Changelog contents should be UTF-8 text files. So explicitly open all files as
UTF-8. This makes the script independent of the ambient locale (except with
respect to exception messages, but we can live with that).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Changelog contents should be UTF-8 text files. There's no need to be
binary-safe. So switch to using text strings in Python (str, not bytes). This
commit makes the following changes:
* Bytes literals (b'…') to string literals ('…').
* Subprocess output (which is all git information) is decoded as ascii.
* Inject text directly in exceptions rather than calling a decode method.
This is enough to make the script work as desired in a UTF-8 locale.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
"exit /b" without an explicit exit value doesn't copy the value of the
last command executed, causing issues on Jenkins.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Accept Windows line endings in input files on any platform. This makes
the scripts work even when running a Unix perl with a source tree that
has Windows line endings, as happens for example on our Travis Windows
instances. This change is harmless in the common case where the input
has the platform's default line endings.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Instead of manipulating CR explicitly to cope with CRLF (Windows) line
endings in input and produce output with CRLF line endings, just
convert files from/to CRLF line endings when reading/writing.
The minimum required Perl version remains 5.8, since this both the
version that introduced Digest::MD5 (which was used before this patch)
and the version that introduced open "<:crlf" (which this patch
introduces).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't run `make list` to obtain the list of programs in
generate_visualc_files.pl. This doesn't work on Windows when a `make`
command is not available. Instead, read the makefile.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Conflicts:
* configs/config-psa-crypto.h: modified here, removed in development
* tests/suites/test_suite_x509parse.data: all conflicts are in depends_on
lines where development made a change unrelated to MBEDTLS_SHAxxx and our
branch either changed `MBEDTLS_SHA256_C` to `MBEDTLS_SHA224_C` or
`MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384` to ``MBEDTLS_SHA384_C`, with
no change to what the test does. Pick the other branch's dependency
changes then apply our SHA dpeendency change.
Building the library without entropy sources negates any and all security
provided by the library.
This option was originally requested a relatively long time ago and it
does not provide any tangible benefit for users any more.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Although SHA512 is currently required to enable SHA384, this
is expected to change in the future. This commit is an
intermediate step towards fully separating SHA384 and SHA512.
check_config is the only module which enforces that SHA512 is
enabled together with SHA384.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Add a missing guard for the definition and declaration of
mbedtls_test_hook_error_add.
Also make the declaration always visible when MBEDTLS_TEST_HOOKS is
enabled. This fixes an issue when MBEDTLS_ERROR_C is not defined but
MBEDTLS_TEST_HOOKS is.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Fix unused parameter warnings when MBEDTLS_TEST_HOOKS is not enabled.
A few issues were caught by check-names.sh namely:
- mbedtls_error_add was not capitalised.
- mbedtls_test_hook_error_add was being defined multiple times as the
definition was in a header.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
The previous implementation of the error addition interface did not comply
with the invasive testing architecture guidelines. This commit fixes that
by:
- Renaming functions/macros/variables to follow the mbedtls_error_xxx or
mbedtls_test_hook_xxx convention.
- Making mbedtls_test_hook_error_add a global variable that can be set
by the testing code.
- Using a static inline function call, as opposed to macro, to keep
discrepancies between debug and production version to a minimum.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Change the signature of the `hook` parameter of `mbedtls_set_err_add_hook`
to use the actual signature of the function as opposed to `void *`. This
fixes a warning when compiling with clang `-pedantic`.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
`error.c` and error.h are the more logical place to keep this code and it
prevents issues with building `common.c` and conflicts with other projects
that use mbedtls (such as mbedOS).
`error.c` has been automatically generated by first adding the code to
`error.fmt` and then running `./scripts/generate_errors.pl`.
Also add parenthesis to the addition in `MBEDTLS_ERR_ADD`.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Fix typo.
Remove line break in string's code formatting, to enable
searching the code for particular string.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Add the test keys from RFC 8032 (§7.1 Ed25519 "TEST 1", §7.4 Ed448 "Blank").
This replaces the generic byte-sized data used for unknown key types
which no longer works now that Ed25519 is considered to have 255 bits.
Re-generate the automatically generated test data accordingly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The coordinates are over $F_{2^{255}-19}$, so by the general
definition of the bit size associated with the curve in the
specification, the value for size attribute of keys is 255.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add an elliptic curve family for the twisted Edwards curves
Edwards25519 and Edwards448 ("Goldilocks"). As with Montgomery curves,
since these are the only two curves in common use, the family has a
generic name.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Generate test cases for all key types. These test cases cover the key
representation (checked with export) and the encoding of the key type and
the bit-size.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Construct an object given the attributes and material for a PSA crypto key
and get the Mbed TLS storage representation.
The code to generate the storage representation was written based on the
specification in docs/architecture/mbed-crypto-storage-specification.md,
without looking at the code.
The data in the unit tests is from the AES-128 format_storage_data_check
test case in test_suite_psa_crypto_persistent_key.data, tweaked manually.
This commit creates a basic framework for using symbolic values for
attributes, but does not yet implement obtaining the corresponding numerical
values from an external source.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Make it possible to enumerate the key types, algorithms, etc.
collected by PSAMacroCollector.
This commit ensures that all fields of PSAMacroEnumerator are filled
by code inspection. Testing of the result may reveal more work to be
done in later commits.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
`entropy_poll.h` is not supposed to be used by application code and
is therefore being made internal.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
`aesni.h` is an internal header and is moved accordingly.
Also removes some references to internal headers in scripts with
only public headers.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Simple find and replace using `#include (<|")mbedtls/(.*)_internal.h(>|")`
and `#include $1$2_internal.h$3`.
Also re-generated visualc files by running
`scripts/generate_visualc_files.pl`.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Make sure line number reported is correct for the overly long line, and
change the message to be more readable.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
As I descovered, a changelog entry with a line length greater than 80
characters would still pass CI. This is a quick change to the script to
make it detect these descrepancies and fail.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
There are type annotations that indirectly depend on the
typing_extensions module (on Python 3.5-3.7: Protocol was added to the
core typing module in 3.8). The typing_extensions module is not
installed by default, so the code didn't run on a pristine Python
installation.
To avoid depending on a non-default module, make the dependency on
typing_extensions optional. (It's still required to run mypy, but
installing mypy takes care of providing typing_extensions.) If it
isn't available, provide a substitute definition that's just good
enough to get the scripts to run.
Move this ugly code to its own module to avoid the temptation of
spreading such ugliness all over the place. It's likely to be used in
other modules anyway.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Otherwise the generation is sensitive to trivial differences such as
running `tests/scripts/generate_psa_tests.py` vs
`./tests/scripts/generate_psa_tests.py` vs an absolute path.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
SECP192R1 is declared in the PSA API specification, but it's an old
one that Mbed TLS doesn't support and even OpenSSL doesn't support.
We don't have test vectors for it. Just skip it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Asymmetric keys can't just be arbitrary byte strings: the public key
has to match the private key and the private key usually has
nontrivial constraints.
In order to have deterministic test data and not to rely on
cryptographic dependencies in the Python script, hard-code some test
keys.
In this commit, copy some test keys from test_suite_psa_crypto.data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
New Python module intended to gather knowledge about key types and
cryptographic mechanisms, such as the ability to create test data for
a given key type and the determination of whether an algorithm is
compatible with a key type.
This commit just creates a class for knowledge about key types.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
At the moment it makes no difference, but it could if e.g. a new
algorithm was called 'foomask'.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
By default, exclude macros whose numerical value is not a valid member
of the semantic type (e.g. PSA_ALG_xxx_BASE is not itself an
algorithm, only an intermediate value used to construct others). But
do include them with include_intermediate=True, which
generate_psa_constants.py does.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This brings them in line with PSA Crypto API 1.0.0
PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH -> PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG
PSA_ALG_AEAD_WITH_TAG_LENGTH -> PSA_ALG_AEAD_WITH_SHORTENED_TAG
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Declaring query_config() belongs with the query_config program, not in
ssl_test_lib.h, so move the declaration to a new header file
query_config.h.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a new source file for code that is shared between ssl_client2.c
and ssl_server2.c. This commit only creates the file; subsequent
commits will populate it.
Add it to the official build systems (make, cmake, VS).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a directory mbedtls_dev intended to contain various Python
module for use by Python scripts located anywhere in the Mbed TLS
source tree.
Move get_c_expression_values and its auxiliary functions into a new
Python module mbedtls_dev.c_build_helper.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a configuration option for autonomous random drivers, i.e. PSA
crypto drivers that provide a random generator, that have their own
entropy source and do not support injecting entropy from another
source.
This commit only creates the configuration option. Subsequent commits
will add the implementation and tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Simplify the guards on MBEDTLS_ERROR_C and MBEDTLS_ERROR_STRERROR_DUMMY.
No longer include superfluous headers and definition: platform.h is
only needed for MBEDTLS_ERROR_C; time_t is not needed at all.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Code under MBEDTLS_USE_PSA_CRYPTO define is PSA client
code intended to use key identifiers of type psa_key_id_t.
Thus the MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
configuration option is incompatible with
MBEDTLS_USE_PSA_CRYPTO.
State this in config.h and check_config.h.
As a consequence:
. remove MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER from
the full configuration, as MBEDTLS_USE_PSA_CRYPTO is
part of it.
. add a new component in all.sh to keep testing the
library when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
is set.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
<string.h> is actually needed when MBEDTLS_ERROR_C is enabled and not
when only MBEDTLS_ERROR_STRERROR_DUMMY is enabled.
Fix#3866.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Provided a clearer comment for the description for ignoring
MBEDTLS_PSA_CRYPTO_CONFIG for full build setting.
Updated message output for test_psa_crypto_config_basic and
test_psa_want_ecdsa_disabled_software so it is more clear and
concise in what the test is doing. Removed inclusion of the
MBEDTLS_PSA_ACCEL_ALG_ECDSA since it should not have been used
for that particular tests.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
With the new feature MBEDTLS_PSA_CRYPTO_CONFIG, needed to
add support that when the feature is disabled, if there
are defines like MBEDTLS_ECDSA_C defined, then the PSA_WANT_
equivalent define is also enabled. This ensures the guards in
the library psa_crypto will work properly.
Also fixed an error return code in the driver wrapper for cipher
encrypt setup so it will properly pass unit tests.
Ensured config.py full works properly with the new
MBEDTLS_PSA_CRYPTO_CONFIG, it should not be set when the full
option is used.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Python should not be required for the build when the no_test target is
used. This commit adds the generated file to the source tree and the
check-generated-files script, and removes the generation from (c)make.
Fixes#3524
Signed-off-by: Cameron Nemo <cnemo@tutanota.com>
No obvious reason to not enable owner identifier encoding
in baremetal as multi-client support is expected to be needed
for some embedded platforms. Thus enable it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Also adjusted the different makefiles accordingly.
Note: driver lifetime is currently statically defined in the header, but
this will be replaced in the future based on autogeneration of lifetime
values by a script (TBD)
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Enable key identifiers encoding owner identifier in
the full configuration.
With this change the unit tests on the full
configuration are failing. The following commit do
the necessary changes to the PSA code and test code
for the tests to pass with this configuration
option enabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
With PSA crypto v1.0.0, a volatile key identifier may
contain a owner identifier but no file is associated
to it. Thus rename the type psa_key_file_id_t to
mbedtls_svc_key_id_t to avoid a direct link with a
file when a key identifier involves an owner
identifier.
The new type name is prefixed by mbedtls to highlight
that the type is specific to Mbed TLS implementation
and not defined in the PSA Cryptography API
specification.
The svc in the type name stands for service as this
is the key identifier type from the point of view of
the service providing the Cryptography services.
The service can be completely provided by the present
library or partially in case of a multi-client service.
As a consequence rename as well:
. MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER to
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
. PSA_KEY_ID_INIT to MBEDTLS_SVC_KEY_ID_INIT
. PSA_KEY_FILE_GET_KEY_ID to MBEDTLS_SVC_KEY_ID_GET_KEY_ID
. psa_key_file_id_make to mbedtls_svc_key_id_make
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
* development:
Update copyright notices to use Linux Foundation guidance
Undef ASSERT before defining it to ensure that no previous definition has sneaked in through included files.
Add ChangeLog entry for X.509 CN-type vulnerability
Improve documentation of cn in x509_crt_verify()
Fix comparison between different name types
Add test: DNS names should not match IP addresses
Remove obsolete buildbot reference in compat.sh
Fix misuse of printf in shell script
Fix added proxy command when IPv6 is used
Simplify test syntax
Fix logic error in setting client port
ssl-opt.sh: include test name in log files
ssl-opt.sh: remove old buildbot-specific condition
ssl-opt.sh: add proxy to all DTLS tests
Signed-off-by: Dan Handley <dan.handley@arm.com>
Currently the new component in all.sh fails because
mbedtls_ssl_cf_memcpy_offset() is not actually constant flow - this is on
purpose to be able to verify that the new test works.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.
Also remove the now-redundant lines declaring that the files are part of
MbedTLS.
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '
# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I
# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
This option allows to test the constant-flow nature of selected code, using
MemSan and the fundamental observation behind ctgrind that the set of
operations allowed on undefined memory by dynamic analysers is the same as the
set of operations allowed on secret data to avoid leaking it to a local
attacker via side channels, namely, any operation except branching and
dereferencing.
(This isn't the full story, as on some CPUs some instructions have variable
execution depending on the inputs, most notably division and on some cores
multiplication. However, testing that no branch or memory access depends on
secret data is already a good start.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Rename PSA_DH_GROUP_xxx to PSA_DH_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_GROUP to PSA_KEY_TYPE_DH_GET_FAMILY and rename
psa_dh_group_t to psa_dh_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Rename PSA_ECC_CURVE_xxx to PSA_ECC_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_CURVE to PSA_KEY_TYPE_ECC_GET_FAMILY and rename
psa_ecc_curve_t to psa_ecc_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
In library source files, include "common.h", which takes care of
including "mbedtls/config.h" (or the alternative MBEDTLS_CONFIG_FILE)
and other things that are used throughout the library.
FROM=$'#if !defined(MBEDTLS_CONFIG_FILE)\n#include "mbedtls/config.h"\n#else\n#include MBEDTLS_CONFIG_FILE\n#endif' perl -i -0777 -pe 's~\Q$ENV{FROM}~#include "common.h"~' library/*.c 3rdparty/*/library/*.c scripts/data_files/error.fmt scripts/data_files/version_features.fmt
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When compiling library files under `3rdparty/`, the directory containing
the `.c` file that is being compiled is not the current directory, so
headers from the `library/` directory are not found. Fix this by
adding `.` to the include path.
This was not detected until now because as of this commit, no 3rdparty
source file requires a header under `library/`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find scripts
find -path './.git' -prune -o '(' -name '*.gdb' -o -name '*.pl' -o -name '*.py' -o -name '*.sh' ')' -print | xargs sed -i '
# Remove Mbed TLS declaration if it occurs before the copyright line
1,/Copyright.*Arm/I {
/This file is part of/,$ {
/Copyright.*Arm/I! d
}
}
# Convert non-standard header in scripts/abi_check.py to the format used in the other scripts
/"""/,/"""/ {
# Cut copyright declaration
/Copyright.*Arm/I {
h
N
d
}
# Paste copyright declaration
/"""/ {
x
/./ {
s/^/# / # Add #
x # Replace orignal buffer with Copyright declaration
p # Print original buffer, insert newline
i\
s/.*// # Clear original buffer
}
x
}
}
/Copyright.*Arm/I {
# Print copyright declaration
p
# Read the two lines immediately following the copyright declaration
N
N
# Insert Apache header if it is missing
/SPDX/! {
i\
# SPDX-License-Identifier: Apache-2.0\
#\
# Licensed under the Apache License, Version 2.0 (the "License"); you may\
# not use this file except in compliance with the License.\
# You may obtain a copy of the License at\
#\
# http://www.apache.org/licenses/LICENSE-2.0\
#\
# Unless required by applicable law or agreed to in writing, software\
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
# See the License for the specific language governing permissions and\
# limitations under the License.
# Insert Mbed TLS declaration if it is missing
/This file is part of/! i\
#\
# This file is part of Mbed TLS (https://tls.mbed.org)
}
# Clear copyright declaration from buffer
D
}
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
No effect so far, except on dependency checking, as the feature it's meant to
disable isn't implemented yet (so the descriptions in config.h and the
ChangeLog entry are anticipation for now).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit modifies the generate_psa_constants.py script to take as
input argument the location of where to write the
psa_constant_names_generated.c file.
For make-based build system, this commit does not change anything.
For CMake build system, this commit modifies the generation location of
that file to be inside the build directory and include it from there in
psa_constant_names.c
Fix#3365
Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>
Add output of python3 version to output_env.sh.
Added in addition to the version of `python` as some
project's scripts try both executable names.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
When generate_errors.pl was first written, there was no asn1.h. But
now there is one and it does not need any special treatment.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Keep it simple and mostly non-parametrizable for now.
A path to Visual Studio 2017 is hard-coded.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
1. The functions mbedtls_high_level_strerr and mbedtls_low_level_strerr
accept any error code and extract the high-level and low-level parts
respectively.
2. Documentation updates.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Use "no_deprecated" both in the name of the configuration and in the
name of all.sh components, rather than a mixture of "no_deprecated"
and "non_deprecated".
Make all.sh component names more consistent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Every boolean (defined/undefined) symbol is a "variant toggle" in some
sense, even enabling a module with MBEDTLS_xxx_C. What matters is
whether the symbol influences some other part of the system in such a
way that we need to run tests separately with and without it being
defined.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It's deprecated, but not otherwise counter-indicated for the full
config: it doesn't conflict with anything and enabling it doesn't make
testing harder (especially since it defaults off in compat.sh).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
MBEDTLS_DEPRECATED_REMOVED is turned off in full since we don't want
to turn off deprecated features. Also turn off
MBEDTLS_DEPRECATED_WARNING since we wouldn't want expected warnings:
we're aware that we're enabling deprecated modules.
Since MBEDTLS_DEPRECATED_WARNING is excluded from full, it doesn't
need to be excluded from baremetal explicitly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It started out as be experimental, but it is now robust enough not to
break the rest, so there's no reason to leave it out.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Enable MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 in the full config. There's
no reason to keep it out. We weren't testing it at all on the CI.
Add a missing dependency on !MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 to
some test cases that either were testing that v3 extensions are only
accepted in v3 certificates, or where parsing returns a different
error when MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 is enabled.
Add a few positive and negative test cases with
MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 enabled.
Fix one test case with MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 where the
intended output of mbedtls_x509_crt_info had changed in
890819a597 but the test case was missed
because it was never executed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The intended logic around MBEDTLS_xxx_ALT is to exclude them from full
because they require the alternative implementation of one or more
library functions, except that MBEDTLS_PLATFORM_xxx_ALT are different:
they're alternative implementations of a platform function and they
have a built-in default, so they should be included in full. Document
this.
Fix a bug whereby MBEDTLS_PLATFORM_xxx_ALT didn't catch symbols where
xxx contains an underscore. As a consequence,
MBEDTLS_PLATFORM_GMTIME_R_ALT and MBEDTLS_PLATFORM_NV_SEED_ALT are now
enabled in the full config. Explicitly exclude
MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT because it behaves like the
non-platform ones, requiring an extra build-time dependency.
Explicitly exclude MBEDTLS_PLATFORM_NV_SEED_ALT from baremetal
because it requires MBEDTLS_ENTROPY_NV_SEED, and likewise explicitly
unset it from builds that unset MBEDTLS_ENTROPY_NV_SEED.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The presence of these markers in the original code was helpful to me in
figuring out that this portion of the code is auto-generated.
Therefore, I think those are useful and should be present.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
- Use switch case instead of loop to generate faster code
- Add #if defined to address compiler error
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Problem
-------
mbedtls_strerror is a utility function which converts an mbedTLS error code
into a human readable string. It requires the caller to allocate a buffer every
time an error code needs to be converted to a string. It is an overkill and a
waste of RAM for resource constrained microcontrollers - where the most common
use case is to use these strings for logging.
Solution
--------
The proposed commit adds two functions:
* const char * mbedtls_high_level_strerr( int error_code );
* const char * mbedtls_low_level_strerr( int error_code );
The above two functions convert the high level and low level parts of an mbedTLS
error code to human readable strings. They return a const pointer to an
unmodifiable string which is not supposed to be modified by the caller and only
to be used for logging purposes. The caller no longer needs to allocate a
buffer.
Backward Compatibility
----------------------
The proposed change is completely backward compatible as it does not change
the existing mbedtls_strerror function and ensures that it continues to behave
the same way.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Don't mix Windows and Unix line endings, it's the worst of both worlds.
Update the Visual Studio templates and regenerate the generated files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use CRLF consistently instead of cobbling a \r here and a \n there.
The generated files don't change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Instead of working with Markdown format, keep the classic Mbed TLS
ChangeLog format, with the classic category names. Keep the classic
file name as well. This way there's no risk of breaking third-party
scripts that may copy or even parse the changelog file.
Accordingly, expect ChangeLog/*.txt files instead of ChangeLog/*.md.
This commit completely rewrites the parsing and output code.
This commit systematically appends to the existing top version. A
subsequent commit will restore the capability of creating a new
version.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Document that git is needed.
Be clearer about the entry sort key being an entry sort key, not just
a merge order. Be clearer about what "merge order" means.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Changelog entry files were listed in reverse alphabetical order of the
file name, by happenstance. Now, changelog entry files are listed in
the order in which the changes were merged. More precisely: look for
the git commit where the entry file was created, and look where this
commit was merged into the current branch. List older merges first.
List never-merged commits in date order after all the merged ones.
List never-committed files in file timestamp order after all the
committed ones.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Conflicts:
* .github/issue_template.md, .github/pull_request_template.md:
The changes in Mbed Crypto are not relevant to Mbed TLS. Keep the
mbedtls versions.
Rather than sometimes returning an integer, sometimes a boolean and
sometimes implicitly returning None, always return 0 for success and 1
for failure.
No behavior change for the program as a whole, since the None/True/False
values were implicitly converted to the desired numerical value.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't use a function argument as a for loop variable. It worked (mostly) but
Pylint frowns on it (redefined-argument-from-local) and I think Pylint has a
point.
If the configuration file is not found, raise an exception mentioning the
search path rather than just its last element.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Merge the latest state of the target branch (mbedtls/development) into the
pull request to merge mbed-crypto into mbedtls.
Conflicts:
* ChangeLog: add/add conflict. Resolve by using the usual section order.
Rename identifiers containing double-underscore (`__`) to avoid `__`.
The reason to avoid double-underscore is that all identifiers
containing double-underscore are reserved in C++. Rename all such
identifiers that appear in any public header, including ssl_internal.h
which is in principle private but in practice is installed with the
public headers.
This commit makes check-names.sh pass.
```
perl -i -pe 's/\bMBEDTLS_SSL__ECP_RESTARTABLE\b/MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED/g; s/\bMBEDTLS_KEY_EXCHANGE_(_\w+)_(_\w+)\b/MBEDTLS_KEY_EXCHANGE${1}${2}/g' include/mbedtls/*.h library/*.c programs/*/*.c scripts/data_files/rename-1.3-2.0.txt tests/suites/*.function
```
Merge `unremove-non-crypto` into `mbedtls/development`. The branch
`unremove-non-crypto` was obtained by starting from `mbed-crypto/development`,
then reverting many commits that removed X.509 and TLS functionality when Mbed
Crypto forked from Mbed TLS (the “unremoval”), then make a few tweaks to
facilitate the merge.
The unremoval step restored old versions of some tls files. If a file doesn't
exist in mbed-crypto, check out the mbedtls version, regardless of what
happened during the unremoval of tls files in the crypto tree. Also
unconditionally take the mbedtls version of a few files where the
modifications are completely project-specific and are not relevant in
mbed-crypto:
* `.github/issue_template.md`: completely different. We may want to reconcile
them independently as a follow-up.
* `.travis.yml`: would only be reverted to an earlier tls version.
* `README.md`: completely different. We may want to reconcile them
independently as a follow-up.
* `doxygen/input/doc_mainpage.h`: the changes in crypto were minimal and not
relevant except as a stopgap as mbed-crypto did not have its own product
versioning in the Doxygen documentation.
* `tests/.jenkins/Jenkinsfile`: completely different.
* `tests/data_files/Makefile`: there were no changes in mbed-crypto,
but the unremoval step restored an old version.
Shell script for everything to do after the merge apart from the conflict
resolution:
```
tls_files=($(comm -23 <(git ls-tree -r --name-only HEAD) <(git ls-tree -r --name-only $(git merge-base upstream-crypto/development MERGE_HEAD))))
tls_files+=($tls_files .github/issue_template.md .travis.yml README.md doxygen/input/doc_mainpage.h tests/.jenkins/Jenkinsfile tests/data_files/Makefile)
git checkout --theirs HEAD -- $tls_files
git add -- $tls_files
```
Resolve the remaining conflicts:
* `library/CMakeLists.txt`:
* Keep the TLS definition of `src_crypto`
* `USE_SHARED_MBEDTLS_LIBRARY`: keep all three libraries, with both
`include` and `crypto/include` in `target_include_directories`, all with
version `2.21.0`.
* `programs/Makefile`:
* Reconcile the APPS lists (add/add from a differently-formatted common
ancestor): insert the `psa/*` from crypto into the tls list.
* Keep the `fuzz` target defined only in tls version.
* Keep the recipe (only in tls version) cleaning `ssl_pthread_server`
stuff for the `clean` target.
* `scripts/config.py`:
* `include_in_full`: add/add conflict. Keep both.
* `tests/scripts/all.sh`:
* `component_test_no_use_psa_crypto_full_cmake_asan`: partially old
version in crypto. Take the tls version.
* `component_test_malloc_0_null` and more: take
`component_test_malloc_0_null` from crypto (with `config.py` rather than
`config.pl`, and with `$ASAN_FLAGS` rather than an explicit list), but
add the call to `ssl-opt.sh` from tls. Take the other components from
crypto.
With this commit, building and running the unit tests with both `make ` and
`cmake` work in the default configuration on Linux. Other platforms, build
systems and configurations are likely not to work, and there is some
regression in test coverage.
There is some loss of functionality because the unremoval step restored older
versions of tls content. This commit contains the latest tls version of
tls-only files, but some changes from the tls side in files that existed on
both sides have regressed. Most problematic changes are hunks that remove some
tls-specific feature and contain either a C preprocessor symbol identifying a
tls-specific module or option, or the name of a tls-specific file. Hunks
that remove a tls-specific preprocessor symbol can be identified with the
regular expression `^-.*MBEDTLS_(ERR_)?(PKCS11|X509|NET|SSL)_`.
Subsequent commits will revert a few parts of the patch from this merge commit
in order to restore the tls functionality that it removes, ensure that the
test coverage includes what was covered in either branch, and fix test
failures.
This reverts commit 9afb2e9921.
Conflicts:
* include/CMakeLists.txt
* "Make config.h available" comment: there has been a change
adjacent to where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
* compat.sh: there has been a change immediately before where it was
removed. Just re-add what was removed.
This reverts commit 8298d70bee.
Conflicts:
* library/Makefile: removal of SOEXT_X509 and SOEXT_TLS vs change of
value of SOEXT_CRYPTO. Keep all, with the new value of SOEXT_CRYPTO.
This reverts commit 1c66e48670.
Conflicts:
* include/mbedtls/check_config.h:
* MBEDTLS_SSL_PROTO_SSL3: there has been an addition (of
MBEDTLS_SHA512_NO_SHA384) at the place where it was removed. Re-add it
after (alphabetical order).
* MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed.
Re-add it after (alphabetical order).
* MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of
MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it
after (alphabetical order).
* include/mbedtls/config.h:
* MBEDTLS_ENABLE_WEAK_CIPHERSUITES: there has been an addition (of
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) at the place where it was removed.
Re-add it after (alphabetical order).
* MBEDTLS_SSL_ALL_ALERT_MESSAGES: there has been an addition (of
MBEDTLS_SHA512_SMALLER) at the place where it was removed. Re-add it
after (alphabetical order).
* library/version_features.c: re-generate by running
scripts/generate_features.pl.
* programs/test/query_config.c: re-generate by running
scripts/generate_query_config.pl.
* scripts/config.pl: this file has been replaced by config.py. Port
the reversed changes to config.py:
* Revert removing three symbols from the list of symbols to
exclude from full.
* Revert removing one symbol (MBEDTLS_NET_C) from the list of symbols
to exclude from baremetal.
* scripts/footprint.sh:
* Re-add the line to unset MBEDTLS_NET_C, but with config.py instead of
config.pl.
* tests/scripts/all.sh:
* component_test_no_platform: re-add the line to unset MBEDTLS_NET_C, but
with config.py instead of config.pl.
* component_build_arm_none_eabi_gcc,
component_build_arm_none_eabi_gcc_no_udbl_division,
component_build_arm_none_eabi_gcc_no_64bit_multiplication,
component_build_armcc: these components now use the baremetal
configuration, so they do not need to turn off MBEDTLS_NET_C explicitly.
This reverts commit bb1f701212.
* include/mbedtls/check_config.h:
* MBEDTLS_X509_RSASSA_PSS_SUPPORT: there has been an addition (of
MBEDTLS_SHA512_NO_SHA384) at the place where it was removed.
Re-add it before MBEDTLS_SHA512_NO_SHA384 to keep it grouped
with MBEDTLS_RSA_C.
Conflicts:
* scripts/config.pl: this file has been replaced by config.py. Port
the reversed changes to config.py:
* Revert removing three symbols from the list of symbols to
exclude from full.
This reverts commit 356acc82ad.
Conflicts:
* scripts/generate_errors.pl: a line adjacent to a changed line has
independently changed in the meantime. Just revert the change done
in the commit that's being reverted.
Pylint when installed as a distro package can be installed as pylint3, whilst as
a PEP egg, it can be installed as pylint.
This commit changes the scripts to first use pylint if installed, and optionally
look for pylint3 if not installed. This is to allow a preference for the PEP
version over the distro version, assuming the PEP one is more likely to be
the correct one.
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
`pylint3 --version` will output to stderr the status of the config file it's
using. This can be "No config file found" or "Using config file" or nothing.
This means the pylint version may or may not be on the first line.
Therefore this commit changes the filters on the pylint3 version output to first
strip out the config line, and then to select only the pylint line.
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
Add the versions of Python, Perl, and Pylint to the version dump provided by
the output_env.sh script.
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
A number of clean-up improvements following review.
* removal of redundant `` quotes
* removal of non-portable echo "\n", in favour of additional echo commands
* change to use of uname to detemine if the platform is Linux or not
* revised formatting of output
* change to dpkg-query from dpkg to find installed libasan variants
Co-Authored-By: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
This commit adds additional information to the output_env.sh script of:
* Linux distribution version (if available)
* GDB version (if available)
It also makes some information clearer:
* the type of OpenSSL/GNUTLS version (legacy/default/next)
* and whether certain versions are not installed, or not configured
And it simplifies the error messages for absent tools.
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
generate_visualc_files.pl has a list of directories that it pulls
headers from, so it knows what directories to put on the include path.
Make it inject the include path into the output files, rather than
hard-coding the include paths in template files.
A similar change (but with different code) was made in Mbed TLS in
commit b78cf2b261
"Adjust visual studio file generation to always use the crypto submodule".
No semantic change: this commit does not change the generated files.
There's no need to keep the directory lists separated until the last
minute.
No semantic change. The generated files change slightly because there
was one directory list where slashes were not changed to backslashes
like in the other five. This does not affect their semantics.
Other third-party components can now be added by just adding lines to
the definitions of @thirdparty_header_dirs and
@thirdparty_source_dirs.
No semantic change. The output does not change at all.
As the SSL programs, like ssl_client2 and ssl_server2, are dependent on
SSL and therefore about to be removed, the only consumer of query_config
is the query_compile_time_config test. As such, it makes sense to move
query_config to be next to what uses it.
Files deleted by us: keep them deleted.
```
git rm $(git status -s | sed -n 's/^DU //p')
```
Individual files with conflicts:
* `README.md`: keep the crypto version.
* `doxygen/input/doc_mainpage.h`: keep the crypto version (with an obsolete Mbed Crypto version number).
* `include/mbedtls/error.h`:
* `ERROR`: similar additions made through parallel commits, with only whitespace differences. Align with the tls version.
* `library/CMakeLists.txt`: keep the crypto version.
* `library/Makefile`: keep the crypto version.
* `scripts/generate_errors.pl`: keep the crypto version (the relevant changes were made through parallel commits).
* `tests/scripts/check-test-cases.py`:
* `Results`: keep the crypto version, which has both the new argument to the constructor (added in crypto only) and the class docstring (added through parallel commits).
* `tests/suites/helpers.function`:
* `ARRAY_LENGTH`, `ASSERT_ALLOC`: additions in the same location. Keep both, in indifferent order.
* `tests/suites/target_test.function`:
* `receive_uint32`: keep the crypto version which has an additional bug fix. The tls changes made in tls are irrelevant after this bug fix.
* `visualc/VS2010/mbedTLS.vcxproj`: run `scripts/generate_visualc_files.pl`.
Review of non-conflicting changes:
* `all.sh`: 1 change.
* zlib test components: don't add them.
* `include/CMakeLists.txt`: 1 change.
* `target_include_directories`: doesn't work as is (different target name). Don't take the change.
* All other non-conflicting changes: take them.
All key types now have an encoding on 32 bits where the bottom 16 bits
are zero. Change to using 16 bits only.
Keep 32 bits for key types in storage, but move the significant
half-word from the top to the bottom.
Likewise, change EC curve and DH group families from 32 bits out of
which the top 8 and bottom 16 bits are zero, to 8 bits only.
Reorder psa_core_key_attributes_t to avoid padding.
Check that no line from any of the input files was lost.
This is not perfect for several reasons.
It doesn't check that the content goes to the desired location.
It doesn't check that sections are created as necessary.
It doesn't support whitespace normalization that the parsing code does.
But it's a good start.
Now that the Error module has error codes as well and is processed by
the generate_errors script like any other module, we don't need to
include the header manually.
One of the error codes was already reserved, this commit just makes it
explicit. The other one is a new error code for initializing return
values in the library: `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` should
not be returned by the library. If it is returned, then it is surely a
bug in the library or somebody is tampering with the device.
Filter out non-ASCII characters in automatically processed headers.
Do this in a way that minimizes the code change: keep manipulating
strings, but strip off non-ASCII characters when reading lines, which
should only remove characters in comments that we don't parse anyway.
One of the error codes was already reserved, this commit just makes it
explicit. The other one is a new error code for initializing return
values in the library: `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED` should
not be returned by the library. If it is returned, then it is surely a
bug in the library or somebody is tampering with the device.
This is a variant toggle, not an extra feature, so it should be tested
separately.
We test most of the effect of MBEDTLS_ENTROPY_FORCE_SHA256 (namely,
using SHA-256 in the entropy module) when we test the library with the
SHA512 module disabled (which we do at least via depends-hashes.pl).
This commit removes testing of the MBEDTLS_ENTROPY_FORCE_SHA256 option
itself, which should be added separately.
Enabling MBEDTLS_MEMORY_BUFFER_ALLOC_C module together with
MBEDTLS_PLATFORM_MEMORY causes the library to use its own malloc
replacement. This makes memory management analyzers such as ASan
largely ineffective. We now test MBEDTLS_MEMORY_BUFFER_ALLOC_C
separately. Disable it in the "full" config.
This mirrors a change that was made in Mbed TLS on config.pl and had
not been ported to Mbed Crypto yet.
With this commit, config.py is aligned in Mbed Crypto and Mbed TLS.