diff --git a/ChangeLog.d/issue10349.txt b/ChangeLog.d/issue10349.txt new file mode 100644 index 0000000000..ab47659ed8 --- /dev/null +++ b/ChangeLog.d/issue10349.txt @@ -0,0 +1,8 @@ +Features + * Function mbedtls_ssl_get_supported_group_list() is added to return the list + of supported groups IDs (curves and finite fields). + * MBEDTLS_SSL_IANA_TLS_GROUPS_INFO is added to allow defining the list of + mbedtls_ssl_iana_tls_group_info_t items which represent known TLS groups + with corresponding informations. + If MBEDTLS_DEBUG_C is also enabled then mbedtls_ssl_iana_tls_group_info is + also available as implementation of such list. diff --git a/ChangeLog.d/timing.txt b/ChangeLog.d/timing.txt new file mode 100644 index 0000000000..b3943cdcf2 --- /dev/null +++ b/ChangeLog.d/timing.txt @@ -0,0 +1,13 @@ +API changes + * MBEDTLS_TIMING_C now requires MBEDTLS_HAVE_TIME to be enabled in the + TF-PSA-Crypto configuration, unless MBEDTLS_TIMING_ALT is enabled. + As a benefit, platforms where the default implementation is not + supported now only need to implement MBEDTLS_PLATFORM_MS_TIME_ALT. + * When MBEDTLS_TIMING_ALT is enabled, the function + mbedtls_timing_get_timer() now returns unsigned long long instead + of unsigned long. + +Bugfix + * mbedtls_timing_get_delay() now correctly treats a timer as expired + after more than 2^32 ms (about 49 days) on platforms where long is + a 32-bit type. Fixes #10613. diff --git a/SECURITY.md b/SECURITY.md index 98cb59bd1c..e36162abd7 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -19,6 +19,16 @@ Only the maintained branches, as listed in [`BRANCHES.md`](BRANCHES.md), get security fixes. Users are urged to always use the latest version of a maintained branch. +## Use of TF-PSA-Crypto + +Note that Mbed TLS uses the cryptography API provided by TF-PSA-Crypto. +Its +[threat model](https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/SECURITY.md#threat-model) +applies to all cryptographic operations performed by Mbed TLS. In particular, +users of Mbed TLS should note the considerations around +[block ciphers](https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/development/SECURITY.md#block-ciphers) +since they apply to the block ciphers used in TLS. + ## Threat model We classify attacks based on the capabilities of the attacker. diff --git a/configs/config-ccm-psk-dtls1_2.h b/configs/config-ccm-psk-dtls1_2.h index 6712c331b0..8aaa884b4a 100644 --- a/configs/config-ccm-psk-dtls1_2.h +++ b/configs/config-ccm-psk-dtls1_2.h @@ -29,7 +29,7 @@ #define MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C -#define MBEDTLS_TIMING_C +#define MBEDTLS_TIMING_C //Only used by test programs /* TLS protocol feature support */ #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 606f4a1bf5..5199489c21 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -12,5 +12,5 @@ #define MBEDTLS_ERROR_STRERROR_DUMMY #define MBEDTLS_VERSION_FEATURES -#define MBEDTLS_TIMING_C +#define MBEDTLS_TIMING_C //Only for benchmarking #define MBEDTLS_VERSION_C diff --git a/configs/crypto-config-ccm-psk-tls1_2.h b/configs/crypto-config-ccm-psk-tls1_2.h index c2dabc28e8..817835e33e 100644 --- a/configs/crypto-config-ccm-psk-tls1_2.h +++ b/configs/crypto-config-ccm-psk-tls1_2.h @@ -26,7 +26,8 @@ #define MBEDTLS_PSA_CRYPTO_C /* System support */ -//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ +/* Optionally used in Hello messages. Needed for DTLS testing. */ +#define MBEDTLS_HAVE_TIME /* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ #define MBEDTLS_CTR_DRBG_C diff --git a/configs/crypto-config-thread.h b/configs/crypto-config-thread.h index 1b2621cf58..5e0df736e9 100644 --- a/configs/crypto-config-thread.h +++ b/configs/crypto-config-thread.h @@ -48,6 +48,7 @@ /* System support */ #define MBEDTLS_HAVE_ASM +#define MBEDTLS_HAVE_TIME //Only used by test programs #define MBEDTLS_AES_ROM_TABLES #define MBEDTLS_ECP_NIST_OPTIM diff --git a/framework b/framework index 421f7a29f7..e07b6643e8 160000 --- a/framework +++ b/framework @@ -1 +1 @@ -Subproject commit 421f7a29f79e535fc6497b6cb4767cd7023db20b +Subproject commit e07b6643e8db5fe2fdc20be288b91a2194316862 diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 87ea6c3150..b8273bc757 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -59,10 +59,10 @@ */ #if defined(__has_attribute) #if __has_attribute(format) -#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 +#if defined(__MINGW32__) #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ __attribute__((__format__(gnu_printf, string_index, first_to_check))) -#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */ +#else /* defined(__MINGW32__) */ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ __attribute__((format(printf, string_index, first_to_check))) #endif @@ -73,30 +73,15 @@ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) #endif -/** - * \def MBEDTLS_PRINTF_SIZET - * - * MBEDTLS_PRINTF_xxx: Due to issues with older window compilers - * and MinGW we need to define the printf specifier for size_t - * and long long per platform. - * - * Module: library/debug.c - * Caller: - * - * This module provides debugging functions. +/* Legacy definitions, kept for backward compatibility. + * Since Mbed TLS 4.1, the standard specifiers are always valid. + * We still define the macros because they're part of the Mbed TLS 4.0 API. + * In the library and test code, keep using them for code that's backported + * to 3.6. */ -#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) - #include - #define MBEDTLS_PRINTF_SIZET PRIuPTR - #define MBEDTLS_PRINTF_SIZET_HEX PRIxPTR - #define MBEDTLS_PRINTF_LONGLONG "I64d" -#else \ - /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */ - #define MBEDTLS_PRINTF_SIZET "zu" - #define MBEDTLS_PRINTF_SIZET_HEX "zx" - #define MBEDTLS_PRINTF_LONGLONG "lld" -#endif \ - /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1900) */ +#define MBEDTLS_PRINTF_SIZET "zu" +#define MBEDTLS_PRINTF_SIZET_HEX "zx" +#define MBEDTLS_PRINTF_LONGLONG "lld" #if !defined(MBEDTLS_PRINTF_MS_TIME) #include diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index ad843c70c3..a38b61c147 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -63,22 +63,9 @@ /** * \def MBEDTLS_TIMING_C * - * Enable the semi-portable timing interface. + * Enable a timer interface used by some sample and test programs. * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note The timing module will include time.h on suitable platforms - * regardless of the setting of MBEDTLS_HAVE_TIME, unless - * MBEDTLS_TIMING_ALT is used. See timing.c for more information. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * Requires: MBEDTLS_HAVE_TIME or MBEDTLS_TIMING_ALT * * Module: library/timing.c */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 6b98ad4584..1425896976 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3667,6 +3667,146 @@ void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SRV_C */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ +/** + * This structure defines each entry of the macro #MBEDTLS_SSL_IANA_TLS_GROUPS_INFO. + * + * \note Future versions of the library might add new fields to this structure. + */ +typedef struct { + /** TLS-ID */ + uint16_t tls_id; + + /** Group name */ + const char *group_name; + + /** 1 if the group is supported; 0 otherwise */ + uint8_t is_supported; +} mbedtls_ssl_iana_tls_group_info_t; + +/* Helpers to check which PSA_WANT_xxx symbols are defined for groups. */ +#if defined(PSA_WANT_ECC_MONTGOMERY_255) +#define MBEDTLS_SSL_HAVE_GROUP_X25519 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_X25519 0 +#endif +#if defined(PSA_WANT_ECC_SECP_R1_256) +#define MBEDTLS_SSL_HAVE_GROUP_SECP256R1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_SECP256R1 0 +#endif +#if defined(PSA_WANT_ECC_SECP_K1_256) +#define MBEDTLS_SSL_HAVE_GROUP_SECP256K1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_SECP256K1 0 +#endif +#if defined(PSA_WANT_ECC_SECP_R1_384) +#define MBEDTLS_SSL_HAVE_GROUP_SECP384R1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_SECP384R1 0 +#endif +#if defined(PSA_WANT_ECC_MONTGOMERY_448) +#define MBEDTLS_SSL_HAVE_GROUP_X448 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_X448 0 +#endif +#if defined(PSA_WANT_ECC_SECP_R1_521) +#define MBEDTLS_SSL_HAVE_GROUP_SECP521R1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_SECP521R1 0 +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#define MBEDTLS_SSL_HAVE_GROUP_BP256R1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_BP256R1 0 +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#define MBEDTLS_SSL_HAVE_GROUP_BP384R1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_BP384R1 0 +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#define MBEDTLS_SSL_HAVE_GROUP_BP512R1 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_BP512R1 0 +#endif +#if defined(PSA_WANT_DH_RFC7919_2048) +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE2048 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE2048 0 +#endif +#if defined(PSA_WANT_DH_RFC7919_3072) +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE3072 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE3072 0 +#endif +#if defined(PSA_WANT_DH_RFC7919_4096) +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE4096 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE4096 0 +#endif +#if defined(PSA_WANT_DH_RFC7919_6144) +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE6144 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE6144 0 +#endif +#if defined(PSA_WANT_DH_RFC7919_8192) +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE8192 1 +#else +#define MBEDTLS_SSL_HAVE_GROUP_FFDHE8192 0 +#endif + +/** + * Initializer for a list of known TLS 1.2 named elliptic curves and + * TLS 1.3 groups, with their names. + * + * Each entry is a structure of type #mbedtls_ssl_iana_tls_group_info_t. + * The last entry has `tls_id = 0` and `group_name = NULL`. + */ +#define MBEDTLS_SSL_IANA_TLS_GROUPS_INFO \ + { \ + { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", MBEDTLS_SSL_HAVE_GROUP_X25519 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", MBEDTLS_SSL_HAVE_GROUP_SECP256R1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", MBEDTLS_SSL_HAVE_GROUP_SECP256K1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", MBEDTLS_SSL_HAVE_GROUP_SECP384R1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", MBEDTLS_SSL_HAVE_GROUP_X448 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", MBEDTLS_SSL_HAVE_GROUP_SECP521R1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", MBEDTLS_SSL_HAVE_GROUP_BP256R1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", MBEDTLS_SSL_HAVE_GROUP_BP384R1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", MBEDTLS_SSL_HAVE_GROUP_BP512R1 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", MBEDTLS_SSL_HAVE_GROUP_FFDHE2048 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", MBEDTLS_SSL_HAVE_GROUP_FFDHE3072 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", MBEDTLS_SSL_HAVE_GROUP_FFDHE4096 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", MBEDTLS_SSL_HAVE_GROUP_FFDHE6144 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", MBEDTLS_SSL_HAVE_GROUP_FFDHE8192 }, \ + { MBEDTLS_SSL_IANA_TLS_GROUP_NONE, NULL, 1 } \ + } + +#if defined(MBEDTLS_DEBUG_C) +/** + * List of known "TLS ID" <-> "group name". + * #MBEDTLS_SSL_IANA_TLS_GROUPS_INFO is used to initialized the list. + */ +extern mbedtls_ssl_iana_tls_group_info_t mbedtls_ssl_iana_tls_group_info[]; +#endif /* MBEDTLS_DEBUG_C */ + +/** + * \brief Return the list of supported groups (curves and finite fields). + * + * \note The returned list is ordered in ascending order of resource + * usage. This follows the same pattern of the default list being + * used when mbedtls_ssl_conf_groups() is not called. + * + * \note The returned list represents supported groups in the current build + * configuration, not the one set by mbedtls_ssl_conf_groups(). + * + * \note The returned list is static so the user doesn't need to worry + * about it being freed. + * + * \return The list made of IANA NamedGroups IDs (MBEDTLS_SSL_IANA_TLS_GROUP_xxx) + * and is terminated by #MBEDTLS_SSL_IANA_TLS_GROUP_NONE. + */ +const uint16_t *mbedtls_ssl_get_supported_group_list(void); + /** * \brief Set the allowed groups in order of preference. * @@ -3692,6 +3832,10 @@ void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, * keeping with the general principle of favoring the lowest * resource usage. * + * \note The list is not copied internally, only the reference to it + * is saved in \p conf. Do not free \p groups memory for the time + * in which \p conf is being used. + * * \param conf SSL configuration * \param groups List of allowed groups ordered by preference, terminated by 0. * Must contain valid IANA NamedGroup IDs (provided via either an integer diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 62ae1022d9..8c15df58e8 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -23,11 +23,22 @@ extern "C" { // Regular implementation // +#if defined(MBEDTLS_HAVE_TIME) +#include +#endif + /** * \brief timer structure */ struct mbedtls_timing_hr_time { - uint64_t MBEDTLS_PRIVATE(opaque)[4]; +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_ms_time_t ms; +#else + /* Without MBEDTLS_HAVE_TIME, we expose the type definitions and + * function declarations, but they can't be implemented. We do + * need to write something here. */ + unsigned MBEDTLS_PRIVATE(unused); +#endif }; /** @@ -44,7 +55,7 @@ typedef struct mbedtls_timing_delay_context { #endif /* MBEDTLS_TIMING_ALT */ /* Internal use */ -unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset); +unsigned long long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset); /** * \brief Set a pair of delays to watch diff --git a/library/debug.c b/library/debug.c index e622ac9ed4..59969070c4 100644 --- a/library/debug.c +++ b/library/debug.c @@ -21,6 +21,30 @@ /* DEBUG_BUF_SIZE must be at least 2 */ #define DEBUG_BUF_SIZE 512 +/* Temporary hack: on MingW, do not honor the platform.h configuration + * for snprintf and vsnprintf. Instead, force the native functions, + * which are the standard ones, not the Windows legacy ones. + * + * This hack should be removed once TF-PSA-Crypto has been updated to + * use the standard printf family. + */ +#if defined(__MINGW32__) +#undef mbedtls_snprintf +#define mbedtls_snprintf snprintf +#undef mbedtls_vsnprintf +#define mbedtls_vsnprintf vsnprintf +#endif + +int mbedtls_debug_snprintf(char *dest, size_t maxlen, + const char *format, ...) +{ + va_list argp; + va_start(argp, format); + int ret = mbedtls_vsnprintf(dest, maxlen, format, argp); + va_end(argp); + return ret; +} + static int debug_threshold = 0; void mbedtls_debug_set_threshold(int threshold) diff --git a/library/debug_internal.h b/library/debug_internal.h index d09e492094..2b869450f6 100644 --- a/library/debug_internal.h +++ b/library/debug_internal.h @@ -12,6 +12,19 @@ #include "mbedtls/debug.h" +/* This should be equivalent to mbedtls_snprintf(). But it might not be due + * to platform shenanigans. For example, Mbed TLS and TF-PSA-Crypto could + * have inconsistent platform definitions. On Mingw, some code might + * be built with a different setting of __USE_MINGW_ANSI_STDIO, resulting + * in an old non-C99 printf being used somewhere. + * + * Our library assumes that mbedtls_snprintf() and other printf functions + * are consistent throughout. This function is not an official API and + * is not meant to be used inside the library. It is provided to help + * debugging printf inconsistencies issues. If you need it, good luck! + */ +int mbedtls_debug_snprintf(char *dest, size_t maxlen, + const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(3, 4); /** * \brief Print a message to the debug output. This function is always used * through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl diff --git a/library/mbedtls_check_config.h b/library/mbedtls_check_config.h index 855e4e3674..f6ca813a37 100644 --- a/library/mbedtls_check_config.h +++ b/library/mbedtls_check_config.h @@ -142,11 +142,6 @@ "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx" #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - !(defined(PSA_WANT_ALG_SHA_1) || defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512)) -#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_SSL_EARLY_DATA) && \ ( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \ ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \ @@ -363,5 +358,10 @@ #error "MBEDTLS_PKCS7_C is defined, but not all prerequisites" #endif +#if defined(MBEDTLS_TIMING_C) && \ + !(defined(MBEDTLS_HAVE_TIME) || defined(MBEDTLS_TIMING_ALT)) +#error "MBEDTLS_TIMING_C requires either MBEDTLS_HAVE_TIME or MBEDTLS_TIMING_ALT" +#endif + /* *INDENT-ON* */ #endif /* MBEDTLS_CHECK_CONFIG_H */ diff --git a/library/mbedtls_common.h b/library/mbedtls_common.h new file mode 100644 index 0000000000..43dac8266b --- /dev/null +++ b/library/mbedtls_common.h @@ -0,0 +1,43 @@ +/** + * \file mbedtls_common.h + * + * \brief Utility macros for internal use in the library. + * + * This file should be included as the first thing in all library C files + * (directly, or indirectly via x509_internal.h or ssl_misc.h). + * It must not be included by sample programs, since sample programs + * illustrate what you can do without the library sources. + * It may be included (often indirectly) by test code that isn't purely + * black-box testing. + * + * This file takes care of setting up requirements for platform headers. + * It includes the library configuration and derived macros. + * It additionally defines various utility macros and other definitions + * (but no function declarations). + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef MBEDTLS_MBEDTLS_COMMON_H +#define MBEDTLS_MBEDTLS_COMMON_H + +/* Before including any system header, declare some macros to tell system + * headers what we expect of them. + * + * Do this before including any header from TF-PSA-Crypto, since the + * convention is first-come-first-served (so that users can + * override some macros on the command line, and individual users can + * override some macros before including the common header). + */ +#include "mbedtls_platform_requirements.h" + +/* From this point onwards, ensure we have the library configuration and + * the configuration-derived macros. */ +#include + +/* Mbed TLS requires TF-PSA-Crypto internals. */ +#include "tf_psa_crypto_common.h" + +#endif /* MBEDTLS_MBEDTLS_COMMON_H */ diff --git a/library/mbedtls_config.c b/library/mbedtls_config.c index a3deae3152..48be660015 100644 --- a/library/mbedtls_config.c +++ b/library/mbedtls_config.c @@ -6,6 +6,10 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +/* We are a special snowflake: we don't include "mbedtls_common.h", + * because that would pull and we need to + * tune the way it works. */ + /* Apply the TF-PSA-Crypto configuration first. We need to do this * before , because "mbedtls_config_check_before.h" * needs to run after the crypto config (including derived macros) is diff --git a/library/mbedtls_platform_requirements.h b/library/mbedtls_platform_requirements.h new file mode 100644 index 0000000000..c86204e6fa --- /dev/null +++ b/library/mbedtls_platform_requirements.h @@ -0,0 +1,32 @@ +/** + * \file mbedtls_platform_requirements.h + * + * \brief Declare macros that tell system headers what we expect of them. + * + * This file must be included before any system header, and so in particular + * before build_info.h (which includes the user config, which may include + * system headers). + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef MBEDTLS_MBEDTLS_PLATFORM_REQUIREMENTS_H +#define MBEDTLS_MBEDTLS_PLATFORM_REQUIREMENTS_H + +/* On Mingw-w64, force the use of a C99-compliant printf() and friends. + * This is necessary on older versions of Mingw and/or Windows runtimes + * where snprintf does not always zero-terminate the buffer, and does + * not support formats such as "%zu" for size_t and "%lld" for long long. + * + * Defining __USE_MINGW_ANSI_STDIO=0 may work and provide a small code size + * and performance benefit for some combinations of older Mingw and Windows + * versions. Do this at your own risk and make sure that least + * test_suite_debug passes. + */ +#if !defined(__USE_MINGW_ANSI_STDIO) +#define __USE_MINGW_ANSI_STDIO 1 +#endif + +#endif /* MBEDTLS_MBEDTLS_PLATFORM_REQUIREMENTS_H */ diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 6f843404c7..62be3b245d 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -36,6 +36,8 @@ const char *mbedtls_ssl_named_group_to_str(uint16_t in); const char *mbedtls_ssl_get_extension_name(unsigned int extension_type); +const char *mbedtls_ssl_get_hs_msg_name(int hs_msg_type); + void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl, int level, const char *file, int line, int hs_msg_type, uint32_t extensions_mask, diff --git a/library/ssl_misc.h b/library/ssl_misc.h index f8c03dfa2f..5f8980a20e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_SSL_MISC_H #define MBEDTLS_SSL_MISC_H -#include "tf_psa_crypto_common.h" +#include "mbedtls_common.h" #include "mbedtls/build_info.h" #include "mbedtls/error.h" diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 8d04162414..d159f8fd33 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -18,6 +18,7 @@ #include "mbedtls/ssl.h" #include "debug_internal.h" +#include "ssl_debug_helpers.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/version.h" @@ -2325,7 +2326,8 @@ int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl) max_hs_frag_len : rem_len; if (frag_off == 0 && cur_hs_frag_len != hs_len) { - MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting handshake message (%u > %u)", + MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting %s handshake message (%u > %u)", + mbedtls_ssl_get_hs_msg_name(cur->p[0]), (unsigned) cur_hs_frag_len, (unsigned) max_hs_frag_len)); } @@ -4157,7 +4159,9 @@ static int ssl_load_buffered_message(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message has been buffered - load")); + MBEDTLS_SSL_DEBUG_MSG(2, ("%s handshake message has been buffered%s", + mbedtls_ssl_get_hs_msg_name(hs_buf->data[0]), + hs_buf->is_fragmented ? " and reassembled" : "")); MBEDTLS_SSL_DEBUG_BUF(3, "Buffered handshake message (incl. header)", hs_buf->data, msg_len + 12); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc65b0e1d7..24ac3cec4d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -679,7 +679,7 @@ const char *mbedtls_ssl_get_extension_name(unsigned int extension_type) mbedtls_ssl_get_extension_id(extension_type)]; } -static const char *ssl_tls13_get_hs_msg_name(int hs_msg_type) +const char *mbedtls_ssl_get_hs_msg_name(int hs_msg_type) { switch (hs_msg_type) { case MBEDTLS_SSL_HS_CLIENT_HELLO: @@ -694,8 +694,16 @@ static const char *ssl_tls13_get_hs_msg_name(int hs_msg_type) return "EncryptedExtensions"; case MBEDTLS_SSL_HS_CERTIFICATE: return "Certificate"; + case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: + return "ServerKeyExchange"; case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return "CertificateRequest"; + case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: + return "CertificateVerify"; + case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: + return "ClientKeyExchange"; + case MBEDTLS_SSL_HS_FINISHED: + return "Finished"; } return "Unknown"; } @@ -710,7 +718,7 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, mbedtls_debug_print_msg( ssl, level, file, line, "%s: %s(%u) extension %s %s.", - ssl_tls13_get_hs_msg_name(hs_msg_type), + mbedtls_ssl_get_hs_msg_name(hs_msg_type), mbedtls_ssl_get_extension_name(extension_type), extension_type, extra_msg0, extra_msg1); @@ -721,7 +729,7 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, if (extra_msg) { mbedtls_debug_print_msg( ssl, level, file, line, - "%s: %s(%u) extension %s.", ssl_tls13_get_hs_msg_name(hs_msg_type), + "%s: %s(%u) extension %s.", mbedtls_ssl_get_hs_msg_name(hs_msg_type), mbedtls_ssl_get_extension_name(extension_type), extension_type, extra_msg); return; @@ -729,7 +737,7 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, mbedtls_debug_print_msg( ssl, level, file, line, - "%s: %s(%u) extension.", ssl_tls13_get_hs_msg_name(hs_msg_type), + "%s: %s(%u) extension.", mbedtls_ssl_get_hs_msg_name(hs_msg_type), mbedtls_ssl_get_extension_name(extension_type), extension_type); } @@ -2362,6 +2370,60 @@ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, } #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ +/* The selection should be the same as mbedtls_x509_crt_profile_default in + * x509_crt.c, plus Montgomery curves for ECDHE. Here, the order matters: + * curves with a lower resource usage come first. + * See the documentation of mbedtls_ssl_conf_groups() for what we promise + * about this list. + */ +static const uint16_t ssl_preset_default_groups[] = { +#if defined(PSA_WANT_ECC_MONTGOMERY_255) + MBEDTLS_SSL_IANA_TLS_GROUP_X25519, +#endif +#if defined(PSA_WANT_ECC_SECP_R1_256) + MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, +#endif +#if defined(PSA_WANT_ECC_SECP_R1_384) + MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, +#endif +#if defined(PSA_WANT_ECC_MONTGOMERY_448) + MBEDTLS_SSL_IANA_TLS_GROUP_X448, +#endif +#if defined(PSA_WANT_ECC_SECP_R1_521) + MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) + MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, +#endif +#if defined(PSA_WANT_DH_RFC7919_2048) + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, +#endif +#if defined(PSA_WANT_DH_RFC7919_3072) + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, +#endif +#if defined(PSA_WANT_DH_RFC7919_4096) + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, +#endif +#if defined(PSA_WANT_DH_RFC7919_6144) + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, +#endif +#if defined(PSA_WANT_DH_RFC7919_8192) + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, +#endif + MBEDTLS_SSL_IANA_TLS_GROUP_NONE +}; + +const uint16_t *mbedtls_ssl_get_supported_group_list(void) +{ + return ssl_preset_default_groups; +} + /* * Set the allowed groups */ @@ -5165,47 +5227,6 @@ void mbedtls_ssl_config_init(mbedtls_ssl_config *conf) memset(conf, 0, sizeof(mbedtls_ssl_config)); } -/* The selection should be the same as mbedtls_x509_crt_profile_default in - * x509_crt.c, plus Montgomery curves for ECDHE. Here, the order matters: - * curves with a lower resource usage come first. - * See the documentation of mbedtls_ssl_conf_groups() for what we promise - * about this list. - */ -static const uint16_t ssl_preset_default_groups[] = { -#if defined(PSA_WANT_ECC_MONTGOMERY_255) - MBEDTLS_SSL_IANA_TLS_GROUP_X25519, -#endif -#if defined(PSA_WANT_ECC_SECP_R1_256) - MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, -#endif -#if defined(PSA_WANT_ECC_SECP_R1_384) - MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, -#endif -#if defined(PSA_WANT_ECC_MONTGOMERY_448) - MBEDTLS_SSL_IANA_TLS_GROUP_X448, -#endif -#if defined(PSA_WANT_ECC_SECP_R1_521) - MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, -#endif -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) - MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, -#endif -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) - MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, -#endif -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) - MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, -#endif -#if defined(PSA_WANT_ALG_FFDH) - MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, - MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, - MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, - MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, - MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, -#endif - MBEDTLS_SSL_IANA_TLS_GROUP_NONE -}; - static const int ssl_preset_suiteb_ciphersuites[] = { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, @@ -5839,28 +5860,14 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id(mbedtls_ecp_group_id grp_id) } #if defined(MBEDTLS_DEBUG_C) -static const struct { - uint16_t tls_id; - const char *name; -} tls_id_curve_name_table[] = -{ - { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519" }, - { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448" }, - { 0, NULL }, -}; +mbedtls_ssl_iana_tls_group_info_t mbedtls_ssl_iana_tls_group_info[] = + MBEDTLS_SSL_IANA_TLS_GROUPS_INFO; const char *mbedtls_ssl_get_curve_name_from_tls_id(uint16_t tls_id) { - for (int i = 0; tls_id_curve_name_table[i].tls_id != 0; i++) { - if (tls_id_curve_name_table[i].tls_id == tls_id) { - return tls_id_curve_name_table[i].name; + for (int i = 0; mbedtls_ssl_iana_tls_group_info[i].tls_id != 0; i++) { + if (mbedtls_ssl_iana_tls_group_info[i].tls_id == tls_id) { + return mbedtls_ssl_iana_tls_group_info[i].group_name; } } @@ -8939,7 +8946,7 @@ static int mbedtls_ssl_tls13_export_keying_material(mbedtls_ssl_context *ssl, const size_t context_len) { const psa_algorithm_t psa_hash_alg = mbedtls_md_psa_alg_from_type(hash_alg); - const size_t hash_len = PSA_HASH_LENGTH(hash_alg); + const size_t hash_len = PSA_HASH_LENGTH(psa_hash_alg); const unsigned char *secret = ssl->session->app_secrets.exporter_master_secret; /* The length of the label must be at most 249 bytes to fit into the HkdfLabel diff --git a/library/timing.c b/library/timing.c index 1ed88639ef..6273f44c00 100644 --- a/library/timing.c +++ b/library/timing.c @@ -13,95 +13,17 @@ #if !defined(MBEDTLS_TIMING_ALT) -#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ - !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ - !defined(__HAIKU__) && !defined(__midipix__) -#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in mbedtls_config.h" -#endif - -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - -#include -#include - -struct _hr_time { - LARGE_INTEGER start; -}; - -#else - -#include -#include -#include -/* time.h should be included independently of MBEDTLS_HAVE_TIME. If the - * platform matches the ifdefs above, it will be used. */ -#include -#include -struct _hr_time { - struct timeval start; -}; -#endif /* _WIN32 && !EFIX64 && !EFI32 */ - -/** - * \brief Return the elapsed time in milliseconds - * - * \warning May change without notice - * - * \param val points to a timer structure - * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. - * - * \return Elapsed time since the previous reset in ms. When - * restarting, this is always 0. - * - * \note To initialize a timer, call this function with reset=1. - * - * Determining the elapsed time and resetting the timer is not - * atomic on all platforms, so after the sequence - * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 = - * get_timer(0) }` the value time1+time2 is only approximately - * the delay since the first reset. - */ -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - -unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) +unsigned long long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) { - struct _hr_time *t = (struct _hr_time *) val; - if (reset) { - QueryPerformanceCounter(&t->start); + val->ms = mbedtls_ms_time(); return 0; } else { - unsigned long delta; - LARGE_INTEGER now, hfreq; - QueryPerformanceCounter(&now); - QueryPerformanceFrequency(&hfreq); - delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul - / hfreq.QuadPart); - return delta; + mbedtls_ms_time_t now = mbedtls_ms_time(); + return now - val->ms; } } -#else /* _WIN32 && !EFIX64 && !EFI32 */ - -unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) -{ - struct _hr_time *t = (struct _hr_time *) val; - - if (reset) { - gettimeofday(&t->start, NULL); - return 0; - } else { - unsigned long delta; - struct timeval now; - gettimeofday(&now, NULL); - delta = (now.tv_sec - t->start.tv_sec) * 1000ul - + (now.tv_usec - t->start.tv_usec) / 1000; - return delta; - } -} - -#endif /* _WIN32 && !EFIX64 && !EFI32 */ - /* * Set delays to watch */ @@ -123,7 +45,7 @@ void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms) int mbedtls_timing_get_delay(void *data) { mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; - unsigned long elapsed_ms; + unsigned long long elapsed_ms; if (ctx->fin_ms == 0) { return -1; diff --git a/library/x509_internal.h b/library/x509_internal.h index ea3aeb6351..fcb996b19d 100644 --- a/library/x509_internal.h +++ b/library/x509_internal.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_X509_INTERNAL_H #define MBEDTLS_X509_INTERNAL_H -#include "tf_psa_crypto_common.h" +#include "mbedtls_common.h" #include "mbedtls/build_info.h" #include "mbedtls/private_access.h" diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index cb316706b7..fc00473cfc 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -5,14 +5,8 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - -#include "mbedtls/private/pk_private.h" - #include "ssl_test_lib.h" -#include "test/psa_crypto_helpers.h" - #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) int main(void) { @@ -27,6 +21,8 @@ int main(void) } #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */ +#include "test/psa_crypto_helpers.h" + /* Size of memory to be allocated for the heap, when using the library's memory * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */ #define MEMORY_HEAP_SIZE 120000 diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 8310bd21f3..9d7fb99e09 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -5,6 +5,15 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +/* On Mingw-w64, force the use of a C99-compliant printf() and friends. + * This is necessary on older versions of Mingw and/or Windows runtimes + * where snprintf does not always zero-terminate the buffer, and does + * not support formats such as "%zu" for size_t and "%lld" for long long. + */ +#if !defined(__USE_MINGW_ANSI_STDIO) +#define __USE_MINGW_ANSI_STDIO 1 +#endif + #include "mbedtls/build_info.h" #include "mbedtls/debug.h" #include "mbedtls/platform.h" diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index f4de913ed3..79cbad877d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -5,8 +5,6 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#define MBEDTLS_ALLOW_PRIVATE_ACCESS - #include "ssl_test_lib.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) @@ -3490,6 +3488,7 @@ handshake: * 5. Verify the client certificate */ mbedtls_printf(" . Verifying peer X.509 certificate..."); + fflush(stdout); if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; @@ -3507,6 +3506,7 @@ handshake: char crt_buf[512]; mbedtls_printf(" . Peer certificate information ...\n"); + fflush(stdout); mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), " ", mbedtls_ssl_get_peer_cert(&ssl)); mbedtls_printf("%s\n", crt_buf); @@ -3959,6 +3959,7 @@ data_exchange: size_t buf_len; mbedtls_printf(" . Serializing live connection..."); + fflush(stdout); ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len); if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { @@ -3993,6 +3994,7 @@ data_exchange: size_t b64_len; mbedtls_printf(" . Save serialized context to a file... "); + fflush(stdout); mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len); @@ -4041,6 +4043,7 @@ data_exchange: if (opt.serialize == 1) { /* nothing to do here, done by context_save() already */ mbedtls_printf(" . Context has been reset... ok\n"); + fflush(stdout); } /* @@ -4053,6 +4056,7 @@ data_exchange: */ if (opt.serialize == 2) { mbedtls_printf(" . Freeing and reinitializing context..."); + fflush(stdout); mbedtls_ssl_free(&ssl); @@ -4089,6 +4093,7 @@ data_exchange: } mbedtls_printf(" . Deserializing connection..."); + fflush(stdout); if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, buf_len)) != 0) { @@ -4118,6 +4123,7 @@ data_exchange: */ close_notify: mbedtls_printf(" . Closing the connection..."); + fflush(stdout); /* No error checking, the connection might be closed already */ do { diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index 62da9e92c8..491da1dd5f 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -8,6 +8,17 @@ #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H +/* On Mingw-w64, force the use of a C99-compliant printf() and friends. + * This is necessary on older versions of Mingw and/or Windows runtimes + * where snprintf does not always zero-terminate the buffer, and does + * not support formats such as "%zu" for size_t and "%lld" for long long. + */ +#if !defined(__USE_MINGW_ANSI_STDIO) +#define __USE_MINGW_ANSI_STDIO 1 +#endif + +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "mbedtls/private/pk_private.h" #include "mbedtls/build_info.h" diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 7312edf690..51cd45f026 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -5,6 +5,15 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +/* On Mingw-w64, force the use of a C99-compliant printf() and friends. + * This is necessary on older versions of Mingw and/or Windows runtimes + * where snprintf does not always zero-terminate the buffer, and does + * not support formats such as "%zu" for size_t and "%lld" for long long. + */ +#if !defined(__USE_MINGW_ANSI_STDIO) +#define __USE_MINGW_ANSI_STDIO 1 +#endif + #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS #include "mbedtls/build_info.h" @@ -441,8 +450,7 @@ int main(int argc, char *argv[]) } \ } else { \ mbedtls_printf("Padding checks only implemented for types of size 2, 4 or 8" \ - " - cannot check type '" #TYPE "' of size %" MBEDTLS_PRINTF_SIZET \ - "\n", \ + " - cannot check type '" #TYPE "' of size %zu\n", \ sizeof(TYPE)); \ mbedtls_exit(MBEDTLS_EXIT_FAILURE); \ } \ diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 81de042a50..eab15feb38 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -360,7 +360,9 @@ static unsigned elapsed_time(void) return 0; } - return mbedtls_timing_get_timer(&hires, 0); + /* Wraps after ~49.7 days (assuming 32-bit int). + * Don't run udp_proxy that long! */ + return (unsigned) mbedtls_timing_get_timer(&hires, 0); } typedef struct { diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index 0222d0f795..215d9453e2 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -150,7 +150,9 @@ int main(int argc, char *argv[]) } mbedtls_printf("."); } - ms = mbedtls_timing_get_timer(&timer, 0); + /* On 64-bit Windows and 32-bit platforms, this wraps after about + * 49.7 days. This shouldn't be a problem in practice. */ + ms = (unsigned long) mbedtls_timing_get_timer(&timer, 0); mbedtls_printf("\n%u iterations -> %lu ms\n", opt.iterations, ms); exit_code = MBEDTLS_EXIT_SUCCESS; diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 9966dea63b..529d84751e 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -15,7 +15,6 @@ set -e VERSION="" -SOVERSION="" # Parse arguments # @@ -52,7 +51,7 @@ do echo -e " --so-x509 \tSO version to bump libmbedx509 to." echo -e " --so-tls \tSO version to bump libmbedtls to." echo -e " -v|--verbose\t\tVerbose." - exit 1 + exit 0 ;; *) # print error diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 69bec9fe40..0d91ccbf32 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -1,11 +1,11 @@ -/* +/* -*-c-*- * Error message information * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#include "tf_psa_crypto_common.h" +#include "mbedtls_common.h" #include "mbedtls/error.h" diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt index fc71f5d777..4b28764a7e 100644 --- a/scripts/data_files/version_features.fmt +++ b/scripts/data_files/version_features.fmt @@ -1,11 +1,11 @@ -/* +/* -*-c-*- * Version feature information * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#include "ssl_misc.h" +#include "mbedtls_common.h" #if defined(MBEDTLS_VERSION_C) diff --git a/scripts/generate_tls_handshake_tests.py b/scripts/generate_tls_handshake_tests.py new file mode 100755 index 0000000000..30f27b1b37 --- /dev/null +++ b/scripts/generate_tls_handshake_tests.py @@ -0,0 +1,17 @@ +#!/usr/bin/env python3 +""" +Generate miscellaneous TLS test cases relating to the handshake. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +import sys + +import framework_scripts_path # pylint: disable=unused-import + +from mbedtls_framework import tls_handshake_tests + +if __name__ == '__main__': + sys.argv[1:1] = ["--no-tls12-client-hello-defragmentation-support"] + tls_handshake_tests.main() diff --git a/scripts/make_generated_files.bat b/scripts/make_generated_files.bat index f10b23b705..1c3536306e 100644 --- a/scripts/make_generated_files.bat +++ b/scripts/make_generated_files.bat @@ -12,4 +12,4 @@ python framework\scripts\make_generated_files.py || exit /b 1 cd .. @rem @@@@ mbedtls @@@@ -python framework\scripts\make_generated_files.py || exit /b 1 +python scripts\make_generated_files.py || exit /b 1 diff --git a/scripts/make_generated_files.py b/scripts/make_generated_files.py new file mode 100755 index 0000000000..5822f36f03 --- /dev/null +++ b/scripts/make_generated_files.py @@ -0,0 +1,81 @@ +#!/usr/bin/env python3 +"""Generate, check and list the generated files +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +import sys +from pathlib import Path + +import framework_scripts_path # pylint: disable=unused-import + +from mbedtls_framework import build_tree +from mbedtls_framework import generated_files +from mbedtls_framework.generated_files import GenerationScript, get_generation_script_files + +GENERATION_SCRIPTS = [ + GenerationScript( + Path("scripts/generate_errors.pl"), + [Path("library/error.c")], + None, "tf-psa-crypto/drivers/builtin/include/mbedtls \ + include/mbedtls/ \ + scripts/data_files" + ), + GenerationScript( + Path("scripts/generate_features.pl"), + [Path("library/version_features.c")], + None, "include/mbedtls/ scripts/data_files" + ), + GenerationScript( + Path("framework/scripts/generate_ssl_debug_helpers.py"), + [Path("library/ssl_debug_helpers_generated.c")], + "", None + ), + GenerationScript( + Path("framework/scripts/generate_test_keys.py"), + [Path("tests/include/test/test_keys.h")], + None, "--output" + ), + GenerationScript( + Path("framework/scripts/generate_test_cert_macros.py"), + [Path("tests/include/test/test_certs.h")], + None, "--output" + ), + GenerationScript( + Path("scripts/generate_query_config.pl"), + [Path("programs/test/query_config.c")], + None, "include/mbedtls/mbedtls_config.h \ + tf-psa-crypto/include/psa/crypto_config.h \ + scripts/data_files/query_config.fmt" + ), + GenerationScript( + Path("framework/scripts/generate_config_tests.py"), + get_generation_script_files("framework/scripts/generate_config_tests.py"), + "--directory", None + ), + GenerationScript( + Path("framework/scripts/generate_tls13_compat_tests.py"), + [Path("tests/opt-testcases/tls13-compat.sh")], + None, "--output" + ), + GenerationScript( + Path("scripts/generate_tls_handshake_tests.py"), + [Path("tests/opt-testcases/handshake-generated.sh")], + None, "--output" + ), + GenerationScript( + Path("scripts/generate_config_checks.py"), + get_generation_script_files("scripts/generate_config_checks.py"), + output_dir_option="", + optional=True) +] + +def main() -> int: + if not build_tree.looks_like_mbedtls_root("."): + raise RuntimeError("This script must be run from Mbed TLS.") + + return generated_files.main(GENERATION_SCRIPTS) + +if __name__ == "__main__": + sys.exit(main()) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index d12133d300..ec625234dc 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -58,10 +58,10 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND "${MBEDTLS_PYTHON_EXECUTABLE}" - "${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_tls_handshake_tests.py" + "${PROJECT_SOURCE_DIR}/scripts/generate_tls_handshake_tests.py" DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/mbedtls_framework/tls_test_case.py - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_tls_handshake_tests.py + ${PROJECT_SOURCE_DIR}/scripts/generate_tls_handshake_tests.py ) add_custom_target(handshake-generated.sh DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/opt-testcases/handshake-generated.sh) diff --git a/tests/Makefile b/tests/Makefile index 45d12b72de..745a09d240 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -45,9 +45,9 @@ GENERATED_FILES = \ .PHONY: ssl-opt opt-testcases/handshake-generated.sh: ../framework/scripts/mbedtls_framework/tls_test_case.py -opt-testcases/handshake-generated.sh: ../framework/scripts/generate_tls_handshake_tests.py +opt-testcases/handshake-generated.sh: ../scripts/generate_tls_handshake_tests.py echo " Gen $@" - $(PYTHON) ../framework/scripts/generate_tls_handshake_tests.py -o $@ + $(PYTHON) ../scripts/generate_tls_handshake_tests.py -o $@ GENERATED_FILES += opt-testcases/handshake-generated.sh ssl-opt: opt-testcases/handshake-generated.sh diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 42464a845e..29c41beba2 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -218,463 +218,9 @@ class CoverageTask(outcome_analysis.CoverageTask): ], } - -# The names that we give to classes derived from DriverVSReference do not -# follow the usual naming convention, because it's more readable to use -# underscores and parts of the configuration names. Also, these classes -# are just there to specify some data, so they don't need repetitive -# documentation. -#pylint: disable=invalid-name,missing-class-docstring - -class DriverVSReference_hash(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_hash_use_psa' - DRIVER = 'test_psa_crypto_config_accel_hash_use_psa' - IGNORED_SUITES = [ - # the software implementations that are being excluded - 'mdx', 'sha1', 'sha256', 'sha3', 'sha512', 'shax', - 'md.psa', # purposefully depends on whether drivers are present - 'psa_crypto_low_hash.generated', # testing the builtins - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(MD5|RIPEMD160|SHA[0-9]+)_.*'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - } - -class DriverVSReference_hmac(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_hmac' - DRIVER = 'test_psa_crypto_config_accel_hmac' - IGNORED_SUITES = [ - # These suites require legacy hash support, which is disabled - # in the accelerated component. - 'mdx', 'sha1', 'sha256', 'sha3', 'sha512', 'shax', - # This suite tests builtins directly, but these are missing - # in the accelerated case. - 'psa_crypto_low_hash.generated', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(MD5|RIPEMD160|SHA[0-9]+)_.*'), - re.compile(r'.*\bMBEDTLS_MD_C\b') - ], - 'test_suite_md': [ - # Builtin HMAC is not supported in the accelerate component. - re.compile('.*HMAC.*'), - # Following tests make use of functions which are not available - # when MD_C is disabled, as it happens in the accelerated - # test component. - re.compile('generic .* Hash file .*'), - 'MD list', - ], - 'test_suite_md.psa': [ - # "legacy only" tests require hash algorithms to be NOT - # accelerated, but this of course false for the accelerated - # test component. - re.compile('PSA dispatch .* legacy only'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - } - -class DriverVSReference_cipher_aead_cmac(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_cipher_aead_cmac' - DRIVER = 'test_psa_crypto_config_accel_cipher_aead_cmac' - # Modules replaced by drivers. - IGNORED_SUITES = [ - # low-level (block/stream) cipher modules - 'aes', 'aria', 'camellia', 'des', 'chacha20', - # AEAD modes, CMAC and POLY1305 - 'ccm', 'chachapoly', 'cmac', 'gcm', 'poly1305', - # The Cipher abstraction layer - 'cipher', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(AES|ARIA|CAMELLIA|CHACHA20|DES)_.*'), - re.compile(r'.*\bMBEDTLS_(CCM|CHACHAPOLY|CMAC|GCM|POLY1305)_.*'), - re.compile(r'.*\bMBEDTLS_AES(\w+)_C\b.*'), - re.compile(r'.*\bMBEDTLS_CIPHER_.*'), - ], - # PEM decryption is not supported so far. - # The rest of PEM (write, unencrypted read) works though. - 'test_suite_pem': [ - re.compile(r'PEM read .*(AES|DES|\bencrypt).*'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # Following tests depend on AES_C/DES_C but are not about - # them really, just need to know some error code is there. - 'test_suite_error': [ - 'Low and high error', - 'Single low error' - ], - # The en/decryption part of PKCS#12 is not supported so far. - # The rest of PKCS#12 (key derivation) works though. - 'test_suite_pkcs12': [ - re.compile(r'PBE Encrypt, .*'), - re.compile(r'PBE Decrypt, .*'), - ], - # The en/decryption part of PKCS#5 is not supported so far. - # The rest of PKCS#5 (PBKDF2) works though. - 'test_suite_pkcs5': [ - re.compile(r'PBES2 Encrypt, .*'), - re.compile(r'PBES2 Decrypt .*'), - ], - # Encrypted keys are not supported so far. - # pylint: disable=line-too-long - 'test_suite_pkparse': [ - 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)', - 'Key ASN1 (Encrypted key PKCS5, trailing garbage data)', - re.compile(r'Parse (RSA|EC) Key .*\(.* ([Ee]ncrypted|password).*\)'), - ], - # Encrypted keys are not supported so far. - 'ssl-opt': [ - 'TLS: password protected server key', - 'TLS: password protected client key', - 'TLS: password protected server key, two certificates', - ], - } - -class DriverVSReference_ecp_light_only(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_ecc_ecp_light_only' - DRIVER = 'test_psa_crypto_config_accel_ecc_ecp_light_only' - IGNORED_SUITES = [ - # Modules replaced by drivers - 'ecdsa', 'ecdh', 'ecjpake', - # Unit tests for the built-in implementation - 'psa_crypto_ecp', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # This test wants a legacy function that takes f_rng, p_rng - # arguments, and uses legacy ECDSA for that. The test is - # really about the wrapper around the PSA RNG, not ECDSA. - 'test_suite_random': [ - 'PSA classic wrapper: ECDSA signature (SECP256R1)', - ], - # In the accelerated test ECP_C is not set (only ECP_LIGHT is) - # so we must ignore disparities in the tests for which ECP_C - # is required. - 'test_suite_ecp': [ - re.compile(r'ECP check public-private .*'), - re.compile(r'ECP calculate public: .*'), - re.compile(r'ECP gen keypair .*'), - re.compile(r'ECP point muladd .*'), - re.compile(r'ECP point multiplication .*'), - re.compile(r'ECP test vectors .*'), - ], - } - -class DriverVSReference_no_ecp_at_all(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_ecc_no_ecp_at_all' - DRIVER = 'test_psa_crypto_config_accel_ecc_no_ecp_at_all' - IGNORED_SUITES = [ - # Modules replaced by drivers - 'ecp', 'ecdsa', 'ecdh', 'ecjpake', - # Unit tests for the built-in implementation - 'psa_crypto_ecp', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'), - re.compile(r'.*\bMBEDTLS_PK_PARSE_EC_COMPRESSED\b.*'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # See ecp_light_only - 'test_suite_random': [ - 'PSA classic wrapper: ECDSA signature (SECP256R1)', - ], - 'test_suite_pkparse': [ - # When PK_PARSE_C and ECP_C are defined then PK_PARSE_EC_COMPRESSED - # is automatically enabled in build_info.h (backward compatibility) - # even if it is disabled in config_psa_crypto_no_ecp_at_all(). As a - # consequence compressed points are supported in the reference - # component but not in the accelerated one, so they should be skipped - # while checking driver's coverage. - re.compile(r'Parse EC Key .*compressed\)'), - re.compile(r'Parse Public EC Key .*compressed\)'), - ], - } - -class DriverVSReference_ecc_no_bignum(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_ecc_no_bignum' - DRIVER = 'test_psa_crypto_config_accel_ecc_no_bignum' - IGNORED_SUITES = [ - # Modules replaced by drivers - 'ecp', 'ecdsa', 'ecdh', 'ecjpake', - 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw', - 'bignum.generated', 'bignum.misc', - # Unit tests for the built-in implementation - 'psa_crypto_ecp', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_BIGNUM_C\b.*'), - re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'), - re.compile(r'.*\bMBEDTLS_PK_PARSE_EC_COMPRESSED\b.*'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # See ecp_light_only - 'test_suite_random': [ - 'PSA classic wrapper: ECDSA signature (SECP256R1)', - ], - # See no_ecp_at_all - 'test_suite_pkparse': [ - re.compile(r'Parse EC Key .*compressed\)'), - re.compile(r'Parse Public EC Key .*compressed\)'), - ], - 'test_suite_asn1parse': [ - 'INTEGER too large for mpi', - ], - 'test_suite_asn1write': [ - re.compile(r'ASN.1 Write mpi.*'), - ], - 'test_suite_debug': [ - re.compile(r'Debug print mbedtls_mpi.*'), - ], - } - -class DriverVSReference_ecc_ffdh_no_bignum(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum' - DRIVER = 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum' - IGNORED_SUITES = [ - # Modules replaced by drivers - 'ecp', 'ecdsa', 'ecdh', 'ecjpake', - 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw', - 'bignum.generated', 'bignum.misc', - # Unit tests for the built-in implementation - 'psa_crypto_ecp', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_BIGNUM_C\b.*'), - re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'), - re.compile(r'.*\bMBEDTLS_PK_PARSE_EC_COMPRESSED\b.*'), - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # See ecp_light_only - 'test_suite_random': [ - 'PSA classic wrapper: ECDSA signature (SECP256R1)', - ], - # See no_ecp_at_all - 'test_suite_pkparse': [ - re.compile(r'Parse EC Key .*compressed\)'), - re.compile(r'Parse Public EC Key .*compressed\)'), - ], - 'test_suite_asn1parse': [ - 'INTEGER too large for mpi', - ], - 'test_suite_asn1write': [ - re.compile(r'ASN.1 Write mpi.*'), - ], - 'test_suite_debug': [ - re.compile(r'Debug print mbedtls_mpi.*'), - ], - } - -class DriverVSReference_ffdh_alg(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_ffdh' - DRIVER = 'test_psa_crypto_config_accel_ffdh' - IGNORED_TESTS = { - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - } - -class DriverVSReference_tfm_config(outcome_analysis.DriverVSReference): - REFERENCE = 'test_tfm_config_no_p256m' - DRIVER = 'test_tfm_config_p256m_driver_accel_ec' - IGNORED_SUITES = [ - # Modules replaced by drivers - 'asn1parse', 'asn1write', - 'ecp', 'ecdsa', 'ecdh', 'ecjpake', - 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw', - 'bignum.generated', 'bignum.misc', - # Unit tests for the built-in implementation - 'psa_crypto_ecp', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_BIGNUM_C\b.*'), - re.compile(r'.*\bMBEDTLS_(ASN1\w+)_C\b.*'), - re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECP)_.*'), - re.compile(r'.*\bMBEDTLS_PSA_P256M_DRIVER_ENABLED\b.*') - ], - 'test_suite_config.crypto_combinations': [ - 'Config: ECC: Weierstrass curves only', - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # See ecp_light_only - 'test_suite_random': [ - 'PSA classic wrapper: ECDSA signature (SECP256R1)', - ], - } - -class DriverVSReference_rsa(outcome_analysis.DriverVSReference): - REFERENCE = 'test_psa_crypto_config_reference_rsa_crypto' - DRIVER = 'test_psa_crypto_config_accel_rsa_crypto' - IGNORED_SUITES = [ - # Modules replaced by drivers. - 'rsa', 'pkcs1_v15', 'pkcs1_v21', - # We temporarily don't care about PK stuff. - 'pk', 'pkwrite', 'pkparse' - ] - IGNORED_TESTS = { - 'test_suite_bignum.misc': [ - re.compile(r'.*\bmbedtls_mpi_is_prime.*'), - re.compile(r'.*\bmbedtls_mpi_gen_prime.*'), - ], - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(PKCS1|RSA)_.*'), - re.compile(r'.*\bMBEDTLS_GENPRIME\b.*') - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - # Following tests depend on RSA_C but are not about - # them really, just need to know some error code is there. - 'test_suite_error': [ - 'Low and high error', - 'Single high error' - ], - # Constant time operations only used for PKCS1_V15 - 'test_suite_constant_time': [ - re.compile(r'mbedtls_ct_zeroize_if .*'), - re.compile(r'mbedtls_ct_memmove_left .*') - ], - 'test_suite_psa_crypto': [ - # We don't support generate_key_custom entry points - # in drivers yet. - re.compile(r'PSA generate key custom: RSA, e=.*'), - re.compile(r'PSA generate key ext: RSA, e=.*'), - ], - } - -class DriverVSReference_block_cipher_dispatch(outcome_analysis.DriverVSReference): - REFERENCE = 'test_full_block_cipher_legacy_dispatch' - DRIVER = 'test_full_block_cipher_psa_dispatch' - IGNORED_SUITES = [ - # Skipped in the accelerated component - 'aes', 'aria', 'camellia', - # These require AES_C, ARIA_C or CAMELLIA_C to be enabled in - # order for the cipher module (actually cipher_wrapper) to work - # properly. However these symbols are disabled in the accelerated - # component so we ignore them. - 'cipher.ccm', 'cipher.gcm', 'cipher.aes', 'cipher.aria', - 'cipher.camellia', - ] - IGNORED_TESTS = { - 'test_suite_config': [ - re.compile(r'.*\bMBEDTLS_(AES|ARIA|CAMELLIA)_.*'), - re.compile(r'.*\bMBEDTLS_AES(\w+)_C\b.*'), - ], - 'test_suite_cmac': [ - # Following tests require AES_C/ARIA_C/CAMELLIA_C to be enabled, - # but these are not available in the accelerated component. - 'CMAC null arguments', - re.compile('CMAC.* (AES|ARIA|Camellia).*'), - ], - 'test_suite_cipher.padding': [ - # Following tests require AES_C/CAMELLIA_C to be enabled, - # but these are not available in the accelerated component. - re.compile('Set( non-existent)? padding with (AES|CAMELLIA).*'), - ], - 'test_suite_pkcs5': [ - # The AES part of PKCS#5 PBES2 is not yet supported. - # The rest of PKCS#5 (PBKDF2) works, though. - re.compile(r'PBES2 .* AES-.*') - ], - 'test_suite_pkparse': [ - # PEM (called by pkparse) requires AES_C in order to decrypt - # the key, but this is not available in the accelerated - # component. - re.compile('Parse RSA Key.*(password|AES-).*'), - ], - 'test_suite_pem': [ - # Following tests require AES_C, but this is diabled in the - # accelerated component. - re.compile('PEM read .*AES.*'), - 'PEM read (unknown encryption algorithm)', - ], - 'test_suite_error': [ - # Following tests depend on AES_C but are not about them - # really, just need to know some error code is there. - 'Single low error', - 'Low and high error', - ], - 'test_suite_platform': [ - # Incompatible with sanitizers (e.g. ASan). If the driver - # component uses a sanitizer but the reference component - # doesn't, we have a PASS vs SKIP mismatch. - 'Check mbedtls_calloc overallocation', - ], - } - -#pylint: enable=invalid-name,missing-class-docstring - - # List of tasks with a function that can handle this task and additional arguments if required -KNOWN_TASKS = { +KNOWN_TASKS: typing.Dict[str, typing.Type[outcome_analysis.Task]] = { 'analyze_coverage': CoverageTask, - 'analyze_driver_vs_reference_hash': DriverVSReference_hash, - 'analyze_driver_vs_reference_hmac': DriverVSReference_hmac, - 'analyze_driver_vs_reference_cipher_aead_cmac': DriverVSReference_cipher_aead_cmac, - 'analyze_driver_vs_reference_ecp_light_only': DriverVSReference_ecp_light_only, - 'analyze_driver_vs_reference_no_ecp_at_all': DriverVSReference_no_ecp_at_all, - 'analyze_driver_vs_reference_ecc_no_bignum': DriverVSReference_ecc_no_bignum, - 'analyze_driver_vs_reference_ecc_ffdh_no_bignum': DriverVSReference_ecc_ffdh_no_bignum, - 'analyze_driver_vs_reference_ffdh_alg': DriverVSReference_ffdh_alg, - 'analyze_driver_vs_reference_tfm_config': DriverVSReference_tfm_config, - 'analyze_driver_vs_reference_rsa': DriverVSReference_rsa, - 'analyze_block_cipher_dispatch': DriverVSReference_block_cipher_dispatch, } if __name__ == '__main__': diff --git a/tests/scripts/components-basic-checks.sh b/tests/scripts/components-basic-checks.sh index 199396df30..6a5bc3a1d7 100644 --- a/tests/scripts/components-basic-checks.sh +++ b/tests/scripts/components-basic-checks.sh @@ -19,14 +19,14 @@ component_check_recursion () { component_check_generated_files () { msg "Check make_generated_files.py consistency" $MAKE_COMMAND neat - $FRAMEWORK/scripts/make_generated_files.py - $FRAMEWORK/scripts/make_generated_files.py --check + scripts/make_generated_files.py + scripts/make_generated_files.py --check $MAKE_COMMAND neat msg "Check files generated with make" MBEDTLS_ROOT_DIR="$PWD" $MAKE_COMMAND generated_files - $FRAMEWORK/scripts/make_generated_files.py --check + scripts/make_generated_files.py --check cd $TF_PSA_CRYPTO_ROOT_DIR ./framework/scripts/make_generated_files.py --check @@ -39,10 +39,11 @@ component_check_generated_files () { make cd "$MBEDTLS_ROOT_DIR" - $FRAMEWORK/scripts/make_generated_files.py --root "$OUT_OF_SOURCE_DIR" --check + scripts/make_generated_files.py --root "$OUT_OF_SOURCE_DIR" --check cd $TF_PSA_CRYPTO_ROOT_DIR ./framework/scripts/make_generated_files.py --root "$OUT_OF_SOURCE_DIR/tf-psa-crypto" --check + cd "$MBEDTLS_ROOT_DIR" # This component ends with the generated files present in the source tree. # This is necessary for subsequent components! diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index aee412c4a8..baa59fb5f5 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -528,7 +528,7 @@ component_test_crypto_for_psa_service () { component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal - CFLAGS="-O1 -I$PWD/framework/tests/include/baremetal-override/" cmake . + CFLAGS="-O1 -I$PWD/framework/tests/include/baremetal-override/ -DMBEDTLS_TEST_PLATFORM_IS_NOT_UNIXLIKE" cmake . cmake --build . ctest are_empty_libraries library/libmbedx509.* library/libmbedtls.* diff --git a/tests/scripts/components-configuration.sh b/tests/scripts/components-configuration.sh index 89104a3bab..dcd01c7e58 100644 --- a/tests/scripts/components-configuration.sh +++ b/tests/scripts/components-configuration.sh @@ -220,7 +220,7 @@ component_test_full_deprecated_warning () { component_build_baremetal () { msg "build: make, baremetal config" scripts/config.py baremetal - $MAKE_COMMAND CFLAGS="-O1 -Werror -I$PWD/framework/tests/include/baremetal-override/" + $MAKE_COMMAND CFLAGS="-O1 -Werror -I$PWD/framework/tests/include/baremetal-override/ -DMBEDTLS_TEST_PLATFORM_IS_NOT_UNIXLIKE" } support_build_baremetal () { diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ab727e6a48..9b5987188f 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -9914,6 +9914,7 @@ run_test "DTLS reassembly: some fragmentation (gnutls server)" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -C "error" requires_gnutls @@ -9923,6 +9924,8 @@ run_test "DTLS reassembly: more fragmentation (gnutls server)" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ + -c "ServerKeyExchange handshake message has been buffered and reassembled" \ -C "error" requires_gnutls @@ -9932,6 +9935,8 @@ run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ "$P_CLI dtls=1 nbio=2 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ + -c "ServerKeyExchange handshake message has been buffered and reassembled" \ -C "error" requires_gnutls @@ -9942,6 +9947,7 @@ run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -c "client hello, adding renegotiation extension" \ -c "found renegotiation extension" \ -c "=> renegotiate" \ @@ -9957,6 +9963,7 @@ run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -c "client hello, adding renegotiation extension" \ -c "found renegotiation extension" \ -c "=> renegotiate" \ @@ -9972,20 +9979,17 @@ run_test "DTLS reassembly: no fragmentation (openssl server)" \ -C "found fragmented DTLS handshake message" \ -C "error" +# Minimum possible MTU for OpenSSL server: 256 bytes. +# We expect the server Certificate handshake to be fragmented and verify that +# this is the case. Depending on the configuration, other handshake messages may +# also be fragmented. requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "DTLS reassembly: some fragmentation (openssl server)" \ - "$O_SRV -dtls -mtu 256" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -run_test "DTLS reassembly: more fragmentation (openssl server)" \ +run_test "DTLS reassembly: fragmentation (openssl server)" \ "$O_SRV -dtls -mtu 256" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -C "error" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9994,6 +9998,7 @@ run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ "$P_CLI dtls=1 nbio=2 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ + -c "Certificate handshake message has been buffered and reassembled" \ -C "error" # Tests for sending fragmented handshake messages with DTLS @@ -10662,7 +10667,7 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" # We use --insecure for the GnuTLS client because it expects @@ -10684,7 +10689,7 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ mtu=512 force_version=dtls12" \ "$G_CLI -u --insecure 127.0.0.1" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC @@ -10696,7 +10701,7 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" requires_config_enabled MBEDTLS_SSL_PROTO_DTLS @@ -10709,7 +10714,7 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ mtu=512 force_version=dtls12" \ "$O_CLI -dtls1_2" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" # interop tests for DTLS fragmentating with unreliable connection # @@ -10728,7 +10733,7 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" requires_gnutls_next @@ -10744,7 +10749,7 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ "$G_NEXT_CLI -u --insecure 127.0.0.1" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" ## The test below requires 1.1.1a or higher version of openssl, otherwise ## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902) @@ -10761,7 +10766,7 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ key_file=$DATA_FILES_PATH/server8.key \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 0 \ - -c "fragmenting handshake message" \ + -c "fragmenting Certificate handshake message" \ -C "error" ## the test below will time out with certain seed. @@ -10779,7 +10784,7 @@ run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ hs_timeout=250-60000 mtu=512 force_version=dtls12" \ "$O_CLI -dtls1_2" \ 0 \ - -s "fragmenting handshake message" + -s "fragmenting Certificate handshake message" # Tests for DTLS-SRTP (RFC 5764) requires_config_enabled MBEDTLS_SSL_DTLS_SRTP @@ -11496,9 +11501,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ hs_timeout=2500-60000" \ 0 \ -c "Buffering HS message" \ - -c "Next handshake message has been buffered - load"\ + -c "Certificate handshake message has been buffered$"\ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered"\ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -11516,9 +11521,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message fragment on -c "Buffering HS message" \ -c "found fragmented DTLS handshake message"\ -c "Next handshake message 1 not or only partially buffered" \ - -c "Next handshake message has been buffered - load"\ + -c "Certificate handshake message has been buffered and reassembled"\ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -11539,10 +11544,11 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex hs_timeout=2500-60000" \ 0 \ -c "Buffering HS message" \ - -c "Next handshake message has been buffered - load"\ + -c "Certificate handshake message has been buffered and reassembled"\ + -c "ServerKeyExchange handshake message has been buffered$"\ -C "attempt to make space by freeing buffered messages" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -11566,7 +11572,7 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex -c "attempt to make space by freeing buffered future messages" \ -c "Enough space available after freeing buffered HS messages" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load"\ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -11582,9 +11588,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ hs_timeout=2500-60000" \ 0 \ -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ + -C "handshake message has been buffered" \ -s "Buffering HS message" \ - -s "Next handshake message has been buffered - load" \ + -s "ClientKeyExchange handshake message has been buffered$" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -11601,9 +11607,9 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ hs_timeout=2500-60000" \ 0 \ -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ + -C "handshake message has been buffered" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load" \ + -S "handshake message has been buffered" \ -c "Injecting buffered CCS message" \ -c "Remember CCS message" \ -S "Injecting buffered CCS message" \ @@ -11619,9 +11625,9 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ hs_timeout=2500-60000" \ 0 \ -C "Buffering HS message" \ - -C "Next handshake message has been buffered - load"\ + -C "handshake message has been buffered" \ -S "Buffering HS message" \ - -S "Next handshake message has been buffered - load" \ + -S "handshake message has been buffered" \ -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ -s "Injecting buffered CCS message" \ @@ -11857,10 +11863,11 @@ not_with_valgrind # risk of non-mbedtls peer timing out requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, openssl server, fragmentation" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_NEXT_SRV -dtls1_2 -mtu 768" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ + "$O_NEXT_SRV -dtls1_2 -mtu 256" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000 tickets=0" \ 0 \ - -c "HTTP/1.0 200 OK" + -c "HTTP/1.0 200 OK" \ + -c "Certificate handshake message has been buffered and reassembled" requires_openssl_next client_needs_more_time 8 @@ -11868,10 +11875,11 @@ not_with_valgrind # risk of non-mbedtls peer timing out requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_NEXT_SRV -dtls1_2 -mtu 768" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ + "$O_NEXT_SRV -dtls1_2 -mtu 256" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000 nbio=2 tickets=0" \ 0 \ - -c "HTTP/1.0 200 OK" + -c "HTTP/1.0 200 OK" \ + -c "Certificate handshake message has been buffered and reassembled" requires_gnutls client_needs_more_time 6 @@ -11892,10 +11900,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$G_NEXT_SRV -u --mtu 512" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000" \ 0 \ -s "Extra-header:" \ - -c "Extra-header:" + -c "Extra-header:" \ + -c "Certificate handshake message has been buffered and reassembled" requires_gnutls_next client_needs_more_time 8 @@ -11904,10 +11913,11 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$G_NEXT_SRV -u --mtu 512" \ - "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2 hs_timeout=500-60000 nbio=2" \ 0 \ -s "Extra-header:" \ - -c "Extra-header:" + -c "Extra-header:" \ + -c "Certificate handshake message has been buffered and reassembled" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "export keys functionality" \ @@ -13766,16 +13776,6 @@ run_test "TLS 1.2 ClientHello indicating support for deflate compression meth # Most test cases are in opt-testcases/handshake-generated.sh -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_certificate_authentication -run_test "Handshake defragmentation on server: len=32, TLS 1.2 ClientHello (unsupported)" \ - "$P_SRV debug_level=4 force_version=tls12 auth_mode=required" \ - "$O_NEXT_CLI -tls1_2 -split_send_frag 32 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ - 1 \ - -s "The SSL configuration is tls12 only" \ - -s "bad client hello message" \ - -s "SSL - A message could not be parsed due to a syntactic error" - # Test server-side buffer resizing with fragmented handshake on TLS1.2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index 3d72056528..d9a5c5c2ed 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -1,12 +1,46 @@ printf "%" MBEDTLS_PRINTF_SIZET, 0 printf_int_expr:PRINTF_SIZET:sizeof(size_t):0:"0" +printf "%" MBEDTLS_PRINTF_SIZET, 1 byte +printf_int_expr:PRINTF_SIZET:sizeof(size_t):42:"42" + +printf "%" MBEDTLS_PRINTF_SIZET, 4 bytes +printf_int_expr:PRINTF_SIZET:sizeof(size_t):0xfedcba98:"4275878552" + +printf "%" MBEDTLS_PRINTF_SIZET, 8 bytes +depends_on:SIZE_MAX>=0xffffffffffffffff +printf_int_expr:PRINTF_SIZET:sizeof(size_t):0xfedcba9876543210:"18364758544493064720" + printf "%" MBEDTLS_PRINTF_LONGLONG, 0 printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0:"0" +printf "%" MBEDTLS_PRINTF_LONGLONG, 1 byte +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):42:"42" + +printf "%" MBEDTLS_PRINTF_LONGLONG, 4 bytes +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0xfedcba98:"4275878552" + +printf "%" MBEDTLS_PRINTF_LONGLONG, 8 bytes +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):0x7edcba9876543210:"9141386507638288912" + +printf "%" MBEDTLS_PRINTF_LONGLONG, 8 bytes, negative +printf_int_expr:PRINTF_LONGLONG:sizeof(long long):-0x7edcba9876543210:"-9141386507638288912" + printf "%" MBEDTLS_PRINTF_MS_TIME, 0 printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0:"0" +printf "%" MBEDTLS_PRINTF_MS_TIME, 1 byte +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):42:"42" + +printf "%" MBEDTLS_PRINTF_MS_TIME, 4 bytes +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0xfedcba98:"4275878552" + +printf "%" MBEDTLS_PRINTF_MS_TIME, 8 bytes +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):0x7edcba9876543210:"9141386507638288912" + +printf "%" MBEDTLS_PRINTF_MS_TIME, 8 bytes, negative +printf_int_expr:PRINTF_MS_TIME:sizeof(mbedtls_ms_time_t):-0x7edcba9876543210:"-9141386507638288912" + Debug print msg (threshold 1, level 0) debug_print_msg_threshold:1:0:"MyFile":999:"MyFile(0999)\: Text message, 2 == 2\n" diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 05b0112b93..2d5e5619b6 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -116,11 +116,11 @@ void printf_int_expr(int format_indicator, intmax_t sizeof_x, intmax_t x, char * /* Nominal case: buffer just large enough */ TEST_CALLOC(output, n + 1); if ((size_t) sizeof_x <= sizeof(int)) { // Any smaller integers would be promoted to an int due to calling a vararg function - TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (int) x)); + TEST_EQUAL(n, mbedtls_debug_snprintf(output, n + 1, format, (int) x)); } else if (sizeof_x == sizeof(long)) { - TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (long) x)); + TEST_EQUAL(n, mbedtls_debug_snprintf(output, n + 1, format, (long) x)); } else if (sizeof_x == sizeof(long long)) { - TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, (long long) x)); + TEST_EQUAL(n, mbedtls_debug_snprintf(output, n + 1, format, (long long) x)); } else { TEST_FAIL( "sizeof_x <= sizeof(int) || sizeof_x == sizeof(long) || sizeof_x == sizeof(long long)"); diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index b05de38509..6b9c73f11e 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3031,6 +3031,166 @@ ssl_serialize_session_load_buf_size:0:"":MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSI Test configuration of EC groups through mbedtls_ssl_conf_groups() conf_group: +Get supported group list: x25519, positive +depends_on:PSA_WANT_ECC_MONTGOMERY_255 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_X25519:1 + +Get supported group list: x25519, negative +depends_on:!PSA_WANT_ECC_MONTGOMERY_255 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_X25519:0 + +Get supported group list: secp256r1, positive +depends_on:PSA_WANT_ECC_SECP_R1_256 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1:1 + +Get supported group list: secp256r1, negative +depends_on:!PSA_WANT_ECC_SECP_R1_256 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1:0 + +Get supported group list: secp384r1, positive +depends_on:PSA_WANT_ECC_SECP_R1_384 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1:1 + +Get supported group list: secp384r1, negative +depends_on:!PSA_WANT_ECC_SECP_R1_384 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1:0 + +Get supported group list: x448, positive +depends_on:PSA_WANT_ECC_MONTGOMERY_448 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_X448:1 + +Get supported group list: x448, negative +depends_on:!PSA_WANT_ECC_MONTGOMERY_448 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_X448:0 + +Get supported group list: secp521r1, positive +depends_on:PSA_WANT_ECC_SECP_R1_521 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1:1 + +Get supported group list: secp521r1, negative +depends_on:!PSA_WANT_ECC_SECP_R1_521 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1:0 + +Get supported group list: brainpool256r1, positive +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1:1 + +Get supported group list: brainpool256r1, negative +depends_on:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1:0 + +Get supported group list: brainpool384r1, positive +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1:1 + +Get supported group list: brainpool384r1, negative +depends_on:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1:0 + +Get supported group list: brainpool512r1, positive +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1:1 + +Get supported group list: brainpool512r1, negative +depends_on:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1:0 + +Get supported group list: ffdhe2048, positive +depends_on:PSA_WANT_DH_RFC7919_2048 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:1 + +Get supported group list: ffdhe2048, negative +depends_on:!PSA_WANT_DH_RFC7919_2048 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:0 + +Get supported group list: ffdhe3072, positive +depends_on:PSA_WANT_DH_RFC7919_3072 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:1 + +Get supported group list: ffdhe3072, negative +depends_on:!PSA_WANT_DH_RFC7919_3072 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:0 + +Get supported group list: ffdhe4096, positive +depends_on:PSA_WANT_DH_RFC7919_4096 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:1 + +Get supported group list: ffdhe4096, negative +depends_on:!PSA_WANT_DH_RFC7919_4096 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:0 + +Get supported group list: ffdhe6144, positive +depends_on:PSA_WANT_DH_RFC7919_6144 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:1 + +Get supported group list: ffdhe6144, negative +depends_on:!PSA_WANT_DH_RFC7919_6144 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:0 + +Get supported group list: ffdhe8192, positive +depends_on:PSA_WANT_DH_RFC7919_8192 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:1 + +Get supported group list: ffdhe8192, negative +depends_on:!PSA_WANT_DH_RFC7919_8192 +test_mbedtls_ssl_get_supported_group_list:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:0 + +TLS ID <-> group name: x25519 +depends_on:PSA_WANT_ECC_MONTGOMERY_255 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_X25519:"x25519" + +TLS ID <-> group name: secp256r1 +depends_on:PSA_WANT_ECC_SECP_R1_256 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1:"secp256r1" + +TLS ID <-> group name: secp256k1 +depends_on:PSA_WANT_ECC_SECP_K1_256 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1:"secp256k1" + +TLS ID <-> group name: secp384r1 +depends_on:PSA_WANT_ECC_SECP_R1_384 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1:"secp384r1" + +TLS ID <-> group name: x448 +depends_on:PSA_WANT_ECC_MONTGOMERY_448 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_X448:"x448" + +TLS ID <-> group name: secp521r1 +depends_on:PSA_WANT_ECC_SECP_R1_521 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1:"secp521r1" + +TLS ID <-> group name: brainpoolP256r1 +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1:"brainpoolP256r1" + +TLS ID <-> group name: brainpoolP384r1 +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1:"brainpoolP384r1" + +TLS ID <-> group name: brainpoolP512r1 +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1:"brainpoolP512r1" + +TLS ID <-> group name: ffdhe2048 +depends_on:PSA_WANT_DH_RFC7919_2048 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048:"ffdhe2048" + +TLS ID <-> group name: ffdhe3072 +depends_on:PSA_WANT_DH_RFC7919_3072 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072:"ffdhe3072" + +TLS ID <-> group name: ffdhe4096 +depends_on:PSA_WANT_DH_RFC7919_4096 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096:"ffdhe4096" + +TLS ID <-> group name: ffdhe6144 +depends_on:PSA_WANT_DH_RFC7919_6144 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144:"ffdhe6144" + +TLS ID <-> group name: ffdhe8192 +depends_on:PSA_WANT_DH_RFC7919_8192 +test_mbedtls_tls_id_group_name_table:MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192:"ffdhe8192" + Version config: valid client TLS 1.2 only depends_on:MBEDTLS_SSL_PROTO_TLS1_2 conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:0 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 628a183853..d27d959232 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3574,6 +3574,65 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void test_mbedtls_ssl_get_supported_group_list(int iana_group_id, int is_available) +{ + const uint16_t *list = mbedtls_ssl_get_supported_group_list(); + int found = 0; + + /* First: go through the list returned by mbedtls_ssl_get_supported_group_list() and + * check that the specified group ID is supported/unsupported as expected. */ + for (int i = 0; list[i] != MBEDTLS_SSL_IANA_TLS_GROUP_NONE; i++) { + if (list[i] == iana_group_id) { + found = 1; + break; + } + } + TEST_EQUAL(found, is_available); + + /* Second: check that supported/unsupported property for the specified group is also + * correctly set in the array initialized by MBEDTLS_SSL_IANA_TLS_GROUP_INFO. */ + mbedtls_ssl_iana_tls_group_info_t group_info_table[] = MBEDTLS_SSL_IANA_TLS_GROUPS_INFO; + mbedtls_ssl_iana_tls_group_info_t *ptr; + for (ptr = &group_info_table[0]; ptr->tls_id != MBEDTLS_SSL_IANA_TLS_GROUP_NONE; ptr++) { + if (ptr->tls_id == iana_group_id) { + TEST_EQUAL(ptr->is_supported, is_available); + } + } + +exit:; +} +/* END_CASE */ + +/* BEGIN_CASE */ +void test_mbedtls_tls_id_group_name_table(int group_id, char *group_name) +{ + mbedtls_ssl_iana_tls_group_info_t test_table[] = MBEDTLS_SSL_IANA_TLS_GROUPS_INFO; + mbedtls_ssl_iana_tls_group_info_t *item; + const char *table_name = NULL; + + /* Ensure that the list includes at least 1 valid entry. */ + TEST_ASSERT(test_table[0].tls_id != MBEDTLS_SSL_IANA_TLS_GROUP_NONE); + + for (item = &test_table[0]; item->tls_id != MBEDTLS_SSL_IANA_TLS_GROUP_NONE; item++) { + if (item->tls_id == group_id) { + table_name = item->group_name; + } + } + + TEST_ASSERT(table_name != NULL); + TEST_MEMORY_COMPARE(table_name, strlen(table_name), group_name, strlen(group_name)); + +#if defined(MBEDTLS_DEBUG_C) + const char *builtin_table_name = mbedtls_ssl_get_curve_name_from_tls_id(group_id); + TEST_MEMORY_COMPARE(builtin_table_name, strlen(builtin_table_name), group_name, + strlen(group_name)); +#endif /* MBEDTLS_DEBUG_C */ + +exit:; +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PKCS1_V15:PSA_WANT_ALG_SHA_256 */ void force_bad_session_id_len() { diff --git a/tf-psa-crypto b/tf-psa-crypto index f7ad6b6931..4587e3f861 160000 --- a/tf-psa-crypto +++ b/tf-psa-crypto @@ -1 +1 @@ -Subproject commit f7ad6b6931e179c2e40b3d04f3e6d207a7e3c36e +Subproject commit 4587e3f861c29a8aa1439078aef4ed593d07a34b