This commit adds a macro for buffer bounds checks in the SSL
module. It takes the buffer's current and end position as the
first argument(s), followed by the needed space; if the
available space is too small, it returns an SSL_BUFFER_TOO_SMALL
error.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The ssl_cli.c:ssl_write_supported_elliptic_curves_ext()
function is compiled only if MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C
or MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED is defined which
implies that MBEDTLS_ECP_C is defined. Thus remove the
precompiler conditions on MBEDTLS_ECP_C in its code.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The link pointed to the website, this information is out of date, the
correct place to start discussions is the mailing list.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Most of the documentation and some of the function names use
"asymmetric", so use "asymmetric" everywhere. Mention "public-key" in
key places to make the relevant functions easy to find if someone is
looking for that.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
On dual world platforms, we want to run the PK module (pk.c) on the NS
side so TLS can use PSA APIs via the PK interface. PK currently has a
hard dependency on mbedtls_ecc_group_to_psa() which is declared in
crypto_extra.h, but only defined in psa_crypto.c, which is only built
for the S side.
Without this change, dual world platforms get error messages like the
following.
[Error] @0,0: L6218E: Undefined symbol mbedtls_ecc_group_to_psa (referred from BUILD/LPC55S69_NS/ARM/mbed-os/features/mbedtls/mbed-crypto/src/pk.o)
Make mbedtls_ecc_group_to_psa() inline within crypto_extra.h so that it
is available to both NS and S world code.
Fixes#3300
Signed-off-by: Darryl Green <darryl.green@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Clear bits in mbedtls_ecc_group_to_psa() to avoid static analyzers and
possibly compilers from warning that bits may be used uninitialized in
certain code paths.
For example, if mbedtls_ecc_group_to_psa() were to be inlined in
crypto_extra.h, the following compiler warning is likely.
In file included from ../include/psa/crypto.h:3774:0,
from ../include/mbedtls/pk.h:49,
from pk.c:29:
pk.c: In function 'mbedtls_pk_wrap_as_opaque':
../include/psa/crypto_struct.h:460:33: error: 'bits' may be used uninitialized in this function [-Werror=maybe-uninitialized]
attributes->core.bits = (psa_key_bits_t) bits;
^~~~~~~~~~~~~~~~~~~~~
pk.c:608:12: note: 'bits' was declared here
size_t bits;
^~~~
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
The Cortex-A build is similar to Debian armel. The Cortex-M0+ is a
handy point of comparison for code size. Put that one last so that
it's easy to find in the log.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is supposed to be for GCC (or a compiler with a compatible
command line interface) targeting arm-none-eabi, so name it
accordingly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Travis Windows machines currently don't have Python 3 preinstalled.
We need it to run scripts/generate_psa_constants.py which is needed
to build mbedTLS.sln.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Only the Visual Studio 2017 toolset is currently preinstalled on Travis.
Use this, instead of our solution's default which is VS 2010.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Travis now offers a Windows environment. Do a build with Visual
Studio. This brings diversity into the Travis CI which otherwise only
uses GCC and Clang.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Keep it simple and mostly non-parametrizable for now.
A path to Visual Studio 2017 is hard-coded.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Just do the default build with Clang and run the unit tests. The
objective is to have one build on a Unix-like platform other than
Linux.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add a baremetal build to Travis, to catch inadvertent dependencies on
platform functions.
The exact choice of target platform doesn't matter for this purpose.
Pick one that's present in all.sh, that uses a compiler that's
available in the Travis build environment (Ubuntu 16.04), and that
happens to be close to the Debian "armel" distribution.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Call all.sh to run all the available test_depends_* components. This
adds a run of depends-hashes.pl and depends-pkgalgs.pl.
Keep invoking test-ref-configs.pl rather than via all.sh so that it
doesn't run with ASan. This saves some time and ASan there doesn't
turn up much more than in the full config.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Some jobs don't actually test against GnuTLS, but all.sh checks its
presence in all test jobs, so it needs to be installed regardless.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For the one long job with ASan, use the full configuration.
We get more coverage this way, at the cost of a slightly longer
runtime which we can afford since the "enumerated configurations" job
is slower.
Add a default-configuration build to the "basic checks" job. This job
is fairly quick (no ASan, no SSL testing).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This way anything we change in all.sh, such as adding tests for
programs/*/*, will be reflected here.
The build now uses GCC instead of Clang, which doesn't make much
difference in practice. The build now enables ASan and UBSan.
The tests now run compat.sh and ssl-opt.sh fully.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Different releases have different sets of sanity checks. Keep the list
in one place, namely all.sh.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>