Commit graph

12962 commits

Author SHA1 Message Date
Janos Follath
ac15f842a5 Merge remote-tracking branch 'restricted/pr/684' into mbedtls-2.22.0r0 2020-04-14 08:16:27 +01:00
Gilles Peskine
e62bdefce1
Merge pull request #3181 from gilles-peskine-arm/basic-build-test-status-with-deprecated
Fix failure detection and failures in basic-build-test.sh with SSL3 in basic-build-test
2020-04-10 15:07:01 +02:00
Gilles Peskine
c877c24ed0 Enable extra features that have tests
The "full" configuration excludes some deprecated or experimental
features. Enable the ones that have tests, don't have extra
requirements and don't turn off some other feature.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:52 +02:00
Gilles Peskine
b3d0bab10b MBEDTLS_MEMORY_BACKTRACE is no longer included in the full config
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:52 +02:00
Gilles Peskine
40be51ffe3 Add a few echo statements to make the logs easier to follow
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:50 +02:00
Gilles Peskine
bfcb6e16ab Create a large enough seedfile
The seedfile needs to have the size of the entropy accumulator, which
is 64 bytes (512 bits) since the entropy accumulator uses SHA-512 and
the seed size needs to be the same as the hash output (or larger).

We used to enable MBEDTLS_ENTROPY_FORCE_SHA256 in the full config, so
the entropy accumulator was 256 bits (32 bytes), and therefore a
32-byte seedfile worked. But we no longer turn on this option in the
full config, so the 32-byte seedfile no longer works.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:09 +02:00
Gilles Peskine
5757d54261 If 'make lcov' failed, exit immediately
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:02 +02:00
Gilles Peskine
ca51b474dc Note that we keep going even if some tests fail
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:00 +02:00
Gilles Peskine
6d6ee98c14 Exit with a failure status if some tests failed
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-09 18:28:14 +02:00
Janos Follath
105c99624a
Merge pull request #681 from ARMmbed/prepare-rc-2.22.0-updated
Prepare rc 2.22.0 updated
2020-04-09 14:12:10 +01:00
Jaeden Amero
66e21efe47
Merge pull request #3163 from AndrzejKurek/variable-buffers-renegotiation
Variable buffers & renegotiation - fixes
2020-04-09 12:11:02 +01:00
Manuel Pégourié-Gonnard
28482397d3 Merge branch 'development-restricted' into prepare-rc-2.22.0-updated
* development-restricted:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 12:17:11 +02:00
Manuel Pégourié-Gonnard
215d2e14a3 Merge remote-tracking branch 'restricted/pr/662' into development-restricted
* restricted/pr/662:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 11:53:01 +02:00
Janos Follath
940bc0048c Add missing ChangeLog entry
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-09 09:34:47 +01:00
Andrzej Kurek
8ea6872889
Improve pointer calculations when resizing I/O buffers
This commit introduces two changes:
- Add in_msg and out_msg calculations for buffer upsizing. This was previously
considered as unnecessary, but renegotiation using certain ciphersuites needs
this.
- Improving the way out_msg and in_msg pointers are calculated, so that even 
if no resizing is introduced, the pointers remain the same;

New tests added:
- various renegotiation schemes with a range of MFL's and ciphersuites;
- an ssl-opt.sh test exercising two things that were problematic: renegotiation
with TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 and a server MFL that's smaller
than the one negotiated by the client.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:33:00 -04:00
Andrzej Kurek
90c6e84a9c
Split the maximum fragment length into two - an input and output MFL
Since the server might want to have a different maximum fragment length
for the outgoing messages than the negotiated one - introduce a new way of
computing it. This commit also adds additional ssl-opt.sh tests ensuring
that the maximum fragment lengths are set as expected. 
mbedtls_ssl_get_max_frag_len() is now a deprecated function,
being an alias to mbedtls_ssl_get_output_max_frag_len(). The behaviour
of this function is the same as before.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:30:34 -04:00
Janos Follath
876e0259d5 Bump version to Mbed TLS 2.22.0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 17:15:18 +01:00
Janos Follath
ee85686339 Add missing ChangeLog entry
The MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH build option has been added since
the last release, but there was no entry for it in the ChangeLog.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 16:58:36 +01:00
Janos Follath
dca973bbeb Merge branch 'development-restricted' into mbedtls-2.22.0r0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 15:11:40 +01:00
Gilles Peskine
4500e83fe4
Merge pull request #3156 from mpg/improve-make-tags
Improve ctags invocation in Makefile
2020-04-06 17:48:44 +02:00
Gilles Peskine
54e1c30d1b
Merge pull request #3160 from gilles-peskine-arm/hkdf_expand-initialize_t-development
hkdf_expand: explicitly initialize t
2020-04-06 16:34:31 +02:00
Janos Follath
ea6af48b7e
Merge pull request #675 from mpg/ecc-projective-restricted
Fix leakage of projective coordinates in ECC
2020-04-06 15:23:26 +01:00
danh-arm
6d41f4cc42
Merge pull request #3122 from mpg/drafts-became-rfcs
Update references from drafts to RFCs in config.h
2020-04-06 09:54:53 +01:00
Manuel Pégourié-Gonnard
15f30dc7e6 Merge remote-tracking branch 'public/pr/2856' into development
* public/pr/2856:
  Fix issue  #2718 (condition always false)
2020-04-06 10:15:49 +02:00
Gilles Peskine
7f9e529fee
Merge pull request #3135 from gilles-peskine-arm/changelog-assemble-text
Switch to the classic Mbed TLS ChangeLog format
2020-04-03 22:29:06 +02:00
Gilles Peskine
3ab121a603 hkdf_expand: explicitly initialize t
t is never used uninitialized, since the first loop iteration reads 0
bytes of it and then writes hash_len bytes, and subsequent iterations
read and write hash_len bytes. However this is somewhat fragile, and
it would be legitimate for a static analyzer to be unsure.

Initialize t explicitly, to make the code clearer and more robust, at
negligible cost.

Reported by Vasily Evseenko in
https://github.com/ARMmbed/mbedtls/pull/2942
with a slightly different fix.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-02 19:54:51 +02:00
Gilles Peskine
60d6516c60 Fix whitespace style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-02 19:50:00 +02:00
Gilles Peskine
3124164f81
Merge pull request #3132 from mpg/fix-reconnect
Fix issues in handling of client reconnecting from the same port
2020-04-02 19:21:01 +02:00
Manuel Pégourié-Gonnard
c9f8956065 Allow alternative ctags versions in Makefile
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-02 12:10:45 +02:00
Manuel Pégourié-Gonnard
9039dc401f Improve ctags invocation in Makefile
Adding .function was necessary, as otherwise ctags would have no idea what to
do with those files.

Adding .h may not be necessary, as by default ctags considers them C++ which
is probably good enough, but since we're tuning the mapping anyway...

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-02 11:34:34 +02:00
Manuel Pégourié-Gonnard
65cc9a2e68
Merge pull request #3148 from danh-arm/dh/issue-template-question
Direct questions to mailing list in issue template
2020-04-01 12:32:10 +02:00
Manuel Pégourié-Gonnard
3bc2ceb3e0
Merge pull request #2574 from sbutcher-arm/additional-config-checks
Add additional sanity checks to check_config.h
2020-04-01 12:23:56 +02:00
Dan Handley
679bb03cf7 Direct questions to mailing list in issue template
Update issue template to direct questions to the TrustedFirmware.org
mailing list instead of using the GitHub issue tracker.

Signed-off-by: Dan Handley <dan.handley@arm.com>
2020-03-31 18:35:29 +01:00
Jaeden Amero
ef42565370
Merge pull request #3134 from AndrzejKurek/doxygen-include-fix
Add an include path to the doxyfile to fix preprocessing for docs
2020-03-31 19:14:45 +04:00
Andrzej Kurek
593adc8a72
Add an include path to the doxyfile to fix preprocessing for docs
Previously, doxygen was unable to effectively use preprocessing to determine
which parts of code should be documented. This was due to its inability to
include headers during preprocessing, which was discovered by running it in
preprocessing debug mode:
doxygen -d preprocessor mbedtls.doxyfile 
An example of failure: "#include mbedtls/config.h: not found! skipping..."
With the following fix includes are properly preprocessed with the documentation
being considerably larger.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-31 06:34:32 -04:00
Manuel Pégourié-Gonnard
243d70f2a5 Improve debug logging of client hard reconnect
The current logging was sub-standard, in particular there was no trace
whatsoever of the HelloVerifyRequest being sent. Now it's being logged with
the usual levels: 4 for full content, 2 return of f_send, 1 decision about
sending it (or taking other branches in the same function) because that's the
same level as state changes in the handshake, and also same as the "possible
client reconnect" message" to which it's the logical continuation (what are we
doing about it?).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-31 12:33:57 +02:00
Manuel Pégourié-Gonnard
f4563b4c8b Fix some style issues in udp_proxy
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-31 12:07:13 +02:00
Gilles Peskine
d4a720f541
Merge pull request #3140 from gilles-peskine-arm/outcome-dependency-crash-fix
Fix intermittent crash in test suites with outcome file enabled
2020-03-31 10:19:13 +02:00
Manuel Pégourié-Gonnard
2353636225
Merge pull request #3013 from eozturk1/development
Fix debug message by using the correct function name called
2020-03-31 09:53:20 +02:00
Gilles Peskine
06725c985f Fix intermittent crash in test suites with outcome file enabled
Fix an intermittent crash when running test suites in non-verbose
mode (i.e. with -v off) and with the outcome file enabled. The
array unmet_dependencies was only filled in verbose mode, but was used
in write_outcome_result regardless.

Since unmet_dependencies only ever contains strings that are integers
written out in decimal, store the integer instead. Do this
unconditionally since it doesn't cost any extra memory.

It would be better to record the dependency names, both in the verbose
output and in the outcome file. But the dependency names are not
currently available at runtime.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-30 22:00:23 +02:00
Gilles Peskine
dba4de0a12 Clarify extract_top_version when creating a new section
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-30 11:37:26 +02:00
Gilles Peskine
b695d5e30a Add guidance on writing and maintaining changelog entries
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 20:14:19 +01:00
Gilles Peskine
7c3f7cdeae Convert ChangeLog.d/README to markdown
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 20:14:19 +01:00
Gilles Peskine
4d977a4f40 Complain if there is junk before the first category title
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 20:14:19 +01:00
Gilles Peskine
e248e83f9f Start numbering lines at 1
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 20:14:19 +01:00
Gilles Peskine
eebf24f7a8 Create a new version section if the top version has a release date
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 20:14:17 +01:00
Gilles Peskine
6e97c43959 Switch to the classic Mbed TLS ChangeLog format
Instead of working with Markdown format, keep the classic Mbed TLS
ChangeLog format, with the classic category names. Keep the classic
file name as well. This way there's no risk of breaking third-party
scripts that may copy or even parse the changelog file.

Accordingly, expect ChangeLog/*.txt files instead of ChangeLog/*.md.

This commit completely rewrites the parsing and output code.

This commit systematically appends to the existing top version. A
subsequent commit will restore the capability of creating a new
version.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 20:13:45 +01:00
Gilles Peskine
c68c7c8864 Add a missing space in help text
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-27 19:09:18 +01:00
Simon Butcher
3aa6405007 Correct comment on the configuration option in x509.c
In x509.c, the self-test code is dependent on MBEDTLS_CERTS_C and
MBEDTLS_SHA256_C being enabled. At some point in the recent past that dependency
was on MBEDTLS_SHA1_C but changed to SHA256, but the comment wasn't updated.

This commit updates the comment.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
2020-03-27 17:16:15 +00:00
Simon Butcher
432e7023b1 Add additional sanity checks to check_config.h
Additional sanity checks in check_config.h to ensure:
    * if test certificates are included (MBEDTLS_CERTS_C) there must be also be
      support for the core X509 feature (MBEDTLS_X509_USE_C). This has a
      secondary dependency on the public key abstraction layer (MBEDTLS_PK_C),
      necessary as the certificates will either be signed by RSA or ECDSA, and
      therefore need to be part of the library.
    * if any of the TLS protocols are defined (MBEDTLS_SSL_PROTO_xxx) then a
      key exchange method must also be defined (MBEDTLS_KEY_EXCHANGE_xxx).

Anyone who knows the library will probably not make these mistakes or will
quickly diagnose and fix them, but it is possible to compile and link both
configurations if you build only the library and not the example programs, and
therefore users may not realise immediately that there's a mistake, only
discovering it at runtime.

These checks may therefore save someone some time.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
2020-03-27 17:16:15 +00:00