The test case was generated by modifying our signature code so that it
produces a 7-byte long padding (which also means garbage at the end, so it is
essential in to check that the error that is detected first is indeed the
padding rather than the final length check).
The modular inversion function hangs when provided with the modulus 1. This commit refuses this modulus with a BAD_INPUT error code. It also adds a test for this case.
Fix a buffer overflow when writting a string representation of an MPI
number to a buffer in hexadecimal. The problem occurs because hex
digits are written in pairs and this is not accounted for in the
calculation of the required buffer size when the number of digits is
odd.
The first three test cases from test_suites_pkparse.data failed because
the key file they read requires DES to be read. However, MBEDTLS_DES_C
was missing from the dependency list.
This curve has special arithmetic on 64 bit platforms and an untested
path lead to trying to free a buffer on the stack.
For the sake of completeness, a test case for a point with non-affine
coordinates has been added as well.
Fixes a regression introduced by an earlier commit that modified
x509_crt_verify_top() to ensure that valid certificates that are after past or
future valid in the chain are processed. However the change introduced a change
in behaviour that caused the verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in the
verification regardless of the cause.
The fix maintains both behaviours:
* Ensure that valid certificates after future and past are verified
* Ensure that the correct verification flags are set.
Modifies the function mbedtls_x509_crl_parse() to ensure that a CRL in PEM
format with trailing characters after the footer does not result in the
execution of an infinite loop.
Fix potential integer overflows in the following functions:
* mbedtls_md2_update() to be bypassed and cause
* mbedtls_cipher_update()
* mbedtls_ctr_drbg_reseed()
This overflows would mainly be exploitable in 32-bit systems and could
cause buffer bound checks to be bypassed.
The tests load certificate chains from files. The CA chains contain a
past or future certificate and an invalid certificate. The test then
checks that the flags set are MBEDTLS_X509_BADCERT_EXPIRED or
MBEDTLS_X509_BADCERT_FUTURE.
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
Fixes the test suites to consistently use mbedtls_fprintf to output to
stdout or stderr.
Also redirects output from the tests to /dev/null to avoid confusing
output if the test suite code or library outputs anything to stdout.
Minor fixes following review including:
* formatting changes including indentation and code style
* corrections
* removal of debug code
* clarification of code through variable renaming
* memory leak
* compiler warnings
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
Fixes the test suites to consistently use mbedtls_fprintf to output to
stdout or stderr.
Also redirects output from the tests to /dev/null to avoid confusing
output if the test suite code or library outputs anything to stdout.
Minor fixes following review including:
* formatting changes including indentation and code style
* corrections
* removal of debug code
* clarification of code through variable renaming
* memory leak
* compiler warnings
Changes to allow the entropy tests to work for configurations without an
entropy seed file (MBEDTLS_ENTROPY_NV_SEED), and with no entropy sources
configured (MBEDTLS_TEST_NULL_ENTROPY).
Instead of polling the hardware entropy source a single time and
comparing the output with itself, the source is polled at least twice
and make sure that the separate outputs are different.
The self test is a quick way to check at startup whether the entropy
sources are functioning correctly. The self test only polls 8 bytes
from the default entropy source and performs the following checks:
- The bytes are not all 0x00 or 0xFF.
- The hardware does not return an error when polled.
- The entropy does not provide data in a patter. Only check pattern
at byte, word and long word sizes.
A standard 'test' that writes a seed file is added so that regular tests
still can succeed. This is in lieu of a 'SUITE_PRE_CODE' kind of
arrangement where a suite can run code before (and after) all other code
runs.
A test is added that checks if we can read and write the standard NV
seed file
A test is added that actually checks if the entropy and seed file values
that are the result of just using the NV seed are the same as the manual
calculation.
For a start, they don't even compile with Visual Studio due to strcasecmp
being missing. Secondly, on Windows Perl scripts aren't executable and have
to be run using the Perl interpreter directly; thankfully CMake is able to
find cygwin Perl straight away without problems.
The commit adds to the generate_code.pl script support to add #line directives
to generated code to allow build breaks to be more easily found from the
generated code.
Added a verbose option to the generated test suites which can list the
dependencies not met for skipped test cases.
Also clarifies internal interfaces between the main_test.function and test code,
and fixed a bug on calculating available tests in run-test-suites.pl.
The main goal with these tests is to test the bug in question and
they are not meant to test the entire PKCS#1 v1.5 behaviour. To
achieve full test coverage, further test cases are needed.
Restructed test suite helper and main code to support tests suite helper
functions, changed C++ comments to C-style, and made the generated
source code more navigable.
Added to generate_code.pl:
- support for per test suite helper functions
- description of the structure of the files the script uses to construct
the test suite file
- delimiters through the source code to make the machine generated code
easier to understand
* yanesca/iss309:
Improved on the previous fix and added a test case to cover both types of carries.
Removed recursion from fix#309.
Improved on the fix of #309 and extended the test to cover subroutines.
Tests and fix added for #309 (inplace mpi doubling).
For a start, they don't even compile with Visual Studio due to strcasecmp
being missing. Secondly, on Windows Perl scripts aren't executable and have
to be run using the Perl interpreter directly; thankfully CMake is able to
find cygwin Perl straight away without problems.
* iotssl-515-max-pathlen:
Add Changelog entries for this branch
Fix a style issue
Fix whitespace at EOL issues
Use symbolic constants in test data
Fixed pathlen contraint enforcement.
Additional corner cases for testing pathlen constrains. Just in case.
Added test case for pathlen constrains in intermediate certificates
* development: (73 commits)
Bump yotta dependencies version
Fix typo in documentation
Corrected misleading fn description in ssl_cache.h
Corrected URL/reference to MPI library
Fix yotta dependencies
Fix minor spelling mistake in programs/pkey/gen_key.c
Bump version to 2.1.2
Fix CVE number in ChangeLog
Add 'inline' workaround where needed
Fix references to non-standard SIZE_T_MAX
Fix yotta version dependencies again
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
Remove inline workaround when not useful
Fix macroization of inline in C++
Changed attribution for Guido Vranken
Merge of IOTSSL-476 - Random malloc in pem_read()
Fix for IOTSSL-473 Double free error
Fix potential overflow in CertificateRequest
...
Conflicts:
include/mbedtls/ssl_internal.h
library/ssl_cli.c