yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 10:15:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'development'

Browse Source
This commit is contained in:
Simon Butcher 2016-04-19 10:39:36 +01:00
commit 2300776816
11 changed files with 270 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -26,6 +26,9 @@ Bugfix
in the trusted certificate list. in the trusted certificate list.
* Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the * Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer after DER certificates to be included in the raw representation. buffer after DER certificates to be included in the raw representation.
* Fix issue that caused a hang when generating RSA keys of odd bitlength
* Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer
dereference possible.
Changes Changes
* On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5, * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5,

21
library/rsa.c
View File

@ -102,7 +102,8 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
if( f_rng == NULL || nbits < 128 || exponent < 3 ) if( f_rng == NULL || nbits < 128 || exponent < 3 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G ); mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
/* /*
* find primes P and Q with Q < P so that: * find primes P and Q with Q < P so that:
@ -112,14 +113,19 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
do do
{ {
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0, MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0,
f_rng, p_rng ) ); f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0, if( nbits % 2 )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits >> 1 ) + 1, 0,
f_rng, p_rng ) ); f_rng, p_rng ) );
}
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 ) else
mbedtls_mpi_swap( &ctx->P, &ctx->Q ); {
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
f_rng, p_rng ) );
}
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 ) if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 )
continue; continue;
@ -586,7 +592,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( f_rng == NULL ) // We don't check p_rng because it won't be dereferenced here
if( f_rng == NULL || input == NULL || output == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len; olen = ctx->len;

87
tests/scripts/all.sh
View File

@ -2,20 +2,24 @@
# all.sh # all.sh
# #
# This file is part of mbed TLS (https://tls.mbed.org)
#
# Copyright (c) 2014-2016, ARM Limited, All Rights Reserved # Copyright (c) 2014-2016, ARM Limited, All Rights Reserved
# #
# Purpose # Purpose
# #
# Run all available tests (mostly). # To run all tests possible or available on the platform.
# #
# Warning: includes various build modes, so it will mess with the current # Warning: the test is destructive. It includes various build modes and
# CMake configuration. After this script is run, the CMake cache is lost and # configurations, and can and will arbitrarily change the current CMake
# CMake is not initialised any more! # configuration. After this script has been run, the CMake cache will be lost
# and CMake will no longer be initialised.
# #
# Assumes gcc and clang (recent enough for using ASan with gcc and MemSan with # The script assumes the presence of gcc and clang (recent enough for using
# clang, or valgrind) are available, as well as cmake and a "good" find. # ASan with gcc and MemSan with clang, or valgrind) are available, as well as
# cmake and a "good" find.
# Abort on errors (and uninitiliased variables) # Abort on errors (and uninitialised variables)
set -eu set -eu
if [ -d library -a -d include -a -d tests ]; then :; else if [ -d library -a -d include -a -d tests ]; then :; else
@ -28,23 +32,16 @@ CONFIG_BAK="$CONFIG_H.bak"
MEMORY=0 MEMORY=0
SHORT=0 SHORT=0
FORCE=0
while [ $# -gt 0 ]; do usage()
case "$1" in {
-m*) echo "Usage: $0"
MEMORY=${1#-m} echo -e " -h|--help\t\tPrint this help."
;; echo -e " -m|--memory\t\tAdditional optional memory tests."
-s) echo -e " -s|--short\t\tSubset of tests."
SHORT=1 echo -e " -f|--force\t\tForce the tests to overwrite any modified files."
;; }
*)
echo "Unknown argument: '$1'" >&2
echo "Use the source, Luke!" >&2
exit 1
;;
esac
shift
done
# remove built files as well as the cmake cache/config # remove built files as well as the cmake cache/config
cleanup() cleanup()
@ -72,6 +69,50 @@ msg()
echo "******************************************************************" echo "******************************************************************"
} }
while [ $# -gt 0 ]; do
case "$1" in
--memory|-m*)
MEMORY=${1#-m}
;;
--short|-s)
SHORT=1
;;
--force|-f)
FORCE=1
;;
--help|-h|*)
usage()
exit 1
;;
esac
shift
done
if [ $FORCE -eq 1 ]; then
rm -rf yotta/module
git checkout-index -f -q $CONFIG_H
cleanup
else
if [ -d yotta/module ]; then
echo "Warning - there is an existing yotta module in the directory 'yotta/module'" >&2
echo "You can either delete your work and retry, or force the test to overwrite the"
echo "test by rerunning the script as: $0 --force"
exit 1
fi
if ! git diff-files --quiet include/mbedtls/config.h; then
echo $?
echo "Warning - the configuration file 'include/mbedtls/config.h' has been edited. " >&2
echo "You can either delete or preserve your work, or force the test by rerunning the"
echo "script as: $0 --force"
exit 1
fi
fi
#
# Test Suites to be executed
#
# The test ordering tries to optimize for the following criteria: # The test ordering tries to optimize for the following criteria:
# 1. Catch possible problems early, by running first tests that run quickly # 1. Catch possible problems early, by running first tests that run quickly
# and/or are more likely to fail than others (eg I use Clang most of the # and/or are more likely to fail than others (eg I use Clang most of the

1
tests/scripts/basic-build-test.sh
View File

@ -38,6 +38,7 @@ fi
# Step 1 - Make and instrumented build for code coverage # Step 1 - Make and instrumented build for code coverage
export CFLAGS=' --coverage -g3 -O0 ' export CFLAGS=' --coverage -g3 -O0 '
make clean make clean
scripts/config.pl full
make make

20
tests/scripts/generate_code.pl
View File

@ -2,6 +2,8 @@
# generate_code.pl # generate_code.pl
# #
# This file is part of mbed TLS (https://tls.mbed.org)
#
# Copyright (c) 2009-2016, ARM Limited, All Rights Reserved # Copyright (c) 2009-2016, ARM Limited, All Rights Reserved
# #
# Purpose # Purpose
@ -202,7 +204,7 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\//
if( substr($def, 0, 4) eq "int " ) if( substr($def, 0, 4) eq "int " )
{ {
$param_defs .= " int param$i;\n"; $param_defs .= " int param$i;\n";
$param_checks .= " if( verify_int( params[$i], &param$i ) != 0 ) return( 2 );\n"; $param_checks .= " if( verify_int( params[$i], &param$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
push @dispatch_params, "param$i"; push @dispatch_params, "param$i";
$mapping_regex .= ":([\\d\\w |\\+\\-\\(\\)]+)"; $mapping_regex .= ":([\\d\\w |\\+\\-\\(\\)]+)";
@ -211,7 +213,7 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\//
elsif( substr($def, 0, 6) eq "char *" ) elsif( substr($def, 0, 6) eq "char *" )
{ {
$param_defs .= " char *param$i = params[$i];\n"; $param_defs .= " char *param$i = params[$i];\n";
$param_checks .= " if( verify_string( &param$i ) != 0 ) return( 2 );\n"; $param_checks .= " if( verify_string( &param$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
push @dispatch_params, "param$i"; push @dispatch_params, "param$i";
$mapping_regex .= ":[^:\n]+"; $mapping_regex .= ":[^:\n]+";
} }
@ -248,14 +250,14 @@ $param_defs
if( cnt != $param_count ) if( cnt != $param_count )
{ {
mbedtls_fprintf( stderr, "\\nIncorrect argument count (%d != %d)\\n", cnt, $param_count ); mbedtls_fprintf( stderr, "\\nIncorrect argument count (%d != %d)\\n", cnt, $param_count );
return( 2 ); return( DISPATCH_INVALID_TEST_DATA );
} }
$param_checks $param_checks
test_suite_$function_name( $call_params ); test_suite_$function_name( $call_params );
return ( 0 ); return ( DISPATCH_TEST_SUCCESS );
$function_post_code $function_post_code
return ( 3 ); return ( DISPATCH_UNSUPPORTED_SUITE );
} }
else else
END END
@ -283,9 +285,9 @@ while( my ($key, $value) = each(%case_deps) )
if( strcmp( str, "$key" ) == 0 ) if( strcmp( str, "$key" ) == 0 )
{ {
#if defined($key) #if defined($key)
return( 0 ); return( DEPENDENCY_SUPPORTED );
#else #else
return( 1 ); return( DEPENDENCY_NOT_SUPPORTED );
#endif #endif
} }
END END
@ -298,7 +300,7 @@ while( my ($key, $value) = each(%mapping_values) )
if( strcmp( str, "$key" ) == 0 ) if( strcmp( str, "$key" ) == 0 )
{ {
*value = ( $key ); *value = ( $key );
return( 0 ); return( KEY_VALUE_MAPPING_FOUND );
} }
END END
@ -315,7 +317,7 @@ END
$dispatch_code =~ s/^(.+)/ $1/mg; $dispatch_code =~ s/^(.+)/ $1/mg;
$test_main =~ s/TEST_FILENAME/$test_case_data/; $test_main =~ s/TEST_FILENAME/$test_case_data/g;
$test_main =~ s/FUNCTION_CODE//; $test_main =~ s/FUNCTION_CODE//;
$test_main =~ s/DEP_CHECK_CODE/$dep_check_code/; $test_main =~ s/DEP_CHECK_CODE/$dep_check_code/;
$test_main =~ s/DISPATCH_FUNCTION/$dispatch_code/; $test_main =~ s/DISPATCH_FUNCTION/$dispatch_code/;

5
tests/scripts/run-test-suites.pl
View File

@ -2,6 +2,8 @@
# run-test-suites.pl # run-test-suites.pl
# #
# This file is part of mbed TLS (https://tls.mbed.org)
#
# Copyright (c) 2015-2016, ARM Limited, All Rights Reserved # Copyright (c) 2015-2016, ARM Limited, All Rights Reserved
# #
# Purpose # Purpose
@ -66,7 +68,8 @@ for my $suite (@suites)
print "(test cases passed:", $suite_cases_passed, print "(test cases passed:", $suite_cases_passed,
" failed:", $suite_cases_failed, " failed:", $suite_cases_failed,
" skipped:", $suite_cases_skipped, " skipped:", $suite_cases_skipped,
" of total:", ( $suite_cases_passed + $suite_cases_failed ), " of total:", ($suite_cases_passed + $suite_cases_failed +
$suite_cases_skipped),
")\n" ")\n"
} }

19
tests/suites/helpers.function
View File

@ -32,9 +32,18 @@ typedef UINT32 uint32_t;
/*----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------*/
/* Global variables */ /* Constants */
static int test_errors = 0; #define DEPENDENCY_SUPPORTED 0
#define DEPENDENCY_NOT_SUPPORTED 1
#define KEY_VALUE_MAPPING_FOUND 0
#define KEY_VALUE_MAPPING_NOT_FOUND -1
#define DISPATCH_TEST_SUCCESS 0
#define DISPATCH_TEST_FN_NOT_FOUND 1
#define DISPATCH_INVALID_TEST_DATA 2
#define DISPATCH_UNSUPPORTED_SUITE 3
/*----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------*/
@ -80,6 +89,12 @@ static int test_errors = 0;
#endif #endif
/*----------------------------------------------------------------------------*/
/* Global variables */
static int test_errors = 0;
/*----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------*/
/* Helper Functions */ /* Helper Functions */

120
tests/suites/main_test.function
View File

@ -60,7 +60,7 @@ int verify_int( char *str, int *value )
MAPPING_CODE MAPPING_CODE
mbedtls_printf( "Expected integer for parameter and got: %s\n", str ); mbedtls_printf( "Expected integer for parameter and got: %s\n", str );
return( -1 ); return( KEY_VALUE_MAPPING_NOT_FOUND );
} }
@ -81,7 +81,7 @@ int dep_check( char *str )
DEP_CHECK_CODE DEP_CHECK_CODE
return( 1 ); return( DEPENDENCY_NOT_SUPPORTED );
} }
int dispatch_test(int cnt, char *params[50]) int dispatch_test(int cnt, char *params[50])
@ -91,14 +91,18 @@ int dispatch_test(int cnt, char *params[50])
((void) params); ((void) params);
#if defined(TEST_SUITE_ACTIVE) #if defined(TEST_SUITE_ACTIVE)
ret = DISPATCH_TEST_SUCCESS;
DISPATCH_FUNCTION DISPATCH_FUNCTION
{ {
mbedtls_fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] ); mbedtls_fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n",
params[0] );
fflush( stdout ); fflush( stdout );
return( 1 ); ret = DISPATCH_TEST_FN_NOT_FOUND;
} }
#else #else
return( 3 ); ret = DISPATCH_UNSUPPORTED_SUITE;
#endif #endif
return( ret ); return( ret );
} }
@ -107,6 +111,19 @@ DISPATCH_FUNCTION
/*----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------*/
/* Main Test code */ /* Main Test code */
#define USAGE \
"Usage: %s [OPTIONS] files...\n\n" \
" Command line arguments:\n" \
" files... One or more test data file. If no file is specified\n" \
" the followimg default test case is used:\n" \
" %s\n\n" \
" Options:\n" \
" -v | --verbose Display full information about each test\n" \
" -h | --help Display this information\n\n", \
argv[0], \
"TEST_FILENAME"
int get_line( FILE *f, char *buf, size_t len ) int get_line( FILE *f, char *buf, size_t len )
{ {
char *ret; char *ret;
@ -216,11 +233,18 @@ static int run_test_snprintf( void )
int main(int argc, const char *argv[]) int main(int argc, const char *argv[])
{ {
int testfile_index, testfile_count, ret, i, cnt; /* Local Configurations and options */
int total_errors = 0, total_tests = 0, total_skipped = 0;
const char *default_filename = "TEST_FILENAME"; const char *default_filename = "TEST_FILENAME";
const char *test_filename = NULL; const char *test_filename = NULL;
const char **test_files = NULL; const char **test_files = NULL;
int testfile_count = 0;
int option_verbose = 0;
/* Other Local variables */
int arg_index = 1;
const char *next_arg;
int testfile_index, ret, i, cnt;
int total_errors = 0, total_tests = 0, total_skipped = 0;
FILE *file; FILE *file;
char buf[5000]; char buf[5000];
char *params[50]; char *params[50];
@ -253,17 +277,41 @@ int main(int argc, const char *argv[])
return( 0 ); return( 0 );
} }
if ( argc <= 1 ) while( arg_index < argc)
{
next_arg = argv[ arg_index ];
if( strcmp(next_arg, "--verbose" ) == 0 ||
strcmp(next_arg, "-v" ) == 0 )
{
option_verbose = 1;
}
else if( strcmp(next_arg, "--help" ) == 0 ||
strcmp(next_arg, "-h" ) == 0 )
{
mbedtls_fprintf( stdout, USAGE );
mbedtls_exit( EXIT_SUCCESS );
}
else
{
/* Not an option, therefore treat all further arguments as the file
* list.
*/
test_files = &argv[ arg_index ];
testfile_count = argc - arg_index;
}
arg_index++;
}
/* If no files were specified, assume a default */
if ( test_files == NULL || testfile_count == 0 )
{ {
test_files = &default_filename; test_files = &default_filename;
testfile_count = 1; testfile_count = 1;
} }
else
{
test_files = &argv[1];
testfile_count = argc - 1;
}
/* Now begin to execute the tests in the testfiles */
for ( testfile_index = 0; for ( testfile_index = 0;
testfile_index < testfile_count; testfile_index < testfile_count;
testfile_index++ ) testfile_index++ )
@ -280,7 +328,8 @@ int main(int argc, const char *argv[])
while( !feof( file ) ) while( !feof( file ) )
{ {
int skip = 0; int unmet_dep_count = 0;
char *unmet_dependencies[20];
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
break; break;
@ -300,32 +349,61 @@ int main(int argc, const char *argv[])
if( strcmp( params[0], "depends_on" ) == 0 ) if( strcmp( params[0], "depends_on" ) == 0 )
{ {
for( i = 1; i < cnt; i++ ) for( i = 1; i < cnt; i++ )
if( dep_check( params[i] ) != 0 ) {
skip = 1; if( dep_check( params[i] ) != DEPENDENCY_SUPPORTED )
{
unmet_dependencies[ i-1 ] = strdup(params[i]);
if( unmet_dependencies[ i-1 ] == NULL )
{
mbedtls_printf("FATAL: Out of memory\n");
mbedtls_exit( MBEDTLS_PLATFORM_STD_EXIT_FAILURE );
}
unmet_dep_count++;
}
}
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
break; break;
cnt = parse_arguments( buf, strlen(buf), params ); cnt = parse_arguments( buf, strlen(buf), params );
} }
if( skip == 0 ) // If there are no unmet dependencies execute the test
if( unmet_dep_count == 0 )
{ {
test_errors = 0; test_errors = 0;
ret = dispatch_test( cnt, params ); ret = dispatch_test( cnt, params );
} }
if( skip == 1 || ret == 3 ) if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
{ {
total_skipped++; total_skipped++;
mbedtls_fprintf( stdout, "----\n" ); mbedtls_fprintf( stdout, "----\n" );
if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE )
{
mbedtls_fprintf( stdout, " Test Suite not enabled" );
}
if( 1 == option_verbose && unmet_dep_count > 0 )
{
mbedtls_fprintf( stdout, " Unmet dependencies: " );
while( unmet_dep_count > 0)
{
mbedtls_fprintf(stdout, "%s ",
unmet_dependencies[unmet_dep_count - 1]);
free(unmet_dependencies[unmet_dep_count - 1]);
unmet_dep_count--;
}
mbedtls_fprintf( stdout, "\n" );
}
fflush( stdout ); fflush( stdout );
} }
else if( ret == 0 && test_errors == 0 ) else if( ret == DISPATCH_TEST_SUCCESS && test_errors == 0 )
{ {
mbedtls_fprintf( stdout, "PASS\n" ); mbedtls_fprintf( stdout, "PASS\n" );
fflush( stdout ); fflush( stdout );
} }
else if( ret == 2 ) else if( ret == DISPATCH_INVALID_TEST_DATA )
{ {
mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" ); mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
fclose(file); fclose(file);

10
tests/suites/test_suite_rsa.data
View File

@ -345,7 +345,7 @@ mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d0419
RSA Public (Data larger than N) RSA Public (Data larger than N)
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
RSA Generate Key RSA Generate Key - 128bit key
mbedtls_rsa_gen_key:128:3:0 mbedtls_rsa_gen_key:128:3:0
RSA Generate Key (Number of bits too small) RSA Generate Key (Number of bits too small)
@ -354,9 +354,15 @@ mbedtls_rsa_gen_key:127:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSA Generate Key (Exponent too small) RSA Generate Key (Exponent too small)
mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSA Generate Key RSA Generate Key - 1024 bit key
mbedtls_rsa_gen_key:1024:3:0 mbedtls_rsa_gen_key:1024:3:0
RSA Generate Key - 2048 bit key
mbedtls_rsa_gen_key:2048:3:0
RSA Generate Key - 1025 bit key
mbedtls_rsa_gen_key:1025:3:0
RSA PKCS1 Encrypt Bad RNG RSA PKCS1 Encrypt Bad RNG
depends_on:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_PKCS1_V15
rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED

69
yotta/data/entropy_hardware_poll.c
View File

@ -1,5 +1,5 @@
/* /*
* Temporary "entropy" collector for Cortex-M4 * Hardware entropy collector for the K64F, using Freescale's RNGA
* *
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
@ -20,46 +20,69 @@
*/ */
/* /*
* WARNING: this is a temporary hack! * WARNING: this is temporary!
* 1. Currently does not provide strong entropy, should be replaced to use the * This should be in a separate yotta module which would be a target
* on-board hardware RNG (see IOTSSL-303)
* 2. This should be in a separete yotta module which would be a target
* dependency of mbedtls (see IOTSSL-313) * dependency of mbedtls (see IOTSSL-313)
*/ */
#if defined(TARGET_LIKE_CORTEX_M4) #if defined(TARGET_LIKE_K64F)
#include "MK64F12.h" /*
#include "core_cm4.h" * Reference: "K64 Sub-Family Reference Manual, Rev. 2", chapter 34
#include <string.h> */
unsigned long hardclock( void ) #include "fsl_clock_manager.h"
/*
* Get one byte of entropy from the RNG, assuming it is up and running.
* As recommended (34.1.1), get only one bit of each output.
*/
static void rng_get_byte( unsigned char *byte )
{ {
static int dwt_started = 0; size_t bit;
if( dwt_started == 0 ) /* 34.5 Steps 3-4-5: poll SR and read from OR when ready */
for( bit = 0; bit < 8; bit++ )
{ {
CoreDebug->DEMCR |= CoreDebug_DEMCR_TRCENA_Msk; while( ( RNG->SR & RNG_SR_OREG_LVL_MASK ) == 0 );
DWT->CTRL |= DWT_CTRL_CYCCNTENA_Msk; *byte |= ( RNG->OR & 1 ) << bit;
} }
return( DWT->CYCCNT );
} }
/*
* Get len bytes of entropy from the hardware RNG.
*/
int mbedtls_hardware_poll( void *data, int mbedtls_hardware_poll( void *data,
unsigned char *output, size_t len, size_t *olen ) unsigned char *output, size_t len, size_t *olen )
{ {
unsigned long timer = hardclock(); size_t i;
int ret;
((void) data); ((void) data);
*olen = 0;
if( len < sizeof(unsigned long) ) CLOCK_SYS_EnableRngaClock( 0 );
return( 0 );
memcpy( output, &timer, sizeof(unsigned long) ); /* Set "Interrupt Mask", "High Assurance" and "Go",
*olen = sizeof(unsigned long); * unset "Clear interrupt" and "Sleep" */
RNG->CR = RNG_CR_INTM_MASK | RNG_CR_HA_MASK | RNG_CR_GO_MASK;
return( 0 ); for( i = 0; i < len; i++ )
rng_get_byte( output + i );
/* Just be extra sure that we didn't do it wrong */
if( ( RNG->SR & RNG_SR_SECV_MASK ) != 0 )
{
ret = -1;
goto cleanup;
}
*olen = len;
ret = 0;
cleanup:
/* Disable clock to save power - assume we're the only users of RNG */
CLOCK_SYS_DisableRngaClock( 0 );
return( ret );
} }
#endif #endif

6
yotta/data/target_config.h
View File

@ -26,10 +26,10 @@
#endif #endif
/* /*
* WARNING: this is a temporary hack! * WARNING: this is temporary!
* 2. This should be in a separete yotta module which would be a target * This should be in a separate yotta module which would be a target
* dependency of mbedtls (see IOTSSL-313) * dependency of mbedtls (see IOTSSL-313)
*/ */
#if defined(TARGET_LIKE_CORTEX_M4) #if defined(TARGET_LIKE_K64F)
#define MBEDTLS_ENTROPY_HARDWARE_ALT #define MBEDTLS_ENTROPY_HARDWARE_ALT
#endif #endif