Merge branch 'pr_1025' into development

Merge PR #1025 + ChangeLog entry
This commit is contained in:
Gilles Peskine 2017-11-28 18:23:53 +01:00
commit 4daffe236a
8 changed files with 56 additions and 22 deletions

View file

@ -45,6 +45,7 @@ Bugfix
RSA implementations. Raised by J.B. in the Mbed TLS forum. Fixes #1011. RSA implementations. Raised by J.B. in the Mbed TLS forum. Fixes #1011.
* Don't print X.509 version tag for v1 CRT's, and omit extensions for * Don't print X.509 version tag for v1 CRT's, and omit extensions for
non-v3 CRT's. non-v3 CRT's.
* Fix bugs in RSA test suite under MBEDTLS_NO_PLATFORM_ENTROPY. #1023 #1024
Changes Changes
* Extend cert_write example program by options to set the CRT version * Extend cert_write example program by options to set the CRT version

View file

@ -83,6 +83,9 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
mbedtls_havege_init( &ctx->havege_data ); mbedtls_havege_init( &ctx->havege_data );
#endif #endif
/* Reminder: Update ENTROPY_HAVE_STRONG in the test files
* when adding more strong entropy sources here. */
#if defined(MBEDTLS_TEST_NULL_ENTROPY) #if defined(MBEDTLS_TEST_NULL_ENTROPY)
mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL, mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
1, MBEDTLS_ENTROPY_SOURCE_STRONG ); 1, MBEDTLS_ENTROPY_SOURCE_STRONG );

View file

@ -333,7 +333,7 @@ END
# and make check code # and make check code
my $dep_check_code; my $dep_check_code;
my @res = $test_data =~ /^depends_on:([\w:]+)/msg; my @res = $test_data =~ /^depends_on:([!:\w]+)/msg;
my %case_deps; my %case_deps;
foreach my $deps (@res) foreach my $deps (@res)
{ {
@ -344,7 +344,23 @@ foreach my $deps (@res)
} }
while( my ($key, $value) = each(%case_deps) ) while( my ($key, $value) = each(%case_deps) )
{ {
$dep_check_code .= << "END"; if( substr($key, 0, 1) eq "!" )
{
my $key = substr($key, 1);
$dep_check_code .= << "END";
if( strcmp( str, "!$key" ) == 0 )
{
#if !defined($key)
return( DEPENDENCY_SUPPORTED );
#else
return( DEPENDENCY_NOT_SUPPORTED );
#endif
}
END
}
else
{
$dep_check_code .= << "END";
if( strcmp( str, "$key" ) == 0 ) if( strcmp( str, "$key" ) == 0 )
{ {
#if defined($key) #if defined($key)
@ -354,6 +370,7 @@ while( my ($key, $value) = each(%case_deps) )
#endif #endif
} }
END END
}
} }
# Make mapping code # Make mapping code

View file

@ -110,6 +110,21 @@ static struct
test_info; test_info;
/*----------------------------------------------------------------------------*/
/* Helper flags for complex dependencies */
/* Indicates whether we expect mbedtls_entropy_init
* to initialize some strong entropy source. */
#if defined(MBEDTLS_TEST_NULL_ENTROPY) || \
( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
defined(MBEDTLS_HAVEGE_C) || \
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
defined(ENTROPY_NV_SEED) ) )
#define ENTROPY_HAVE_STRONG
#endif
/*----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------*/
/* Helper Functions */ /* Helper Functions */
@ -408,4 +423,3 @@ static void test_fail( const char *test, int line_no, const char* filename )
test_info.line_no = line_no; test_info.line_no = line_no;
test_info.filename = filename; test_info.filename = filename;
} }

View file

@ -448,24 +448,24 @@ int main(int argc, const char *argv[])
if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE ) if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
{ {
total_skipped++; total_skipped++;
mbedtls_fprintf( stdout, "----\n" ); mbedtls_fprintf( stdout, "----" );
if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE ) if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE )
{ {
mbedtls_fprintf( stdout, " Test Suite not enabled" ); mbedtls_fprintf( stdout, "\n Test Suite not enabled" );
} }
if( 1 == option_verbose && unmet_dep_count > 0 ) if( 1 == option_verbose && unmet_dep_count > 0 )
{ {
mbedtls_fprintf( stdout, " Unmet dependencies: " ); mbedtls_fprintf( stdout, "\n Unmet dependencies: " );
for( i = 0; i < unmet_dep_count; i++ ) for( i = 0; i < unmet_dep_count; i++ )
{ {
mbedtls_fprintf(stdout, "%s ", mbedtls_fprintf(stdout, "%s ",
unmet_dependencies[i]); unmet_dependencies[i]);
free(unmet_dependencies[i]); free(unmet_dependencies[i]);
} }
mbedtls_fprintf( stdout, "\n" );
} }
mbedtls_fprintf( stdout, "\n" );
fflush( stdout ); fflush( stdout );
unmet_dep_count = 0; unmet_dep_count = 0;
@ -489,22 +489,22 @@ int main(int argc, const char *argv[])
else if( ret == DISPATCH_INVALID_TEST_DATA ) else if( ret == DISPATCH_INVALID_TEST_DATA )
{ {
mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" ); mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
fclose(file); fclose( file );
mbedtls_exit( 2 ); mbedtls_exit( 2 );
} }
else else
total_errors++; total_errors++;
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 )
break; break;
if( strlen(buf) != 0 ) if( strlen( buf ) != 0 )
{ {
mbedtls_fprintf( stderr, "Should be empty %d\n", mbedtls_fprintf( stderr, "Should be empty %d\n",
(int) strlen(buf) ); (int) strlen( buf ) );
return( 1 ); return( 1 );
} }
} }
fclose(file); fclose( file );
/* In case we encounter early end of file */ /* In case we encounter early end of file */
for( i = 0; i < unmet_dep_count; i++ ) for( i = 0; i < unmet_dep_count; i++ )
@ -535,4 +535,3 @@ int main(int argc, const char *argv[])
return( total_errors != 0 ); return( total_errors != 0 );
} }

View file

@ -34,10 +34,10 @@ entropy_threshold:16:2:8
Entropy threshold #2 Entropy threshold #2
entropy_threshold:32:1:32 entropy_threshold:32:1:32
Entropy thershold #3 Entropy threshold #3
entropy_threshold:16:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED entropy_threshold:16:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
Entropy thershold #4 Entropy threshold #4
entropy_threshold:1024:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED entropy_threshold:1024:1:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
Check NV seed standard IO Check NV seed standard IO

View file

@ -163,7 +163,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */
void entropy_func_len( int len, int ret ) void entropy_func_len( int len, int ret )
{ {
mbedtls_entropy_context ctx; mbedtls_entropy_context ctx;
@ -224,7 +224,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */
void entropy_threshold( int threshold, int chunk_size, int result ) void entropy_threshold( int threshold, int chunk_size, int result )
{ {
mbedtls_entropy_context ctx; mbedtls_entropy_context ctx;
@ -377,7 +377,7 @@ void entropy_nv_seed( char *read_seed_str )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */
void entropy_selftest( int result ) void entropy_selftest( int result )
{ {
TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result ); TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result );

View file

@ -8,6 +8,7 @@
#include "mbedtls/sha512.h" #include "mbedtls/sha512.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
/* END_HEADER */ /* END_HEADER */
/* BEGIN_DEPENDENCIES /* BEGIN_DEPENDENCIES
@ -658,7 +659,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
void mbedtls_rsa_gen_key( int nrbits, int exponent, int result) void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
{ {
mbedtls_rsa_context ctx; mbedtls_rsa_context ctx;
@ -667,13 +668,12 @@ void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
const char *pers = "test_suite_rsa"; const char *pers = "test_suite_rsa";
mbedtls_ctr_drbg_init( &ctr_drbg ); mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_entropy_init( &entropy ); mbedtls_entropy_init( &entropy );
mbedtls_rsa_init ( &ctx, 0, 0 );
TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers, strlen( pers ) ) == 0 ); (const unsigned char *) pers, strlen( pers ) ) == 0 );
mbedtls_rsa_init( &ctx, 0, 0 );
TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result ); TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
if( result == 0 ) if( result == 0 )
{ {