Commit Graph

10524 Commits

Author SHA1 Message Date
Gilles Peskine
a16c2b1ff1 all.sh: don't insist on Linux; always run Valgrind
Don't bail out of all.sh if the OS isn't Linux. We only expect
everything to pass on a recent Linux x86_64, but it's useful to call
all.sh to run some components on any platform.

In all.sh, always run both MemorySanitizer and Valgrind. Valgrind is
slower than ASan and MSan but finds some things that they don't.

Run MSan unconditionally, not just on Linux/x86_64. MSan is supported
on some other OSes and CPUs these days.

Use `all.sh --except test_memsan` if you want to omit MSan because it
isn't supported on your platform. Use `all.sh --except test_memcheck`
if you want to omit Valgrind because it's too slow.

Make the test scripts more portable (tested on FreeBSD): don't insist
on GNU sed, and recognize amd64 as well as x86_64 for `uname -m`. The
`make` utility must still be GNU make.
2019-01-09 22:36:33 +01:00
Gilles Peskine
4976e82a9e Gdb script: improve portability of ASLR disabling disabling
Call `set disable-randomization off` only if it seems to be supported.
The goal is to neither get an error about disable-randomization not
being supported (e.g. on FreeBSD), nor get an error if it is supported
but fails (e.g. on Ubuntu).

Only fiddle with disable-randomization from all.sh, which cares
because it reports the failure of ASLR disabling as an error. If a
developer invokes the Gdb script manually, a warning about ASLR
doesn't matter.
2019-01-09 22:36:31 +01:00
Gilles Peskine
5fa32a7a7a Use CMAKE_BUILD_TYPE to do Asan builds
Use `cmake -D CMAKE_BUILD_TYPE=Asan` rather than manually setting
`-fsanitize=address`. This lets cmake determine the necessary compiler
and linker flags.

With UNSAFE_BUILD on, force -Wno-error. This is necessary to build
with MBEDTLS_TEST_NULL_ENTROPY.
2019-01-09 22:35:57 +01:00
Gilles Peskine
55f7c94430 Fix inconsistent indentation
Only whitespace changes in this commit.
2019-01-09 22:35:55 +01:00
Nir Sonnenschein
6bd14269c9 remove excess whitespace 2019-01-09 00:32:56 +02:00
Simon Butcher
62ec2dd68f Merge remote-tracking branch 'public/pr/975' into development 2019-01-08 16:28:08 +00:00
Simon Butcher
8de0501871 Merge remote-tracking branch 'public/pr/2128' into development 2019-01-08 16:23:57 +00:00
Nir Sonnenschein
03091d1114 modify check-names.sh and list-macros.sh to work with PSA constants
fixed processing of PSA macros in check names script.
This required changes in:
*list-macros.sh to scan the PSA headers
*check-names to scan PSA files and allow PSA_* macro names
2019-01-08 18:15:50 +02:00
Simon Butcher
6944e05956 Merge remote-tracking branch 'public/pr/2232' into development 2019-01-08 15:33:28 +00:00
Simon Butcher
012a06cbf6 Merge remote-tracking branch 'public/pr/2228' into development 2019-01-08 15:26:58 +00:00
Simon Butcher
2fac661a1d Merge remote-tracking branch 'public/pr/2321' into development 2019-01-08 15:22:42 +00:00
Simon Butcher
d4548ae474 Merge remote-tracking branch 'public/pr/2334' into development 2019-01-08 15:21:41 +00:00
Andrzej Kurek
2349c4db88 Adapt to the new key allocation mechanism 2019-01-08 09:36:01 -05:00
Jaeden Amero
9e919c636f psa: Document generator requirements consistently
We've added documentation for how context objects for multi-part
operations must be initialized consistently for key policy, hash,
cipher, and MAC. Update the generator documentation to be consistent
with how we've documented the other operations.
2019-01-08 14:28:04 +00:00
Jaeden Amero
d94d671f14 psa: Test that generator initializers work 2019-01-08 14:28:04 +00:00
Jaeden Amero
5bae227da0 psa: Add initializers for cipher operation objects
Add new initializers for cipher operation objects and use them in our
tests and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
5a5dc77696 psa: Enable easier initialization of cipher operations
The struct psa_cipher_operation_s is built with a
mbedtls_cipher_context_t. The shape of mbedtls_cipher_context_t and an
initializer that works with Clang 5.0 and its
-Wmissing-field-initializers varies based on the configuration of the
library. Instead of making multiple initializers based on a maze of
ifdefs for all combinations of MBEDTLS_CIPHER_MODE_WITH_PADDING,
MBEDTLS_CMAC_C, and MBEDTLS_USE_PSA_CRYPTO, add a dummy variable to
psa_cipher_operation_s's union that encloses mbedtls_cipher_context_t.
This allows us to initialize the dummy with a Clang-approved initializer
and have it properly initialize the entire object.
2019-01-08 14:28:04 +00:00
Jaeden Amero
769ce27f12 psa: Add initializers for MAC operation objects
Add new initializers for MAC operation objects and use them in our tests
and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
6a25b41ac3 psa: Add initializers for hash operation objects
Add new initializers for hash operation objects and use them in our
tests and library code. Prefer using the macro initializers due to their
straightforwardness.
2019-01-08 14:28:04 +00:00
Jaeden Amero
70261c513a psa: Add initializers for key policies
Add new initializers for key policies and use them in our docs, example
programs, tests, and library code. Prefer using the macro initializers
due to their straightforwardness.
2019-01-08 14:28:04 +00:00
k-stachowiak
6b5ef48bf7 Add a configuration fix for vsnprintf for non-conforming platforms 2019-01-07 16:53:29 +01:00
Darryl Green
eb7f1b54c9 Add ChangeLog entry 2019-01-07 13:05:37 +00:00
Darryl Green
a7064c3b8c Move ecp_restartable definitions out of the MBEDTLS_ECP_ALT guards
As there are some definitions that are defined regardless of
whether MBEDTLS_ECP_RESTARTABLE is defined or not, these definitions
need to be moved outside the MBEDTLS_ECP_ALT guards. This is a simple
move as MBEDTLS_ECP_ALT and MBEDTLS_ECP_RESTARTABLE are mutually
exclusive options.
2019-01-07 10:23:34 +00:00
Gilles Peskine
51585384b9 Merge remote-tracking branch 'upstream-crypto/development' into all_sh-mbedcrypto
Merge the work on all.sh that was done on mbedtls-2.14.0 with the
changes from mbedtls-2.14.0 to the current tip of mbed-crypto/development.

There is a merge conflict in test/scripts/all.sh, which is the only
file that was modified in the all.sh work branch. I resolved it by
taking the copy from the all.sh branch and applying the changes
between mbedtls-2.14.0 and mbedtls-2.16.0. As evidenced by
`git diff mbedtls-2.14.0 d668baebc5e1709f4118aba3802d9af0ee4e4d83`,
many of the commits in
`git log mbedtls-2.14.0 d668baebc5e1709f4118aba3802d9af0ee4e4d83`
cancelled each other or were redundant with parallel commits that had
also occured via another branch included in mbedtls-2.14.0, leaving
the following differences:

* Removal of one unimportant blank line.
* The changes from db2b8db715
  "psa: Add storage implementation for files", to turn off
  PSA storage when MBEDTLS_FS_IO is turned off, which I manually
  replayed.
2019-01-05 10:27:47 +01:00
Jaeden Amero
8c7e95d9e0 tests: Remove unused key policy objects
persistent_key_import() and persistent_key_destroy() don't need to and
don't use key policy objects. Remove unused key policy objects.
2019-01-04 15:38:07 +00:00
Jaeden Amero
d668baebc5
Merge pull request #3 from gilles-peskine-arm/key_ladder_demo-maybe_uninitialized
Fix maybe-uninitialized warning
2019-01-04 14:50:34 +00:00
Andrzej Kurek
a49a94a536 Updating PSA submodule to commit 9e0feff 2019-01-04 05:15:20 -05:00
amisare
5c0b5b53a3
Update ChangeLog 2019-01-04 08:15:46 +08:00
Ron Eldor
4896c6bee5
Update ChangeLog
Co-Authored-By: amisare <243297288@qq.com>
2019-01-04 07:47:05 +08:00
Hanno Becker
0e810b9648 Don't call memcpy with NULL pointer in mbedtls_mpi_read_binary()
mbedtls_mpi_read_binary() calls memcpy() with the source pointer being
the source pointer passed to mbedtls_mpi_read_binary(), the latter may
be NULL if the buffer length is 0 (and this happens e.g. in the ECJPAKE
test suite). The behavior of memcpy(), in contrast, is undefined when
called with NULL source buffer, even if the length of the copy operation
is 0.

This commit fixes this by explicitly checking that the source pointer is
not NULL before calling memcpy(), and skipping the call otherwise.
2019-01-03 17:13:11 +00:00
Gilles Peskine
b28636b865 Merge tag 'mbedtls-2.16.0' into all_sh-2.14
Merge the work on all.sh that was done on mbedtls-2.14.0 with the
changes from mbedtls-2.14.0 to mbedtls-2.16.0.

There is a merge conflict in test/scripts/all.sh, which is the only
file that was modified in the all.sh work branch. I resolved it by
taking the copy from the all.sh branch and applying the changes
between mbedtls-2.14.0 and mbedtls-2.16.0. These changes consisted of
two commits:

* "Add tests to all.sh for CHECK_PARAMS edge cases": adds two
  test components which are reproduced here as
  test_check_params_without_platform and component_test_check_params_silent.
* "tests: Backup config.h before modifying it": moot because the
  component framework introduced in the all.sh branch backs up config.h
  systematically.
2019-01-03 13:04:36 +01:00
Jaeden Amero
9e0feff117
Merge pull request #240 from ARMmbed/psa-header_split
Split type definitions out of crypto.h and split crypto_driver.h
2019-01-03 10:22:10 +00:00
Masashi Honma
fbda6126d6 Remove duplicate #include
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-03 16:13:11 +09:00
Gilles Peskine
608953eb8c Back up and restore config.h systematically
In all.sh, always save config.h before running a component, instead of
doing it manually in each component that requires it (except when we
forget, which has happened). This would break a script that requires
config.h.bak not to exist, but we don't have any of those.
2019-01-02 19:05:33 +01:00
Gilles Peskine
8ae15ddcf8 Back up and restore config.h systematically
In all.sh, always save config.h before running a component, instead of
doing it manually in each component that requires it (except when we
forget, which has happened). This would break a script that requires
config.h.bak not to exist, but we don't have any of those.
2019-01-02 18:57:02 +01:00
Hanno Becker
9f6d16ad79 Fix preprocessor macro existence check in bignum.c 2019-01-02 17:15:06 +00:00
Gilles Peskine
ffcdeff00a Add the current component name to msg output and the final report 2019-01-02 18:09:05 +01:00
Gilles Peskine
81b96ed603 Add --except mode: run all components except a list
Allow the list to use wildcards, e.g. you can run the sanity checks with
all.sh --except "test_*" "build_*"
2019-01-02 18:07:23 +01:00
Gilles Peskine
92525111dc all.sh: with non-option arguments, run only these components 2019-01-02 18:07:23 +01:00
Gilles Peskine
348fb9a597 New option --list-components
Add an option to list the available components.

This is not useful yet, but a subsequent commit will add the ability
to run specific components.
2019-01-02 18:07:23 +01:00
Gilles Peskine
782f411bf5 Move test-ref-configs into its own component 2019-01-02 18:07:22 +01:00
Gilles Peskine
e48351a33f Move cleanup into the common wrapper function
Call cleanup from run_component instead of calling it from each
individual component function.

Clean up after each component rather than before. With the new
structure it makes more sense for each component to leave the place
clean. Run cleanup once at the beginning to start from a clean slate.
2019-01-02 18:07:22 +01:00
Gilles Peskine
9f8f92ca9b Remove duplicate component for RSA_NO_CRT 2019-01-02 18:07:22 +01:00
Gilles Peskine
8f07312124 Move the code into functions. No behavior change.
Move almost all the code of this script into functions. There is no
intended behavior change. The goal of this commit is to make
subsequent improvements easier to follow.

A very large number of lines have been reintended. To see what's going
on, ignore whitespace differences (e.g. diff -w).

I followed the following rules:

* Minimize the amount of code that gets moved.
* Don't change anything to what gets executed or displayed.
* Almost all the code must end up in a function.
* One function does one thing. For most of the code, that's from one
  "cleanup" to the next.
* The test sequence functions (run_XXX) are independent.

The change mostly amounts to putting chunks of code into a function
and calling the functions in order. A few test runs are conditional;
in those cases the conditional is around the function call.
2019-01-02 18:07:22 +01:00
Hanno Becker
6dab6200c6 Fix typo after rebase 2019-01-02 16:42:29 +00:00
Hanno Becker
5d91c0bbee Add missing macro existence check in byte swapping code in bignum.c 2019-01-02 11:38:14 +00:00
Hanno Becker
f872007782 Optimize mpi_bigendian_to_host() for speed and size
Use GCC / Clang builtins for byte swapping.
2019-01-02 11:38:14 +00:00
Hanno Becker
8116ef7c81 Adapt ChangeLog 2019-01-02 11:38:14 +00:00
Hanno Becker
2be8a55f72 Change signature of mpi_bigendian_to_host() to reflect usage 2019-01-02 11:37:25 +00:00
Hanno Becker
da1655a48e Remove temporary stack-buffer from mbedtls_mpi_fill_random()
Context: The function `mbedtls_mpi_fill_random()` uses a temporary stack
buffer to hold the random data before reading it into the target MPI.

Problem: This is inefficient both computationally and memory-wise.
Memory-wise, it may lead to a stack overflow on constrained devices with
limited stack.

Fix: This commit introduces the following changes to get rid of the
temporary stack buffer entirely:

1. It modifies the call to the PRNG to output the random data directly
   into the target MPI's data buffer.

This alone, however, constitutes a change of observable behaviour:
The previous implementation guaranteed to interpret the bytes emitted by
the PRNG in a big-endian fashion, while rerouting the PRNG output into the
target MPI's limb array leads to an interpretation that depends on the
endianness of the host machine.
As a remedy, the following change is applied, too:

2. Reorder the bytes emitted from the PRNG within the target MPI's
   data buffer to ensure big-endian semantics.

Luckily, the byte reordering was already implemented as part of
`mbedtls_mpi_read_binary()`, so:

3. Extract bigendian-to-host byte reordering from
   `mbedtls_mpi_read_binary()` to a separate internal function
   `mpi_bigendian_to_host()` to be used by `mbedtls_mpi_read_binary()`
   and `mbedtls_mpi_fill_random()`.
2019-01-02 11:37:25 +00:00