From bef1f6371fdeef39d7b5bc96817a421d263bc530 Mon Sep 17 00:00:00 2001 From: Sergey Date: Mon, 6 Mar 2023 15:25:06 -0700 Subject: [PATCH 001/125] Fix llvm error: variables may be used uninitialized Signed-off-by: Sergey --- library/psa_crypto.c | 4 ++-- library/ssl_cache.c | 2 +- tests/suites/test_suite_psa_crypto.function | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0efebb40ce..96547e04dc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3997,7 +3997,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; - size_t default_iv_length; + size_t default_iv_length = 0; if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; @@ -4604,7 +4604,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t local_nonce[PSA_AEAD_NONCE_MAX_SIZE]; - size_t required_nonce_size; + size_t required_nonce_size = 0; *nonce_length = 0; diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 7c16e10e99..8b82297c66 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -246,7 +246,7 @@ int mbedtls_ssl_cache_set(void *data, mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *cur; - size_t session_serialized_len; + size_t session_serialized_len = 0; unsigned char *session_serialized = NULL; #if defined(MBEDTLS_THREADING_C) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 182443a5e9..36b01ce884 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -9672,7 +9672,7 @@ void persistent_key_load_key_from_storage(data_t *data, unsigned char *first_export = NULL; unsigned char *second_export = NULL; size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits); - size_t first_exported_length; + size_t first_exported_length = 0; size_t second_exported_length; if (usage_flags & PSA_KEY_USAGE_EXPORT) { From 4e2f244ab481d0761da97229dfb25c6640638f12 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 15 Aug 2023 10:10:26 +0200 Subject: [PATCH 002/125] test: add accelerated and reference test for ECC+FFDH without BN Since most of the code in "ECC+FFDH without BN" scenario was shared with the "ECC without BN" one, I tried to reuse part of the code in order to avoid duplications. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 152 +++++++++++++++++++++++++++++++++---------- 1 file changed, 117 insertions(+), 35 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ef3345e657..5265c93b30 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2622,16 +2622,29 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { tests/ssl-opt.sh } -# This function is really similar to config_psa_crypto_no_ecp_at_all() above so -# its description is basically the same. The main difference in this case is -# that when the EC built-in implementation is disabled, then also Bignum module -# and its dependencies are disabled as well. -# -# This is the common helper between: +# This is a common configuration helper used directly from: +# - common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum +# - common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum +# and indirectly from: # - component_test_psa_crypto_config_accel_ecc_no_bignum +# - accelerate all EC algs, disable RSA and FFDH # - component_test_psa_crypto_config_reference_ecc_no_bignum -config_psa_crypto_config_accel_ecc_no_bignum() { +# - this is the reference component of the above +# - it still disables RSA and FFDH, but it uses builtin EC algs +# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum +# - accelerate all EC and FFDH algs, disable only RSA +# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum +# - this is the reference component of the above +# - it still disables RSA, but it uses builtin EC and FFDH algs +# +# This function accepts 2 parameters: +# $1: it is a boolean values which states if we are testing an accelerated +# scenario or not. +# $2: it is a string value which states which are the tested components. Allowed +# values are "ECC" or "ECC_DH". +config_psa_crypto_config_accel_ecc_ffdh_no_bignum() { DRIVER_ONLY="$1" + TEST_TARGET="$2" # start with full config for maximum coverage (also enables USE_PSA) helper_libtestdriver1_adjust_config "full" @@ -2666,13 +2679,23 @@ config_psa_crypto_config_accel_ecc_no_bignum() { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - # Disable FFDH because it also depends on BIGNUM. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH - scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" - scripts/config.py unset MBEDTLS_DHM_C - # Also disable key exchanges that depend on FFDH - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + if [ "$TEST_TARGET" = "ECC" ]; then + # When testing ECC only, we disable FFDH support, both from builtin and + # PSA sides, and also disable the key exchanges that depend on DHM. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" + scripts/config.py unset MBEDTLS_DHM_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + else + # When testing ECC and DH instead, we disable DHM and depending key + # exchanges only in the accelerated build + if [ "$DRIVER_ONLY" -eq 1 ]; then + scripts/config.py unset MBEDTLS_DHM_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + fi + fi # Restartable feature is not yet supported by PSA. Once it will in # the future, the following line could be removed (see issues @@ -2680,15 +2703,32 @@ config_psa_crypto_config_accel_ecc_no_bignum() { scripts/config.py unset MBEDTLS_ECP_RESTARTABLE } -# Build and test a configuration where driver accelerates all EC algs while -# all support and dependencies from ECP and ECP_LIGHT are removed on the library -# side. +# Common helper used by: +# - component_test_psa_crypto_config_accel_ecc_no_bignum +# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum # -# Keep in sync with component_test_psa_crypto_config_reference_ecc_no_bignum() -component_test_psa_crypto_config_accel_ecc_no_bignum () { - msg "build: full + accelerated EC algs + USE_PSA - ECP - BIGNUM" +# The goal is to build and test accelerating either: +# - ECC only or +# - both ECC and FFDH +# +# It is meant to be used in conjunction with +# common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum() for drivers' +# coverage analysis in "analyze_outcomes.py" script. +common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { + TEST_TARGET="$1" - # Algorithms and key types to accelerate + # This is an internal helper to simplify text messages' handling + if [ "$TEST_TARGET" = "ECC_DH" ]; then + ACCEL_TEXT="ECC/FFDH" + REMOVED_TEXT="ECP - DH" + else + ACCEL_TEXT="ECC" + REMOVED_TEXT="ECP" + fi + + msg "build: full + accelerated $ACCEL_TEXT algs + USE_PSA - $REMOVED_TEXT - BIGNUM" + + # By default we accelerate all EC keys/algs loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ ALG_ECDH \ ALG_JPAKE \ @@ -2697,12 +2737,22 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () { KEY_TYPE_ECC_KEY_PAIR_EXPORT \ KEY_TYPE_ECC_KEY_PAIR_GENERATE \ KEY_TYPE_ECC_PUBLIC_KEY" + # Optionally we can also add DH to the list of accelerated items + if [ "$TEST_TARGET" = "ECC_DH" ]; then + loc_accel_list="$loc_accel_list \ + ALG_FFDH \ + KEY_TYPE_DH_KEY_PAIR_BASIC \ + KEY_TYPE_DH_KEY_PAIR_IMPORT \ + KEY_TYPE_DH_KEY_PAIR_EXPORT \ + KEY_TYPE_DH_KEY_PAIR_GENERATE \ + KEY_TYPE_DH_PUBLIC_KEY" + fi # Configure # --------- # Set common configurations between library's and driver's builds - config_psa_crypto_config_accel_ecc_no_bignum 1 + config_psa_crypto_config_accel_ecc_ffdh_no_bignum 1 "$TEST_TARGET" # Build # ----- @@ -2719,41 +2769,73 @@ component_test_psa_crypto_config_accel_ecc_no_bignum () { not grep mbedtls_ecdsa_ library/ecdsa.o not grep mbedtls_ecdh_ library/ecdh.o not grep mbedtls_ecjpake_ library/ecjpake.o - # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled + # Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled not grep mbedtls_ecp_ library/ecp.o not grep mbedtls_rsa_ library/rsa.o - not grep mbedtls_dhm_ library/dhm.o not grep mbedtls_mpi_ library/bignum.o + not grep mbedtls_dhm_ library/dhm.o # Run the tests # ------------- - msg "test suites: full + accelerated EC algs + USE_PSA - ECP - BIGNUM" + msg "test suites: full + accelerated $ACCEL_TEXT algs + USE_PSA - $REMOVED_TEXT - DHM - BIGNUM" + make test - # The following will be enabled in #7756 - msg "ssl-opt: full + accelerated EC algs + USE_PSA - ECP - BIGNUM" + msg "ssl-opt: full + accelerated $ACCEL_TEXT algs + USE_PSA - $REMOVED_TEXT - BIGNUM" tests/ssl-opt.sh } -# Reference function used for driver's coverage analysis in analyze_outcomes.py -# in conjunction with component_test_psa_crypto_config_accel_ecc_no_bignum(). -# Keep in sync with its accelerated counterpart. -component_test_psa_crypto_config_reference_ecc_no_bignum () { - msg "build: full + non accelerated EC algs + USE_PSA" +# Common helper used by: +# - component_test_psa_crypto_config_reference_ecc_no_bignum +# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum +# +# The goal is to build and test a reference scenario (i.e. with builtin +# components) compared to the ones used in +# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() above. +# +# It is meant to be used in conjunction with +# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() for drivers' +# coverage analysis in "analyze_outcomes.py" script. +common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { + TEST_TARGET="$1" - config_psa_crypto_config_accel_ecc_no_bignum 0 + # This is an internal helper to simplify text messages' handling + if [ "$TEST_TARGET" = "ECC_DH" ]; then + ACCEL_TEXT="ECC/FFDH" + else + ACCEL_TEXT="ECC" + fi + + msg "build: full + non accelerated $ACCEL_TEXT algs + USE_PSA" + + config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$TEST_TARGET" make msg "test suites: full + non accelerated EC algs + USE_PSA" make test - # The following will be enabled in #7756 - msg "ssl-opt: full + non accelerated EC algs + USE_PSA" + msg "ssl-opt: full + non accelerated $ACCEL_TEXT algs + USE_PSA" tests/ssl-opt.sh } +component_test_psa_crypto_config_accel_ecc_no_bignum () { + common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC" +} + +component_test_psa_crypto_config_reference_ecc_no_bignum () { + common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC" +} + +component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { + common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC_DH" +} + +component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { + common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC_DH" +} + # Helper function used in: # - component_test_psa_crypto_config_accel_all_curves_except_p192 # - component_test_psa_crypto_config_accel_all_curves_except_x25519 From 307810babba2277f8811b6917c9dbede9522463e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 15 Aug 2023 10:12:25 +0200 Subject: [PATCH 003/125] analyze_outcomes: add case for "ECC+FFDH w/o BN" Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 96 ++++++++++++++++++++++++++++++- 1 file changed, 95 insertions(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index c6891bb432..56d41cc6c5 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -310,7 +310,7 @@ TASKS = { } } }, - 'analyze_driver_vs_reference_no_bignum': { + 'analyze_driver_vs_reference_ecc_no_bignum': { 'test_function': do_analyze_driver_vs_reference, 'args': { 'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum', @@ -403,6 +403,100 @@ TASKS = { } } }, + 'analyze_driver_vs_reference_ecc_ffdh_no_bignum': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum', + 'component_driver': 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum', + 'ignored_suites': [ + # Ignore test suites for the modules that are disabled in the + # accelerated test case. + 'ecp', + 'ecdsa', + 'ecdh', + 'ecjpake', + 'bignum_core', + 'bignum_random', + 'bignum_mod', + 'bignum_mod_raw', + 'bignum.generated', + 'bignum.misc', + 'dhm', + ], + 'ignored_tests': { + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + 'test_suite_psa_crypto': [ + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', + 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', + ], + 'test_suite_pkparse': [ + # See the description provided above in the + # analyze_driver_vs_reference_no_ecp_at_all component. + 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', + 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', + 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', + 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', + 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', + 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', + 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', + 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', + 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', + 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', + 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', + 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', + 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', + 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', + 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', + 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + ], + 'test_suite_asn1parse': [ + # This test depends on BIGNUM_C + 'INTEGER too large for mpi', + ], + 'test_suite_asn1write': [ + # Following tests depends on BIGNUM_C + 'ASN.1 Write mpi 0 (1 limb)', + 'ASN.1 Write mpi 0 (null)', + 'ASN.1 Write mpi 0x100', + 'ASN.1 Write mpi 0x7f', + 'ASN.1 Write mpi 0x7f with leading 0 limb', + 'ASN.1 Write mpi 0x80', + 'ASN.1 Write mpi 0x80 with leading 0 limb', + 'ASN.1 Write mpi 0xff', + 'ASN.1 Write mpi 1', + 'ASN.1 Write mpi, 127*8 bits', + 'ASN.1 Write mpi, 127*8+1 bits', + 'ASN.1 Write mpi, 127*8-1 bits', + 'ASN.1 Write mpi, 255*8 bits', + 'ASN.1 Write mpi, 255*8-1 bits', + 'ASN.1 Write mpi, 256*8-1 bits', + ], + 'test_suite_debug': [ + # Following tests depends on BIGNUM_C + 'Debug print mbedtls_mpi #2: 3 bits', + 'Debug print mbedtls_mpi: 0 (empty representation)', + 'Debug print mbedtls_mpi: 0 (non-empty representation)', + 'Debug print mbedtls_mpi: 49 bits', + 'Debug print mbedtls_mpi: 759 bits', + 'Debug print mbedtls_mpi: 764 bits #1', + 'Debug print mbedtls_mpi: 764 bits #2', + ], + } + } + }, 'analyze_driver_vs_reference_ffdh_alg': { 'test_function': do_analyze_driver_vs_reference, 'args': { From d31b28485bbf77bb7634c58eff68319d2ee5e7e2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 15 Aug 2023 10:59:58 +0200 Subject: [PATCH 004/125] driver-only-builds: update EC and FFDH sections Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 39 +++++++++++++++++++++++++++++++------- 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index a55bbc5697..1a42a3f3e7 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -76,10 +76,6 @@ TODO Elliptic-curve cryptography (ECC) --------------------------------- -Note: things are still evolving. This section describes the situation right -after #7452 has been merged. It will be updated again in #7757 when bignum is -done. - It is possible to have most ECC operations provided only by a driver: - the ECDH, ECDSA and EC J-PAKE algorithms; - key import, export, and random generation. @@ -107,6 +103,11 @@ without `MBEDTLS_ECP_C` provided the corresponding RSA or FFDH, then you can also disable `MBEDTLS_BIGNUM_C` for further code size saving. +[Coming soon] As noted in the "Limitations regarding the selection of curves" +section below, there is an upcoming requirement for all the required curves to +be also accelerated in the PSA driver in order to exclude the builtin algs +support. + ### Limitations regarding fully removing `ecp.c` A limited subset of `ecp.c` will still be automatically re-enabled if any of @@ -144,10 +145,34 @@ timeline, please let us know if you're interested. ### Limitations regarding the selection of curves -TODO: apparently we don't really support having some curves built-in and -others driver-only... investigate and describe the situation. See also #7899. +There is an ongoing work which tries to establish a link/constrain between +the list of supported curves and supported algorithms both in builtin and PSA +sides. In particular: + +- #8014 ensures that the curves supported on the PSA side (`PSA_WANT_ECC_xxx`) + are always a superset of the builtin ones (`MBEDTLS_ECP_DP_xxx`) +- #8016 forces builtin alg support as soon as there is at least one builtin + curve. In other words, in order to exclue all builtin algs, all the required + curves should be supported and accelerated by the PSA driver. Finite-field Diffie-Hellman --------------------------- -TODO +Support is pretty similar to the "Elliptic-curve cryptography (ECC)" section +above. +Key management and usage can be enabled by means of the usual `PSA_WANT` + +`MBEDTLS_PSA_ACCEL` pairs: + +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_PUBLIC_KEY`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_BASIC`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_IMPORT`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_EXPORT`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_GENERATE`; + +The same holds for the associated algorithm: +`[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow to build accelerating FFDH and +removing builtin support (i.e. `MBEDTLS_DHM_C`). + +### Limitations +Support for deterministic derivation of a DH keypair +(i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported. From 48513b8639056eb3b8093842cb197a02e4f5d1e7 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 20 Jul 2023 16:19:05 +0100 Subject: [PATCH 005/125] Escape special characters RFC 4514 This escapes special characters according to RFC 4514 in mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names. This commit does not handle hexpairs. Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 14 +++++++++----- library/x509_create.c | 4 ++-- tests/suites/test_suite_x509write.data | 11 ++++++++++- 3 files changed, 21 insertions(+), 8 deletions(-) diff --git a/library/x509.c b/library/x509.c index ba8d719606..2764ba6006 100644 --- a/library/x509.c +++ b/library/x509.c @@ -855,12 +855,16 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) } c = name->val.p[i]; - // Special characters requiring escaping, RFC 1779 - if (c && strchr(",=+<>#;\"\\", c)) { - if (j + 1 >= sizeof(s) - 1) { - return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + // Special characters requiring escaping, RFC 4514 Section 2.4 + if (c) { + if (strchr(",=+<>;\"\\+", c) || + ((i == 0) && strchr("# ", c)) || + ((i == name->val.len-1 ) && (c == ' '))) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; } - s[j++] = '\\'; } if (c < 32 || c >= 127) { s[j] = '?'; diff --git a/library/x509_create.c b/library/x509_create.c index bd772d3ac7..170a6bc29c 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -153,8 +153,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!in_tag && *c == '\\' && c != end) { c++; - /* Check for valid escaped characters */ - if (c == end || *c != ',') { + /* Check for valid escaped characters in RFC 4514 in Section 3*/ + if (c == end || !strchr(" ,=+<>#;\"\\+", *c)) { ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 0848550199..e50f590dbc 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -184,8 +184,17 @@ mbedtls_x509_string_to_names:"C=NL, O=Offspark\\a Inc., OU=PolarSSL":"":MBEDTLS_ X509 String to Names #6 (Escape at end) mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #6 (Invalid, no '=' or ',') +X509 String to Names #7 (Invalid, no '=' or ',') mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME +X509 String to Names #8 (Escape valid characters) +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":0 + +X509 String to Names #9 (Escape '#' at beginning of string) +mbedtls_x509_string_to_names:"C=NL, O=#Offspark#, OU=PolarSSL":"C=NL, O=\\#Offspark#, OU=PolarSSL":0 + +X509 String to Names #10 (Escape ' ' at beginning and end of string) +mbedtls_x509_string_to_names:"C=NL, O= Off spark , OU=PolarSSL":"C=NL, O=\\ Off spark\\ , OU=PolarSSL":0 + Check max serial length x509_set_serial_check: From ef2decbe4aa625e097ebd7baba006be08b707581 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 21 Jul 2023 15:47:47 +0100 Subject: [PATCH 006/125] Escape hexpairs characters RFC 4514 Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and interprets hexpairs in mbedtls_x509_string_to_names. Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 21 +++++++++++++++++---- library/x509_create.c | 20 ++++++++++++++++++-- tests/suites/test_suite_x509write.data | 9 +++++++++ 3 files changed, 44 insertions(+), 6 deletions(-) diff --git a/library/x509.c b/library/x509.c index 2764ba6006..5025d774b4 100644 --- a/library/x509.c +++ b/library/x509.c @@ -810,6 +810,12 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, return 0; } +/* Converts only the 4 least significant bits */ +static char x509_int_to_hexdigit(int i) +{ + return (i < 10) ? (i | 0x30) : ((i - 9) | 0x40); +} + /* * Store the name in printable form into buf; no more * than size characters will be written @@ -857,9 +863,9 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) c = name->val.p[i]; // Special characters requiring escaping, RFC 4514 Section 2.4 if (c) { - if (strchr(",=+<>;\"\\+", c) || - ((i == 0) && strchr("# ", c)) || - ((i == name->val.len-1 ) && (c == ' '))) { + if (strchr(",=+<>;\"\\+", c) || + ((i == 0) && strchr("# ", c)) || + ((i == name->val.len-1) && (c == ' '))) { if (j + 1 >= sizeof(s) - 1) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } @@ -867,7 +873,14 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) } } if (c < 32 || c >= 127) { - s[j] = '?'; + if (j + 3 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; + char lowbits = (c & 0x0F); + char highbits = c>>4; + s[j++] = x509_int_to_hexdigit(highbits); + s[j] = x509_int_to_hexdigit(lowbits); } else { s[j] = c; } diff --git a/library/x509_create.c b/library/x509_create.c index 170a6bc29c..9652a20c6d 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -123,6 +123,16 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, return cur; } +static int x509_is_char_hex(char c) +{ + return ('0' <= c && c <= '9') || ('a' <= c && c <= 'f') || ('A' <= c && c <= 'F'); +} + +static int x509_hex_to_int(char c) +{ + return ((c & 0x40) ? (c + 9) : c) & 0x0F; +} + int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { int ret = MBEDTLS_ERR_X509_INVALID_NAME; @@ -131,6 +141,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam const char *oid = NULL; const x509_attr_descriptor_t *attr_descr = NULL; int in_tag = 1; + int hexpair = 0; char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char *d = data; @@ -154,7 +165,11 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam c++; /* Check for valid escaped characters in RFC 4514 in Section 3*/ - if (c == end || !strchr(" ,=+<>#;\"\\+", *c)) { + if (c + 1 < end && x509_is_char_hex(*c) && x509_is_char_hex(*(c+1))) { + hexpair = 1; + *(d++) = (x509_hex_to_int(*c) << 4) + x509_hex_to_int(*(c+1)); + c++; + } else if (c == end || !strchr(" ,=+<>#;\"\\+", *c)) { ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } @@ -182,7 +197,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam ret = 0; } - if (!in_tag && s != c + 1) { + if (!hexpair && !in_tag && s != c + 1) { *(d++) = *c; if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { @@ -191,6 +206,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } } + hexpair = 0; c++; } diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index e50f590dbc..0987faef2a 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -196,5 +196,14 @@ mbedtls_x509_string_to_names:"C=NL, O=#Offspark#, OU=PolarSSL":"C=NL, O=\\#Offsp X509 String to Names #10 (Escape ' ' at beginning and end of string) mbedtls_x509_string_to_names:"C=NL, O= Off spark , OU=PolarSSL":"C=NL, O=\\ Off spark\\ , OU=PolarSSL":0 +X509 String to Names #11 (Escape ascii hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\66spark, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 + +X509 String to Names #12 (Escape non-ascii hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 + +X509 String to Names #13 (Invalid hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + Check max serial length x509_set_serial_check: From dba8a641fefba60c7c9d3fa17e180453c9eb2e03 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 24 Jul 2023 14:41:34 +0100 Subject: [PATCH 007/125] Add and update tests for x509write and x509parse Due to change in handling non-ascii characters, existing tests had to be updated to handle the new implementation. New tests and certificates are added to test the escaping functionality in edge cases. Signed-off-by: Agathiyan Bragadeesh --- tests/data_files/Makefile | 11 ++++++++++- tests/data_files/server1.hashsymbol.crt | 20 ++++++++++++++++++++ tests/data_files/server1.spaces.crt | 20 ++++++++++++++++++++ tests/suites/test_suite_x509parse.data | 12 ++++++++++-- 4 files changed, 60 insertions(+), 3 deletions(-) create mode 100644 tests/data_files/server1.hashsymbol.crt create mode 100644 tests/data_files/server1.spaces.crt diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index b5f0844c9d..2009ad6699 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1441,6 +1441,11 @@ all_final += server1.req.cert_type_empty parse_input/server1.req.commas.sha256: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL\, Commas,CN=PolarSSL Server 1" md=SHA256 +parse_input/server1.req.hashsymbol.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=\#PolarSSL,CN=PolarSSL Server 1" md=SHA256 + +parse_input/server1.req.spaces.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O= PolarSSL ,CN=PolarSSL Server 1" md=SHA256 # server2* server2_pwd_ec = PolarSSLTest @@ -1590,7 +1595,11 @@ server1.der: server1.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ server1.commas.crt: server1.key parse_input/server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ -all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt +server1.hashsymbol.crt: server1.key parse_input/server1.req.hashsymbol.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.hashsymbol.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +server1.spaces.crt: server1.key parse_input/server1.req.spaces.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.spaces.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt server1.hashsymbol.crt server1.spaces.crt parse_input/server1.key_usage.crt: parse_input/server1.req.sha256 server1.key_usage.crt: server1.req.sha256 diff --git a/tests/data_files/server1.hashsymbol.crt b/tests/data_files/server1.hashsymbol.crt new file mode 100644 index 0000000000..9db73009dd --- /dev/null +++ b/tests/data_files/server1.hashsymbol.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDESMBAG +A1UECgwJI1BvbGFyU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAJcKcv/Xro61Sxm0GH42pYu7AvtD2b8nynvA8BW9gCHmiIHvHQWNO9NTMuno +1+HdzQVF1JxHC/A/hvXsczxGEc3jVnVeg1fwi8mZ/Fy1XtAVCTA0yJu7JTaaYbg+ +IU2y7Nu36FSOztLpOfHGmwVDoJ1+wCzG/id64hXwJRrHvUfGK4EvIsV97swhk2Do +zSAfDA9N+QNV4zeiF9mLMOpUhCUBq8r41EDqm9lM0wSd3HNen8jwO20F4F1b1dYm +L+bMarvUgHq91f128m2fF3sWNnz4RGoagSI/aOU/AP6Ksq8SUruGHpqrVWLClA6n +EyyTPlNTwYIRCydZt7zlsw1/4h4= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.spaces.crt b/tests/data_files/server1.spaces.crt new file mode 100644 index 0000000000..b77132a190 --- /dev/null +++ b/tests/data_files/server1.spaces.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA+MQswCQYDVQQGEwJOTDETMBEG +A1UECgwKIFBvbGFyU1NMIDEaMBgGA1UEAwwRUG9sYXJTU0wgU2VydmVyIDEwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFe +ib+46EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rV +QUN3Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2B +JV8KsVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUs +ZOuVm9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6m +T3Buns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMB +AAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKm +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA +A4IBAQBsR3jOFh7uGF5MCvEK8DrSmmvcFJzMmTRp0hCMeb0wEULhrMKeRDIa2yvr +FrHHCUNAk2HjsjJevpCM8f3ibDqecckfbxE2vT9IUCmPrtOWmhQR/Il5TR9FvYns +4BF1KUPRqGUFAXoIN+xKcYdp+myIluGHumM4Bop7tAZ5gg68IV/UJh5RqShxiLgV +rxHzrp6oM1kn199m2wc1Twy2YwcNmfJDSOLV6K4xWjwcc8Eq+rLhuWUs5GNdrSEY +ZjWmF1AlbVVChU3Dl5XOAY8T6+wJst5RIwkf1Fl1TPCZX8FWzGM9HYiYW0cC7cno +IdSS7mVGxNrNe+6/Cu+zfqeiLdN2 +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 7af9de9cf1..a2a43d3823 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -184,11 +184,11 @@ x509_cert_info:"data_files/parse_input/server3.crt":"cert. version \: 3\nser X509 CRT information Bitstring in subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 -x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n rfc822Name \: client@example.com\next key usage \: TLS Web Client Authentication\n" +x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=\\007101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n rfc822Name \: client@example.com\next key usage \: TLS Web Client Authentication\n" X509 CRT information Non-ASCII string in issuer name and subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509_cert_info:"data_files/parse_input/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +x509_cert_info:"data_files/parse_input/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 Ltd, CN=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 CA\nsubject name \: C=JP, ST=Tokyo, O=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 Ltd, CN=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" X509 CRT information Parsing IPv4 and IPv6 IP names depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C @@ -447,6 +447,14 @@ X509 Get Distinguished Name #5 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets:"data_files/server1.commas.crt":"subject":"C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1" +X509 Get Distinguished Name #6 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.hashsymbol.crt":"subject":"C=NL, O=\\#PolarSSL, CN=PolarSSL Server 1" + +X509 Get Distinguished Name #7 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.spaces.crt":"subject":"C=NL, O=\\ PolarSSL\\ , CN=PolarSSL Server 1" + X509 Get Modified DN #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"Modified":"C=NL, O=Modified, CN=PolarSSL Server 1":0 From 9d2507c81dae277e5f82abf85c8de01a3bef9973 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 24 Jul 2023 16:35:57 +0100 Subject: [PATCH 008/125] Rename x509_int_to_hexdigit to nibble_to_hex_digit Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/library/x509.c b/library/x509.c index 5025d774b4..b8a866ac38 100644 --- a/library/x509.c +++ b/library/x509.c @@ -810,8 +810,7 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, return 0; } -/* Converts only the 4 least significant bits */ -static char x509_int_to_hexdigit(int i) +static char nibble_to_hex_digit(int i) { return (i < 10) ? (i | 0x30) : ((i - 9) | 0x40); } @@ -879,8 +878,8 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[j++] = '\\'; char lowbits = (c & 0x0F); char highbits = c>>4; - s[j++] = x509_int_to_hexdigit(highbits); - s[j] = x509_int_to_hexdigit(lowbits); + s[j++] = nibble_to_hex_digit(highbits); + s[j] = nibble_to_hex_digit(lowbits); } else { s[j] = c; } From f0e1ac59d863f03a90d7db204f468e3dca4b6e0e Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 24 Jul 2023 16:43:36 +0100 Subject: [PATCH 009/125] Rewrite nibble_to_hex_digit for readability Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509.c b/library/x509.c index b8a866ac38..b36e27a274 100644 --- a/library/x509.c +++ b/library/x509.c @@ -812,7 +812,7 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, static char nibble_to_hex_digit(int i) { - return (i < 10) ? (i | 0x30) : ((i - 9) | 0x40); + return (i < 10) ? (i + '0') : (i - 10 + 'A'); } /* From 404b4bb9ab3effee68c51b2c3ccf77c7ce95ca88 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 24 Jul 2023 16:56:10 +0100 Subject: [PATCH 010/125] Add x509 tests for upper and lowercase hexpairs Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 0987faef2a..0827f948c2 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -196,13 +196,16 @@ mbedtls_x509_string_to_names:"C=NL, O=#Offspark#, OU=PolarSSL":"C=NL, O=\\#Offsp X509 String to Names #10 (Escape ' ' at beginning and end of string) mbedtls_x509_string_to_names:"C=NL, O= Off spark , OU=PolarSSL":"C=NL, O=\\ Off spark\\ , OU=PolarSSL":0 -X509 String to Names #11 (Escape ascii hexpairs) -mbedtls_x509_string_to_names:"C=NL, O=Of\\66spark, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 +X509 String to Names #11 (Escape ascii hexpairs uppercase encoded) +mbedtls_x509_string_to_names:"C=NL, O=\\4F\\66\\66\\73\\70\\61\\72\\6B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #12 (Escape non-ascii hexpairs) +X509 String to Names #12 (Escape ascii hexpairs lowercase encoded) +mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 + +X509 String to Names #13 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 -X509 String to Names #13 (Invalid hexpairs) +X509 String to Names #14 (Invalid hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME Check max serial length From e119f3c0ea898b9f0338d3fbcaecfd556ec4506b Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 24 Jul 2023 17:21:14 +0100 Subject: [PATCH 011/125] Refactor mbedtls_x509_string_to_names This refactor is to accomodate future support of numericoid/hexstring attributetype value pairs. Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 138 ++++++++++++++++++++++++++++++------------ 1 file changed, 100 insertions(+), 38 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 9652a20c6d..8f27cba534 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -28,6 +28,8 @@ #include +#include "mbedtls/platform.h" + /* Structure linking OIDs for X.509 DN AttributeTypes to their * string representations and default string encodings used by Mbed TLS. */ typedef struct { @@ -35,7 +37,8 @@ typedef struct { * "CN" or "emailAddress". */ size_t name_len; /* Length of 'name', without trailing 0 byte. */ const char *oid; /* String representation of OID of AttributeType, - * as per RFC 5280, Appendix A.1. */ + * as per RFC 5280, Appendix A.1. encoded as per + * X.690 */ int default_tag; /* The default character encoding used for the * given attribute type, e.g. * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ @@ -123,27 +126,99 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, return cur; } -static int x509_is_char_hex(char c) +static const x509_attr_descriptor_t *x509_attr_descr_from_numericoid(const char *numericoid, size_t numericoid_len) { - return ('0' <= c && c <= '9') || ('a' <= c && c <= 'f') || ('A' <= c && c <= 'F'); + const x509_attr_descriptor_t *cur; + mbedtls_asn1_buf *oid = mbedtls_calloc(1,sizeof(mbedtls_asn1_buf)); + int ret; + + ret = mbedtls_oid_from_numeric_string(oid, numericoid, numericoid_len); + if((ret == MBEDTLS_ERR_X509_ALLOC_FAILED) || (ret == MBEDTLS_ERR_ASN1_INVALID_DATA)) { + return NULL; + } + + for (cur = x509_attrs; cur->oid != NULL; cur++) { + if (sizeof(cur->oid) == oid->len && + strncmp(cur->oid, (const char*) oid->p, oid->len) == 0) { + break; + } + } + + mbedtls_free(oid->p); + if (cur->oid == NULL) { + return NULL; + } + + return cur; } -static int x509_hex_to_int(char c) +static int hex_to_int(char c) { - return ((c & 0x40) ? (c + 9) : c) & 0x0F; + return ('0' <= c && c <= '9') ? (c - '0') : + ('a' <= c && c <= 'f') ? (c - 'a' + 10) : + ('A' <= c && c <= 'F') ? (c - 'A' + 10) : -1; +} + +static int hexpair_to_int(char c1, char c2) +{ + int n1 = hex_to_int(c1); + int n2 = hex_to_int(c2); + if (n1 != -1 && n2 != -1) { + return (n1 << 4) | n2; + } else { + return -1; + } +} + +static int parse_attribute_value_string(const char *s, int len, char *data, int *data_len) { + const char *c = s; + const char *end = c + len; + int hexpair = 0; + char *d = data; + int n; + while(c < end) { + if (*c == '\\') { + c++; + + /* Check for valid escaped characters in RFC 4514 in Section 3*/ + if (c + 1 < end && (n = hexpair_to_int(*c, *(c+1))) != -1) { + hexpair = 1; + *(d++) = n; + c++; + } else if (c == end || !strchr(" ,=+<>#;\"\\+", *c)) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + } + if (!hexpair) { + *(d++) = *c; + } + if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + + hexpair = 0; + c++; + } + *data_len = d - data; + return 0; +} + +static int parse_attribute_value_ber_encoded(const char *s, int len, char *data, int *data_len) { + return 0; } int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { int ret = MBEDTLS_ERR_X509_INVALID_NAME; + int parse_ret = 0; const char *s = name, *c = s; const char *end = s + strlen(s); const char *oid = NULL; const x509_attr_descriptor_t *attr_descr = NULL; int in_tag = 1; - int hexpair = 0; + int numericoid = 0; char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; - char *d = data; + int data_len = 0; /* Clear existing chain if present */ mbedtls_asn1_free_named_data_list(head); @@ -151,34 +226,35 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam while (c <= end) { if (in_tag && *c == '=') { if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { - ret = MBEDTLS_ERR_X509_UNKNOWN_OID; - goto exit; + if ((attr_descr = x509_attr_descr_from_numericoid(s, c - s)) == NULL) { + return MBEDTLS_ERR_X509_UNKNOWN_OID; + } else { + numericoid = 1; + } + } else { + numericoid = 0; } oid = attr_descr->oid; s = c + 1; in_tag = 0; - d = data; } - if (!in_tag && *c == '\\' && c != end) { - c++; - - /* Check for valid escaped characters in RFC 4514 in Section 3*/ - if (c + 1 < end && x509_is_char_hex(*c) && x509_is_char_hex(*(c+1))) { - hexpair = 1; - *(d++) = (x509_hex_to_int(*c) << 4) + x509_hex_to_int(*(c+1)); - c++; - } else if (c == end || !strchr(" ,=+<>#;\"\\+", *c)) { - ret = MBEDTLS_ERR_X509_INVALID_NAME; - goto exit; + if(!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { + if(!numericoid) { + if((parse_ret = parse_attribute_value_string(s, c - s, data, &data_len)) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + } + if(numericoid) { + if((parse_ret = parse_attribute_value_ber_encoded(s, c - s, data, &data_len)) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } } - } else if (!in_tag && (*c == ',' || c == end)) { mbedtls_asn1_named_data *cur = mbedtls_asn1_store_named_data(head, oid, strlen(oid), (unsigned char *) data, - d - data); - + data_len); if (cur == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; } @@ -196,22 +272,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam /* Successfully parsed one name, update ret to success */ ret = 0; } - - if (!hexpair && !in_tag && s != c + 1) { - *(d++) = *c; - - if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { - ret = MBEDTLS_ERR_X509_INVALID_NAME; - goto exit; - } - } - - hexpair = 0; c++; } - -exit: - return ret; } From b73778d8f9e191bc12b9674eef8cb484c777d68b Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 26 Jul 2023 11:55:31 +0100 Subject: [PATCH 012/125] Implement parse_attribute_value_ber_encoded Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 54 ++++++++++++++++++++++++++++++------------- 1 file changed, 38 insertions(+), 16 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 8f27cba534..de3d33fe0f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -126,20 +126,21 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, return cur; } -static const x509_attr_descriptor_t *x509_attr_descr_from_numericoid(const char *numericoid, size_t numericoid_len) +static const x509_attr_descriptor_t *x509_attr_descr_from_numericoid(const char *numericoid, + size_t numericoid_len) { const x509_attr_descriptor_t *cur; - mbedtls_asn1_buf *oid = mbedtls_calloc(1,sizeof(mbedtls_asn1_buf)); + mbedtls_asn1_buf *oid = mbedtls_calloc(1, sizeof(mbedtls_asn1_buf)); int ret; ret = mbedtls_oid_from_numeric_string(oid, numericoid, numericoid_len); - if((ret == MBEDTLS_ERR_X509_ALLOC_FAILED) || (ret == MBEDTLS_ERR_ASN1_INVALID_DATA)) { - return NULL; + if ((ret == MBEDTLS_ERR_X509_ALLOC_FAILED) || (ret == MBEDTLS_ERR_ASN1_INVALID_DATA)) { + return NULL; } for (cur = x509_attrs; cur->oid != NULL; cur++) { - if (sizeof(cur->oid) == oid->len && - strncmp(cur->oid, (const char*) oid->p, oid->len) == 0) { + if (strlen(cur->oid) == oid->len && + strncmp(cur->oid, (const char *) oid->p, oid->len) == 0) { break; } } @@ -170,13 +171,14 @@ static int hexpair_to_int(char c1, char c2) } } -static int parse_attribute_value_string(const char *s, int len, char *data, int *data_len) { +static int parse_attribute_value_string(const char *s, int len, char *data, int *data_len) +{ const char *c = s; const char *end = c + len; int hexpair = 0; char *d = data; int n; - while(c < end) { + while (c < end) { if (*c == '\\') { c++; @@ -203,7 +205,26 @@ static int parse_attribute_value_string(const char *s, int len, char *data, int return 0; } -static int parse_attribute_value_ber_encoded(const char *s, int len, char *data, int *data_len) { +static int parse_attribute_value_ber_encoded(const char *s, int len, char *data, int *data_len) +{ + const char *c = s; + const char *end = c + len; + char *d = data; + int tag, n; + if ((len < 5) || (*c != '#') || + ((tag = + hexpair_to_int(*(c+1), *(c+2))) == -1) || ((*data_len = hexpair_to_int(*(c+3), *(c+4))) == -1)) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + c += 5; + + while (c < end) { + if ((c + 1 >= end) || (n = hexpair_to_int(*c, *(c+1))) == -1) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + *(d++) = n; + c += 2; + } return 0; } @@ -240,15 +261,16 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam in_tag = 0; } - if(!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { - if(!numericoid) { - if((parse_ret = parse_attribute_value_string(s, c - s, data, &data_len)) != 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; + if (!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { + if (!numericoid) { + if ((parse_ret = parse_attribute_value_string(s, c - s, data, &data_len)) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; } } - if(numericoid) { - if((parse_ret = parse_attribute_value_ber_encoded(s, c - s, data, &data_len)) != 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; + if (numericoid) { + if ((parse_ret = + parse_attribute_value_ber_encoded(s, c - s, data, &data_len)) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; } } mbedtls_asn1_named_data *cur = From ef299d67355f15744f47e39e89649749bf73db38 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 26 Jul 2023 14:53:04 +0100 Subject: [PATCH 013/125] Add more tests for RFC 4514 Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509parse.data | 2 +- tests/suites/test_suite_x509write.data | 13 +++++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index a2a43d3823..d47ac3c6b4 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -184,7 +184,7 @@ x509_cert_info:"data_files/parse_input/server3.crt":"cert. version \: 3\nser X509 CRT information Bitstring in subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 -x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=\\007101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n rfc822Name \: client@example.com\next key usage \: TLS Web Client Authentication\n" +x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=#030B0037313031303132323535\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n rfc822Name \: client@example.com\next key usage \: TLS Web Client Authentication\n" X509 CRT information Non-ASCII string in issuer name and subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 0827f948c2..98017d6e72 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -202,11 +202,20 @@ mbedtls_x509_string_to_names:"C=NL, O=\\4F\\66\\66\\73\\70\\61\\72\\6B, OU=Polar X509 String to Names #12 (Escape ascii hexpairs lowercase encoded) mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #13 (Escape non-ascii hexpairs) +X509 String to Names #13 (Invalid hexpair escape at end of string) +mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #14 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 -X509 String to Names #14 (Invalid hexpairs) +X509 String to Names #15 (Invalid hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +X509 String to Names #16 (Accept numercoid/hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 + +X509 String to Names #17 (Accept numercoid/hexstring, output as bitstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 + Check max serial length x509_set_serial_check: From ddc720d2090b8dc4a0ad5a2f778dbde1c9ada8f5 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 26 Jul 2023 15:51:49 +0100 Subject: [PATCH 014/125] Add mbedtls_x509_dn_gets hexstring output If the data is a bitstring or an octet string, instead use the hexstring of the BER encoding (RFC 4514 Section 2.4) Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 104 ++++++++++++++++++++++++++++++++++++------------- 1 file changed, 76 insertions(+), 28 deletions(-) diff --git a/library/x509.c b/library/x509.c index b36e27a274..5298693e42 100644 --- a/library/x509.c +++ b/library/x509.c @@ -43,6 +43,10 @@ #include "mbedtls/pem.h" #endif +#if defined(MBEDTLS_ASN1_WRITE_C) +#include "mbedtls/asn1write.h" +#endif + #include "mbedtls/platform.h" #if defined(MBEDTLS_HAVE_TIME) @@ -822,11 +826,16 @@ static char nibble_to_hex_digit(int i) int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, j, n; + size_t i, j, n, asn1_len_size; + unsigned char asn1_len_buf[5]; + int asn1_len_start; + unsigned char *asn1_len_p; unsigned char c, merge = 0; const mbedtls_x509_name *name; const char *short_name = NULL; + char numericoid[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; + int is_numericoid = 0; memset(s, 0, sizeof(s)); @@ -845,43 +854,82 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; } - ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name); + is_numericoid = (name->val.tag == MBEDTLS_ASN1_BIT_STRING) || (name->val.tag == MBEDTLS_ASN1_OCTET_STRING); - if (ret == 0) { - ret = mbedtls_snprintf(p, n, "%s=", short_name); - } else { - ret = mbedtls_snprintf(p, n, "\?\?="); + if(is_numericoid) { + ret = mbedtls_oid_get_numeric_string(numericoid,MBEDTLS_X509_MAX_DN_NAME_SIZE,&name->oid); + if (ret > 0) { + ret = mbedtls_snprintf(p, n, "%s=", numericoid); + } else { + ret = mbedtls_snprintf(p, n, "\?\?="); + } + MBEDTLS_X509_SAFE_SNPRINTF; } - MBEDTLS_X509_SAFE_SNPRINTF; - - for (i = 0, j = 0; i < name->val.len; i++, j++) { - if (j >= sizeof(s) - 1) { - return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + else { + ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name); + if (ret == 0) { + ret = mbedtls_snprintf(p, n, "%s=", short_name); + } else { + ret = mbedtls_snprintf(p, n, "\?\?="); } + MBEDTLS_X509_SAFE_SNPRINTF; + } - c = name->val.p[i]; - // Special characters requiring escaping, RFC 4514 Section 2.4 - if (c) { - if (strchr(",=+<>;\"\\+", c) || - ((i == 0) && strchr("# ", c)) || - ((i == name->val.len-1) && (c == ' '))) { - if (j + 1 >= sizeof(s) - 1) { - return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; - } - s[j++] = '\\'; - } - } - if (c < 32 || c >= 127) { - if (j + 3 >= sizeof(s) - 1) { + if(is_numericoid) { + s[0] = '#'; + c = name->val.tag; + char lowbits = (c & 0x0F); + char highbits = c>>4; + s[1] = nibble_to_hex_digit(highbits); + s[2] = nibble_to_hex_digit(lowbits); + asn1_len_p = asn1_len_buf+5; + asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p,asn1_len_buf,name->val.len); + asn1_len_start = 5 - asn1_len_size; + for (i = 0, j = 3; i < asn1_len_size + name->val.len; i++, j++) { + if (j + 1 >= sizeof(s) - 1) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } - s[j++] = '\\'; + if(i < asn1_len_size) { + c = asn1_len_buf[asn1_len_start+i]; + } + else { + c = name->val.p[i-asn1_len_size]; + } char lowbits = (c & 0x0F); char highbits = c>>4; s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); - } else { - s[j] = c; + } + } else { + for (i = 0, j = 0; i < name->val.len; i++, j++) { + if (j >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + + c = name->val.p[i]; + // Special characters requiring escaping, RFC 4514 Section 2.4 + if (c) { + if (strchr(",=+<>;\"\\+", c) || + ((i == 0) && strchr("# ", c)) || + ((i == name->val.len-1) && (c == ' '))) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; + } + } + if (c < 32 || c >= 127) { + if (j + 3 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; + char lowbits = (c & 0x0F); + char highbits = c>>4; + s[j++] = nibble_to_hex_digit(highbits); + s[j] = nibble_to_hex_digit(lowbits); + } else { + s[j] = c; + } } } s[j] = '\0'; From 6cbfae591ace476615344abf08a710de6a5224c0 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 27 Jul 2023 14:34:11 +0100 Subject: [PATCH 015/125] Parse DER tag mbedtls_x509_string_to_names Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 64 +++++++++++++++++++++++++++++-------------- 1 file changed, 43 insertions(+), 21 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index de3d33fe0f..b2b6bcddaa 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -30,6 +30,10 @@ #include "mbedtls/platform.h" +#if defined(MBEDTLS_ASN1_PARSE_C) +#include "mbedtls/asn1.h" +#endif + /* Structure linking OIDs for X.509 DN AttributeTypes to their * string representations and default string encodings used by Mbed TLS. */ typedef struct { @@ -171,12 +175,12 @@ static int hexpair_to_int(char c1, char c2) } } -static int parse_attribute_value_string(const char *s, int len, char *data, int *data_len) +static int parse_attribute_value_string(const char *s, int len, unsigned char *data, size_t *data_len) { const char *c = s; const char *end = c + len; int hexpair = 0; - char *d = data; + unsigned char *d = data; int n; while (c < end) { if (*c == '\\') { @@ -205,26 +209,42 @@ static int parse_attribute_value_string(const char *s, int len, char *data, int return 0; } -static int parse_attribute_value_ber_encoded(const char *s, int len, char *data, int *data_len) +static int parse_attribute_value_ber_encoded(const char *s, int len, unsigned char *data, size_t *data_len, int *tag) { const char *c = s; const char *end = c + len; - char *d = data; - int tag, n; - if ((len < 5) || (*c != '#') || - ((tag = - hexpair_to_int(*(c+1), *(c+2))) == -1) || ((*data_len = hexpair_to_int(*(c+3), *(c+4))) == -1)) { - return MBEDTLS_ERR_X509_INVALID_NAME; - } - c += 5; - - while (c < end) { + unsigned char asn1_der_buf[256]; + unsigned char *asn1_der_end; + unsigned char *p; + unsigned char *d; + int n; + /* Converting from hexstring to raw binary so we can use asn1parse.c*/ + if ((len < 5) || (*c != '#')) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + c++; + if((*tag = hexpair_to_int(*c, *(c+1))) == -1) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + c += 2; + p = asn1_der_buf; + for (p = asn1_der_buf; c < end; c += 2) { if ((c + 1 >= end) || (n = hexpair_to_int(*c, *(c+1))) == -1) { return MBEDTLS_ERR_X509_INVALID_NAME; } - *(d++) = n; - c += 2; + *(p++) = n; } + asn1_der_end = p; + + p = asn1_der_buf; + if(mbedtls_asn1_get_len(&p, asn1_der_end, data_len) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + + for (d = data; p < asn1_der_end; p++) { + *(d++) = *p; + } + return 0; } @@ -237,9 +257,10 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam const char *oid = NULL; const x509_attr_descriptor_t *attr_descr = NULL; int in_tag = 1; + int tag; int numericoid = 0; - char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; - int data_len = 0; + unsigned char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; + size_t data_len = 0; /* Clear existing chain if present */ mbedtls_asn1_free_named_data_list(head); @@ -264,13 +285,14 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { if (!numericoid) { if ((parse_ret = parse_attribute_value_string(s, c - s, data, &data_len)) != 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; + return parse_ret; } + tag = attr_descr->default_tag; } if (numericoid) { if ((parse_ret = - parse_attribute_value_ber_encoded(s, c - s, data, &data_len)) != 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; + parse_attribute_value_ber_encoded(s, c - s, data, &data_len, &tag)) != 0) { + return parse_ret; } } mbedtls_asn1_named_data *cur = @@ -282,7 +304,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } // set tagType - cur->val.tag = attr_descr->default_tag; + cur->val.tag = tag; while (c < end && *(c + 1) == ' ') { c++; From 0eb6673a8083223bd25e55f3ce10c844a7d0ecc6 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 31 Jul 2023 16:10:07 +0100 Subject: [PATCH 016/125] Add preprocessor config guards Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 6 ++++++ library/x509_create.c | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/library/x509.c b/library/x509.c index 5298693e42..87f48207fd 100644 --- a/library/x509.c +++ b/library/x509.c @@ -876,12 +876,15 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) } if(is_numericoid) { + #if defined(MBEDTLS_ASN1_WRITE_C) s[0] = '#'; + c = name->val.tag; char lowbits = (c & 0x0F); char highbits = c>>4; s[1] = nibble_to_hex_digit(highbits); s[2] = nibble_to_hex_digit(lowbits); + asn1_len_p = asn1_len_buf+5; asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p,asn1_len_buf,name->val.len); asn1_len_start = 5 - asn1_len_size; @@ -900,6 +903,9 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); } + #else + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + #endif } else { for (i = 0, j = 0; i < name->val.len; i++, j++) { if (j >= sizeof(s) - 1) { diff --git a/library/x509_create.c b/library/x509_create.c index b2b6bcddaa..59f1905e18 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -209,6 +209,7 @@ static int parse_attribute_value_string(const char *s, int len, unsigned char *d return 0; } +#if defined(MBEDTLS_ASN1_PARSE_C) static int parse_attribute_value_ber_encoded(const char *s, int len, unsigned char *data, size_t *data_len, int *tag) { const char *c = s; @@ -247,6 +248,7 @@ static int parse_attribute_value_ber_encoded(const char *s, int len, unsigned ch return 0; } +#endif int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { @@ -290,10 +292,14 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam tag = attr_descr->default_tag; } if (numericoid) { + #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = parse_attribute_value_ber_encoded(s, c - s, data, &data_len, &tag)) != 0) { return parse_ret; } + #else + return MBEDTLS_ERR_X509_INVALID_NAME; + #endif } mbedtls_asn1_named_data *cur = mbedtls_asn1_store_named_data(head, oid, strlen(oid), From c9d74f3109633c891d8c1691117cf894a423268d Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 31 Jul 2023 17:25:44 +0100 Subject: [PATCH 017/125] Refactor AttributeType in mbedtls_x509_dn_gets Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/library/x509.c b/library/x509.c index 87f48207fd..c5eca2a78e 100644 --- a/library/x509.c +++ b/library/x509.c @@ -833,9 +833,9 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) unsigned char c, merge = 0; const mbedtls_x509_name *name; const char *short_name = NULL; - char numericoid[MBEDTLS_X509_MAX_DN_NAME_SIZE]; + char numericoid[256]; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; - int is_numericoid = 0; + int print_hexstring; memset(s, 0, sizeof(s)); @@ -854,28 +854,21 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; } - is_numericoid = (name->val.tag == MBEDTLS_ASN1_BIT_STRING) || (name->val.tag == MBEDTLS_ASN1_OCTET_STRING); + print_hexstring = (name->val.tag == MBEDTLS_ASN1_BIT_STRING) || (name->val.tag == MBEDTLS_ASN1_OCTET_STRING); - if(is_numericoid) { - ret = mbedtls_oid_get_numeric_string(numericoid,MBEDTLS_X509_MAX_DN_NAME_SIZE,&name->oid); - if (ret > 0) { + if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) { + ret = mbedtls_snprintf(p, n, "%s=", short_name); + } else { + if ((ret = mbedtls_oid_get_numeric_string(numericoid,256,&name->oid)) > 0) { ret = mbedtls_snprintf(p, n, "%s=", numericoid); + print_hexstring = 1; } else { ret = mbedtls_snprintf(p, n, "\?\?="); } - MBEDTLS_X509_SAFE_SNPRINTF; - } - else { - ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name); - if (ret == 0) { - ret = mbedtls_snprintf(p, n, "%s=", short_name); - } else { - ret = mbedtls_snprintf(p, n, "\?\?="); - } - MBEDTLS_X509_SAFE_SNPRINTF; } + MBEDTLS_X509_SAFE_SNPRINTF; - if(is_numericoid) { + if(print_hexstring) { #if defined(MBEDTLS_ASN1_WRITE_C) s[0] = '#'; From 4987c8fcb0514b5c053be595c3d02408baa73f66 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 1 Aug 2023 11:10:52 +0100 Subject: [PATCH 018/125] Fix code style on x509.c and x509_create.c Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 14 +++++----- library/x509_create.c | 59 ++++++++++++++++++++++++------------------- 2 files changed, 40 insertions(+), 33 deletions(-) diff --git a/library/x509.c b/library/x509.c index c5eca2a78e..82b5af3aad 100644 --- a/library/x509.c +++ b/library/x509.c @@ -854,12 +854,13 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; } - print_hexstring = (name->val.tag == MBEDTLS_ASN1_BIT_STRING) || (name->val.tag == MBEDTLS_ASN1_OCTET_STRING); + print_hexstring = (name->val.tag == MBEDTLS_ASN1_BIT_STRING) || + (name->val.tag == MBEDTLS_ASN1_OCTET_STRING); if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) { ret = mbedtls_snprintf(p, n, "%s=", short_name); } else { - if ((ret = mbedtls_oid_get_numeric_string(numericoid,256,&name->oid)) > 0) { + if ((ret = mbedtls_oid_get_numeric_string(numericoid, 256, &name->oid)) > 0) { ret = mbedtls_snprintf(p, n, "%s=", numericoid); print_hexstring = 1; } else { @@ -868,7 +869,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) } MBEDTLS_X509_SAFE_SNPRINTF; - if(print_hexstring) { + if (print_hexstring) { #if defined(MBEDTLS_ASN1_WRITE_C) s[0] = '#'; @@ -879,16 +880,15 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[2] = nibble_to_hex_digit(lowbits); asn1_len_p = asn1_len_buf+5; - asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p,asn1_len_buf,name->val.len); + asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p, asn1_len_buf, name->val.len); asn1_len_start = 5 - asn1_len_size; for (i = 0, j = 3; i < asn1_len_size + name->val.len; i++, j++) { if (j + 1 >= sizeof(s) - 1) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } - if(i < asn1_len_size) { + if (i < asn1_len_size) { c = asn1_len_buf[asn1_len_start+i]; - } - else { + } else { c = name->val.p[i-asn1_len_size]; } char lowbits = (c & 0x0F); diff --git a/library/x509_create.c b/library/x509_create.c index 59f1905e18..80beff2dfe 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -175,7 +175,10 @@ static int hexpair_to_int(char c1, char c2) } } -static int parse_attribute_value_string(const char *s, int len, unsigned char *data, size_t *data_len) +static int parse_attribute_value_string(const char *s, + int len, + unsigned char *data, + size_t *data_len) { const char *c = s; const char *end = c + len; @@ -210,41 +213,45 @@ static int parse_attribute_value_string(const char *s, int len, unsigned char *d } #if defined(MBEDTLS_ASN1_PARSE_C) -static int parse_attribute_value_ber_encoded(const char *s, int len, unsigned char *data, size_t *data_len, int *tag) +static int parse_attribute_value_ber_encoded(const char *s, + int len, + unsigned char *data, + size_t *data_len, + int *tag) { const char *c = s; const char *end = c + len; unsigned char asn1_der_buf[256]; - unsigned char *asn1_der_end; - unsigned char *p; + unsigned char *asn1_der_end; + unsigned char *p; unsigned char *d; int n; - /* Converting from hexstring to raw binary so we can use asn1parse.c*/ - if ((len < 5) || (*c != '#')) { - return MBEDTLS_ERR_X509_INVALID_NAME; - } - c++; - if((*tag = hexpair_to_int(*c, *(c+1))) == -1) { - return MBEDTLS_ERR_X509_INVALID_NAME; - } - c += 2; - p = asn1_der_buf; + /* Converting from hexstring to raw binary so we can use asn1parse.c*/ + if ((len < 5) || (*c != '#')) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + c++; + if ((*tag = hexpair_to_int(*c, *(c+1))) == -1) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + c += 2; + p = asn1_der_buf; for (p = asn1_der_buf; c < end; c += 2) { if ((c + 1 >= end) || (n = hexpair_to_int(*c, *(c+1))) == -1) { return MBEDTLS_ERR_X509_INVALID_NAME; } *(p++) = n; } - asn1_der_end = p; + asn1_der_end = p; - p = asn1_der_buf; - if(mbedtls_asn1_get_len(&p, asn1_der_end, data_len) != 0) { - return MBEDTLS_ERR_X509_INVALID_NAME; - } + p = asn1_der_buf; + if (mbedtls_asn1_get_len(&p, asn1_der_end, data_len) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } - for (d = data; p < asn1_der_end; p++) { - *(d++) = *p; - } + for (d = data; p < asn1_der_end; p++) { + *(d++) = *p; + } return 0; } @@ -292,14 +299,14 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam tag = attr_descr->default_tag; } if (numericoid) { - #if defined(MBEDTLS_ASN1_PARSE_C) + #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = parse_attribute_value_ber_encoded(s, c - s, data, &data_len, &tag)) != 0) { return parse_ret; } - #else - return MBEDTLS_ERR_X509_INVALID_NAME; - #endif + #else + return MBEDTLS_ERR_X509_INVALID_NAME; + #endif } mbedtls_asn1_named_data *cur = mbedtls_asn1_store_named_data(head, oid, strlen(oid), From 47cc76f0705ef1fac821c7dccc8f59c74c621c91 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 2 Aug 2023 14:12:44 +0100 Subject: [PATCH 019/125] Update x509 test for numericoid/hexstring output Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509parse.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index d47ac3c6b4..b154db924f 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -2381,7 +2381,7 @@ x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b05003 X509 CRT ASN1 (Name with composite RDN) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 -x509parse_crt:"3082029f30820208a00302010202044c20e3bd300d06092a864886f70d01010505003056310b3009060355040613025553310b300906035504080c0243413121301f060355040a0c18496e7465726e6574205769646769747320507479204c74643117301506035504030c0e4672616e6b656e63657274204341301e170d3133303830323135313433375a170d3135303831373035353433315a3081d1310b3009060355040613025553311330110603550408130a57617368696e67746f6e31133011060b2b0601040182373c0201031302555331193017060b2b0601040182373c020102130844656c6177617265311a3018060355040a1311417574686f72697a652e4e6574204c4c43311d301b060355040f131450726976617465204f7267616e697a6174696f6e312a300e06035504051307343336393139313018060355040313117777772e617574686f72697a652e6e6574311630140603550407130d53616e204672616e636973636f30819f300d06092a864886f70d010101050003818d0030818902818100d885c62e209b6ac005c64f0bcfdaac1f2b67a18802f75b08851ff933deed888b7b68a62fcabdb21d4a8914becfeaaa1b7e08a09ffaf9916563586dc95e2877262b0b5f5ec27eb4d754aa6facd1d39d25b38a2372891bacdd3e919f791ed25704e8920e380e5623a38e6a23935978a3aec7a8e761e211d42effa2713e44e7de0b0203010001300d06092a864886f70d010105050003818100092f7424d3f6da4b8553829d958ed1980b9270b42c0d3d5833509a28c66bb207df9f3c51d122065e00b87c08c2730d2745fe1c279d16fae4d53b4bf5bdfa3631fceeb2e772b6b08a3eca5a2e2c687aefd23b4b73bf77ac6099711342cf070b35c6f61333a7cbf613d8dd4bd73e9df34bcd4284b0b4df57c36c450613f11e5dac":"cert. version \: 3\nserial number \: 4C\:20\:E3\:BD\nissuer name \: C=US, ST=CA, O=Internet Widgits Pty Ltd, CN=Frankencert CA\nsubject name \: C=US, ST=Washington, ??=US, ??=Delaware, O=Authorize.Net LLC, ??=Private Organization, serialNumber=4369191 + CN=www.authorize.net, L=San Francisco\nissued on \: 2013-08-02 15\:14\:37\nexpires on \: 2015-08-17 05\:54\:31\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\n":0 +x509parse_crt:"3082029f30820208a00302010202044c20e3bd300d06092a864886f70d01010505003056310b3009060355040613025553310b300906035504080c0243413121301f060355040a0c18496e7465726e6574205769646769747320507479204c74643117301506035504030c0e4672616e6b656e63657274204341301e170d3133303830323135313433375a170d3135303831373035353433315a3081d1310b3009060355040613025553311330110603550408130a57617368696e67746f6e31133011060b2b0601040182373c0201031302555331193017060b2b0601040182373c020102130844656c6177617265311a3018060355040a1311417574686f72697a652e4e6574204c4c43311d301b060355040f131450726976617465204f7267616e697a6174696f6e312a300e06035504051307343336393139313018060355040313117777772e617574686f72697a652e6e6574311630140603550407130d53616e204672616e636973636f30819f300d06092a864886f70d010101050003818d0030818902818100d885c62e209b6ac005c64f0bcfdaac1f2b67a18802f75b08851ff933deed888b7b68a62fcabdb21d4a8914becfeaaa1b7e08a09ffaf9916563586dc95e2877262b0b5f5ec27eb4d754aa6facd1d39d25b38a2372891bacdd3e919f791ed25704e8920e380e5623a38e6a23935978a3aec7a8e761e211d42effa2713e44e7de0b0203010001300d06092a864886f70d010105050003818100092f7424d3f6da4b8553829d958ed1980b9270b42c0d3d5833509a28c66bb207df9f3c51d122065e00b87c08c2730d2745fe1c279d16fae4d53b4bf5bdfa3631fceeb2e772b6b08a3eca5a2e2c687aefd23b4b73bf77ac6099711342cf070b35c6f61333a7cbf613d8dd4bd73e9df34bcd4284b0b4df57c36c450613f11e5dac":"cert. version \: 3\nserial number \: 4C\:20\:E3\:BD\nissuer name \: C=US, ST=CA, O=Internet Widgits Pty Ltd, CN=Frankencert CA\nsubject name \: C=US, ST=Washington, 1.3.6.1.4.1.311.60.2.1.3=#13025553, 1.3.6.1.4.1.311.60.2.1.2=#130844656C6177617265, O=Authorize.Net LLC, 2.5.4.15=#131450726976617465204F7267616E697A6174696F6E, serialNumber=4369191 + CN=www.authorize.net, L=San Francisco\nissued on \: 2013-08-02 15\:14\:37\nexpires on \: 2015-08-17 05\:54\:31\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\n":0 X509 CRT ASN1 (Name with PKCS9 email) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 From 0a4b6d88d0367b5cd24171285810f42cfa5bb87c Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 2 Aug 2023 15:05:57 +0100 Subject: [PATCH 020/125] Alter conditions on hexstring output dn_gets Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/x509.c b/library/x509.c index 82b5af3aad..ee1dc704ea 100644 --- a/library/x509.c +++ b/library/x509.c @@ -854,8 +854,9 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; } - print_hexstring = (name->val.tag == MBEDTLS_ASN1_BIT_STRING) || - (name->val.tag == MBEDTLS_ASN1_OCTET_STRING); + print_hexstring = (name->val.tag != MBEDTLS_ASN1_UTF8_STRING) && + (name->val.tag != MBEDTLS_ASN1_PRINTABLE_STRING) && + (name->val.tag != MBEDTLS_ASN1_IA5_STRING); if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) { ret = mbedtls_snprintf(p, n, "%s=", short_name); From a1f5c2d06fa15daf89d26934d4813db2b6c613a2 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 2 Aug 2023 17:08:52 +0100 Subject: [PATCH 021/125] Move declaration of variables in dn_gets to top Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/library/x509.c b/library/x509.c index ee1dc704ea..f3f3c87730 100644 --- a/library/x509.c +++ b/library/x509.c @@ -833,6 +833,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) unsigned char c, merge = 0; const mbedtls_x509_name *name; const char *short_name = NULL; + char lowbits, highbits; char numericoid[256]; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; int print_hexstring; @@ -875,8 +876,8 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[0] = '#'; c = name->val.tag; - char lowbits = (c & 0x0F); - char highbits = c>>4; + lowbits = (c & 0x0F); + highbits = c>>4; s[1] = nibble_to_hex_digit(highbits); s[2] = nibble_to_hex_digit(lowbits); @@ -892,8 +893,8 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) } else { c = name->val.p[i-asn1_len_size]; } - char lowbits = (c & 0x0F); - char highbits = c>>4; + lowbits = (c & 0x0F); + highbits = c>>4; s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); } @@ -923,8 +924,8 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } s[j++] = '\\'; - char lowbits = (c & 0x0F); - char highbits = c>>4; + lowbits = (c & 0x0F); + highbits = c>>4; s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); } else { From f818e01edbff211227fa6aafa3e87db0f82a564c Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 3 Aug 2023 14:37:50 +0100 Subject: [PATCH 022/125] FIx memory leak in x509_attr_descr_from_numericoid; Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/x509_create.c b/library/x509_create.c index 80beff2dfe..8ce3584aee 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -150,6 +150,7 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_numericoid(const char } mbedtls_free(oid->p); + mbedtls_free(oid); if (cur->oid == NULL) { return NULL; } From 39ba121d3a73d8987e6d5010fd9aab5967aac907 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 3 Aug 2023 16:00:15 +0100 Subject: [PATCH 023/125] Fix memory leak in alternative code route If no oid is found, and x509_attr_descr_from_numericoid returns NULL, previously the memory allocated for the oid wasn't freed. Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 8ce3584aee..dd47748ece 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -139,6 +139,8 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_numericoid(const char ret = mbedtls_oid_from_numeric_string(oid, numericoid, numericoid_len); if ((ret == MBEDTLS_ERR_X509_ALLOC_FAILED) || (ret == MBEDTLS_ERR_ASN1_INVALID_DATA)) { + mbedtls_free(oid->p); + mbedtls_free(oid); return NULL; } From 7f639fc7ab054d13d672d13b12102d089772577c Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 4 Aug 2023 14:57:36 +0100 Subject: [PATCH 024/125] Fix Windows x64 build errors with type conversions Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 3 +-- library/x509_create.c | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/library/x509.c b/library/x509.c index f3f3c87730..8145fb815d 100644 --- a/library/x509.c +++ b/library/x509.c @@ -826,9 +826,8 @@ static char nibble_to_hex_digit(int i) int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, j, n, asn1_len_size; + size_t i, j, n, asn1_len_size, asn1_len_start; unsigned char asn1_len_buf[5]; - int asn1_len_start; unsigned char *asn1_len_p; unsigned char c, merge = 0; const mbedtls_x509_name *name; diff --git a/library/x509_create.c b/library/x509_create.c index dd47748ece..6d11529f9a 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -296,7 +296,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { if (!numericoid) { - if ((parse_ret = parse_attribute_value_string(s, c - s, data, &data_len)) != 0) { + if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { return parse_ret; } tag = attr_descr->default_tag; @@ -304,7 +304,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (numericoid) { #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = - parse_attribute_value_ber_encoded(s, c - s, data, &data_len, &tag)) != 0) { + parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { return parse_ret; } #else From 97178f231facf559991b6667a7ead953eb21e35e Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 7 Aug 2023 12:19:43 +0100 Subject: [PATCH 025/125] Fix code style in mbedtls_x509_string_to_names Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 6d11529f9a..b82c9973d5 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -296,7 +296,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { if (!numericoid) { - if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { + if ((parse_ret = + parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { return parse_ret; } tag = attr_descr->default_tag; @@ -304,7 +305,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (numericoid) { #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = - parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { + parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, + &tag)) != 0) { return parse_ret; } #else From ed88eefe8e72844671ddd608254480e1516730a8 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 13:51:38 +0100 Subject: [PATCH 026/125] Rename in_tag to in_attr_type Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index b82c9973d5..2c91e784d3 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -268,7 +268,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam const char *end = s + strlen(s); const char *oid = NULL; const x509_attr_descriptor_t *attr_descr = NULL; - int in_tag = 1; + int in_attr_type = 1; int tag; int numericoid = 0; unsigned char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; @@ -278,7 +278,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam mbedtls_asn1_free_named_data_list(head); while (c <= end) { - if (in_tag && *c == '=') { + if (in_attr_type && *c == '=') { if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { if ((attr_descr = x509_attr_descr_from_numericoid(s, c - s)) == NULL) { return MBEDTLS_ERR_X509_UNKNOWN_OID; @@ -291,10 +291,10 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam oid = attr_descr->oid; s = c + 1; - in_tag = 0; + in_attr_type = 0; } - if (!in_tag && ((*c == ',' && *(c-1) != '\\') || c == end)) { + if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { if (!numericoid) { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { @@ -329,7 +329,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } s = c + 1; - in_tag = 1; + in_attr_type = 1; /* Successfully parsed one name, update ret to success */ ret = 0; From ee642d93a8d97876ff5fd1b31efb2b37fca07cfc Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 14:08:27 +0100 Subject: [PATCH 027/125] Format preprocessor conditionals Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 6 +++--- library/x509_create.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/x509.c b/library/x509.c index 8145fb815d..85aaf06e9f 100644 --- a/library/x509.c +++ b/library/x509.c @@ -871,7 +871,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; if (print_hexstring) { - #if defined(MBEDTLS_ASN1_WRITE_C) +#if defined(MBEDTLS_ASN1_WRITE_C) s[0] = '#'; c = name->val.tag; @@ -897,9 +897,9 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); } - #else +#else return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; - #endif +#endif } else { for (i = 0, j = 0; i < name->val.len; i++, j++) { if (j >= sizeof(s) - 1) { diff --git a/library/x509_create.c b/library/x509_create.c index 2c91e784d3..e673be6d06 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -303,15 +303,15 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam tag = attr_descr->default_tag; } if (numericoid) { - #if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { return parse_ret; } - #else +#else return MBEDTLS_ERR_X509_INVALID_NAME; - #endif +#endif } mbedtls_asn1_named_data *cur = mbedtls_asn1_store_named_data(head, oid, strlen(oid), From e18a1789fd80f4c0501e57a91c282cf6db024e07 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 14:12:28 +0100 Subject: [PATCH 028/125] Use MBEDTLS_X509_MAX_DN_NAME_SIZE for buffer size Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index e673be6d06..a666e2d22f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -224,10 +224,10 @@ static int parse_attribute_value_ber_encoded(const char *s, { const char *c = s; const char *end = c + len; - unsigned char asn1_der_buf[256]; + unsigned char asn1_der_buf[MBEDTLS_X509_MAX_DN_NAME_SIZE]; unsigned char *asn1_der_end; unsigned char *p; - unsigned char *d; + unsigned char *d = data; int n; /* Converting from hexstring to raw binary so we can use asn1parse.c*/ if ((len < 5) || (*c != '#')) { @@ -252,8 +252,8 @@ static int parse_attribute_value_ber_encoded(const char *s, return MBEDTLS_ERR_X509_INVALID_NAME; } - for (d = data; p < asn1_der_end; p++) { - *(d++) = *p; + while (p < asn1_der_end) { + *(d++) = *(p++); } return 0; From 2bf09a61a34e0ef50f77845300f149323cc52db8 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 14:37:00 +0100 Subject: [PATCH 029/125] Fix style on left shift operations Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/x509.c b/library/x509.c index 85aaf06e9f..f44860bfef 100644 --- a/library/x509.c +++ b/library/x509.c @@ -876,7 +876,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) c = name->val.tag; lowbits = (c & 0x0F); - highbits = c>>4; + highbits = c >> 4; s[1] = nibble_to_hex_digit(highbits); s[2] = nibble_to_hex_digit(lowbits); @@ -893,7 +893,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) c = name->val.p[i-asn1_len_size]; } lowbits = (c & 0x0F); - highbits = c>>4; + highbits = c >> 4; s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); } @@ -924,7 +924,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) } s[j++] = '\\'; lowbits = (c & 0x0F); - highbits = c>>4; + highbits = c >> 4; s[j++] = nibble_to_hex_digit(highbits); s[j] = nibble_to_hex_digit(lowbits); } else { From 5adffb24882e69c8950963b5a27f7a5df884361e Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 15:50:57 +0100 Subject: [PATCH 030/125] Refactor dn_gets use library function to write tag Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/library/x509.c b/library/x509.c index f44860bfef..e2bb2fd9ca 100644 --- a/library/x509.c +++ b/library/x509.c @@ -826,8 +826,8 @@ static char nibble_to_hex_digit(int i) int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, j, n, asn1_len_size, asn1_len_start; - unsigned char asn1_len_buf[5]; + size_t i, j, n, asn1_len_size, asn1_tag_size, asn1_tag_len_buf_start; + unsigned char asn1_tag_len_buf[10]; unsigned char *asn1_len_p; unsigned char c, merge = 0; const mbedtls_x509_name *name; @@ -874,28 +874,29 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) #if defined(MBEDTLS_ASN1_WRITE_C) s[0] = '#'; - c = name->val.tag; - lowbits = (c & 0x0F); - highbits = c >> 4; - s[1] = nibble_to_hex_digit(highbits); - s[2] = nibble_to_hex_digit(lowbits); - - asn1_len_p = asn1_len_buf+5; - asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p, asn1_len_buf, name->val.len); - asn1_len_start = 5 - asn1_len_size; - for (i = 0, j = 3; i < asn1_len_size + name->val.len; i++, j++) { + asn1_len_p = asn1_tag_len_buf + 10; + asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len); + asn1_tag_size = mbedtls_asn1_write_tag(&asn1_len_p,asn1_tag_len_buf,name->val.tag); + asn1_tag_len_buf_start = 10 - asn1_len_size - asn1_tag_size; + for (i = 0, j = 1; i < asn1_len_size + asn1_tag_size; i++) { if (j + 1 >= sizeof(s) - 1) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } - if (i < asn1_len_size) { - c = asn1_len_buf[asn1_len_start+i]; - } else { - c = name->val.p[i-asn1_len_size]; - } + c = asn1_tag_len_buf[asn1_tag_len_buf_start+i]; lowbits = (c & 0x0F); highbits = c >> 4; s[j++] = nibble_to_hex_digit(highbits); - s[j] = nibble_to_hex_digit(lowbits); + s[j++] = nibble_to_hex_digit(lowbits); + } + for (i = 0; i < name->val.len; i++) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + c = name->val.p[i]; + lowbits = (c & 0x0F); + highbits = c >> 4; + s[j++] = nibble_to_hex_digit(highbits); + s[j++] = nibble_to_hex_digit(lowbits); } #else return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; From 5ca98485138e48e69d9da92e9484ca67502884d3 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 16:01:03 +0100 Subject: [PATCH 031/125] Reword test in test_suite_x509write Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 98017d6e72..490df804d9 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -214,7 +214,7 @@ mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X X509 String to Names #16 (Accept numercoid/hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #17 (Accept numercoid/hexstring, output as bitstring) +X509 String to Names #17 (Output attributetype as bitstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 Check max serial length From a7f96309255ebf97d0ff3263eec7537a92c04cc1 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 16:03:27 +0100 Subject: [PATCH 032/125] Remove duplicate '+' in comparison string Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 2 +- library/x509_create.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/x509.c b/library/x509.c index e2bb2fd9ca..b487b43cf5 100644 --- a/library/x509.c +++ b/library/x509.c @@ -910,7 +910,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) c = name->val.p[i]; // Special characters requiring escaping, RFC 4514 Section 2.4 if (c) { - if (strchr(",=+<>;\"\\+", c) || + if (strchr(",=+<>;\"\\", c) || ((i == 0) && strchr("# ", c)) || ((i == name->val.len-1) && (c == ' '))) { if (j + 1 >= sizeof(s) - 1) { diff --git a/library/x509_create.c b/library/x509_create.c index a666e2d22f..4c5261113e 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -197,7 +197,7 @@ static int parse_attribute_value_string(const char *s, hexpair = 1; *(d++) = n; c++; - } else if (c == end || !strchr(" ,=+<>#;\"\\+", *c)) { + } else if (c == end || !strchr(" ,=+<>#;\"\\", *c)) { return MBEDTLS_ERR_X509_INVALID_NAME; } } From af70c7dce772076cfa17c0d07c266fae8919a913 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Thu, 10 Aug 2023 16:39:23 +0100 Subject: [PATCH 033/125] Write numeric oid directly to buffer mbedtls_oid_get_numeric_string now points to output buffer in dn_gets Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/x509.c b/library/x509.c index b487b43cf5..74b2fd6a12 100644 --- a/library/x509.c +++ b/library/x509.c @@ -833,7 +833,6 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) const mbedtls_x509_name *name; const char *short_name = NULL; char lowbits, highbits; - char numericoid[256]; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; int print_hexstring; @@ -861,8 +860,9 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) { ret = mbedtls_snprintf(p, n, "%s=", short_name); } else { - if ((ret = mbedtls_oid_get_numeric_string(numericoid, 256, &name->oid)) > 0) { - ret = mbedtls_snprintf(p, n, "%s=", numericoid); + if ((ret = mbedtls_oid_get_numeric_string(p, n, &name->oid)) > 0) { + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_snprintf(p, n, "="); print_hexstring = 1; } else { ret = mbedtls_snprintf(p, n, "\?\?="); From f88bd5ac8657302a42b7c12223aaaaa480b3dde5 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 11 Aug 2023 11:48:26 +0100 Subject: [PATCH 034/125] Accept any valid oid in string_to_names Instead of using x509_attrs, use generic oid conversion. Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 43 +++++++++++++++++++------------------------ 1 file changed, 19 insertions(+), 24 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 4c5261113e..6483b39d3d 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -130,34 +130,27 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, return cur; } -static const x509_attr_descriptor_t *x509_attr_descr_from_numericoid(const char *numericoid, +static char *x509_oid_from_numericoid(const char *numericoid, size_t numericoid_len) { - const x509_attr_descriptor_t *cur; - mbedtls_asn1_buf *oid = mbedtls_calloc(1, sizeof(mbedtls_asn1_buf)); + char *oid; + mbedtls_asn1_buf *oid_buf = mbedtls_calloc(1, sizeof(mbedtls_asn1_buf)); int ret; - ret = mbedtls_oid_from_numeric_string(oid, numericoid, numericoid_len); - if ((ret == MBEDTLS_ERR_X509_ALLOC_FAILED) || (ret == MBEDTLS_ERR_ASN1_INVALID_DATA)) { - mbedtls_free(oid->p); - mbedtls_free(oid); - return NULL; - } - - for (cur = x509_attrs; cur->oid != NULL; cur++) { - if (strlen(cur->oid) == oid->len && - strncmp(cur->oid, (const char *) oid->p, oid->len) == 0) { - break; + ret = mbedtls_oid_from_numeric_string(oid_buf, numericoid, numericoid_len); + if (ret != 0) { + if(ret != MBEDTLS_ERR_ASN1_ALLOC_FAILED) { + mbedtls_free(oid_buf->p); } - } - - mbedtls_free(oid->p); - mbedtls_free(oid); - if (cur->oid == NULL) { + mbedtls_free(oid_buf); return NULL; } - - return cur; + oid = calloc(1, oid_buf->len + 1); + memcpy(oid, oid_buf->p, oid_buf->len); + oid[oid_buf->len + 1] = '\0'; + mbedtls_free(oid_buf->p); + mbedtls_free(oid_buf); + return oid; } static int hex_to_int(char c) @@ -266,7 +259,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam int parse_ret = 0; const char *s = name, *c = s; const char *end = s + strlen(s); - const char *oid = NULL; + char *oid = NULL; const x509_attr_descriptor_t *attr_descr = NULL; int in_attr_type = 1; int tag; @@ -280,16 +273,17 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam while (c <= end) { if (in_attr_type && *c == '=') { if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { - if ((attr_descr = x509_attr_descr_from_numericoid(s, c - s)) == NULL) { + if ((oid = x509_oid_from_numericoid(s, c - s)) == NULL) { return MBEDTLS_ERR_X509_UNKNOWN_OID; } else { numericoid = 1; } } else { + oid = malloc(strlen(attr_descr->oid)); + strcpy(oid,attr_descr->oid); numericoid = 0; } - oid = attr_descr->oid; s = c + 1; in_attr_type = 0; } @@ -317,6 +311,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam mbedtls_asn1_store_named_data(head, oid, strlen(oid), (unsigned char *) data, data_len); + mbedtls_free(oid); if (cur == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; } From e59dedbce218c80e519fdddd385536c622f8b094 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 11 Aug 2023 12:07:55 +0100 Subject: [PATCH 035/125] Add test reject null characters in string to names Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 490df804d9..77ac53a0e0 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -205,16 +205,19 @@ mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=Polar X509 String to Names #13 (Invalid hexpair escape at end of string) mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #14 (Escape non-ascii hexpairs) +X509 String to Names #14 (Reject escaped null hexpair) +mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #15 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 -X509 String to Names #15 (Invalid hexpairs) +X509 String to Names #16 (Invalid hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #16 (Accept numercoid/hexstring) +X509 String to Names #17 (Accept numercoid/hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #17 (Output attributetype as bitstring) +X509 String to Names #18 (Output attributetype as bitstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 Check max serial length From afdb187bbc46930b6c798b52f629eb6e5841e398 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 11 Aug 2023 12:41:33 +0100 Subject: [PATCH 036/125] Add more comprehensive string to name tests Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 77ac53a0e0..23a05966c6 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -170,7 +170,7 @@ X509 String to Names #1 mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0 X509 String to Names #2 -mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID +mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME X509 String to Names #3 (Name precisely 255 bytes) mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0 @@ -208,16 +208,22 @@ mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarS X509 String to Names #14 (Reject escaped null hexpair) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #15 (Escape non-ascii hexpairs) -mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 - -X509 String to Names #16 (Invalid hexpairs) +X509 String to Names #15 (Invalid hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #17 (Accept numercoid/hexstring) +X509 String to Names #16 (Accept numercoid/hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #18 (Output attributetype as bitstring) +X509 String to Names #17 (Odd length hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #18 (Invalid OID) +mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #19 (Escape non-ascii hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 + +X509 String to Names #20 (Output attributetype as bitstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 Check max serial length From 17984874afd3d27f06a5eb64fd8672878a748906 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 11 Aug 2023 12:42:03 +0100 Subject: [PATCH 037/125] Change error from unknown oid to invalid name Since the implementation no longer needs to know the oid, it makes more sense for the error message to be an invalid name. Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index 6483b39d3d..99115c450e 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -274,7 +274,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (in_attr_type && *c == '=') { if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { if ((oid = x509_oid_from_numericoid(s, c - s)) == NULL) { - return MBEDTLS_ERR_X509_UNKNOWN_OID; + return MBEDTLS_ERR_X509_INVALID_NAME; } else { numericoid = 1; } From 957ca0595d616e40af40b17e378281e8e8807295 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 11 Aug 2023 14:58:14 +0100 Subject: [PATCH 038/125] Accept short name/ber encoded data in DNs Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 25 +++++++++++++++++-------- tests/suites/test_suite_x509write.data | 5 ++++- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 99115c450e..6ce15f9fe7 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -289,6 +289,22 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { +#if defined(MBEDTLS_ASN1_PARSE_C) + if ((parse_ret = + parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, + &tag)) != 0) { + if(numericoid) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + else { + if ((parse_ret = + parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { + return parse_ret; + } + tag = attr_descr->default_tag; + } + } +#else if (!numericoid) { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { @@ -297,16 +313,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam tag = attr_descr->default_tag; } if (numericoid) { -#if defined(MBEDTLS_ASN1_PARSE_C) - if ((parse_ret = - parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, - &tag)) != 0) { - return parse_ret; - } -#else return MBEDTLS_ERR_X509_INVALID_NAME; -#endif } +#endif mbedtls_asn1_named_data *cur = mbedtls_asn1_store_named_data(head, oid, strlen(oid), (unsigned char *) data, diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 23a05966c6..814f8f70c1 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -218,7 +218,10 @@ X509 String to Names #17 (Odd length hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME X509 String to Names #18 (Invalid OID) -mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #18 (short name and hexstring) +mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 X509 String to Names #19 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 From a953f8ab3642ccb61c2f65e73b02aafbf44cb3ae Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 10:49:26 +0100 Subject: [PATCH 039/125] Remove duplicate test in test_suite_x509write The test for outputing a hexstring representation is actually testing dn_gets, and is tested in test_suite_x509parse. Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 814f8f70c1..880172c1fa 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -226,8 +226,5 @@ mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, X509 String to Names #19 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 -X509 String to Names #20 (Output attributetype as bitstring) -mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 - Check max serial length x509_set_serial_check: From a0ba8aab2e5dac2ae81ac217216d59eaf812a015 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 10:58:08 +0100 Subject: [PATCH 040/125] Add test for non ascii x509 subject name Signed-off-by: Agathiyan Bragadeesh --- tests/data_files/Makefile | 7 ++++++- tests/data_files/server1.asciichars.crt | 20 ++++++++++++++++++++ tests/suites/test_suite_x509parse.data | 4 ++++ 3 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 tests/data_files/server1.asciichars.crt diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 2009ad6699..c41b559a17 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1446,6 +1446,9 @@ parse_input/server1.req.hashsymbol.sha256: server1.key parse_input/server1.req.spaces.sha256: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O= PolarSSL ,CN=PolarSSL Server 1" md=SHA256 + +parse_input/server1.req.asciichars.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=极地SSL,CN=PolarSSL Server 1" md=SHA256 # server2* server2_pwd_ec = PolarSSLTest @@ -1599,7 +1602,9 @@ server1.hashsymbol.crt: server1.key parse_input/server1.req.hashsymbol.sha256 $( $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.hashsymbol.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ server1.spaces.crt: server1.key parse_input/server1.req.spaces.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.spaces.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ -all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt server1.hashsymbol.crt server1.spaces.crt +server1.asciichars.crt: server1.key parse_input/server1.req.asciichars.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.asciichars.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt server1.hashsymbol.crt server1.spaces.crt server1.asciichars.crt parse_input/server1.key_usage.crt: parse_input/server1.req.sha256 server1.key_usage.crt: server1.req.sha256 diff --git a/tests/data_files/server1.asciichars.crt b/tests/data_files/server1.asciichars.crt new file mode 100644 index 0000000000..824e46e06c --- /dev/null +++ b/tests/data_files/server1.asciichars.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDESMBAG +A1UECgwJ5p6B5ZywU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAHqJLYmgkQ6yqml3PZM6iwbmo+lZLyDEPFpl/thHZm5LI8TTYOeU+wMAZ6KI +VumyjZxypmLF2MiiJ2f3zQooU7H1waAcTpsafTuD6RRYdthYYxs1L9gCm1ZT2Ga8 +fgn3wrugPLUrtSM/TkTj6F4XkSlluzZpEKsSYLSoyde+uQgdbtR+3Tc+3oU8xBMM +N6uq4VQC49avIQkI+598E3vKrjGGt3l2a1Ts1qvXWjo9mpJW5GM4e1zfogKnc8XQ +K1hYQ39wL42l9Hijwre85O0PSBfbNOv1BPSDm8das3VNzGsUIz8InkAKAKCKwxG6 +BCw3D/CE8s6DCnpb+eK1sVJwZ4E= +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index b154db924f..e1db7178b3 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -455,6 +455,10 @@ X509 Get Distinguished Name #7 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets:"data_files/server1.spaces.crt":"subject":"C=NL, O=\\ PolarSSL\\ , CN=PolarSSL Server 1" +X509 Get Distinguished Name #8 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.asciichars.crt":"subject":"C=NL, O=\\E6\\9E\\81\\E5\\9C\\B0SSL, CN=PolarSSL Server 1" + X509 Get Modified DN #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"Modified":"C=NL, O=Modified, CN=PolarSSL Server 1":0 From cab79188ca063d79e6cb8bd429e0ad6a2e3b9263 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 10:59:36 +0100 Subject: [PATCH 041/125] Remove redundant tests in test_suite_x509write Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 28 ++++++++++---------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 880172c1fa..fb0abd4a5f 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -187,43 +187,37 @@ mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NA X509 String to Names #7 (Invalid, no '=' or ',') mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #8 (Escape valid characters) +X509 String to Names #8 (Escaped valid characters) mbedtls_x509_string_to_names:"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":0 -X509 String to Names #9 (Escape '#' at beginning of string) -mbedtls_x509_string_to_names:"C=NL, O=#Offspark#, OU=PolarSSL":"C=NL, O=\\#Offspark#, OU=PolarSSL":0 - -X509 String to Names #10 (Escape ' ' at beginning and end of string) -mbedtls_x509_string_to_names:"C=NL, O= Off spark , OU=PolarSSL":"C=NL, O=\\ Off spark\\ , OU=PolarSSL":0 - -X509 String to Names #11 (Escape ascii hexpairs uppercase encoded) +X509 String to Names #9 (Escaped ascii hexpairs uppercase encoded) mbedtls_x509_string_to_names:"C=NL, O=\\4F\\66\\66\\73\\70\\61\\72\\6B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #12 (Escape ascii hexpairs lowercase encoded) +X509 String to Names #10 (Escaped ascii hexpairs lowercase encoded) mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #13 (Invalid hexpair escape at end of string) +X509 String to Names #11 (Invalid hexpair escape at end of string) mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #14 (Reject escaped null hexpair) +X509 String to Names #12 (Reject escaped null hexpair) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #15 (Invalid hexpairs) +X509 String to Names #13 (Invalid hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #16 (Accept numercoid/hexstring) +X509 String to Names #14 (Accept numercoid/hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #17 (Odd length hexstring) +X509 String to Names #15 (Odd length hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #18 (Invalid OID) +X509 String to Names #16 (Invalid OID) mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #18 (short name and hexstring) +X509 String to Names #17 (short name and hexstring) mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #19 (Escape non-ascii hexpairs) +X509 String to Names #18 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 Check max serial length From bdf20a0d555e50077d8cc83cf506d7b0913f5576 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 15:26:03 +0100 Subject: [PATCH 042/125] Alter MBEDTLS_ASN1_IS_STRING_TAG macro Signed-off-by: Agathiyan Bragadeesh --- include/mbedtls/asn1.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 002c8dee06..6dfc551cc2 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -103,8 +103,7 @@ (1u << MBEDTLS_ASN1_T61_STRING) | \ (1u << MBEDTLS_ASN1_IA5_STRING) | \ (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ - (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \ - (1u << MBEDTLS_ASN1_BIT_STRING))) != 0)) + (1u << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0)) /* * Bit masks for each of the components of an ASN.1 tag as specified in From 01e9392c3f28f3055e45a07f9f7c322283388d9f Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 15:29:49 +0100 Subject: [PATCH 043/125] Add malformatted DER test for string_to_names Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index fb0abd4a5f..7b8d083ccc 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -208,16 +208,19 @@ mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X X509 String to Names #14 (Accept numercoid/hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #15 (Odd length hexstring) +X509 String to Names #15 (Odd length DER hexstring) mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #16 (Invalid OID) +X509 String to Names #16 (Length mismatch DER hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C0B4F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #17 (Invalid OID) mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME -X509 String to Names #17 (short name and hexstring) +X509 String to Names #18 (short name and hexstring) mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #18 (Escape non-ascii hexpairs) +X509 String to Names #19 (Escape non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 Check max serial length From 9caaa6d967cb5a2ae4dac243ee3e3c0a30ed16f8 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 15:38:39 +0100 Subject: [PATCH 044/125] Reject escaped null hexpairs in DNs Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 6ce15f9fe7..500f21306c 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -187,6 +187,9 @@ static int parse_attribute_value_string(const char *s, /* Check for valid escaped characters in RFC 4514 in Section 3*/ if (c + 1 < end && (n = hexpair_to_int(*c, *(c+1))) != -1) { + if(n == 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } hexpair = 1; *(d++) = n; c++; From ea3e83f36a119f94d2098e4f8db1cd7454e1bdd2 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 15:44:47 +0100 Subject: [PATCH 045/125] Amend test in test_suite_x509write Needed since we now reject escaped null hexpairs in strings Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 7b8d083ccc..2c6f59eeaf 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -220,8 +220,8 @@ mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL X509 String to Names #18 (short name and hexstring) mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0 -X509 String to Names #19 (Escape non-ascii hexpairs) -mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0 +X509 String to Names #19 (Accept non-ascii hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0 Check max serial length x509_set_serial_check: From af3e548c77397f9e3ad340589a0fee54c6e057d1 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 16:25:03 +0100 Subject: [PATCH 046/125] Make MBEDTLS_ASN1_IS_STRING_TAG to take signed int Since mbedtls_asn1_buf uses a signed int for tags. Signed-off-by: Agathiyan Bragadeesh --- include/mbedtls/asn1.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 6dfc551cc2..4eabea0435 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -97,13 +97,13 @@ /* Slightly smaller way to check if tag is a string tag * compared to canonical implementation. */ #define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ - ((tag) < 32u && ( \ - ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \ - (1u << MBEDTLS_ASN1_UTF8_STRING) | \ - (1u << MBEDTLS_ASN1_T61_STRING) | \ - (1u << MBEDTLS_ASN1_IA5_STRING) | \ - (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ - (1u << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0)) + ((tag) < 32 && ( \ + ((1 << (tag)) & ((1 << MBEDTLS_ASN1_BMP_STRING) | \ + (1 << MBEDTLS_ASN1_UTF8_STRING) | \ + (1 << MBEDTLS_ASN1_T61_STRING) | \ + (1 << MBEDTLS_ASN1_IA5_STRING) | \ + (1 << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ + (1 << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0)) /* * Bit masks for each of the components of an ASN.1 tag as specified in From eb55867520c2cd67932c888b81d06d9f2bcc2d28 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 16:31:11 +0100 Subject: [PATCH 047/125] Fix code style Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 2 +- library/x509_create.c | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/library/x509.c b/library/x509.c index 74b2fd6a12..62bc39b21e 100644 --- a/library/x509.c +++ b/library/x509.c @@ -876,7 +876,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) asn1_len_p = asn1_tag_len_buf + 10; asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len); - asn1_tag_size = mbedtls_asn1_write_tag(&asn1_len_p,asn1_tag_len_buf,name->val.tag); + asn1_tag_size = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag); asn1_tag_len_buf_start = 10 - asn1_len_size - asn1_tag_size; for (i = 0, j = 1; i < asn1_len_size + asn1_tag_size; i++) { if (j + 1 >= sizeof(s) - 1) { diff --git a/library/x509_create.c b/library/x509_create.c index 500f21306c..66f680643b 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -131,7 +131,7 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, } static char *x509_oid_from_numericoid(const char *numericoid, - size_t numericoid_len) + size_t numericoid_len) { char *oid; mbedtls_asn1_buf *oid_buf = mbedtls_calloc(1, sizeof(mbedtls_asn1_buf)); @@ -139,7 +139,7 @@ static char *x509_oid_from_numericoid(const char *numericoid, ret = mbedtls_oid_from_numeric_string(oid_buf, numericoid, numericoid_len); if (ret != 0) { - if(ret != MBEDTLS_ERR_ASN1_ALLOC_FAILED) { + if (ret != MBEDTLS_ERR_ASN1_ALLOC_FAILED) { mbedtls_free(oid_buf->p); } mbedtls_free(oid_buf); @@ -187,7 +187,7 @@ static int parse_attribute_value_string(const char *s, /* Check for valid escaped characters in RFC 4514 in Section 3*/ if (c + 1 < end && (n = hexpair_to_int(*c, *(c+1))) != -1) { - if(n == 0) { + if (n == 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } hexpair = 1; @@ -283,7 +283,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } } else { oid = malloc(strlen(attr_descr->oid)); - strcpy(oid,attr_descr->oid); + strcpy(oid, attr_descr->oid); numericoid = 0; } @@ -294,14 +294,14 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = - parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, - &tag)) != 0) { - if(numericoid) { + parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, + &tag)) != 0) { + if (numericoid) { return MBEDTLS_ERR_X509_INVALID_NAME; - } - else { + } else { if ((parse_ret = - parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { + parse_attribute_value_string(s, (int) (c - s), data, + &data_len)) != 0) { return parse_ret; } tag = attr_descr->default_tag; From f826d1113e30577dd5c662cacc92e1369b8cf37f Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 14 Aug 2023 16:32:22 +0100 Subject: [PATCH 048/125] Reject null bytes in DER encoded values in DNs Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 66f680643b..8a648e3813 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -239,6 +239,9 @@ static int parse_attribute_value_ber_encoded(const char *s, if ((c + 1 >= end) || (n = hexpair_to_int(*c, *(c+1))) == -1) { return MBEDTLS_ERR_X509_INVALID_NAME; } + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag) && n == 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } *(p++) = n; } asn1_der_end = p; From 55d93192b1601f01ba0aa3bc2cd4034afefe6c87 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 15 Aug 2023 15:05:03 +0100 Subject: [PATCH 049/125] Fix oid memory leak Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index 8a648e3813..0f1b8d0e59 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -285,7 +285,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam numericoid = 1; } } else { - oid = malloc(strlen(attr_descr->oid)); + oid = calloc(1, strlen(attr_descr->oid)); strcpy(oid, attr_descr->oid); numericoid = 0; } @@ -300,11 +300,13 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { if (numericoid) { + mbedtls_free(oid); return MBEDTLS_ERR_X509_INVALID_NAME; } else { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { + mbedtls_free(oid); return parse_ret; } tag = attr_descr->default_tag; @@ -314,11 +316,13 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!numericoid) { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { + mbedtls_free(oid); return parse_ret; } tag = attr_descr->default_tag; } if (numericoid) { + mbedtls_free(oid); return MBEDTLS_ERR_X509_INVALID_NAME; } #endif @@ -327,6 +331,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam (unsigned char *) data, data_len); mbedtls_free(oid); + oid = NULL; if (cur == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; } @@ -346,6 +351,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } c++; } + if (oid != NULL) { + mbedtls_free(oid); + } return ret; } From 4294ccc608eaecffe3f78d5271e9de1159ce03b2 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 15 Aug 2023 16:32:00 +0100 Subject: [PATCH 050/125] Use mbedtls_calloc instead of calloc Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 0f1b8d0e59..46ffc9c8de 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -145,7 +145,7 @@ static char *x509_oid_from_numericoid(const char *numericoid, mbedtls_free(oid_buf); return NULL; } - oid = calloc(1, oid_buf->len + 1); + oid = mbedtls_calloc(1, oid_buf->len + 1); memcpy(oid, oid_buf->p, oid_buf->len); oid[oid_buf->len + 1] = '\0'; mbedtls_free(oid_buf->p); @@ -285,7 +285,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam numericoid = 1; } } else { - oid = calloc(1, strlen(attr_descr->oid)); + oid = mbedtls_calloc(1, strlen(attr_descr->oid)); strcpy(oid, attr_descr->oid); numericoid = 0; } From fb94702762ec71cf2a7a6cb13c6aff13190a4b1f Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 15 Aug 2023 16:32:42 +0100 Subject: [PATCH 051/125] Add catch for alloc error x509_oid_from_numericoid Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 46ffc9c8de..9d40db095a 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -146,6 +146,11 @@ static char *x509_oid_from_numericoid(const char *numericoid, return NULL; } oid = mbedtls_calloc(1, oid_buf->len + 1); + if(oid == NULL) { + mbedtls_free(oid_buf->p); + mbedtls_free(oid_buf); + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } memcpy(oid, oid_buf->p, oid_buf->len); oid[oid_buf->len + 1] = '\0'; mbedtls_free(oid_buf->p); From 12b9d7040e90570a4622ca323a9e7634d52bab44 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 15 Aug 2023 17:42:33 +0100 Subject: [PATCH 052/125] Remove x509_oid_from_numericoid Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 51 ++++++++++--------------------------------- 1 file changed, 12 insertions(+), 39 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 9d40db095a..daf17a6dfe 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -130,34 +130,6 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, return cur; } -static char *x509_oid_from_numericoid(const char *numericoid, - size_t numericoid_len) -{ - char *oid; - mbedtls_asn1_buf *oid_buf = mbedtls_calloc(1, sizeof(mbedtls_asn1_buf)); - int ret; - - ret = mbedtls_oid_from_numeric_string(oid_buf, numericoid, numericoid_len); - if (ret != 0) { - if (ret != MBEDTLS_ERR_ASN1_ALLOC_FAILED) { - mbedtls_free(oid_buf->p); - } - mbedtls_free(oid_buf); - return NULL; - } - oid = mbedtls_calloc(1, oid_buf->len + 1); - if(oid == NULL) { - mbedtls_free(oid_buf->p); - mbedtls_free(oid_buf); - return MBEDTLS_ERR_X509_ALLOC_FAILED; - } - memcpy(oid, oid_buf->p, oid_buf->len); - oid[oid_buf->len + 1] = '\0'; - mbedtls_free(oid_buf->p); - mbedtls_free(oid_buf); - return oid; -} - static int hex_to_int(char c) { return ('0' <= c && c <= '9') ? (c - '0') : @@ -270,7 +242,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam int parse_ret = 0; const char *s = name, *c = s; const char *end = s + strlen(s); - char *oid = NULL; + mbedtls_asn1_buf oid = { .p = NULL, .len = 0, .tag = 5 }; const x509_attr_descriptor_t *attr_descr = NULL; int in_attr_type = 1; int tag; @@ -284,14 +256,15 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam while (c <= end) { if (in_attr_type && *c == '=') { if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { - if ((oid = x509_oid_from_numericoid(s, c - s)) == NULL) { + if ((mbedtls_oid_from_numeric_string(&oid, s, c - s)) != 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } else { numericoid = 1; } } else { - oid = mbedtls_calloc(1, strlen(attr_descr->oid)); - strcpy(oid, attr_descr->oid); + oid.len = strlen(attr_descr->oid); + oid.p = mbedtls_calloc(1, oid.len); + memcpy(oid.p, attr_descr->oid, oid.len); numericoid = 0; } @@ -305,13 +278,13 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { if (numericoid) { - mbedtls_free(oid); + mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } else { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { - mbedtls_free(oid); + mbedtls_free(oid.p); return parse_ret; } tag = attr_descr->default_tag; @@ -332,11 +305,11 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } #endif mbedtls_asn1_named_data *cur = - mbedtls_asn1_store_named_data(head, oid, strlen(oid), + mbedtls_asn1_store_named_data(head, (char *) oid.p, oid.len, (unsigned char *) data, data_len); - mbedtls_free(oid); - oid = NULL; + mbedtls_free(oid.p); + oid.p = NULL; if (cur == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; } @@ -356,8 +329,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } c++; } - if (oid != NULL) { - mbedtls_free(oid); + if (oid.p != NULL) { + mbedtls_free(oid.p); } return ret; } From ba386ec23ea2a6894c27f9c7f858afdc1c2a98c6 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 16 Aug 2023 11:31:17 +0100 Subject: [PATCH 053/125] Remove magic number for null tag Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index daf17a6dfe..dba76a990e 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -242,7 +242,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam int parse_ret = 0; const char *s = name, *c = s; const char *end = s + strlen(s); - mbedtls_asn1_buf oid = { .p = NULL, .len = 0, .tag = 5 }; + mbedtls_asn1_buf oid = { .p = NULL, .len = 0, .tag = MBEDTLS_ASN1_NULL }; const x509_attr_descriptor_t *attr_descr = NULL; int in_attr_type = 1; int tag; From dc23236f0a9c9ad4a0be35a4d03af92801839404 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 16 Jun 2023 17:05:22 +0200 Subject: [PATCH 054/125] Revert "Install cryptography only on linux platform" This reverts commit eb2c39ed2bc6a126ae7bdb6eab0457ebd6a32cfc. We temporarily turned off the cryptography requirement on Windows due to a CI instance that had an old, incompatible verison of pip. That CI instance has been upgraded so we no longer need the workaround. Signed-off-by: Gilles Peskine --- scripts/ci.requirements.txt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/ci.requirements.txt b/scripts/ci.requirements.txt index 3ddc417051..ac9c25acf4 100644 --- a/scripts/ci.requirements.txt +++ b/scripts/ci.requirements.txt @@ -14,5 +14,4 @@ mypy >= 0.780 # Install cryptography to avoid import-error reported by pylint. # What we really need is cryptography >= 35.0.0, which is only # available for Python >= 3.6. -cryptography >= 35.0.0; sys_platform == 'linux' and python_version >= '3.6' -cryptography; sys_platform == 'linux' and python_version < '3.6' +cryptography # >= 35.0.0 From 07f472a88bcde3695886da927a44454f2b003217 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 16:29:39 +0100 Subject: [PATCH 055/125] Add corruption detected return when writing asn1 Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/library/x509.c b/library/x509.c index 62bc39b21e..18e6a18de9 100644 --- a/library/x509.c +++ b/library/x509.c @@ -875,8 +875,14 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[0] = '#'; asn1_len_p = asn1_tag_len_buf + 10; - asn1_len_size = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len); - asn1_tag_size = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag); + if((ret = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len)) < 0) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } + asn1_len_size = ret; + if((ret = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag)) < 0) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } + asn1_tag_size = ret; asn1_tag_len_buf_start = 10 - asn1_len_size - asn1_tag_size; for (i = 0, j = 1; i < asn1_len_size + asn1_tag_size; i++) { if (j + 1 >= sizeof(s) - 1) { From f3b9724dcde58ebcd61c87b40c38702ed5be16f9 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 16:37:11 +0100 Subject: [PATCH 056/125] Remove questionable use of macro. MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string so instead we have expanded the macro and kept the relevant code. Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/x509.c b/library/x509.c index 18e6a18de9..446bf249a8 100644 --- a/library/x509.c +++ b/library/x509.c @@ -861,7 +861,8 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) ret = mbedtls_snprintf(p, n, "%s=", short_name); } else { if ((ret = mbedtls_oid_get_numeric_string(p, n, &name->oid)) > 0) { - MBEDTLS_X509_SAFE_SNPRINTF; + n -= ret; + p += ret; ret = mbedtls_snprintf(p, n, "="); print_hexstring = 1; } else { From 8aa74ab6a9c820ba44469f293c954cdaaafc9292 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 16:42:27 +0100 Subject: [PATCH 057/125] Add return for buffer too small when reading OIDs Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/x509.c b/library/x509.c index 446bf249a8..f574055e10 100644 --- a/library/x509.c +++ b/library/x509.c @@ -865,7 +865,10 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) p += ret; ret = mbedtls_snprintf(p, n, "="); print_hexstring = 1; - } else { + } else if (ret == MBEDTLS_ERR_OID_BUF_TOO_SMALL) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + else { ret = mbedtls_snprintf(p, n, "\?\?="); } } From d9d79bb74bd54b2d71dd82cc4951e6ef173e0251 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 16:43:58 +0100 Subject: [PATCH 058/125] Rename parse_attribute_value_ber_encoded Now renamed to parse_attribute_value_der_encoded to be consistent with names elsewhere Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index dba76a990e..77f50667ae 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -189,7 +189,7 @@ static int parse_attribute_value_string(const char *s, } #if defined(MBEDTLS_ASN1_PARSE_C) -static int parse_attribute_value_ber_encoded(const char *s, +static int parse_attribute_value_der_encoded(const char *s, int len, unsigned char *data, size_t *data_len, @@ -275,7 +275,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = - parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len, + parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { if (numericoid) { mbedtls_free(oid.p); From 022f86f108890c14f2cb7e821a1bcdcec29f7f13 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 16:56:04 +0100 Subject: [PATCH 059/125] Prevent output of escaped null characters dn gets Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/x509.c b/library/x509.c index f574055e10..42839e8f80 100644 --- a/library/x509.c +++ b/library/x509.c @@ -919,7 +919,10 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) c = name->val.p[i]; // Special characters requiring escaping, RFC 4514 Section 2.4 - if (c) { + if (c == '\0') { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + else { if (strchr(",=+<>;\"\\", c) || ((i == 0) && strchr("# ", c)) || ((i == name->val.len-1) && (c == ' '))) { From 4606bf3f38286777e2f8b725f2d3129e960ba0b9 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 17:29:18 +0100 Subject: [PATCH 060/125] Refactor reading AttributeValue in dn gets Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 34 +++++++++++++++------------------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 77f50667ae..475d2ba377 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -273,14 +273,23 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { + if (*s == '#') { #if defined(MBEDTLS_ASN1_PARSE_C) - if ((parse_ret = - parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, - &tag)) != 0) { - if (numericoid) { + if ((parse_ret = + parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, + &tag)) != 0) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; - } else { + } +#else + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE +#endif + } else { + if(numericoid) { + mbedtls_free(oid.p); + return MBEDTLS_ERR_X509_INVALID_NAME; + } + else { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { @@ -290,20 +299,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam tag = attr_descr->default_tag; } } -#else - if (!numericoid) { - if ((parse_ret = - parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { - mbedtls_free(oid); - return parse_ret; - } - tag = attr_descr->default_tag; - } - if (numericoid) { - mbedtls_free(oid); - return MBEDTLS_ERR_X509_INVALID_NAME; - } -#endif + mbedtls_asn1_named_data *cur = mbedtls_asn1_store_named_data(head, (char *) oid.p, oid.len, (unsigned char *) data, From 15df01240d339a0bf897b49854b966fd117db91a Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 22 Aug 2023 17:50:00 +0100 Subject: [PATCH 061/125] Fix code style Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 10 ++++------ library/x509_create.c | 11 +++++------ 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/library/x509.c b/library/x509.c index 42839e8f80..40da61d068 100644 --- a/library/x509.c +++ b/library/x509.c @@ -867,8 +867,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) print_hexstring = 1; } else if (ret == MBEDTLS_ERR_OID_BUF_TOO_SMALL) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; - } - else { + } else { ret = mbedtls_snprintf(p, n, "\?\?="); } } @@ -879,11 +878,11 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[0] = '#'; asn1_len_p = asn1_tag_len_buf + 10; - if((ret = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len)) < 0) { + if ((ret = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len)) < 0) { return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } asn1_len_size = ret; - if((ret = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag)) < 0) { + if ((ret = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag)) < 0) { return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } asn1_tag_size = ret; @@ -921,8 +920,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) // Special characters requiring escaping, RFC 4514 Section 2.4 if (c == '\0') { return MBEDTLS_ERR_X509_INVALID_NAME; - } - else { + } else { if (strchr(",=+<>;\"\\", c) || ((i == 0) && strchr("# ", c)) || ((i == name->val.len-1) && (c == ' '))) { diff --git a/library/x509_create.c b/library/x509_create.c index 475d2ba377..677b568454 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -276,20 +276,19 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam if (*s == '#') { #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = - parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, - &tag)) != 0) { + parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, + &tag)) != 0) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; - } + } #else return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE #endif } else { - if(numericoid) { + if (numericoid) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; - } - else { + } else { if ((parse_ret = parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) { From 926221a26ed28e07167309a49da8fae724073bb3 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 18 Aug 2023 15:09:02 +0800 Subject: [PATCH 062/125] Add target platform detection macros Now we have arm/x86 32/64 detection Signed-off-by: Jerry Yu --- include/mbedtls/build_info.h | 49 ++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index c0424da82f..198481363a 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -49,6 +49,55 @@ #define MBEDTLS_VERSION_STRING "3.4.1" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 3.4.1" +/* Macros for build-time platform detection */ + +#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ + (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_ARCH_IS_ARM64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ + (defined(__arm__) || defined(_M_ARM) || \ + defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_ARCH_IS_ARM32 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) +#define MBEDTLS_ARCH_IS_X64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X86) && \ + (defined(__i386__) || defined(_X86_) || \ + (defined(_M_IX86) && !defined(_M_I86))) +#define MBEDTLS_ARCH_IS_X86 +#endif +/* Macros for build-time platform detection */ + +#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ + (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_ARCH_IS_ARM64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ + (defined(__arm__) || defined(_M_ARM) || \ + defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_ARCH_IS_ARM32 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) +#define MBEDTLS_ARCH_IS_X64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X86) && \ + (defined(__i386__) || defined(_X86_) || \ + (defined(_M_IX86) && !defined(_M_I86))) +#define MBEDTLS_ARCH_IS_X86 +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif From 72fd0bdc713ca43e72b77e164240fa49b0942105 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 18 Aug 2023 16:31:01 +0800 Subject: [PATCH 063/125] replace arm64 macro and aesce enable flag Signed-off-by: Jerry Yu --- library/aes.c | 10 +++++----- library/aesce.c | 4 ++-- library/aesce.h | 12 +++++------- library/gcm.c | 6 +++--- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/library/aes.c b/library/aes.c index 47a5e3e822..c9610f59da 100644 --- a/library/aes.c +++ b/library/aes.c @@ -34,7 +34,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#if defined(__aarch64__) +#if defined(MBEDTLS_ARCH_IS_ARM64) #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif @@ -652,7 +652,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits); } @@ -764,7 +764,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { mbedtls_aesce_inverse_key( (unsigned char *) RK, @@ -1091,7 +1091,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { return mbedtls_aesce_crypt_ecb(ctx, mode, input, output); } @@ -1910,7 +1910,7 @@ int mbedtls_aes_self_test(int verbose) mbedtls_printf(" AES note: using VIA Padlock.\n"); } else #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { mbedtls_printf(" AES note: using AESCE.\n"); } else diff --git a/library/aesce.c b/library/aesce.c index 6f75a67d7f..8b42b034f5 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -46,7 +46,7 @@ #include "aesce.h" -#if defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_ARCH_IS_ARM64) /* Compiler version checks. */ #if defined(__clang__) @@ -510,6 +510,6 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#endif /* MBEDTLS_HAVE_ARM64 */ +#endif /* MBEDTLS_ARCH_IS_ARM64 */ #endif /* MBEDTLS_AESCE_C */ diff --git a/library/aesce.h b/library/aesce.h index 735c8cfad2..91aa7d2bb3 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -30,13 +30,11 @@ #include "mbedtls/aes.h" -#if !defined(MBEDTLS_HAVE_ARM64) -#if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC) -#define MBEDTLS_HAVE_ARM64 -#endif -#endif +#include "common.h" -#if defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) + +#define MBEDTLS_AESCE_HAVE_CODE #ifdef __cplusplus extern "C" { @@ -131,6 +129,6 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, } #endif -#endif /* MBEDTLS_HAVE_ARM64 */ +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */ #endif /* MBEDTLS_AESCE_H */ diff --git a/library/gcm.c b/library/gcm.c index 786290f2f9..b06ca4a317 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -97,7 +97,7 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) } #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { return 0; } @@ -208,7 +208,7 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16], } #endif /* MBEDTLS_AESNI_HAVE_CODE */ -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { unsigned char h[16]; @@ -885,7 +885,7 @@ int mbedtls_gcm_self_test(int verbose) } else #endif -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64) +#if defined(MBEDTLS_AESCE_HAVE_CODE) if (MBEDTLS_AESCE_HAS_SUPPORT()) { mbedtls_printf(" GCM note: using AESCE.\n"); } else From d6e312dde4c636cc25478e729227b9a9677bd579 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 18 Aug 2023 17:19:51 +0800 Subject: [PATCH 064/125] replace aesni target detection macros Signed-off-by: Jerry Yu --- library/aes.c | 5 ++--- library/aesni.h | 15 ++------------- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/library/aes.c b/library/aes.c index c9610f59da..0a7b26ce90 100644 --- a/library/aes.c +++ b/library/aes.c @@ -40,14 +40,13 @@ #endif #endif -#if defined(__amd64__) || defined(__x86_64__) || \ - ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC)) +#if defined(MBEDTLS_ARCH_IS_X64) #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif #endif -#if defined(__i386__) || defined(_M_IX86) +#if defined(MBEDTLS_ARCH_IS_X86) #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_AESNI_C) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif diff --git a/library/aesni.h b/library/aesni.h index 332a0f0722..e9064eeb96 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -35,20 +35,9 @@ /* Can we do AESNI with inline assembly? * (Only implemented with gas syntax, only for 64-bit.) */ -#if !defined(MBEDTLS_HAVE_X86_64) && \ - (defined(__amd64__) || defined(__x86_64__) || \ - defined(_M_X64) || defined(_M_AMD64)) && \ - !defined(_M_ARM64EC) -#define MBEDTLS_HAVE_X86_64 -#endif - -#if !defined(MBEDTLS_HAVE_X86) && \ - (defined(__i386__) || defined(_M_IX86)) -#define MBEDTLS_HAVE_X86 -#endif #if defined(MBEDTLS_AESNI_C) && \ - (defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86)) + (defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86)) /* Can we do AESNI with intrinsics? * (Only implemented with certain compilers, only for certain targets.) @@ -75,7 +64,7 @@ #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS) #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics #elif defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64) + defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #elif defined(__GNUC__) # error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" From 782b966666ba04c3076cd07d4f1cecf69af49e1a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 21 Aug 2023 11:25:01 +0800 Subject: [PATCH 065/125] replace target arch macros in padlock Signed-off-by: Jerry Yu --- library/padlock.c | 4 ++-- library/padlock.h | 8 ++------ 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/library/padlock.c b/library/padlock.c index f42c40ff93..563d40e7c1 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -31,7 +31,7 @@ #include -#if defined(MBEDTLS_HAVE_X86) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) /* * PadLock detection routine @@ -162,6 +162,6 @@ int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, return 0; } -#endif /* MBEDTLS_HAVE_X86 */ +#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */ #endif /* MBEDTLS_PADLOCK_C */ diff --git a/library/padlock.h b/library/padlock.h index ae5c486541..d3ed2c39ef 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -39,15 +39,11 @@ #endif /* Some versions of ASan result in errors about not enough registers */ -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \ - !defined(MBEDTLS_HAVE_ASAN) +#if defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ + defined(MBEDTLS_HAVE_ASM) && !defined(MBEDTLS_HAVE_ASAN) #define MBEDTLS_VIA_PADLOCK_HAVE_CODE -#ifndef MBEDTLS_HAVE_X86 -#define MBEDTLS_HAVE_X86 -#endif - #include #define MBEDTLS_PADLOCK_RNG 0x000C From 4c7d7bf583ffb7cde2d568d465e6565bb4d21b21 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 23 Aug 2023 11:28:30 +0100 Subject: [PATCH 066/125] Add guard for empty AttributeValue Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index 677b568454..63894a590f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -273,7 +273,10 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { - if (*s == '#') { + if (s >= end) { + mbedtls_free(oid.p); + return MBEDTLS_ERR_X509_INVALID_NAME; + } else if (*s == '#') { #if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, From 457ac84f0129b8e37cc179d5afb7255048cfba9e Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 23 Aug 2023 11:35:26 +0100 Subject: [PATCH 067/125] Refactor previous fix Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index 63894a590f..91957cc733 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -273,7 +273,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam } if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { - if (s >= end) { + if (s == c) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } else if (*s == '#') { From de84f9d67adff28c92e9e2ccc94e21424537ddc0 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 23 Aug 2023 11:44:04 +0100 Subject: [PATCH 068/125] Add test for rejecting empty AttributeValue Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 2c6f59eeaf..2240d82de4 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -223,5 +223,8 @@ mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, X509 String to Names #19 (Accept non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0 +X509 String to Names #20 (Reject empty AttributeValue) +mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME + Check max serial length x509_set_serial_check: From 733766bc71b9cf7865e9c50b0e251ac6f20769e4 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 23 Aug 2023 15:43:07 +0100 Subject: [PATCH 069/125] Remove trailing whitespace in data file. Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 2240d82de4..f755565eca 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -224,7 +224,7 @@ X509 String to Names #19 (Accept non-ascii hexpairs) mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0 X509 String to Names #20 (Reject empty AttributeValue) -mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME Check max serial length x509_set_serial_check: From 7d20138385941cb742ed5bef8731345e604061a8 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 23 Aug 2023 15:45:37 +0100 Subject: [PATCH 070/125] Add Changelog entry for DN changes Signed-off-by: Agathiyan Bragadeesh --- ChangeLog.d/extend-distinguished-names.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/extend-distinguished-names.txt diff --git a/ChangeLog.d/extend-distinguished-names.txt b/ChangeLog.d/extend-distinguished-names.txt new file mode 100644 index 0000000000..b148424cf3 --- /dev/null +++ b/ChangeLog.d/extend-distinguished-names.txt @@ -0,0 +1,3 @@ +Features + * Accept arbitrary AttributeType and AttributeValue in certificate + Distinguished Names using RFC 4514 syntax. From f65f71eef35b663e790316de42aa37896b0561d6 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 28 Aug 2023 10:58:24 +0800 Subject: [PATCH 071/125] improve various issues - duplicate definition - wrong comments - redundant include statement Signed-off-by: Jerry Yu --- include/mbedtls/build_info.h | 24 ------------------------ library/aesce.h | 1 - library/aesni.h | 7 +++---- library/padlock.h | 11 ++++++++--- 4 files changed, 11 insertions(+), 32 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 198481363a..92a4e64cb7 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -68,30 +68,6 @@ #define MBEDTLS_ARCH_IS_X64 #endif -#if !defined(MBEDTLS_ARCH_IS_X86) && \ - (defined(__i386__) || defined(_X86_) || \ - (defined(_M_IX86) && !defined(_M_I86))) -#define MBEDTLS_ARCH_IS_X86 -#endif -/* Macros for build-time platform detection */ - -#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ - (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) -#define MBEDTLS_ARCH_IS_ARM64 -#endif - -#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ - (defined(__arm__) || defined(_M_ARM) || \ - defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) -#define MBEDTLS_ARCH_IS_ARM32 -#endif - -#if !defined(MBEDTLS_ARCH_IS_X64) && \ - (defined(__amd64__) || defined(__x86_64__) || \ - ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) -#define MBEDTLS_ARCH_IS_X64 -#endif - #if !defined(MBEDTLS_ARCH_IS_X86) && \ (defined(__i386__) || defined(_X86_) || \ (defined(_M_IX86) && !defined(_M_I86))) diff --git a/library/aesce.h b/library/aesce.h index 91aa7d2bb3..d24c423b81 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -30,7 +30,6 @@ #include "mbedtls/aes.h" -#include "common.h" #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) diff --git a/library/aesni.h b/library/aesni.h index e9064eeb96..ba14290298 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -32,10 +32,6 @@ #define MBEDTLS_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_CLMUL 0x00000002u -/* Can we do AESNI with inline assembly? - * (Only implemented with gas syntax, only for 64-bit.) - */ - #if defined(MBEDTLS_AESNI_C) && \ (defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86)) @@ -65,6 +61,9 @@ #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics #elif defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) +/* Can we do AESNI with inline assembly? + * (Only implemented with gas syntax, only for 64-bit.) + */ #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly #elif defined(__GNUC__) # error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" diff --git a/library/padlock.h b/library/padlock.h index d3ed2c39ef..a00afe04f3 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -38,9 +38,14 @@ #endif #endif -/* Some versions of ASan result in errors about not enough registers */ -#if defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ - defined(MBEDTLS_HAVE_ASM) && !defined(MBEDTLS_HAVE_ASAN) +/* + * - `padlock` is implements with GNUC assembly for x86 target. + * - Some versions of ASan result in errors about not enough registers. + */ +#if defined(MBEDTLS_PADLOCK_C) && \ + defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ + defined(MBEDTLS_HAVE_ASM) && \ + !defined(MBEDTLS_HAVE_ASAN) #define MBEDTLS_VIA_PADLOCK_HAVE_CODE From 664fea481c13a944a7c065155ec1ccc928a2eaf2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 12 May 2023 12:11:37 +0100 Subject: [PATCH 072/125] Add x86-64 const-time assembly Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 47 ++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 8da15a84cb..73e91ccefe 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -71,6 +71,8 @@ #define MBEDTLS_CT_ARM_ASM #elif defined(__aarch64__) #define MBEDTLS_CT_AARCH64_ASM +#elif defined(__amd64__) || defined(__x86_64__) +#define MBEDTLS_CT_X86_64_ASM #endif #endif @@ -175,6 +177,19 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x) "cc" /* clobbers flag bits */ ); return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + uint64_t s; + asm volatile ("mov %[x], %[s] \n\t" + "neg %[s] \n\t" + "or %[x], %[s] \n\t" + "sar $63, %[s] \n\t" + : + [s] "=&a" (s) + : + [x] "D" (x) + : + ); + return (mbedtls_ct_condition_t) s; #else const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x); #if defined(_MSC_VER) @@ -230,6 +245,19 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition, "cc" ); return (mbedtls_ct_uint_t) condition; +#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + asm volatile ("and %[condition], %[if1] \n\t" + "not %[condition] \n\t" + "and %[condition], %[if0] \n\t" + "or %[if1], %[if0] \n\t" + : + [condition] "+&D" (condition), + [if1] "+&S" (if1), + [if0] "+&a" (if0) + : + : + ); + return if0; #else mbedtls_ct_condition_t not_cond = (mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition)); @@ -274,6 +302,25 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe "cc" ); return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + uint64_t mask; + asm volatile ("mov %[x], %[mask] \n\t" + "xor %[y], %[mask] \n\t" + "sub %[y], %[x] \n\t" + "and %[mask], %[y] \n\t" + "not %[mask] \n\t" + "and %[mask], %[x] \n\t" + "or %[y], %[x] \n\t" + "mov %[x], %[mask] \n\t" + "sar $63, %[mask] \n\t" + : + [mask] "=&a" (mask), + [x] "+&S" (x), + [y] "+&D" (y) + : + : + ); + return (mbedtls_ct_condition_t) mask; #else /* Ensure that the compiler cannot optimise the following operations over x and y, * even if it knows the value of x and y. From 81673bba77d5551b81394a059906ed0f2f8a2908 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 13 May 2023 12:32:09 +0100 Subject: [PATCH 073/125] Add x86 const-time assembly Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 47 ++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 73e91ccefe..6fb7b9f6d8 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -73,6 +73,8 @@ #define MBEDTLS_CT_AARCH64_ASM #elif defined(__amd64__) || defined(__x86_64__) #define MBEDTLS_CT_X86_64_ASM +#elif defined(__i386__) +#define MBEDTLS_CT_X86_ASM #endif #endif @@ -190,6 +192,19 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x) : ); return (mbedtls_ct_condition_t) s; +#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) + uint32_t s; + asm volatile ("mov %[x], %[s] \n\t" + "neg %[s] \n\t" + "or %[s], %[x] \n\t" + "sar $31, %[x] \n\t" + : + [s] "=&c" (s), + [x] "+&a" (x) + : + : + ); + return (mbedtls_ct_condition_t) x; #else const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x); #if defined(_MSC_VER) @@ -258,6 +273,19 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition, : ); return if0; +#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) + asm volatile ("and %[condition], %[if1] \n\t" + "not %[condition] \n\t" + "and %[if0], %[condition] \n\t" + "or %[condition], %[if1] \n\t" + : + [condition] "+&c" (condition), + [if1] "+&a" (if1) + : + [if0] "b" (if0) + : + ); + return if1; #else mbedtls_ct_condition_t not_cond = (mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition)); @@ -321,6 +349,25 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe : ); return (mbedtls_ct_condition_t) mask; +#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) + uint32_t s; + asm volatile ("mov %[x], %[s] \n\t" + "xor %[y], %[s] \n\t" + "sub %[y], %[x] \n\t" + "not %[s] \n\t" + "and %[s], %[x] \n\t" + "not %[s] \n\t" + "and %[y], %[s] \n\t" + "or %[s], %[x] \n\t" + "sar $31, %[x] \n\t" + : + [s] "=&b" (s), + [x] "+&a" (x) + : + [y] "c" (y) + : + ); + return (mbedtls_ct_condition_t) x; #else /* Ensure that the compiler cannot optimise the following operations over x and y, * even if it knows the value of x and y. From 0cf9dd1056f5253b529a7de6e651146393426e6a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 12 May 2023 16:29:48 +0100 Subject: [PATCH 074/125] Whitespace - tidy up asm and make it more consistent Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 72 +++++++++++++++++++----------------- 1 file changed, 39 insertions(+), 33 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 6fb7b9f6d8..054c71fabe 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -136,7 +136,7 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) * seem to apply unified syntax globally, which breaks other asm code. */ #if !defined(__clang__) -#define RESTORE_ASM_SYNTAX ".syntax divided \n\t" +#define RESTORE_ASM_SYNTAX ".syntax divided \n\t" #else #define RESTORE_ASM_SYNTAX #endif @@ -154,9 +154,9 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x) */ #if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) mbedtls_ct_uint_t s; - asm volatile ("neg %x[s], %x[x] \n\t" - "orr %x[x], %x[s], %x[x] \n\t" - "asr %x[x], %x[x], 63" + asm volatile ("neg %x[s], %x[x] \n\t" + "orr %x[x], %x[s], %x[x] \n\t" + "asr %x[x], %x[x], 63 \n\t" : [s] "=&r" (s), [x] "+&r" (x) @@ -166,10 +166,10 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x) return (mbedtls_ct_condition_t) x; #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32) uint32_t s; - asm volatile (".syntax unified \n\t" - "negs %[s], %[x] \n\t" - "orrs %[x], %[x], %[s] \n\t" - "asrs %[x], %[x], #31 \n\t" + asm volatile (".syntax unified \n\t" + "negs %[s], %[x] \n\t" + "orrs %[x], %[x], %[s] \n\t" + "asrs %[x], %[x], #31 \n\t" RESTORE_ASM_SYNTAX : [s] "=&l" (s), @@ -232,9 +232,9 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition, mbedtls_ct_uint_t if0) { #if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) - asm volatile ("and %x[if1], %x[if1], %x[condition] \n\t" - "mvn %x[condition], %x[condition] \n\t" - "and %x[condition], %x[condition], %x[if0] \n\t" + asm volatile ("and %x[if1], %x[if1], %x[condition] \n\t" + "mvn %x[condition], %x[condition] \n\t" + "and %x[condition], %x[condition], %x[if0] \n\t" "orr %x[condition], %x[if1], %x[condition]" : [condition] "+&r" (condition), @@ -245,11 +245,11 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition, ); return (mbedtls_ct_uint_t) condition; #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32) - asm volatile (".syntax unified \n\t" - "ands %[if1], %[if1], %[condition] \n\t" - "mvns %[condition], %[condition] \n\t" - "ands %[condition], %[condition], %[if0] \n\t" - "orrs %[condition], %[if1], %[condition] \n\t" + asm volatile (".syntax unified \n\t" + "ands %[if1], %[if1], %[condition] \n\t" + "mvns %[condition], %[condition] \n\t" + "ands %[condition], %[condition], %[if0] \n\t" + "orrs %[condition], %[if1], %[condition] \n\t" RESTORE_ASM_SYNTAX : [condition] "+&l" (condition), @@ -297,34 +297,40 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe { #if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) uint64_t s1; - asm volatile ("eor %x[s1], %x[y], %x[x] \n\t" - "sub %x[x], %x[x], %x[y] \n\t" - "bic %x[x], %x[x], %x[s1] \n\t" - "and %x[s1], %x[s1], %x[y] \n\t" - "orr %x[s1], %x[x], %x[s1] \n\t" + asm volatile ("eor %x[s1], %x[y], %x[x] \n\t" + "sub %x[x], %x[x], %x[y] \n\t" + "bic %x[x], %x[x], %x[s1] \n\t" + "and %x[s1], %x[s1], %x[y] \n\t" + "orr %x[s1], %x[x], %x[s1] \n\t" "asr %x[x], %x[s1], 63" - : [s1] "=&r" (s1), [x] "+&r" (x) - : [y] "r" (y) + : + [s1] "=&r" (s1), + [x] "+&r" (x) + : + [y] "r" (y) : ); return (mbedtls_ct_condition_t) x; #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32) uint32_t s1; asm volatile ( - ".syntax unified \n\t" + ".syntax unified \n\t" #if defined(__thumb__) && !defined(__thumb2__) - "movs %[s1], %[x] \n\t" - "eors %[s1], %[s1], %[y] \n\t" + "movs %[s1], %[x] \n\t" + "eors %[s1], %[s1], %[y] \n\t" #else - "eors %[s1], %[x], %[y] \n\t" + "eors %[s1], %[x], %[y] \n\t" #endif - "subs %[x], %[x], %[y] \n\t" - "bics %[x], %[x], %[s1] \n\t" - "ands %[y], %[s1], %[y] \n\t" - "orrs %[x], %[x], %[y] \n\t" - "asrs %[x], %[x], #31 \n\t" + "subs %[x], %[x], %[y] \n\t" + "bics %[x], %[x], %[s1] \n\t" + "ands %[y], %[s1], %[y] \n\t" + "orrs %[x], %[x], %[y] \n\t" + "asrs %[x], %[x], #31 \n\t" RESTORE_ASM_SYNTAX - : [s1] "=&l" (s1), [x] "+&l" (x), [y] "+&l" (y) + : + [s1] "=&l" (s1), + [x] "+&l" (x), + [y] "+&l" (y) : : "cc" From d44dd961323f3e15e1e0b8978ff91b5cbfd117f3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 9 Aug 2023 14:10:14 +0100 Subject: [PATCH 075/125] Improve docs re duplicate declarations Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 054c71fabe..ab32deee9f 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -1,15 +1,6 @@ /** * Constant-time functions * - * For readability, the static inline definitions are here, and - * constant_time_internal.h has only the declarations. - * - * This results in duplicate declarations of the form: - * static inline void f() { ... } - * static inline void f(); - * when constant_time_internal.h is included. This appears to behave - * exactly as if the declaration-without-definition was not present. - * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 * @@ -37,11 +28,20 @@ #include "mbedtls/bignum.h" #endif -/* constant_time_impl.h contains all the static inline implementations, - * so that constant_time_internal.h is more readable. +/* + * To improve readability of constant_time_internal.h, the static inline + * definitions are here, and constant_time_internal.h has only the declarations. * - * gcc generates warnings about duplicate declarations, so disable this - * warning. + * This results in duplicate declarations of the form: + * static inline void f(); // from constant_time_internal.h + * static inline void f() { ... } // from constant_time_impl.h + * when constant_time_internal.h is included. + * + * This appears to behave as if the declaration-without-definition was not present + * (except for warnings if gcc -Wredundant-decls or similar is used). + * + * Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled + * at the bottom of this file. */ #ifdef __GNUC__ #pragma GCC diagnostic push @@ -531,6 +531,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_not(mbedtls_ct_condition_t } #ifdef __GNUC__ +/* Restore warnings for -Wredundant-decls on gcc */ #pragma GCC diagnostic pop #endif From b69239c604034ccd28971236b423d152c45d5727 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 9 Aug 2023 14:53:18 +0100 Subject: [PATCH 076/125] Improve docs in mbedtls_mpi_lt_mpi_ct Signed-off-by: Dave Rodgman --- library/bignum.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 0a0022cd37..61353ca53d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -72,7 +72,7 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, } /* - * Set sign_N to 1 if N >= 0, 0 if N < 0. + * Set N_is_negative to MBEDTLS_CT_FALSE if N >= 0, MBEDTLS_CT_TRUE if N < 0. * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. */ X_is_negative = mbedtls_ct_bool((X->s & 2) >> 1); @@ -83,7 +83,7 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, * That is if X is negative (X_is_negative == 1), then X < Y is true and it * is false if X is positive (X_is_negative == 0). */ - different_sign = mbedtls_ct_bool_xor(X_is_negative, Y_is_negative); // non-zero if different sign + different_sign = mbedtls_ct_bool_xor(X_is_negative, Y_is_negative); // true if different sign result = mbedtls_ct_bool_and(different_sign, X_is_negative); /* From 6d5261e38fa977bb579cf556726a87fd91fb4cd8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 9 Aug 2023 14:57:25 +0100 Subject: [PATCH 077/125] Fix typo in doxygen for mbedtls_ct_memcpy_offset Signed-off-by: Dave Rodgman --- library/constant_time_internal.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index 44b74aec63..ec9f25a993 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -455,8 +455,8 @@ void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition, * * memcpy(dst, src + offset, len) * - * This function copies \p len bytes from \p src_base + \p offset to \p - * dst, with a code flow and memory access pattern that does not depend on + * This function copies \p len bytes from \p src + \p offset to + * \p dst, with a code flow and memory access pattern that does not depend on * \p offset, but only on \p offset_min, \p offset_max and \p len. * * \note This function reads from \p dest, but the value that From e97de40e7b952038a5e3ce53c2640b4710137c4b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Aug 2023 09:47:35 +0100 Subject: [PATCH 078/125] Typo fix Signed-off-by: Dave Rodgman --- library/constant_time_internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index ec9f25a993..ff7ccc17b7 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -47,7 +47,7 @@ * These are all named mbedtls_ct__if and mbedtls_ct__if_else_0 * All arguments are considered secret. * example: size_t a = x ? b : c => a = mbedtls_ct_size_if(x, b, c) - * example: unsigned a = x ? b : 0 => a = mbedtls_ct_uint__if_else_0(x, b) + * example: unsigned a = x ? b : 0 => a = mbedtls_ct_uint_if_else_0(x, b) * * - block memory operations * Only some arguments are considered secret, as documented for each From ef6abd4062c3d51531a182b5f1ca55f4606c169d Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 30 Aug 2023 15:49:24 +0100 Subject: [PATCH 079/125] Add blank lines after variable declarations Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 91957cc733..9fdd48305b 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -158,6 +158,7 @@ static int parse_attribute_value_string(const char *s, int hexpair = 0; unsigned char *d = data; int n; + while (c < end) { if (*c == '\\') { c++; @@ -202,6 +203,7 @@ static int parse_attribute_value_der_encoded(const char *s, unsigned char *p; unsigned char *d = data; int n; + /* Converting from hexstring to raw binary so we can use asn1parse.c*/ if ((len < 5) || (*c != '#')) { return MBEDTLS_ERR_X509_INVALID_NAME; From e9d1c8e1ebd11cce154d357d85bfebe92c5d451c Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 30 Aug 2023 15:50:12 +0100 Subject: [PATCH 080/125] Reword and reformat comments Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 9fdd48305b..4c982d1f4f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -163,7 +163,7 @@ static int parse_attribute_value_string(const char *s, if (*c == '\\') { c++; - /* Check for valid escaped characters in RFC 4514 in Section 3*/ + /* Check for valid escaped characters as per RFC 4514 Section 3 */ if (c + 1 < end && (n = hexpair_to_int(*c, *(c+1))) != -1) { if (n == 0) { return MBEDTLS_ERR_X509_INVALID_NAME; @@ -204,7 +204,7 @@ static int parse_attribute_value_der_encoded(const char *s, unsigned char *d = data; int n; - /* Converting from hexstring to raw binary so we can use asn1parse.c*/ + /* Converting from hexstring to raw binary so we can use asn1parse.c */ if ((len < 5) || (*c != '#')) { return MBEDTLS_ERR_X509_INVALID_NAME; } From 1aece47e8ccf5db290b24e0ccb5459e7279247f2 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 30 Aug 2023 16:04:16 +0100 Subject: [PATCH 081/125] Make hexpair_to_int take a char pointer Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 4c982d1f4f..b83fcd9e08 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -137,10 +137,11 @@ static int hex_to_int(char c) ('A' <= c && c <= 'F') ? (c - 'A' + 10) : -1; } -static int hexpair_to_int(char c1, char c2) +static int hexpair_to_int(const char *hexpair) { - int n1 = hex_to_int(c1); - int n2 = hex_to_int(c2); + int n1 = hex_to_int(*hexpair); + int n2 = hex_to_int(*(hexpair + 1)); + if (n1 != -1 && n2 != -1) { return (n1 << 4) | n2; } else { @@ -164,7 +165,7 @@ static int parse_attribute_value_string(const char *s, c++; /* Check for valid escaped characters as per RFC 4514 Section 3 */ - if (c + 1 < end && (n = hexpair_to_int(*c, *(c+1))) != -1) { + if (c + 1 < end && (n = hexpair_to_int(c)) != -1) { if (n == 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } @@ -209,13 +210,13 @@ static int parse_attribute_value_der_encoded(const char *s, return MBEDTLS_ERR_X509_INVALID_NAME; } c++; - if ((*tag = hexpair_to_int(*c, *(c+1))) == -1) { + if ((*tag = hexpair_to_int(c)) == -1) { return MBEDTLS_ERR_X509_INVALID_NAME; } c += 2; p = asn1_der_buf; for (p = asn1_der_buf; c < end; c += 2) { - if ((c + 1 >= end) || (n = hexpair_to_int(*c, *(c+1))) == -1) { + if ((c + 1 >= end) || (n = hexpair_to_int(c)) == -1) { return MBEDTLS_ERR_X509_INVALID_NAME; } if (MBEDTLS_ASN1_IS_STRING_TAG(*tag) && n == 0) { From de02ee268ea0a884f4796acbcc2b6abb9a46d1cd Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 30 Aug 2023 16:12:57 +0100 Subject: [PATCH 082/125] Refactor parse_attribute_value_string Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index b83fcd9e08..307e8be4ce 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -141,7 +141,7 @@ static int hexpair_to_int(const char *hexpair) { int n1 = hex_to_int(*hexpair); int n2 = hex_to_int(*(hexpair + 1)); - + if (n1 != -1 && n2 != -1) { return (n1 << 4) | n2; } else { @@ -154,13 +154,12 @@ static int parse_attribute_value_string(const char *s, unsigned char *data, size_t *data_len) { - const char *c = s; - const char *end = c + len; - int hexpair = 0; + const char *c; + const char *end = s + len; unsigned char *d = data; int n; - while (c < end) { + for (c = s; c < end; c++) { if (*c == '\\') { c++; @@ -169,22 +168,19 @@ static int parse_attribute_value_string(const char *s, if (n == 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } - hexpair = 1; *(d++) = n; c++; + continue; } else if (c == end || !strchr(" ,=+<>#;\"\\", *c)) { return MBEDTLS_ERR_X509_INVALID_NAME; } } - if (!hexpair) { - *(d++) = *c; - } + + *(d++) = *c; + if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { return MBEDTLS_ERR_X509_INVALID_NAME; } - - hexpair = 0; - c++; } *data_len = d - data; return 0; From 52af0d08b4c1a3bc254bbcf2380f1b6e04b28317 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 30 Aug 2023 16:22:54 +0100 Subject: [PATCH 083/125] Fix unsafe behaviour in MBEDTLS_ASN1_IS_STRING_TAG Signed-off-by: Agathiyan Bragadeesh --- include/mbedtls/asn1.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 4eabea0435..3242699e72 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -96,14 +96,14 @@ /* Slightly smaller way to check if tag is a string tag * compared to canonical implementation. */ -#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ - ((tag) < 32 && ( \ - ((1 << (tag)) & ((1 << MBEDTLS_ASN1_BMP_STRING) | \ - (1 << MBEDTLS_ASN1_UTF8_STRING) | \ - (1 << MBEDTLS_ASN1_T61_STRING) | \ - (1 << MBEDTLS_ASN1_IA5_STRING) | \ - (1 << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ - (1 << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0)) +#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ + ((unsigned int) (tag) < 32u && ( \ + ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \ + (1u << MBEDTLS_ASN1_UTF8_STRING) | \ + (1u << MBEDTLS_ASN1_T61_STRING) | \ + (1u << MBEDTLS_ASN1_IA5_STRING) | \ + (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ + (1u << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0)) /* * Bit masks for each of the components of an ASN.1 tag as specified in From a2423debcc7175a0e5450ced386283276e95ea1a Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Wed, 30 Aug 2023 16:24:31 +0100 Subject: [PATCH 084/125] Fix code style Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 307e8be4ce..1da1587878 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -158,7 +158,7 @@ static int parse_attribute_value_string(const char *s, const char *end = s + len; unsigned char *d = data; int n; - + for (c = s; c < end; c++) { if (*c == '\\') { c++; @@ -175,9 +175,9 @@ static int parse_attribute_value_string(const char *s, return MBEDTLS_ERR_X509_INVALID_NAME; } } - + *(d++) = *c; - + if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { return MBEDTLS_ERR_X509_INVALID_NAME; } @@ -200,7 +200,7 @@ static int parse_attribute_value_der_encoded(const char *s, unsigned char *p; unsigned char *d = data; int n; - + /* Converting from hexstring to raw binary so we can use asn1parse.c */ if ((len < 5) || (*c != '#')) { return MBEDTLS_ERR_X509_INVALID_NAME; From 7990a3296df24a1f7bb8875005d78495c7e0076c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 22 Aug 2023 17:27:00 +0200 Subject: [PATCH 085/125] Explain the story about cryptography version requirements Signed-off-by: Gilles Peskine --- scripts/ci.requirements.txt | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/scripts/ci.requirements.txt b/scripts/ci.requirements.txt index ac9c25acf4..7dbcfe8e05 100644 --- a/scripts/ci.requirements.txt +++ b/scripts/ci.requirements.txt @@ -11,7 +11,10 @@ pylint == 2.4.4 # See https://github.com/Mbed-TLS/mbedtls/pull/3953 . mypy >= 0.780 -# Install cryptography to avoid import-error reported by pylint. -# What we really need is cryptography >= 35.0.0, which is only -# available for Python >= 3.6. +# At the time of writing, only needed for tests/scripts/audit-validity-dates.py. +# It needs >=35.0.0 for correct operation, and that requires Python >=3.6, +# but our CI has Python 3.5. So let pip install the newest version that's +# compatible with the running Python: this way we get something good enough +# for mypy and pylint under Python 3.5, and we also get something good enough +# to run audit-validity-dates.py on Python >=3.6. cryptography # >= 35.0.0 From 7373a6644da93874f89352013d26ac836ea69e18 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Sep 2023 13:59:03 +0200 Subject: [PATCH 086/125] driver-only-builds.md: fix text Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 1a42a3f3e7..277c5e3981 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -105,7 +105,7 @@ size saving. [Coming soon] As noted in the "Limitations regarding the selection of curves" section below, there is an upcoming requirement for all the required curves to -be also accelerated in the PSA driver in order to exclude the builtin algs +also be accelerated in the PSA driver in order to exclude the builtin algs support. ### Limitations regarding fully removing `ecp.c` @@ -146,8 +146,8 @@ timeline, please let us know if you're interested. ### Limitations regarding the selection of curves There is an ongoing work which tries to establish a link/constrain between -the list of supported curves and supported algorithms both in builtin and PSA -sides. In particular: +the list of supported curves and supported algorithms both in the builtin and +PSA sides. In particular: - #8014 ensures that the curves supported on the PSA side (`PSA_WANT_ECC_xxx`) are always a superset of the builtin ones (`MBEDTLS_ECP_DP_xxx`) @@ -170,7 +170,7 @@ Key management and usage can be enabled by means of the usual `PSA_WANT` + - `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_GENERATE`; The same holds for the associated algorithm: -`[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow to build accelerating FFDH and +`[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and removing builtin support (i.e. `MBEDTLS_DHM_C`). ### Limitations From 86dc08599bf0dc99b41cb497ae5c865a4f5d42a1 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 4 Sep 2023 14:53:30 +0100 Subject: [PATCH 087/125] Add asn1 write tag and len to x509 use c config Signed-off-by: Agathiyan Bragadeesh --- include/mbedtls/asn1write.h | 5 +++++ library/asn1write.c | 4 +++- library/x509.c | 6 ------ 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 3c5072c018..6fe57c8f0e 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -48,6 +48,7 @@ extern "C" { #endif +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) /** * \brief Write a length field in ASN.1 format. * @@ -76,7 +77,9 @@ int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, */ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag); +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */ +#if defined(MBEDTLS_ASN1_WRITE_C) /** * \brief Write raw buffer data. * @@ -393,4 +396,6 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data * } #endif +#endif /* MBEDTLS_ASN1_WRITE_C */ + #endif /* MBEDTLS_ASN1_WRITE_H */ diff --git a/library/asn1write.c b/library/asn1write.c index c65d9370e2..4123ac3c10 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -19,7 +19,7 @@ #include "common.h" -#if defined(MBEDTLS_ASN1_WRITE_C) +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) #include "mbedtls/asn1write.h" #include "mbedtls/error.h" @@ -102,7 +102,9 @@ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsign return 1; } +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */ +#if defined(MBEDTLS_ASN1_WRITE_C) int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t size) { diff --git a/library/x509.c b/library/x509.c index 40da61d068..c1d6bd485c 100644 --- a/library/x509.c +++ b/library/x509.c @@ -43,9 +43,7 @@ #include "mbedtls/pem.h" #endif -#if defined(MBEDTLS_ASN1_WRITE_C) #include "mbedtls/asn1write.h" -#endif #include "mbedtls/platform.h" @@ -874,7 +872,6 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; if (print_hexstring) { -#if defined(MBEDTLS_ASN1_WRITE_C) s[0] = '#'; asn1_len_p = asn1_tag_len_buf + 10; @@ -907,9 +904,6 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) s[j++] = nibble_to_hex_digit(highbits); s[j++] = nibble_to_hex_digit(lowbits); } -#else - return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; -#endif } else { for (i = 0, j = 0; i < name->val.len; i++, j++) { if (j >= sizeof(s) - 1) { From fca0861e8eb24e67cc08d3c25b970866252d3abc Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 4 Sep 2023 15:45:37 +0100 Subject: [PATCH 088/125] Add asn1 get tag and len to x509 create config Signed-off-by: Agathiyan Bragadeesh --- include/mbedtls/asn1.h | 6 ++++++ library/asn1parse.c | 4 +++- library/x509_create.c | 8 -------- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 3242699e72..825020fe33 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -209,6 +209,7 @@ typedef struct mbedtls_asn1_named_data { } mbedtls_asn1_named_data; +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) /** * \brief Get the length of an ASN.1 element. * Updates the pointer to immediately behind the length. @@ -271,6 +272,9 @@ int mbedtls_asn1_get_tag(unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BOOLEAN. */ +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) int mbedtls_asn1_get_bool(unsigned char **p, const unsigned char *end, int *val); @@ -645,4 +649,6 @@ void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name); } #endif +#endif /* MBEDTLS_ASN1_PARSE_C */ + #endif /* asn1.h */ diff --git a/library/asn1parse.c b/library/asn1parse.c index d257ef4383..edc4c698ff 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -19,7 +19,7 @@ #include "common.h" -#if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" @@ -114,7 +114,9 @@ int mbedtls_asn1_get_tag(unsigned char **p, return mbedtls_asn1_get_len(p, end, len); } +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_ASN1_PARSE_C) int mbedtls_asn1_get_bool(unsigned char **p, const unsigned char *end, int *val) diff --git a/library/x509_create.c b/library/x509_create.c index 1da1587878..6ef33b0336 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -30,9 +30,7 @@ #include "mbedtls/platform.h" -#if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" -#endif /* Structure linking OIDs for X.509 DN AttributeTypes to their * string representations and default string encodings used by Mbed TLS. */ @@ -186,7 +184,6 @@ static int parse_attribute_value_string(const char *s, return 0; } -#if defined(MBEDTLS_ASN1_PARSE_C) static int parse_attribute_value_der_encoded(const char *s, int len, unsigned char *data, @@ -233,7 +230,6 @@ static int parse_attribute_value_der_encoded(const char *s, return 0; } -#endif int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { @@ -276,16 +272,12 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } else if (*s == '#') { -#if defined(MBEDTLS_ASN1_PARSE_C) if ((parse_ret = parse_attribute_value_der_encoded(s, (int) (c - s), data, &data_len, &tag)) != 0) { mbedtls_free(oid.p); return MBEDTLS_ERR_X509_INVALID_NAME; } -#else - return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -#endif } else { if (numericoid) { mbedtls_free(oid.p); From 4ce9ac8463da24796cd504e1cc65bcb756c51452 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Mon, 4 Sep 2023 16:18:26 +0100 Subject: [PATCH 089/125] Add round trip tests for x509 RDNs Signed-off-by: Agathiyan Bragadeesh --- tests/suites/test_suite_x509write.data | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index f755565eca..37679c1539 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -226,5 +226,14 @@ mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCs X509 String to Names #20 (Reject empty AttributeValue) mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +X509 Round trip test (Escaped characters) +mbedtls_x509_string_to_names:"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":0 + +X509 Round trip test (hexstring output for non string input) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0 + +X509 Round trip test (numercoid hexstring output for unknown OID) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":0 + Check max serial length x509_set_serial_check: From 5dfaca4af514faf69d923a908fa0e598997e5605 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 5 Sep 2023 08:48:51 +0200 Subject: [PATCH 090/125] all.sh: fix comments Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5265c93b30..2685067fba 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2638,10 +2638,10 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { # - it still disables RSA, but it uses builtin EC and FFDH algs # # This function accepts 2 parameters: -# $1: it is a boolean values which states if we are testing an accelerated -# scenario or not. -# $2: it is a string value which states which are the tested components. Allowed -# values are "ECC" or "ECC_DH". +# $1: a boolean value which states if we are testing an accelerated scenario +# or not. +# $2: a string value which states which components are tested. Allowed values +# are "ECC" or "ECC_DH". config_psa_crypto_config_accel_ecc_ffdh_no_bignum() { DRIVER_ONLY="$1" TEST_TARGET="$2" @@ -2712,12 +2712,12 @@ config_psa_crypto_config_accel_ecc_ffdh_no_bignum() { # - both ECC and FFDH # # It is meant to be used in conjunction with -# common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum() for drivers' -# coverage analysis in "analyze_outcomes.py" script. +# common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum() for drivers +# coverage analysis in the "analyze_outcomes.py" script. common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { TEST_TARGET="$1" - # This is an internal helper to simplify text messages' handling + # This is an internal helper to simplify text message handling if [ "$TEST_TARGET" = "ECC_DH" ]; then ACCEL_TEXT="ECC/FFDH" REMOVED_TEXT="ECP - DH" @@ -2800,7 +2800,7 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { TEST_TARGET="$1" - # This is an internal helper to simplify text messages' handling + # This is an internal helper to simplify text message handling if [ "$TEST_TARGET" = "ECC_DH" ]; then ACCEL_TEXT="ECC/FFDH" else From a8861e086e3b41a4bab606d9a14ae4d0c694951c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Sep 2023 20:20:51 +0200 Subject: [PATCH 091/125] Fix boolean options in the wrong section Boolean options that modify the behavior of a module are supposed to be in the "feature support" section, not in the "configuration options" support: that section is documented to contain commented-out definitions with a value, for which the comment contains the default version. In particular, merely uncommenting a definition in the "configuration options" section is not supposed to change anything. Move the offending boolean options to the proper section. This causes those options to be enabled by `config.py full` unless explicitly excluded. For all the offending options, this is undesirable, so make sure those options are indeed excluded. Signed-off-by: Gilles Peskine --- include/mbedtls/mbedtls_config.h | 169 +++++++++++++++---------------- scripts/config.py | 8 +- 2 files changed, 91 insertions(+), 86 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 2a24a450c2..84b27e5008 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -272,6 +272,45 @@ //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT //#define MBEDTLS_PLATFORM_MS_TIME_ALT +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT + +/** + * Uncomment the macro to let mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(). This replaces the default implementation in + * platform_util.c. + * + * mbedtls_platform_zeroize() is a widely used function across the library to + * zero a block of memory. The implementation is expected to be secure in the + * sense that it has been written to prevent the compiler from removing calls + * to mbedtls_platform_zeroize() as part of redundant code elimination + * optimizations. However, it is difficult to guarantee that calls to + * mbedtls_platform_zeroize() will not be optimized by the compiler as older + * versions of the C language standards do not provide a secure implementation + * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to + * configure their own implementation of mbedtls_platform_zeroize(), for + * example by using directives specific to their compiler, features from newer + * C standards (e.g using memset_s() in C11) or calling a secure memset() from + * their system (e.g explicit_bzero() in BSD). + */ +//#define MBEDTLS_PLATFORM_ZEROIZE_ALT + /** * \def MBEDTLS_DEPRECATED_WARNING * @@ -569,6 +608,20 @@ */ //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +/* + * Disable plain C implementation for AES. + * + * When the plain C implementation is enabled, and an implementation using a + * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime + * detection will be used to select between them. + * + * If only one implementation is present, runtime detection will not be used. + * This configuration will crash at runtime if running on a CPU without the + * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C + * and/or MBEDTLS_AESNI_C is enabled & present in the build. + */ +//#define MBEDTLS_AES_USE_HARDWARE_ONLY + /** * \def MBEDTLS_CAMELLIA_SMALL_MEMORY * @@ -692,6 +745,15 @@ */ //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +/** + * Enable the verified implementations of ECDH primitives from Project Everest + * (currently only Curve25519). This feature changes the layout of ECDH + * contexts and therefore is a compatibility break for applications that access + * fields of a mbedtls_ecdh_context structure directly. See also + * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. + */ +//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -782,6 +844,28 @@ */ //#define MBEDTLS_ECP_RESTARTABLE +/** + * Uncomment to enable using new bignum code in the ECC modules. + * + * \warning This is currently experimental, incomplete and therefore should not + * be used in production. + */ +//#define MBEDTLS_ECP_WITH_MPI_UINT + +/** + * Uncomment to enable p256-m, which implements ECC key generation, ECDH, + * and ECDSA for SECP256R1 curves. This driver is used as an example to + * document how a third-party driver or software accelerator can be integrated + * to work alongside Mbed TLS. + * + * \warning p256-m has only been included to serve as a sample implementation + * of how a driver/accelerator can be integrated alongside Mbed TLS. It is not + * intended for use in production. p256-m files in Mbed TLS are not updated + * regularly, so they may not contain upstream fixes/improvements. + * DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS! + */ +//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED + /** * \def MBEDTLS_ECDSA_DETERMINISTIC * @@ -3998,89 +4082,4 @@ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/** - * Enable the verified implementations of ECDH primitives from Project Everest - * (currently only Curve25519). This feature changes the layout of ECDH - * contexts and therefore is a compatibility break for applications that access - * fields of a mbedtls_ecdh_context structure directly. See also - * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. - */ -//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - -/** - * Uncomment to enable p256-m, which implements ECC key generation, ECDH, - * and ECDSA for SECP256R1 curves. This driver is used as an example to - * document how a third-party driver or software accelerator can be integrated - * to work alongside Mbed TLS. - * - * \warning p256-m has only been included to serve as a sample implementation - * of how a driver/accelerator can be integrated alongside Mbed TLS. It is not - * intended for use in production. p256-m files in Mbed TLS are not updated - * regularly, so they may not contain upstream fixes/improvements. - * DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS! - */ -//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED - - -/** - * Uncomment to enable using new bignum code in the ECC modules. - * - * \warning This is currently experimental, incomplete and therefore should not - * be used in production. - */ -//#define MBEDTLS_ECP_WITH_MPI_UINT - -/* - * Disable plain C implementation for AES. - * - * When the plain C implementation is enabled, and an implementation using a - * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime - * detection will be used to select between them. - * - * If only one implementation is present, runtime detection will not be used. - * This configuration will crash at runtime if running on a CPU without the - * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C - * and/or MBEDTLS_AESNI_C is enabled & present in the build. - */ -//#define MBEDTLS_AES_USE_HARDWARE_ONLY - /** \} name SECTION: Module configuration options */ diff --git a/scripts/config.py b/scripts/config.py index 4ff5166782..6e7fc84cf2 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -190,6 +190,7 @@ def realfull_adapter(_name, active, section): EXCLUDE_FROM_FULL = frozenset([ #pylint: disable=line-too-long 'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY + 'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options @@ -233,7 +234,12 @@ def is_seamless_alt(name): Exclude alternative implementations of library functions since they require an implementation of the relevant functions and an xxx_alt.h header. """ - if name in ('MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', 'MBEDTLS_PLATFORM_MS_TIME_ALT'): + if name in ( + 'MBEDTLS_PLATFORM_GMTIME_R_ALT', + 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', + 'MBEDTLS_PLATFORM_MS_TIME_ALT', + 'MBEDTLS_PLATFORM_ZEROIZE_ALT', + ): # Similar to non-platform xxx_ALT, requires platform_alt.h return False return name.startswith('MBEDTLS_PLATFORM_') From da69eaa366743eb60b945e4a0c4411d4e58b551e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Sep 2023 20:54:17 +0200 Subject: [PATCH 092/125] TLS 1.3 support is mostly complete In particular, pre-shared keys are supported. Signed-off-by: Gilles Peskine --- include/mbedtls/mbedtls_config.h | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 84b27e5008..f34c0913f9 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1727,9 +1727,7 @@ * * Enable support for TLS 1.3. * - * \note The support for TLS 1.3 is not comprehensive yet, in particular - * pre-shared keys are not supported. - * See docs/architecture/tls13-support.md for a description of the TLS + * \note See docs/architecture/tls13-support.md for a description of the TLS * 1.3 support that this option enables. * * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE From d65ea42262a45606a8054dfa0470e6d05343c2b3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Sep 2023 21:07:32 +0200 Subject: [PATCH 093/125] Fix some TLS 1.3 settings that were required in mbedtls_config.h Mbed TLS can be configured by writing a configuration file from scratch, without copying mbedtls_config.h. As a consequence, all the macro definitions in mbedtls_config.h must be optional. This was not the case for some MBEDTLS_SSL_TLS1_3_xxx macros with numerical values related to session tickets. Fix that. Signed-off-by: Gilles Peskine --- ChangeLog.d/tls13-custom-config.txt | 3 +++ include/mbedtls/mbedtls_config.h | 6 +++--- include/mbedtls/ssl.h | 12 ++++++++++++ 3 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/tls13-custom-config.txt diff --git a/ChangeLog.d/tls13-custom-config.txt b/ChangeLog.d/tls13-custom-config.txt new file mode 100644 index 0000000000..da2e25d950 --- /dev/null +++ b/ChangeLog.d/tls13-custom-config.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix undefined symbols in some builds using TLS 1.3 with a custom + configuration file. diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f34c0913f9..df53041f0e 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -4055,7 +4055,7 @@ * This is not used in TLS 1.2. * */ -#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 +//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 /** * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH @@ -4064,7 +4064,7 @@ * * This must be less than 256. */ -#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 +//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 /** * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS @@ -4074,7 +4074,7 @@ * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. * */ -#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 +//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 /* X509 options */ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 920efa98cd..a3ecbfbf67 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -405,6 +405,18 @@ #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 #endif +#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) +#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 +#endif + +#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH) +#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 +#endif + +#if !defined(MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS) +#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 +#endif + /** \} name SECTION: Module settings */ /* From ff2558a47027a758fd9c2f047fa1f1732349273f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Sep 2023 21:10:39 +0200 Subject: [PATCH 094/125] Fix unused variable in some TLS 1.3 builds Fix unused variable when MBEDTLS_SSL_PROTO_TLS1_3 and MBEDTLS_SSL_SESSION_TICKETS are enabled but not MBEDTLS_DEBUG_C. Signed-off-by: Gilles Peskine --- library/ssl_tls13_generic.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 20cecdbdf8..81fa514f67 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -837,6 +837,8 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl) ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len)); cleanup: +#else /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ + (void) ssl; #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate")); From f9e4caf388b26b4cdaba6370b2b1ed7b091a9e1d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Sep 2023 21:11:27 +0200 Subject: [PATCH 095/125] Comment out default definition This is not required (it's ok to define the default in mbedtls_config and skip the definition in rsa.h), but comment it out for uniformity with all the other options in this section. Signed-off-by: Gilles Peskine --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index df53041f0e..ae98553987 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3924,7 +3924,7 @@ //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 /* RSA OPTIONS */ -#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ +//#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ /* SSL Cache options */ //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ From 8cae2c2eb56d82589d39898e62fe876a0e48ec31 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Sep 2023 19:42:35 +0200 Subject: [PATCH 096/125] Use the zeroize function from Mbed TLS Keep using the upstream name, to minimize the differences with the upstream code. Signed-off-by: Gilles Peskine --- 3rdparty/p256-m/p256-m/p256-m.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/3rdparty/p256-m/p256-m/p256-m.c b/3rdparty/p256-m/p256-m/p256-m.c index 21a021bad6..693cc6da2c 100644 --- a/3rdparty/p256-m/p256-m/p256-m.c +++ b/3rdparty/p256-m/p256-m/p256-m.c @@ -7,6 +7,7 @@ */ #include "p256-m.h" +#include "mbedtls/platform_util.h" #include "psa/crypto.h" #include #include @@ -17,12 +18,7 @@ /* * Zeroize memory - this should not be optimized away */ -static void zeroize(void *d, size_t n) -{ - volatile char *p = d; - while( n-- ) - *p++ = 0; -} +#define zeroize mbedtls_platform_zeroize /* * Helpers to test constant-time behaviour with valgrind or MemSan. From b9c795344271708bd47946c4e87404b7630046e9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 7 Sep 2023 14:20:49 +0200 Subject: [PATCH 097/125] pkwrite: Fix defined but not used warning Fix defined but not used warning when MBEDTLS_USE_PSA_CRYPTO, MBEDTLS_PK_HAVE_RFC8410_CURVES and MBEDTLS_PK_HAVE_ECC_KEYS are defined but not MBEDTLS_PEM_WRITE_C. Signed-off-by: Ronald Cron --- library/pkwrite.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 439428cff7..eee64ab17b 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -77,7 +77,7 @@ static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) return 0; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PEM_WRITE_C) /* It is assumed that the input key is opaque */ static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk) { @@ -92,7 +92,7 @@ static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk) return ec_family; } -#endif /* MBETLS_USE_PSA_CRYPTO */ +#endif /* MBETLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ From d3d566f1d8d1751a6debc96aea2428e470f709bf Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 7 Sep 2023 14:29:12 +0200 Subject: [PATCH 098/125] PSA config: Add comment about HKDF Signed-off-by: Ronald Cron --- include/mbedtls/config_adjust_legacy_from_psa.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 8d864ab6d4..471ba181bd 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -67,6 +67,10 @@ #if defined(PSA_WANT_ALG_HKDF) #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ @@ -74,6 +78,10 @@ #if defined(PSA_WANT_ALG_HKDF_EXTRACT) #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ @@ -81,6 +89,10 @@ #if defined(PSA_WANT_ALG_HKDF_EXPAND) #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ From 86733834bcad055afa4d08aabbf647c25412a690 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 7 Sep 2023 15:02:39 +0200 Subject: [PATCH 099/125] Modernize documentation of MBEDTLS_PLATFORM_ZEROIZE_ALT The documentation was not updated when we started detecting memset_s() and such. Signed-off-by: Gilles Peskine --- include/mbedtls/mbedtls_config.h | 33 +++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index ae98553987..d73c83e44d 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -292,22 +292,25 @@ //#define MBEDTLS_PLATFORM_GMTIME_R_ALT /** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces + * the default implementation in platform_util.c. * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). + * By default, the library uses a system function such as memset_s() + * (optional feature of C11), explicit_bzero() (BSD and compatible), or + * SecureZeroMemory (Windows). If no such function is detected, the library + * falls back to a plain C implementation. Compilers are technically + * permitted to optimize this implementation out, meaning that the memory is + * not actually wiped. The library tries to prevent that, but the C language + * makes it impossible to guarantee that the memory will always be wiped. + * + * If your platform provides a guaranteed method to wipe memory which + * `platform_util.c` does not detect, define this macro to the name of + * a function that takes two arguments, a `void *` pointer and a length, + * and wipes that many bytes starting at the specified address. For example, + * if your platform has explicit_bzero() but `platform_util.c` does not + * detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be + * `explicit_bzero` to use that function as mbedtls_platform_zeroize(). */ //#define MBEDTLS_PLATFORM_ZEROIZE_ALT From eab2055bdec6741c90d38624591e1ff68dbdffea Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 30 Aug 2023 17:36:25 +0200 Subject: [PATCH 100/125] Fix query_config.c generation with CMake build system In case of an out-of-tree build with the CMake build system the path to crypto_config.h has to be defined as the path to mbedtls_config.h. Add this possibility tp generate_query_config.pl. Signed-off-by: Ronald Cron --- programs/test/CMakeLists.txt | 2 ++ scripts/generate_query_config.pl | 25 +++++++++++-------------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 735684ebf6..a75f8d9239 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -45,11 +45,13 @@ if(GEN_FILES) ${PERL} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt ${CMAKE_CURRENT_BINARY_DIR}/query_config.c DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt ) # this file will also be used in another directory, so create a target, see diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index ddbebfa448..4282339221 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -7,15 +7,16 @@ # form (if any). This facilitates querying the compile time configuration of # the library, for example, for testing. # -# The query_config.c is generated from the current configuration at -# include/mbedtls/mbedtls_config.h. The idea is that the mbedtls_config.h contains ALL the +# The query_config.c is generated from the default configuration files +# include/mbedtls/mbedtls_config.h and include/psa/crypto_config.h. +# The idea is that mbedtls_config.h and crypto_config.h contain ALL the # compile time configurations available in Mbed TLS (commented or uncommented). -# This script extracts the configuration macros from the mbedtls_config.h and this +# This script extracts the configuration macros from the two files and this # information is used to automatically generate the body of the query_config() # function by using the template in scripts/data_files/query_config.fmt. # # Usage: scripts/generate_query_config.pl without arguments, or -# generate_query_config.pl mbedtls_config_file template_file output_file [psa_crypto_config_file] +# generate_query_config.pl mbedtls_config_file psa_crypto_config_file template_file output_file # # Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 @@ -34,29 +35,25 @@ use strict; -my ($mbedtls_config_file, $query_config_format_file, $query_config_file, $psa_crypto_config_file); +my ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file); my $default_mbedtls_config_file = "./include/mbedtls/mbedtls_config.h"; +my $default_psa_crypto_config_file = "./include/psa/crypto_config.h"; my $default_query_config_format_file = "./scripts/data_files/query_config.fmt"; my $default_query_config_file = "./programs/test/query_config.c"; -my $default_psa_crypto_config_file = "./include/psa/crypto_config.h"; if( @ARGV ) { - die "Invalid number of arguments - usage: $0 [CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 3; - ($mbedtls_config_file, $query_config_format_file, $query_config_file) = @ARGV; + die "Invalid number of arguments - usage: $0 [CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 4; + ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file) = @ARGV; -f $mbedtls_config_file or die "No such file: $mbedtls_config_file"; + -f $psa_crypto_config_file or die "No such file: $psa_crypto_config_file"; -f $query_config_format_file or die "No such file: $query_config_format_file"; - if (defined($psa_crypto_config_file) && length($psa_crypto_config_file)) { - -f $psa_crypto_config_file or die "No such file: $psa_crypto_config_file"; - } else { - $psa_crypto_config_file = (-f $default_psa_crypto_config_file) ? $default_psa_crypto_config_file : undef; - } } else { $mbedtls_config_file = $default_mbedtls_config_file; + $psa_crypto_config_file = $default_psa_crypto_config_file; $query_config_format_file = $default_query_config_format_file; $query_config_file = $default_query_config_file; - $psa_crypto_config_file = $default_psa_crypto_config_file; unless(-f $mbedtls_config_file && -f $query_config_format_file && -f $psa_crypto_config_file) { chdir '..' or die; From d7a983a0d88353ae48dd86251d00f55f695d8e73 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 8 Sep 2023 10:53:35 +0200 Subject: [PATCH 101/125] Fix generate_query_config.pl usage Signed-off-by: Ronald Cron --- scripts/generate_query_config.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 4282339221..69eca83449 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -43,7 +43,7 @@ my $default_query_config_format_file = "./scripts/data_files/query_config.fmt"; my $default_query_config_file = "./programs/test/query_config.c"; if( @ARGV ) { - die "Invalid number of arguments - usage: $0 [CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 4; + die "Invalid number of arguments - usage: $0 [MBED_TLS_CONFIG_FILE PSA_CRYPTO_CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 4; ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file) = @ARGV; -f $mbedtls_config_file or die "No such file: $mbedtls_config_file"; From d34c4262da1a33b462c813b9712796105cadfe30 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 8 Sep 2023 11:09:50 +0100 Subject: [PATCH 102/125] Move conditionals to keep doxygen with function Signed-off-by: Agathiyan Bragadeesh --- include/mbedtls/asn1.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 825020fe33..c7aae0ff87 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -256,7 +256,9 @@ int mbedtls_asn1_get_len(unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag); +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_ASN1_PARSE_C) /** * \brief Retrieve a boolean ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. @@ -272,9 +274,6 @@ int mbedtls_asn1_get_tag(unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BOOLEAN. */ -#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ - -#if defined(MBEDTLS_ASN1_PARSE_C) int mbedtls_asn1_get_bool(unsigned char **p, const unsigned char *end, int *val); From c34804dea2afd10c6dba10e349caefbdf7e0b0e1 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 8 Sep 2023 11:32:19 +0100 Subject: [PATCH 103/125] Fix bug with checking max dn length with hexpairs Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 6ef33b0336..cb9fd69967 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -168,13 +168,16 @@ static int parse_attribute_value_string(const char *s, } *(d++) = n; c++; - continue; - } else if (c == end || !strchr(" ,=+<>#;\"\\", *c)) { + } else if (c < end && strchr(" ,=+<>#;\"\\", *c)) { + *(d++) = *c; + } else { return MBEDTLS_ERR_X509_INVALID_NAME; } } + else { + *(d++) = *c; + } - *(d++) = *c; if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { return MBEDTLS_ERR_X509_INVALID_NAME; From 706a1c3c3f90583d8d2b4f73cfe5dbae7bc01ecb Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Fri, 8 Sep 2023 12:04:41 +0100 Subject: [PATCH 104/125] Fix code style Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index cb9fd69967..eff36d5f1f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -173,8 +173,7 @@ static int parse_attribute_value_string(const char *s, } else { return MBEDTLS_ERR_X509_INVALID_NAME; } - } - else { + } else { *(d++) = *c; } From 99f0cdc0e0a51ba67da76656643765bc095854bf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Sep 2023 17:18:04 +0100 Subject: [PATCH 105/125] Remove not-needed mov in x86_64 asm Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index ab32deee9f..86f7510cb3 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -345,8 +345,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe "not %[mask] \n\t" "and %[mask], %[x] \n\t" "or %[y], %[x] \n\t" - "mov %[x], %[mask] \n\t" - "sar $63, %[mask] \n\t" + "sar $63, %[x] \n\t" : [mask] "=&a" (mask), [x] "+&S" (x), @@ -354,7 +353,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe : : ); - return (mbedtls_ct_condition_t) mask; + return (mbedtls_ct_condition_t) x; #elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) uint32_t s; asm volatile ("mov %[x], %[s] \n\t" From 5f249852a50e74d8243e0777b18bdfb10d29b0f4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Sep 2023 17:18:29 +0100 Subject: [PATCH 106/125] Better register allocation for x86_64 asm Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 86f7510cb3..a8c398ba97 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -348,8 +348,8 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe "sar $63, %[x] \n\t" : [mask] "=&a" (mask), - [x] "+&S" (x), - [y] "+&D" (y) + [x] "+&D" (x), + [y] "+&S" (y) : : ); From b6b8f6c68dcd5632d102c511b85334936776dbea Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Sep 2023 17:19:32 +0100 Subject: [PATCH 107/125] Make variable name consistent in x86_64 asm Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index a8c398ba97..4a75c60cd0 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -337,17 +337,17 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe ); return (mbedtls_ct_condition_t) x; #elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) - uint64_t mask; - asm volatile ("mov %[x], %[mask] \n\t" - "xor %[y], %[mask] \n\t" + uint64_t s; + asm volatile ("mov %[x], %[s] \n\t" + "xor %[y], %[s] \n\t" "sub %[y], %[x] \n\t" - "and %[mask], %[y] \n\t" - "not %[mask] \n\t" - "and %[mask], %[x] \n\t" + "and %[s], %[y] \n\t" + "not %[s] \n\t" + "and %[s], %[x] \n\t" "or %[y], %[x] \n\t" "sar $63, %[x] \n\t" : - [mask] "=&a" (mask), + [s] "=&a" (s), [x] "+&D" (x), [y] "+&S" (y) : From 4a97e736613eefaac3103642b68a44f5860398f9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Sep 2023 17:26:18 +0100 Subject: [PATCH 108/125] Eliminate a redundant not from x86 asm Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 4a75c60cd0..70e8b9a577 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -359,11 +359,10 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe asm volatile ("mov %[x], %[s] \n\t" "xor %[y], %[s] \n\t" "sub %[y], %[x] \n\t" + "and %[s], %[y] \n\t" "not %[s] \n\t" "and %[s], %[x] \n\t" - "not %[s] \n\t" - "and %[y], %[s] \n\t" - "or %[s], %[x] \n\t" + "or %[y], %[x] \n\t" "sar $31, %[x] \n\t" : [s] "=&b" (s), From 3f8e483eed49c46fb80d36b58639beb18b514c0f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Sep 2023 17:57:40 +0100 Subject: [PATCH 109/125] Mark y as modified in x86 asm for mbedtls_ct_uint_lt Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 70e8b9a577..4290e6024e 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -366,9 +366,9 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe "sar $31, %[x] \n\t" : [s] "=&b" (s), - [x] "+&a" (x) + [x] "+&a" (x), + [y] "+&c" (y) : - [y] "c" (y) : ); return (mbedtls_ct_condition_t) x; From 45b6e5e69f582bafa3478e3c5d7da9880e1f236a Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 12 Sep 2023 11:29:16 +0100 Subject: [PATCH 110/125] Prevent potential use of uninitialised data in pkcs7 tests Move the initialisation of the pkcs7 object to before the first possible test failure, otherwise failure in those tests could result in an uninitialised pointer being free'd. Found by coverity. Signed-off-by: Paul Elliott --- tests/suites/test_suite_pkcs7.function | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function index a0da1d72d9..65384a8550 100644 --- a/tests/suites/test_suite_pkcs7.function +++ b/tests/suites/test_suite_pkcs7.function @@ -78,6 +78,8 @@ void pkcs7_verify(char *pkcs7_file, MD_OR_USE_PSA_INIT(); + mbedtls_pkcs7_init(&pkcs7); + /* crt_files are space seprated list */ for (i = 0; i < strlen(crt_files); i++) { if (crt_files[i] == ' ') { @@ -100,7 +102,6 @@ void pkcs7_verify(char *pkcs7_file, i = k; } - mbedtls_pkcs7_init(&pkcs7); for (i = 0; i < n_crts; i++) { TEST_CALLOC(crts[i], 1); mbedtls_x509_crt_init(crts[i]); From 9d8a7d62f5dcf7988dbde7089e54c5bd2f66ba34 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Tue, 12 Sep 2023 16:01:52 +0100 Subject: [PATCH 111/125] Use the correct variable when tracking padding length Fixes an error introduced in a81373f80 Signed-off-by: Tom Cosgrove --- library/ssl_msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c8ffc1ede2..85632a1c31 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -1973,7 +1973,7 @@ hmac_failed_etm_enabled: increment = mbedtls_ct_size_if_else_0(b, increment); pad_count += increment; } - correct = mbedtls_ct_size_if_else_0(mbedtls_ct_uint_eq(pad_count, padlen), padlen); + correct = mbedtls_ct_size_if_else_0(mbedtls_ct_uint_eq(pad_count, padlen), correct); #if defined(MBEDTLS_SSL_DEBUG_ALL) if (padlen > 0 && correct == 0) { From a722d0a415b47df512c6d4b3c0b58d612b9c9b95 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 12 Sep 2023 16:27:24 +0100 Subject: [PATCH 112/125] Update CMake minimum version(s) to match main CMakeLists.txt Signed-off-by: Paul Elliott --- programs/test/cmake_package/CMakeLists.txt | 2 +- programs/test/cmake_package_install/CMakeLists.txt | 2 +- programs/test/cmake_subproject/CMakeLists.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/test/cmake_package/CMakeLists.txt b/programs/test/cmake_package/CMakeLists.txt index 518d2e94f2..019e6e7c0a 100644 --- a/programs/test/cmake_package/CMakeLists.txt +++ b/programs/test/cmake_package/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.8.12) +cmake_minimum_required(VERSION 3.5.1) # # Simulate configuring and building Mbed TLS as the user might do it. We'll diff --git a/programs/test/cmake_package_install/CMakeLists.txt b/programs/test/cmake_package_install/CMakeLists.txt index fb5ad51b54..6070a6c067 100644 --- a/programs/test/cmake_package_install/CMakeLists.txt +++ b/programs/test/cmake_package_install/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.8.12) +cmake_minimum_required(VERSION 3.5.1) # # Simulate configuring and building Mbed TLS as the user might do it. We'll diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt index a9fcfde29d..3c3cba3c2d 100644 --- a/programs/test/cmake_subproject/CMakeLists.txt +++ b/programs/test/cmake_subproject/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.6) +cmake_minimum_required(VERSION 3.5.1) # Test the target renaming support by adding a prefix to the targets built set(MBEDTLS_TARGET_PREFIX subproject_test_) From c7959b22c6aa5d196ba229cc461ca147e6632454 Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 12 Sep 2023 17:54:43 +0100 Subject: [PATCH 113/125] Remove magic number in x509.c Signed-off-by: Agathiyan Bragadeesh --- library/x509.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/x509.c b/library/x509.c index c1d6bd485c..790decf226 100644 --- a/library/x509.c +++ b/library/x509.c @@ -825,7 +825,8 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j, n, asn1_len_size, asn1_tag_size, asn1_tag_len_buf_start; - unsigned char asn1_tag_len_buf[10]; + /* 6 is enough as our asn1 write functions only write one byte for the tag and at most five bytes for the length*/ + unsigned char asn1_tag_len_buf[6]; unsigned char *asn1_len_p; unsigned char c, merge = 0; const mbedtls_x509_name *name; @@ -874,7 +875,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) if (print_hexstring) { s[0] = '#'; - asn1_len_p = asn1_tag_len_buf + 10; + asn1_len_p = asn1_tag_len_buf + sizeof(asn1_tag_len_buf); if ((ret = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len)) < 0) { return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } @@ -883,7 +884,7 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } asn1_tag_size = ret; - asn1_tag_len_buf_start = 10 - asn1_len_size - asn1_tag_size; + asn1_tag_len_buf_start = sizeof(asn1_tag_len_buf) - asn1_len_size - asn1_tag_size; for (i = 0, j = 1; i < asn1_len_size + asn1_tag_size; i++) { if (j + 1 >= sizeof(s) - 1) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; From a72ea814d8c3cec481813ee118a4b84b7137e63d Mon Sep 17 00:00:00 2001 From: Agathiyan Bragadeesh Date: Tue, 12 Sep 2023 17:57:09 +0100 Subject: [PATCH 114/125] Remove double blank line in x509_create.c Signed-off-by: Agathiyan Bragadeesh --- library/x509_create.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index eff36d5f1f..1c489a3ca5 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -177,7 +177,6 @@ static int parse_attribute_value_string(const char *s, *(d++) = *c; } - if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { return MBEDTLS_ERR_X509_INVALID_NAME; } From 484327823724f1eb537ca3602b82479fae7415d5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Aug 2023 17:22:44 +0200 Subject: [PATCH 115/125] Allow "Mbed TLS" as the project name in Doxygen Previously the code only recognized the old spelling "mbed TLS", so it missed doxygen/input/doc_mainpage.h. Signed-off-by: Gilles Peskine --- scripts/bump_version.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 7fc8c6c76c..47f5dc716e 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -142,7 +142,7 @@ mv tmp tests/suites/test_suite_version.data [ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h" for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h; do - sed -e "s/mbed TLS v[0-9\.]\{1,\}/mbed TLS v$VERSION/g" < $i > tmp + sed -e "s/\\([Mm]bed TLS v\\)[0-9][0-9.]*/\\1$VERSION/g" < $i > tmp mv tmp $i done From e820c0abc82cb851f81b9fd10298f5b5f7b0d72a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Aug 2023 17:45:20 +0200 Subject: [PATCH 116/125] Update spelling "mbed TLS" to "Mbed TLS" The official spelling of the trade mark changed from all-lowercase "mbed" to normal proper noun capitalization "Mbed" a few years ago. We've been using the new spelling in new text but still have the old spelling in a lot of text. This commit updates most occurrences of "mbed TLS": ``` sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*') ``` Justification for the omissions: * `ChangeLog`: historical text. * `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many occurrences are significant names in certificates and such. Changing the spelling would invalidate many signatures and tests. * `configs/tfm*`: this is an imported file. We'll follow the upstream updates. Signed-off-by: Gilles Peskine --- .../everest/include/everest/vs2013/inttypes.h | 2 +- .../everest/include/everest/vs2013/stdbool.h | 2 +- 3rdparty/everest/include/everest/x25519.h | 2 +- .../everest/library/Hacl_Curve25519_joined.c | 2 +- 3rdparty/everest/library/x25519.c | 2 +- 3rdparty/p256-m/p256-m_driver_entrypoints.h | 2 +- CMakeLists.txt | 12 ++--- DartConfiguration.tcl | 2 +- configs/README.txt | 2 +- configs/config-no-entropy.h | 4 +- configs/config-suite-b.h | 4 +- configs/config-thread.h | 4 +- doxygen/mbedtls.doxyfile | 2 +- include/CMakeLists.txt | 2 +- include/mbedtls/build_info.h | 2 +- include/mbedtls/check_config.h | 2 +- include/mbedtls/ecp.h | 2 +- include/mbedtls/error.h | 2 +- include/mbedtls/mbedtls_config.h | 44 +++++++++---------- include/mbedtls/platform_time.h | 2 +- include/mbedtls/ssl_ciphersuites.h | 2 +- include/mbedtls/threading.h | 4 +- include/mbedtls/version.h | 8 ++-- include/mbedtls/x509_crt.h | 4 +- include/mbedtls/x509_csr.h | 2 +- library/CMakeLists.txt | 8 ++-- library/cipher.c | 2 +- library/cipher_wrap.c | 2 +- library/ecjpake.c | 2 +- library/entropy_poll.h | 2 +- library/md.c | 2 +- library/mps_common.h | 2 +- library/mps_error.h | 2 +- library/mps_reader.h | 2 +- library/mps_trace.h | 2 +- library/psa_crypto_core.h | 4 +- library/ssl_ciphersuites.c | 2 +- library/ssl_client.c | 2 +- library/ssl_tls13_client.c | 2 +- programs/ssl/ssl_fork_server.c | 2 +- programs/ssl/ssl_mail_client.c | 4 +- programs/ssl/ssl_pthread_server.c | 2 +- programs/ssl/ssl_server.c | 2 +- programs/ssl/ssl_server2.c | 2 +- scripts/bump_version.sh | 2 +- scripts/footprint.sh | 4 +- scripts/generate_features.pl | 4 +- scripts/lcov.sh | 2 +- tests/compat.sh | 4 +- tests/scripts/basic-build-test.sh | 2 +- tests/scripts/check-doxy-blocks.pl | 2 +- tests/scripts/check-generated-files.sh | 2 +- tests/scripts/doxygen.sh | 2 +- tests/scripts/generate-afl-tests.sh | 2 +- tests/suites/test_suite_ecp.function | 2 +- tests/suites/test_suite_version.function | 4 +- tests/suites/test_suite_x509parse.function | 2 +- 57 files changed, 100 insertions(+), 100 deletions(-) diff --git a/3rdparty/everest/include/everest/vs2013/inttypes.h b/3rdparty/everest/include/everest/vs2013/inttypes.h index d53f87f21d..77003be0b0 100644 --- a/3rdparty/everest/include/everest/vs2013/inttypes.h +++ b/3rdparty/everest/include/everest/vs2013/inttypes.h @@ -17,7 +17,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _INTTYPES_H_VS2010 diff --git a/3rdparty/everest/include/everest/vs2013/stdbool.h b/3rdparty/everest/include/everest/vs2013/stdbool.h index 5b7039c4f4..dcae6d80ad 100644 --- a/3rdparty/everest/include/everest/vs2013/stdbool.h +++ b/3rdparty/everest/include/everest/vs2013/stdbool.h @@ -17,7 +17,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _STDBOOL_H_VS2010 diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h index 7a973dcf01..ef314d2f3b 100644 --- a/3rdparty/everest/include/everest/x25519.h +++ b/3rdparty/everest/include/everest/x25519.h @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef MBEDTLS_X25519_H diff --git a/3rdparty/everest/library/Hacl_Curve25519_joined.c b/3rdparty/everest/library/Hacl_Curve25519_joined.c index 957294f648..a778160fff 100644 --- a/3rdparty/everest/library/Hacl_Curve25519_joined.c +++ b/3rdparty/everest/library/Hacl_Curve25519_joined.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _BSD_SOURCE /* Required to get htole64() from gcc/glibc's endian.h (older systems) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index 9faa9ab7d8..83064dc619 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.h b/3rdparty/p256-m/p256-m_driver_entrypoints.h index 18c677a891..9522cede85 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.h +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.h @@ -31,7 +31,7 @@ /** Generate SECP256R1 ECC Key Pair. * Interface function which calls the p256-m key generation function and - * places it in the key buffer provided by the caller (mbed TLS) in the + * places it in the key buffer provided by the caller (Mbed TLS) in the * correct format. For a SECP256R1 curve this is the 32 bit private key. * * \param[in] attributes The attributes of the key to use for the diff --git a/CMakeLists.txt b/CMakeLists.txt index 4d7e0b055d..1216c72686 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -34,14 +34,14 @@ cmake_policy(SET CMP0011 NEW) cmake_policy(SET CMP0012 NEW) if(TEST_CPP) - project("mbed TLS" LANGUAGES C CXX) + project("Mbed TLS" LANGUAGES C CXX) else() - project("mbed TLS" LANGUAGES C) + project("Mbed TLS" LANGUAGES C) endif() include(GNUInstallDirs) -# Determine if mbed TLS is being built as a subproject using add_subdirectory() +# Determine if Mbed TLS is being built as a subproject using add_subdirectory() if(NOT DEFINED MBEDTLS_AS_SUBPROJECT) set(MBEDTLS_AS_SUBPROJECT ON) if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR) @@ -52,7 +52,7 @@ endif() # Set the project root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) -option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) +option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) @@ -71,9 +71,9 @@ string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}") # the test suites currently have compile errors with MSVC if(CMAKE_COMPILER_IS_MSVC) - option(ENABLE_TESTING "Build mbed TLS tests." OFF) + option(ENABLE_TESTING "Build Mbed TLS tests." OFF) else() - option(ENABLE_TESTING "Build mbed TLS tests." ON) + option(ENABLE_TESTING "Build Mbed TLS tests." ON) endif() # Warning string - created as a list for compatibility with CMake 2.8 diff --git a/DartConfiguration.tcl b/DartConfiguration.tcl index dfa0f07181..af0578a581 100644 --- a/DartConfiguration.tcl +++ b/DartConfiguration.tcl @@ -1,4 +1,4 @@ Site: localhost -BuildName: mbed TLS-test +BuildName: Mbed TLS-test CoverageCommand: /usr/bin/gcov MemoryCheckCommand: /usr/bin/valgrind diff --git a/configs/README.txt b/configs/README.txt index 9e5a243f8d..86496db013 100644 --- a/configs/README.txt +++ b/configs/README.txt @@ -21,4 +21,4 @@ them, you can pick one of the following methods: make Note that the second method also works if you want to keep your custom -configuration file outside the mbed TLS tree. +configuration file outside the Mbed TLS tree. diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 31fab4e918..1964e8e559 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -33,7 +33,7 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_PADDING_PKCS7 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -47,7 +47,7 @@ #define MBEDTLS_SELF_TEST #define MBEDTLS_VERSION_FEATURES -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 89898b33a7..56a700f740 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -37,13 +37,13 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_SSL_PROTO_TLS1_2 -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 0652136a54..e05b557ede 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -35,7 +35,7 @@ /* System support */ #define MBEDTLS_HAVE_ASM -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_AES_ROM_TABLES #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_NIST_OPTIM @@ -46,7 +46,7 @@ #define MBEDTLS_SSL_DTLS_ANTI_REPLAY #define MBEDTLS_SSL_DTLS_HELLO_VERIFY -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 7fd5ddef82..c8a47d9ead 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "mbed TLS v3.4.1" +PROJECT_NAME = "Mbed TLS v3.4.1" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index e693bc17cc..e11e2715af 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -1,4 +1,4 @@ -option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON) +option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON) if(INSTALL_MBEDTLS_HEADERS) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 7fd4fcc13c..d37cc81f7e 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -47,7 +47,7 @@ */ #define MBEDTLS_VERSION_NUMBER 0x03040100 #define MBEDTLS_VERSION_STRING "3.4.1" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 3.4.1" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.4.1" #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ca267bdd8b..5ea7b9470d 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -30,7 +30,7 @@ */ #include #if CHAR_BIT != 8 -#error "mbed TLS requires a platform with 8-bit chars" +#error "Mbed TLS requires a platform with 8-bit chars" #endif #include diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index a89d4d23c8..bf95b907a4 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -175,7 +175,7 @@ mbedtls_ecp_point; #if !defined(MBEDTLS_ECP_ALT) /* - * default mbed TLS elliptic curve arithmetic implementation + * default Mbed TLS elliptic curve arithmetic implementation * * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an * alternative implementation for the whole module and it will replace this diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 11600bb60e..6882d71b17 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -166,7 +166,7 @@ static inline int mbedtls_error_add(int high, int low, } /** - * \brief Translate a mbed TLS error code into a string representation, + * \brief Translate a Mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating * null byte. * diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index d73c83e44d..2f5c672fb9 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -168,7 +168,7 @@ * * Enable the memory allocation layer. * - * By default mbed TLS uses the system-provided calloc() and free(). + * By default Mbed TLS uses the system-provided calloc() and free(). * This allows different allocators (self-implemented or provided) to be * provided to the platform abstraction layer. * @@ -241,10 +241,10 @@ /** * \def MBEDTLS_PLATFORM_EXIT_ALT * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the + * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the * function in the platform abstraction layer. * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will * provide a function "mbedtls_platform_set_printf()" that allows you to set an * alternative printf function pointer. * @@ -344,7 +344,7 @@ /** \} name SECTION: System support */ /** - * \name SECTION: mbed TLS feature support + * \name SECTION: Mbed TLS feature support * * This section sets support for features that are or are not needed * within the modules that are enabled. @@ -367,7 +367,7 @@ /** * \def MBEDTLS_AES_ALT * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your * alternate core implementation of a symmetric crypto, an arithmetic or hash * module (e.g. platform specific assembly optimized implementations). Keep * in mind that the function prototypes should remain the same. @@ -375,7 +375,7 @@ * This replaces the whole module. If you only want to replace one of the * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer * provide the "struct mbedtls_aes_context" definition and omit the base * function declarations and implementations. "aes_alt.h" will be included from * "aes.h" to include the new function definitions. @@ -423,14 +423,14 @@ /** * \def MBEDTLS_SHA256_PROCESS_ALT * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you * alternate core implementation of symmetric crypto or hash function. Keep in * mind that function prototypes should remain the same. * - * This replaces only one function. The header file from mbed TLS is still + * This replaces only one function. The header file from Mbed TLS is still * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will * no longer provide the mbedtls_sha1_process() function, but it will still provide * the other function (using your mbedtls_sha1_process() function) and the definition * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible @@ -480,11 +480,11 @@ * * Expose a part of the internal interface of the Elliptic Curve Point module. * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your + * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your * alternative core implementation of elliptic curve arithmetic. Keep in mind * that function prototypes should remain the same. * - * This partially replaces one function. The header file from mbed TLS is still + * This partially replaces one function. The header file from Mbed TLS is still * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation * is still present and it is used for group structures not supported by the * alternative. @@ -508,11 +508,11 @@ * implement optimized set up and tear down instructions. * * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac() + * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() * function, but will use your mbedtls_internal_ecp_double_jac() if the group * for the operation is supported by your implementation (i.e. your * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the - * group is not supported by your implementation, then the original mbed TLS + * group is not supported by your implementation, then the original Mbed TLS * implementation of ecp_double_jac() is used instead, unless this fallback * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). @@ -543,7 +543,7 @@ /** * \def MBEDTLS_ENTROPY_HARDWARE_ALT * - * Uncomment this macro to let mbed TLS use your own implementation of a + * Uncomment this macro to let Mbed TLS use your own implementation of a * hardware entropy collector. * * Your function must be called \c mbedtls_hardware_poll(), have the same @@ -1491,7 +1491,7 @@ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate + * If you choose not to send the alert messages, Mbed TLS can still communicate * with other servers, only debugging of failures is harder. * * The advantage of not sending alert messages, is that no information is given @@ -2181,12 +2181,12 @@ * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT -/** \} name SECTION: mbed TLS feature support */ +/** \} name SECTION: Mbed TLS feature support */ /** - * \name SECTION: mbed TLS modules + * \name SECTION: Mbed TLS modules * - * This section enables or disables entire modules in mbed TLS + * This section enables or disables entire modules in Mbed TLS * \{ */ @@ -2882,7 +2882,7 @@ * Module: library/memory_buffer_alloc.c * * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) * * Enable this module to enable the buffer memory allocator. */ @@ -3484,7 +3484,7 @@ * \def MBEDTLS_THREADING_C * * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that + * By default Mbed TLS assumes it is used in a non-threaded environment or that * contexts are not shared between threads. If you do intend to use contexts * between threads, you will need to enable this layer to prevent race * conditions. See also our Knowledge Base article about threading: @@ -3498,7 +3498,7 @@ * You will have to enable either MBEDTLS_THREADING_ALT or * MBEDTLS_THREADING_PTHREAD. * - * Enable this layer to allow use of mutexes within mbed TLS + * Enable this layer to allow use of mutexes within Mbed TLS */ //#define MBEDTLS_THREADING_C @@ -3644,7 +3644,7 @@ */ #define MBEDTLS_X509_CSR_WRITE_C -/** \} name SECTION: mbed TLS modules */ +/** \} name SECTION: Mbed TLS modules */ /** * \name SECTION: General configuration options diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index c7973d9fc1..21b3697458 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -1,7 +1,7 @@ /** * \file platform_time.h * - * \brief mbed TLS Platform time abstraction + * \brief Mbed TLS Platform time abstraction */ /* * Copyright The Mbed TLS Contributors diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 2db5209ea9..bf0c1a1b36 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -1,7 +1,7 @@ /** * \file ssl_ciphersuites.h * - * \brief SSL Ciphersuites for mbed TLS + * \brief SSL Ciphersuites for Mbed TLS */ /* * Copyright The Mbed TLS Contributors diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 1b9c7ced25..6a336c3ed2 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -55,9 +55,9 @@ typedef struct mbedtls_threading_mutex_t { * \brief Set your alternate threading implementation function * pointers and initialize global mutexes. If used, this * function must be called once in the main thread before any - * other mbed TLS function is called, and + * other Mbed TLS function is called, and * mbedtls_threading_free_alt() must be called once in the main - * thread after all other mbed TLS functions. + * thread after all other Mbed TLS functions. * * \note mutex_init() and mutex_free() don't return a status code. * If mutex_init() fails, it should leave its argument (the diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index bb1a4c3cbe..073211a191 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -52,9 +52,9 @@ unsigned int mbedtls_version_get_number(void); void mbedtls_version_get_string(char *string); /** - * Get the full version string ("mbed TLS x.y.z"). + * Get the full version string ("Mbed TLS x.y.z"). * - * \param string The string that will receive the value. The mbed TLS version + * \param string The string that will receive the value. The Mbed TLS version * string will use 18 bytes AT MOST including a terminating * null byte. * (So the buffer should be at least 18 bytes to receive this @@ -64,12 +64,12 @@ void mbedtls_version_get_string_full(char *string); /** * \brief Check if support for a feature was compiled into this - * mbed TLS binary. This allows you to see at runtime if the + * Mbed TLS binary. This allows you to see at runtime if the * library was for instance compiled with or without * Multi-threading support. * * \note only checks against defines in the sections "System - * support", "mbed TLS modules" and "mbed TLS feature + * support", "Mbed TLS modules" and "Mbed TLS feature * support" in mbedtls_config.h * * \param feature The string for the define to check (e.g. "MBEDTLS_AES_C") diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 078781ca8f..3f9b25075f 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -1007,7 +1007,7 @@ int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char * * \brief Set the issuer name for a Certificate * Issuer names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS CA" + * e.g. "C=UK,O=ARM,CN=Mbed TLS CA" * * \param ctx CRT context to use * \param issuer_name issuer name to set @@ -1022,7 +1022,7 @@ int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, * \brief Set the subject name for a Certificate * Subject names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1" * * \param ctx CRT context to use * \param subject_name subject name to set diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 80adb1910c..513a83edd0 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -180,7 +180,7 @@ void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx); * \brief Set the subject name for a CSR * Subject names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1" * * \param ctx CSR context to use * \param subject_name subject name to set diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 351edd0bae..83204f35e8 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -1,7 +1,7 @@ -option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) -option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) -option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) -option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF) +option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) +option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) +option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) # Set the project root directory if it's not already defined, as may happen if # the library folder is included directly by a parent project, without diff --git a/library/cipher.c b/library/cipher.c index de7f8378e3..69ee6d79c3 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1,7 +1,7 @@ /** * \file cipher.c * - * \brief Generic cipher wrapper for mbed TLS + * \brief Generic cipher wrapper for Mbed TLS * * \author Adriaan de Jong * diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 6ab2f5f132..8e061218cb 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1,7 +1,7 @@ /** * \file cipher_wrap.c * - * \brief Generic cipher wrapper for mbed TLS + * \brief Generic cipher wrapper for Mbed TLS * * \author Adriaan de Jong * diff --git a/library/ecjpake.c b/library/ecjpake.c index 19ad2c6e0f..6355b5ea58 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -1131,7 +1131,7 @@ int mbedtls_ecjpake_self_test(int verbose) #if !defined(MBEDTLS_ECJPAKE_ALT) /* 'reference handshake' tests can only be run against implementations * for which we have 100% control over how the random ephemeral keys - * are generated. This is only the case for the internal mbed TLS + * are generated. This is only the case for the internal Mbed TLS * implementation, so these tests are skipped in case the internal * implementation is swapped out for an alternative one. */ if (verbose != 0) { diff --git a/library/entropy_poll.h b/library/entropy_poll.h index 3cfd4a4444..be4943cce4 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -50,7 +50,7 @@ int mbedtls_platform_entropy_poll(void *data, /** * \brief Entropy poll callback for a hardware source * - * \warning This is not provided by mbed TLS! + * \warning This is not provided by Mbed TLS! * See \c MBEDTLS_ENTROPY_HARDWARE_ALT in mbedtls_config.h. * * \note This must accept NULL as its first argument. diff --git a/library/md.c b/library/md.c index 0b2ea4d149..6dfbba78d1 100644 --- a/library/md.c +++ b/library/md.c @@ -1,7 +1,7 @@ /** * \file md.c * - * \brief Generic message digest wrapper for mbed TLS + * \brief Generic message digest wrapper for Mbed TLS * * \author Adriaan de Jong * diff --git a/library/mps_common.h b/library/mps_common.h index 33b518b0a8..301d52532c 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_error.h b/library/mps_error.h index 15570d2384..5113959beb 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_reader.h b/library/mps_reader.h index bff6705037..bb912ec17f 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_trace.h b/library/mps_trace.h index 6f0455f038..f8e0a5d807 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 2b4afd7e1d..575f302d40 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -225,12 +225,12 @@ psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot, const uint8_t *data, size_t data_length); -/** Convert an mbed TLS error code to a PSA error code +/** Convert an Mbed TLS error code to a PSA error code * * \note This function is provided solely for the convenience of * Mbed TLS and may be removed at any time without notice. * - * \param ret An mbed TLS-thrown error code + * \param ret An Mbed TLS-thrown error code * * \return The corresponding PSA error code */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index a0cf5300f1..d2c050b431 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1,7 +1,7 @@ /** * \file ssl_ciphersuites.c * - * \brief SSL ciphersuites for mbed TLS + * \brief SSL ciphersuites for Mbed TLS * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 diff --git a/library/ssl_client.c b/library/ssl_client.c index dc2b650b46..7114ef01a7 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS ( https://tls.mbed.org ) + * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 77325c3273..d018bee74a 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS ( https://tls.mbed.org ) + * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 4777ee0d93..6734a14d9f 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -65,7 +65,7 @@ int main(void) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" #define DEBUG_LEVEL 0 diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index fb6f371353..1e648e8afd 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -775,9 +775,9 @@ usage: mbedtls_printf(" > Write content to server:"); fflush(stdout); - len = sprintf((char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" + len = sprintf((char *) buf, "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n" "This is a simple test mail from the " - "mbed TLS mail client example.\r\n" + "Mbed TLS mail client example.\r\n" "\r\n" "Enjoy!", opt.mail_from); ret = write_ssl_data(&ssl, buf, len); diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 9416c3cf20..12d3057b4d 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -66,7 +66,7 @@ int main(void) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" #define DEBUG_LEVEL 0 diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index bb4915516f..ad82567f49 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -59,7 +59,7 @@ int main(void) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" #define DEBUG_LEVEL 0 diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 58c2f1eff4..e3fabec80f 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -173,7 +173,7 @@ int main(void) * packets (for fragmentation purposes) */ #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" // LONG_RESPONSE /* diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 47f5dc716e..19d90bce7e 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -131,7 +131,7 @@ cat include/mbedtls/build_info.h | \ sed -e "s/\(# *define *[A-Z]*_VERSION\)_PATCH .\{1,\}/\1_PATCH $PATCH/" | \ sed -e "s/\(# *define *[A-Z]*_VERSION\)_NUMBER .\{1,\}/\1_NUMBER $VERSION_NR/" | \ sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING .\{1,\}/\1_STRING \"$VERSION\"/" | \ - sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING_FULL .\{1,\}/\1_STRING_FULL \"mbed TLS $VERSION\"/" \ + sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING_FULL .\{1,\}/\1_STRING_FULL \"Mbed TLS $VERSION\"/" \ > tmp mv tmp include/mbedtls/build_info.h diff --git a/scripts/footprint.sh b/scripts/footprint.sh index 6c0fc2554a..ae95db4a13 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -17,7 +17,7 @@ # # Purpose # -# This script determines ROM size (or code size) for the standard mbed TLS +# This script determines ROM size (or code size) for the standard Mbed TLS # configurations, when built for a Cortex M3/M4 target. # # Configurations included: @@ -108,7 +108,7 @@ else fi log "" -log "mbed TLS $MBEDTLS_VERSION$GIT_VERSION" +log "Mbed TLS $MBEDTLS_VERSION$GIT_VERSION" log "$( arm-none-eabi-gcc --version | head -n1 )" log "CFLAGS=$ARMGCC_FLAGS" diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index e0de6b71ed..49cca2ec38 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -39,8 +39,8 @@ if( @ARGV ) { my $feature_format_file = $data_dir.'/version_features.fmt'; -my @sections = ( "System support", "mbed TLS modules", - "mbed TLS feature support" ); +my @sections = ( "System support", "Mbed TLS modules", + "Mbed TLS feature support" ); my $line_separator = $/; undef $/; diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 8d141eedf7..6bba02fd24 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -51,7 +51,7 @@ lcov_library_report () { lcov --rc lcov_branch_coverage=1 --add-tracefile Coverage/tmp/files.info --add-tracefile Coverage/tmp/tests.info -o Coverage/tmp/all.info lcov --rc lcov_branch_coverage=1 --remove Coverage/tmp/all.info -o Coverage/tmp/final.info '*.h' gendesc tests/Descriptions.txt -o Coverage/tmp/descriptions - genhtml --title "mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info + genhtml --title "Mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info rm -f Coverage/tmp/*.info Coverage/tmp/descriptions echo "Coverage report in: Coverage/index.html" } diff --git a/tests/compat.sh b/tests/compat.sh index b070e71c46..252736bb25 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -262,7 +262,7 @@ filter_ciphersuites() { if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ]; then - # Ciphersuite for mbed TLS + # Ciphersuite for Mbed TLS M_CIPHERS=$( filter "$M_CIPHERS" ) # Ciphersuite for OpenSSL @@ -272,7 +272,7 @@ filter_ciphersuites() G_CIPHERS=$( filter "$G_CIPHERS" ) fi - # For GnuTLS client -> mbed TLS server, + # For GnuTLS client -> Mbed TLS server, # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails if is_dtls "$MODE" && [ "X$VERIFY" = "XYES" ]; then G_CIPHERS="" diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 32be0eef16..43a91eed26 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -43,7 +43,7 @@ set -eu if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi diff --git a/tests/scripts/check-doxy-blocks.pl b/tests/scripts/check-doxy-blocks.pl index 3ed7069c57..dd955301ff 100755 --- a/tests/scripts/check-doxy-blocks.pl +++ b/tests/scripts/check-doxy-blocks.pl @@ -68,7 +68,7 @@ sub check_dir { # Check that the script is being run from the project's root directory. for my $dir (@directories) { if (! -d $dir) { - die "This script must be run from the mbed TLS root directory"; + die "This script must be run from the Mbed TLS root directory"; } else { check_dir($dir) } diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 4d6f93079c..a1c37e9f18 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -35,7 +35,7 @@ EOF fi if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi diff --git a/tests/scripts/doxygen.sh b/tests/scripts/doxygen.sh index 2bc8dc992c..cb87829e26 100755 --- a/tests/scripts/doxygen.sh +++ b/tests/scripts/doxygen.sh @@ -21,7 +21,7 @@ set -eu if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi diff --git a/tests/scripts/generate-afl-tests.sh b/tests/scripts/generate-afl-tests.sh index a640b566dd..a51fbc9650 100755 --- a/tests/scripts/generate-afl-tests.sh +++ b/tests/scripts/generate-afl-tests.sh @@ -41,7 +41,7 @@ THIS_DIR=$(basename $PWD) if [ -d ../library -a -d ../include -a -d ../tests -a $THIS_DIR == "tests" ]; then :; else - echo " [!] Must be run from mbed TLS tests directory" >&2 + echo " [!] Must be run from Mbed TLS tests directory" >&2 exit 1 fi diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 619a5ddb4e..5751624804 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -166,7 +166,7 @@ void ecp_test_vect_restart(int id, * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may * change in the future. A factor 2 is a minimum safety margin. * - * For reference, with mbed TLS 2.4 and default settings, for P-256: + * For reference, with Mbed TLS 2.4 and default settings, for P-256: * - Random point mult: ~3250M * - Cold base point mult: ~3300M * - Hot base point mult: ~1100M diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function index 981f8ab85f..eeae512626 100644 --- a/tests/suites/test_suite_version.function +++ b/tests/suites/test_suite_version.function @@ -20,7 +20,7 @@ void check_compiletime_version(char *version_str) mbedtls_snprintf(build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); - mbedtls_snprintf(build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, + mbedtls_snprintf(build_str_full, 100, "Mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); build_int = MBEDTLS_VERSION_MAJOR << 24 | @@ -56,7 +56,7 @@ void check_runtime_version(char *version_str) (get_int >> 24) & 0xFF, (get_int >> 16) & 0xFF, (get_int >> 8) & 0xFF); - mbedtls_snprintf(build_str_full, 100, "mbed TLS %s", version_str); + mbedtls_snprintf(build_str_full, 100, "Mbed TLS %s", version_str); TEST_ASSERT(strcmp(build_str, version_str) == 0); TEST_ASSERT(strcmp(build_str_full, get_str_full) == 0); diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index e6bce1d4fb..114bd52776 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -619,7 +619,7 @@ void x509_verify_restart(char *crt_file, char *ca_file, /* * See comments on ecp_test_vect_restart() for op count precision. * - * For reference, with mbed TLS 2.6 and default settings: + * For reference, with Mbed TLS 2.6 and default settings: * - ecdsa_verify() for P-256: ~ 6700 * - ecdsa_verify() for P-384: ~ 18800 * - x509_verify() for server5 -> test-ca2: ~ 18800 From 2e38a0d603994727c66f893627bf1933a7933b99 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Sep 2023 19:19:31 +0200 Subject: [PATCH 117/125] More spelling corrections Signed-off-by: Gilles Peskine --- include/mbedtls/error.h | 6 +++--- tests/data_files/Makefile | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 6882d71b17..a7454f2348 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -166,9 +166,9 @@ static inline int mbedtls_error_add(int high, int low, } /** - * \brief Translate a Mbed TLS error code into a string representation, - * Result is truncated if necessary and always includes a terminating - * null byte. + * \brief Translate an Mbed TLS error code into a string representation. + * The result is truncated if necessary and always includes a + * terminating null byte. * * \param errnum error code * \param buffer buffer to place representation in diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index b5f0844c9d..f50f058946 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1,7 +1,7 @@ ## This file contains a record of how some of the test data was ## generated. The final build products are committed to the repository ## as well to make sure that the test data is identical. You do not -## need to use this makefile unless you're extending mbed TLS's tests. +## need to use this makefile unless you're extending Mbed TLS's tests. ## Many data files were generated prior to the existence of this ## makefile, so the method of their generation was not recorded. From 7d52f2a0d939c610e18f7cd2b7d3a6361f3d4a98 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 12 Sep 2023 16:29:39 +0100 Subject: [PATCH 118/125] Improve use of ct interface in mbedtls_ssl_decrypt_buf Signed-off-by: Dave Rodgman --- library/ssl_msg.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 85632a1c31..47a206dd44 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -1504,7 +1504,8 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, int auth_done = 0; #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - size_t padlen = 0, correct = 1; + size_t padlen = 0; + mbedtls_ct_condition_t correct = MBEDTLS_CT_TRUE; #endif unsigned char *data; /* For an explanation of the additional data length see @@ -1921,7 +1922,7 @@ hmac_failed_etm_enabled: const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge( rec->data_len, padlen + 1); - correct = mbedtls_ct_size_if_else_0(ge, correct); + correct = mbedtls_ct_bool_and(ge, correct); padlen = mbedtls_ct_size_if_else_0(ge, padlen); } else { #if defined(MBEDTLS_SSL_DEBUG_ALL) @@ -1937,7 +1938,7 @@ hmac_failed_etm_enabled: const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge( rec->data_len, transform->maclen + padlen + 1); - correct = mbedtls_ct_size_if_else_0(ge, correct); + correct = mbedtls_ct_bool_and(ge, correct); padlen = mbedtls_ct_size_if_else_0(ge, padlen); } @@ -1973,14 +1974,14 @@ hmac_failed_etm_enabled: increment = mbedtls_ct_size_if_else_0(b, increment); pad_count += increment; } - correct = mbedtls_ct_size_if_else_0(mbedtls_ct_uint_eq(pad_count, padlen), correct); + correct = mbedtls_ct_bool_and(mbedtls_ct_uint_eq(pad_count, padlen), correct); #if defined(MBEDTLS_SSL_DEBUG_ALL) - if (padlen > 0 && correct == 0) { + if (padlen > 0 && correct == MBEDTLS_CT_FALSE) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected")); } #endif - padlen = mbedtls_ct_size_if_else_0(mbedtls_ct_bool(correct), padlen); + padlen = mbedtls_ct_size_if_else_0(correct, padlen); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -2075,7 +2076,7 @@ hmac_failed_etm_enabled: #if defined(MBEDTLS_SSL_DEBUG_ALL) MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match")); #endif - correct = 0; + correct = MBEDTLS_CT_FALSE; } auth_done++; @@ -2090,7 +2091,7 @@ hmac_failed_etm_disabled: /* * Finally check the correct flag */ - if (correct == 0) { + if (correct == MBEDTLS_CT_FALSE) { return MBEDTLS_ERR_SSL_INVALID_MAC; } #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ From 3d0bffb257c04bf192f20ef89205ac1be89c9828 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 13 Sep 2023 15:15:37 +0100 Subject: [PATCH 119/125] Improve statement in driver-only-builds.md Signed-off-by: Paul Elliott --- docs/driver-only-builds.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 277c5e3981..4e2d68f363 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -145,9 +145,9 @@ timeline, please let us know if you're interested. ### Limitations regarding the selection of curves -There is an ongoing work which tries to establish a link/constrain between -the list of supported curves and supported algorithms both in the builtin and -PSA sides. In particular: +There is ongoing work which is trying to establish the links and constraints +between the list of supported curves and supported algorithms both in the +builtin and PSA sides. In particular: - #8014 ensures that the curves supported on the PSA side (`PSA_WANT_ECC_xxx`) are always a superset of the builtin ones (`MBEDTLS_ECP_DP_xxx`) From d9f22804ea24379559c88bee7d2939cbd8edd692 Mon Sep 17 00:00:00 2001 From: mcagriaksoy Date: Wed, 13 Sep 2023 22:42:19 +0200 Subject: [PATCH 120/125] Fixes log level for got supported group message Signed-off-by: mcagriaksoy --- library/ssl_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index 7114ef01a7..760fa7f9db 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -260,7 +260,7 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, for (; *group_list != 0; group_list++) { int propose_group = 0; - MBEDTLS_SSL_DEBUG_MSG(1, ("got supported group(%04x)", *group_list)); + MBEDTLS_SSL_DEBUG_MSG(3, ("got supported group(%04x)", *group_list)); #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) if (flags & SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG) { From 3b4471ef87d756838735e0c3ed59f833eee14d2d Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Thu, 14 Sep 2023 12:59:50 +0100 Subject: [PATCH 121/125] MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be commented out in config Numeric options should be commented out with their default values in the config file, and a separate header file should set the default value if necessary. This was done for most other options in #8161; do it here for MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. Signed-off-by: Tom Cosgrove --- include/mbedtls/check_config.h | 8 ++++---- include/mbedtls/mbedtls_config.h | 2 +- include/mbedtls/ssl.h | 4 ++++ 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 5ea7b9470d..17eb0340cf 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -830,10 +830,10 @@ #endif #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \ - ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) || \ - ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 ) || \ - ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) ) -#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)" + defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) && \ + ((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) || \ + (MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX)) +#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)" #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 2f5c672fb9..77644a1335 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1848,7 +1848,7 @@ * production. * */ -#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 +//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 /** * \def MBEDTLS_SSL_PROTO_DTLS diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index a3ecbfbf67..d6083daf19 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -405,6 +405,10 @@ #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 #endif +#if !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) +#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 +#endif + #if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) #define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 #endif From a63775b16855b3d28fb3763ec1fded877961aab7 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Thu, 14 Sep 2023 13:31:19 +0100 Subject: [PATCH 122/125] Move MBEDTLS_SSL_MAX_EARLY_DATA_SIZE to the correct section Signed-off-by: Tom Cosgrove --- include/mbedtls/mbedtls_config.h | 37 +++++++++++++++++--------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 77644a1335..314dac639a 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1830,26 +1830,12 @@ * This feature is experimental, not completed and thus not ready for * production. * + * \note The maximum amount of early data can be set with + * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. + * */ //#define MBEDTLS_SSL_EARLY_DATA -/** - * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE - * - * The default maximum amount of 0-RTT data. See the documentation of - * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. - * - * It must be positive and smaller than UINT32_MAX. - * - * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not - * have any impact on the build. - * - * This feature is experimental, not completed and thus not ready for - * production. - * - */ -//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 - /** * \def MBEDTLS_SSL_PROTO_DTLS * @@ -4040,6 +4026,23 @@ */ //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +/** + * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE + * + * The default maximum amount of 0-RTT data. See the documentation of + * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. + * + * It must be positive and smaller than UINT32_MAX. + * + * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not + * have any impact on the build. + * + * This feature is experimental, not completed and thus not ready for + * production. + * + */ +//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 + /** * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE * From e99b24dd9ffc9bf67a8e1c804120d376a82d2822 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Sep 2023 15:45:03 +0100 Subject: [PATCH 123/125] Fix some clang-18 warnings Signed-off-by: Dave Rodgman --- library/ssl_client.c | 9 +++++---- library/ssl_tls.c | 9 +++++---- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index 7114ef01a7..d553997baf 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -648,14 +648,15 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) - if ( + int write_sig_alg_ext = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) - (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)) || + write_sig_alg_ext = write_sig_alg_ext || (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - propose_tls12 || + write_sig_alg_ext = write_sig_alg_ext || propose_tls12; #endif - 0) { + + if (write_sig_alg_ext) { ret = mbedtls_ssl_write_sig_alg_ext(ssl, p, end, &output_len); if (ret != 0) { return ret; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7a1f85531f..64a38781a0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4578,13 +4578,14 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, * We can't check that the config matches the initial one, but we can at * least check it matches the requirements for serializing. */ - if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || - ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 || - ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 || + if ( #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED || #endif - 0) { + ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 || + ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 + ) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } From a11eac429240ef75755fd4c39d261033091c3068 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Sep 2023 16:16:04 +0100 Subject: [PATCH 124/125] code style Signed-off-by: Dave Rodgman --- library/ssl_client.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index d553997baf..2ff39f4855 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -650,7 +650,8 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) int write_sig_alg_ext = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) - write_sig_alg_ext = write_sig_alg_ext || (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)); + write_sig_alg_ext = write_sig_alg_ext || + (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) write_sig_alg_ext = write_sig_alg_ext || propose_tls12; From 7f84471a604d312a45c4636276328fc1f098864f Mon Sep 17 00:00:00 2001 From: mcagriaksoy Date: Thu, 14 Sep 2023 22:43:08 +0200 Subject: [PATCH 125/125] Adding changelog for log level message fix Signed-off-by: mcagriaksoy --- ChangeLog.d/fix-log-level-msg.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/fix-log-level-msg.txt diff --git a/ChangeLog.d/fix-log-level-msg.txt b/ChangeLog.d/fix-log-level-msg.txt new file mode 100644 index 0000000000..4e82ad1508 --- /dev/null +++ b/ChangeLog.d/fix-log-level-msg.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix log level for the got supported group message. Fixes #6765