From 732ccc4b068d4420a352a7ee4cdb3597b8b2a3cb Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Tue, 13 Nov 2018 18:59:17 +0200 Subject: [PATCH 1/6] Reduce Stack usage of hkdf test function `test_hkdf` in the hkdf test suites consumed stack of ~6KB with 6 buffers of ~1KB each. This causes stack overflow on some platforms with smaller stack. The buffer sizes were reduced. By testing, the sizes can be reduced even further, as the largest seen size is 82 bytes(for okm). --- tests/suites/test_suite_hkdf.function | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index c85a51a7a..020555f3b 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -14,12 +14,12 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, { int ret; size_t ikm_len, salt_len, info_len, okm_len; - unsigned char ikm[1024] = { '\0' }; - unsigned char salt[1024] = { '\0' }; - unsigned char info[1024] = { '\0' }; - unsigned char expected_okm[1024] = { '\0' }; - unsigned char okm[1024] = { '\0' }; - unsigned char okm_string[1000] = { '\0' }; + unsigned char ikm[128] = { '\0' }; + unsigned char salt[128] = { '\0' }; + unsigned char info[128] = { '\0' }; + unsigned char expected_okm[256] = { '\0' }; + unsigned char okm[256] = { '\0' }; + unsigned char okm_string[200] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); From ae3a631518f6308786df1ba6eef4d0c7e9396855 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 14 Nov 2018 20:22:03 +0200 Subject: [PATCH 2/6] Reduce buffer size of okm Reduce the buffer size of okm to 128, to reduce stack usage. --- tests/suites/test_suite_hkdf.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 020555f3b..e41422a63 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -17,9 +17,9 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char ikm[128] = { '\0' }; unsigned char salt[128] = { '\0' }; unsigned char info[128] = { '\0' }; - unsigned char expected_okm[256] = { '\0' }; - unsigned char okm[256] = { '\0' }; - unsigned char okm_string[200] = { '\0' }; + unsigned char expected_okm[128] = { '\0' }; + unsigned char okm[128] = { '\0' }; + unsigned char okm_string[256] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); From cdfe0bcad8948fe6576de3f20cf3e54204c6812c Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Tue, 27 Nov 2018 11:14:06 +0200 Subject: [PATCH 3/6] Update ChangeLog Add ChangeLog entry describing the fix. --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 4abb6254c..4d866f533 100644 --- a/ChangeLog +++ b/ChangeLog @@ -77,6 +77,7 @@ Bugfix replacements of standard calloc/free functions through the macros MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO. Reported by ole-de and ddhome2006. Fixes #882, #1642 and #1706. + * Reduce stack usage of hkdf tests. Fixes #2195. Changes * Removed support for Yotta as a build tool. From 1a3a7e5fc7b32b53ea82a1c885cd56488270c13c Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 28 Jan 2019 15:01:53 +0200 Subject: [PATCH 4/6] Add explanation for okm_string size Add explanation for why the size of `okm_string` buffer is twice as `okm` buffer. --- tests/suites/test_suite_hkdf.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index e41422a63..fc0e24217 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -19,6 +19,10 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char info[128] = { '\0' }; unsigned char expected_okm[128] = { '\0' }; unsigned char okm[128] = { '\0' }; + /* + * okm_string is the string representation of okm, + * so its size is twice as the size of okm. + */ unsigned char okm_string[256] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); From bc93219f667cfd211c24eee02d3c38172b51606d Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 28 Jan 2019 15:07:55 +0200 Subject: [PATCH 5/6] Minor modifications to hkdf test 1. Fix comment grammar. 2. Rename `okm_string` to `okm_hex`. --- tests/suites/test_suite_hkdf.function | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index fc0e24217..d2d66596f 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -20,10 +20,10 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char expected_okm[128] = { '\0' }; unsigned char okm[128] = { '\0' }; /* - * okm_string is the string representation of okm, - * so its size is twice as the size of okm. + * okm_hex is the string representation of okm, + * so its size is twice the size of okm. */ - unsigned char okm_string[256] = { '\0' }; + unsigned char okm_hex[256] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL ); @@ -38,8 +38,8 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, TEST_ASSERT( ret == 0 ); // Run hexify on it so that it looks nicer if the assertion fails - hexify( okm_string, okm, okm_len ); - TEST_ASSERT( !strcmp( (char *)okm_string, hex_okm_string ) ); + hexify( okm_hex, okm, okm_len ); + TEST_ASSERT( !strcmp( (char *)okm_hex, hex_okm_string ) ); } /* END_CASE */ From 17233f5a5cad2c407dc07b842abab9cfe5f68c2a Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 28 Jan 2019 15:18:15 +0200 Subject: [PATCH 6/6] Increase okm_hex buffer to contain null character Add an additional byte for the `okm_hex` buffer, to assure it is null-terminated in case `okm` is 128 bytes long. --- tests/suites/test_suite_hkdf.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index d2d66596f..3e8720734 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -21,9 +21,9 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, unsigned char okm[128] = { '\0' }; /* * okm_hex is the string representation of okm, - * so its size is twice the size of okm. + * so its size is twice the size of okm, and an extra null-termination. */ - unsigned char okm_hex[256] = { '\0' }; + unsigned char okm_hex[257] = { '\0' }; const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); TEST_ASSERT( md != NULL );