Commit Graph

2778 Commits

Author SHA1 Message Date
Andrzej Kurek
60ebd98a50 Enable MBEDTLS_MEMORY_DEBUG in memory buffer alloc test in all.sh 2019-09-10 03:07:44 -04:00
Andrzej Kurek
c73f857217 Remove unnecessary memory buffer alloc and memory backtrace unsets
Also unify the sanitization LDFLAGS with development
2019-09-10 03:07:29 -04:00
Andrzej Kurek
1f5a596fe2 Disable DTLS proxy tests for MEMORY_BUFFER_ALLOC test 2019-09-09 05:29:02 -04:00
Andrzej Kurek
1d0708215b all.sh: restructure memory allocator tests
Run basic tests and ssl-opt with memory backtrace disabled, then
run basic tests only with it enabled.
2019-09-09 05:28:53 -04:00
Hanno Becker
d130b98c68 Add missing dependency in memory buffer alloc set in all.sh 2019-09-09 05:28:42 -04:00
Hanno Becker
f8799e8b84 Add all.sh run with full config and ASan enabled 2019-09-09 05:25:33 -04:00
Hanno Becker
74b5e34d1b Add all.sh run with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled
With the removal of MBEDTLS_MEMORY_BUFFER_ALLOC_C from the
full config, there are no tests for it remaining in all.sh.
This commit adds a build as well as runs of `make test` and
`ssl-opt.sh` with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled to all.sh.
2019-09-09 05:25:21 -04:00
Andrzej Kurek
a9c2a3b244 Adapt all.sh to removal of buffer allocator from full config
Previously, numerous all.sh tests manually disabled the buffer allocator
or memory backtracting after setting a full config as the starting point.

With the removal of MBEDTLS_MEMORY_BACKTRACE and MBEDTLS_MEMORY_BUFFER_ALLOC_C
from full configs, this is no longer necessary.
2019-09-09 05:22:39 -04:00
Jaeden Amero
fcb8711f6f Bump version to Mbed TLS 2.16.3 2019-09-06 13:27:00 +01:00
Jaeden Amero
89408672eb Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
* origin/mbedtls-2.16:
  Changelog entry
  Check for zero length and NULL buffer pointer
  ssl-opt.sh: wait for proxy to start before running the script further
  Adapt ChangeLog
  Fix mpi_bigendian_to_host() on bigendian systems
2019-09-05 18:14:55 +01:00
Unknown
43dc0d6a8f ssl-opt.sh: wait for proxy to start before running the script further 2019-09-04 06:06:46 -04:00
Gilles Peskine
6d079baba8 Merge remote-tracking branch 'upstream-restricted/mbedtls-2.16-proposed' into mbedtls-2.16-restricted 2019-08-14 16:39:36 +02:00
Gilles Peskine
4d7c74811b Merge remote-tracking branch 'upstream-restricted/pr/503' into mbedtls-2.16-restricted 2019-08-14 16:39:24 +02:00
Gilles Peskine
33f66ba6fd Merge remote-tracking branch 'upstream-restricted/pr/556' into mbedtls-2.16-restricted 2019-08-14 16:38:26 +02:00
Gilles Peskine
3a930650c8 Merge remote-tracking branch 'upstream-restricted/pr/613' into mbedtls-2.16-restricted 2019-08-14 16:36:30 +02:00
Gilles Peskine
376d0d9e4a Merge remote-tracking branch 'upstream-public/pr/2736' into mbedtls-2.16 2019-08-14 16:00:53 +02:00
Gilles Peskine
c1b621c5cb Merge remote-tracking branch 'upstream-public/pr/2754' into mbedtls-2.16 2019-08-14 16:00:01 +02:00
Gilles Peskine
7a93214f15 Merge remote-tracking branch 'upstream-public/pr/2778' into mbedtls-2.16 2019-08-14 15:58:47 +02:00
Gilles Peskine
e30c09198c Exclude DTLS 1.2 only with older OpenSSL
compat.sh used to skip OpenSSL altogether for DTLS 1.2, because older
versions of OpenSSL didn't support it. But these days it is supported.

We don't want to use DTLS 1.2 with OpenSSL unconditionally, because we
still use legacy versions of OpenSSL to test with legacy ciphers. So
check whether the version we're using supports it.
2019-08-13 11:44:04 +02:00
Gilles Peskine
560f332dd2 Document the rationale for the armel build
Call the component xxx_arm5vte, because that's what it does. Explain
"armel", and more generally why this component exists, in a comment.
2019-08-09 16:06:27 +02:00
Gilles Peskine
e07b9ff2d9 Switch armel build to -Os
Without any -O option, the default is -O0, and then the assembly code
is not used, so this would not be a non-regression test for the
assembly code that doesn't build.
2019-08-08 16:12:46 +02:00
Gilles Peskine
0bd284dc51 Add a build on ARMv5TE in ARM mode
Non-regression test for
"bn_mul.h: require at least ARMv6 to enable the ARM DSP code"
2019-08-05 11:34:25 +02:00
Gilles Peskine
c3c738e0fe
Merge pull request #639 from ARMmbed/mbedtls-2.16-proposed
Merge mbedtls-2.16 into mbedtls-2.16-restricted
2019-08-05 11:06:37 +02:00
Gilles Peskine
a60dc25e9f
Merge pull request #2419 from RonEld/Backport2.16_2734
Backport 2.16: Update soon to be expired crl
2019-08-03 13:38:20 +02:00
Gilles Peskine
1e3eb28ae3
Merge pull request #2735 from hanno-arm/skip_test-2.16
2.16: Add TEST_ASSUME macro to allow skipping tests at runtime
2019-08-03 13:37:59 +02:00
Gilles Peskine
756b3f2c25 entropy_nv_seed: cope with SHA-256
This test case was only executed if the SHA-512 module was enabled and
MBEDTLS_ENTROPY_FORCE_SHA256 was not enabled, so "config.pl full"
didn't have a chance to reach it even if that enabled
MBEDTLS_PLATFORM_NV_SEED_ALT.

Now all it takes to enable this test is MBEDTLS_PLATFORM_NV_SEED_ALT
and its requirements, and the near-ubiquitous MD module.
2019-07-19 17:43:03 +02:00
Gilles Peskine
0450eecfae entropy_nv_seed: clean up properly
Call mbedtls_entropy_free on test failure.

Restore the previous NV seed functions which the call to
mbedtls_platform_set_nv_seed() changed. This didn't break anything,
but only because the NV seed functions used for these tests happened
to work for the tests that got executed later in the .data file.
2019-07-19 17:43:03 +02:00
Gilles Peskine
fc41bd7f35 Don't call memset after calloc
memset has undefined behavior when either pointer can be NULL, which
is the case when it's the result of malloc/calloc with a size of 0.
The memset calls here are useless anyway since they come immediately
after calloc.
2019-07-19 17:42:47 +02:00
Jaeden Amero
af4578f14b Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
* origin/mbedtls-2.16:
  Fix parsing issue when int parameter is in base 16
  Refactor receive_uint32()
  Refactor get_byte function
  Make the script portable to both pythons
  Update the test encoding to support python3
  update the test script
  tests: Limit each log to 10 GiB
2019-07-12 10:16:11 +01:00
Jaeden Amero
cb686a1b6b Merge remote-tracking branch 'origin/pr/2743' into mbedtls-2.16
* origin/pr/2743:
  tests: Limit each log to 10 GiB
2019-07-11 16:19:21 +01:00
Ron Eldor
7c52e229d5 Fix parsing issue when int parameter is in base 16
Fix error `ValueError: invalid literal for int() with base 10:` that
is caused when a parameter is given in base 16. Use relevant base
when calling `int()` function.
2019-07-11 14:36:50 +03:00
Ron Eldor
e81ff54881 Refactor receive_uint32()
Call `greentea_getc()` 8 times, and then `unhexify` once, instead of
calling `receive_byte()`, which inside calls `greentea_getc()` twice,
for every hex digit.
2019-07-11 14:36:34 +03:00
Ron Eldor
3dd77909d3 Refactor get_byte function
Change implementation of `get_byte()` to call `unhexify()`.
2019-07-11 14:36:27 +03:00
Ron Eldor
9d40da275d Make the script portable to both pythons
Make the script work for python3 and for python2
2019-07-11 14:36:20 +03:00
Ron Eldor
b43fe57d34 Update the test encoding to support python3
Since Python3 handles encoding differently than Python2,
a change in the way the data is encoded and sent to the target is needed.
1. Change the test data to be sent as hex string
2. Convert the characters to binary bytes.

This is done because the mbed tools translate the encoding differently
(mbed-greentea, and mbed-htrunner)
2019-07-11 14:36:13 +03:00
Ron Eldor
56b6e523fa update the test script
Update `mbedtls_test.py` script to work with Python 3.7.
resolves #2653
2019-07-11 14:36:06 +03:00
Ron Eldor
36503922a0 Update certificates to expire in 2029
Update certificates that expire on 2021, to prolong their validity,
to make tests pass three years ahead.
2019-07-10 18:35:10 +03:00
Ron Eldor
9647bc56da Update soon to be expired crl
Update crl.pem, as it will expire on November 25 2019.
Resolves #2357.
2019-07-10 17:26:39 +03:00
Jaeden Amero
a258ccd368 tests: Limit each log to 10 GiB
Limit log output in compat.sh and ssl-opt.sh, in case of failures with
these scripts where they may output seemingly unlimited length error
logs.

Note that ulimit -f uses units of 512 bytes, so we use 10 * 1024 * 1024
* 2 to get 10 GiB.
2019-07-10 08:51:56 +01:00
Jaeden Amero
d7ec086e04 Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
* origin/mbedtls-2.16:
  Split _abi_compliance_command into smaller functions
  Record the commits that were compared
  Document how to build the typical argument for -s
  Allow running /somewhere/else/path/to/abi_check.py
  Allow TODO in code
  Use the docstring in the command line help
2019-07-10 08:47:43 +01:00
k-stachowiak
ad1836af58 Add a test for mlaformed ECJPAKE context 2019-07-08 15:44:37 +02:00
Gilles Peskine
dc25c32663 Test that a shared library build produces a dynamically linked executable 2019-07-05 15:48:03 +02:00
Gilles Peskine
2c47ffc37f Test that the shared library build with CMake works 2019-07-05 15:46:46 +02:00
Gilles Peskine
87bf1b5cf4 Add a test of MBEDTLS_CONFIG_FILE
configs/README.txt documents that you can use an alternative
configuration file by defining the preprocessor symbol
MBEDTLS_CONFIG_FILE. Test this.
2019-07-05 15:46:46 +02:00
Hanno Becker
d3369f6d01 Add TEST_ASSUME macro to allow skipping tests at runtime
This commit adds a macro TEST_ASSUME to the test infrastructure
which allows to skip tests based on unmet conditions determined
at runtime.
2019-07-05 13:41:08 +01:00
Gilles Peskine
47d7c2d7cb Allow TODO in code
Don't reject TODO in code. Fix #2587
2019-07-05 10:55:53 +02:00
Gilles Peskine
79cfef02d9 Use the docstring in the command line help 2019-07-05 10:55:53 +02:00
Jaeden Amero
7b03e87fbc Merge remote-tracking branch 'restricted/pr/582' into mbedtls-2.16-restricted
* restricted/pr/582:
  Add a test for signing content with a long ECDSA key
  Add documentation notes about the required size of the signature buffers
  Add missing MBEDTLS_ECP_C dependencies in check_config.h
  Change size of preallocated buffer for pk_sign() calls
2019-06-24 11:40:59 +01:00
Jaeden Amero
5ecbd14fdd Merge remote-tracking branch 'origin/pr/2701' into mbedtls-2.16
* origin/pr/2701:
  Add all.sh component that exercises invalid_param checks
  Remove mbedtls_param_failed from programs
  Make it easier to define MBEDTLS_PARAM_FAILED as assert
  Make test suites compatible with #include <assert.h>
  Pass -m32 to the linker as well
2019-06-21 16:00:06 +01:00
Jaeden Amero
a5ebd5fe10 Merge remote-tracking branch 'origin/pr/2615' into mbedtls-2.16
* origin/pr/2615:
  Use 'config.pl baremetal' in all.sh
2019-06-21 15:59:34 +01:00
Jaeden Amero
096bccf204 Merge remote-tracking branch 'origin/pr/2450' into mbedtls-2.16
* origin/pr/2450:
  Fix #2370, minor typos and spelling mistakes
2019-06-21 15:59:29 +01:00
Jaeden Amero
f580d43bad Merge remote-tracking branch 'origin/pr/2053' into mbedtls-2.16
* origin/pr/2053:
  Clarify ChangeLog entry for fix to #1628
  Add Changelog entry for clang test-ref-configs.pl fix
  Enable more compiler warnings in tests/Makefile
  Change file scoping of test helpers.function
2019-06-21 15:59:16 +01:00
Jaeden Amero
d81c11b8ab Merge remote-tracking branch 'origin/pr/2687' into mbedtls-2.16
* origin/pr/2687:
  Update library to 2.16.2
2019-06-18 14:23:28 +01:00
Gilles Peskine
dcab202368 Add all.sh component that exercises invalid_param checks
With the change to the full config, there were no longer any tests
that exercise invalid-parameter behavior. The test suite exercises
invalid-parameter behavior by calling TEST_INVALID_PARAM and friends,
relying on the test suite's mbedtls_check_param function. This
function is only enabled if MBEDTLS_CHECK_PARAMS is defined but not
MBEDTLS_CHECK_PARAMS_ASSERT.

Add a component to all.sh that enables MBEDTLS_CHECK_PARAMS but
disables MBEDTLS_CHECK_PARAMS_ASSERT and doesn't define
MBEDTLS_PARAM_FAILED. This way, the xxx_invalid_param() tests do run.
Since sample programs don't provide a mbedtls_check_param function,
this component doesn't build the sample programs.
2019-06-17 19:11:35 +02:00
Gilles Peskine
137d31bf5a Make test suites compatible with #include <assert.h>
Don't use the macro name assert. It's technically permitted as long as
<assert.h> is not included, but it's fragile, because it means the
code and any header that it includes must not include <assert.h>.
2019-06-17 19:06:52 +02:00
Gilles Peskine
8118e4672e Pass -m32 to the linker as well
For unit tests and sample programs, CFLAGS=-m32 is enough to get a
32-bit build, because these programs are all compiled directly
from *.c to the executable in one shot. But with makefile rules that
first build object files and then link them, LDFLAGS=-m32 is also
needed.
2019-06-17 19:06:28 +02:00
Jaeden Amero
418e7611f6 Merge remote-tracking branch 'origin/pr/2484' into mbedtls-2.16
* origin/pr/2484:
  Correct placement of ChangeLog entry
  Improve documentation of mbedtls_x509_get_ext()
  Adapt ChangeLog
  Always return a high-level error code from X.509 module
  Obey bounds of ASN.1 substructures
2019-06-14 15:28:42 +01:00
Jaeden Amero
7aed01c0dc Merge remote-tracking branch 'origin/pr/2481' into mbedtls-2.16
* origin/pr/2481:
  Document support for MD2 and MD4 in programs/x509/cert_write
  Correct name of X.509 parsing test for well-formed, ill-signed CRT
  Add test cases exercising successful verification of MD2/MD4/MD5 CRT
  Add test case exercising verification of valid MD2 CRT
  Add MD[245] test CRTs to tree
  Add instructions for MD[245] test CRTs to tests/data_files/Makefile
  Add suppport for MD2 to CSR and CRT writing example programs
  Convert further x509parse tests to use lower-case hex data
  Correct placement of ChangeLog entry
  Adapt ChangeLog
  Use SHA-256 instead of MD2 in X.509 CRT parsing tests
  Consistently use lower case hex data in X.509 parsing tests
2019-06-14 08:50:47 +01:00
Jaeden Amero
1adf212a1b Merge remote-tracking branch 'origin/pr/2497' into mbedtls-2.16
* origin/pr/2497:
  Re-generate library/certs.c from script
  Add new line at the end of test-ca2.key.enc
  Use strict syntax to annotate origin of test data in certs.c
  Add run to all.sh exercising !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO
  Allow DHM self test to run without MBEDTLS_PEM_PARSE_C
  ssl-opt.sh: Auto-skip tests that use files if MBEDTLS_FS_IO unset
  Document origin of hardcoded certificates in library/certs.c
  Adapt ChangeLog
  Rename server1.der to server1.crt.der
  Add DER encoded files to git tree
  Add build instructions to generate DER versions of CRTs and keys
  Document "none" value for ca_path/ca_file in ssl_client2/ssl_server2
  ssl_server2: Skip CA setup if `ca_path` or `ca_file` argument "none"
  ssl_client2: Skip CA setup if `ca_path` or `ca_file` argument "none"
  Correct white spaces in ssl_server2 and ssl_client2
  Adapt ssl_client2 to parse DER encoded test CRTs if PEM is disabled
  Adapt ssl_server2 to parse DER encoded test CRTs if PEM is disabled
2019-06-14 08:48:54 +01:00
Jaeden Amero
ff36cdaa84 Update library to 2.16.2 2019-06-11 17:27:32 +01:00
k-stachowiak
11f38e2f61 Add a test for signing content with a long ECDSA key
Due to the way the current PK API works, it may have not been clear
for the library clients, how big output buffers they should pass
to the signing functions. Depending on the key type they depend on
MPI or EC specific compile-time constants.

Inside the library, there were places, where it was assumed that
the MPI size will always be enough, even for ECDSA signatures.
However, for very small sizes of the MBEDTLS_MPI_MAX_SIZE and
sufficiently large key, the EC signature could exceed the MPI size
and cause a stack overflow.

This test establishes both conditions -- small MPI size and the use
of a long ECDSA key -- and attempts to sign an arbitrary file.
This can cause a stack overvlow if the signature buffers are not
big enough, therefore the test is performed for an ASan build.
2019-06-10 11:49:54 +02:00
Jaeden Amero
adffe39fdb test: Remove redundant 0-byte decryption test
Remove the "Decrypt empty buffer" test, as ChaCha20 is a stream cipher
and 0 bytes encrypted is identical to a 0 length buffer. The "ChaCha20
Encrypt and decrypt 0 bytes" test will test decryption of a 0 length
buffer.
2019-06-06 12:04:13 +01:00
Jaeden Amero
4e47aa0120 test: Check empty buffer decryption for chachapoly
Previously, even in the Chacha20 and Chacha20-Poly1305 tests, we would
test that decryption of an empty buffer would work with
MBEDTLS_CIPHER_AES_128_CBC.

Make the cipher used with the dec_empty_buf() test configurable, so that
Chacha20 and Chacha20-Poly1305 empty buffer tests can use ciphers other
than AES CBC. Then, make the Chacha20 and Chacha20-Poly1305 empty buffer
tests use the MBEDTLS_CIPHER_CHACHA20 and
MBEDTLS_CIPHER_CHACHA20_POLY1305 cipher suites.
2019-06-06 12:04:13 +01:00
Hanno Becker
2f472140f9 Always return a high-level error code from X.509 module
Some functions within the X.509 module return an ASN.1 low level
error code where instead this error code should be wrapped by a
high-level X.509 error code as in the bulk of the module.

Specifically, the following functions are affected:
- mbedtls_x509_get_ext()
- x509_get_version()
- x509_get_uid()

This commit modifies these functions to always return an
X.509 high level error code.

Care has to be taken when adapting `mbetls_x509_get_ext()`:
Currently, the callers `mbedtls_x509_crt_ext()` treat the
return code `MBEDTLS_ERR_ASN1_UNEXPECTED_TAG` specially to
gracefully detect and continue if the extension structure is not
present. Wrapping the ASN.1 error with
`MBEDTLS_ERR_X509_INVALID_EXTENSIONS` and adapting the check
accordingly would mean that an unexpected tag somewhere
down the extension parsing would be ignored by the caller.

The way out of this is the following: Luckily, the extension
structure is always the last field in the surrounding structure,
so if there is some data remaining, it must be an Extension
structure, so we don't need to deal with a tag mismatch gracefully
in the first place.

We may therefore wrap the return code from the initial call to
`mbedtls_asn1_get_tag()` in `mbedtls_x509_get_ext()` by
`MBEDTLS_ERR_X509_INVALID_EXTENSIONS` and simply remove
the special treatment of `MBEDTLS_ERR_ASN1_UNEXPECTED_TAG`
in the callers `x509_crl_get_ext()` and `x509_crt_get_ext()`.

This renders `mbedtls_x509_get_ext()` unsuitable if it ever
happened that an Extension structure is optional and does not
occur at the end of its surrounding structure, but for CRTs
and CRLs, it's fine.

The following tests need to be adapted:
- "TBSCertificate v3, issuerID wrong tag"
  The issuerID is optional, so if we look for its presence
  but find a different tag, we silently continue and try
  parsing the subjectID, and then the extensions. The tag '00'
  used in this test doesn't match either of these, and the
  previous code would hence return LENGTH_MISMATCH after
  unsucessfully trying issuerID, subjectID and Extensions.
  With the new code, any data remaining after issuerID and
  subjectID _must_ be Extension data, so we fail with
  UNEXPECTED_TAG when trying to parse the Extension data.
- "TBSCertificate v3, UIDs, invalid length"
  The test hardcodes the expectation of
  MBEDTLS_ERR_ASN1_INVALID_LENGTH, which needs to be
  wrapped in MBEDTLS_ERR_X509_INVALID_FORMAT now.

Fixes #2431.
2019-06-04 14:01:10 +01:00
Hanno Becker
4e1bfc19cc Obey bounds of ASN.1 substructures
When parsing a substructure of an ASN.1 structure, no field within
the substructure must exceed the bounds of the substructure.
Concretely, the `end` pointer passed to the ASN.1 parsing routines
must be updated to point to the end of the substructure while parsing
the latter.

This was previously not the case for the routines
- x509_get_attr_type_and_value(),
- mbedtls_x509_get_crt_ext(),
- mbedtls_x509_get_crl_ext().
These functions kept using the end of the parent structure as the
`end` pointer and would hence allow substructure fields to cross
the substructure boundary. This could lead to successful parsing
of ill-formed X.509 CRTs.

This commit fixes this.

Care has to be taken when adapting `mbedtls_x509_get_crt_ext()`
and `mbedtls_x509_get_crl_ext()`, as the underlying function
`mbedtls_x509_get_ext()` returns `0` if no extensions are present
but doesn't set the variable which holds the bounds of the Extensions
structure in case the latter is present. This commit addresses
this by returning early from `mbedtls_x509_get_crt_ext()` and
`mbedtls_x509_get_crl_ext()` if parsing has reached the end of
the input buffer.

The following X.509 parsing tests need to be adapted:
- "TBSCertificate, issuer two inner set datas"
  This test exercises the X.509 CRT parser with a Subject name
  which has two empty `AttributeTypeAndValue` structures.
  This is supposed to fail with `MBEDTLS_ERR_ASN1_OUT_OF_DATA`
  because the parser should attempt to parse the first structure
  and fail because of a lack of data. Previously, it failed to
  obey the (0-length) bounds of the first AttributeTypeAndValue
  structure and would try to interpret the beginning of the second
  AttributeTypeAndValue structure as the first field of the first
  AttributeTypeAndValue structure, returning an UNEXPECTED_TAG error.
- "TBSCertificate, issuer, no full following string"
  This test exercises the parser's behaviour on an AttributeTypeAndValue
  structure which contains more data than expected; it should therefore
  fail with MBEDTLS_ERR_ASN1_LENGTH_MISMATCH. Because of the missing bounds
  check, it previously failed with UNEXPECTED_TAG because it interpreted
  the remaining byte in the first AttributeTypeAndValue structure as the
  first byte in the second AttributeTypeAndValue structure.
- "SubjectAltName repeated"
  This test should exercise two SubjectAltNames extensions in succession,
  but a wrong length values makes the second SubjectAltNames extension appear
  outside of the Extensions structure. With the new bounds in place, this
  therefore fails with a LENGTH_MISMATCH error. This commit adapts the test
  data to put the 2nd SubjectAltNames extension inside the Extensions
  structure, too.
2019-06-04 14:01:10 +01:00
Hanno Becker
bdf2035710 Correct name of X.509 parsing test for well-formed, ill-signed CRT 2019-06-03 16:20:05 +01:00
Hanno Becker
cfa341844f Add test cases exercising successful verification of MD2/MD4/MD5 CRT 2019-06-03 16:20:02 +01:00
Hanno Becker
4d7210c23c Add test case exercising verification of valid MD2 CRT
The X.509 parsing test suite test_suite_x509parse contains a test
exercising X.509 verification for a valid MD4/MD5 certificate in a
profile which doesn't allow MD4/MD5. This commit adds an analogous
test for MD2.
2019-06-03 16:19:59 +01:00
Hanno Becker
8d59f250bc Add MD[245] test CRTs to tree 2019-06-03 16:19:46 +01:00
Hanno Becker
928f617747 Add instructions for MD[245] test CRTs to tests/data_files/Makefile 2019-06-03 16:19:39 +01:00
Hanno Becker
8b3bcbab79 Convert further x509parse tests to use lower-case hex data
With emacs: `replace-regexp "\([a-fA-F0-9]*\)" "\,(downcase \1)"`
2019-06-03 16:17:58 +01:00
Jaeden Amero
ada38317dd test: Always use make clean by itself
When running make with parallelization, running both "clean" and "lib"
with a single make invocation can lead to each target building in
parallel. It's bad if lib is partially done building something, and then
clean deletes what was built. This can lead to errors later on in the
lib target.

    $ make -j9 clean lib
      CC    aes.c
      CC    aesni.c
      CC    arc4.c
      CC    aria.c
      CC    asn1parse.c
      CC    ./library/error.c
      CC    ./library/version.c
      CC    ./library/version_features.c
      AR    libmbedcrypto.a
    ar: aes.o: No such file or directory
    Makefile:120: recipe for target 'libmbedcrypto.a' failed
    make[2]: *** [libmbedcrypto.a] Error 1
    Makefile:152: recipe for target 'libmbedcrypto.a' failed
    make[1]: *** [libmbedcrypto.a] Error 2
    Makefile:19: recipe for target 'lib' failed
    make: *** [lib] Error 2
    make: *** Waiting for unfinished jobs....

To avoid this sort of trouble, always invoke clean by itself without
other targets throughout the library. Don't run clean in parallel with
other rules. The only place where clean was run in parallel with other
targets was in list-symbols.sh.
2019-05-31 17:49:25 +01:00
Hanno Becker
67d1848ed0 Use SHA-256 instead of MD2 in X.509 CRT parsing tests
- Replace 'RSA with MD2' OID '2a864886f70d010102' by
  'RSA with SHA-256' OID '2a864886f70d01010b':
  Only the last byte determines the hash, and
  `MBEDTLS_OID_PKCS1_MD2 == MBEDTLS_OID_PKCS1 "\x02"`
  `MBEDTLS_OID_PKCS1_SHA256 == MBEDTLS_OID_PKCS1 "\x0b"`
  See oid.h.
- Replace MD2 dependency by SHA256 dependency.
- Adapt expected CRT info output.
2019-05-30 11:19:08 +01:00
Hanno Becker
556e6d84ea Consistently use lower case hex data in X.509 parsing tests 2019-05-30 11:19:08 +01:00
Hanno Becker
dd7e193f49 Add new line at the end of test-ca2.key.enc 2019-05-30 10:58:12 +01:00
Hanno Becker
e562e7dbeb Add run to all.sh exercising !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO 2019-05-30 10:58:12 +01:00
Hanno Becker
7a11e72a4f ssl-opt.sh: Auto-skip tests that use files if MBEDTLS_FS_IO unset
This should allow to run ssl-opt.sh successfully in the default
configuration minus MBEDTLS_PEM_PARSE_C minus MBEDTLS_FS_IO.
2019-05-30 10:58:07 +01:00
Hanno Becker
f8b0b15c90 Rename server1.der to server1.crt.der 2019-05-30 10:27:49 +01:00
Hanno Becker
389ee9b40b Add DER encoded files to git tree 2019-05-30 10:27:14 +01:00
Hanno Becker
5895a2db7b Add build instructions to generate DER versions of CRTs and keys 2019-05-30 10:27:14 +01:00
Gilles Peskine
39d7c58db5 list-symbols.sh: if the build fails, print the build transcript
If "make clean lib" fails in list-symbols.sh, print the transcript
from running make.
2019-05-22 19:07:36 +02:00
Gilles Peskine
902a1f3f7f Document "check-names.sh -v" 2019-05-22 19:07:36 +02:00
Gilles Peskine
473f2d4ec2 all.sh: invoke check-names.sh in print-trace-on-exit mode 2019-05-15 17:55:06 +02:00
Gilles Peskine
5e525fb6e5 Print a command trace if the check-names.sh exits unexpectedly
We've observed that sometimes check-names.sh exits unexpectedly with
status 2 and no error message. The failure is not reproducible. This
commits makes the script print a trace if it exits unexpectedly.
2019-05-15 17:40:58 +02:00
Manuel Pégourié-Gonnard
6e6ae9b2e8 Use 'config.pl baremetal' in all.sh 2019-04-29 12:48:21 +02:00
Darryl Green
3997a6cd25 Document the scripts behaviour further 2019-04-18 13:18:22 +01:00
Darryl Green
3ef06d5bf7 Add --internal option to list-identifiers.sh
When doing ABI/API checking, its useful to have a list of all the
identifiers that are defined in the internal header files, as we
do not promise compatibility for them. This option allows for a
simple method of getting them for use with the ABI checking script.
2019-04-18 12:02:49 +01:00
Jaeden Amero
20d707dd3e Merge remote-tracking branch 'origin/pr/2571' into mbedtls-2.16
* origin/pr/2571:
  Clarify comment mangled by an earlier refactoring
  Add an "out-of-box" component
  Run ssl-opt.sh on 32-bit runtime
2019-04-16 15:10:18 +01:00
Gilles Peskine
0a47c4ffbb Clarify comment mangled by an earlier refactoring 2019-04-10 18:47:51 +02:00
Gilles Peskine
99a3310fba Add an "out-of-box" component
Just run `make` and `make test`. And `selftest` for good measure.
2019-04-10 18:47:51 +02:00
Gilles Peskine
7dd44b28f1 Run ssl-opt.sh on 32-bit runtime
Run ssl-opt.sh on x86_32 with ASan. This may detect bugs that only
show up on 32-bit platforms, for example due to size_t overflow.

For this component, turn off some memory management features that are
not useful, potentially slow, and may reduce ASan's effectiveness at
catching buffer overflows.
2019-04-10 18:47:50 +02:00
Jaeden Amero
e59c4193fb Fix typo in data_file generator code
The file to generate is `server10_int3-bs.pem`, not
`server10-bs_int3-bs.pem`.
2019-04-10 11:50:36 +01:00
Jaeden Amero
db8821cb7e Merge remote-tracking branch 'origin/pr/2470' into mbedtls-2.16
* origin/pr/2470:
  Silence pylint
  check-files.py: readability improvement in permission check
  check-files.py: use class fields for class-wide constants
  check-files.py: clean up class structure
  abi_check.py: Document more methods
  check-files.py: document some classes and methods
  Fix pylint errors going uncaught
  Call pylint3, not pylint
  New, documented pylint configuration
2019-04-05 14:20:00 +01:00
Jaeden Amero
f41fa48dd4 Merge remote-tracking branch 'origin/pr/2520' into mbedtls-2.16
* origin/pr/2520:
  Fix errors in AEAD test function
2019-04-05 14:17:47 +01:00
Jaeden Amero
77027354f4 Merge remote-tracking branch 'origin/pr/2503' into mbedtls-2.16
* origin/pr/2503:
  Fix ChangeLog entry ordering
  Fix typo
  Add non-regression test for buffer overflow
  Improve documentation of mbedtls_mpi_write_string()
  Adapt ChangeLog
  Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
2019-04-05 14:10:02 +01:00
Jaeden Amero
9bfcebfe27 Merge remote-tracking branch 'origin/pr/2364' into mbedtls-2.16
* origin/pr/2364:
  Increase okm_hex buffer to contain null character
  Minor modifications to hkdf test
  Add explanation for okm_string size
  Update ChangeLog
  Reduce buffer size of okm
  Reduce Stack usage of hkdf test function
2019-04-05 13:53:22 +01:00
Jaeden Amero
186c2c054d Merge remote-tracking branch 'restricted/pr/553' into mbedtls-2.16
* restricted/pr/553:
  Fix mbedtls_ecdh_get_params with new ECDH context
  Add changelog entry for mbedtls_ecdh_get_params robustness
  Fix ecdh_get_params with mismatching group
  Add test case for ecdh_get_params with mismatching group
  Add test case for ecdh_calc_secret
  Fix typo in documentation
2019-03-27 14:54:00 +00:00
Jaeden Amero
f2357f8903 Merge remote-tracking branch 'origin/pr/2526' into mbedtls-2.16
* origin/pr/2526:
  Update library version to 2.16.1
2019-03-26 15:27:56 +00:00
Jaeden Amero
9f4f8eec93 Update library version to 2.16.1 2019-03-19 16:20:02 +00:00
Jack Lloyd
b25719b031 Fix errors in AEAD test function
It was failing to set the key in the ENCRYPT direction before encrypting.
This just happened to work for GCM and CCM.

After re-encrypting, compare the length to the expected ciphertext
length not the plaintext length. Again this just happens to work for
GCM and CCM since they do not perform any kind of padding.
2019-03-14 11:06:02 +02:00
Janos Follath
7e83344543 Test the new deterministic ECDSA function 2019-03-06 16:51:22 +00:00
Janos Follath
276284fd2e Add non-regression test for buffer overflow 2019-03-06 13:51:25 +00:00
Jaeden Amero
b0abd1c84f Merge remote-tracking branch 'origin/pr/2388' into mbedtls-2.16
* origin/pr/2388:
  Update change log
  all.sh: Test MBEDTLS_MPI_WINDOW_SIZE=1
  Fix DEADCODE in mbedtls_mpi_exp_mod()
2019-03-05 16:34:40 +00:00
Jaeden Amero
6b79a1115e Merge remote-tracking branch 'origin/pr/2293' into mbedtls-2.16
* origin/pr/2293:
  Declare test_suite_aes.ofb to CMake
  Add a facility to skip running some test suites
  run-test-suites: update the documentation
2019-03-05 16:31:02 +00:00
Jaeden Amero
daed232dd7 Merge remote-tracking branch 'origin/pr/2436' into mbedtls-2.16
* origin/pr/2436:
  Use certificates from data_files and refer them
  Specify server certificate to use in SHA-1 test
  refactor CA and SRV certificates into separate blocks
  refactor SHA-1 certificate defintions and assignment
  refactor server SHA-1 certificate definition into a new block
  define TEST_SRV_CRT_RSA_SOME in similar logic to TEST_CA_CRT_RSA_SOME
  server SHA-256 certificate now follows the same logic as CA SHA-256 certificate
  add entry to ChangeLog
2019-03-05 16:26:34 +00:00
Simon Butcher
799cd57c72 Merge remote-tracking branch 'restricted/pr/550' into mbedtls-2.16
* restricted/pr/550:
  Update query_config.c
  Fix failure in SSLv3 per-version suites test
  Adjust DES exclude lists in test scripts
  Clarify 3DES changes in ChangeLog
  Fix documentation for 3DES removal
  Exclude 3DES tests in test scripts
  Fix wording of ChangeLog and 3DES_REMOVE docs
  Reduce priority of 3DES ciphersuites
2019-03-01 13:05:43 +00:00
Simon Butcher
e6a3f57898 Merge remote-tracking branch 'public/pr/2429' into mbedtls-2.16
* public/pr/2429:
  Add ChangeLog entry for unused bits in bitstrings
  Improve docs for ASN.1 bitstrings and their usage
  Add tests for (named) bitstring to suite_asn1write
  Fix ASN1 bitstring writing
2019-03-01 13:04:04 +00:00
Simon Butcher
3664fdb5f6 Merge remote-tracking branch 'public/pr/2449' into mbedtls-2.16
* public/pr/2449:
  Reword changelog entry
  Reenable GnuTLS next based tests
2019-03-01 13:01:54 +00:00
Manuel Pégourié-Gonnard
f1e62e8e1e Fix failure in SSLv3 per-version suites test
The test used 3DES as the suite for SSLv3, which now makes the handshake fails
with "no ciphersuite in common", failing the test as well. Use Camellia
instead (as there are not enough AES ciphersuites before TLS 1.2 to
distinguish between the 3 versions).

Document some dependencies, but not all. Just trying to avoid introducing new
issues by using a new cipher here, not trying to make it perfect, which is a
much larger task out of scope of this commit.
2019-03-01 10:30:11 +01:00
Andres Amaya Garcia
37e0a8c455 Adjust DES exclude lists in test scripts 2019-03-01 10:30:11 +01:00
Andres Amaya Garcia
7c86e9a03e Fix documentation for 3DES removal 2019-03-01 10:29:49 +01:00
Andres Amaya Garcia
ac9c5221c5 Exclude 3DES tests in test scripts 2019-03-01 10:29:49 +01:00
Gilles Peskine
afd19dd9b6 Silence pylint
Silence pylint in specific places where we're doing slightly unusual
or dodgy, but correct.
2019-02-25 21:42:32 +01:00
Gilles Peskine
6fc5215831 check-files.py: readability improvement in permission check 2019-02-25 21:42:32 +01:00
Gilles Peskine
21e85f78b8 check-files.py: use class fields for class-wide constants
In an issue tracker, heading and files_exemptions are class-wide
constants, so make them so instead of being per-instance fields.
2019-02-25 21:42:32 +01:00
Gilles Peskine
d5240ec4c7 check-files.py: clean up class structure
Line issue trackers are conceptually a subclass of file issue
trackers: they're file issue trackers where issues arise from checking
each line independently. So make it an actual subclass.

Pylint pointed out the design smell: there was an abstract method that
wasn't always overridden in concrete child classes.
2019-02-25 21:42:32 +01:00
Gilles Peskine
7660549187 check-files.py: document some classes and methods
Document all classes and longer methods.

Declare a static method as such. Pointed out by pylint.
2019-02-25 21:42:32 +01:00
Gilles Peskine
7b9fcdc2d5 Fix pylint errors going uncaught
Make check-python-files.sh run pylint on all *.py files (in
directories where they are known to be present), rather than list
files explicitly.

Fix a bug whereby the return status of check-python-files.sh was only
based on the last file passing, i.e. errors in other files were
effectively ignored.

Make check-python-files.sh run pylint unconditionally. Since pylint3
is not critical, make all.sh to skip running check-python-files.sh if
pylint3 is not available.
2019-02-25 21:42:32 +01:00
Gilles Peskine
e70c6dcee0 Call pylint3, not pylint
We use Python 3, so call Pylint for Python 3, not for Python 2.
2019-02-25 21:42:32 +01:00
Gilles Peskine
5612a9372b New, documented pylint configuration
The pylint configuration in .pylint was a modified version of the
output of `pylint --generate-rcfile` from an unknown version of
pylint. Replace it with a file that only contains settings that are
modified from the default, with an explanation of why each setting is
modified.

The new .pylintrc was written from scratch, based on the output of
pylint on the current version of the files and on a judgement of what
to silence generically, what to silence on a case-by-case basis and
what to fix.
2019-02-25 21:42:32 +01:00
Jaeden Amero
2c1d492ccc Merge remote-tracking branch 'origin/pr/2428' into mbedtls-2.16 2019-02-22 12:53:27 +00:00
Gilles Peskine
62a73511f1 Add test case for ecdh_get_params with mismatching group
Add a test case for doing an ECDH calculation by calling
mbedtls_ecdh_get_params on both keys, with keys belonging to
different groups. This should fail, but currently passes.
2019-02-22 10:24:31 +01:00
Gilles Peskine
6d9b762ee0 Add test case for ecdh_calc_secret
Add a test case for doing an ECDH calculation by calling
mbedtls_ecdh_get_params on both keys, then mbedtls_ecdh_calc_secret.
2019-02-22 10:24:14 +01:00
Jaeden Amero
c5b57ef9e0 Merge remote-tracking branch 'origin/pr/2412' into mbedtls-2.16 2019-02-21 12:01:50 +00:00
Jaeden Amero
0981db57e1 Merge remote-tracking branch 'origin/pr/2385' into mbedtls-2.16 2019-02-21 11:58:58 +00:00
k-stachowiak
abb843e8ae Reenable GnuTLS next based tests 2019-02-18 16:14:03 +01:00
Antonin Décimo
d5f4759594 Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
Ron Eldor
b76e765f2e Specify server certificate to use in SHA-1 test
Specify the SHA-1 server certificate to use in the SHA-1 test,
because now the default certificates use SHA256 certificates.
2019-02-12 17:10:28 +02:00
Andres Amaya Garcia
2c0f6f0b10 Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:23:49 +00:00
Andrzej Kurek
ed68b31090 Move a restartable ecp context to a conditional compilation block
This was an unused variable when compiling with parameter validation
but without ecp_restartable
2019-02-11 07:28:04 -05:00
Andres Amaya Garcia
e144b4130c Add gen_query_config.pl to check-gen-files and bump_version 2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
0644678507 ssl-opt: Use ssl_server2 to query config instead of grep and sed 2019-02-07 10:32:30 +00:00
Peter Kolbus
1e2aa72b57 all.sh: Test MBEDTLS_MPI_WINDOW_SIZE=1
There were no tests for a non-default MPI window size. Add one.

Change-Id: Ic08fbc9161d0b3ee67eb3c91f9baf602646c9dfe
2019-02-05 16:44:13 +01:00
k-stachowiak
fa444586c0 Correct code formatting in the timing test suites 2019-02-05 10:05:01 +01:00
Peter Kolbus
3098707188 all.sh: Fix check_headers_in_cpp
When all.sh invokes check_headers_in_cpp, a backup config.h exists. This
causes a stray difference vs cpp_dummy_build.cpp. Fix by only collecting
the *.h files in include/mbedtls.

Change-Id: Ifd415027e856858579a6699538f06fc49c793570
2019-02-04 17:14:02 +00:00
Jaeden Amero
9fc7af017a Merge remote-tracking branch 'origin/pr/2040' into mbedtls-2.16 2019-01-30 16:17:22 +00:00
Jaeden Amero
462dfc5068 Merge remote-tracking branch 'origin/pr/2332' into mbedtls-2.16 2019-01-30 15:52:26 +00:00
Jaeden Amero
36c2c73263 Merge remote-tracking branch 'origin/pr/2325' into mbedtls-2.16 2019-01-30 15:36:57 +00:00
Jaeden Amero
a82b436bc2 Merge remote-tracking branch 'origin/pr/2322' into mbedtls-2.16 2019-01-30 15:29:41 +00:00
Jaeden Amero
5677eab235 Merge remote-tracking branch 'origin/pr/2207' into mbedtls-2.16 2019-01-30 14:57:30 +00:00
Jaeden Amero
484d883a1d Merge remote-tracking branch 'origin/pr/2191' into mbedtls-2.16 2019-01-30 14:56:38 +00:00
k-stachowiak
722334278b Reduce the timing tests complexity 2019-01-29 13:02:19 +01:00
Ron Eldor
da04b3b972 Increase okm_hex buffer to contain null character
Add an additional byte for the `okm_hex` buffer, to assure
it is null-terminated in case `okm` is 128 bytes long.
2019-01-28 15:20:10 +02:00
Ron Eldor
57c2a301a3 Minor modifications to hkdf test
1. Fix comment grammar.
2. Rename `okm_string` to `okm_hex`.
2019-01-28 15:09:15 +02:00
Ron Eldor
6fce81637e Add explanation for okm_string size
Add explanation for why the size of `okm_string` buffer
is twice as `okm` buffer.
2019-01-28 15:05:11 +02:00
Ron Eldor
d9ad084b2d Reduce buffer size of okm
Reduce the buffer size of okm to 128, to reduce stack usage.
2019-01-17 21:32:12 +02:00
Ron Eldor
45154eb20b Reduce Stack usage of hkdf test function
`test_hkdf` in the hkdf test suites consumed stack of ~6KB with
6 buffers of ~1KB each. This causes stack overflow on some platforms
with smaller stack. The buffer sizes were reduced. By testing, the sizes
can be reduced even further, as the largest seen size is 82 bytes(for okm).
2019-01-17 21:31:59 +02:00
Gilles Peskine
69f190e8dd Rename test_memcheck to test_valgrind
Valgrind is what it does. `memcheck` is how it's implemented.
2019-01-10 18:29:15 +01:00
Gilles Peskine
a28db923d9 Support wildcard patterns with a positive list of components to run
Wildcard patterns now work with command line COMPONENT arguments
without --except as well as with. You can now run e.g.
`all.sh "check_*` to run all the sanity checks.
2019-01-10 18:29:15 +01:00
Gilles Peskine
53190e6160 Delete $OUT_OF_SOURCE_DIR under --force
The deletion of "$OUT_OF_SOURCE_DIR" had mistakenly been lumped
together with Yotta and then removed when Yotta support was removed.
Bring it back.
2019-01-10 18:29:15 +01:00
Gilles Peskine
d1174cf015 Fix sometimes-spurious warning about changed config.h
After backing up and restoring config.h, `git diff-files` may report
it as potentially-changed because it isn't sure whether the index is
up to date. Use `git diff` instead: it actually reads the file.
2019-01-10 18:29:15 +01:00
Gilles Peskine
c70637a5f0 all.sh: Update the maintainer documentation 2019-01-10 18:29:12 +01:00
Gilles Peskine
cc9f0b956e Merge the code to call output_env.sh into pre_check_tools
It's all about tool detection.
2019-01-10 18:27:38 +01:00
Gilles Peskine
879642663a all.sh: only check tools that are going to be used
Don't require openssl, mingw, etc. if we aren't going to run a
component that uses them.
2019-01-10 18:27:38 +01:00
Gilles Peskine
5331c6e0b1 all.sh: only look for armcc if it is used
Only look for armcc if component_build_armcc is to be executed,
instead of requiring the option --no-armcc.

You can still pass --no-armcc, but it's no longer required when
listing components to run. With no list of components or an exclude
list on the command line, --no-armcc is equivalent to having
build_armcc in the exclude list.
2019-01-10 18:27:38 +01:00
Gilles Peskine
beb3a81588 all.sh: Always build the list of components to run
Build the list of components to run in $RUN_COMPONENTS as part of
command line parsing. After parsing the command line, it no longer
matters how this list was built.
2019-01-10 18:27:38 +01:00
Gilles Peskine
878cf60172 all.sh: list components automatically
Extract the list of available components by looking for definitions of
functions called component_xxx. The previous code explicitly listed
all components in run_all_components, which opened the risk of
forgetting to list a component there.

Add a conditional execution facility: if a function support_xxx exists
and returns false then component_xxx is not executed (except when the
command line lists an explicit set of components to execute).
2019-01-10 18:27:38 +01:00
Gilles Peskine
a1fc4b5ead all.sh: fix MAKEFLAGS setting
MAKEFLAGS was set to -j if it was already set, instead of being set if
not previously set as intended. So now all.sh will do parallel builds
if invoked without MAKEFLAGS in the environment.
2019-01-09 22:36:33 +01:00
Gilles Peskine
a16c2b1ff1 all.sh: don't insist on Linux; always run Valgrind
Don't bail out of all.sh if the OS isn't Linux. We only expect
everything to pass on a recent Linux x86_64, but it's useful to call
all.sh to run some components on any platform.

In all.sh, always run both MemorySanitizer and Valgrind. Valgrind is
slower than ASan and MSan but finds some things that they don't.

Run MSan unconditionally, not just on Linux/x86_64. MSan is supported
on some other OSes and CPUs these days.

Use `all.sh --except test_memsan` if you want to omit MSan because it
isn't supported on your platform. Use `all.sh --except test_memcheck`
if you want to omit Valgrind because it's too slow.

Make the test scripts more portable (tested on FreeBSD): don't insist
on GNU sed, and recognize amd64 as well as x86_64 for `uname -m`. The
`make` utility must still be GNU make.
2019-01-09 22:36:33 +01:00
Gilles Peskine
4976e82a9e Gdb script: improve portability of ASLR disabling disabling
Call `set disable-randomization off` only if it seems to be supported.
The goal is to neither get an error about disable-randomization not
being supported (e.g. on FreeBSD), nor get an error if it is supported
but fails (e.g. on Ubuntu).

Only fiddle with disable-randomization from all.sh, which cares
because it reports the failure of ASLR disabling as an error. If a
developer invokes the Gdb script manually, a warning about ASLR
doesn't matter.
2019-01-09 22:36:31 +01:00
Gilles Peskine
5fa32a7a7a Use CMAKE_BUILD_TYPE to do Asan builds
Use `cmake -D CMAKE_BUILD_TYPE=Asan` rather than manually setting
`-fsanitize=address`. This lets cmake determine the necessary compiler
and linker flags.

With UNSAFE_BUILD on, force -Wno-error. This is necessary to build
with MBEDTLS_TEST_NULL_ENTROPY.
2019-01-09 22:35:57 +01:00
Gilles Peskine
55f7c94430 Fix inconsistent indentation
Only whitespace changes in this commit.
2019-01-09 22:35:55 +01:00
Simon Butcher
4d60477a33 Merge remote-tracking branch 'public/pr/2232' into mbedtls-2.16 2019-01-08 15:33:37 +00:00
Simon Butcher
fc2edc3b8f Merge remote-tracking branch 'public/pr/2228' into mbedtls-2.16 2019-01-08 15:29:18 +00:00
Gilles Peskine
b28636b865 Merge tag 'mbedtls-2.16.0' into all_sh-2.14
Merge the work on all.sh that was done on mbedtls-2.14.0 with the
changes from mbedtls-2.14.0 to mbedtls-2.16.0.

There is a merge conflict in test/scripts/all.sh, which is the only
file that was modified in the all.sh work branch. I resolved it by
taking the copy from the all.sh branch and applying the changes
between mbedtls-2.14.0 and mbedtls-2.16.0. These changes consisted of
two commits:

* "Add tests to all.sh for CHECK_PARAMS edge cases": adds two
  test components which are reproduced here as
  test_check_params_without_platform and component_test_check_params_silent.
* "tests: Backup config.h before modifying it": moot because the
  component framework introduced in the all.sh branch backs up config.h
  systematically.
2019-01-03 13:04:36 +01:00
Gilles Peskine
608953eb8c Back up and restore config.h systematically
In all.sh, always save config.h before running a component, instead of
doing it manually in each component that requires it (except when we
forget, which has happened). This would break a script that requires
config.h.bak not to exist, but we don't have any of those.
2019-01-02 19:05:33 +01:00
Gilles Peskine
ffcdeff00a Add the current component name to msg output and the final report 2019-01-02 18:09:05 +01:00
Gilles Peskine
81b96ed603 Add --except mode: run all components except a list
Allow the list to use wildcards, e.g. you can run the sanity checks with
all.sh --except "test_*" "build_*"
2019-01-02 18:07:23 +01:00
Gilles Peskine
92525111dc all.sh: with non-option arguments, run only these components 2019-01-02 18:07:23 +01:00
Gilles Peskine
348fb9a597 New option --list-components
Add an option to list the available components.

This is not useful yet, but a subsequent commit will add the ability
to run specific components.
2019-01-02 18:07:23 +01:00
Gilles Peskine
782f411bf5 Move test-ref-configs into its own component 2019-01-02 18:07:22 +01:00
Gilles Peskine
e48351a33f Move cleanup into the common wrapper function
Call cleanup from run_component instead of calling it from each
individual component function.

Clean up after each component rather than before. With the new
structure it makes more sense for each component to leave the place
clean. Run cleanup once at the beginning to start from a clean slate.
2019-01-02 18:07:22 +01:00
Gilles Peskine
9f8f92ca9b Remove duplicate component for RSA_NO_CRT 2019-01-02 18:07:22 +01:00
Gilles Peskine
8f07312124 Move the code into functions. No behavior change.
Move almost all the code of this script into functions. There is no
intended behavior change. The goal of this commit is to make
subsequent improvements easier to follow.

A very large number of lines have been reintended. To see what's going
on, ignore whitespace differences (e.g. diff -w).

I followed the following rules:

* Minimize the amount of code that gets moved.
* Don't change anything to what gets executed or displayed.
* Almost all the code must end up in a function.
* One function does one thing. For most of the code, that's from one
  "cleanup" to the next.
* The test sequence functions (run_XXX) are independent.

The change mostly amounts to putting chunks of code into a function
and calling the functions in order. A few test runs are conditional;
in those cases the conditional is around the function call.
2019-01-02 18:07:22 +01:00
Hanno Becker
2ed44a986b Add missing dependencies in test_suite_cipher.gcm 2019-01-02 10:48:25 +00:00
Hanno Becker
ef308c993f Add NIST AES GCM test vectors to single-step cipher API test suite
The test suites `test_suite_gcm.aes{128,192,256}_en.data` contains
numerous NIST test vectors for AES-*-GCM against which the GCM
API mbedtls_gcm_xxx() is tested.

However, one level higher at the cipher API, no tests exist which
exercise mbedtls_cipher_auth_{encrypt/decrypt}() for GCM ciphers,
although test_suite_cipher.function contains the test auth_crypt_tv
which does precisely that and is already used e.g. in
test_suite_cipher.ccm.

This commit replicates the test vectors from
test_suite_gcm.aes{128,192,256}_en.data in test_suite_cipher.gcm.data
and adds a run of auth_crypt_tv for each of them.

The conversion was mainly done through the sed command line

```
s/gcm_decrypt_and_verify:\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):
\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\)/auth_crypt_tv:
\1:\2:\4:\5:\3:\7:\8:\9/
```
2019-01-02 10:47:53 +00:00
Ron Eldor
016f925b4c Separate REGEX of MACRO to groups
Seperate the REGEX into identifier, condition and value, into groups,
to behandled differently.
2019-01-02 11:06:27 +02:00
Ron Eldor
a2579be8a0 Add conditional dependency to tests
Add a way to check compile time defionitions values, for determining
whether to skip tests.
2019-01-02 11:05:32 +02:00
Simon Butcher
d3d8a64dfa Enable more compiler warnings in tests/Makefile
tests/Makefile had some unused warnings disabled unnecessarily, which
test-ref-configs.pl was turning back on. We don't need to disable these warnings
so I'm turning them back on.
2018-12-28 11:06:35 +00:00
Simon Butcher
ecff219e6f Change file scoping of test helpers.function
Dependent on configured options, not all of the helper functions were being
used, which was leading to warning of unused functions with Clang.

To avoid any complex compile time options, or adding more logic to
generate_test_code.py to screen out unused functions, those functions which were
provoking the warning were changed to remove static, remove them from file
scope, and expose them to the linker.
2018-12-28 11:06:25 +00:00
Simon Butcher
6c164e754b Update the version of the library to 2.16.0 2018-12-21 10:51:51 +00:00
Simon Butcher
428d00d837 Merge remote-tracking branch 'public/pr/2209' into development-restricted 2018-12-20 12:34:59 +00:00
Simon Butcher
88d45a84eb Merge remote-tracking branch 'public/pr/2171' into development-restricted 2018-12-20 12:30:47 +00:00
Simon Butcher
ad7c2105a2 Merge remote-tracking branch 'public/pr/2274' into development 2018-12-20 12:16:57 +00:00
Simon Butcher
12b4240300 Merge remote-tracking branch 'public/pr/2288' into development 2018-12-20 12:16:46 +00:00
Simon Butcher
c831193c85 Merge remote-tracking branch 'public/pr/2302' into development 2018-12-20 12:16:39 +00:00
Simon Butcher
1efda39f8a Merge remote-tracking branch 'public/pr/2297' into development 2018-12-20 12:16:29 +00:00
Simon Butcher
5aa7809ac8 Merge remote-tracking branch 'public/pr/2275' into development 2018-12-20 12:15:19 +00:00
Simon Butcher
780cf189b0 Merge remote-tracking branch 'public/pr/2271' into development 2018-12-20 12:15:08 +00:00
Simon Butcher
032c037052 Merge remote-tracking branch 'public/pr/2270' into development 2018-12-20 12:04:13 +00:00
Simon Butcher
a033633bb0 Merge remote-tracking branch 'public/pr/2269' into development 2018-12-20 12:02:56 +00:00
Simon Butcher
70935a4001 Merge remote-tracking branch 'public/pr/2299' into development 2018-12-20 12:02:23 +00:00
Simon Butcher
003c0e032f Merge remote-tracking branch 'public/pr/2292' into development 2018-12-20 12:02:17 +00:00
Simon Butcher
decf2f5c2c Merge remote-tracking branch 'public/pr/2291' into development 2018-12-20 12:02:11 +00:00
Simon Butcher
65ce5dc981 Merge remote-tracking branch 'public/pr/2290' into development 2018-12-20 12:02:05 +00:00
Simon Butcher
ad2e0dae32 Merge remote-tracking branch 'public/pr/2283' into development 2018-12-20 12:01:58 +00:00
Simon Butcher
0bbf7f450d Merge remote-tracking branch 'public/pr/2279' into development 2018-12-20 12:01:49 +00:00
Simon Butcher
962b7b17d5 Merge remote-tracking branch 'public/pr/2273' into development 2018-12-20 12:01:17 +00:00
Simon Butcher
6be67a6518 Merge remote-tracking branch 'public/pr/2281' into development 2018-12-20 12:01:09 +00:00
Simon Butcher
dac513e246 Merge remote-tracking branch 'public/pr/2282' into development 2018-12-20 12:01:04 +00:00
Simon Butcher
ccafd14fee Merge remote-tracking branch 'public/pr/2276' into development 2018-12-20 12:00:57 +00:00
Simon Butcher
2a8d32c6c1 Merge remote-tracking branch 'public/pr/2287' into development 2018-12-20 12:00:50 +00:00
Gilles Peskine
743e3988dc Avoid unused-variable warnings for str as well
The exact guard is FS_IO && PK_PARSE_C. Just keep it simple.
2018-12-20 12:29:48 +01:00
Gilles Peskine
88ca3a244e Avoid unused-variable warnings in some configurations 2018-12-20 12:26:16 +01:00
Gilles Peskine
d6027119be Fix dependencies on MBEDTLS_FS_IO 2018-12-20 12:15:41 +01:00
Hanno Becker
73b79841b2 Remove parameter validation for deprecated function in ECDSA module 2018-12-20 09:53:24 +00:00
k-stachowiak
dd63359dae Add tests for valid NULL in ccm_free() 2018-12-19 19:02:39 +01:00
k-stachowiak
508bcd96db Remove unneeded test for the CCM free function 2018-12-19 19:02:39 +01:00
k-stachowiak
26d365eb54 Add parameter validation for CCM 2018-12-19 19:02:39 +01:00
k-stachowiak
fb54360f8c Prevent unused variable in some configurations 2018-12-19 18:34:21 +01:00
Gilles Peskine
6af45ec53e PK: document context validity requirements
Document when a context must be initialized or not, when it must be
set up or not, and whether it needs a private key or a public key will
do.

The implementation is sometimes more liberal than the documentation,
accepting a non-set-up context as a context that can't perform the
requested information. This preserves backward compatibility.
2018-12-19 18:10:03 +01:00
k-stachowiak
a85edd9415 Split the unconditional and conditional parameter validation tests 2018-12-19 18:06:35 +01:00
Hanno Becker
f25ee7f79d Fix parameter validation for mbedtls_mpi_lsb()
The MPI_VALIDATE_RET() macro cannot be used for parameter
validation of mbedtls_mpi_lsb() because this function returns
a size_t.

Use the underlying MBEDTLS_INTERNAL_VALIDATE_RET() insteaed,
returning 0 on failure.

Also, add a test for this behaviour.
2018-12-19 16:51:50 +00:00
Gilles Peskine
d54b97503b pk parse: the password is optional
For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
2018-12-19 17:36:14 +01:00
k-stachowiak
516897a44a Remove unnecessary parameter validation from the Cipher module 2018-12-19 17:34:58 +01:00
k-stachowiak
95070a8286 Make some cipher parameter validation unconditional 2018-12-19 17:34:58 +01:00
k-stachowiak
5b01f8b3ae Add a new line at the end of the test data file 2018-12-19 17:34:13 +01:00
k-stachowiak
90b8d4a11e Include static cipher functions in the parameter validation scheme 2018-12-19 17:34:13 +01:00
k-stachowiak
a539070f82 Make all parameter validation tests optional 2018-12-19 17:34:13 +01:00
Krzysztof Stachowiak
e0215d7869 Add Cipher module parameter validation 2018-12-19 17:34:13 +01:00
k-stachowiak
5fccb3edf3 Add tests for valid NULL in gcm_free() 2018-12-19 17:30:38 +01:00
k-stachowiak
8ffc92a1e8 Add parameter validation for the GCM module 2018-12-19 17:30:38 +01:00
Gilles Peskine
ee3cfec3cc PK sign/verify: hash=NULL is ok if md_alg=0 and hash_len=0 2018-12-19 17:11:44 +01:00
Gilles Peskine
998fbfbe68 Properly test pk_write with an empty output buffer
This needs a real key to test properly.
2018-12-19 17:08:51 +01:00
Gilles Peskine
cc274c2ebf Do run the valid parameters test function 2018-12-19 17:08:01 +01:00
Gilles Peskine
1f19fa6f62 PK: Fix free(NULL) in library and tests
free() functions are documented as no-ops on NULL. Implement and test
this correctly.
2018-12-19 14:18:39 +01:00
Hanno Becker
f947c0a2dd Move testing of mbedtls_blowfish_free() to separate test case
It should be tested regardless of the setting of MBEDTLS_CHECK_PARAMS.
2018-12-19 12:52:59 +00:00
Hanno Becker
49acc64c69 Minor improvements to Blowfish documentation and tests 2018-12-19 12:52:59 +00:00
Hanno Becker
e38b4cd661 Test parameter validation for Blowfish module 2018-12-19 12:52:59 +00:00
Hanno Becker
0294072c09 Avoid unused variable warning in ARIA param validation test 2018-12-19 12:51:00 +00:00
Hanno Becker
14b91e8e22 Move testing of mbedtls_aria_free() to separate test
The test that mbedtls_aria_free() accepts NULL parameters
can be performed even if MBEDTLS_CHECK_PARAMS is unset, but
was previously included in the test case aria_invalid_params()
which is only executed if MBEDTLS_CHECK_PARAMS is set.
2018-12-19 12:51:00 +00:00
Hanno Becker
fac1d44d62 Fix style in ARIA parameter validation tests 2018-12-19 12:51:00 +00:00
Hanno Becker
b0de9f5b03 Test that mbedtls_aria_free() accepts NULL parameter 2018-12-19 12:51:00 +00:00
Hanno Becker
9e45c1607e Test parameter validation for ARIA module 2018-12-19 12:51:00 +00:00
Hanno Becker
f1931760d8 Move test of mbedtls_camellia_free() to separate test
The acceptance of NULL should be tested regardless of the
setting of MBEDTLS_CHECK_PARAMS.
2018-12-19 12:47:55 +00:00
Hanno Becker
ff62f44ad7 Remove duplicated parameter check in CAMELLIA module 2018-12-19 12:47:55 +00:00
Hanno Becker
e939de7247 Minor fixes to Camellia parameter validation 2018-12-19 12:47:55 +00:00
Hanno Becker
75788371df Test parameter validation for CAMELLIA module 2018-12-19 12:47:55 +00:00
Gilles Peskine
e146e7dbae Don't use TEST_VALID_PARAM with a value
TEST_VALID_PARAM is only for functions that return void. This commit
fixes the build with clang -Wunused-comparison.
2018-12-19 13:21:22 +01:00
Hanno Becker
1959535038 Add parameter validation test for mbedtls_ecp_check_pub_priv() 2018-12-19 08:52:08 +00:00
Hanno Becker
549e455a42 Add parameter validation test for mbedtls_ecp_gen_privkey() 2018-12-19 08:52:02 +00:00
Hanno Becker
0a4fa9b1fb Add parameter validation test for mbedtls_ecp_check_budget() 2018-12-19 08:51:58 +00:00
Hanno Becker
807c107c3c Fix typos in ECP test suite 2018-12-19 08:51:55 +00:00
Simon Butcher
54b789aa74 Merge remote-tracking branch 'public/pr/2298' into development 2018-12-19 08:08:14 +00:00
Gilles Peskine
78438e4109 Test parameter validation for pk, pkparse and pkwrite 2018-12-19 00:55:47 +01:00
Hanno Becker
59274d43cb Remove unnecessary call to mbedtls_mpi_free() in MPI tests 2018-12-18 23:27:03 +00:00
Hanno Becker
b48e1aa846 Add separate test for mbedtls_mpi_free() accepting NULL 2018-12-18 23:25:01 +00:00
Jaeden Amero
ee427b26d4 tests: Backup config.h before modifying it
It's good to make a backup of config.h before modifying it, so that when
"cleanup" runs the next test has a clean default config.h to start from.

Fixes 840af0a9ae ("Add tests to all.sh for CHECK_PARAMS edge cases")
2018-12-18 21:14:28 +00:00
Hanno Becker
e118504a5f Numerous minor improvements to bignum documentation 2018-12-18 18:12:13 +00:00
Hanno Becker
56b661cbf8 Add test that mbedtls_mpi_free() accepts NULL parameter 2018-12-18 18:12:13 +00:00