0b3a Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 2 Feb 2017 16:17:37 +0000 Subject: [PATCH 29/38] Add credit to Changelog for #562 --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 351275b48..2d26a4f13 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,7 +8,7 @@ Bugfix Found by omlib-lin. #673 * Fix unused variable/function compilation warnings in pem.c, x509_crt.c and x509_csr.c that are reported when building mbed TLS with a config.h that - does not define MBEDTLS_PEM_PARSE_C. #562 + does not define MBEDTLS_PEM_PARSE_C. Found by omnium21. #562 = mbed TLS 2.4.1 branch released 2016-12-13 From ee75b9b417de9ae93745cd7c428c4400ca7689e1 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 3 Feb 2017 00:21:28 +0000 Subject: [PATCH 30/38] Add clarification to the TLS renegotiation period Expanded details on use of mbedtls_ssl_conf_renegotiation_period() --- include/mbedtls/ssl.h | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 8042693d0..42c9779c6 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2194,8 +2194,14 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_ * Lower values can be used to enforce policies such as "keys * must be refreshed every N packets with cipher X". * - * \note When the transport is set to MBEDTLS_SSL_TRANSPORT_DATAGRAM, - * the maximum renegotiation period is 2^48 - 1. + * The renegotiation period can be disabled by setting + * conf->disable_renegotiation to + * MBEDTLS_SSL_RENEGOTIATION_DISABLED. + * + * \note When the configured transport is + * MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation + * period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM, + * the maximum renegotiation period is 2^64 - 1. * * \param conf SSL configuration * \param period The threshold value: a big-endian 64-bit number. From cef21e4cd97ba2bf1fd01f69a3f814583179a6bb Mon Sep 17 00:00:00 2001 From: Andres AG Date: Thu, 2 Feb 2017 17:01:10 +0000 Subject: [PATCH 31/38] Fix examples that failed to compile without PEM --- programs/ssl/dtls_client.c | 2 +- programs/ssl/ssl_mail_client.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 442a3fb7c..e18ee42a1 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -37,7 +37,7 @@ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_CERTS_C) + !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) int main( void ) { mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 4a22771d7..b49ffb478 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -494,13 +494,13 @@ int main( int argc, char *argv[] ) ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); else #endif -#if defined(MBEDTLS_CERTS_C) +#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, mbedtls_test_cas_pem_len ); #else { ret = 1; - mbedtls_printf("MBEDTLS_CERTS_C not defined."); + mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined."); } #endif if( ret < 0 ) From 7df03916e135a82c4f21c6ebcdcbc0f1a0bdfe8e Mon Sep 17 00:00:00 2001 From: Andres AG Date: Mon, 24 Oct 2016 11:23:36 +0100 Subject: [PATCH 32/38] Fix buffer overreads in mbedtls_pem_read_buffer() --- ChangeLog | 3 +++ library/pem.c | 20 +++++++++++--------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index fbc24cf73..53e6f3d0a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,9 @@ Bugfix in RFC 6347 Section 4.3.1. This could cause the execution of the renegotiation routines at unexpected times when the protocol is DTLS. Found by wariua. #687 + * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing + the input string in pem format to extract the different components. Found + by Eyal Itkin. = mbed TLS 2.4.1 branch released 2016-12-13 diff --git a/library/pem.c b/library/pem.c index b6ad53b7d..8dd86a4ac 100644 --- a/library/pem.c +++ b/library/pem.c @@ -249,7 +249,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const enc = 0; - if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) + if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) { #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) @@ -262,22 +262,22 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const #if defined(MBEDTLS_DES_C) - if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) + if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) { enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC; s1 += 23; - if( pem_get_iv( s1, pem_iv, 8 ) != 0 ) + if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 ) return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); s1 += 16; } - else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) + else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) { enc_alg = MBEDTLS_CIPHER_DES_CBC; s1 += 18; - if( pem_get_iv( s1, pem_iv, 8) != 0 ) + if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 ) return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); s1 += 16; @@ -285,9 +285,11 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) + if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) { - if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) + if( s2 - s1 < 22 ) + return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); + else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) enc_alg = MBEDTLS_CIPHER_AES_128_CBC; else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 ) enc_alg = MBEDTLS_CIPHER_AES_192_CBC; @@ -297,7 +299,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); s1 += 22; - if( pem_get_iv( s1, pem_iv, 16 ) != 0 ) + if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 ) return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); s1 += 32; @@ -316,7 +318,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } - if( s1 == s2 ) + if( s1 >= s2 ) return( MBEDTLS_ERR_PEM_INVALID_DATA ); ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); From bcb0c4c98c181eee05510aab7cc5b7db624a6507 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 25 Oct 2016 10:50:22 +0100 Subject: [PATCH 33/38] Prevent SLOTH attacks --- ChangeLog | 4 ++++ library/ssl_tls.c | 3 +-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 53e6f3d0a..8a7d3f3e5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,10 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS x.x.x branch released xxxx-xx-xx +Security + * Removed MD5 from the allowed hash algorithms for CertificateRequest and + CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2. + Bugfix * Fix the redefinition of macro ssl_set_bio to an undefined symbol mbedtls_ssl_set_bio_timeout in compat-1.3.h, by removing it. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index abad0b385..d9ab83291 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7653,8 +7653,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: - ssl->handshake->calc_verify = ssl_calc_verify_tls; - break; + return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_SSL_HASH_SHA1: From f53566289428f19f425f72a999b9f5118bba2d0a Mon Sep 17 00:00:00 2001 From: Andres AG Date: Mon, 24 Oct 2016 14:31:54 +0100 Subject: [PATCH 34/38] Add tests for overreads in pem_read_buffer() --- ChangeLog | 2 +- tests/suites/test_suite_pem.data | 9 +++++++++ tests/suites/test_suite_pem.function | 24 ++++++++++++++++++------ 3 files changed, 28 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8a7d3f3e5..4fe9f9ac2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,7 +19,7 @@ Bugfix renegotiation routines at unexpected times when the protocol is DTLS. Found by wariua. #687 * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing - the input string in pem format to extract the different components. Found + the input string in PEM format to extract the different components. Found by Eyal Itkin. = mbed TLS 2.4.1 branch released 2016-12-13 diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data index 973c92325..9a62db8ea 100644 --- a/tests/suites/test_suite_pem.data +++ b/tests/suites/test_suite_pem.data @@ -15,3 +15,12 @@ mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102 PEM write (exactly two lines + 1) mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" + +PEM read (DES-EDE3-CBC + invalid iv) +mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":-4608 + +PEM read (DES-CBC + invalid iv) +mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":-4608 + +PEM read (unknown encryption algorithm) +mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":-4736 diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index 6a62bfed9..5e022109c 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -3,12 +3,7 @@ #include "mbedtls/pem.h" /* END_HEADER */ -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PEM_WRITE_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ void mbedtls_pem_write_buffer( char *start, char *end, char *buf_str, char *result_str ) { unsigned char buf[5000]; @@ -38,3 +33,20 @@ exit: mbedtls_free( check_buf ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */ +void mbedtls_pem_read_buffer( char *header, char *footer, char *data, int ret ) +{ + mbedtls_pem_context ctx; + size_t use_len = 0; + + mbedtls_pem_init( &ctx ); + + TEST_ASSERT( mbedtls_pem_read_buffer( &ctx, header, footer, + (const unsigned char *)data, NULL, 0, + &use_len ) == ret ); + +exit: + mbedtls_pem_free( &ctx ); +} +/* END_CASE */ From f7cf56fa45412035c9ada6994fedc7c1ab49e67e Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 17 Jan 2017 23:04:22 +0000 Subject: [PATCH 35/38] Fix integer overflows in buffer bound checks Fix potential integer overflows in the following functions: * mbedtls_md2_update() to be bypassed and cause * mbedtls_cipher_update() * mbedtls_ctr_drbg_reseed() This overflows would mainly be exploitable in 32-bit systems and could cause buffer bound checks to be bypassed. --- ChangeLog | 6 ++++++ library/cipher.c | 4 ++-- library/ctr_drbg.c | 3 ++- library/md2.c | 2 +- tests/suites/test_suite_ctr_drbg.function | 5 +++++ 5 files changed, 16 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4fe9f9ac2..fd1bf9b9a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,6 +21,12 @@ Bugfix * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing the input string in PEM format to extract the different components. Found by Eyal Itkin. + * Fixed potential arithmetic overflow in mbedtls_ctr_drbg_reseed() that could + cause buffer bound checks to be bypassed. Found by Eyal Itkin. + * Fixed potential arithmetic overflows in mbedtls_cipher_update() that could + cause buffer bound checks to be bypassed. Found by Eyal Itkin. + * Fixed potential arithmetic overflow in mbedtls_md2_update() that could + cause buffer bound checks to be bypassed. Found by Eyal Itkin. = mbed TLS 2.4.1 branch released 2016-12-13 diff --git a/library/cipher.c b/library/cipher.c index a88343869..e9e0b223e 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -326,9 +326,9 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i * If there is not enough data for a full block, cache it. */ if( ( ctx->operation == MBEDTLS_DECRYPT && - ilen + ctx->unprocessed_len <= block_size ) || + ilen <= block_size - ctx->unprocessed_len ) || ( ctx->operation == MBEDTLS_ENCRYPT && - ilen + ctx->unprocessed_len < block_size ) ) + ilen < block_size - ctx->unprocessed_len ) ) { memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, ilen ); diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 386f8adb0..55612c7fc 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -290,7 +290,8 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; - if( ctx->entropy_len + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT || + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); diff --git a/library/md2.c b/library/md2.c index 897670131..95cbcce65 100644 --- a/library/md2.c +++ b/library/md2.c @@ -158,7 +158,7 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, s while( ilen > 0 ) { - if( ctx->left + ilen > 16 ) + if( ilen > 16 - ctx->left ) fill = 16 - ctx->left; else fill = ilen; diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 3acfb8bae..883cfe08e 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -39,6 +39,11 @@ void ctr_drbg_special_behaviours( ) TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1 ) == MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + + mbedtls_ctr_drbg_set_entropy_len( &ctx, ~0 ); + TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional, + MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); exit: mbedtls_ctr_drbg_free( &ctx ); } From cde8035e570c757857e6ea5f291ad2c21b54ea3d Mon Sep 17 00:00:00 2001 From: Andres AG Date: Wed, 18 Jan 2017 17:21:03 +0000 Subject: [PATCH 36/38] Fix integer overflow mbedtls_base64_decode() Fix potential integer overflows in the function mbedtls_base64_decode(). This overflow would mainly be exploitable in 32-bit systems and could cause buffer bound checks to be bypassed. --- ChangeLog | 2 ++ library/base64.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index fd1bf9b9a..57eaa5b65 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,6 +27,8 @@ Bugfix cause buffer bound checks to be bypassed. Found by Eyal Itkin. * Fixed potential arithmetic overflow in mbedtls_md2_update() that could cause buffer bound checks to be bypassed. Found by Eyal Itkin. + * Fixed potential arithmetic overflow in mbedtls_base64_decode() that could + cause buffer bound checks to be bypassed. Found by Eyal Itkin. = mbed TLS 2.4.1 branch released 2016-12-13 diff --git a/library/base64.c b/library/base64.c index 5cb12cba7..305afc57b 100644 --- a/library/base64.c +++ b/library/base64.c @@ -192,7 +192,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, return( 0 ); } - n = ( ( n * 6 ) + 7 ) >> 3; + n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 ); n -= j; if( dst == NULL || dlen < n ) From 410bc115ec4236936e2966a59079ea4facb89ace Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 2 Feb 2017 08:46:53 +0000 Subject: [PATCH 37/38] Add comment to integer overflow fix in base64.c Adds clarifying comment to the integer overflow fix in base64.c --- library/base64.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/base64.c b/library/base64.c index 305afc57b..f06b57b31 100644 --- a/library/base64.c +++ b/library/base64.c @@ -192,6 +192,10 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, return( 0 ); } + /* The following expression is to calculate the following formula without + * risk of integer overflow in n: + * n = ( ( n * 6 ) + 7 ) >> 3; + */ n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 ); n -= j; From fe2d53f440a3b4b437fadbdfc0277795bbe3f505 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sun, 5 Feb 2017 16:48:47 +0000 Subject: [PATCH 38/38] Add detail to ChangeLog for SLOTH fix --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 57eaa5b65..3a732a865 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,7 @@ mbed TLS ChangeLog (Sorted per branch, date) Security * Removed MD5 from the allowed hash algorithms for CertificateRequest and CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2. + Introduced by interoperability fix for #513. Bugfix * Fix the redefinition of macro ssl_set_bio to an undefined symbol