Commit Graph

10506 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
994193326b Use plain memset() in context init functions
We call xxx_init() on a structure when it has been freshly allocated (on the
stack or heap).

At this point it contains random-looking data none of which should be
sensitive, as all sensitive data is wiped using mbedtls_platform_zeroize()
when we're done using it and the memory area is going to be reclaimed (by
exiting the function or free()ing the buffer).
2019-10-22 10:03:07 +02:00
Manuel Pégourié-Gonnard
14f33e74c0 Use platform_memset() in platform_zeroize()
We're using zeroize in many places in order to erase secrets, so we really
need it to be as secure as possible.
2019-10-22 10:03:07 +02:00
Manuel Pégourié-Gonnard
5220781b98 Fix missing include in some files
Add it in all files that use mbedtls_plaform_memset() but didn't already
include platfom_util.h.

In some configurations it just happened to work, either because it was
included indirectly or because the part of the code that used that function
was disabled, but it some configurations it broke, so let's fix it properly.
2019-10-22 10:03:07 +02:00
Manuel Pégourié-Gonnard
7a346b866c Replace memset() with mbedtls_platform_memset()
Steps:

1. sed -i 's/\bmemset(\([^)]\)/mbedtls_platform_memset(\1/g' library/*.c tinycrypt/*.c include/mbedtls/*.h scripts/data_files/*.fmt

2. Manually edit library/platform_util.c to revert to memset() in the
implementations of mbedtls_platform_memset() and mbedtls_platform_memcpy()

3. egrep -n '\<memset\>' library/*.c include/mbedtls/*.h tinycrypt/*.c
The remaining occurrences are in three categories:
    a. From point 2 above.
    b. In comments.
    c. In the initialisation of memset_func, to be changed in a future commit.
2019-10-22 10:03:07 +02:00
Teppo Järvelin
52c9ecb408 Fixed memory leak in ssl_server2.c main
Allocations are now done after command line parsing.
Added more checks if allocations are needed and fixed
baremetal tests with these defines.
2019-10-15 14:21:29 +03:00
Teppo Järvelin
ff1ce269d0 Fixed to compile: ssl_async_keys is not a pointer but was treated that way when giving to functions. 2019-10-14 08:14:34 +03:00
Hanno Becker
ead3aae8d9 Reduce number of entropy sources to 1 in baremetal configuration 2019-10-10 11:47:28 +03:00
Hanno Becker
c828432920 Make use of copy-less CRT parsing API in ssl_client2/ssl_server2 2019-10-10 11:47:28 +03:00
Hanno Becker
7d864c494a ssl_client2/ssl_server2: Use heap for various structures
This commit modifies the example programs ssl_client2 and ssl_server2
to allocate various structures on the heap instead of the stack. This
allows more fine-grained memory usage tracking via valgrind massif.
2019-10-10 11:47:28 +03:00
Simon Butcher
f0963f7141 Merge remote-tracking branch 'public/pr/2867' into baremetal 2019-10-08 18:57:31 +01:00
Simon Butcher
f7881ad2b7 Merge remote-tracking branch 'public/pr/2865' into baremetal 2019-10-08 18:42:04 +01:00
Simon Butcher
3a9d8a54e4 Merge remote-tracking branch 'public/pr/2881' into baremetal 2019-10-08 18:39:34 +01:00
Manuel Pégourié-Gonnard
0a9b44ddaa Merge branch 'mbedtls-2.16' into baremetal-2.16-20191004
* mbedtls-2.16: (25 commits)
  Fix compilation error
  Add const to variable
  Fix endianity issue when reading uint32
  Increase test suite timeout
  Reduce stack usage of test_suite_pkcs1_v15
  Reduce stack usage of test_suite_pkcs1_v21
  Reduce stack usage of test_suite_rsa
  Reduce stack usage of test_suite_pk
  Enable MBEDTLS_MEMORY_DEBUG in memory buffer alloc test in all.sh
  Remove unnecessary memory buffer alloc and memory backtrace unsets
  Disable DTLS proxy tests for MEMORY_BUFFER_ALLOC test
  all.sh: restructure memory allocator tests
  Add missing dependency in memory buffer alloc set in all.sh
  Don't set MBEDTLS_MEMORY_DEBUG through `scripts/config.pl full`
  Add cfg dep MBEDTLS_MEMORY_DEBUG->MBEDTLS_MEMORY_BUFFER_ALLOC_C
  Add all.sh run with full config and ASan enabled
  Add all.sh run with MBEDTLS_MEMORY_BUFFER_ALLOC_C enabled
  Update documentation of exceptions for `config.pl full`
  Adapt all.sh to removal of buffer allocator from full config
  Disable memory buffer allocator in full config
  ...
2019-10-07 12:44:09 +02:00
Jarno Lamsa
c4315e6d5e Address review comments for documentation 2019-10-04 15:42:39 +03:00
Jarno Lamsa
1881ef53b7 Move the definition of function in zeroize
There is a static dependency in the test system for
this file. To prevent the issue from happening, move
the definition to the end of file so that the last
return in the main remains in the same line.
2019-10-04 15:02:57 +03:00
Jarno Lamsa
990135eb4e Add all.sh entry 2019-10-04 14:50:50 +03:00
Teppo Järvelin
0efac53cdc Review fixes: fixed comments to be more accurate and changed one memcmp to safer version 2019-10-04 13:21:08 +03:00
Jarno Lamsa
642596e931 Adapt the example programs
Adapt the example programs if MBEDTLS_ENTROPY_HARDWARE_ALT
is defined.
2019-10-04 12:52:42 +03:00
Jarno Lamsa
f098b26b83 Add rng for the test suites 2019-10-04 12:51:45 +03:00
Teppo Järvelin
707ceb88f0 Replaced mbedtls_ssl_safer_memcmp with mbedtls_platform_memcmp
Saves some bytes and mbedtls_platform_memcmp is a bit safer for side channel
attacks.
2019-10-04 08:52:00 +03:00
Teppo Järvelin
650343cdcd Changed mbedtls_platform_memcmp to memcmp for places that don't have critical data and are under baremetal
Changed back because we don't wan't to slow down the performance more than we must.
2019-10-04 07:35:55 +03:00
Jarno Lamsa
39a9d40f84 Update documentation for the RNG-function 2019-10-03 13:49:35 +03:00
Jarno Lamsa
436d18dcaa Prevent a 0-modulus
If given range for a random is [0, 0), return 0.
Modulus 0 is undefined behaviour.
2019-10-03 13:49:35 +03:00
Jarno Lamsa
e29e8a49b8 Use MBEDTLS_ENTROPY_HARDWARE_ALT
Use MBEDTLS_ENTROPY_HARDWARE_ALT instead of a new global RNG
flag. When this flag is enabled, the platform provides the RNG.
When running unit tests, rnd_std_rand should be used by overriding
the mbedtls_hardware_poll.
2019-10-03 13:49:34 +03:00
Teppo Järvelin
61f412eb58 Changed every memcmp to SCA equivalent mbedtls_platform_memcmp
This makes physical attacks more difficult.
Selftest memcmp functions were not changed.
2019-10-03 13:14:33 +03:00
Manuel Pégourié-Gonnard
51f65e4b86 Standardize prototypes of platform_memcpy/memset
As replacements of standard library functions, they should have the same
prototype, including return type.

While it doesn't usually matter when used directly, it does when the address
of the function is taken, as done with memset_func, used for implementing
mbedtls_platform_zeroize().
2019-10-03 07:59:58 +03:00
Jaeden Amero
b9fc0798d2 Merge remote-tracking branch 'origin/pr/2864' into mbedtls-2.16
* origin/pr/2864:
  Fix compilation error
  Add const to variable
  Fix endianity issue when reading uint32
  Increase test suite timeout
  Reduce stack usage of test_suite_pkcs1_v15
  Reduce stack usage of test_suite_pkcs1_v21
  Reduce stack usage of test_suite_rsa
  Reduce stack usage of test_suite_pk
2019-10-02 18:00:31 +01:00
Jaeden Amero
da5930654e Merge remote-tracking branch 'origin/pr/2578' into mbedtls-2.16
* origin/pr/2578:
  Remove a redundant function call
2019-10-02 17:59:28 +01:00
Jaeden Amero
b0328ba8a3 Merge remote-tracking branch 'origin/pr/2323' into mbedtls-2.16
* origin/pr/2323:
  Add missing dependencies in test_suite_cipher.gcm
  Adapt ChangeLog
  Add NIST AES GCM test vectors to single-step cipher API test suite
2019-10-02 17:57:37 +01:00
Jarno Lamsa
a1e5054d91 Fix issues in CI 2019-10-02 12:52:39 +03:00
Jarno Lamsa
77a0e07f80 Add return value doxygen 2019-10-02 08:39:32 +03:00
Jarno Lamsa
7cb902737b Use bitwise comparison in memcmp
It is safer than == operator.
2019-10-02 08:32:51 +03:00
Jarno Lamsa
32db938463 Fix buffer initalisation
Initialise the buffer tail with random data instead of
given value.
2019-10-02 08:25:57 +03:00
Jarno Lamsa
f5ebe2a7ce Make RNG exclude the given maximum value
The RNG will give numbers in range of [0, num), so that
the given maximum is excluded.
2019-10-02 08:23:11 +03:00
Jarno Lamsa
0ff7109b7c Fix style issues 2019-10-02 08:18:29 +03:00
Jarno Lamsa
5aee8cab2a Update query_config 2019-10-01 16:10:03 +03:00
Jarno Lamsa
f65e9de57b Change rng-function return-type 2019-10-01 16:09:35 +03:00
Jarno Lamsa
7d28155b30 Add doxygen for the platform-functions 2019-10-01 15:56:17 +03:00
Jarno Lamsa
a19673222b Change the rng-function name
Change the name to mbedtls_platform_random_in_range
2019-10-01 15:31:08 +03:00
Jarno Lamsa
21d6a201ee Add missing typecast for memset 2019-10-01 15:20:13 +03:00
Jarno Lamsa
d82e559a48 Add a config flag for the global RNG
The global RNG should be provided by the application depending on
the RNG used there. (I.e. TRNG)
2019-10-01 14:54:41 +03:00
Arto Kinnunen
d19867293d Harmonize static function compiler flags
Warnings are treated as errors in Mbed TLS test. An error
"ssl_parse_client_hello_v2’ defined but not used" can occur in some
specific configurations and therefore tests will break.

Use similar flags for static function "ssl_parse_client_hello_v2" as
what is used when calling the function to prevent the compilation
warning/error.
2019-09-30 10:26:29 +03:00
Jarno Lamsa
0736325d80 Add FI/SCA compliant versions of mem-functions
Add FI/SCA compliant memset, memcmp and memcpy-functions
to platform_util. Also add a stub implementation of a global
RNG-function.
2019-09-30 09:40:03 +03:00
Arto Kinnunen
cfbeb76dd2 ssl-opt.sh: Adjust authentication test flags 2
Require MBEDTLS_X509_MAX_INTERMEDIATE_CA to be exactly 8 in
authentication tests.
2019-09-27 13:43:05 +03:00
Arto Kinnunen
13db25fbe9 ssl-opt.sh: Fix requires_config_value_exactly
Fix comparison bug in requires_config_value_exactly.
2019-09-27 13:06:25 +03:00
Arto Kinnunen
c457ab1c2b ssl-opt.sh: Adjust authentication test flags
Require MBEDTLS_X509_MAX_INTERMEDIATE_CA to be exactly 8 in one
authentication test.
2019-09-27 12:00:51 +03:00
Arto Kinnunen
a1e980695b ssl-opt.sh: Modify test sets based on config value 2
Adjust tests set configuration based on review comments.
2019-09-26 19:35:16 +03:00
Arto Kinnunen
3f1190d15b sslopt.sh: Modify test sets based on config value
query_opt is used to read Mbed TLS configuration values instead of
config.pl script. Now MBEDTLS_SSL_MAX_CONTENT_LEN value is correctly
read and some tests needs to be removed from the test set when value
of MBEDTLS_SSL_MAX_CONTENT_LEN is too small for the test.
2019-09-26 17:18:57 +03:00
Arto Kinnunen
aef8678c7f Revert spacing in programs/makefile APPS
Do not modify spacing in programs/Makefile APPS.
2019-09-26 14:54:11 +03:00
Arto Kinnunen
7821352483 ssl-opt.sh: use query_config to read flag value
To avoid dependency to "config.pl" use query_config test program to
read Mbed TLS flag values.
2019-09-26 11:06:39 +03:00