Commit Graph

1500 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
af63c21466 Fix issue in testing SHA-1 compile-time option 2017-06-08 17:51:08 +02:00
Hanno Becker
e6706e62d8 Add tests for missing CA chains and bad curves.
This commit adds four tests to tests/ssl-opt.sh:
(1) & (2): Check behaviour of optional/required verification when the
trusted CA chain is empty.
(3) & (4): Check behaviour of optional/required verification when the
client receives a server certificate with an unsupported curve.
2017-06-07 11:26:59 +01:00
Manuel Pégourié-Gonnard
ddc6e52cc1 Merge remote-tracking branch 'gilles/iotssl-1223/development' into development
* gilles/iotssl-1223/development:
  Fix FALLBACK_SCSV parsing
2017-06-06 20:11:36 +02:00
Manuel Pégourié-Gonnard
383a118338 Merge remote-tracking branch 'gilles/IOTSSL-1330/development' into development
* gilles/IOTSSL-1330/development:
  Changelog entry for the bug fixes
  SSLv3: when refusing renegotiation, stop processing
  Ignore failures when sending fatal alerts
  Cleaned up double variable declaration
  Code portability fix
  Added changelog entry
  Send TLS alerts in many more cases
  Skip all non-executables in run-test-suites.pl
  SSL tests: server requires auth, client has no certificate
  Balanced braces across preprocessor conditionals
  Support setting the ports on the command line
2017-06-06 19:22:41 +02:00
Gilles Peskine
f11d33b2df Cleaned up negative test predicate for test case
The test infrastructure does support negative predicates for test
cases, thanks to Andreas for letting me know.
2017-06-06 19:16:18 +02:00
Gilles Peskine
2a458daa11 all.sh: test with SHA-1 enabled
Enabling SHA-1 for certificates is deprecated but we still want it to work.

Thanks to @andresag01
2017-06-06 18:44:14 +02:00
Gilles Peskine
5d2511c4d4 SHA-1 deprecation: allow it in key exchange
By default, keep allowing SHA-1 in key exchange signatures. Disabling
it causes compatibility issues, especially with clients that use
TLS1.2 but don't send the signature_algorithms extension.

SHA-1 is forbidden in certificates by default, since it's vulnerable
to offline collision-based attacks.
2017-06-06 18:44:14 +02:00
Gilles Peskine
fd14bca6dc Document test data makefile 2017-06-06 18:44:14 +02:00
Gilles Peskine
4fa6bed0c6 X.509 tests: obey compile-time SHA-1 support option
There is now one test case to validate that SHA-1 is rejected in
certificates by default, and one test case to validate that SHA-1 is
supported if MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 is #defined.
2017-06-06 18:44:14 +02:00
Gilles Peskine
62469d95e2 Allow SHA-1 in test scripts 2017-06-06 18:44:14 +02:00
Gilles Peskine
bc70a1836b Test that SHA-1 defaults off
Added tests to validate that certificates signed using SHA-1 are
rejected by default, but accepted if SHA-1 is explicitly enabled.
2017-06-06 18:44:14 +02:00
Gilles Peskine
2dc81a0cbc Test that X.509 verification rejects SHA-256 by default 2017-06-06 18:44:13 +02:00
Gilles Peskine
ef86ab238f Allow SHA-1 in X.509 and TLS tests
SHA-1 is now disabled by default in the X.509 layer. Explicitly enable
it in our tests for now. Updating all the test data to SHA-256 should
be done over time.
2017-06-06 18:44:13 +02:00
Gilles Peskine
f040a17604 Added SHA256 test certificates
With SHA-1 deprecation, we need a few certificates using algorithms in
the default support list. Most tests still use SHA-1 though.

The generation process for the new certificates is recorded in the makefile.
2017-06-06 18:44:13 +02:00
Hanno Becker
8435c381bd Remove use of size zero array in ECJPAKE test suite
The ECJPAKE test suite uses a size zero array for the empty password
used in the tests, which is not valid C. This commit fixes this.

This originally showed up as a compilation failure on Visual Studio
2015, documented in IOTSSL-1242, but can also be observed with GCC
when using the -Wpedantic compilation option.
2017-06-05 15:10:59 +01:00
Gilles Peskine
d50177fdf3 Fix FALLBACK_SCSV parsing
Fixed a bug in ssl_srv.c when parsing TLS_FALLBACK_SCSV in the
ciphersuite list that caused it to miss it sometimes. Reported by Hugo
Leisink as issue #810. Fix initially by @andreasag01; this commit
isolates the bug fix and adds a non-regression test.
2017-05-16 17:53:03 +02:00
Simon Butcher
9f77017a8d Updated version number to 2.5.0 2017-05-16 10:22:37 +01:00
Janos Follath
89baba2375 Add tests for the CA suppression option 2017-05-16 10:22:37 +01:00
Andres Amaya Garcia
d3f0f5e1c8 Fix check-doxy-blocks.pl to run from root dir
Modify tests/scripts/check-doxy-blocks.pl to ensure that:
  * It can only be run from the mbed TLS root directory.
  * An error code is returned to the environment when a potential error
    in the source code is found.
2017-05-12 00:16:50 +01:00
Andres AG
5c79d25d94 Add PK tests to avoid hashlen overflow for RSA 2017-05-11 21:58:25 +01:00
Manuel Pégourié-Gonnard
c1380de887 RSA PKCS1v1.5 verification: check padding length
The test case was generated by modifying our signature code so that it
produces a 7-byte long padding (which also means garbage at the end, so it is
essential in to check that the error that is detected first is indeed the
padding rather than the final length check).
2017-05-11 13:10:13 +02:00
Hanno Becker
4bcb4914c5 Abort modular inversion when modulus is one.
The modular inversion function hangs when provided with the modulus 1. This commit refuses this modulus with a BAD_INPUT error code. It also adds a test for this case.
2017-05-08 14:47:04 +01:00
Gilles Peskine
1cc8e3472a Send TLS alerts in many more cases
The TLS client and server code was usually closing the connection in
case of a fatal error without sending an alert. This commit adds
alerts in many cases.

Added one test case to detect that we send the alert, where a server
complains that the client's certificate is from an unknown CA (case
tracked internally as IOTSSL-1330).
2017-05-03 16:28:34 +02:00
Gilles Peskine
071db41627 Skip all non-executables in run-test-suites.pl
The script was blacklisting extensions. Rather than keep adding to the
extensions, whitelist executables.
2017-05-03 16:26:47 +02:00
Gilles Peskine
fd8332e15f SSL tests: server requires auth, client has no certificate
Added explicit test cases where the client has no certificate but the
server requires one.
2017-05-03 16:25:07 +02:00
Gilles Peskine
f93c7d3ab0 Support setting the ports on the command line
Added command line arguments --port and --proxy-port to choose the
ports explicitly instead of deriving them from the PID. This
facilitates debugging e.g. with Wireshark.
2017-04-26 16:41:55 +02:00
Hanno Becker
a4af1c47d2 Correct sign in modular exponentiation algorithm.
The modular exponentiation function  handled the sign incorrectly. This commit fixes this and a test case which should have caught it.
2017-04-18 09:07:45 +01:00
Andres AG
d1cc7f6f34 Fix buffer overflow in mbedtls_mpi_write_string()
Fix a buffer overflow when writting a string representation of an MPI
number to a buffer in hexadecimal. The problem occurs because hex
digits are written in pairs and this is not accounted for in the
calculation of the required buffer size when the number of digits is
odd.
2017-03-02 21:34:21 +00:00
Andres AG
99acfc4521 Fix failing pkparse test case
The first three test cases from test_suites_pkparse.data failed because
the key file they read requires DES to be read. However, MBEDTLS_DES_C
was missing from the dependency list.
2017-03-02 16:01:08 +00:00
Janos Follath
28fff14113 Add invalid key tests for curve SECP224K1
This curve has special arithmetic on 64 bit platforms and an untested
path lead to trying to free a buffer on the stack.

For the sake of completeness, a test case for a point with non-affine
coordinates has been added as well.
2017-02-28 18:41:39 +00:00
Janos Follath
ea7054a00c Add unit tests for X509 certificate date parsing 2017-02-28 14:23:12 +00:00
Simon Butcher
fc794ff2b7 Merge branch 'iotssl-1071-ca-flags'
Fixes a regression introduced by an earlier commit that modified
x509_crt_verify_top() to ensure that valid certificates that are after past or
future valid in the chain are processed. However the change introduced a change
in behaviour that caused the verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in the
verification regardless of the cause.

The fix maintains both behaviours:

 * Ensure that valid certificates after future and past are verified
 * Ensure that the correct verification flags are set.
2017-02-27 19:06:05 +00:00
Simon Butcher
0278a38f10 Merge branch 'iotssl-1077-dos-crl'
Modifies the function mbedtls_x509_crl_parse() to ensure that a CRL in PEM
format with trailing characters after the footer does not result in the
execution of an infinite loop.
2017-02-26 01:16:02 +00:00
Simon Butcher
9cfdf2caa7 Merge branch 'development-restricted' 2017-02-15 23:55:22 +02:00
Andres Amaya Garcia
6a54336897 Fix integer overflows in buffer bound checks
Fix potential integer overflows in the following functions:
  * mbedtls_md2_update() to be bypassed and cause
  * mbedtls_cipher_update()
  * mbedtls_ctr_drbg_reseed()
This overflows would mainly be exploitable in 32-bit systems and could
cause buffer bound checks to be bypassed.
2017-02-15 23:31:07 +02:00
Andres AG
49d29337fa Add tests for overreads in pem_read_buffer() 2017-02-15 23:31:07 +02:00
Andres AG
13fb6e7271 Add DTLS test to check 6 byte record ctr is cmp
Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
the TLS case. Because currently there are no testing facilities to check
that renegotiation routines are triggered after X number of input/output
messages, the test consists on setting a renegotiation period that
cannot be represented in 6 bytes, but whose least-significant byte is 2.
If the library behaves correctly, the renegotiation routines will be
executed after two exchanged.
2017-02-15 23:26:35 +02:00
Simon Butcher
ba6aa63578 Fix all.sh test builds with recent glibc and clang
Fixes strict C99 builds in all.sh with glibc version >2.19 where platform support
wasn't being compiled in automatically.

Also fixes C99 syntax with armclang.
2017-02-15 23:25:08 +02:00
Simon Butcher
53716395b2 Clarify use of armcc in all.sh 2017-02-15 23:23:22 +02:00
Andres AG
0911f0880c Add -march argument to armc6 build tests 2017-02-15 23:23:22 +02:00
Andres AG
7f08d7a35a Modify output_env.sh to make it extensible 2017-02-15 23:23:22 +02:00
Andres AG
9e3fba09fd Add ARM Compiler 6 build tests to all.sh 2017-02-15 23:23:22 +02:00
Janos Follath
4c006cdb1c Update library version number to 2.4.1 2017-02-15 22:55:55 +02:00
Simon B
8477d37ee6 Remove need for elevated command line in Windows
Changes use of mklink in Windows test builds, to create junctions instead of
directory symbolic links. This removes the need for an elevated command prompt
when running cmake to create the Visual Studio project files.
2017-02-15 09:08:26 +00:00
Simon Butcher
1e6f5ac127 Make mingw test build a requirement of all.sh
Changed the mingw test build to be a required test of the all.sh script.
2017-02-15 09:08:26 +00:00
Simon Butcher
4ae4fdcd99 Fix mingw test build to avoid executing the tests
Changed the mingw build target to avoid building mingw test suites and
then attempting to run them which was failing on Linux.
2017-02-15 09:08:26 +00:00
Simon Butcher
9510cc1a18 Make the test builds much stricter for warnings
Tighten up the test options in all.sh, test-ref-configs.pl and curves.pl
to ensure the builds are strict for all warnings, warnings are treated
as errors, and that wherever possible builds are strict to the C99
standard. (Note that builds that use the Unix sockets API cannot be).
2017-02-15 09:08:26 +00:00
Andres AG
342889fdbe Remove unused var warnings in windows unittests 2017-02-15 09:08:26 +00:00
Simon B
24d9a4cf8d Fix config of compiler warning flags with MSVC
Compiler warnings were being configured twice and not suppressed on the
test suites with Microsoft Visual Studio.
2017-02-15 09:08:26 +00:00
Andres AG
b9d3db68c6 Use MAKEFLAGS to pass args to make in all.sh
Modify the script at tests/scripts/all.sh to export the variable
MAKEFLAGS with -j if it was not set before. This should decrease the
total runtime of tests/scripts/all.sh by letting make run multiple jobs
in parallel. Also, add a check at the top of the script to cause a
failure if the environment is not Linux.
2017-02-15 09:08:26 +00:00
Andres Amaya Garcia
f7cf56fa45 Fix integer overflows in buffer bound checks
Fix potential integer overflows in the following functions:
  * mbedtls_md2_update() to be bypassed and cause
  * mbedtls_cipher_update()
  * mbedtls_ctr_drbg_reseed()
This overflows would mainly be exploitable in 32-bit systems and could
cause buffer bound checks to be bypassed.
2017-02-08 12:04:24 +00:00
Andres AG
f535662894 Add tests for overreads in pem_read_buffer() 2017-02-08 12:03:46 +00:00
Simon Butcher
1d4db5b7b5 Merge 'iotssl-1099-incorrect-renego-dtls'
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
2017-02-02 23:47:08 +00:00
Andres AG
9060d4da08 Fix generate_code.pl to handle escaped : 2017-02-02 14:38:13 +00:00
Andres AG
9f430c15d8 Add tests for out flags from x509_crt_verify_top()
The tests load certificate chains from files. The CA chains contain a
past or future certificate and an invalid certificate. The test then
checks that the flags set are MBEDTLS_X509_BADCERT_EXPIRED or
MBEDTLS_X509_BADCERT_FUTURE.
2017-01-20 13:52:01 +00:00
Andres AG
a39db394db Add test for infinite loop in CRL parse 2017-01-19 17:10:51 +00:00
Andres AG
692ad84e5c Add DTLS test to check 6 byte record ctr is cmp
Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
the TLS case. Because currently there are no testing facilities to check
that renegotiation routines are triggered after X number of input/output
messages, the test consists on setting a renegotiation period that
cannot be represented in 6 bytes, but whose least-significant byte is 2.
If the library behaves correctly, the renegotiation routines will be
executed after two exchanged.
2017-01-19 16:30:57 +00:00
Simon Butcher
cb587009d6 Fix all.sh test builds with recent glibc and clang
Fixes strict C99 builds in all.sh with glibc version >2.19 where platform support
wasn't being compiled in automatically.

Also fixes C99 syntax with armclang.
2017-01-06 16:14:44 +00:00
Simon Butcher
105e856143 Merge branch 'gcc-compiler-warnings' 2017-01-05 18:26:40 +00:00
Simon Butcher
49f00bd81d Clarify use of armcc in all.sh 2017-01-05 16:20:56 +00:00
Andres AG
a5cd973047 Add -march argument to armc6 build tests 2017-01-05 10:15:00 +00:00
Andres AG
31f9b5bdd8 Modify output_env.sh to make it extensible 2017-01-05 10:14:51 +00:00
Andres AG
87bb577cfb Add ARM Compiler 6 build tests to all.sh 2017-01-03 10:12:11 +00:00
Simon Butcher
710dd4fdd6 Merge branch 'speedup_tests'
Pull Request #533 - Use MAKEFLAGS to pass args to make in all.sh

Modify the script at tests/scripts/all.sh to export the variable
MAKEFLAGS with -j if it was not set before. This should decrease the
total runtime of tests/scripts/all.sh by letting make run multiple jobs
in parallel. Also, add a check at the top of the script to cause a
failure if the environment is not Linux.w
2016-12-30 19:09:40 +00:00
Janos Follath
1808dc01bd Update library version number to 2.4.1 2016-12-13 16:00:52 +00:00
Andres AG
9c94b6951c Add tests for overreads in pem_read_buffer() 2016-11-21 11:03:40 +00:00
Simon B
d473c1f359 Remove need for elevated command line in Windows
Changes use of mklink in Windows test builds, to create junctions instead of
directory symbolic links. This removes the need for an elevated command prompt
when running cmake to create the Visual Studio project files.
2016-11-17 16:04:33 +00:00
Simon Butcher
002bc6262b Make mingw test build a requirement of all.sh
Changed the mingw test build to be a required test of the all.sh script.
2016-11-17 09:27:45 +00:00
Simon Butcher
91aef33832 Fix mingw test build to avoid executing the tests
Changed the mingw build target to avoid building mingw test suites and
then attempting to run them which was failing on Linux.
2016-11-17 09:22:47 +00:00
Simon Butcher
f95c1764fa Make the test builds much stricter for warnings
Tighten up the test options in all.sh, test-ref-configs.pl and curves.pl
to ensure the builds are strict for all warnings, warnings are treated
as errors, and that wherever possible builds are strict to the C99
standard. (Note that builds that use the Unix sockets API cannot be).
2016-11-17 09:22:46 +00:00
Andres AG
ea67eeb4e8 Remove unused var warnings in windows unittests 2016-11-10 17:22:12 +00:00
Simon B
9b3e3c4942 Fix config of compiler warning flags with MSVC
Compiler warnings were being configured twice and not suppressed on the
test suites with Microsoft Visual Studio.
2016-11-10 15:37:33 +00:00
Simon Butcher
16c54ee9c8 Update library version number to 2.4.0 2016-10-16 19:34:39 +01:00
Simon Butcher
8e00410402 Merge fix for AEAD Random IVs 2016-10-14 00:48:33 +01:00
Simon Butcher
9800a058ae Merge branch 'development' 2016-10-13 17:25:56 +01:00
Simon Butcher
99000142cb Merge fix for IE Certificate Compatibility 2016-10-13 17:21:01 +01:00
Simon Butcher
488c08c00b Merge branch fixing date validity in X.509 2016-10-13 16:13:09 +01:00
Janos Follath
f45dab1939 Fix global variable shadowing 2016-10-13 13:54:48 +01:00
Simon Butcher
6437b221a3 Fix stdio redirection memory leak in test suites 2016-10-13 13:54:48 +01:00
Janos Follath
e5dc202469 Restore P>Q in RSA key generation (#558)
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.

This commit restores this behaviour.
2016-10-13 13:54:48 +01:00
Janos Follath
d7b9049806 Fix memory leaks in CMAC tests 2016-10-13 13:53:56 +01:00
Andres AG
fe4db8f575 Fix memory leak in test_suite_cmac.function 2016-10-13 13:53:56 +01:00
Andres AG
f04f54d432 Add seed cmdline arg to test scripts 2016-10-13 13:53:33 +01:00
Janos Follath
2d9c46767a Fix minor style issues in test framework 2016-10-13 13:53:13 +01:00
Simon Butcher
33388669ec Fix to test output in test suites
Fixes the test suites to consistently use mbedtls_fprintf to output to
stdout or stderr.

Also redirects output from the tests to /dev/null to avoid confusing
output if the test suite code or library outputs anything to stdout.
2016-10-13 13:53:13 +01:00
Simon Butcher
8739aa9403 Fix exit and formatting in CMAC test suite
Minor fixes following review.
2016-10-13 13:53:13 +01:00
Simon Butcher
03faeac7ec Add CMAC test suite to CMakeLists.txt 2016-10-13 13:53:13 +01:00
Simon Butcher
c3db62fd51 Extend test coverage of CMAC
Expands tests to include NULL tests and successive calls to
mbedtls_cipher_cmac_update() and mbedtls_cipher_cmac_reset().
2016-10-13 13:53:13 +01:00
Andres AG
8254b6c9f3 Clean up of formatting, and potential integer overflow fix 2016-10-13 13:51:13 +01:00
Simon Butcher
f394e09431 Clean up and minor fixes following review
Minor fixes following review including:
    * formatting changes including indentation and code style
    * corrections
    * removal of debug code
    * clarification of code through variable renaming
    * memory leak
    * compiler warnings
2016-10-13 13:51:12 +01:00
Simon Butcher
937fddbfcb Introduce a CMAC specific test suite 2016-10-13 13:51:11 +01:00
Andres AG
42547d0cf7 Set selftest verbose flag to boost coverage 2016-10-13 13:48:48 +01:00
Andres AG
84c46db746 Fix scripts to support multiple openssl and gnutls 2016-10-13 13:48:48 +01:00
Andres AG
3616f6f261 Rename net.{c,h} to net_sockets.{c,h}
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Simon Butcher
1c8b33ad19 Merge branch 'development' 2016-10-13 13:40:41 +01:00
Janos Follath
e709f7c9e0 Fix global variable shadowing 2016-10-13 13:20:12 +01:00
Simon Butcher
e019296ab7 Fix stdio redirection memory leak in test suites 2016-10-13 10:03:08 +01:00
Janos Follath
ef44178474 Restore P>Q in RSA key generation (#558)
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.

This commit restores this behaviour.
2016-10-13 00:25:07 +01:00
Janos Follath
99d09d2747 Fix memory leaks in CMAC tests 2016-10-12 15:32:54 +01:00
Andres AG
c4424c0a69 Fix memory leak in test_suite_cmac.function 2016-10-12 15:32:53 +01:00