Commit Graph

7103 Commits

Author SHA1 Message Date
Gilles Peskine
b9cfe58180 DRBG documentation: Relate f_entropy arguments to the entropy module 2019-10-02 19:00:57 +02:00
Gilles Peskine
97edf5e1e2 Add ChangeLog entry for the DRBG documentation improvements 2019-10-02 19:00:29 +02:00
Jaeden Amero
5cc748e58f Merge remote-tracking branch 'origin/pr/2866' into mbedtls-2.7
* origin/pr/2866:
  Reduce stack usage of test_suite_pkcs1_v15
  Reduce stack usage of test_suite_pkcs1_v21
  Reduce stack usage of test_suite_rsa
  Reduce stack usage of test_suite_pk
2019-10-02 18:00:13 +01:00
Gilles Peskine
d89173066c HMAC_DRBG documentation improvements
* State explicit whether several numbers are in bits or bytes.
* Clarify whether buffer pointer parameters can be NULL.
* Minor wording and formatting improvements.
2019-10-02 19:00:06 +02:00
Jaeden Amero
2fc6cf5da7 Merge remote-tracking branch 'origin/pr/2704' into mbedtls-2.7
* origin/pr/2704:
  Adapt auth_crypt_tv usage to 2.7
  Add missing dependencies in test_suite_cipher.gcm
  Adapt ChangeLog
  Add NIST AES GCM test vectors to single-step cipher API test suite
2019-10-02 17:56:38 +01:00
Gilles Peskine
eb99c1028f CTR_DRBG: explain the security strength and the entropy input length
Explain what how entropy input length is determined from the
configuration, and how this in turn determines the security strength.
Explain how the nonce is obtained during initialization.
2019-10-02 18:56:17 +02:00
Gilles Peskine
25e1945321 CTR_DRBG documentation improvements
* State explicit whether several numbers are in bits or bytes.
* Clarify whether buffer pointer parameters can be NULL.
* Clarify some terminology.
* Minor wording and formatting improvements.
2019-10-02 18:54:20 +02:00
Ron Eldor
0ab4092e2d Reduce stack usage of test_suite_pkcs1_v15
Reduce the stack usage of the `test_suite_pkcs1_v15` by reducing the
size of the buffers used in the tests, to a reasonable big enough size.
2019-10-02 14:34:24 +03:00
Ron Eldor
dd4277f70d Reduce stack usage of test_suite_pkcs1_v21
Reduce the stack usage of the `test_suite_pkcs1_v21` by reducing the
size of the buffers used in the tests, to a reasonable big enough size,
and change the size sent to the API to sizeof output.
2019-10-02 14:34:24 +03:00
Ron Eldor
b3d3973264 Reduce stack usage of test_suite_rsa
Reduce the stack usage of the `test_suite_rsa` by reducing the
size of the buffers used in the tests, to a reasonable big enough size,
and change the data size to decrypt in the data file.
2019-10-02 14:34:24 +03:00
Ron Eldor
6827d1c588 Reduce stack usage of test_suite_pk
Reduce the stack usage of the `test_suite_pk` by reducing the
size of the buffers used in the tests, to a reasonable big enough size.
2019-10-02 14:34:17 +03:00
Gilles Peskine
0981a5d7ab Add a test component with malloc(0) returning NULL
Exercise the library functions with calloc returning NULL for a size
of 0. Make this a separate job with UBSan (and ASan) to detect
places where we try to dereference the result of calloc(0) or to do
things like

    buf = calloc(size, 1);
    if (buf == NULL && size != 0) return INSUFFICIENT_MEMORY;
    memcpy(buf, source, size);

which has undefined behavior when buf is NULL at the memcpy call even
if size is 0.

This is needed because other test components jobs either use the system
malloc which returns non-NULL on Linux and FreeBSD, or the
memory_buffer_alloc malloc which returns NULL but does not give as
useful feedback with ASan (because the whole heap is a single C
object).
2019-09-30 14:01:37 +02:00
Gilles Peskine
ea5d3571b0 Add a calloc self-test
Add a very basic test of calloc to the selftest program. The selftest
program acts in its capacity as a platform compatibility checker rather
than in its capacity as a test of the library.

The main objective is to report whether calloc returns NULL for a size
of 0. Also observe whether a free/alloc sequence returns the address
that was just freed and whether a size overflow is properly detected.
2019-09-30 13:59:47 +02:00
Jaeden Amero
d28b9b3c5d Merge remote-tracking branch 'origin/pr/2828' into mbedtls-2.7
* origin/pr/2828:
  Enable MBEDTLS_MEMORY_DEBUG in memory buffer alloc test in all.sh
  Remove unnecessary memory buffer alloc unsets
  Disable DTLS proxy tests for MEMORY_BUFFER_ALLOC test
  all.sh: restructure memory allocator tests
  Add missing dependency in memory buffer alloc set in all.sh
  Don't set MBEDTLS_MEMORY_DEBUG through `scripts/config.pl full`
  Add cfg dep MBEDTLS_MEMORY_DEBUG->MBEDTLS_MEMORY_BUFFER_ALLOC_C
  Add all.sh run with full config and ASan enabled
  Add all.sh run with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled
  Update documentation of exceptions for `config.pl full`
  Adapt all.sh to removal of buffer allocator from full config
  Disable memory buffer allocator in full config
  Check dependencies of MBEDTLS_MEMORY_BACKTRACE in check_config.h
2019-09-12 16:46:11 +01:00
Andrzej Kurek
9b1c248209 Enable MBEDTLS_MEMORY_DEBUG in memory buffer alloc test in all.sh 2019-09-10 02:58:34 -04:00
Andrzej Kurek
7eb7f8db8b Remove unnecessary memory buffer alloc unsets
This define is turned off by default
2019-09-09 07:32:48 -04:00
Andrzej Kurek
6addfdd190 Disable DTLS proxy tests for MEMORY_BUFFER_ALLOC test 2019-09-09 07:22:13 -04:00
Andrzej Kurek
9a461a1cd7 all.sh: restructure memory allocator tests
Run basic tests and ssl-opt with memory backtrace disabled, then
run basic tests only with it enabled.
2019-09-09 07:22:03 -04:00
Hanno Becker
7aad93c9da Add missing dependency in memory buffer alloc set in all.sh 2019-09-09 07:21:52 -04:00
Hanno Becker
19aa89ad47 Don't set MBEDTLS_MEMORY_DEBUG through scripts/config.pl full 2019-09-09 07:21:40 -04:00
Hanno Becker
8561115cb8 Add cfg dep MBEDTLS_MEMORY_DEBUG->MBEDTLS_MEMORY_BUFFER_ALLOC_C 2019-09-09 07:20:04 -04:00
Hanno Becker
167ae43852 Add all.sh run with full config and ASan enabled 2019-09-09 07:15:19 -04:00
Hanno Becker
f5baaaaf89 Add all.sh run with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled
With the removal of MBEDTLS_MEMORY_BUFFER_ALLOC_C from the
full config, there are no tests for it remaining in all.sh.
This commit adds a build as well as runs of `make test` and
`ssl-opt.sh` with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled to all.sh.
2019-09-09 07:15:00 -04:00
Andrzej Kurek
e1c62e6641 Update documentation of exceptions for config.pl full 2019-09-09 07:12:31 -04:00
Andrzej Kurek
c7f97f1c8d Adapt all.sh to removal of buffer allocator from full config
Previously, numerous all.sh tests manually disabled the buffer allocator
or memory backtracting after setting a full config as the starting point.

With the removal of MBEDTLS_MEMORY_BACKTRACE and MBEDTLS_MEMORY_BUFFER_ALLOC_C
from full configs, this is no longer necessary.
2019-09-09 07:10:39 -04:00
Hanno Becker
26c333ac01 Disable memory buffer allocator in full config
This commit modifies `config.pl` to not set MBEDTLS_MEMORY_BUFFER_ALLOC
with the `full` option.
2019-09-09 06:34:30 -04:00
Hanno Becker
76ef31116b Check dependencies of MBEDTLS_MEMORY_BACKTRACE in check_config.h 2019-09-09 06:34:06 -04:00
Jaeden Amero
14c6762351 Merge remote-tracking branch 'origin/pr/2822' into mbedtls-2.7
* origin/pr/2822:
  Bump version to Mbed TLS 2.7.12
2019-09-06 13:35:10 +01:00
Jaeden Amero
d7bd10dc89 Bump version to Mbed TLS 2.7.12 2019-09-06 13:28:28 +01:00
Jaeden Amero
e1d93e5552 Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  ssl-opt.sh: wait for proxy to start before running the script further
2019-09-05 18:14:28 +01:00
Jaeden Amero
2396abfb8b Merge remote-tracking branch 'origin/pr/2816' into mbedtls-2.7
* origin/pr/2816:
  ssl-opt.sh: wait for proxy to start before running the script further
2019-09-05 14:24:25 +01:00
Unknown
b86bcb4f71 ssl-opt.sh: wait for proxy to start before running the script further 2019-09-04 06:09:26 -04:00
Jaeden Amero
20b77ecb4a Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  Add ChangeLog entry
  fix memory leak in mpi_miller_rabin()
2019-09-03 19:42:50 +01:00
Jaeden Amero
68cfefee34 Merge remote-tracking branch 'origin/pr/2399' into mbedtls-2.7
* origin/pr/2399:
  Add ChangeLog entry
  fix memory leak in mpi_miller_rabin()
2019-09-03 16:32:06 +01:00
Jaeden Amero
dfe95aefce Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  HMAC DRBG: Split entropy-gathering requests to reduce request sizes
2019-08-30 14:31:21 +01:00
Jaeden Amero
70ad1d3380 Merge remote-tracking branch 'origin/pr/2812' into mbedtls-2.7
* origin/pr/2812:
  HMAC DRBG: Split entropy-gathering requests to reduce request sizes
2019-08-30 13:03:42 +01:00
Hanno Becker
b98e326455 HMAC DRBG: Split entropy-gathering requests to reduce request sizes
According to SP800-90A, the DRBG seeding process should use a nonce
of length `security_strength / 2` bits as part of the DRBG seed. It
further notes that this nonce may be drawn from the same source of
entropy that is used for the first `security_strength` bits of the
DRBG seed. The present HMAC DRBG implementation does that, requesting
`security_strength * 3 / 2` bits of entropy from the configured entropy
source in total to form the initial part of the DRBG seed.

However, some entropy sources may have thresholds in terms of how much
entropy they can provide in a single call to their entropy gathering
function which may be exceeded by the present HMAC DRBG implementation
even if the threshold is not smaller than `security_strength` bits.
Specifically, this is the case for our own entropy module implementation
which only allows requesting at most 32 Bytes of entropy at a time
in configurations disabling SHA-512, and this leads to runtime failure
of HMAC DRBG when used with Mbed Crypto' own entropy callbacks in such
configurations.

This commit fixes this by splitting the seed entropy acquisition into
two calls, one requesting `security_strength` bits first, and another
one requesting `security_strength / 2` bits for the nonce.

Fixes #237.
2019-08-30 12:16:55 +01:00
Gilles Peskine
ad72522fad Merge remote-tracking branch 'upstream-restricted/mbedtls-2.7-proposed' into mbedtls-2.7-restricted 2019-08-14 16:30:13 +02:00
Gilles Peskine
3b8cf47004 Merge remote-tracking branch 'upstream-restricted/pr/508' into mbedtls-2.7-restricted 2019-08-14 16:25:10 +02:00
Gilles Peskine
298a43a77e Merge remote-tracking branch 'upstream-restricted/pr/549' into mbedtls-2.7-restricted 2019-08-14 16:24:51 +02:00
Gilles Peskine
ab327dfec7 Merge remote-tracking branch 'upstream-restricted/pr/614' into mbedtls-2.7-restricted 2019-08-14 16:24:08 +02:00
Gilles Peskine
0e08fff32f Merge remote-tracking branch 'upstream-public/pr/2737' into mbedtls-2.7 2019-08-14 16:00:47 +02:00
Gilles Peskine
c7ad7ed185 Merge remote-tracking branch 'upstream-public/pr/2755' into mbedtls-2.7 2019-08-14 15:59:21 +02:00
Gilles Peskine
bed094b1ca Merge remote-tracking branch 'upstream-public/pr/2787' into mbedtls-2.7 2019-08-14 15:57:37 +02:00
Gilles Peskine
6ad89c2a3a Exclude DTLS 1.2 only with older OpenSSL
compat.sh used to skip OpenSSL altogether for DTLS 1.2, because older
versions of OpenSSL didn't support it. But these days it is supported.

We don't want to use DTLS 1.2 with OpenSSL unconditionally, because we
still use legacy versions of OpenSSL to test with legacy ciphers. So
check whether the version we're using supports it.
2019-08-13 11:44:30 +02:00
Gilles Peskine
97abe799eb
Merge pull request #2774 from gilles-peskine-arm/pr_2418-changelog
Backport 2.7: Changelog entry for test certificates update
2019-08-06 10:51:32 +02:00
Gilles Peskine
5d3be4a0f8
Merge pull request #640 from ARMmbed/mbedtls-2.7-proposed
Merge mbedtls-2.7 into mbedtls-2.7-restricted
2019-08-05 11:06:45 +02:00
Gilles Peskine
cabbd2e954 Changelog entry for test certificates update 2019-08-03 14:11:14 +02:00
Gilles Peskine
ad8c9bf7e0
Merge pull request #2418 from RonEld/Backport2.7_2734
Backport 2.7: Update soon to be expired crl
2019-08-03 13:38:23 +02:00
Gilles Peskine
745e2a1c96
Merge pull request #2762 from dgreen-arm/backport-2.7-fix-rev-parse-in-abi-script
Backport 2.7: Change worktree_rev to HEAD for rev-parse
2019-08-03 13:37:21 +02:00