From db34e6d9b6195b51c365a5f7501800e970ba8e41 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 14 Apr 2015 14:59:47 +0200 Subject: [PATCH 1/5] Updated Travis CI config for mbedtls project --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0a51e7eed..24c7667b1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,14 +13,14 @@ script: - tests/scripts/test-ref-configs.pl env: global: - secure: LidFb8vsR72MKTVpaZ8IYHR1xeVnff47/+ckEge5F9gcwf7QmfSI3+gBLZZciNdyrWzOFhlQ5Q2z/pqVeRtEkKrlcporoMMcHRIbyIA+lfRE1HnYHw7jITScfN9ZmK4msU1ElRlAk6U7ND6MPTH8QfWwchNafDk9d3AoHL4/RrQ= + secure: "barHldniAfXyoWOD/vcO+E6/Xm4fmcaUoC9BeKW+LwsHqlDMLvugaJnmLXkSpkbYhVL61Hzf3bo0KPJn88AFc5Rkf8oYHPjH4adMnVXkf3B9ghHCgznqHsAH3choo6tnPxaFgOwOYmLGb382nQxfE5lUdvnM/W/psQjWt66A1+k=" addons: coverity_scan: project: - name: "polarssl/polarssl" + name: "ARMmbed/mbedtls" description: "mbed TLS Open Source SSL Library" notification_email: p.j.bakker@polarssl.org build_command_prepend: build_command: make - branch_pattern: development + branch_pattern: coverity_scan From 6152b0267cac48e897facb25f7d492d83ae8bbbe Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 14 Apr 2015 15:00:09 +0200 Subject: [PATCH 2/5] Fixed typos --- ChangeLog | 2 +- README.rst | 2 +- include/polarssl/ecp.h | 2 +- include/polarssl/platform.h | 2 +- programs/pkey/mpi_demo.c | 2 +- scripts/ecc-heap.sh | 2 +- tests/data_files/Readme-x509.txt | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3697f5310..b24b2d688 100644 --- a/ChangeLog +++ b/ChangeLog @@ -88,7 +88,7 @@ Features length of an X.509 verification chain. * Support for renegotiation can now be disabled at compile-time * Support for 1/n-1 record splitting, a countermeasure against BEAST. - * Certificate selection based on signature hash, prefering SHA-1 over SHA-2 + * Certificate selection based on signature hash, preferring SHA-1 over SHA-2 for pre-1.2 clients when multiple certificates are available. * Add support for getrandom() syscall on recent Linux kernels with Glibc or a compatible enough libc (eg uClibc). diff --git a/README.rst b/README.rst index ae335f88f..59ca2c67d 100644 --- a/README.rst +++ b/README.rst @@ -68,7 +68,7 @@ There are many different build modes available within the CMake buildsystem. Mos - ASanDbg. Same as ASan but slower, with debug information and better stack traces. - MemSan. - This intruments the code with MemorySanitizer to check for uninitialised + This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86_64. - MemSanDbg. Same as ASan but slower, with debug information, better stack traces and diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h index eef445fa1..ef99351c7 100644 --- a/include/polarssl/ecp.h +++ b/include/polarssl/ecp.h @@ -642,7 +642,7 @@ int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key, * \param pub Keypair structure holding a public key * \param prv Keypair structure holding a private (plus public) key * - * \return 0 if successfull (keys are valid and match), or + * \return 0 if successful (keys are valid and match), or * POLARSSL_ERR_ECP_BAD_INPUT_DATA, or * a POLARSSL_ERR_ECP_XXX or POLARSSL_ERR_MPI_XXX code. */ diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h index 32d1c9f25..9095203e0 100644 --- a/include/polarssl/platform.h +++ b/include/polarssl/platform.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -/* Temporary compability hack for to keep MEMORY_C working */ +/* Temporary compatibility hack for to keep MEMORY_C working */ #if defined(POLARSSL_MEMORY_C) && !defined(POLARSSL_PLATFORM_MEMORY) #define POLARSSL_PLATFORM_MEMORY #endif diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index c94fb9764..95267fccb 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -96,7 +96,7 @@ cleanup: if( ret != 0 ) { - polarssl_printf( "\nAn error occured.\n" ); + polarssl_printf( "\nAn error occurred.\n" ); ret = 1; } diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 4f88a4422..8c53f0945 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Measure heap usage (and perfomance) of ECC operations with various values of +# Measure heap usage (and performance) of ECC operations with various values of # the relevant tunable compile-time parameters. # # Usage (preferably on a 32-bit platform): diff --git a/tests/data_files/Readme-x509.txt b/tests/data_files/Readme-x509.txt index 3022aae7c..2077f3a95 100644 --- a/tests/data_files/Readme-x509.txt +++ b/tests/data_files/Readme-x509.txt @@ -73,7 +73,7 @@ Certificate revocation lists Signing CA in parentheses (same meaning as certificates). - crl-ec-sha*: (2) server6.crt -- crl-future.pem: (2) server6.crt + unkown +- crl-future.pem: (2) server6.crt + unknown - crl-rsa-pss-*.pem: (1) server9{,badsign,with-ca}.crt + cert_sha384.crt + unknown - crl.pem, crl_expired.pem: (1) server1{,.cert_type,.key_usage,.v1}.crt + unknown - crl_md*.pem: crl_sha*.pem: (1) same as crl.pem From e6c8366b46c2d767ad2e724f6d4281f59d65dfa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 14 Apr 2015 11:18:04 +0200 Subject: [PATCH 3/5] Fix bug in pk_parse_key() --- ChangeLog | 2 + library/pkparse.c | 97 ++++++++++++++------------- tests/data_files/ec_prv.noopt.der | Bin 0 -> 67 bytes tests/suites/test_suite_pkparse.data | 4 ++ 4 files changed, 56 insertions(+), 47 deletions(-) create mode 100644 tests/data_files/ec_prv.noopt.der diff --git a/ChangeLog b/ChangeLog index b24b2d688..09d7c7b89 100644 --- a/ChangeLog +++ b/ChangeLog @@ -25,6 +25,8 @@ Features errors on use of deprecated functions. Bugfix + * Fix bug in pk_parse_key() that caused some valid private EC keys to be + rejected. * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos). * Fix thread safety bug in RSA operations (found by Fredrik Axelsson). * Fix hardclock() (only used in the benchmarking program) with some diff --git a/library/pkparse.c b/library/pkparse.c index 06fb2929f..39c51f648 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -761,58 +761,61 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck, p += len; - /* - * Is 'parameters' present? - */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) + pubkey_done = 0; + if( p != end ) { - if( ( ret = pk_get_ecparams( &p, p + len, ¶ms) ) != 0 || - ( ret = pk_use_ecparams( ¶ms, &eck->grp ) ) != 0 ) + /* + * Is 'parameters' present? + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) + { + if( ( ret = pk_get_ecparams( &p, p + len, ¶ms) ) != 0 || + ( ret = pk_use_ecparams( ¶ms, &eck->grp ) ) != 0 ) + { + ecp_keypair_free( eck ); + return( ret ); + } + } + else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + { + ecp_keypair_free( eck ); + return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + } + + /* + * Is 'publickey' present? If not, or if we can't read it (eg because it + * is compressed), create it from the private key. + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) + { + end2 = p + len; + + if( ( ret = asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) + return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + + if( p + len != end2 ) + return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) + pubkey_done = 1; + else + { + /* + * The only acceptable failure mode of pk_get_ecpubkey() above + * is if the point format is not recognized. + */ + if( ret != POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ) + return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + } + } + else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) { ecp_keypair_free( eck ); - return( ret ); - } - } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - { - ecp_keypair_free( eck ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); - } - - /* - * Is 'publickey' present? If not, or if we can't read it (eg because it - * is compressed), create it from the private key. - */ - pubkey_done = 0; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { - end2 = p + len; - - if( ( ret = asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); - - if( p + len != end2 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - - if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) - pubkey_done = 1; - else - { - /* - * The only acceptable failure mode of pk_get_ecpubkey() above - * is if the point format is not recognized. - */ - if( ret != POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); } - } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - { - ecp_keypair_free( eck ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); } if( ! pubkey_done && diff --git a/tests/data_files/ec_prv.noopt.der b/tests/data_files/ec_prv.noopt.der new file mode 100644 index 0000000000000000000000000000000000000000..fde16a17a7551d655f8cb0e66febe4809a664845 GIT binary patch literal 67 zcmXqTWMX765N2c7YV$Z}%f!gW0cJ2Wva_fgs4_7!vM9Vh?a{s>m+gy*#G)C0*3J3b V_^ST Date: Wed, 15 Apr 2015 11:03:43 +0200 Subject: [PATCH 4/5] Fix macro name from wrong branch --- include/polarssl/compat-1.2.h | 9 +++------ include/polarssl/openssl.h | 6 +++--- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/include/polarssl/compat-1.2.h b/include/polarssl/compat-1.2.h index 441ced7c5..d694015e4 100644 --- a/include/polarssl/compat-1.2.h +++ b/include/polarssl/compat-1.2.h @@ -23,15 +23,12 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) +#if defined(POLARSSL_DEPRECATED_WARNING) #warning "Including compat-1.2.h is deprecated" #endif -#ifndef MBEDTLS_COMPAT13_H -#define MBEDTLS_COMPAT13_H - #ifndef POLARSSL_COMPAT_1_2_H #define POLARSSL_COMPAT_1_2_H @@ -395,4 +392,4 @@ static inline int x509_write_key_der( unsigned char *buf, size_t len, rsa_contex } #endif /* POLARSSL_PK_WRITE_C && POLARSSL_RSA_C */ #endif /* compat-1.2.h */ -#endif /* MBEDTLS_DEPRECATED_REMOVED */ +#endif /* POLARSSL_DEPRECATED_REMOVED */ diff --git a/include/polarssl/openssl.h b/include/polarssl/openssl.h index 96435a3e5..233a09324 100644 --- a/include/polarssl/openssl.h +++ b/include/polarssl/openssl.h @@ -28,9 +28,9 @@ * OpenSSL wrapper contributed by David Barett */ -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) +#if defined(POLARSSL_DEPRECATED_WARNING) #warning "Including openssl.h is deprecated" #endif @@ -145,4 +145,4 @@ inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* o #endif #endif /* openssl.h */ -#endif /* MBEDTLS_DEPRECATED_REMOVED */ +#endif /* POLARSSL_DEPRECATED_REMOVED */ From 0645bfa74ece70358238cd01415b9a51962878c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 15 Apr 2015 11:14:22 +0200 Subject: [PATCH 5/5] Fix typos in Changelog --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 09d7c7b89..2fb793fc3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -48,10 +48,10 @@ Changes * Options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 are deprecated. * Enabling POLARSSL_NET_C without POLARSSL_HAVE_IPV6 is deprecated. * compat-1.2.h and openssl.h are deprecated. - * Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now + * Adjusting/overriding CFLAGS and LDFLAGS with the make build system is now more flexible (warning: OFLAGS is not used any more) (see the README) (contributed by Alon Bar-Lev). - * ssl_set_own_cert() now longers calls pk_check_pair() since the + * ssl_set_own_cert() no longer calls pk_check_pair() since the performance impact was bad for some users (this was introduced in 1.3.10). * Move from SHA-1 to SHA-256 in example programs using signatures (suggested by Thorsten Mühlfelder).