Commit Graph

5218 Commits

Author SHA1 Message Date
Hanno Becker
00152d4d94 Adapt ChangeLog 2018-11-06 13:22:45 +00:00
Hanno Becker
a18de85425 Don't perform binary comparison of CRL issuer and CA subject
Previously, when checking whether a CRT was revoked through
one of the configured CRLs, the library would only consider
those CRLs whose `issuer` field binary-matches the `subject`
field of the CA that has issued the CRT in question. If those
fields were not binary equivalent, the corresponding CRL was
discarded.

This is not in line with RFC 5280, which demands that the
comparison should be format- and case-insensitive. For example:

- If the same string is once encoded as a `PrintableString` and
  another time as a `UTF8String`, they should compare equal.
- If two strings differ only in their choice of upper and lower case
  letters, they should compare equal.

This commit fixes this by using the dedicated x509_name_cmp()
function to compare the CRL issuer with the CA subject.

Fixes #1784.
2018-11-06 13:22:34 +00:00
Hanno Becker
dafd5405e4 Move static x509_name_cmp() in library/x509_crt.c
A subsequent change will need this function earlier
within the file.
2018-11-06 13:22:17 +00:00
Hanno Becker
af02a7bbed Add tests for relaxed CRL-CA name comparison
This commit introduces variants test-ca_utf8.crt,
test-ca_printablestring.crt and test-ca_uppercase.crt
of tests/data_files/test-ca.crt which differ from
test-ca.crt in their choice of string encoding and
upper and lower case letters in the DN field. These
changes should be immaterial to the recovation check,
and three tests are added that crl.pem, which applies
to test-ca.crt, is also considered as applying to
test-ca_*.crt.

The test files were generated using PR #1641 which
- adds a build instruction for test-ca.crt to
  tests/data_files/Makefile which allows easy
  change of the subject DN.
- changes the default string format from `PrintableString`
  to `UTF8String`.

Specifically:
- `test-ca_utf8.crt` was generated by running
      `rm test-ca.crt && make test-ca.crt`
   on PR #1641.
- `test-ca_uppercase.crt`, too, was generated by running
      `rm test-ca.crt && make test-ca.crt`
   on PR #1641, after modifying the subject DN line in the build
   instruction for `test-ca.crt` in `tests/data_files/Makefile`.
-  `test-ca_printable.crt` is a copy of `test-ca.crt`
   because at the time of this commit, `PrintableString` is
   still the default string format.
2018-11-06 13:21:22 +00:00
Simon Butcher
2b0b9912e0 Merge remote-tracking branch 'public/pr/2046' into mbedtls-2.1-proposed 2018-11-04 18:52:30 +00:00
Simon Butcher
5ca1f27bff Merge remote-tracking branch 'public/pr/2097' into mbedtls-2.1-proposed 2018-11-04 18:49:17 +00:00
Simon Butcher
ad95594acf Merge remote-tracking branch 'public/pr/2116' into mbedtls-2.1-proposed 2018-11-04 18:42:59 +00:00
Simon Butcher
4acdf6dea8 Merge remote-tracking branch 'public/pr/1298' into mbedtls-2.1-proposed 2018-10-28 18:17:00 +00:00
Simon Butcher
1238a2fd03 Merge remote-tracking branch 'public/pr/1762' into mbedtls-2.1-proposed 2018-10-28 18:15:26 +00:00
Simon Butcher
a1f11cfc38 Merge remote-tracking branch 'public/pr/2058' into mbedtls-2.1-proposed 2018-10-28 17:25:16 +00:00
Simon Butcher
c84f5c937d Merge remote-tracking branch 'public/pr/2072' into mbedtls-2.1-proposed 2018-10-28 16:58:29 +00:00
Simon Butcher
351c4f15f4 Merge remote-tracking branch 'public/pr/2113' into mbedtls-2.1-proposed 2018-10-28 16:32:05 +00:00
Simon Butcher
34f32fa93c Merge remote-tracking branch 'public/pr/2110' into mbedtls-2.1-proposed 2018-10-28 16:17:28 +00:00
Simon Butcher
d10c8ed6d0 Merge remote-tracking branch 'public/pr/2033' into mbedtls-2.1 2018-10-27 18:34:57 +01:00
Simon Butcher
a4441430b7 Merge remote-tracking branch 'public/pr/2042' into mbedtls-2.1 2018-10-27 18:29:08 +01:00
Simon Butcher
945dfe6f0e Update the ChangeLog for PR #2011
The Changelog merged the PR #2011 entry under the wrong version. This corrects
that merge error, and also clarifies the entry.
2018-10-25 16:18:13 +01:00
Simon Butcher
fc0524ceb9 Merge remote-tracking branch 'public/pr/2011' into mbedtls-2.1 2018-10-24 13:36:58 +01:00
Simon Butcher
b001e08585
Merge pull request #2123 from dgreen-arm/mbedtls-2.1-jenkinsfile
Backport 2.1: Add Jenkinsfile for PR job
2018-10-19 17:01:03 +01:00
Darryl Green
e45e63cbbc Add Jenkinsfile for PR job 2018-10-19 15:26:49 +01:00
Simon Butcher
7458975805 Add a macro to define the memory size in ssl_server2.c
When MBEDTLS_MEMORY_BUFFER_ALLOC_C was defined, the sample ssl_server2.c was
using its own memory buffer for memory allocated by the library. The memory
used wasn't obvious, so this adds a macro for the memory buffer allocated to
make the allocated memory size more obvious and hence easier to configure.
2018-10-18 10:13:10 +01:00
Simon Butcher
e8c12f1ec9 Increase the memory buffer size for ssl_server2.c
Newer features in the library have increased the overall RAM usage of the
library, when all features are enabled. ssl_server2.c, with all features enabled
was running out of memory for the ssl-opt.sh test 'Authentication: client
max_int chain, server required'.

This commit increases the memory buffer allocation for ssl_server2.c to allow
the test to work with all features enabled.
2018-10-18 10:13:08 +01:00
Hanno Becker
c2a1dd98d5 Adapt ChangeLog 2018-10-17 14:55:03 +01:00
Hanno Becker
3aab4cc486 Fail when encountering invalid CBC padding in EtM records
This commit changes the behavior of the record decryption routine
`ssl_decrypt_buf()` in the following situation:
1. A CBC ciphersuite with Encrypt-then-MAC is used.
2. A record with valid MAC but invalid CBC padding is received.
In this situation, the previous code would not raise and error but
instead forward the decrypted packet, including the wrong padding,
to the user.

This commit changes this behavior to return the error
MBEDTLS_ERR_SSL_INVALID_MAC instead.

While erroneous, the previous behavior does not constitute a
security flaw since it can only happen for properly authenticated
records, that is, if the peer makes a mistake while preparing the
padded plaintext.
2018-10-17 14:54:50 +01:00
Hanno Becker
a966e6ff47 Add missing return value check in ECDSA test suite
The test case `ecdsa_det_test_vectors` from the ECDSA test suite
called `mbedtls_md()` without checking its return value.
2018-10-17 14:01:31 +01:00
Hanno Becker
f5b094fc72 Adapt ChangeLog 2018-10-16 09:15:01 +01:00
Hanno Becker
728d6cdcef Add missing zeroization of reassembled handshake messages
This commit ensures that buffers holding fragmented or
handshake messages get zeroized before they are freed
when the respective handshake message is no longer needed.
Previously, the handshake message content would leak on
the heap.
2018-10-16 09:14:58 +01:00
Hanno Becker
6a74b2f687 Zeroize sensitive data in aescrypt2 and crypt_and_hash examples
This commit replaces multiple `memset()` calls in the example
programs aes/aescrypt2.c and aes/crypt_and_hash.c by calls to
the reliable zeroization function `mbedtls_zeroize()`.

While not a security issue because the code is in the example
programs, it's bad practice and should be fixed.
2018-10-15 13:28:08 +01:00
Hanno Becker
d6a0ed169f Adapt ChangeLog 2018-10-09 13:09:41 +01:00
Hanno Becker
7c2f2f3266 Fix ordering of free()ing of internal structures in ssl_server2
If `MBEDTLS_MEMORY_BUFFER_ALLOC_C` is configured and Mbed TLS'
custom buffer allocator is used for calloc() and free(), the
read buffer used by the server example application is allocated
from the buffer allocator, but freed after the buffer allocator
has been destroyed. If memory backtracing is enabled, this leaves
a memory leak in the backtracing structure allocated for the buffer,
as found by valgrind.

Fixes #2069.
2018-10-09 12:46:32 +01:00
Hanno Becker
db0579334e Adapt ChangeLog 2018-10-05 09:57:24 +01:00
Hanno Becker
b0d59a1084 Fix memory leak and freeing without initialization in cert_write
* The variables `csr` and `issuer_crt` are initialized but not freed.
* The variable `entropy` is unconditionally freed in the cleanup section
  but there's a conditional jump to that section before its initialization.
  This cmmot Moves it to the other initializations happening before the
  first conditional jump to the cleanup section.

Fixes #1422.
2018-10-05 09:56:17 +01:00
Gilles Peskine
1e4c705414 check-files: exclude .git and third-party files
Exclude ".git" directories anywhere. This avoids spurious errors in git
checkouts that contain branch names that look like a file
check-files.py would check. Fix #1713

Exclude "mbed-os" anywhere and "examples" from the root. Switch to the
new mechanism to exclude "yotta/module". These are directories where
we store third-party files that do not need to match our preferences.

Exclude "cov-int" from the root. Fix #1691
2018-10-02 13:18:16 +02:00
Gilles Peskine
a2710dc094 Look for documentation only in specific directories
Generate the documentation from include and doxygen/input only. Don't
get snared by files containing Doxygen comments that lie in other
directories such as tests, yotta, crypto/include, ...

The only difference this makes in a fresh checkout is that the
documentation no longer lists target_config.h. This file is from
yotta, does not contain any Doxygen comment, and its inclusion in the
rendered documentation was clearly an oversight.
2018-10-02 10:45:22 +02:00
Simon Butcher
973c29e1cf Add ChangeLog entry for Windows threading fix 2018-10-01 16:08:07 +01:00
irwir
8f303f9146 Implicit _endthread call: comment changed 2018-10-01 16:06:36 +01:00
irwir
3476de2013 Added spaces after type casts
`(void) TimerContext;` seems more consistent with the current style than ((void) TimerContext);
No objections to changing this if necessary.
2018-10-01 16:06:28 +01:00
irwir
7f244a5e36 Replace Windows API threading with CRT functions 2018-10-01 16:05:38 +01:00
Simon Butcher
948dcee619 Update ChangeLog with dtls sample IPv6 change 2018-09-30 16:23:37 +01:00
Simon Butcher
714b7c60b1 Change the default IP addresses for DTLS samples
Changes the IP address to bind to for dtls_server.c to be "::" or optionally
"0.0.0.0" if the preprocessor symbol FORCE_IPV4 is defined.

Also changes the destinaton IP address for dtls_client.c to be "::1" or if
FORCE_IPV4 symbol is defined "127.0.0.1".

This change allows on compilation dtls_server.c and dtls_client.c to both be
compiled to use either IPv4 or IPv6 so out of the box they will work together
without problem, and to avoid dtls_server.c binding to IPv6 and dtls_client.c
binding to IPv4.
2018-09-30 16:20:04 +01:00
Gilles Peskine
c4859b0b37 In keep-going mode, don't hard-fail on some tests
Add if_build_succeeded in front of the invocation of some test runs
where it was missing.
2018-09-27 10:19:00 +02:00
Gilles Peskine
665ca23032 In keep-going mode, don't hard-fail on some auxiliary script
Add record_status in front of the invocation of several scripts where
it was missing.
2018-09-27 10:17:40 +02:00
Simon Butcher
5bcbd4e7f4 Add ChangeLog entry for PR #1811 2018-09-26 23:03:56 +01:00
Simon Butcher
6a5ced41f2 Merge remote-tracking branch 'public/pr/1811' into mbedtls-2.1 2018-09-26 23:02:07 +01:00
Simon Butcher
86d32e690c Merge remote-tracking branch 'public/pr/1973' into mbedtls-2.1 2018-09-26 22:40:09 +01:00
Simon Butcher
0624b76361 Merge remote-tracking branch 'public/pr/1898' into mbedtls-2.1 2018-09-26 22:01:33 +01:00
Simon Butcher
96e0d8ebfc Clarified ChangeLog entry
ChangeLog entry for backport of #1890 was misleading, so corrected it.
2018-09-13 12:05:40 +01:00
Gilles Peskine
3ccce199a2 Document the behavior change of make apidoc 2018-09-10 12:21:04 +02:00
Manuel Pégourié-Gonnard
b82d09b6a2 Add scripts/apidoc_full.sh
This re-introduces the apidoc with full config.h, but hopefully with the race
conditions and other issues that the previous implementation had.

Adapt doxygen test script to use that new script, and also check for errors
in addition to warnings while at it.
2018-09-10 12:16:58 +02:00
Manuel Pégourié-Gonnard
85c379d6d1 Revert changes done to 'make apidoc' target
This partially reverts 1989caf71c (only the changes to Makefile and
CMakeLists, the addition to scripts/config.pl is kept).

Modifying config.h in the apidoc target creates a race condition with

    make -j4 all apidoc

where some parts of the library, tests or programs could be built with the
wrong config.h, resulting in all kinds of (semi-random) errors. Recent
versions of CMake mitigate this by adding a .NOTPARALLEL target to the
generated Makefile, but people would still get errors with older CMake
versions that are still in use (eg in RHEL 5), and with plain make.

An additional issue is that, by failing to use cp -p, the apidoc target was
updating the timestamp on config.h, which seems to cause further build issues.

Let's get back to the previous, safe, situation. The improved apidoc building
will be resurrected in a script in the next commit.

fixes #390
fixes #391
2018-09-10 12:16:47 +02:00
Simon Butcher
71d5c58a1f Reverted the INPUT in doxygen to .
Previous change to include excluded the content in doxygen/input
2018-09-10 12:16:38 +02:00