Commit Graph

16701 Commits

Author SHA1 Message Date
Andrzej Kurek
2603fec329 Remove dummy timing implementation
Having such implementation might cause issues for those that
expect to have a working implementation.
Having a compile-time error is better in such case.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 08:28:50 -04:00
Dave Rodgman
28fd4cd8e9 Update ChangeLog.d/alert_reentrant.txt
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:58:19 +01:00
Hanno Becker
a349cfd585 Add ChangeLog entry
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:06:37 +01:00
Hanno Becker
d9c66c0509 Make alert sending function re-entrant
Fixes #1916

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:06:14 +01:00
Jacob Schloss
1882b9a8cd Fix spelling of 'features' in comment
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-04-08 11:48:57 +01:00
Gilles Peskine
e29a837ed3
Merge pull request #5705 from AndrzejKurek/off-by-one-ssl-opt-2-28
Backport 2.28 - Fix an off-by-one error in ssl-opt.sh
2022-04-07 16:20:58 +02:00
Andrzej Kurek
363553b5e4 Fix an off-by-one error in ssl-opt.sh
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-06 13:38:15 -04:00
Gilles Peskine
dbeaad3e0c Add missing logic for accelerated ECB under MBEDTLS_PSA_CRYPTO_CONFIG
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
bc79582105 Fix psa_mac_verify() returning BUFFER_TOO_SMALL
It doesn't make sense for psa_mac_verify() to return
PSA_ERROR_BUFFER_TOO_SMALL since it doesn't have an output buffer. But this
was happening when requesting the verification of an unsupported algorithm
whose output size is larger than the maximum supported MAC size, e.g.
HMAC-SHA-512 when building with only SHA-256 support. Arrange to return
PSA_ERROR_NOT_SUPPORTED instead.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
449e02e909 If a cipher algorithm is not supported, fail during setup
In some cases, a cipher operation for an unsupported algorithm could succeed
in psa_cipher_{encrypt,decrypt}_setup() and fail only when input is actually
fed. This is not a major bug, but it has several minor downsides: fail-late
is harder to diagnose for users than fail-early; some code size can be
gained; tests that expect failure for not-supported parameters would have to
be accommodated to also accept success.

This commit at least partially addresses the issue. The only completeness
goal in this commit is to pass our full CI, which discovered that disabling
only PSA_WANT_ALG_STREAM_CIPHER or PSA_WANT_ALG_ECB_NO_PADDING (but keeping
the relevant key type) allowed cipher setup to succeed, which caused
failures in test_suite_psa_crypto_op_fail.generated in
component_test_psa_crypto_config_accel_xxx.

Changes in this commit:
* mbedtls_cipher_info_from_psa() now returns NULL for unsupported cipher
  algorithms. (No change related to key types.)
* Some code that is only relevant for ECB is no longer built if
  PSA_WANT_ALG_ECB_NO_PADDING is disabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
161c5ee5ff Use a plausible input size with asymmetric verification
Otherwise the error status can be PSA_ERROR_INVALID_SIGNATURE instead of the
expected PSA_ERROR_NOT_SUPPORTED in some configurations. For example, the
RSA verification code currently checks the signature size first whenever
PSA_KEY_TYPE_RSA_PUBLIC_KEY is enabled, and only gets into
algorithm-specific code if this passes, so it returns INVALID_SIGNATURE even
if the specific algorithm is not supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
c2fc241e46 Test attempts to use a public key for a private-key operation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
739c98c5e8 Make psa_key_derivation_setup return early if the key agreement is not supported
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
ea0d95e27b Make psa_key_derivation_setup return early if the hash is not supported
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
cdacf0431b Simplify is_kdf_alg_supported in psa_key_derivation_setup_kdf
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
23cb12ef9f A key agreement algorithm can contain a key derivation
PSA_ALG_KEY_AGREEMENT(..., kdf) is a valid key derivation algorithm
when kdf is one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
d096445dfe In NOT_SUPPORTED test case descriptions, show what is not supported
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
35409be6aa Add a few manual test cases
They're redundant with the automatically generated test cases, but it's
useful to have them when debugging issues with the test code.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
f8b6b503b4 Systematically generate test cases for operation setup failure
The test suite test_suite_psa_crypto_op_fail now runs a large number
of automatically generated test cases which attempt to perform a
one-shot operation or to set up a multi-part operation with invalid
parameters. The following cases are fully covered (based on the
enumeration of valid algorithms and key types):
* An algorithm is not supported.
* The key type is not compatible with the algorithm (for operations
  that use a key).
* The algorithm is not compatible for the operation.

Some test functions allow the library to return PSA_ERROR_NOT_SUPPORTED
where the test code generator expects PSA_ERROR_INVALID_ARGUMENT or vice
versa. This may be refined in the future.

Some corner cases with algorithms combining a key agreement with a key
derivation are not handled properly. This will be fixed in follow-up
commits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
390543381c Add knowledge of the compatibility of key types and algorithms
Determine key types that are compatible with an algorithm based on
their names.

Key derivation and PAKE are not yet supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
0dacd4d266 Add knowledge of algorithms
Determine the category of operations supported by an algorithm based
on its name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
a218047245 Generate test cases for hash operation failure
Test that hash operation functions fail when given a hash algorithm
that is not supported or an algorithm that is not a hash.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
c05158bf86 New test suite for systematically generated operation failure tests
The new test suite psa_crypto_op_fail is intended for systematically
generated test cases that ensure that cryptographic operations with
invalid parameters fail as expected. I intend invalid parameters to
cover things like an invalid algorithm, an algorithm that is
incompatible with the operation, a key type that is incompatible with
the algorithm, etc.

This commit just creates the infrastructure. Subsequent commits will
add data generation and test code.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
2a71b72bd5 Add missing type annotation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
a296e48b2b Simplify key_for_usage_flags
Generate "with implication" and "without implication" usage test cases
separately.

The set of generated test cases is unchanged. The order, and the description
of "with implication" test cases, changes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
b5c4382bef check-generated-files.sh -u: don't update file timestamps
When running check-generated-files in update mode, all generated files were
regenerated. As a consequence,
```
tests/scripts/check-generated-files.sh -u && make
```
always caused most of the code to be rebuilt. Now, if a file hasn't changed,
preserve its original modification time (and other metadata), so the command
above doesn't rebuild anything that has actually not changed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:19:16 +02:00
Gilles Peskine
619cbfedc9
Merge pull request #5696 from yanesca/fix-lts-version-in-guidelines-2.28
Fix lts version in guidelines [2.28 Backport]
2022-04-05 11:11:22 +02:00
Janos Follath
b71c6259b4 Fix LTS version in contributing guidelines
The LTS branch hasn't been updated in the contributing guidelines.
Deleting it instead of updating as the information is available at the
link above and deleting prevents similar mistakes in the future.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-04-05 09:05:22 +01:00
Gilles Peskine
a8827d190f
Merge pull request #5542 from gilles-peskine-arm/config-baremetal-size-2.28
Backport 2.28: Disable debugging features in the primary code size measurement job
2022-04-04 16:13:05 +02:00
Dave Rodgman
f749930ab8
Merge pull request #5682 from daverodgman/migration_2.28
Update references to old Github organisation
2022-04-01 09:51:28 +01:00
Dave Rodgman
52af769878 Update references to old Github organisation
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-03-31 14:27:24 +01:00
Manuel Pégourié-Gonnard
3a7d7b926b
Merge pull request #5670 from bensze01/typo-2.28
[Backport 2.28] Fix comment typo in threading.c
2022-03-30 10:00:05 +02:00
Artur Allmann
e25dc1ccdc Fix typo "phtreads" to "pthreads"
Closes issue #5349

Signed-off-by: Artur Allmann <Artur.Allmann@tptlive.ee>
2022-03-29 17:56:55 +02:00
Manuel Pégourié-Gonnard
19f2d59184
Merge pull request #5660 from ronald-cron-arm/restore-full-compat-testing-2.28
Backport 2.28: Restore full compat testing
2022-03-28 18:31:25 +02:00
Ronald Cron
e7dad1f616 ssl_tls.c: Fix inappropriate use of ssl context
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-28 12:16:56 +02:00
Ronald Cron
f1ed5951e3 ssl_srv.c: Mark ETM as disabled if cipher is not CBC
Encrypt-Then-Mac (ETM) is supported in Mbed TLS
server for TLS version geater than SSLv3 and only
for the CBC cipher mode thus make it
clear in the SSL context.

The previous code was ok as long as the check of
the ETM status was done only in the case of the CBC
cipher mode but fragile as #5573 revealed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-28 12:16:13 +02:00
Ronald Cron
c2e2876e0e compat.sh: Fix check for OpenSSL support
If OpenSSL does not support a mode (tls12 or
dtls12 or tls13) just skip the tests involving
OpenSSL.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-25 16:32:38 +01:00
Ronald Cron
01e3c37f7b compat.sh: Restore full TLS compatibility testing
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-25 16:32:38 +01:00
Dave Rodgman
ce514def84
Merge pull request #5563 from AndrzejKurek/timeless-2.28
Backport 2.28: Fix builds with MBEDTLS_HAVE_TIME disabled and test
2022-03-15 16:43:18 +00:00
Dave Rodgman
2f39f191e3
Merge pull request #5603 from tom-cosgrove-arm/fix_test_md_api_violation-2.28
Backport 2.28: Fix test md api violation 2.28
2022-03-10 09:21:52 +00:00
Gilles Peskine
76d1cb26ef
Merge pull request #5601 from SiliconLabs/erase_secret_before_free_backport_2_28
Backport 2.28: Erase secrets in allocated memory before freeing said memory
2022-03-07 17:04:01 +01:00
Gilles Peskine
ecd119d241
Merge pull request #5605 from gilles-peskine-arm/storage-format-check-mononicity-2.28
Backport 2.28: Check storage format tests for regressions
2022-03-07 17:02:29 +01:00
Andrzej Kurek
478181d1f3 Refactor ssl_context_info time printing
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
388ee8a072 Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
161005b2be Add the timing test dependency on MBEDTLS_HAVE_TIME
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
65f93d5567 Fix udp_proxy dependency on MBEDTLS_HAVE_TIME
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
77daaad198 Provide a dummy implementation of timing.c
Also move the self test implementation guards 
so that alternate implementations must
provide their own.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
448cf48e18 Fix requirement mismatch in fuzz/common.c
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
516e1b0700 Add a missing guard for time.h in net_sockets.c
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00
Andrzej Kurek
c84150882b Add a changelog entry
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 15:25:42 -05:00