mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 10:15:38 +01:00
Merge branch 'development'
This commit is contained in:
commit
2300776816
@ -26,6 +26,9 @@ Bugfix
|
||||
in the trusted certificate list.
|
||||
* Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
|
||||
buffer after DER certificates to be included in the raw representation.
|
||||
* Fix issue that caused a hang when generating RSA keys of odd bitlength
|
||||
* Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer
|
||||
dereference possible.
|
||||
|
||||
Changes
|
||||
* On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5,
|
||||
|
@ -102,7 +102,8 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
|
||||
if( f_rng == NULL || nbits < 128 || exponent < 3 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
|
||||
mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
|
||||
mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
|
||||
|
||||
/*
|
||||
* find primes P and Q with Q < P so that:
|
||||
@ -112,14 +113,19 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
|
||||
|
||||
do
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0,
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0,
|
||||
f_rng, p_rng ) );
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0,
|
||||
if( nbits % 2 )
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits >> 1 ) + 1, 0,
|
||||
f_rng, p_rng ) );
|
||||
|
||||
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
|
||||
mbedtls_mpi_swap( &ctx->P, &ctx->Q );
|
||||
}
|
||||
else
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
|
||||
f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 )
|
||||
continue;
|
||||
@ -586,7 +592,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
|
||||
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
if( f_rng == NULL )
|
||||
// We don't check p_rng because it won't be dereferenced here
|
||||
if( f_rng == NULL || input == NULL || output == NULL )
|
||||
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
olen = ctx->len;
|
||||
|
@ -2,20 +2,24 @@
|
||||
|
||||
# all.sh
|
||||
#
|
||||
# This file is part of mbed TLS (https://tls.mbed.org)
|
||||
#
|
||||
# Copyright (c) 2014-2016, ARM Limited, All Rights Reserved
|
||||
#
|
||||
# Purpose
|
||||
#
|
||||
# Run all available tests (mostly).
|
||||
# To run all tests possible or available on the platform.
|
||||
#
|
||||
# Warning: includes various build modes, so it will mess with the current
|
||||
# CMake configuration. After this script is run, the CMake cache is lost and
|
||||
# CMake is not initialised any more!
|
||||
# Warning: the test is destructive. It includes various build modes and
|
||||
# configurations, and can and will arbitrarily change the current CMake
|
||||
# configuration. After this script has been run, the CMake cache will be lost
|
||||
# and CMake will no longer be initialised.
|
||||
#
|
||||
# Assumes gcc and clang (recent enough for using ASan with gcc and MemSan with
|
||||
# clang, or valgrind) are available, as well as cmake and a "good" find.
|
||||
# The script assumes the presence of gcc and clang (recent enough for using
|
||||
# ASan with gcc and MemSan with clang, or valgrind) are available, as well as
|
||||
# cmake and a "good" find.
|
||||
|
||||
# Abort on errors (and uninitiliased variables)
|
||||
# Abort on errors (and uninitialised variables)
|
||||
set -eu
|
||||
|
||||
if [ -d library -a -d include -a -d tests ]; then :; else
|
||||
@ -28,23 +32,16 @@ CONFIG_BAK="$CONFIG_H.bak"
|
||||
|
||||
MEMORY=0
|
||||
SHORT=0
|
||||
FORCE=0
|
||||
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
-m*)
|
||||
MEMORY=${1#-m}
|
||||
;;
|
||||
-s)
|
||||
SHORT=1
|
||||
;;
|
||||
*)
|
||||
echo "Unknown argument: '$1'" >&2
|
||||
echo "Use the source, Luke!" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
usage()
|
||||
{
|
||||
echo "Usage: $0"
|
||||
echo -e " -h|--help\t\tPrint this help."
|
||||
echo -e " -m|--memory\t\tAdditional optional memory tests."
|
||||
echo -e " -s|--short\t\tSubset of tests."
|
||||
echo -e " -f|--force\t\tForce the tests to overwrite any modified files."
|
||||
}
|
||||
|
||||
# remove built files as well as the cmake cache/config
|
||||
cleanup()
|
||||
@ -72,6 +69,50 @@ msg()
|
||||
echo "******************************************************************"
|
||||
}
|
||||
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
--memory|-m*)
|
||||
MEMORY=${1#-m}
|
||||
;;
|
||||
--short|-s)
|
||||
SHORT=1
|
||||
;;
|
||||
--force|-f)
|
||||
FORCE=1
|
||||
;;
|
||||
--help|-h|*)
|
||||
usage()
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
if [ $FORCE -eq 1 ]; then
|
||||
rm -rf yotta/module
|
||||
git checkout-index -f -q $CONFIG_H
|
||||
cleanup
|
||||
else
|
||||
|
||||
if [ -d yotta/module ]; then
|
||||
echo "Warning - there is an existing yotta module in the directory 'yotta/module'" >&2
|
||||
echo "You can either delete your work and retry, or force the test to overwrite the"
|
||||
echo "test by rerunning the script as: $0 --force"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! git diff-files --quiet include/mbedtls/config.h; then
|
||||
echo $?
|
||||
echo "Warning - the configuration file 'include/mbedtls/config.h' has been edited. " >&2
|
||||
echo "You can either delete or preserve your work, or force the test by rerunning the"
|
||||
echo "script as: $0 --force"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
#
|
||||
# Test Suites to be executed
|
||||
#
|
||||
# The test ordering tries to optimize for the following criteria:
|
||||
# 1. Catch possible problems early, by running first tests that run quickly
|
||||
# and/or are more likely to fail than others (eg I use Clang most of the
|
||||
|
@ -38,6 +38,7 @@ fi
|
||||
# Step 1 - Make and instrumented build for code coverage
|
||||
export CFLAGS=' --coverage -g3 -O0 '
|
||||
make clean
|
||||
scripts/config.pl full
|
||||
make
|
||||
|
||||
|
||||
|
@ -2,6 +2,8 @@
|
||||
|
||||
# generate_code.pl
|
||||
#
|
||||
# This file is part of mbed TLS (https://tls.mbed.org)
|
||||
#
|
||||
# Copyright (c) 2009-2016, ARM Limited, All Rights Reserved
|
||||
#
|
||||
# Purpose
|
||||
@ -202,7 +204,7 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\//
|
||||
if( substr($def, 0, 4) eq "int " )
|
||||
{
|
||||
$param_defs .= " int param$i;\n";
|
||||
$param_checks .= " if( verify_int( params[$i], ¶m$i ) != 0 ) return( 2 );\n";
|
||||
$param_checks .= " if( verify_int( params[$i], ¶m$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
|
||||
push @dispatch_params, "param$i";
|
||||
|
||||
$mapping_regex .= ":([\\d\\w |\\+\\-\\(\\)]+)";
|
||||
@ -211,7 +213,7 @@ while($test_cases =~ /\/\* BEGIN_CASE *([\w:]*) \*\/\n(.*?)\n\/\* END_CASE \*\//
|
||||
elsif( substr($def, 0, 6) eq "char *" )
|
||||
{
|
||||
$param_defs .= " char *param$i = params[$i];\n";
|
||||
$param_checks .= " if( verify_string( ¶m$i ) != 0 ) return( 2 );\n";
|
||||
$param_checks .= " if( verify_string( ¶m$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
|
||||
push @dispatch_params, "param$i";
|
||||
$mapping_regex .= ":[^:\n]+";
|
||||
}
|
||||
@ -248,14 +250,14 @@ $param_defs
|
||||
if( cnt != $param_count )
|
||||
{
|
||||
mbedtls_fprintf( stderr, "\\nIncorrect argument count (%d != %d)\\n", cnt, $param_count );
|
||||
return( 2 );
|
||||
return( DISPATCH_INVALID_TEST_DATA );
|
||||
}
|
||||
|
||||
$param_checks
|
||||
test_suite_$function_name( $call_params );
|
||||
return ( 0 );
|
||||
return ( DISPATCH_TEST_SUCCESS );
|
||||
$function_post_code
|
||||
return ( 3 );
|
||||
return ( DISPATCH_UNSUPPORTED_SUITE );
|
||||
}
|
||||
else
|
||||
END
|
||||
@ -283,9 +285,9 @@ while( my ($key, $value) = each(%case_deps) )
|
||||
if( strcmp( str, "$key" ) == 0 )
|
||||
{
|
||||
#if defined($key)
|
||||
return( 0 );
|
||||
return( DEPENDENCY_SUPPORTED );
|
||||
#else
|
||||
return( 1 );
|
||||
return( DEPENDENCY_NOT_SUPPORTED );
|
||||
#endif
|
||||
}
|
||||
END
|
||||
@ -298,7 +300,7 @@ while( my ($key, $value) = each(%mapping_values) )
|
||||
if( strcmp( str, "$key" ) == 0 )
|
||||
{
|
||||
*value = ( $key );
|
||||
return( 0 );
|
||||
return( KEY_VALUE_MAPPING_FOUND );
|
||||
}
|
||||
END
|
||||
|
||||
@ -315,7 +317,7 @@ END
|
||||
|
||||
$dispatch_code =~ s/^(.+)/ $1/mg;
|
||||
|
||||
$test_main =~ s/TEST_FILENAME/$test_case_data/;
|
||||
$test_main =~ s/TEST_FILENAME/$test_case_data/g;
|
||||
$test_main =~ s/FUNCTION_CODE//;
|
||||
$test_main =~ s/DEP_CHECK_CODE/$dep_check_code/;
|
||||
$test_main =~ s/DISPATCH_FUNCTION/$dispatch_code/;
|
||||
|
@ -2,6 +2,8 @@
|
||||
|
||||
# run-test-suites.pl
|
||||
#
|
||||
# This file is part of mbed TLS (https://tls.mbed.org)
|
||||
#
|
||||
# Copyright (c) 2015-2016, ARM Limited, All Rights Reserved
|
||||
#
|
||||
# Purpose
|
||||
@ -66,7 +68,8 @@ for my $suite (@suites)
|
||||
print "(test cases passed:", $suite_cases_passed,
|
||||
" failed:", $suite_cases_failed,
|
||||
" skipped:", $suite_cases_skipped,
|
||||
" of total:", ( $suite_cases_passed + $suite_cases_failed ),
|
||||
" of total:", ($suite_cases_passed + $suite_cases_failed +
|
||||
$suite_cases_skipped),
|
||||
")\n"
|
||||
}
|
||||
|
||||
|
@ -32,9 +32,18 @@ typedef UINT32 uint32_t;
|
||||
|
||||
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/* Global variables */
|
||||
/* Constants */
|
||||
|
||||
static int test_errors = 0;
|
||||
#define DEPENDENCY_SUPPORTED 0
|
||||
#define DEPENDENCY_NOT_SUPPORTED 1
|
||||
|
||||
#define KEY_VALUE_MAPPING_FOUND 0
|
||||
#define KEY_VALUE_MAPPING_NOT_FOUND -1
|
||||
|
||||
#define DISPATCH_TEST_SUCCESS 0
|
||||
#define DISPATCH_TEST_FN_NOT_FOUND 1
|
||||
#define DISPATCH_INVALID_TEST_DATA 2
|
||||
#define DISPATCH_UNSUPPORTED_SUITE 3
|
||||
|
||||
|
||||
/*----------------------------------------------------------------------------*/
|
||||
@ -80,6 +89,12 @@ static int test_errors = 0;
|
||||
#endif
|
||||
|
||||
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/* Global variables */
|
||||
|
||||
static int test_errors = 0;
|
||||
|
||||
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/* Helper Functions */
|
||||
|
||||
|
@ -60,7 +60,7 @@ int verify_int( char *str, int *value )
|
||||
MAPPING_CODE
|
||||
|
||||
mbedtls_printf( "Expected integer for parameter and got: %s\n", str );
|
||||
return( -1 );
|
||||
return( KEY_VALUE_MAPPING_NOT_FOUND );
|
||||
}
|
||||
|
||||
|
||||
@ -81,7 +81,7 @@ int dep_check( char *str )
|
||||
|
||||
DEP_CHECK_CODE
|
||||
|
||||
return( 1 );
|
||||
return( DEPENDENCY_NOT_SUPPORTED );
|
||||
}
|
||||
|
||||
int dispatch_test(int cnt, char *params[50])
|
||||
@ -91,14 +91,18 @@ int dispatch_test(int cnt, char *params[50])
|
||||
((void) params);
|
||||
|
||||
#if defined(TEST_SUITE_ACTIVE)
|
||||
ret = DISPATCH_TEST_SUCCESS;
|
||||
|
||||
DISPATCH_FUNCTION
|
||||
{
|
||||
mbedtls_fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
|
||||
mbedtls_fprintf( stdout,
|
||||
"FAILED\nSkipping unknown test function '%s'\n",
|
||||
params[0] );
|
||||
fflush( stdout );
|
||||
return( 1 );
|
||||
ret = DISPATCH_TEST_FN_NOT_FOUND;
|
||||
}
|
||||
#else
|
||||
return( 3 );
|
||||
ret = DISPATCH_UNSUPPORTED_SUITE;
|
||||
#endif
|
||||
return( ret );
|
||||
}
|
||||
@ -107,6 +111,19 @@ DISPATCH_FUNCTION
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/* Main Test code */
|
||||
|
||||
#define USAGE \
|
||||
"Usage: %s [OPTIONS] files...\n\n" \
|
||||
" Command line arguments:\n" \
|
||||
" files... One or more test data file. If no file is specified\n" \
|
||||
" the followimg default test case is used:\n" \
|
||||
" %s\n\n" \
|
||||
" Options:\n" \
|
||||
" -v | --verbose Display full information about each test\n" \
|
||||
" -h | --help Display this information\n\n", \
|
||||
argv[0], \
|
||||
"TEST_FILENAME"
|
||||
|
||||
|
||||
int get_line( FILE *f, char *buf, size_t len )
|
||||
{
|
||||
char *ret;
|
||||
@ -216,11 +233,18 @@ static int run_test_snprintf( void )
|
||||
|
||||
int main(int argc, const char *argv[])
|
||||
{
|
||||
int testfile_index, testfile_count, ret, i, cnt;
|
||||
int total_errors = 0, total_tests = 0, total_skipped = 0;
|
||||
/* Local Configurations and options */
|
||||
const char *default_filename = "TEST_FILENAME";
|
||||
const char *test_filename = NULL;
|
||||
const char **test_files = NULL;
|
||||
int testfile_count = 0;
|
||||
int option_verbose = 0;
|
||||
|
||||
/* Other Local variables */
|
||||
int arg_index = 1;
|
||||
const char *next_arg;
|
||||
int testfile_index, ret, i, cnt;
|
||||
int total_errors = 0, total_tests = 0, total_skipped = 0;
|
||||
FILE *file;
|
||||
char buf[5000];
|
||||
char *params[50];
|
||||
@ -253,17 +277,41 @@ int main(int argc, const char *argv[])
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
if ( argc <= 1 )
|
||||
while( arg_index < argc)
|
||||
{
|
||||
next_arg = argv[ arg_index ];
|
||||
|
||||
if( strcmp(next_arg, "--verbose" ) == 0 ||
|
||||
strcmp(next_arg, "-v" ) == 0 )
|
||||
{
|
||||
option_verbose = 1;
|
||||
}
|
||||
else if( strcmp(next_arg, "--help" ) == 0 ||
|
||||
strcmp(next_arg, "-h" ) == 0 )
|
||||
{
|
||||
mbedtls_fprintf( stdout, USAGE );
|
||||
mbedtls_exit( EXIT_SUCCESS );
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Not an option, therefore treat all further arguments as the file
|
||||
* list.
|
||||
*/
|
||||
test_files = &argv[ arg_index ];
|
||||
testfile_count = argc - arg_index;
|
||||
}
|
||||
|
||||
arg_index++;
|
||||
}
|
||||
|
||||
/* If no files were specified, assume a default */
|
||||
if ( test_files == NULL || testfile_count == 0 )
|
||||
{
|
||||
test_files = &default_filename;
|
||||
testfile_count = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
test_files = &argv[1];
|
||||
testfile_count = argc - 1;
|
||||
}
|
||||
|
||||
/* Now begin to execute the tests in the testfiles */
|
||||
for ( testfile_index = 0;
|
||||
testfile_index < testfile_count;
|
||||
testfile_index++ )
|
||||
@ -280,7 +328,8 @@ int main(int argc, const char *argv[])
|
||||
|
||||
while( !feof( file ) )
|
||||
{
|
||||
int skip = 0;
|
||||
int unmet_dep_count = 0;
|
||||
char *unmet_dependencies[20];
|
||||
|
||||
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
|
||||
break;
|
||||
@ -300,32 +349,61 @@ int main(int argc, const char *argv[])
|
||||
if( strcmp( params[0], "depends_on" ) == 0 )
|
||||
{
|
||||
for( i = 1; i < cnt; i++ )
|
||||
if( dep_check( params[i] ) != 0 )
|
||||
skip = 1;
|
||||
{
|
||||
if( dep_check( params[i] ) != DEPENDENCY_SUPPORTED )
|
||||
{
|
||||
unmet_dependencies[ i-1 ] = strdup(params[i]);
|
||||
if( unmet_dependencies[ i-1 ] == NULL )
|
||||
{
|
||||
mbedtls_printf("FATAL: Out of memory\n");
|
||||
mbedtls_exit( MBEDTLS_PLATFORM_STD_EXIT_FAILURE );
|
||||
}
|
||||
unmet_dep_count++;
|
||||
}
|
||||
}
|
||||
|
||||
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
|
||||
break;
|
||||
cnt = parse_arguments( buf, strlen(buf), params );
|
||||
}
|
||||
|
||||
if( skip == 0 )
|
||||
|
||||
// If there are no unmet dependencies execute the test
|
||||
if( unmet_dep_count == 0 )
|
||||
{
|
||||
test_errors = 0;
|
||||
ret = dispatch_test( cnt, params );
|
||||
}
|
||||
|
||||
if( skip == 1 || ret == 3 )
|
||||
if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
|
||||
{
|
||||
total_skipped++;
|
||||
mbedtls_fprintf( stdout, "----\n" );
|
||||
|
||||
if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE )
|
||||
{
|
||||
mbedtls_fprintf( stdout, " Test Suite not enabled" );
|
||||
}
|
||||
|
||||
if( 1 == option_verbose && unmet_dep_count > 0 )
|
||||
{
|
||||
mbedtls_fprintf( stdout, " Unmet dependencies: " );
|
||||
while( unmet_dep_count > 0)
|
||||
{
|
||||
mbedtls_fprintf(stdout, "%s ",
|
||||
unmet_dependencies[unmet_dep_count - 1]);
|
||||
free(unmet_dependencies[unmet_dep_count - 1]);
|
||||
unmet_dep_count--;
|
||||
}
|
||||
mbedtls_fprintf( stdout, "\n" );
|
||||
}
|
||||
fflush( stdout );
|
||||
}
|
||||
else if( ret == 0 && test_errors == 0 )
|
||||
else if( ret == DISPATCH_TEST_SUCCESS && test_errors == 0 )
|
||||
{
|
||||
mbedtls_fprintf( stdout, "PASS\n" );
|
||||
fflush( stdout );
|
||||
}
|
||||
else if( ret == 2 )
|
||||
else if( ret == DISPATCH_INVALID_TEST_DATA )
|
||||
{
|
||||
mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
|
||||
fclose(file);
|
||||
|
@ -345,7 +345,7 @@ mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d0419
|
||||
RSA Public (Data larger than N)
|
||||
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
RSA Generate Key
|
||||
RSA Generate Key - 128bit key
|
||||
mbedtls_rsa_gen_key:128:3:0
|
||||
|
||||
RSA Generate Key (Number of bits too small)
|
||||
@ -354,9 +354,15 @@ mbedtls_rsa_gen_key:127:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
|
||||
RSA Generate Key (Exponent too small)
|
||||
mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
|
||||
|
||||
RSA Generate Key
|
||||
RSA Generate Key - 1024 bit key
|
||||
mbedtls_rsa_gen_key:1024:3:0
|
||||
|
||||
RSA Generate Key - 2048 bit key
|
||||
mbedtls_rsa_gen_key:2048:3:0
|
||||
|
||||
RSA Generate Key - 1025 bit key
|
||||
mbedtls_rsa_gen_key:1025:3:0
|
||||
|
||||
RSA PKCS1 Encrypt Bad RNG
|
||||
depends_on:MBEDTLS_PKCS1_V15
|
||||
rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Temporary "entropy" collector for Cortex-M4
|
||||
* Hardware entropy collector for the K64F, using Freescale's RNGA
|
||||
*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
@ -20,46 +20,69 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
* WARNING: this is a temporary hack!
|
||||
* 1. Currently does not provide strong entropy, should be replaced to use the
|
||||
* on-board hardware RNG (see IOTSSL-303)
|
||||
* 2. This should be in a separete yotta module which would be a target
|
||||
* WARNING: this is temporary!
|
||||
* This should be in a separate yotta module which would be a target
|
||||
* dependency of mbedtls (see IOTSSL-313)
|
||||
*/
|
||||
|
||||
#if defined(TARGET_LIKE_CORTEX_M4)
|
||||
#if defined(TARGET_LIKE_K64F)
|
||||
|
||||
#include "MK64F12.h"
|
||||
#include "core_cm4.h"
|
||||
#include <string.h>
|
||||
/*
|
||||
* Reference: "K64 Sub-Family Reference Manual, Rev. 2", chapter 34
|
||||
*/
|
||||
|
||||
unsigned long hardclock( void )
|
||||
#include "fsl_clock_manager.h"
|
||||
|
||||
/*
|
||||
* Get one byte of entropy from the RNG, assuming it is up and running.
|
||||
* As recommended (34.1.1), get only one bit of each output.
|
||||
*/
|
||||
static void rng_get_byte( unsigned char *byte )
|
||||
{
|
||||
static int dwt_started = 0;
|
||||
size_t bit;
|
||||
|
||||
if( dwt_started == 0 )
|
||||
/* 34.5 Steps 3-4-5: poll SR and read from OR when ready */
|
||||
for( bit = 0; bit < 8; bit++ )
|
||||
{
|
||||
CoreDebug->DEMCR |= CoreDebug_DEMCR_TRCENA_Msk;
|
||||
DWT->CTRL |= DWT_CTRL_CYCCNTENA_Msk;
|
||||
while( ( RNG->SR & RNG_SR_OREG_LVL_MASK ) == 0 );
|
||||
*byte |= ( RNG->OR & 1 ) << bit;
|
||||
}
|
||||
|
||||
return( DWT->CYCCNT );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get len bytes of entropy from the hardware RNG.
|
||||
*/
|
||||
int mbedtls_hardware_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen )
|
||||
{
|
||||
unsigned long timer = hardclock();
|
||||
size_t i;
|
||||
int ret;
|
||||
((void) data);
|
||||
*olen = 0;
|
||||
|
||||
if( len < sizeof(unsigned long) )
|
||||
return( 0 );
|
||||
CLOCK_SYS_EnableRngaClock( 0 );
|
||||
|
||||
memcpy( output, &timer, sizeof(unsigned long) );
|
||||
*olen = sizeof(unsigned long);
|
||||
/* Set "Interrupt Mask", "High Assurance" and "Go",
|
||||
* unset "Clear interrupt" and "Sleep" */
|
||||
RNG->CR = RNG_CR_INTM_MASK | RNG_CR_HA_MASK | RNG_CR_GO_MASK;
|
||||
|
||||
return( 0 );
|
||||
for( i = 0; i < len; i++ )
|
||||
rng_get_byte( output + i );
|
||||
|
||||
/* Just be extra sure that we didn't do it wrong */
|
||||
if( ( RNG->SR & RNG_SR_SECV_MASK ) != 0 )
|
||||
{
|
||||
ret = -1;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
*olen = len;
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
/* Disable clock to save power - assume we're the only users of RNG */
|
||||
CLOCK_SYS_DisableRngaClock( 0 );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif
|
||||
|
@ -26,10 +26,10 @@
|
||||
#endif
|
||||
|
||||
/*
|
||||
* WARNING: this is a temporary hack!
|
||||
* 2. This should be in a separete yotta module which would be a target
|
||||
* WARNING: this is temporary!
|
||||
* This should be in a separate yotta module which would be a target
|
||||
* dependency of mbedtls (see IOTSSL-313)
|
||||
*/
|
||||
#if defined(TARGET_LIKE_CORTEX_M4)
|
||||
#if defined(TARGET_LIKE_K64F)
|
||||
#define MBEDTLS_ENTROPY_HARDWARE_ALT
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user