Commit graph

22416 commits

Author SHA1 Message Date
Janos Follath
590ae5363d
Merge pull request #6656 from tom-cosgrove-arm/bignum_pr_6225-updated
Bignum: add mod_raw_add
2022-11-25 17:53:31 +00:00
Dave Rodgman
bf9b23abf8
Merge pull request #6648 from gilles-peskine-arm/psa-ecb-null-0
Fix NULL+0 undefined behavior in PSA crypto ECB
2022-11-25 17:07:46 +00:00
Bence Szépkúti
6e85673e8d
Merge pull request #3431 from naynajain/development-pkcs7
PKCS7 Parser - RFC 2315
2022-11-25 15:55:46 +01:00
Tom Cosgrove
ddad40b1de Free the modulus before the data in it in mod_raw_add tests
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-25 14:18:52 +00:00
Janos Follath
505a228b7b
Merge pull request #6606 from gabor-mezei-arm/6222_bignum_low_level_subtraction
Bignum: Add low level subtraction
2022-11-25 13:27:23 +00:00
Gilles Peskine
7d23778178 Explain why p + n isn't good enough
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-25 13:34:59 +01:00
Gilles Peskine
5a34b36bbd Remove more now-redundant definitions of inline
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-25 13:26:44 +01:00
Dave Rodgman
f1419dbbe8
Merge pull request #6381 from tom-cosgrove-arm/pr2164
mbedtls: fix possible false success in mbedtls_cipher_check_tag()
2022-11-25 10:55:10 +00:00
Manuel Pégourié-Gonnard
6a543ba1d3 Remove redundant component in all.sh
CID is now enabled in the default config (as well as full), so it's
already tested in numerous all.sh components, not need to add one for
that.

We need a component for the legacy/compat option though as it's never
enabled in existing components. So, keep that one, but adjust the name
and fix a typo in a message.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:48:17 +01:00
Manuel Pégourié-Gonnard
5a454f7781 Remove redundant tests in ssl-opt.sh
We don't need to have two copies of the test with one of them depending
on legacy/compat CID: we can have just one copy, but make sure we run
ssl-opt.sh both in a build with standard CID and in a build with
legacy/compat - that's the job of all.sh (see next commit).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:48:17 +01:00
Manuel Pégourié-Gonnard
61336848a9 Fix bug when legacy CID is enabled but not used
When legacy CID is enabled at compile time, but not used at runtime, we
would incorrectly skip the sequence number at the beginning of the AAD.

There was already two "else" branches for writing the sequence number
but none of them was taken in that particular case.

Simplify the structure of the code: with TLS 1.2 (we're already in that
branch), we always write the sequence number, unless we're using
standard CID.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:48:17 +01:00
Hannes Tschofenig
db01d05011 Removal of redundant DTLS CID test in ssl-opt.sh
Per suggestion from Manuel, I removed this redundant test.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:19:19 +01:00
Hannes Tschofenig
df84bb30ab Removed MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH from CID tests in all.sh
Added also extra text.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:19:11 +01:00
Hannes Tschofenig
6b6b63f039 Added closing SECTION of doxygen markup
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:19:05 +01:00
Hannes Tschofenig
b2e6615625 Added deprecated warning in check_config.h
Warns about the removal of the legacy DTLS Connection ID feature in a future version of Mbed TLS.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:18:57 +01:00
Hannes Tschofenig
e2c46e0413 Reference to RFC 9146 added
Added deprecated keyword to MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:18:51 +01:00
Hannes Tschofenig
88e5566a9b Changed order of conditions in check_config.h
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-25 11:18:38 +01:00
Manuel Pégourié-Gonnard
91f88db019
Merge pull request #6639 from mpg/doc-driver-only-limitation
Document another limitation of driver-only hashes
2022-11-25 09:44:35 +01:00
Bence Szépkúti
12269e27b1 Add changelog for PKCS7 parser
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-11-25 05:51:40 +01:00
Bence Szépkúti
ae79fb2c2e Merge branch 'development' into pr3431 2022-11-25 03:12:43 +01:00
Gilles Peskine
187db00399 Update the Travis "full" build to use modern Clang
Don't use an all.sh component because there isn't one that does what we
want (modern Clang with ASan, and test everything).

* We need to set CC explicitly or tweak PATH, because clang in $PATH on
  Travis focal instances is Clang 7 which is too old (we want Clang 10).
* Travis lacks the array of versions of openssl and gnutls that we normally
  use for testing, so we need to exclude some tests (or build our
  own multiple versions of openssl and gnutls).

The SSL test exclusions are ad hoc and based on what currently works.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-24 22:41:55 +01:00
Gilles Peskine
4bdb9fbfa2 Enable all ciphers in OpenSSL >=1.1.0
OpenSSL may be configured to support features such as cipher suites or
protocol versions that are disabled by default. Enable them all: we're
testing, we don't care about enabling insecure stuff. This is not needed
with the builds of OpenSSL that we're currently using on the Jenkins CI, but
it's needed with more recent versions such as typically found on developer
machines, and with future CI additions.

The syntax to do that was only introduced in OpenSSL 1.1.0; fortunately we
don't need to do anything special with earlier versions.

With OpenSSL 1.1.1f on Ubuntu 20.04, this allows SHA-1 in certificates,
which is still needed for a few test cases in ssl-opt.sh. Curiously, this is
also needed for the cipher suite TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 (and
no other, including other DHE-PSK or ARIA cipher suites).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-24 22:41:55 +01:00
Tom Cosgrove
50fc127a4e Change order of test arguments for bignum_mod_raw to simplify Python script
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 21:29:23 +00:00
Tom Cosgrove
1923009cdb Add test generation for mbedtls_mpi_mod_raw_add()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 16:22:43 +00:00
Tom Cosgrove
abddad4af8 Add note about aliasing of operands for mbedtls_mpi_mod_raw_add()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 16:22:43 +00:00
Tom Cosgrove
54d87bf5c2 Take limb count from the modulus in mod_raw_add tests
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 16:22:38 +00:00
Werner Lewis
e4c0a6c3ba Change cast to correct type
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
f907576245 Pass correct arguments in test
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
1a277d9ad6 Replace comparison with XOR
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
d391b8ce61 Change types and move const before type
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
baa34b6248 Add test function for mpi_mod_raw_add
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
9fa91ebcb9 Use modulus structure in mbedtls_mpi_mod_raw_add
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Werner Lewis
0eea827cbd Rename MPI_CORE(add_mod) to mbedtls_mpi_mod_raw_add
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-24 16:18:06 +00:00
Hanno Becker
a45b6fee91 Extract MPI_CORE(add_mod) from the prototype
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-24 16:17:49 +00:00
Gabor Mezei
cbcbf4e434
Remove hand-written tests got raw_mod_sub
The generated tests cover all off the hand-written tests.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-24 11:48:59 +01:00
Ronald Cron
4cf77e99ab
Merge pull request #6621 from ronald-cron-arm/tls13-early-data-write
TLS 1.3: Add definition of mbedtls_ssl_{write,read}_early_data
2022-11-24 09:58:07 +01:00
Manuel Pégourié-Gonnard
fecc6b2fe4 Minor tune-up to ChangeLog & documentation
- fix a recurring typo
- use clearer names

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-24 09:40:12 +01:00
Gabor Mezei
6b3c0c5943
Update the test case generator
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 16:45:05 +01:00
Gilles Peskine
6157fee306 Unify defintions of inline for MSVC (and old armcc?)
Having multiple definitions was cumbersome, and meant we might forget the
definition when adding an inline definition to a file that didn't have one
before (as I did when I added an inline definition in common.h).

Resolves #6649.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-23 16:15:21 +01:00
Gabor Mezei
b3b3466657
Test subtraction if the parameters are aliased to each other
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
4d3f3c5430
Fix the checking of the used limbs
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
68a45e0aaf
Fix potential not initialized warning
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
02d2313829
Fix documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:14 +01:00
Gabor Mezei
3411e949cd
Cas variable to proper type
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:13 +01:00
Gabor Mezei
c426d9b6cc
Add generated test for low level subtraction with modulus
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:13 +01:00
Gabor Mezei
cefe03a10c
Add tests for low level subtraction with modulus
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:13 +01:00
Gabor Mezei
4c7cf7d742
Add low level subtraction with modulus
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-11-23 14:44:07 +01:00
Janos Follath
531a871b88
Merge pull request #6235 from tom-cosgrove-arm/issue-6231-core-sub-int
Bignum: extract core_sub_int from the prototype
2022-11-23 13:32:02 +00:00
Ronald Cron
4a8c9e2cff tls13: Add definition of mbedtls_ssl_{write,read}_early_data
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-11-23 14:29:37 +01:00
Gilles Peskine
42649d9270 Fix NULL+0 undefined behavior in ECB encryption and decryption
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-23 14:16:52 +01:00