Merge remote-tracking branch 'upstream-public/pr/1333' into development-proposed

This commit is contained in:
Gilles Peskine 2018-02-14 15:12:49 +01:00
commit 1e3fd69777
3 changed files with 42 additions and 33 deletions

View File

@ -5,6 +5,7 @@ mbed TLS ChangeLog (Sorted per branch, date)
Bugfix Bugfix
* Fix the name of a DHE parameter that was accidentally changed in 2.7.0. * Fix the name of a DHE parameter that was accidentally changed in 2.7.0.
Fixes #1358. Fixes #1358.
* Fix test_suite_pk to work on 64-bit ILP32 systems. #849
Changes Changes
* Fix tag lengths and value ranges in the documentation of CCM encryption. * Fix tag lengths and value ranges in the documentation of CCM encryption.

View File

@ -653,7 +653,18 @@ if uname -a | grep -F x86_64 >/dev/null; then
cleanup cleanup
make CC=gcc CFLAGS='-Werror -Wall -Wextra -m32' make CC=gcc CFLAGS='-Werror -Wall -Wextra -m32'
msg "build: gcc, force 32-bit compilation" msg "test: i386, make, gcc"
make test
msg "build: 64-bit ILP32, make, gcc" # ~ 30s
cleanup
make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32'
msg "test: 64-bit ILP32, make, gcc"
make test
fi # x86_64
msg "build: gcc, force 32-bit bignum limbs"
cleanup cleanup
cp "$CONFIG_H" "$CONFIG_BAK" cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl unset MBEDTLS_HAVE_ASM scripts/config.pl unset MBEDTLS_HAVE_ASM
@ -661,25 +672,19 @@ if uname -a | grep -F x86_64 >/dev/null; then
scripts/config.pl unset MBEDTLS_PADLOCK_C scripts/config.pl unset MBEDTLS_PADLOCK_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32'
msg "build: gcc, force 64-bit compilation" msg "test: gcc, force 32-bit bignum limbs"
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl unset MBEDTLS_HAVE_ASM
scripts/config.pl unset MBEDTLS_AESNI_C
scripts/config.pl unset MBEDTLS_PADLOCK_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
msg "test: gcc, force 64-bit compilation"
make test make test
msg "build: gcc, force 64-bit compilation" msg "build: gcc, force 64-bit bignum limbs"
cleanup cleanup
cp "$CONFIG_H" "$CONFIG_BAK" cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl unset MBEDTLS_HAVE_ASM scripts/config.pl unset MBEDTLS_HAVE_ASM
scripts/config.pl unset MBEDTLS_AESNI_C scripts/config.pl unset MBEDTLS_AESNI_C
scripts/config.pl unset MBEDTLS_PADLOCK_C scripts/config.pl unset MBEDTLS_PADLOCK_C
make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64'
fi # x86_64
msg "test: gcc, force 64-bit bignum limbs"
make test
msg "build: arm-none-eabi-gcc, make" # ~ 10s msg "build: arm-none-eabi-gcc, make" # ~ 10s
cleanup cleanup

View File

@ -5,8 +5,8 @@
#include "mbedtls/ecp.h" #include "mbedtls/ecp.h"
#include "mbedtls/rsa.h" #include "mbedtls/rsa.h"
/* For detecting 64-bit compilation */ #include <limits.h>
#include "mbedtls/bignum.h" #include <stdint.h>
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
@ -413,11 +413,14 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_HAVE_INT64 */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
void pk_rsa_overflow( ) void pk_rsa_overflow( )
{ {
mbedtls_pk_context pk; mbedtls_pk_context pk;
size_t hash_len = (size_t)-1; size_t hash_len = SIZE_MAX;
if( SIZE_MAX <= UINT_MAX )
return;
mbedtls_pk_init( &pk ); mbedtls_pk_init( &pk );
@ -486,13 +489,13 @@ void pk_rsa_alt( )
TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 ); TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 );
/* Test signature */ /* Test signature */
#if SIZE_MAX > UINT_MAX
TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
sig, &sig_len, rnd_std_rand, NULL ) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#endif /* SIZE_MAX > UINT_MAX */
TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash, TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash,
sig, &sig_len, rnd_std_rand, NULL ) == 0 ); sig, &sig_len, rnd_std_rand, NULL ) == 0 );
#if defined(MBEDTLS_HAVE_INT64)
TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, (size_t)-1,
NULL, NULL, rnd_std_rand, NULL ) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#endif /* MBEDTLS_HAVE_INT64 */
TEST_ASSERT( sig_len == RSA_KEY_LEN ); TEST_ASSERT( sig_len == RSA_KEY_LEN );
TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE, TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE,
hash, sizeof hash, sig, sig_len ) == 0 ); hash, sizeof hash, sig, sig_len ) == 0 );