Gilles Peskine
2ac4d86040
Fix file leak in test program
...
A similar bug was fixed earlier in ssl_server2, but we missed the fix
in ssl_client2.
2020-01-21 17:39:52 +01:00
Gilles Peskine
b08e44fda7
Add missing return code check on call to mbedtls_md()
2020-01-21 16:56:14 +01:00
Gilles Peskine
84984ae220
Add missing return code check on calls to mbedtls_md()
2020-01-21 16:52:08 +01:00
Gilles Peskine
9018b11302
Check that mbedtls_mpi_grow succeeds
2020-01-21 16:30:53 +01:00
Gilles Peskine
292672eb12
If ASSERT_ALLOC_WEAK fails, mark the test as skipped, not passed
...
This was the intended behavior of ASSERT_ALLOC_WEAK all along, but
skipping was not implemented yet when ASSERT_ALLOC_WEAK was
introduced.
2020-01-21 16:20:04 +01:00
Gilles Peskine
42a1acfd0e
get_len_step: Fix end-of-buffer calculation when buffer_size==0
...
Fix get_len_step when buffer_size==0. The intent of this test is to
ensure (via static or runtime buffer overflow analysis) that
mbedtls_asn1_get_len does not attempt to access beyond the end of the
buffer. When buffer_size is 0 (reached from get_len when parsing a
1-byte buffer), the buffer is buf[1..1] because allocating a 0-byte
buffer might yield a null pointer rather than a valid pointer. In this
case the end of the buffer is p==buf+1, not buf+buffer_size which is
buf+0.
The test passed because calling mbedtls_asn1_get_len(&p,end,...) with
end < p happens to work, but this is not guaranteed.
2020-01-21 16:12:07 +01:00
Janos Follath
2e9f108fbd
Bump version to Mbed TLS 2.20.0
2020-01-21 14:08:26 +00:00
Gilles Peskine
a2bdcb9e3a
Remove redundant block_size validity check
...
Check the value only once, as soon as we've obtained it.
2020-01-21 15:02:14 +01:00
Gilles Peskine
28cd41676e
Fix possible error code mangling in psa_mac_verify_finish
...
If psa_mac_finish_internal fails (which can only happen due to bad
parameters or hardware problem), the error code was converted to
PSA_ERROR_INVALID_SIGNATURE if the uninitialized stack variable
actual_mac happened to contain the expected MAC. This is a minor bug
but it may be possible to leverage it as part of a longer attack path
in some scenarios.
Reported externally. Found by static analysis.
2020-01-20 16:31:06 +01:00
Janos Follath
83f33d33eb
Bump version to Mbed TLS 2.20.0
2020-01-20 14:52:29 +00:00
Jaeden Amero
dbcb44202c
Update Mbed Crypto to 3.0.0
2020-01-15 18:08:44 +00:00
Jaeden Amero
d56a2af3f8
Add date to ChangeLog for 2.20.0 release
2020-01-15 18:07:20 +00:00
Janos Follath
dbd3304e8f
Merge branch 'development' into development-restricted
2020-01-15 16:06:15 +00:00
Janos Follath
d27a88438f
Merge branch 'development' into development-restricted
2020-01-15 15:55:11 +00:00
Jaeden Amero
a337167543
Merge pull request #342 from Patater/reseed-counter-value-comment
...
ctr_drbg: Clarify reseed_counter values before seeding
2020-01-10 13:49:33 +00:00
Jaeden Amero
a15c71374b
ctr_drbg: Clarify reseed_counter values before seeding
...
Before the initial seeding, reseed_counter used to always be 0. Now, the
value depends on whether or not the user has explicitly set the amount
of data to get from the nonce (via e.g.
mbedtls_ctr_drbg_set_nonce_len()). Add comments to clarify the possible
values reseed_counter can have before the initial seeding.
2020-01-09 13:48:52 +00:00
Manuel Pégourié-Gonnard
1e6fb01448
Make SHA512_NO_SHA384 depend on SHA512_C
2020-01-07 11:00:34 +01:00
Manuel Pégourié-Gonnard
86a39bdbc5
Improve readability of test dependencies
...
- Always put MBEDTLS_SHA512_NO_SHA384 immediately after MBEDTLS_SHA512_C
- Remove duplicate occurrences of MBEDTLS_SHA512_NO_SHA384 on the same line
2020-01-07 10:24:17 +01:00
Manuel Pégourié-Gonnard
2d88549c6b
Improve readability of macro in selftest
2020-01-07 10:17:35 +01:00
Manuel Pégourié-Gonnard
0b9db441c8
Make optional parameter validation more precise
2020-01-07 10:14:54 +01:00
Manuel Pégourié-Gonnard
792b16d83b
Make more code paths conditional in psa_crypto.c
2020-01-07 10:13:18 +01:00
Manuel Pégourié-Gonnard
663ee2019a
Clarify documentation on is384.
2020-01-07 10:11:22 +01:00
Manuel Pégourié-Gonnard
20f236de37
Adjust depends-hashes.pl to test NO_SHA384 as well
2020-01-06 11:40:23 +01:00
Manuel Pégourié-Gonnard
d602084cde
Implement NO_SHA384 in MD layer and PSA
2020-01-06 11:40:23 +01:00
Manuel Pégourié-Gonnard
6ba5a3fc57
Declare test dependencies on !SHA512_NO_SHA384
2020-01-06 11:40:23 +01:00
Manuel Pégourié-Gonnard
39ea19a35c
Adapt sha512 selftest to NO_SHA384 option
2020-01-06 11:40:23 +01:00
Manuel Pégourié-Gonnard
3df4e60561
Implement SHA512_NO_SHA384 in sha512 module
...
Saves 140 bytes on sha512.o, measured with:
arm-none-eabi-gcc -Wall -Wextra -Iinclude -Os -mcpu=cortex-m0plus -mthumb -c library/sha512.c && arm-none-eabi-size sha512.o
arm-none-eabi-gcc (GNU Tools for Arm Embedded Processors 7-2018-q2-update) 7.3.1 20180622 (release) [ARM/embedded-7-branch revision 261907]
Todo:
- fix selftest
- fix dependencies in test suites
- implement in MD layer
2020-01-06 11:40:23 +01:00
Manuel Pégourié-Gonnard
ad6cb11461
Declare new config.h option MBEDTLS_SHA512_NO_SHA384
2020-01-06 11:40:23 +01:00
Jaeden Amero
252faff19f
Merge pull request #2966 from dgreen-arm/fix-pylint-warnings
...
Sideport: Fix some pylint warnings
2019-12-20 16:07:07 +00:00
Jaeden Amero
448d1cc854
Merge pull request #334 from dgreen-arm/fix-pylint-warnings
...
Fix some pylint warnings
2019-12-20 16:06:53 +00:00
Darryl Green
fb5faa2582
Fix some pylint warnings
...
Add docstrings where they were missing and fix a too-long line
2019-12-20 15:14:59 +00:00
Darryl Green
1822061093
Fix some pylint warnings
...
Add docstrings where they were missing and fix a too-long line
2019-12-20 15:13:45 +00:00
Gilles Peskine
180850a229
Merge pull request #291 from gilles-peskine-arm/ctr_drbg-test_aes_128
...
Test MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
2019-12-20 10:43:44 +01:00
Jaeden Amero
ccdeb47cdf
Merge pull request #2958 from yanesca/iotcrypt-942-initialise-return-values
...
Initialize return values to an error
2019-12-19 11:33:03 +00:00
Janos Follath
73c616bdc1
Put includes in alphabetical order
...
The library style is to start with the includes corresponding to the
current module and then the rest in alphabetical order. Some modules
have several header files (eg. ssl_internal.h).
The recently added error.h includes did not respect this convention and
this commit restores it. In some cases this is not possible just by
moving the error.h declarations. This commit fixes the pre-existing
order in these instances too.
2019-12-19 10:27:57 +00:00
Janos Follath
df587ee6d6
Remove duplicate include statement
...
Now that the Error module has error codes as well and is processed by
the generate_errors script like any other module, we don't need to
include the header manually.
2019-12-19 10:27:57 +00:00
Janos Follath
d8752858fc
Update crypto submodule
2019-12-19 10:27:04 +00:00
Jaeden Amero
795c6bab62
Merge pull request #323 from yanesca/iotcrypt-942-initialise-return-values
...
Initialise return values to an error
2019-12-19 10:24:22 +00:00
Jaeden Amero
40f923ecf7
Merge pull request #2961 from RonEld/update_readme_to_vs_2012
...
Update the VS version in the Readme file
2019-12-18 13:43:05 +00:00
Ron Eldor
05b44892c0
Change the version of VS
...
Change the miniaml version to the correct one - 2013. Revet the
VS version in the tests to 2010, since the solution file
hasn't been updated yet.
2019-12-18 14:28:18 +02:00
Ron Eldor
c5074be0ce
Update the VS version in the Readme file
...
Update the VS version in the README file to 2012, as this is the
minimal version supported.
2019-12-18 14:00:13 +02:00
Janos Follath
865b3ebf84
Initialize return values to an error
...
Initializing the return values to an error is best practice and makes
the library more robust against programmer errors.
2019-12-16 15:15:16 +00:00
Janos Follath
2d20567122
Add two error codes to the Error module
...
One of the error codes was already reserved, this commit just makes it
explicit. The other one is a new error code for initializing return
values in the library: `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` should
not be returned by the library. If it is returned, then it is surely a
bug in the library or somebody is tampering with the device.
2019-12-16 15:15:16 +00:00
Jaeden Amero
16027956cd
Merge pull request #333 from gilles-peskine-arm/psa-streamline_encodings-prepare_for_types
...
Streamline PSA key type encodings: prepare
2019-12-13 09:39:03 +00:00
Janos Follath
ab534cfd62
Fix number of allocated errors in Platform
2019-12-12 14:34:30 +00:00
Janos Follath
9c2ccd2e7a
Fix error code range in documentation
2019-12-12 14:24:46 +00:00
Jaeden Amero
88d1c05644
Merge pull request #2953 from gilles-peskine-arm/update-crypto-20191206
...
Update crypto submodule
2019-12-12 12:17:11 +00:00
Gilles Peskine
4cd3277656
Factor common code of psa_import_ec_{public,private}_key
2019-12-12 09:00:27 +01:00
Gilles Peskine
46c33801f3
Remove unused macros
2019-12-12 09:00:27 +01:00
Gilles Peskine
7a1925c453
Add a few EC public key import/export test cases
...
Test a Brainpool curve and a curve whose bit size is not a multiple of 8.
2019-12-12 09:00:27 +01:00