From 00efff74691373b0cfd939d4b824f400d7a8c70e Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 6 May 2016 13:48:23 +0100 Subject: [PATCH 01/64] Add a test for SSLv3 with extensions, server side This test verifies if the server parses or sends extensions when the protocol is SSLv3. --- tests/ssl-opt.sh | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c08af7b04..1a91f7a6e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -715,7 +715,7 @@ run_test "Encrypt then MAC: client enabled, server SSLv3" \ "$P_CLI debug_level=3 min_version=ssl3" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ - -s "found encrypt then mac extension" \ + -S "found encrypt then mac extension" \ -S "server hello, adding encrypt then mac extension" \ -C "found encrypt_then_mac extension" \ -C "using encrypt then mac" \ @@ -774,7 +774,7 @@ run_test "Extended Master Secret: client enabled, server SSLv3" \ "$P_CLI debug_level=3 min_version=ssl3" \ 0 \ -c "client hello, adding extended_master_secret extension" \ - -s "found extended master secret extension" \ + -S "found extended master secret extension" \ -S "server hello, adding extended master secret extension" \ -C "found extended_master_secret extension" \ -C "using extended master secret" \ @@ -2848,6 +2848,16 @@ run_test "Small packet TLS 1.2 AEAD shorter tag" \ 0 \ -s "Read from client: 1 bytes read" +# A test for extensions in SSLv3 + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "SSLv3 with extensions, server side" \ + "$P_SRV min_version=ssl3 debug_level=3" \ + "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \ + 0 \ + -S "dumping 'client hello extensions'" \ + -S "server hello, total extension length:" + # Test for large packets requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 From 1aa590a1e4e5b4eaa91534958e47d9888b3d2864 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 9 May 2016 14:36:33 +0100 Subject: [PATCH 02/64] Add check to prevent enabling of RSA without selecting PKCS version(s) --- include/mbedtls/check_config.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b6448ecef..8c0c68986 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -362,6 +362,11 @@ #error "MBEDTLS_RSA_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) || \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" +#endif + #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) ) #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" From d9dcd4321bdbe119b55b7556292ff0b06f8246b2 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 9 May 2016 15:13:04 +0100 Subject: [PATCH 03/64] Fix logic to allow at least one PKCS version enabled --- include/mbedtls/check_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 8c0c68986..d31555df7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -362,7 +362,7 @@ #error "MBEDTLS_RSA_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) || \ +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \ !defined(MBEDTLS_PKCS1_V15) ) #error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" #endif From 6507891e65e7f8aabc08f0e0196ebdd1f1b9891a Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 10:50:43 +0100 Subject: [PATCH 04/64] Add ability to only run select numbered tests in ssl-opt.sh In order to reduce debugging time, allows you to only run interesting tests (by number) from the commandline. e.g. the command 'tests/ssl-opt.sh -n 246,258' will only run test 246 and 258 (as per the number in the log file names) --- tests/ssl-opt.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c08af7b04..d8df4ea87 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -33,12 +33,15 @@ MEMCHECK=0 FILTER='.*' EXCLUDE='^$' +RUN_TEST_NUMBER='' + print_usage() { echo "Usage: $0 [options]" printf " -h|--help\tPrint this help.\n" printf " -m|--memcheck\tCheck memory leaks and errors.\n" printf " -f|--filter\tOnly matching tests are executed (default: '$FILTER')\n" printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" + printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" } get_options() { @@ -53,6 +56,9 @@ get_options() { -m|--memcheck) MEMCHECK=1 ;; + -n|--number) + shift; RUN_TEST_NUMBER=$1 + ;; -h|--help) print_usage exit 0 @@ -293,6 +299,13 @@ run_test() { print_name "$NAME" + # Do we only run numbered tests? + if [ "X$RUN_TEST_NUMBER" = "X" ]; then : + elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then : + else + SKIP_NEXT="YES" + fi + # should we skip? if [ "X$SKIP_NEXT" = "XYES" ]; then SKIP_NEXT="NO" From 9911faa1b42dda8ec5fc8938f4e8791829a5d99c Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 11:18:17 +0100 Subject: [PATCH 05/64] Add option to print test numbers in ssl-opt.sh output Allows for easy selection of tests based on numbers for use with the '-n' option --- tests/ssl-opt.sh | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d8df4ea87..37fad8640 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -33,6 +33,7 @@ MEMCHECK=0 FILTER='.*' EXCLUDE='^$' +SHOW_TEST_NUMBER=0 RUN_TEST_NUMBER='' print_usage() { @@ -42,6 +43,7 @@ print_usage() { printf " -f|--filter\tOnly matching tests are executed (default: '$FILTER')\n" printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" + printf " -s|--show-numbers\tShow test numbers in front of test names\n" } get_options() { @@ -59,6 +61,9 @@ get_options() { -n|--number) shift; RUN_TEST_NUMBER=$1 ;; + -s|--show-numbers) + SHOW_TEST_NUMBER=1 + ;; -h|--help) print_usage exit 0 @@ -143,12 +148,19 @@ needs_more_time() { # print_name print_name() { - printf "$1 " - LEN=$(( 72 - `echo "$1" | wc -c` )) + TESTS=$(( $TESTS + 1 )) + LINE="" + + if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then + LINE="$TESTS " + fi + + LINE="$LINE$1" + printf "$LINE " + LEN=$(( 72 - `echo "$LINE" | wc -c` )) for i in `seq 1 $LEN`; do printf '.'; done printf ' ' - TESTS=$(( $TESTS + 1 )) } # fail From 73b851d23b3d16515deca8ac0374b2df1d262d39 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 11:47:13 +0100 Subject: [PATCH 06/64] Add option to preserve all logs in ssl-opt.sh Useful to also allow saving of correct logs in order to compare differences with failed logs --- tests/ssl-opt.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 37fad8640..e61025149 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -36,6 +36,8 @@ EXCLUDE='^$' SHOW_TEST_NUMBER=0 RUN_TEST_NUMBER='' +PRESERVE_LOGS=0 + print_usage() { echo "Usage: $0 [options]" printf " -h|--help\tPrint this help.\n" @@ -44,6 +46,7 @@ print_usage() { printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" printf " -s|--show-numbers\tShow test numbers in front of test names\n" + printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" } get_options() { @@ -64,6 +67,9 @@ get_options() { -s|--show-numbers) SHOW_TEST_NUMBER=1 ;; + -p|--preserve-logs) + PRESERVE_LOGS=1 + ;; -h|--help) print_usage exit 0 @@ -485,6 +491,11 @@ run_test() { # if we're here, everything is ok echo "PASS" + if [ "$PRESERVE_LOGS" -gt 0 ]; then + mv $SRV_OUT o-srv-${TESTS}.log + mv $CLI_OUT o-cli-${TESTS}.log + fi + rm -f $SRV_OUT $CLI_OUT $PXY_OUT } From a8a318db45234b791b9afab13ec76cca9263b326 Mon Sep 17 00:00:00 2001 From: Brian Murray Date: Wed, 18 May 2016 14:38:02 -0700 Subject: [PATCH 07/64] fix indentation in output of selftest.c --- library/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/rsa.c b/library/rsa.c index 9386a762f..3f41840e1 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1688,7 +1688,7 @@ int mbedtls_rsa_self_test( int verbose ) #if defined(MBEDTLS_SHA1_C) if( verbose != 0 ) - mbedtls_printf( "PKCS#1 data sign : " ); + mbedtls_printf( " PKCS#1 data sign : " ); mbedtls_sha1( rsa_plaintext, PT_LEN, sha1sum ); From 7ee51c626aa1a867ced0ebb3afe1470ee01f19a7 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 00:22:37 +0100 Subject: [PATCH 08/64] Fixes whitespace errors in x509_crl.c --- library/x509_crl.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/x509_crl.c b/library/x509_crl.c index 125a77399..7b2b4733b 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -502,14 +502,15 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s { mbedtls_pem_init( &pem ); - /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buflen == 0 || buf[buflen - 1] != '\0' ) - ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN X509 CRL-----", - "-----END X509 CRL-----", - buf, NULL, 0, &use_len ); + // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated + // string + if( buflen == 0 || buf[buflen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN X509 CRL-----", + "-----END X509 CRL-----", + buf, NULL, 0, &use_len ); if( ret == 0 ) { From 99239d6ff1cb28fbfb5ce4622507e2c43cb66987 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 22:12:18 +0100 Subject: [PATCH 09/64] Fixes RC4 config dependencies in tests in ssl-opt.h Adds dependencies on MBEDTLS_REMOVE_ARC4_CIPHERSUITES for tests that require RC4 to be disabled (the default config). --- tests/ssl-opt.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b939c7158..d926d718a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -611,12 +611,14 @@ run_test "Default, DTLS" \ # Tests for rc4 option +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server disabled, client enabled" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 1 \ -s "SSL - The server has no ciphersuites in common" +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server half, client enabled" \ "$P_SRV arc4=1" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ From 7c0ad8b8cf665afa434c1581f89ff83f5fe55322 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 22:15:34 +0100 Subject: [PATCH 10/64] Adds parallel builds to basic-build-test.sh To speed up test time, added parallel builds --- tests/scripts/basic-build-test.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index d961230ed..010c0c67f 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -2,6 +2,8 @@ # basic-build-tests.sh # +# This file is part of mbed TLS (https://tls.mbed.org) +# # Copyright (c) 2016, ARM Limited, All Rights Reserved # # Purpose @@ -40,7 +42,7 @@ export CFLAGS=' --coverage -g3 -O0 ' make clean scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE -make +make -j # Step 2 - Execute the tests From 80d70cb4681771bb3b0f1c4254a55f3084549eb4 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 23:43:11 +0100 Subject: [PATCH 11/64] Updates copyright and attribution in comment header in ssl-opt.sh --- tests/ssl-opt.sh | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d926d718a..07627b01c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1,12 +1,23 @@ #!/bin/sh -# Test various options that are not covered by compat.sh +# ssl-opt.sh # -# Here the goal is not to cover every ciphersuite/version, but -# rather specific options (max fragment length, truncated hmac, etc) -# or procedures (session resumption from cache or ticket, renego, etc). +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# Executes tests to prove various TLS/SSL options and extensions. +# +# The goal is not to cover every ciphersuite/version, but instead to cover +# specific options (max fragment length, truncated hmac, etc) or procedures +# (session resumption from cache or ticket, renego, etc). +# +# The tests assume a build with default options, with exceptions expressed +# with a dependency. The tests focus on functionality and do not consider +# performance. # -# Assumes a build with default options. set -u From 3b36bd12f6f2aa7fa271371502f19c31683e2175 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 20 May 2016 00:00:37 +0100 Subject: [PATCH 12/64] Adds casts to zeroize functions to allow building as C++ --- library/aes.c | 2 +- library/arc4.c | 2 +- library/asn1parse.c | 2 +- library/blowfish.c | 2 +- library/camellia.c | 2 +- library/ccm.c | 2 +- library/cipher.c | 2 +- library/des.c | 2 +- library/sha1.c | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/aes.c b/library/aes.c index ec9313de3..36660306e 100644 --- a/library/aes.c +++ b/library/aes.c @@ -56,7 +56,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/arc4.c b/library/arc4.c index ff0e993e7..05b33d3fd 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -49,7 +49,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) diff --git a/library/asn1parse.c b/library/asn1parse.c index b37523def..e59d2509f 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -45,7 +45,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/blowfish.c b/library/blowfish.c index 89be4d122..9003f0dfe 100644 --- a/library/blowfish.c +++ b/library/blowfish.c @@ -41,7 +41,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/camellia.c b/library/camellia.c index e015ca24b..d50513fd0 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -50,7 +50,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/ccm.c b/library/ccm.c index 3463a0b32..13a8fd1a2 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -51,7 +51,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } #define CCM_ENCRYPT 0 diff --git a/library/cipher.c b/library/cipher.c index ccc068503..0dc51520f 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -51,7 +51,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } static int supported_init = 0; diff --git a/library/des.c b/library/des.c index 61f214af3..09f95cfc3 100644 --- a/library/des.c +++ b/library/des.c @@ -50,7 +50,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/sha1.c b/library/sha1.c index 8c77cbaa8..2ccf2a2f5 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -49,7 +49,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* From 12833ed3c82acee7509587029d755fe10be2fc10 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 20 May 2016 00:19:09 +0100 Subject: [PATCH 13/64] Adds additional casts to calloc calls Casts added to allow compilation of the library as C++ --- library/asn1parse.c | 3 ++- library/asn1write.c | 4 +++- library/bignum.c | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index e59d2509f..ffa2f5299 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -269,7 +269,8 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, /* Allocate and assign next pointer */ if( *p < end ) { - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + cur->next = (mbedtls_asn1_sequence*)mbedtls_calloc( 1, + sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); diff --git a/library/asn1write.c b/library/asn1write.c index 00ed73c11..027c858e7 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -312,7 +312,9 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data { // Add new entry if not present yet based on OID // - if( ( cur = mbedtls_calloc( 1, sizeof(mbedtls_asn1_named_data) ) ) == NULL ) + cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1, + sizeof(mbedtls_asn1_named_data) ); + if( cur == NULL ) return( NULL ); cur->oid.len = oid_len; diff --git a/library/bignum.c b/library/bignum.c index 4536a3b86..4c99e04d6 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -120,7 +120,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) if( X->n < nblimbs ) { - if( ( p = mbedtls_calloc( nblimbs, ciL ) ) == NULL ) + if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( nblimbs, ciL ) ) == NULL ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->p != NULL ) @@ -158,7 +158,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) if( i < nblimbs ) i = nblimbs; - if( ( p = mbedtls_calloc( i, ciL ) ) == NULL ) + if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( i, ciL ) ) == NULL ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->p != NULL ) From 27f9ccc959d314d70646766693a1bdd3495875d8 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 23 May 2016 11:13:17 +0100 Subject: [PATCH 14/64] Adds check for valgrind to ssl-opt.sh (#488) Provides graceful exit rather than fail silently if valgrind isn't installed. --- tests/ssl-opt.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 07627b01c..bfc603f9a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -551,6 +551,12 @@ if [ ! -x "$P_PXY" ]; then echo "Command '$P_PXY' is not an executable file" exit 1 fi +if [ "$MEMCHECK" -gt 0 ]; then + if which valgrind >/dev/null 2>&1; then :; else + echo "Memcheck not possible. Valgrind not found" + exit 1 + fi +fi if which $OPENSSL_CMD >/dev/null 2>&1; then :; else echo "Command '$OPENSSL_CMD' not found" exit 1 From c6dab2b029901c6e898eb6044df181faf076c1eb Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 23 May 2016 14:27:02 +0100 Subject: [PATCH 15/64] Fix non compliance SSLv3 in server extension handling. The server code parses the client hello extensions even when the protocol is SSLv3 and this behaviour is non compliant with rfc6101. Also the server sends extensions in the server hello and omitting them may prevent interoperability problems. --- ChangeLog | 2 ++ library/ssl_srv.c | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/ChangeLog b/ChangeLog index 3b32873b2..d9fce9234 100644 --- a/ChangeLog +++ b/ChangeLog @@ -34,6 +34,8 @@ Changes * Disabled SSLv3 in the default configuration. * Optimized mbedtls_mpi_zeroize() for MPI integer size. (Fix by Alexey Skalozub). + * Fix non-compliance server extension handling. Extensions for SSLv3 are now + ignored, as required by RFC6101. = mbed TLS 2.2.1 released 2016-01-05 diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 9fc21a5ef..5a51cbbd2 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1507,6 +1507,12 @@ read_record_header: ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; #endif + /* Do not parse the extensions if the protocol is SSLv3 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) + { +#endif + /* * Check the extension length */ @@ -1692,8 +1698,13 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } + } +#if defined(MBEDTLS_SSL_PROTO_SSL3) + } +#endif + #if defined(MBEDTLS_SSL_FALLBACK_SCSV) for( i = 0, p = buf + 41 + sess_len; i < ciph_len; i += 2, p += 2 ) { @@ -2363,6 +2374,12 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", ssl->session_negotiate->compression ) ); + /* Do not write the extensions if the protocol is SSLv3 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) + { +#endif + /* * First write extensions, then the total length */ @@ -2419,6 +2436,10 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) p += ext_len; } +#if defined(MBEDTLS_SSL_PROTO_SSL3) + } +#endif + ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; From b19bac4d82d390003218efc15bd24d074d8fe8e8 Mon Sep 17 00:00:00 2001 From: Nicholas Wilson Date: Sat, 14 Nov 2015 13:09:01 +0000 Subject: [PATCH 16/64] Allow test suites to be run on Windows For a start, they don't even compile with Visual Studio due to strcasecmp being missing. Secondly, on Windows Perl scripts aren't executable and have to be run using the Perl interpreter directly; thankfully CMake is able to find cygwin Perl straight away without problems. --- tests/CMakeLists.txt | 7 ++++++- tests/suites/helpers.function | 2 ++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 1cca81830..23eb2a432 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -10,6 +10,11 @@ if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) +find_package(Perl) +if(NOT PERL_FOUND) + message(FATAL_ERROR "Cannot build test suites without Perl") +endif() + function(add_test_suite suite_name) if(ARGV1) set(data_name ${ARGV1}) @@ -19,7 +24,7 @@ function(add_test_suite suite_name) add_custom_command( OUTPUT test_suite_${data_name}.c - COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_code.pl ${CMAKE_CURRENT_SOURCE_DIR}/suites test_suite_${suite_name} test_suite_${data_name} + COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_code.pl ${CMAKE_CURRENT_SOURCE_DIR}/suites test_suite_${suite_name} test_suite_${data_name} DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_code.pl mbedtls suites/helpers.function suites/main_test.function suites/test_suite_${suite_name}.function suites/test_suite_${data_name}.data ) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index cc9ab7c42..8521b878c 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -28,6 +28,8 @@ #ifdef _MSC_VER #include typedef UINT32 uint32_t; +#define strncasecmp _strnicmp +#define strcasecmp _stricmp #else #include #endif From 5c1e24ca055c851953bf4a5b3215a27f9f54a00c Mon Sep 17 00:00:00 2001 From: James Cowgill Date: Thu, 17 Dec 2015 01:40:26 +0000 Subject: [PATCH 17/64] Fix build errors on x32 by using the generic 'add' instruction On x32 systems, pointers are 4-bytes wide and are therefore stored in %e?x registers (instead of %r?x registers). These registers must be accessed using "addl" instead of "addq", however the GNU assembler will acccept the generic "add" instruction and determine the correct opcode based on the registers passed to it. --- library/aesni.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/aesni.c b/library/aesni.c index 83a5868bd..1ca3c3ef5 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -100,7 +100,7 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, asm( "movdqu (%3), %%xmm0 \n\t" // load input "movdqu (%1), %%xmm1 \n\t" // load round key 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0 - "addq $16, %1 \n\t" // point to next round key + "add $16, %1 \n\t" // point to next round key "subl $1, %0 \n\t" // normal rounds = nr - 1 "test %2, %2 \n\t" // mode? "jz 2f \n\t" // 0 = decrypt @@ -108,7 +108,7 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, "1: \n\t" // encryption loop "movdqu (%1), %%xmm1 \n\t" // load round key AESENC xmm1_xmm0 "\n\t" // do round - "addq $16, %1 \n\t" // point to next round key + "add $16, %1 \n\t" // point to next round key "subl $1, %0 \n\t" // loop "jnz 1b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key @@ -118,7 +118,7 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, "2: \n\t" // decryption loop "movdqu (%1), %%xmm1 \n\t" AESDEC xmm1_xmm0 "\n\t" // do round - "addq $16, %1 \n\t" + "add $16, %1 \n\t" "subl $1, %0 \n\t" "jnz 2b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key From c788b4cb5ae152b691d53cc3defc2e432dad45a9 Mon Sep 17 00:00:00 2001 From: James Cowgill Date: Thu, 17 Dec 2015 01:51:09 +0000 Subject: [PATCH 18/64] Fix segfault on x32 by using better register constraints in bn_mul.h On x32, pointers are only 4-bytes wide and need to be loaded using the "movl" instruction instead of "movq" to avoid loading garbage into the register. The MULADDC routines for x86-64 are adjusted to work on x32 as well by getting gcc to load all the registers for us in advance (and storing them later) by using better register constraints. The b, c, D and S constraints correspond to the rbx, rcx, rdi and rsi registers respectively. --- include/mbedtls/bn_mul.h | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index 1fc7aa68d..cac3f1457 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -162,10 +162,6 @@ #define MULADDC_INIT \ asm( \ - "movq %3, %%rsi \n\t" \ - "movq %4, %%rdi \n\t" \ - "movq %5, %%rcx \n\t" \ - "movq %6, %%rbx \n\t" \ "xorq %%r8, %%r8 \n\t" #define MULADDC_CORE \ @@ -181,12 +177,9 @@ "addq $8, %%rdi \n\t" #define MULADDC_STOP \ - "movq %%rcx, %0 \n\t" \ - "movq %%rdi, %1 \n\t" \ - "movq %%rsi, %2 \n\t" \ - : "=m" (c), "=m" (d), "=m" (s) \ - : "m" (s), "m" (d), "m" (c), "m" (b) \ - : "rax", "rcx", "rdx", "rbx", "rsi", "rdi", "r8" \ + : "+c" (c), "+D" (d), "+S" (s) \ + : "b" (b) \ + : "rax", "rdx", "r8" \ ); #endif /* AMD64 */ From c8404607eadef9748dfeb9388114eac6dedb9673 Mon Sep 17 00:00:00 2001 From: Alexey Skalozub Date: Wed, 13 Jan 2016 17:39:58 +0200 Subject: [PATCH 19/64] Move K inside MBEDTLS_SHA512_PROCESS_ALT block It is used only by `mbedtls_sha512_process()`, and in case `MBEDTLS_SHA512_PROCESS_ALT` is defined, it still cannot be reused because of `static` declaration. --- library/sha512.c | 95 ++++++++++++++++++++++++------------------------ 1 file changed, 48 insertions(+), 47 deletions(-) diff --git a/library/sha512.c b/library/sha512.c index af610bb43..0f9e1e535 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -89,53 +89,6 @@ static void mbedtls_zeroize( void *v, size_t n ) { } #endif /* PUT_UINT64_BE */ -/* - * Round constants - */ -static const uint64_t K[80] = -{ - UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD), - UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC), - UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019), - UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118), - UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE), - UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2), - UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1), - UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694), - UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3), - UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65), - UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483), - UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5), - UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210), - UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4), - UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725), - UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70), - UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926), - UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF), - UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8), - UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B), - UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001), - UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30), - UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910), - UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8), - UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53), - UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8), - UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB), - UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3), - UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60), - UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC), - UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9), - UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B), - UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207), - UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178), - UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6), - UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B), - UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493), - UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C), - UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), - UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) -}; - void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); @@ -192,6 +145,54 @@ void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) } #if !defined(MBEDTLS_SHA512_PROCESS_ALT) + +/* + * Round constants + */ +static const uint64_t K[80] = +{ + UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD), + UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC), + UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019), + UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118), + UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE), + UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2), + UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1), + UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694), + UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3), + UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65), + UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483), + UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5), + UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210), + UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4), + UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725), + UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70), + UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926), + UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF), + UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8), + UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B), + UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001), + UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30), + UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910), + UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8), + UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53), + UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8), + UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB), + UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3), + UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60), + UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC), + UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9), + UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B), + UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207), + UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178), + UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6), + UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B), + UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493), + UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C), + UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), + UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) +}; + void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) { int i; From 2791ba1429947e4f699ea1d253db3815f2f33ff8 Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Tue, 26 Jan 2016 11:39:26 +0100 Subject: [PATCH 20/64] Fix handle leak in mbedtls_platform_entropy_poll() on Windows on error --- library/entropy_poll.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 972ad2aea..e2f45c78a 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -67,7 +67,10 @@ int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len } if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) + { + CryptReleaseContext( provider, 0 ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + } CryptReleaseContext( provider, 0 ); *olen = len; From 91c68a5e150b096d59a879e0e04d2c8df2f96a3e Mon Sep 17 00:00:00 2001 From: Nicholas Wilson Date: Wed, 13 Apr 2016 11:44:29 +0100 Subject: [PATCH 21/64] Shut up a clang-analyzer warning The function appears to be safe, since grow() is called with sensible arguments in previous functions. Ideally Clang would be clever enough to realise this. Even if N has size MBEDTLS_MPI_MAX_LIMBS, which will cause the grow to fail, the affected lines in montmul won't be reached. Having this sanity check can hardly hurt though. --- library/bignum.c | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index d6f415c6f..4536a3b86 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1542,12 +1542,15 @@ static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) /* * Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) */ -static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm, +static int mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm, const mbedtls_mpi *T ) { size_t i, n, m; mbedtls_mpi_uint u0, u1, *d; + if( T->n < N->n + 1 || T->p == NULL ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + memset( T->p, 0, T->n * ciL ); d = T->p; @@ -1575,12 +1578,14 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi else /* prevent timing attacks */ mpi_sub_hlp( n, A->p, T->p ); + + return( 0 ); } /* * Montgomery reduction: A = A * R^-1 mod N */ -static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint mm, const mbedtls_mpi *T ) +static int mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint mm, const mbedtls_mpi *T ) { mbedtls_mpi_uint z = 1; mbedtls_mpi U; @@ -1588,7 +1593,7 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint U.n = U.s = (int) z; U.p = &z; - mpi_montmul( A, &U, N, mm, T ); + return( mpi_montmul( A, &U, N, mm, T ) ); } /* @@ -1665,13 +1670,13 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi else MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) ); - mpi_montmul( &W[1], &RR, N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( &W[1], &RR, N, mm, &T ) ); /* * X = R^2 * R^-1 mod N = R mod N */ MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &RR ) ); - mpi_montred( X, N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montred( X, N, mm, &T ) ); if( wsize > 1 ) { @@ -1684,7 +1689,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1] ) ); for( i = 0; i < wsize - 1; i++ ) - mpi_montmul( &W[j], &W[j], N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( &W[j], &W[j], N, mm, &T ) ); /* * W[i] = W[i - 1] * W[1] @@ -1694,7 +1699,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) ); - mpi_montmul( &W[i], &W[1], N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( &W[i], &W[1], N, mm, &T ) ); } } @@ -1731,7 +1736,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi /* * out of window, square X */ - mpi_montmul( X, X, N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) ); continue; } @@ -1749,12 +1754,12 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi * X = X^wsize R^-1 mod N */ for( i = 0; i < wsize; i++ ) - mpi_montmul( X, X, N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) ); /* * X = X * W[wbits] R^-1 mod N */ - mpi_montmul( X, &W[wbits], N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( X, &W[wbits], N, mm, &T ) ); state--; nbits = 0; @@ -1767,18 +1772,18 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi */ for( i = 0; i < nbits; i++ ) { - mpi_montmul( X, X, N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) ); wbits <<= 1; if( ( wbits & ( one << wsize ) ) != 0 ) - mpi_montmul( X, &W[1], N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montmul( X, &W[1], N, mm, &T ) ); } /* * X = A^E * R * R^-1 mod N = A^E mod N */ - mpi_montred( X, N, mm, &T ); + MBEDTLS_MPI_CHK( mpi_montred( X, N, mm, &T ) ); if( neg ) { From e73530302698229589971c8af970c8a1b3e13222 Mon Sep 17 00:00:00 2001 From: Nicholas Wilson Date: Wed, 13 Apr 2016 11:48:25 +0100 Subject: [PATCH 22/64] Shut up a few clang-analyze warnings about use of uninitialized variables The functions are all safe, Clang just isn't clever enough to realise it. --- library/pkcs12.c | 2 +- library/rsa.c | 19 +++++++++++++++++-- programs/hash/generic_sum.c | 2 +- 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 7023b9dbc..c603a1357 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -93,7 +93,7 @@ static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_ty unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen ) { - int ret, iterations; + int ret, iterations = 0; mbedtls_asn1_buf salt; size_t i; unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2]; diff --git a/library/rsa.c b/library/rsa.c index 18fc70212..9386a762f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -804,7 +804,12 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int ret; size_t ilen, pad_count = 0, i; unsigned char *p, bad, pad_done = 0; +#ifdef __clang_analyzer__ + /* Shut up Clang, mbedtls_rsa_public/private writes to this */ + unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; +#else unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; +#endif if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1182,13 +1187,18 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int ret; size_t siglen; unsigned char *p; - unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; unsigned char result[MBEDTLS_MD_MAX_SIZE]; unsigned char zeros[8]; unsigned int hlen; size_t slen, msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; +#ifdef __clang_analyzer__ + /* Shut up Clang, mbedtls_rsa_public/private writes to this */ + unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; +#else + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; +#endif if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1327,10 +1337,15 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int ret; size_t len, siglen, asn1_len; unsigned char *p, *end; - unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; mbedtls_md_type_t msg_md_alg; const mbedtls_md_info_t *md_info; mbedtls_asn1_buf oid; +#ifdef __clang_analyzer__ + /* Shut up Clang, mbedtls_rsa_public/private writes to this */ + unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; +#else + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; +#endif if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index f071d311e..7805a79bc 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -83,7 +83,7 @@ static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) int nb_err1, nb_err2; int nb_tot1, nb_tot2; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; - char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1], line[1024]; + char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1] = { }, line[1024]; char diff; if( ( f = fopen( filename, "rb" ) ) == NULL ) From b47fd5e8c9dcf5b6fe24c582d3226b401d6d14f2 Mon Sep 17 00:00:00 2001 From: Nicholas Wilson Date: Wed, 13 Apr 2016 11:50:33 +0100 Subject: [PATCH 23/64] Remove a dead store to silence clang-analyze --- library/ssl_cli.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index cd39db027..509484e36 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -267,7 +267,6 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECP_C) for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); #else for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) { From f0021645b01186f6353e7e1af2571291acc1750a Mon Sep 17 00:00:00 2001 From: Nicholas Wilson Date: Wed, 13 Apr 2016 11:51:05 +0100 Subject: [PATCH 24/64] Refactor slightly to silence a clang-analyze warning Since the buffer is used in a few places, it seems Clang isn't clever enough to realise that the first byte is never touched. So, even though the function has a correct null check for ssl->handshake, Clang complains. Pulling the handshake type out into its own variable is enough for Clang's analysis to kick in though. --- library/ssl_tls.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 19cc35792..9208ec9c8 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2709,7 +2709,7 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) */ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) { - int ret, done = 0; + int ret, done = 0, out_msg_type; size_t len = ssl->out_msglen; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); @@ -2725,7 +2725,9 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) #endif if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST && + out_msg_type = ssl->out_msg[0]; + + if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST && ssl->handshake == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); @@ -2752,7 +2754,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) len += 8; /* Write message_seq and update it, except for HelloRequest */ - if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ) + if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; @@ -2770,7 +2772,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ) + if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) ssl->handshake->update_checksum( ssl, ssl->out_msg, len ); } From 1b666554c9d63336ab5a90c3594064c9202374f7 Mon Sep 17 00:00:00 2001 From: Nicholas Wilson Date: Wed, 13 Apr 2016 11:53:27 +0100 Subject: [PATCH 25/64] Silence a clang-analyze warning The check is already effectively performed later in the function, but implicitly, so Clang's analysis fail to notice the functions are in fact safe. Pulling the check up to the top helps Clang to verify the behaviour. --- library/x509_csr.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/x509_csr.c b/library/x509_csr.c index f8c45f8d2..603d06b64 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -104,7 +104,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, /* * Check for valid input */ - if( csr == NULL || buf == NULL ) + if( csr == NULL || buf == NULL || buflen == 0 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); mbedtls_x509_csr_init( csr ); @@ -274,14 +274,14 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz /* * Check for valid input */ - if( csr == NULL || buf == NULL ) + if( csr == NULL || buf == NULL || buflen == 0 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); #if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_init( &pem ); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buflen == 0 || buf[buflen - 1] != '\0' ) + if( buf[buflen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, From 99cff58958dce75c7d4c24093230ed34de101bf4 Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 01:05:22 +0100 Subject: [PATCH 26/64] Fixes memory leak in memory_buffer_alloc.c debug Debug symbols were being leaked in memory_buffer_alloc.c --- library/memory_buffer_alloc.c | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index b2c775a3d..545d5a2c3 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -417,6 +417,12 @@ static void buffer_alloc_free( void *ptr ) heap.total_used -= hdr->size; #endif +#if defined(MBEDTLS_MEMORY_BACKTRACE) + free( hdr->trace ); + hdr->trace = NULL; + hdr->trace_count = 0; +#endif + // Regroup with block before // if( hdr->prev != NULL && hdr->prev->alloc == 0 ) @@ -432,9 +438,6 @@ static void buffer_alloc_free( void *ptr ) if( hdr->next != NULL ) hdr->next->prev = hdr; -#if defined(MBEDTLS_MEMORY_BACKTRACE) - free( old->trace ); -#endif memset( old, 0, sizeof(memory_header) ); } @@ -474,9 +477,6 @@ static void buffer_alloc_free( void *ptr ) if( hdr->next != NULL ) hdr->next->prev = hdr; -#if defined(MBEDTLS_MEMORY_BACKTRACE) - free( old->trace ); -#endif memset( old, 0, sizeof(memory_header) ); } @@ -491,11 +491,6 @@ static void buffer_alloc_free( void *ptr ) heap.first_free = hdr; } -#if defined(MBEDTLS_MEMORY_BACKTRACE) - hdr->trace = NULL; - hdr->trace_count = 0; -#endif - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) mbedtls_exit( 1 ); } From ab071351657182a8593121337e6e89f5e78cc5a9 Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 15:52:52 +0100 Subject: [PATCH 27/64] Adds line number substitution in test cases Expanded generate_code.pl to substitute !LINE_NO! in test cases. --- tests/scripts/generate_code.pl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl index 93c003b01..9c595917e 100755 --- a/tests/scripts/generate_code.pl +++ b/tests/scripts/generate_code.pl @@ -95,6 +95,8 @@ for my $line (@test_cases_lines) { $line = $line."#line $index \"$test_case_file\"\n"; } + $line =~ s/!LINE_NO!/$index/; + $test_cases = $test_cases.$line; $index++; } From 525b792823a1b84c5179975d8bfe6175d5005b1d Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 21:31:51 +0100 Subject: [PATCH 28/64] Fixes off by 1 error reported in line number errors --- tests/scripts/generate_code.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl index 9c595917e..e940b5a1a 100755 --- a/tests/scripts/generate_code.pl +++ b/tests/scripts/generate_code.pl @@ -77,7 +77,7 @@ close(TEST_HELPERS); open(TEST_MAIN, "$test_main_file") or die "Opening test main '$test_main_file': $!"; my @test_main_lines = split/^/, ; my $test_main; -my $index = 1; +my $index = 2; for my $line (@test_main_lines) { $line =~ s/!LINE_NO!/$index/; $test_main = $test_main.$line; @@ -88,7 +88,7 @@ close(TEST_MAIN); open(TEST_CASES, "$test_case_file") or die "Opening test cases '$test_case_file': $!"; my @test_cases_lines = split/^/, ; my $test_cases; -my $index = 1; +my $index = 2; for my $line (@test_cases_lines) { if ($line =~ /^\/\* BEGIN_CASE .*\*\//) { From 20273ddc4c4b0ea0502be83d0b896d442d469562 Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 21:32:44 +0100 Subject: [PATCH 29/64] Adds reporting of file/line no. in failed tests Tests in tests/suites will now report the file and line number of failed test assertions. --- tests/suites/helpers.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 8521b878c..aa8a0456c 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -59,7 +59,7 @@ typedef UINT32 uint32_t; do { \ if( ! (TEST) ) \ { \ - test_fail( #TEST ); \ + test_fail( #TEST, __LINE__, __FILE__ ); \ goto exit; \ } \ } while( 0 ) @@ -350,11 +350,11 @@ static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } -static void test_fail( const char *test ) +static void test_fail( const char *test, int line_no, char* filename ) { test_errors++; if( test_errors == 1 ) mbedtls_printf( "FAILED\n" ); - mbedtls_printf( " %s\n", test ); + mbedtls_printf( " %s\n at line %d, %s\n", test, line_no, filename ); } From 4a3b023172191b9fbf2d80e32a94ac1e41e680b7 Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 21:58:19 +0100 Subject: [PATCH 30/64] Adds line numbering in errors for test helpers Adds to the 'generate_code.pl' tool, support to insert line numbers before test suite helper code. --- tests/scripts/generate_code.pl | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl index e940b5a1a..49af2db7f 100755 --- a/tests/scripts/generate_code.pl +++ b/tests/scripts/generate_code.pl @@ -90,6 +90,11 @@ my @test_cases_lines = split/^/, ; my $test_cases; my $index = 2; for my $line (@test_cases_lines) { + if ($line =~ /^\/\* BEGIN_SUITE_HELPERS .*\*\//) + { + $line = $line."#line $index \"$test_case_file\"\n"; + } + if ($line =~ /^\/\* BEGIN_CASE .*\*\//) { $line = $line."#line $index \"$test_case_file\"\n"; From 295dfa24e71dc7e2ad22e0deeb2a60fa0382b95f Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 22:15:42 +0100 Subject: [PATCH 31/64] Clarifies documentation on reported memory statistics --- include/mbedtls/memory_buffer_alloc.h | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 661bc08dc..d5df316fd 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -98,8 +98,10 @@ void mbedtls_memory_buffer_alloc_status( void ); /** * \brief Get the peak heap usage so far * - * \param max_used Peak number of bytes reauested by the application - * \param max_blocks Peak number of blocks reauested by the application + * \param max_used Peak number of bytes in use or committed. This + * includes bytes in allocated blocks too small to split + * into smaller blocks but larger than the requested size. + * \param max_blocks Peak number of blocks in use, including free and used */ void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); @@ -111,8 +113,10 @@ void mbedtls_memory_buffer_alloc_max_reset( void ); /** * \brief Get the current heap usage * - * \param cur_used Number of bytes reauested by the application - * \param cur_blocks Number of blocks reauested by the application + * \param cur_used Current number of bytes in use or committed. This + * includes bytes in allocated blocks too small to split + * into smaller blocks but larger than the requested size. + * \param cur_blocks Current number of blocks in use, including free and used */ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); #endif /* MBEDTLS_MEMORY_DEBUG */ From 214f5c0af2bc34c80b227116a8027169f164ce9d Mon Sep 17 00:00:00 2001 From: SimonB Date: Mon, 2 May 2016 23:25:02 +0100 Subject: [PATCH 32/64] Additional tests to test stack buffer allocator Adds additional tests to the test suite for memory_buffer_alloc.c --- .../test_suite_memory_buffer_alloc.data | 16 ++ .../test_suite_memory_buffer_alloc.function | 218 ++++++++++++++++++ 2 files changed, 234 insertions(+) diff --git a/tests/suites/test_suite_memory_buffer_alloc.data b/tests/suites/test_suite_memory_buffer_alloc.data index a0b046010..8d3813a7b 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.data +++ b/tests/suites/test_suite_memory_buffer_alloc.data @@ -1,2 +1,18 @@ Memory buffer alloc self test mbedtls_memory_buffer_alloc_self_test: + +Memory buffer alloc - free in middle, alloc at end +memory_buffer_alloc_free_alloc:100:100:100:0:0:1:0:0:200:0 + +Memory buffer alloc - free in middle, realloc +memory_buffer_alloc_free_alloc:100:100:100:0:0:1:0:0:100:0 + +Memory buffer alloc - free in middle, merge, realloc +memory_buffer_alloc_free_alloc:100:100:100:100:0:1:1:0:201:0 + +Memory buffer alloc - free at end, merge, realloc +memory_buffer_alloc_free_alloc:100:64:100:100:0:0:0:1:200:0 + +Memory buffer alloc - Out of Memory test +memory_buffer_alloc_oom_test: + diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function index 59b06431b..a36dbc3d1 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.function +++ b/tests/suites/test_suite_memory_buffer_alloc.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/memory_buffer_alloc.h" #define TEST_SUITE_MEMORY_BUFFER_ALLOC + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -8,9 +9,226 @@ * END_DEPENDENCIES */ +/* BEGIN_SUITE_HELPERS */ +static int check_pointer( void *p ) +{ + if( p == NULL ) + return( -1 ); + + if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) + return( -1 ); + + return( 0 ); +} +/* END_SUITE_HELPERS */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void mbedtls_memory_buffer_alloc_self_test( ) { TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 0 ) == 0 ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ +void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, + int d_bytes, + int free_a, int free_b, int free_c, + int free_d, + int e_bytes, int f_bytes ) +{ + unsigned char buf[1024]; + unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL, + *ptr_e = NULL, *ptr_f = NULL; + + size_t reported_blocks; + size_t allocated_bytes = 0, reported_bytes; + + mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + + mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS ); + + if( a_bytes > 0 ) + { + ptr_a = mbedtls_calloc( a_bytes, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_a ) == 0 ); + + allocated_bytes += a_bytes * sizeof(char); + } + + if( b_bytes > 0 ) + { + ptr_b = mbedtls_calloc( b_bytes, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_b ) == 0 ); + + allocated_bytes += b_bytes * sizeof(char); + } + + if( c_bytes > 0 ) + { + ptr_c = mbedtls_calloc( c_bytes, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_c ) == 0 ); + + allocated_bytes += c_bytes * sizeof(char); + } + + if( d_bytes > 0 ) + { + ptr_d = mbedtls_calloc( d_bytes, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_d ) == 0 ); + + allocated_bytes += d_bytes * sizeof(char); + } + + mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); + TEST_ASSERT( reported_bytes == allocated_bytes ); + + if( free_a ) + { + mbedtls_free( ptr_a ); + ptr_a = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + + allocated_bytes -= a_bytes * sizeof(char); + } + + if( free_b ) + { + mbedtls_free( ptr_b ); + ptr_b = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + + allocated_bytes -= b_bytes * sizeof(char); + } + + if( free_c ) + { + mbedtls_free( ptr_c ); + ptr_c = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + + allocated_bytes -= c_bytes * sizeof(char); + } + + if( free_d ) + { + mbedtls_free( ptr_d ); + ptr_d = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + + allocated_bytes -= d_bytes * sizeof(char); + } + + mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); + TEST_ASSERT( reported_bytes == allocated_bytes ); + + if( e_bytes > 0 ) + { + ptr_e = mbedtls_calloc( e_bytes, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_e ) == 0 ); + } + + if( f_bytes > 0 ) + { + ptr_f = mbedtls_calloc( f_bytes, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_f ) == 0 ); + } + + /* Once blocks are reallocated, the block allocated to the memory request + * may be bigger than the request itself, which is indicated by the reported + * bytes, and makes it hard to know what the reported size will be, so + * we don't check the size after blocks have been reallocated. */ + + if( ptr_a != NULL ) + { + mbedtls_free( ptr_a ); + ptr_a = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + } + + if( ptr_b != NULL ) + { + mbedtls_free( ptr_b ); + ptr_b = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + } + + if( ptr_c != NULL ) + { + mbedtls_free( ptr_c ); + ptr_c = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + } + + if( ptr_d != NULL ) + { + mbedtls_free( ptr_d ); + ptr_d = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + } + + if( ptr_e != NULL ) + { + mbedtls_free( ptr_e ); + ptr_e = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + } + + if( ptr_f != NULL ) + { + mbedtls_free( ptr_f ); + ptr_f = NULL; + } + + mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); + TEST_ASSERT( reported_bytes == 0 ); + + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + +exit: + mbedtls_memory_buffer_alloc_free( ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_MEMORY_DEBUG */ +void memory_buffer_alloc_oom_test() +{ + unsigned char buf[1024]; + unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL; + size_t reported_blocks, reported_bytes; + + (void)ptr_c; + + mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + + mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS ); + + ptr_a = mbedtls_calloc( 432, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_a ) == 0 ); + + ptr_b = mbedtls_calloc( 432, sizeof(char) ); + TEST_ASSERT( check_pointer( ptr_b ) == 0 ); + + ptr_c = mbedtls_calloc( 431, sizeof(char) ); + TEST_ASSERT( ptr_c == NULL ); + + mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); + TEST_ASSERT( reported_bytes == 864 ); + + mbedtls_free( ptr_a ); + ptr_a = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + + mbedtls_free( ptr_b ); + ptr_b = NULL; + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + + mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); + TEST_ASSERT( reported_bytes == 0 ); + + TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + +exit: + mbedtls_memory_buffer_alloc_free( ); +} +/* END_CASE */ + From 4ec1e8193ef6be447e690ad32e2e455a2b3732f5 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 6 May 2016 00:22:18 +0100 Subject: [PATCH 33/64] Widens test parameters in memory alloc tests --- tests/suites/helpers.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index aa8a0456c..edf1d12b3 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -350,7 +350,7 @@ static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } -static void test_fail( const char *test, int line_no, char* filename ) +static void test_fail( const char *test, int line_no, const char* filename ) { test_errors++; if( test_errors == 1 ) From 37068a79fe27eb277a8e675b3e05af76cc64d56a Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 9 May 2016 14:36:33 +0100 Subject: [PATCH 34/64] Add check to prevent enabling of RSA without selecting PKCS version(s) --- include/mbedtls/check_config.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b6448ecef..8c0c68986 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -362,6 +362,11 @@ #error "MBEDTLS_RSA_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) || \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" +#endif + #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) ) #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" From 4fde40f656a000486c2898e8a0842ea7a92e875f Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 9 May 2016 15:13:04 +0100 Subject: [PATCH 35/64] Fix logic to allow at least one PKCS version enabled --- include/mbedtls/check_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 8c0c68986..d31555df7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -362,7 +362,7 @@ #error "MBEDTLS_RSA_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) || \ +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \ !defined(MBEDTLS_PKCS1_V15) ) #error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" #endif From b7584a5e37832b137d8c2a4f93f28e75aad5f140 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 10:50:43 +0100 Subject: [PATCH 36/64] Add ability to only run select numbered tests in ssl-opt.sh In order to reduce debugging time, allows you to only run interesting tests (by number) from the commandline. e.g. the command 'tests/ssl-opt.sh -n 246,258' will only run test 246 and 258 (as per the number in the log file names) --- tests/ssl-opt.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 1a91f7a6e..d2cccdb4a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -33,12 +33,15 @@ MEMCHECK=0 FILTER='.*' EXCLUDE='^$' +RUN_TEST_NUMBER='' + print_usage() { echo "Usage: $0 [options]" printf " -h|--help\tPrint this help.\n" printf " -m|--memcheck\tCheck memory leaks and errors.\n" printf " -f|--filter\tOnly matching tests are executed (default: '$FILTER')\n" printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" + printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" } get_options() { @@ -53,6 +56,9 @@ get_options() { -m|--memcheck) MEMCHECK=1 ;; + -n|--number) + shift; RUN_TEST_NUMBER=$1 + ;; -h|--help) print_usage exit 0 @@ -293,6 +299,13 @@ run_test() { print_name "$NAME" + # Do we only run numbered tests? + if [ "X$RUN_TEST_NUMBER" = "X" ]; then : + elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then : + else + SKIP_NEXT="YES" + fi + # should we skip? if [ "X$SKIP_NEXT" = "XYES" ]; then SKIP_NEXT="NO" From e20310a9fcb2478d5d06ff349e835b9db4905932 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 11:18:17 +0100 Subject: [PATCH 37/64] Add option to print test numbers in ssl-opt.sh output Allows for easy selection of tests based on numbers for use with the '-n' option --- tests/ssl-opt.sh | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index d2cccdb4a..f62466fa8 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -33,6 +33,7 @@ MEMCHECK=0 FILTER='.*' EXCLUDE='^$' +SHOW_TEST_NUMBER=0 RUN_TEST_NUMBER='' print_usage() { @@ -42,6 +43,7 @@ print_usage() { printf " -f|--filter\tOnly matching tests are executed (default: '$FILTER')\n" printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" + printf " -s|--show-numbers\tShow test numbers in front of test names\n" } get_options() { @@ -59,6 +61,9 @@ get_options() { -n|--number) shift; RUN_TEST_NUMBER=$1 ;; + -s|--show-numbers) + SHOW_TEST_NUMBER=1 + ;; -h|--help) print_usage exit 0 @@ -143,12 +148,19 @@ needs_more_time() { # print_name print_name() { - printf "$1 " - LEN=$(( 72 - `echo "$1" | wc -c` )) + TESTS=$(( $TESTS + 1 )) + LINE="" + + if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then + LINE="$TESTS " + fi + + LINE="$LINE$1" + printf "$LINE " + LEN=$(( 72 - `echo "$LINE" | wc -c` )) for i in `seq 1 $LEN`; do printf '.'; done printf ' ' - TESTS=$(( $TESTS + 1 )) } # fail From acaac8510e1cdb07e8c8c6a10d3f4485678e363e Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 11:47:13 +0100 Subject: [PATCH 38/64] Add option to preserve all logs in ssl-opt.sh Useful to also allow saving of correct logs in order to compare differences with failed logs --- tests/ssl-opt.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f62466fa8..0d5222673 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -36,6 +36,8 @@ EXCLUDE='^$' SHOW_TEST_NUMBER=0 RUN_TEST_NUMBER='' +PRESERVE_LOGS=0 + print_usage() { echo "Usage: $0 [options]" printf " -h|--help\tPrint this help.\n" @@ -44,6 +46,7 @@ print_usage() { printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" printf " -s|--show-numbers\tShow test numbers in front of test names\n" + printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" } get_options() { @@ -64,6 +67,9 @@ get_options() { -s|--show-numbers) SHOW_TEST_NUMBER=1 ;; + -p|--preserve-logs) + PRESERVE_LOGS=1 + ;; -h|--help) print_usage exit 0 @@ -485,6 +491,11 @@ run_test() { # if we're here, everything is ok echo "PASS" + if [ "$PRESERVE_LOGS" -gt 0 ]; then + mv $SRV_OUT o-srv-${TESTS}.log + mv $CLI_OUT o-cli-${TESTS}.log + fi + rm -f $SRV_OUT $CLI_OUT $PXY_OUT } From 80119c5d28f09210913dc192d09ecc2d498f8837 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 10 May 2016 19:39:36 +0100 Subject: [PATCH 39/64] Fixes minor typos in comments in pk.h and ctr_drbg.c Fixes typos in PRs #475 and #437 --- include/mbedtls/pk.h | 7 ++++--- library/ctr_drbg.c | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 458bb512a..f9f9b9bb0 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -496,11 +496,12 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, * \brief Load and parse a public key * * \param ctx key to be initialized - * \param path filename to read the private key from + * \param path filename to read the public key from * * \note On entry, ctx must be empty, either freshly initialised - * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a - * specific key type, check the result with mbedtls_pk_can_do(). + * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If + * you need a specific key type, check the result with + * mbedtls_pk_can_do(). * * \note The key is also checked for correctness. * diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index aefddfa1d..6962d68b9 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -67,7 +67,7 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) } /* - * Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST + * Non-public function wrapped by mbedtls_ctr_drbg_init(). Necessary to allow NIST * tests to succeed (which require known length fixed entropy) */ int mbedtls_ctr_drbg_seed_entropy_len( From a557cfb9ad5f26a47e5018f3553551988741c146 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 10 May 2016 20:57:03 +0100 Subject: [PATCH 40/64] Widens test bounds on memory alloc tests --- tests/suites/test_suite_memory_buffer_alloc.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function index a36dbc3d1..04dd68bec 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.function +++ b/tests/suites/test_suite_memory_buffer_alloc.function @@ -212,7 +212,7 @@ void memory_buffer_alloc_oom_test() TEST_ASSERT( ptr_c == NULL ); mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == 864 ); + TEST_ASSERT( reported_bytes >= 864 && reported_bytes <= sizeof(buf) ); mbedtls_free( ptr_a ); ptr_a = NULL; From ae791249058dd7c27850bd05a8c53188ef998141 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 10 May 2016 21:16:54 +0100 Subject: [PATCH 41/64] Disables backtrace config from basic-build-test.sh The configuration MBEDTLS_MEMORY_BACKTRACE is intended for debug and is not necessary for test coverage. Because it causes timing problems in some tests the configuration has been removed as it's not present in equivalent tests in the all.sh test script. --- tests/scripts/basic-build-test.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index d13a8e4ed..d961230ed 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -39,6 +39,7 @@ fi export CFLAGS=' --coverage -g3 -O0 ' make clean scripts/config.pl full +scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE make From da01266599f541de840be52f313fd1abd7a96851 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Tue, 10 May 2016 23:47:30 +0100 Subject: [PATCH 42/64] Corrects incorrectly named function in ctr_drbg.c comment --- library/ctr_drbg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 6962d68b9..386f8adb0 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -67,8 +67,8 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) } /* - * Non-public function wrapped by mbedtls_ctr_drbg_init(). Necessary to allow NIST - * tests to succeed (which require known length fixed entropy) + * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow + * NIST tests to succeed (which require known length fixed entropy) */ int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *ctx, From c0715cb39f62a02c94deda09b6d9d024a2b96a56 Mon Sep 17 00:00:00 2001 From: Embedthis Software Date: Thu, 10 Sep 2015 11:45:13 -0700 Subject: [PATCH 43/64] Fix single threaded builds --- include/mbedtls/threading.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index c39cbf24d..b416d478a 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -81,6 +81,7 @@ void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * void mbedtls_threading_free_alt( void ); #endif /* MBEDTLS_THREADING_ALT */ +#if defined(MBEDTLS_THREADING_C) /* * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock * @@ -96,6 +97,7 @@ extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); */ extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex; extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex; +#endif #ifdef __cplusplus } From cfe392bdd477e9f767f950d74245192af66357cc Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 10 May 2016 16:17:27 +0100 Subject: [PATCH 44/64] Add end guard comment --- include/mbedtls/threading.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index b416d478a..b0c34ecc7 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -97,7 +97,7 @@ extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); */ extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex; extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex; -#endif +#endif /* MBEDTLS_THREADING_C */ #ifdef __cplusplus } From cc4eabd22a62d7b9cfdc75f13afec5f39dedcab4 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Wed, 11 May 2016 23:15:58 +0100 Subject: [PATCH 45/64] Reverts change in commit daf534d Commit daf534d from PR #457 breaks the build. This may reintroduce a clang-analyse warning, but this is the wrong fix for that. The fix removed a call to mbedtls_ecp_curve_info_from_grp_id() to find the curve info. This fix adds that back in. --- library/ssl_cli.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 509484e36..cd39db027 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -267,6 +267,7 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECP_C) for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); #else for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) { From 440ce420bd626dedd8932967c42e6ffdda213140 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 May 2016 12:46:02 +0100 Subject: [PATCH 46/64] Put clang analyzer fix inside __clang_analyzer__ guard --- programs/hash/generic_sum.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 7805a79bc..d1e81d491 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -83,8 +83,13 @@ static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) int nb_err1, nb_err2; int nb_tot1, nb_tot2; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; - char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1] = { }, line[1024]; + char line[1024]; char diff; +#if defined(__clang_analyzer__) + char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1] = { }; +#else + char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1]; +#endif if( ( f = fopen( filename, "rb" ) ) == NULL ) { From 38d188896c6ab6b1a38e934ea73212ac5707a633 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 May 2016 12:46:28 +0100 Subject: [PATCH 47/64] Cleanup ifdef statements --- library/rsa.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 9386a762f..a6cc19b2f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -804,7 +804,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int ret; size_t ilen, pad_count = 0, i; unsigned char *p, bad, pad_done = 0; -#ifdef __clang_analyzer__ +#if defined(__clang_analyzer__) /* Shut up Clang, mbedtls_rsa_public/private writes to this */ unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; #else @@ -1193,7 +1193,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, size_t slen, msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; -#ifdef __clang_analyzer__ +#if defined(__clang_analyzer__) /* Shut up Clang, mbedtls_rsa_public/private writes to this */ unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; #else @@ -1340,7 +1340,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, mbedtls_md_type_t msg_md_alg; const mbedtls_md_info_t *md_info; mbedtls_asn1_buf oid; -#ifdef __clang_analyzer__ +#if defined(__clang_analyzer__) /* Shut up Clang, mbedtls_rsa_public/private writes to this */ unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; #else From a30a72f80f7c3b3db12c2a007eb74b87e27f610f Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 May 2016 15:52:48 +0100 Subject: [PATCH 48/64] Fix verbose test framework mote to use unmet_dep_count for index --- tests/suites/main_test.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index c5d6cd86b..edc9944b6 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -357,8 +357,8 @@ int main(int argc, const char *argv[]) { if( dep_check( params[i] ) != DEPENDENCY_SUPPORTED ) { - unmet_dependencies[ i-1 ] = strdup(params[i]); - if( unmet_dependencies[ i-1 ] == NULL ) + unmet_dependencies[ unmet_dep_count ] = strdup(params[i]); + if( unmet_dependencies[ unmet_dep_count ] == NULL ) { mbedtls_printf("FATAL: Out of memory\n"); mbedtls_exit( MBEDTLS_EXIT_FAILURE ); From 26b60bf7d1f0f5ed9723e074618390214d84456e Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 May 2016 15:55:37 +0100 Subject: [PATCH 49/64] Fox verbose test framework not to duplicate strings if not verbose --- tests/suites/main_test.function | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index edc9944b6..e8577d22a 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -357,6 +357,13 @@ int main(int argc, const char *argv[]) { if( dep_check( params[i] ) != DEPENDENCY_SUPPORTED ) { + if( 0 == option_verbose ) + { + /* Only one count is needed if not verbose */ + unmet_dep_count++; + break; + } + unmet_dependencies[ unmet_dep_count ] = strdup(params[i]); if( unmet_dependencies[ unmet_dep_count ] == NULL ) { From 774180e14e71b57eebe15dd53fbde43e6dd5c8fb Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 May 2016 15:59:48 +0100 Subject: [PATCH 50/64] Fix memory-leak in verbose test framework in case of unexpected input --- tests/suites/main_test.function | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index e8577d22a..f18248578 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -321,6 +321,9 @@ int main(int argc, const char *argv[]) testfile_index < testfile_count; testfile_index++ ) { + int unmet_dep_count = 0; + char *unmet_dependencies[20]; + test_filename = test_files[ testfile_index ]; file = fopen( test_filename, "r" ); @@ -333,8 +336,12 @@ int main(int argc, const char *argv[]) while( !feof( file ) ) { - int unmet_dep_count = 0; - char *unmet_dependencies[20]; + if( unmet_dep_count > 0 ) + { + mbedtls_printf("FATAL: Dep count larger than zero at start of loop\n"); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + } + unmet_dep_count = 0; if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) break; @@ -399,16 +406,17 @@ int main(int argc, const char *argv[]) if( 1 == option_verbose && unmet_dep_count > 0 ) { mbedtls_fprintf( stdout, " Unmet dependencies: " ); - while( unmet_dep_count > 0) + for( i = 0; i < unmet_dep_count; i++ ) { mbedtls_fprintf(stdout, "%s ", - unmet_dependencies[unmet_dep_count - 1]); - free(unmet_dependencies[unmet_dep_count - 1]); - unmet_dep_count--; + unmet_dependencies[i]); + free(unmet_dependencies[i]); } mbedtls_fprintf( stdout, "\n" ); } fflush( stdout ); + + unmet_dep_count = 0; } else if( ret == DISPATCH_TEST_SUCCESS && test_errors == 0 ) { @@ -434,6 +442,10 @@ int main(int argc, const char *argv[]) } } fclose(file); + + /* In case we encounter early end of file */ + for( i = 0; i < unmet_dep_count; i++ ) + free( unmet_dependencies[i] ); } mbedtls_fprintf( stdout, "\n----------------------------------------------------------------------------\n\n"); From 456fea00001c175b1143bea896c4a5bfc63e2e4e Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 May 2016 16:38:27 +0100 Subject: [PATCH 51/64] Amended ChangeLog --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index d9fce9234..c7bafeb9b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,7 @@ Bugfix * Fix issue that caused a crash if invalid curves were passed to mbedtls_ssl_conf_curves. #373 * Fix issue in ssl_fork_server which was preventing it from functioning. #429 + * Fix memory leaks in test framework Changes * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5, From 1f65092d28ef7a9d52f3eaa4316ffeffbd79d806 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Fri, 13 May 2016 10:16:46 +0100 Subject: [PATCH 52/64] Add fix to ignore valgrind messages related to compressed debug symbols The glibc package recently enabled compressed debug symbols but valgrind doesn't support them yet. Results in messages like: --14923-- WARNING: Serious error when reading debug info --14923-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.21.so: --14923-- Ignoring non-Dwarf2/3/4 block in .debug_info First line has 'error' in it which triggers some of the ssl-opt tests --- tests/ssl-opt.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0d5222673..78ca1cac7 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -439,32 +439,33 @@ run_test() { # check other assertions # lines beginning with == are added by valgrind, ignore them + # lines with 'Serious error when reading debug info', are valgrind issues as well while [ $# -gt 0 ] do case $1 in "-s") - if grep -v '^==' $SRV_OUT | grep "$2" >/dev/null; then :; else + if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else fail "-s $2" return fi ;; "-c") - if grep -v '^==' $CLI_OUT | grep "$2" >/dev/null; then :; else + if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else fail "-c $2" return fi ;; "-S") - if grep -v '^==' $SRV_OUT | grep "$2" >/dev/null; then + if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then fail "-S $2" return fi ;; "-C") - if grep -v '^==' $CLI_OUT | grep "$2" >/dev/null; then + if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then fail "-C $2" return fi From 362689d5a7bc4eedc459988064d48d267bccb01c Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Fri, 13 May 2016 10:33:25 +0100 Subject: [PATCH 53/64] Split test into valgrind and no-valgrind version Running valgrind on: "DTLS client reconnect from same port: reconnect, nbio" results in timeouts. New version added that runs only under valgrind. Original only runs when valgrind is not used --- tests/ssl-opt.sh | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 78ca1cac7..de5072441 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -147,6 +147,13 @@ not_with_valgrind() { fi } +# skip the next test if valgrind is NOT in use +only_with_valgrind() { + if [ "$MEMCHECK" -eq 0 ]; then + SKIP_NEXT="YES" + fi +} + # multiply the client timeout delay by the given factor for the next test needs_more_time() { CLI_DELAY_FACTOR=$1 @@ -3095,13 +3102,22 @@ run_test "DTLS client reconnect from same port: reconnect" \ -S "The operation timed out" \ -s "Client initiated reconnection from same port" -run_test "DTLS client reconnect from same port: reconnect, nbio" \ +not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts) +run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \ "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \ "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ 0 \ -S "The operation timed out" \ -s "Client initiated reconnection from same port" +only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout +run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \ + 0 \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + run_test "DTLS client reconnect from same port: no cookies" \ "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \ "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \ From dc08545395d904af86c94fae68443840592426ff Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Fri, 13 May 2016 10:50:41 +0100 Subject: [PATCH 54/64] Update ChangeLog to reflect --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index c7bafeb9b..2d4600562 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,6 +27,7 @@ Bugfix mbedtls_ssl_conf_curves. #373 * Fix issue in ssl_fork_server which was preventing it from functioning. #429 * Fix memory leaks in test framework + * Fix test in ssl-opt.sh that does not run properly with valgrind Changes * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5, From 930a3701e7266afff26be9629951de7373e88350 Mon Sep 17 00:00:00 2001 From: Brian Murray Date: Wed, 18 May 2016 14:38:02 -0700 Subject: [PATCH 55/64] fix indentation in output of selftest.c --- library/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/rsa.c b/library/rsa.c index a6cc19b2f..79f86c306 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1688,7 +1688,7 @@ int mbedtls_rsa_self_test( int verbose ) #if defined(MBEDTLS_SHA1_C) if( verbose != 0 ) - mbedtls_printf( "PKCS#1 data sign : " ); + mbedtls_printf( " PKCS#1 data sign : " ); mbedtls_sha1( rsa_plaintext, PT_LEN, sha1sum ); From 97e829038aab73ed374a36cb433e23049b96db9e Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 00:22:37 +0100 Subject: [PATCH 56/64] Fixes whitespace errors in x509_crl.c --- library/x509_crl.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/x509_crl.c b/library/x509_crl.c index 125a77399..7b2b4733b 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -502,14 +502,15 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s { mbedtls_pem_init( &pem ); - /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buflen == 0 || buf[buflen - 1] != '\0' ) - ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN X509 CRL-----", - "-----END X509 CRL-----", - buf, NULL, 0, &use_len ); + // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated + // string + if( buflen == 0 || buf[buflen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN X509 CRL-----", + "-----END X509 CRL-----", + buf, NULL, 0, &use_len ); if( ret == 0 ) { From a410af537a9b02991b951e312e9695dd69bfaded Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 22:12:18 +0100 Subject: [PATCH 57/64] Fixes RC4 config dependencies in tests in ssl-opt.h Adds dependencies on MBEDTLS_REMOVE_ARC4_CIPHERSUITES for tests that require RC4 to be disabled (the default config). --- tests/ssl-opt.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index de5072441..50d457c4c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -611,12 +611,14 @@ run_test "Default, DTLS" \ # Tests for rc4 option +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server disabled, client enabled" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ 1 \ -s "SSL - The server has no ciphersuites in common" +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server half, client enabled" \ "$P_SRV arc4=1" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ From cbb9075c54dd1940dd499d814a55bf45729b7903 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 22:15:34 +0100 Subject: [PATCH 58/64] Adds parallel builds to basic-build-test.sh To speed up test time, added parallel builds --- tests/scripts/basic-build-test.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index d961230ed..010c0c67f 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -2,6 +2,8 @@ # basic-build-tests.sh # +# This file is part of mbed TLS (https://tls.mbed.org) +# # Copyright (c) 2016, ARM Limited, All Rights Reserved # # Purpose @@ -40,7 +42,7 @@ export CFLAGS=' --coverage -g3 -O0 ' make clean scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE -make +make -j # Step 2 - Execute the tests From 58eddef8b2a3140b6a224ef2332fdc114cbe1ef8 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Thu, 19 May 2016 23:43:11 +0100 Subject: [PATCH 59/64] Updates copyright and attribution in comment header in ssl-opt.sh --- tests/ssl-opt.sh | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 50d457c4c..0edb783f8 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1,12 +1,23 @@ #!/bin/sh -# Test various options that are not covered by compat.sh +# ssl-opt.sh # -# Here the goal is not to cover every ciphersuite/version, but -# rather specific options (max fragment length, truncated hmac, etc) -# or procedures (session resumption from cache or ticket, renego, etc). +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# Executes tests to prove various TLS/SSL options and extensions. +# +# The goal is not to cover every ciphersuite/version, but instead to cover +# specific options (max fragment length, truncated hmac, etc) or procedures +# (session resumption from cache or ticket, renego, etc). +# +# The tests assume a build with default options, with exceptions expressed +# with a dependency. The tests focus on functionality and do not consider +# performance. # -# Assumes a build with default options. set -u From 88ffc089bc43d0219225276abaf2d963ba915568 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 20 May 2016 00:00:37 +0100 Subject: [PATCH 60/64] Adds casts to zeroize functions to allow building as C++ --- library/aes.c | 2 +- library/arc4.c | 2 +- library/asn1parse.c | 2 +- library/blowfish.c | 2 +- library/camellia.c | 2 +- library/ccm.c | 2 +- library/cipher.c | 2 +- library/des.c | 2 +- library/sha1.c | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/aes.c b/library/aes.c index ec9313de3..36660306e 100644 --- a/library/aes.c +++ b/library/aes.c @@ -56,7 +56,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/arc4.c b/library/arc4.c index ff0e993e7..05b33d3fd 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -49,7 +49,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) diff --git a/library/asn1parse.c b/library/asn1parse.c index b37523def..e59d2509f 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -45,7 +45,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/blowfish.c b/library/blowfish.c index 89be4d122..9003f0dfe 100644 --- a/library/blowfish.c +++ b/library/blowfish.c @@ -41,7 +41,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/camellia.c b/library/camellia.c index e015ca24b..d50513fd0 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -50,7 +50,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/ccm.c b/library/ccm.c index 3463a0b32..13a8fd1a2 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -51,7 +51,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } #define CCM_ENCRYPT 0 diff --git a/library/cipher.c b/library/cipher.c index ccc068503..0dc51520f 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -51,7 +51,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } static int supported_init = 0; diff --git a/library/des.c b/library/des.c index 61f214af3..09f95cfc3 100644 --- a/library/des.c +++ b/library/des.c @@ -50,7 +50,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* diff --git a/library/sha1.c b/library/sha1.c index 8c77cbaa8..2ccf2a2f5 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -49,7 +49,7 @@ /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } /* From 29176897a179c593caad22ba259ab3009dd7cd19 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 20 May 2016 00:19:09 +0100 Subject: [PATCH 61/64] Adds additional casts to calloc calls Casts added to allow compilation of the library as C++ --- library/asn1parse.c | 3 ++- library/asn1write.c | 4 +++- library/bignum.c | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index e59d2509f..ffa2f5299 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -269,7 +269,8 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, /* Allocate and assign next pointer */ if( *p < end ) { - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + cur->next = (mbedtls_asn1_sequence*)mbedtls_calloc( 1, + sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); diff --git a/library/asn1write.c b/library/asn1write.c index 00ed73c11..027c858e7 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -312,7 +312,9 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data { // Add new entry if not present yet based on OID // - if( ( cur = mbedtls_calloc( 1, sizeof(mbedtls_asn1_named_data) ) ) == NULL ) + cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1, + sizeof(mbedtls_asn1_named_data) ); + if( cur == NULL ) return( NULL ); cur->oid.len = oid_len; diff --git a/library/bignum.c b/library/bignum.c index 4536a3b86..4c99e04d6 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -120,7 +120,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) if( X->n < nblimbs ) { - if( ( p = mbedtls_calloc( nblimbs, ciL ) ) == NULL ) + if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( nblimbs, ciL ) ) == NULL ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->p != NULL ) @@ -158,7 +158,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) if( i < nblimbs ) i = nblimbs; - if( ( p = mbedtls_calloc( i, ciL ) ) == NULL ) + if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( i, ciL ) ) == NULL ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->p != NULL ) From 3c0d7b8bdcf66a2bfe4121dc16f3e8dd34916af9 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 23 May 2016 11:13:17 +0100 Subject: [PATCH 62/64] Adds check for valgrind to ssl-opt.sh (#488) Provides graceful exit rather than fail silently if valgrind isn't installed. --- tests/ssl-opt.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0edb783f8..863524200 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -551,6 +551,12 @@ if [ ! -x "$P_PXY" ]; then echo "Command '$P_PXY' is not an executable file" exit 1 fi +if [ "$MEMCHECK" -gt 0 ]; then + if which valgrind >/dev/null 2>&1; then :; else + echo "Memcheck not possible. Valgrind not found" + exit 1 + fi +fi if which $OPENSSL_CMD >/dev/null 2>&1; then :; else echo "Command '$OPENSSL_CMD' not found" exit 1 From 584a547873b596e90674d29b1b54bf50288474bc Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 23 May 2016 16:24:52 +0100 Subject: [PATCH 63/64] Fix whitespace and formatting in ssl_srv.c --- library/ssl_srv.c | 257 +++++++++++++++++++++++----------------------- 1 file changed, 127 insertions(+), 130 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 5a51cbbd2..727104529 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1512,195 +1512,192 @@ read_record_header: if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) { #endif - - /* - * Check the extension length - */ - ext_offset = comp_offset + 1 + comp_len; - if( msg_len > ext_offset ) - { - if( msg_len < ext_offset + 2 ) + /* + * Check the extension length + */ + ext_offset = comp_offset + 1 + comp_len; + if( msg_len > ext_offset ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if( msg_len < ext_offset + 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ext_len = ( buf[ext_offset + 0] << 8 ) + | ( buf[ext_offset + 1] ); + + if( ( ext_len > 0 && ext_len < 4 ) || + msg_len != ext_offset + 2 + ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } } + else + ext_len = 0; - ext_len = ( buf[ext_offset + 0] << 8 ) - | ( buf[ext_offset + 1] ); + ext = buf + ext_offset + 2; + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len ); - if( ( ext_len > 0 && ext_len < 4 ) || - msg_len != ext_offset + 2 + ext_len ) + while( ext_len != 0 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - } - else - ext_len = 0; + unsigned int ext_id = ( ( ext[0] << 8 ) + | ( ext[1] ) ); + unsigned int ext_size = ( ( ext[2] << 8 ) + | ( ext[3] ) ); - ext = buf + ext_offset + 2; - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len ); - - while( ext_len != 0 ) - { - unsigned int ext_id = ( ( ext[0] << 8 ) - | ( ext[1] ) ); - unsigned int ext_size = ( ( ext[2] << 8 ) - | ( ext[3] ) ); - - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - switch( ext_id ) - { + if( ext_size + 4 > ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + switch( ext_id ) + { #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - case MBEDTLS_TLS_EXT_SERVERNAME: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); - if( ssl->conf->f_sni == NULL ) - break; + case MBEDTLS_TLS_EXT_SERVERNAME: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); + if( ssl->conf->f_sni == NULL ) + break; - ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); #if defined(MBEDTLS_SSL_RENEGOTIATION) - renegotiation_info_seen = 1; + renegotiation_info_seen = 1; #endif - ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) - case MBEDTLS_TLS_EXT_SIG_ALG: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); + case MBEDTLS_TLS_EXT_SIG_ALG: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - break; + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + break; #endif - ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); + case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); - ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; - case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); - ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); + ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; - ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) ); + case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) ); - ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); - ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); - ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); - ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); - ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); - ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) - case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); - break; + ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ - default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", - ext_id ) ); + default: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + ext_id ) ); + } + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; + + if( ext_len > 0 && ext_len < 4 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } } - - ext_len -= 4 + ext_size; - ext += 4 + ext_size; - - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - } - #if defined(MBEDTLS_SSL_PROTO_SSL3) } #endif From 768594d772c114d6ca47063d822cb3805014b7ef Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 23 May 2016 00:22:58 +0100 Subject: [PATCH 64/64] Removes yotta from bump_version.sh Yotta version is independent of the mbed TLS version so shouldn't be set by this script. Also adds a header, copyright and attribution to the script. --- scripts/bump_version.sh | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 97d2f1f87..fc8b800c4 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -1,4 +1,17 @@ #!/bin/bash +# +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2012-2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# Sets the version numbers in the source code to those given. +# +# Usage: bump_version.sh [ --version ] [ --so-crypto ] +# [ --so-x509 ] [ --so-tls ] +# [ -v | --verbose ] [ -h | --help ] +# VERSION="" SOVERSION="" @@ -109,10 +122,6 @@ mv tmp include/mbedtls/version.h sed -e "s/version:\".\{1,\}/version:\"$VERSION\"/g" < tests/suites/test_suite_version.data > tmp mv tmp tests/suites/test_suite_version.data -[ $VERBOSE ] && echo "Bumping version in yotta/data/module.json" -sed -e "s/\"version\": \".\{1,\}\"/\"version\": \"$VERSION\"/g" < yotta/data/module.json > tmp -mv tmp yotta/data/module.json - [ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h" for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h; do @@ -128,3 +137,4 @@ scripts/generate_features.pl [ $VERBOSE ] && echo "Re-generating visualc files" scripts/generate_visualc_files.pl +