Commit Graph

14030 Commits

Author SHA1 Message Date
Janos Follath
74ff13cfae
Merge pull request #3479 from okhowang/format-signedness
add -Wformat-signedness when gcc > 5
2020-07-03 11:53:39 +01:00
Manuel Pégourié-Gonnard
0ac01a1c59 TLS: Add negative tests for non-EtM CBC decryption
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-07-03 12:49:10 +02:00
okhowang(王沛文)
0cd8e0f6a7 Only pass -Wformat-signedness to versions of GCC that support it.
Fixes #3478

Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-07-03 16:51:14 +08:00
Manuel Pégourié-Gonnard
527b87890d
Merge pull request #3454 from gilles-peskine-arm/include-common-h-development
Include common.h from all library source files
2020-07-03 09:44:18 +02:00
Gilles Peskine
bbb3664957 Documentation improvements
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-03 09:32:50 +02:00
Paul Elliott
06a28082af Add Changelog entry for PSA DH/ECC Macros rename
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 17:00:06 +01:00
Paul Elliott
75e27032d3 Rename DH Family Macros According to PSA Spec
Rename PSA_DH_GROUP_xxx to PSA_DH_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_GROUP to PSA_KEY_TYPE_DH_GET_FAMILY and rename
psa_dh_group_t to psa_dh_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 16:59:49 +01:00
Paul Elliott
8ff510ac26 Rename ECC Family Macros According to PSA Spec
Rename PSA_ECC_CURVE_xxx to PSA_ECC_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_CURVE to PSA_KEY_TYPE_ECC_GET_FAMILY and rename
psa_ecc_curve_t to psa_ecc_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 16:59:30 +01:00
Gilles Peskine
e1c4362966 Remove redundant assignment
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 17:50:20 +02:00
Gilles Peskine
76dd3aa5bb Add comments explaining include paths
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 15:59:45 +02:00
Gilles Peskine
280165c9b3 Library files aren't supposed to be executable
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 13:19:17 +02:00
Gilles Peskine
dedff7a57d CMake: Include the library directory for the sake of 3rdparty
"Include the library directory for the sake of 3rdparty" did the job
for Make and Visual Studio. This commit does the job for CMake.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 13:13:27 +02:00
Gilles Peskine
3ca8a9285e Factor common library properties
All libraries (should) rely on the same directory structure. Instead of
repeating the same clauses 6 times (3 libraries times 2 build modes), set
the include paths, compile definitions and install instructions with a
single piece of code.

Include the 3rdparty directory for all libraries, not just crypto. It's
currently only needed for crypto, but that's just happenstance.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 13:07:37 +02:00
Manuel Pégourié-Gonnard
bfbdca8bb4 Merge branch 'development' into development-restricted
* development: (46 commits)
  Update ChangeLog header.
  Bump version to Mbed TLS 2.23.0
  Assemble changelog
  cmake: Add comment about mbedtls_test target
  programs: psa: Link against mbedcrypto not mbedtls
  Use mbedtls_test_unhexify in programs
  Rework mbedtls_test_unhexify()
  tests: Get rid of mbedtls_test_unhexify() in unit test code
  tests: ccm: Prepare to char* to data_t* type change
  tests: aes.ofb: Prepare to char* to data_t* type change
  tests: nist_kw: Prepare to char* to data_t* type change
  tests: chacha20: Prepare to char* to data_t* type change
  tests: hkdf: Prepare to char* to data_t* type change
  tests: aria: Prepare to char* to data_t* type change
  programs: Link to tests common code
  build: Add top-level mbedtls_test target
  programs: cmake: Use list of executables
  programs: cmake: Fix relative path warnings
  programs: ssl: cmake: Add missing executables
  programs: ssl: cmake: Reorder declaration of executables
  ...
2020-07-02 13:01:38 +02:00
Gilles Peskine
0d7216511f Fix erroneous skip of test cases for disabled ciphersuites
Test cases that force a specific ciphersuites are only executed if
this ciphersuite is enabled. But there are test cases (for RC4) whose
goal is to check that the ciphersuite is not used. These test cases
must run even if (or only if) the ciphersuite is disable, so add an
exception for these test cases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 11:38:21 +02:00
Gilles Peskine
db09ef6d22 Include common.h instead of config.h in library source files
In library source files, include "common.h", which takes care of
including "mbedtls/config.h" (or the alternative MBEDTLS_CONFIG_FILE)
and other things that are used throughout the library.

FROM=$'#if !defined(MBEDTLS_CONFIG_FILE)\n#include "mbedtls/config.h"\n#else\n#include MBEDTLS_CONFIG_FILE\n#endif' perl -i -0777 -pe 's~\Q$ENV{FROM}~#include "common.h"~' library/*.c 3rdparty/*/library/*.c scripts/data_files/error.fmt scripts/data_files/version_features.fmt

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 11:26:57 +02:00
Gilles Peskine
66c3dc44f2 Include the library directory for the sake of 3rdparty
When compiling library files under `3rdparty/`, the directory containing
the `.c` file that is being compiled is not the current directory, so
headers from the `library/` directory are not found. Fix this by
adding `.` to the include path.

This was not detected until now because as of this commit, no 3rdparty
source file requires a header under `library/`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 11:26:57 +02:00
Ronald Cron
a123614699 tests: Move mbedtls_param_failed() to test common code
This makes the implementation of mbedtls_param_failed()
for testing purpose available to programs. Thus removing
the ad-hoc implementations in programs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-02 09:59:38 +02:00
Ronald Cron
579fd28527 tests: Isolate mbedtls_param_failed() long jump
In preparation of moving mbedtls_param_failed() to test
common code, isolate mbedtls_param_failed() long
jump data and set up from unit test data and code.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-02 09:59:32 +02:00
Ronald Cron
76883ec853 tests: Isolate mbedtls_param_failed() call check
In preparation of moving mbedtls_param_failed() to test
common code, isolate mbedtls_param_failed() call check
from unit test data.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-02 09:39:37 +02:00
Ronald Cron
4e66587545 tests: Move mbedtls_param_failed() call location record
In preparation of moving mbedtls_param_failed() to test
common code, move mbedtls_param_failed() call location
record into a context dedicated to mbedtls_param_failed().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-02 09:39:37 +02:00
Ronald Cron
55d97f2ca8 tests: Remove usage of mbedtls_test_hexify for comparison
Do not hexify binary data to compare them, do compare
them directly. That simplifies the check code and save
memory.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-02 09:39:30 +02:00
Ronald Cron
ac6ae35150 tests: suites: Remove hex in name of variables of type data_t
Remove `hex` in name of variables of type data_t to reserve it
for variables of type char* that are the hexadecimal
representation of a data buffer.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-01 17:10:15 +02:00
Ronald Cron
ab500cb73c tests: Improve the documentation of mbedtls_test_unhexify()
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-07-01 17:10:15 +02:00
Janos Follath
41f20116da
Merge pull request #713 from ARMmbed/merge-2.23.0-release-to-development
Merge 2.23.0 release to development
2020-07-01 14:44:13 +01:00
Janos Follath
be9a5752c2 Merge tag 'mbedtls-2.23.0' into merge-2.23.0-release-to-development
Mbed TLS 2.23.0
2020-07-01 11:23:17 +01:00
Janos Follath
3ede1737dc
Merge pull request #710 from ARMmbed/mbedtls-2.23.0r0-pr
Prepare Release Candidate for Mbed TLS 2.23.0
2020-06-30 12:08:49 +01:00
Janos Follath
13cba685be Update ChangeLog header.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:48:24 +01:00
Janos Follath
0435cd8c23 Bump version to Mbed TLS 2.23.0
Executed "./scripts/bump_version.sh --version 2.23.0 --so-crypto 5"

A symbol has been removed from the mbedcrypto library since the last
release:
mbedtls_ecc_group_to_psa ( enum mbedtls_ecp_group_id grpid,
                           size_t* bits )

This is an ABI break and we need to increase the SO version.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:41:30 +01:00
Janos Follath
1959010c4b Assemble changelog
Executed scripts/assemble_changelog.py and manually fixed style where it
diverged from the instructions in ChangeLog.d/00README.md.

Manually added ChangeLog.d/bugfix_PR3405 which didn't have the .txt
extension as prescribed in ChangeLog.d/00README.md and deleted it
afterwards.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:35:07 +01:00
Gilles Peskine
82ac38ee5d
Merge pull request #3438 from ronald-cron-arm/programs-use-common-test-code
Add support to build and link test common code in programs
2020-06-29 10:29:36 +02:00
Ronald Cron
dd6bdb5056 cmake: Add comment about mbedtls_test target
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-29 09:21:54 +02:00
Gilles Peskine
7eefa22fb1 Fix copypasta in test case descriptions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 22:54:47 +02:00
Gilles Peskine
b20b873bff Remove metadata tests for features that are not implemented
The metadata tests depend on the corresponding feature because there
is no guarantee that the metadata is correct if the feature is
disabled. There are metadata test cases for some algorithms and key
types that are declared but not supported. These test cases are
present but can never run.

It is debatable whether having these test cases is a good thing in
case they become runnable in the future, or a bad thing because
they're dead code. We're working on detecting test cases that are
never executed for accidental reasons (e.g. typo in a dependency or
missing configuration on the CI), and having test cases that are
deliberately never executed messes this up. So remove these test
cases. If we do implement the corresponding feature, it'll be easy to
add the corresponding metadata test cases.

The features that had metadata tests but no implementations were:

* SHA-512/256 and SHA-512/224 (hypothetical dependency: MBEDTLS_SHA512_256)
* DSA (hypothetical dependency: MBEDTLS_DSA_C)
* SHA-3 and HMAC-SHA-3 (hypothetical dependency: MBEDTLS_SHA3_C)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 22:48:06 +02:00
Gilles Peskine
af9dbc9213 Fix dependency in PSA test cases
The test cases were never executed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 22:45:30 +02:00
Gilles Peskine
a911b32e2f Fix dependency in AES GCM test case
The test case was never executed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 22:40:58 +02:00
Gilles Peskine
961914df12
Merge pull request #3382 from stevew817/feature/volatile-keys-in-SE
Support volatile keys in external SE
2020-06-26 20:27:11 +02:00
Gilles Peskine
3d863f2631 Document the fields of TestCasesOutcomes
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 18:31:26 +02:00
Gilles Peskine
8d3c70a279 Check test case coverage
Check that every available test case in the test suites and ssl-opt.sh
has been executed at least once.

For the time being, only report a warning, because our coverage is
incomplete. Once we've updated all.sh to have full coverage, this
warning should become an error.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 18:29:34 +02:00
Gilles Peskine
15c2cbfed5 New script for test outcome analysis
This is a new script designed to analyze test outcomes collected
during a whole CI run.

This commit introduces the script, the code to read the outcome file,
and a very simple framework to report errors. It does not perform any
actual analysis yet.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 18:29:34 +02:00
Gilles Peskine
6f6ff3346d check_test_cases: move some functions into the logical class
With previous refactorings, some functions are now solely meant to be
called from other functions in a particular class. Move them into this
class.

No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 18:29:30 +02:00
Gilles Peskine
78c45dbb0f check_test_cases: move "walk" functions into a class
Make the structure more Pythonic: use classes for abstraction and
refinement, rather than higher-order functions.

Convert walk(function, state, data) into instance.walk(data) where
instance has a method that implements function and state is a field of
instance.

No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-26 18:29:25 +02:00
Manuel Pégourié-Gonnard
34c1e7d069 Add ChangeLog entry for base blinding protection
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-26 11:33:41 +02:00
Manuel Pégourié-Gonnard
750d3c76cb RSA: blind call to mpi_inv_mod() on secret value
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-26 11:22:18 +02:00
Manuel Pégourié-Gonnard
b3e3d79e1a RSA: remove redundant GCD call in prepare_blinding()
inv_mod() already returns a specific error code if the value is not
invertible, so no need to check in advance that it is. Also, this is a
preparation for blinding the call to inv_mod(), which is made easier by
avoiding the redundancy (otherwise the call to gcd() would need to be blinded
too).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-26 11:21:20 +02:00
Ronald Cron
00890e3d10 programs: psa: Link against mbedcrypto not mbedtls
All programs in programs/psa are crypto only thus
just link against mbedcrypto instead of mbedtls.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron
7d8661618b Use mbedtls_test_unhexify in programs
Use mbedtls_test_unhexify in programs instead of ad-hoc
implementations.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron
a0c2539c4c Rework mbedtls_test_unhexify()
Rework mbedtls_test_unhexify to extend its scope of usage.
Return in error when the function detects an error instead
of calling mbedtls_exit().
Improve safety by checking the output buffer is not overrun.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron
9ed4073ea5 tests: Get rid of mbedtls_test_unhexify() in unit test code
In test functions calling mbedtls_test_unhexify(), change the
type of the associated parameters from `char*` to `data_t`.

That way the `unhexify` operation is done by the test
framework and not by the unit test code.

Use for the new parameters of type data_t the name of the
local variable that use to store the `unhexify` version of
the `char*` parameter.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00
Ronald Cron
c7ba560481 tests: ccm: Prepare to char* to data_t* type change
In preparation of changing the type of some parameters
of mbedtls_ccm_star_encrypt_and_tag/auth_decrypt from
`char *` to `data_t` to get rid of the calls to
mbedtls_test_unhexify():

- Change the name of parameters and local variables to
  clarify which ones are related to the outputs of the
  library functions under test and which ones are
  related to the expected values of those outputs.

- Use two different buffers to store the plain and cipher
  text as expected by the library functions.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:16 +02:00