TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-14 16:08:46 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,847 Commits 180 Branches 280 Tags
102cc6df5de8ae737d6a3979ab52aa511a28ba06
Commit Graph

9847 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paul Elliott
102cc6df5d Add expected output for tests 
Expected output generated by OpenSSL (see below) apart from the case
where both password and salt are either NULL or zero length, as OpenSSL
does not support this. For these test cases we have had to use our own
output as that which is expected. Code to generate test cases is as
follows:

 #include <openssl/pkcs12.h>
 #include <openssl/evp.h>
 #include <string.h>

int Keygen_Uni( const char * test_name, unsigned char *pass, int
    passlen, unsigned char *salt,
                    int saltlen, int id, int iter, int n,
                                    unsigned char *out, const EVP_MD
                                    *md_type )
{
   size_t index;

   printf( "%s\n", test_name );

   int ret = PKCS12_key_gen_uni( pass, passlen, salt, saltlen, id, iter,
                                        n, out, md_type );

   if( ret != 1 )
   {
         printf( "Key generation returned %d\n", ret );
      }
   else
   {
         for( index = 0; index < n; ++index )
         {
                  printf( "%02x", out[index] );
               }

         printf( "\n" );
      }

   printf( "\n" );

}

int main(void)
{
   unsigned char out_buf[48];
   unsigned char pass[64];
   int pass_len;
   unsigned char salt[64];
   int salt_len;

   /* If ID=1, then the pseudorandom bits being produced are to be used
      as key material for performing encryption or decryption.

            If ID=2, then the pseudorandom bits being produced are to be
            used as an IV (Initial Value) for encryption or decryption.

                  If ID=3, then the pseudorandom bits being produced are
                  to be used as an integrity key for MACing.
                     */

   int id = 1;
   int iter = 3;

   memset( out_buf, 0, sizeof( out_buf ) );
   memset( pass, 0, sizeof( pass ) );
   memset( salt, 0, sizeof( salt ) );

   Keygen_Uni( "Zero length pass and salt", pass, 0, salt, 0, id, iter,
       sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   memset( out_buf, 0, sizeof( out_buf ) );

   Keygen_Uni( "NULL pass and salt", NULL, 0, NULL, 0, id, iter,
       sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   memset( out_buf, 0, sizeof( out_buf ) );

   salt[0] = 0x01;
   salt[1] = 0x23;
   salt[2] = 0x45;
   salt[3] = 0x67;
   salt[4] = 0x89;
   salt[5] = 0xab;
   salt[6] = 0xcd;
   salt[7] = 0xef;

   Keygen_Uni( "Zero length pass", pass, 0, salt, 8, id, iter,
       sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   memset( out_buf, 0, sizeof( out_buf ) );

   Keygen_Uni( "NULL pass", NULL, 0, salt, 8, id, iter, sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   memset( out_buf, 0, sizeof( out_buf ) );
   memset( salt, 0, sizeof( salt ) );

   pass[0] = 0x01;
   pass[1] = 0x23;
   pass[2] = 0x45;
   pass[3] = 0x67;
   pass[4] = 0x89;
   pass[5] = 0xab;
   pass[6] = 0xcd;
   pass[7] = 0xef;

   Keygen_Uni( "Zero length salt", pass, 8, salt, 0, id, iter,
       sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   memset( out_buf, 0, sizeof( out_buf ) );

   Keygen_Uni( "NULL salt", pass, 8, NULL, 0, id, iter, sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   memset( out_buf, 0, sizeof( out_buf ) );

   salt[0] = 0x01;
   salt[1] = 0x23;
   salt[2] = 0x45;
   salt[3] = 0x67;
   salt[4] = 0x89;
   salt[5] = 0xab;
   salt[6] = 0xcd;
   salt[7] = 0xef;

   Keygen_Uni( "Valid pass and salt", pass, 8, salt, 8, id, iter,
       sizeof(out_buf),
                      out_buf, EVP_md5( ) );

   return 0;
}

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 20:50:59 +00:00
Paul Elliott
987bb386be Remove incorrect hashing 
Incorrect interpretation of 'empty'

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
b4bfcbbd67 Add explanation for safety in function 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
2cd6590040 Delete unneccesary changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
88ba5b5fa5 Simplify Input usage macros 
Also ensure they are used in test data rather than values

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
fe35e84692 Rename (and relabel) pkcs12 test case 
Remove surplus _test suffix. Change labeling from Pcks12 to PCKS#12 as
it should be.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
2ed0537424 Remove incorrect test dependency 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
5e75dbee51 Documentation fixes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
c7b320547f Stop CMake out of source tests running on 16.04 
Running the out of source CMake test on Ubuntu 16.04 using more than one
processor (as the CI does) can create a race condition whereby the build
fails to see a generated file, despite that file actually having been
generated. This problem appears to go away with 18.04 or newer, so make
the out of source tests not supported on Ubuntu 16.04

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
159c8f8e7e Fix missing test dependancies 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
faba220672 Add PKCS12 tests 
Only regression tests for the empty password bugs for now. Further tests
will follow later.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 18:08:31 +00:00
Paul Elliott
6b5707c90a Better fix for empty password / salt 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 17:51:11 +00:00
Paul Elliott
45f1300fdf Further documentation improvements 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 17:49:21 +00:00
Paul Elliott
a87f009e30 Make changelog more specific 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 17:49:21 +00:00
Paul Elliott
4d44341369 Fix for pkcs12 with NULL or zero length password 
Previously passing a NULL or zero length password into either
mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate
loop, and it was also possible to pass a NULL password, with a non-zero
length, which would cause memory corruption.
I have fixed these errors, and improved the documentation to reflect the
changes and further explain what is expected of the inputs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-10 17:49:21 +00:00
Gilles Peskine
6ec13af413 Merge pull request #5307 from gilles-peskine-arm/test-missing-ret-check-202112-2.16 
Backport 2.16: Missing error checks + test bug on unlikely failure
 2021-12-10 17:41:46 +01:00
Gilles Peskine
a0b0dcea7d Don't fail until everything is initialized 
Can't call mbedtls_cipher_free(&invalid_ctx) in cleanup if
mbedtls_cipher_init(&invalid_ctx) hasn't been called.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-10 15:21:58 +01:00
Gilles Peskine
4423cd3361 Check return values in more places 
Selective replacement of
```
^\( *\)\(mbedtls_\(md\|cipher\)_[A-Z_a-z0-9]+\)\((.*)\);
```
by
```
\1if( \2\4 != 0 )
\1{
\1    mbedtls_fprintf( stderr, "\2() returned error\\n" );
\1    goto exit;
\1}
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-10 15:21:58 +01:00
Gilles Peskine
6ce0692d88 Merge pull request #5302 from paul-elliott-arm/test_suite_cipher_returns_2.16 
Backport 2.16: Add checked return to cipher setup in Cipher tests
 2021-12-10 10:40:04 +01:00
Gilles Peskine
dc31a4166b Merge pull request #5300 from paul-elliott-arm/crypt_and_hash_prog_2.16 
Backport 2.16: Add checks for return values to md functions in crypt and hash
 2021-12-09 23:32:46 +01:00
Gilles Peskine
8727985683 Merge pull request #5281 from davidhorstmann-arm/2.16-improve-cmac-docs 
Backport 2.16: Reword documentation of CMAC operations
 2021-12-09 23:28:42 +01:00
Paul Elliott
4eadb02bf9 Add checked return to cipher setup 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-09 21:38:48 +00:00
Paul Elliott
32c42242ce Add checks for return values to md functions 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-09 18:55:31 +00:00
David Horstmann
f39bd9739d Reword documentation of CMAC operations 
Change the wording of the documentation for some CMAC functions,
as the existing wording, while technically correct, can be
easy to misunderstand. The reworded docs explain the flow of
a CMAC computation a little more fully.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2021-12-07 12:30:52 +00:00
Gilles Peskine
286bd2427f Merge pull request #5271 from gilles-peskine-arm/fix-builds-with-only-mbedtls_bignum_c-defined-2.16 
Backport 2.16: Fix builds when config.h only defines MBEDTLS_BIGNUM_C
 2021-12-07 12:38:03 +01:00
Gilles Peskine
942f8b6854 Add changelog entry for build error fixes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-06 20:56:55 +01:00
Tom Cosgrove
7b420a896f Fix builds when config.h only defines MBEDTLS_BIGNUM_C 
Fixes #4929

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2021-12-06 20:42:50 +01:00
Gilles Peskine
1d2c74cee0 Merge pull request #5135 from openluopworld/origin/mbedtls-2.16 
Backport 2.16: Fix GCM calculation with very long IV
 2021-11-22 22:22:42 +01:00
Gilles Peskine
c634df23ac Merge pull request #5215 from tom-cosgrove-arm/pr5105-2.16 
Backport 2.16: doc improvement in aes include
 2021-11-22 22:21:52 +01:00
Tom Cosgrove
a5f85c860b further improvements to sha256 docs 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2021-11-22 15:35:27 +00:00
Tom Cosgrove
f4307d55da doc improvement in aes include 
Remove description of non-existing "mode" parameter from the docs of mbedtls_aes_crypt_ctr

Backport of #5105

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2021-11-22 15:01:25 +00:00
Gilles Peskine
62d5f8101e Merge pull request #5151 from tom-cosgrove-arm/serialise-builds-of-archives-on-windows-2.16 
Backport 2.16: Serialise builds of the .a files on Windows
 2021-11-10 16:01:25 +01:00
Tom Cosgrove
0a817205cf Serialise builds of the .a files on Windows 
This is a workaround for an issue with mkstemp() in older MinGW releases that
causes simultaneous creation of .a files in the same directory to fail.

Fixes #5146

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2021-11-10 12:29:30 +00:00
openluopworld
ed798a9092 An initialization vector IV can have any number of bits between 1 and 
2^64. So it should be filled to the lower 64-bit in the last step
when computing ghash.

Signed-off-by: openluopworld <wuhanluop@163.com>
 2021-11-05 19:40:40 +08:00
Manuel Pégourié-Gonnard
d895668359 Merge pull request #5088 from gilles-peskine-arm/test_ssl_o2-2.16 
Backport 2.16: Build with -O2 when running ssl-opt
 2021-10-29 09:25:37 +02:00
paul-elliott-arm
27fc78690c Merge pull request #5098 from gilles-peskine-arm/ssl-opt-resend-retry-2.16 
Backport 2.16: Retry a test case if it fails due to an unexpected resend
 2021-10-27 16:24:05 +01:00
Manuel Pégourié-Gonnard
70227d217d Merge pull request #4819 from gilles-peskine-arm/base64-no-table-2.16 
Backport 2.16: range-based constant-flow base64
 2021-10-27 12:18:42 +02:00
Gilles Peskine
cd1d83c9b2 Merge pull request #5112 from paul-elliott-arm/ssl_opt_fixes_2.16 
Backport 2.16: Ssl opt fixes
 2021-10-26 20:50:56 +02:00
Paul Elliott
46e57d986b Remove bash specific code 
Use case pattern matching instead of multiline split, given there is
only the well formatted PIDs to match on this should be safe.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-26 11:07:24 +01:00
Paul Elliott
355a1f4bc8 Remove use of -p with lsof 
On machines with more modern kernels (>5.4 from testing so far) the
useage of -b seems to conflict with the usage of -p. Whilst the usage of
-b seems like a good idea to avoid blocks as we are tight looping on it,
the usage of -p seems to require the usage of stat() (specifically in
/proc) which -b forbids. All you get is a load of warnings
(suppressable by -w) but never a positive result, which means that all
servers are reported as "Failed to start". We are not keen on losing
-b, so instead parse the output of lsof (using -F to format it) to
check the if PIDs that it outputs match that we are looking for.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-10-26 11:07:13 +01:00
Gilles Peskine
8e82c78954 Fix typo in documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-25 21:14:06 +02:00
Gilles Peskine
cda1281ee2 Fix copypasta in comment 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-25 21:13:27 +02:00
Gilles Peskine
3712501465 Move is-it-resend logic into a function 
Improve the code structure in case we want to add other similar conditions
later. Document better what we're doing, and document why we're doing it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
838902547c Retry if a test case fails because of an unexpected resend 
Palliative for https://github.com/ARMmbed/mbedtls/issues/3377. If a test
case fails due to an unexpected resend, allow retrying, like in the case of
a client timeout.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
e31a9ea601 Move retry logic into check_test_failure 
This will allow having other retry conditions, in particular based on
run_test options.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
ad58e92eac Move the core loop of run_test into an auxiliary function 
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
342147a8a8 Move some code of run_test into auxiliary functions 
No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
87b036f572 Add trivial record_outcome function to facilitate backports 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
30b8132ca9 Remove redundant "should we skip?" block 
There's a second one just below.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-21 11:25:40 +02:00
Gilles Peskine
77624b2bd8 Always set a build type for cmake when building for testing 
Set the build type to Release (-O2) when running CPU-intensive tests (ssl-opt,
or unit tests with debug features). A build type of Check (-Os) would be best
when the main objective of the build is to check for build errors or warnings
and there aren't many tests to run; in this commit there are no such test
cases to change. Only use cmake with no build type (which results in not
passing a -O option, and thus missing some GCC warnings) when exercising cmake
features.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-19 21:39:45 +02:00