From 43b29861fe412327277851567957d8f2179e5e93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 11:25:43 +0200 Subject: [PATCH 01/19] Add reduced configuration used by picocoin --- configs/config-picocoin.h | 59 +++++++++++++++++++++++++++++++ tests/scripts/test-ref-configs.pl | 16 +++++++-- 2 files changed, 72 insertions(+), 3 deletions(-) create mode 100644 configs/config-picocoin.h diff --git a/configs/config-picocoin.h b/configs/config-picocoin.h new file mode 100644 index 0000000000..c1ace1e819 --- /dev/null +++ b/configs/config-picocoin.h @@ -0,0 +1,59 @@ +/* + * Reduced configuration used by Picocoin. + * + * See README.txt for usage instructions. + * + * Distinguishing features: + * - no SSL/TLS; + * - no X.509; + * - ECDSA/PK and some other chosen crypto bits. + */ + +#ifndef POLARSSL_CONFIG_H +#define POLARSSL_CONFIG_H + +/* System support */ +#define POLARSSL_HAVE_LONGLONG +#define POLARSSL_HAVE_ASM +#define POLARSSL_HAVE_TIME +#define POLARSSL_HAVE_IPV6 + +/* PolarSSL feature support */ +#define POLARSSL_CIPHER_MODE_CBC +#define POLARSSL_CIPHER_PADDING_PKCS7 +#define POLARSSL_ECP_DP_SECP256K1_ENABLED +#define POLARSSL_ECDSA_DETERMINISTIC +#define POLARSSL_PK_PARSE_EC_EXTENDED +#define POLARSSL_ERROR_STRERROR_DUMMY +#define POLARSSL_FS_IO + +/* PolarSSL modules */ +#define POLARSSL_AESNI_C +#define POLARSSL_AES_C +#define POLARSSL_ASN1_PARSE_C +#define POLARSSL_ASN1_WRITE_C +#define POLARSSL_BASE64_C +#define POLARSSL_BIGNUM_C +#define POLARSSL_DES_C // ??? +#define POLARSSL_ECDSA_C +#define POLARSSL_ECP_C +#define POLARSSL_ENTROPY_C +#define POLARSSL_HMAC_DRBG_C +#define POLARSSL_MD_C +#define POLARSSL_MD5_C // ??? +#define POLARSSL_OID_C +#define POLARSSL_PADLOCK_C +#define POLARSSL_PEM_PARSE_C // ??? +#define POLARSSL_PEM_WRITE_C // ??? +#define POLARSSL_PK_C +#define POLARSSL_PK_PARSE_C +#define POLARSSL_PK_WRITE_C +#define POLARSSL_RIPEMD160_C +#define POLARSSL_SHA1_C +#define POLARSSL_SHA256_C +#define POLARSSL_X509_USE_C // !!! +#define POLARSSL_X509_CRT_PARSE_C // !!! + +#include "check_config.h" + +#endif /* POLARSSL_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 6f609252a2..65871407dc 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -17,6 +17,8 @@ my %configs = ( => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', 'config-suite-b.h' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM'", + 'config-picocoin.h' + => 0, ); # If no config-name is provided, use all known configs. @@ -59,9 +61,17 @@ while( my ($conf, $args) = each %configs ) { system( "make" ) and abort "Failed to build: $conf\n"; system( "make $test" ) and abort "Failed test suite: $conf\n"; - print "\nrunning compat.sh $args\n"; - system( "cd tests && ./compat.sh $args" ) - and abort "Failed compat.sh: $conf\n"; + + if( $args ) + { + print "\nrunning compat.sh $args\n"; + system( "cd tests && ./compat.sh $args" ) + and abort "Failed compat.sh: $conf\n"; + } + else + { + print "\nskipping compat.sh\n"; + } } system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; From fea3102dcbb4364723a8a8778328977980e23f59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 11:32:05 +0200 Subject: [PATCH 02/19] Fix dependencies on X509_CRT_C in tests --- configs/config-picocoin.h | 1 - tests/suites/test_suite_x509parse.function | 6 +++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/configs/config-picocoin.h b/configs/config-picocoin.h index c1ace1e819..40d2fd1868 100644 --- a/configs/config-picocoin.h +++ b/configs/config-picocoin.h @@ -52,7 +52,6 @@ #define POLARSSL_SHA1_C #define POLARSSL_SHA256_C #define POLARSSL_X509_USE_C // !!! -#define POLARSSL_X509_CRT_PARSE_C // !!! #include "check_config.h" diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 9fd3adc3f7..da66e3727d 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -142,7 +142,7 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file, } /* END_CASE */ -/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */ +/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_C */ void x509_dn_gets( char *crt_file, char *entity, char *result_str ) { x509_crt crt; @@ -169,7 +169,7 @@ void x509_dn_gets( char *crt_file, char *entity, char *result_str ) } /* END_CASE */ -/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */ +/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_C */ void x509_time_expired( char *crt_file, char *entity, int result ) { x509_crt crt; @@ -189,7 +189,7 @@ void x509_time_expired( char *crt_file, char *entity, int result ) } /* END_CASE */ -/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */ +/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_C */ void x509_time_future( char *crt_file, char *entity, int result ) { x509_crt crt; From 0f7b61987517d956f7aea93499c3937db27b463a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 11:37:54 +0200 Subject: [PATCH 03/19] Fix tests dependencies in X509_USE_C --- configs/config-picocoin.h | 1 - tests/suites/test_suite_x509parse.function | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/configs/config-picocoin.h b/configs/config-picocoin.h index 40d2fd1868..7bd1cab735 100644 --- a/configs/config-picocoin.h +++ b/configs/config-picocoin.h @@ -51,7 +51,6 @@ #define POLARSSL_RIPEMD160_C #define POLARSSL_SHA1_C #define POLARSSL_SHA256_C -#define POLARSSL_X509_USE_C // !!! #include "check_config.h" diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index da66e3727d..500df35afa 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -316,7 +316,7 @@ void x509_crt_parse_path( char *crt_path, int ret, int nb_crt ) } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_X509_USE_C */ void x509_oid_desc( char *oid_str, char *ref_desc ) { x509_buf oid; @@ -341,7 +341,7 @@ void x509_oid_desc( char *oid_str, char *ref_desc ) } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_X509_USE_C */ void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret ) { x509_buf oid; From f9378d8f11fa93d0b4982e682eec8304b2bcf8ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 13:11:25 +0200 Subject: [PATCH 04/19] Fix dependencies on PEM in tests and programs --- configs/config-picocoin.h | 2 -- programs/pkey/key_app_writer.c | 28 +++++++++++++++++++++--- tests/suites/test_suite_pkwrite.function | 4 ++-- 3 files changed, 27 insertions(+), 7 deletions(-) diff --git a/configs/config-picocoin.h b/configs/config-picocoin.h index 7bd1cab735..1a1cd283d1 100644 --- a/configs/config-picocoin.h +++ b/configs/config-picocoin.h @@ -43,8 +43,6 @@ #define POLARSSL_MD5_C // ??? #define POLARSSL_OID_C #define POLARSSL_PADLOCK_C -#define POLARSSL_PEM_PARSE_C // ??? -#define POLARSSL_PEM_WRITE_C // ??? #define POLARSSL_PK_C #define POLARSSL_PK_PARSE_C #define POLARSSL_PK_WRITE_C diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index c35736f9c7..983b64e3f2 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -63,8 +63,13 @@ int main( int argc, char *argv[] ) #define DFL_FILENAME "keyfile.key" #define DFL_DEBUG_LEVEL 0 #define DFL_OUTPUT_MODE OUTPUT_MODE_NONE +#if defined(POLARSSL_PEM_WRITE_C) #define DFL_OUTPUT_FILENAME "keyfile.pem" #define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM +#else +#define DFL_OUTPUT_FILENAME "keyfile.der" +#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER +#endif /* * global options @@ -88,6 +93,7 @@ static int write_public_key( pk_context *key, const char *output_file ) memset(output_buf, 0, 16000); +#if defined(POLARSSL_PEM_WRITE_C) if( opt.output_format == OUTPUT_FORMAT_PEM ) { if( ( ret = pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 ) @@ -96,6 +102,7 @@ static int write_public_key( pk_context *key, const char *output_file ) len = strlen( (char *) output_buf ); } else +#endif { if( ( ret = pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 ) return( ret ); @@ -127,6 +134,8 @@ static int write_private_key( pk_context *key, const char *output_file ) size_t len = 0; memset(output_buf, 0, 16000); + +#if defined(POLARSSL_PEM_WRITE_C) if( opt.output_format == OUTPUT_FORMAT_PEM ) { if( ( ret = pk_write_key_pem( key, output_buf, 16000 ) ) != 0 ) @@ -135,6 +144,7 @@ static int write_private_key( pk_context *key, const char *output_file ) len = strlen( (char *) output_buf ); } else +#endif { if( ( ret = pk_write_key_der( key, output_buf, 16000 ) ) < 0 ) return( ret ); @@ -157,14 +167,23 @@ static int write_private_key( pk_context *key, const char *output_file ) return( 0 ); } +#if defined(POLARSSL_PEM_WRITE_C) +#define USAGE_OUT \ + " output_file=%%s default: keyfile.pem\n" \ + " output_format=pem|der default: pem\n" +#else +#define USAGE_OUT \ + " output_file=%%s default: keyfile.der\n" \ + " output_format=der default: der\n" +#endif + #define USAGE \ "\n usage: key_app param=<>...\n" \ "\n acceptable parameters:\n" \ " mode=private|public default: none\n" \ " filename=%%s default: keyfile.key\n" \ " output_mode=private|public default: none\n" \ - " output_file=%%s default: keyfile.pem\n" \ - " output_format=pem|der default: pem\n" \ + USAGE_OUT \ "\n" int main( int argc, char *argv[] ) @@ -222,9 +241,12 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "output_format" ) == 0 ) { +#if defined(POLARSSL_PEM_WRITE_C) if( strcmp( q, "pem" ) == 0 ) opt.output_format = OUTPUT_FORMAT_PEM; - else if( strcmp( q, "der" ) == 0 ) + else +#endif + if( strcmp( q, "der" ) == 0 ) opt.output_format = OUTPUT_FORMAT_DER; else goto usage; diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 2ea9409976..e172315b8a 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -9,7 +9,7 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C */ void pk_write_pubkey_check( char *key_file ) { pk_context key; @@ -40,7 +40,7 @@ void pk_write_pubkey_check( char *key_file ) } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C */ void pk_write_key_check( char *key_file ) { pk_context key; From cb576cc18b7412e6be52cf79c1e82fac4d8f40d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 14:14:01 +0200 Subject: [PATCH 05/19] Reduce picocoin config a bit more --- configs/config-picocoin.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/configs/config-picocoin.h b/configs/config-picocoin.h index 1a1cd283d1..eeac5d0814 100644 --- a/configs/config-picocoin.h +++ b/configs/config-picocoin.h @@ -34,13 +34,11 @@ #define POLARSSL_ASN1_WRITE_C #define POLARSSL_BASE64_C #define POLARSSL_BIGNUM_C -#define POLARSSL_DES_C // ??? #define POLARSSL_ECDSA_C #define POLARSSL_ECP_C #define POLARSSL_ENTROPY_C #define POLARSSL_HMAC_DRBG_C #define POLARSSL_MD_C -#define POLARSSL_MD5_C // ??? #define POLARSSL_OID_C #define POLARSSL_PADLOCK_C #define POLARSSL_PK_C From 8a4d571af8f2e98ff652d93738a5fa6c07c1a437 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 14:19:59 +0200 Subject: [PATCH 06/19] Fix warnings in no-SSL configs --- programs/ssl/ssl_client2.c | 30 ++++++++++++++++-------------- programs/ssl/ssl_server2.c | 31 ++++++++++++++++--------------- 2 files changed, 32 insertions(+), 29 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 8db6ddb778..2b1c03a3df 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -29,6 +29,22 @@ #include POLARSSL_CONFIG_FILE #endif +#if !defined(POLARSSL_ENTROPY_C) || \ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +#include +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + printf("POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " + "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else + #include #include #include @@ -304,20 +320,6 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) " force_ciphersuite= default: all enabled\n"\ " acceptable ciphersuite names:\n" -#if !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else int main( int argc, char *argv[] ) { int ret = 0, len, server_fd, i, written, frags; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 0dc516e1b7..3b8f234a08 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -29,6 +29,22 @@ #include POLARSSL_CONFIG_FILE #endif +#if !defined(POLARSSL_ENTROPY_C) || \ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +#include +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + printf("POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " + "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else + #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO) #define POLARSSL_SNI #endif @@ -312,21 +328,6 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len ) " force_ciphersuite= default: all enabled\n" \ " acceptable ciphersuite names:\n" -#if !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - /* * Used by sni_parse and psk_parse to handle coma-separated lists */ From 5bfd968e01f6d4a8db9827e4fb9ec824c750f6fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 15:18:11 +0200 Subject: [PATCH 07/19] Fix warning with TLS 1.2 without RSA or ECDSA --- library/ssl_cli.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index fda9ebf51c..99039542c7 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -148,8 +148,10 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl, size_t *olen ) { unsigned char *p = buf; - unsigned char *sig_alg_list = buf + 6; size_t sig_alg_len = 0; +#if defined(POLARSSL_RSA_C) || defined(POLARSSL_ECDSA_C) + unsigned char *sig_alg_list = buf + 6; +#endif *olen = 0; From 8f625632bbe0eb241dae38368146303a4bd4e7f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 15:26:28 +0200 Subject: [PATCH 08/19] Fix dependencies: GCM != AEAD != CCM --- include/polarssl/cipher.h | 27 +++++++---------- library/cipher.c | 14 +++------ tests/suites/test_suite_cipher.function | 40 ++++++++++++------------- 3 files changed, 35 insertions(+), 46 deletions(-) diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index 51534613ea..84993f7676 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -36,7 +36,7 @@ #include POLARSSL_CONFIG_FILE #endif -#if defined(POLARSSL_GCM_C) +#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C) #define POLARSSL_CIPHER_MODE_AEAD #endif @@ -534,25 +534,21 @@ int cipher_set_iv( cipher_context_t *ctx, */ int cipher_reset( cipher_context_t *ctx ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) /** * \brief Add additional data (for AEAD ciphers). - * This function has no effect for non-AEAD ciphers. - * For AEAD ciphers, it may or may not be called - * repeatedly, and/or interleaved with calls to - * cipher_udpate(), depending on the cipher. - * E.g. for GCM is must be called exactly once, right - * after cipher_reset(). + * Currently only supported with GCM. + * Must be called exactly once, after cipher_reset(). * * \param ctx generic cipher context * \param ad Additional data to use. * \param ad_len Length of ad. * - * \returns 0 on success, or a specific error code. + * \return 0 on success, or a specific error code. */ int cipher_update_ad( cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* POLARSSL_GCM_C */ /** * \brief Generic cipher update function. Encrypts/decrypts @@ -606,10 +602,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) /** * \brief Write tag for AEAD ciphers. - * No effect for other ciphers. + * Currently only supported with GCM. * Must be called after cipher_finish(). * * \param ctx Generic cipher context @@ -623,9 +619,8 @@ int cipher_write_tag( cipher_context_t *ctx, /** * \brief Check tag for AEAD ciphers. - * No effect for other ciphers. - * Calling time depends on the cipher: - * for GCM, must be called after cipher_finish(). + * Currently only supported with GCM. + * Must be called after cipher_finish(). * * \param ctx Generic cipher context * \param tag Buffer holding the tag @@ -635,7 +630,7 @@ int cipher_write_tag( cipher_context_t *ctx, */ int cipher_check_tag( cipher_context_t *ctx, const unsigned char *tag, size_t tag_len ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* POLARSSL_GCM_C */ /** * \brief Generic all-in-one encryption/decryption diff --git a/library/cipher.c b/library/cipher.c index 558c4b35b0..16acd805ea 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -234,24 +234,22 @@ int cipher_reset( cipher_context_t *ctx ) return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) int cipher_update_ad( cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ) { if( NULL == ctx || NULL == ctx->cipher_info ) return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); -#if defined(POLARSSL_GCM_C) if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) { return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation, ctx->iv, ctx->iv_size, ad, ad_len ); } -#endif return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* POLARSSL_GCM_C */ int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) @@ -724,7 +722,7 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ) } #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) int cipher_write_tag( cipher_context_t *ctx, unsigned char *tag, size_t tag_len ) { @@ -734,10 +732,8 @@ int cipher_write_tag( cipher_context_t *ctx, if( POLARSSL_ENCRYPT != ctx->operation ) return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); -#if defined(POLARSSL_GCM_C) if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len ); -#endif return( 0 ); } @@ -753,7 +749,6 @@ int cipher_check_tag( cipher_context_t *ctx, return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); } -#if defined(POLARSSL_GCM_C) if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) { unsigned char check_tag[16]; @@ -778,11 +773,10 @@ int cipher_check_tag( cipher_context_t *ctx, return( 0 ); } -#endif /* POLARSSL_GCM_C */ return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* POLARSSL_GCM_C */ /* * Packet-oriented wrapper for non-AEAD modes diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 09ae2e08a7..7c9c76d02c 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -60,7 +60,7 @@ void cipher_null_args( ) TEST_ASSERT( cipher_reset( NULL ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( cipher_reset( &ctx ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( cipher_update_ad( NULL, buf, 0 ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( cipher_update_ad( &ctx, buf, 0 ) @@ -77,7 +77,7 @@ void cipher_null_args( ) TEST_ASSERT( cipher_finish( &ctx, buf, &olen ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( cipher_write_tag( NULL, buf, olen ) == POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); TEST_ASSERT( cipher_write_tag( &ctx, buf, olen ) @@ -157,10 +157,10 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len, TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* encode length number of bytes from inbuf */ TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); @@ -174,9 +174,9 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len, TEST_ASSERT( 0 == cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); total_len += outlen; -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif TEST_ASSERT( total_len == length || ( total_len % cipher_get_block_size( &ctx_enc ) == 0 && @@ -195,9 +195,9 @@ void enc_dec_buf( int cipher_id, char *cipher_string, int key_len, TEST_ASSERT( 0 == cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); total_len += outlen; -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* check result */ TEST_ASSERT( total_len == length ); @@ -250,9 +250,9 @@ void enc_fail( int cipher_id, int pad_mode, int key_len, #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, 16 ) ); TEST_ASSERT( 0 == cipher_reset( &ctx ) ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_update_ad( &ctx, NULL, 0 ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* encode length number of bytes from inbuf */ TEST_ASSERT( 0 == cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); @@ -297,9 +297,9 @@ void dec_empty_buf() TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* decode 0-byte string */ TEST_ASSERT( 0 == cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); @@ -359,10 +359,10 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, TEST_ASSERT( 0 == cipher_reset( &ctx_dec ) ); TEST_ASSERT( 0 == cipher_reset( &ctx_enc ) ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_update_ad( &ctx_dec, NULL, 0 ) ); TEST_ASSERT( 0 == cipher_update_ad( &ctx_enc, NULL, 0 ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* encode length number of bytes from inbuf */ TEST_ASSERT( 0 == cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); @@ -416,7 +416,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode, unsigned char ad[200]; unsigned char tag[20]; size_t key_len, iv_len, cipher_len, clear_len; -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) size_t ad_len, tag_len; #endif cipher_context_t ctx; @@ -435,7 +435,7 @@ void decrypt_test_vec( int cipher_id, int pad_mode, iv_len = unhexify( iv, hex_iv ); cipher_len = unhexify( cipher, hex_cipher ); clear_len = unhexify( clear, hex_clear ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) ad_len = unhexify( ad, hex_ad ); tag_len = unhexify( tag, hex_tag ); #else @@ -455,9 +455,9 @@ void decrypt_test_vec( int cipher_id, int pad_mode, #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ TEST_ASSERT( 0 == cipher_set_iv( &ctx, iv, iv_len ) ); TEST_ASSERT( 0 == cipher_reset( &ctx ) ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( 0 == cipher_update_ad( &ctx, ad, ad_len ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* decode buffer and check tag */ total_len = 0; @@ -466,9 +466,9 @@ void decrypt_test_vec( int cipher_id, int pad_mode, TEST_ASSERT( finish_result == cipher_finish( &ctx, output + outlen, &outlen ) ); total_len += outlen; -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(POLARSSL_GCM_C) TEST_ASSERT( tag_result == cipher_check_tag( &ctx, tag, tag_len ) ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ +#endif /* check plaintext only if everything went fine */ if( 0 == finish_result && 0 == tag_result ) From ac2ccf897c83a6e1c6332b181dccd66b5511b1e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 15:48:01 +0200 Subject: [PATCH 09/19] Fix CCM ciphersuites definition: PSK <-> DHE-PSK! --- library/ssl_ciphersuites.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 82f0a38580..a74e324317 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1105,23 +1105,23 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #if defined(POLARSSL_CCM_C) - { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, + { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", + POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, - { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, + { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", + POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, + { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", + POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, - { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, + { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", + POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_SHORT_TAG }, @@ -1241,23 +1241,23 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #if defined(POLARSSL_CCM_C) - { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, + { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", + POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, - { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, + { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", + POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, + { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", + POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, - { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, + { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", + POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_SHORT_TAG }, From 1a74a26f77371d7d74751a0c55d9340ce10b6bc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 15:51:32 +0200 Subject: [PATCH 10/19] Add config based on PSK-CCM --- configs/config-ccm-psk-tls1_2.h | 35 +++++++++++++++++++++++++++++++ tests/scripts/test-ref-configs.pl | 2 ++ 2 files changed, 37 insertions(+) create mode 100644 configs/config-ccm-psk-tls1_2.h diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h new file mode 100644 index 0000000000..67f32f8620 --- /dev/null +++ b/configs/config-ccm-psk-tls1_2.h @@ -0,0 +1,35 @@ +/* + * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * + * See README.txt for usage instructions. + */ +#ifndef POLARSSL_CONFIG_H +#define POLARSSL_CONFIG_H + +/* System support */ +#define POLARSSL_HAVE_IPV6 +#define POLARSSL_HAVE_TIME + +/* PolarSSL feature support */ +#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED +#define POLARSSL_SSL_PROTO_TLS1_2 + +/* PolarSSL modules */ +#define POLARSSL_AES_C +#define POLARSSL_ASN1_PARSE_C +#define POLARSSL_ASN1_WRITE_C +#define POLARSSL_CCM_C +#define POLARSSL_CIPHER_C +#define POLARSSL_CTR_DRBG_C +#define POLARSSL_ENTROPY_C +#define POLARSSL_MD_C +#define POLARSSL_NET_C +#define POLARSSL_OID_C +#define POLARSSL_SHA256_C +#define POLARSSL_SSL_CLI_C +#define POLARSSL_SSL_SRV_C +#define POLARSSL_SSL_TLS_C + +#include "check_config.h" + +#endif /* POLARSSL_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 65871407dc..fddfe65eac 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -19,6 +19,8 @@ my %configs = ( => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM'", 'config-picocoin.h' => 0, + 'config-ccm-psk-tls1_2.h' + => '-m tls1_2 -f \'TLS-PSK.*AES.*CCM\'', ); # If no config-name is provided, use all known configs. From 03f15320362146a40e0cd04739a017e51d34d7f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 16:03:49 +0200 Subject: [PATCH 11/19] Update PSK-based miniconfigs: no ASN1, no OID --- configs/config-ccm-psk-tls1_2.h | 3 --- configs/config-psk-rc4-tls1_0.h | 4 ---- 2 files changed, 7 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 67f32f8620..3941028a4c 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -16,15 +16,12 @@ /* PolarSSL modules */ #define POLARSSL_AES_C -#define POLARSSL_ASN1_PARSE_C -#define POLARSSL_ASN1_WRITE_C #define POLARSSL_CCM_C #define POLARSSL_CIPHER_C #define POLARSSL_CTR_DRBG_C #define POLARSSL_ENTROPY_C #define POLARSSL_MD_C #define POLARSSL_NET_C -#define POLARSSL_OID_C #define POLARSSL_SHA256_C #define POLARSSL_SSL_CLI_C #define POLARSSL_SSL_SRV_C diff --git a/configs/config-psk-rc4-tls1_0.h b/configs/config-psk-rc4-tls1_0.h index 6a06dc7f8e..d94318e0a9 100644 --- a/configs/config-psk-rc4-tls1_0.h +++ b/configs/config-psk-rc4-tls1_0.h @@ -4,7 +4,6 @@ * * See README.txt for usage instructions. */ - #ifndef POLARSSL_CONFIG_H #define POLARSSL_CONFIG_H @@ -19,15 +18,12 @@ /* PolarSSL modules */ #define POLARSSL_AES_C #define POLARSSL_ARC4_C -#define POLARSSL_ASN1_PARSE_C -#define POLARSSL_ASN1_WRITE_C #define POLARSSL_CIPHER_C #define POLARSSL_CTR_DRBG_C #define POLARSSL_ENTROPY_C #define POLARSSL_MD_C #define POLARSSL_MD5_C #define POLARSSL_NET_C -#define POLARSSL_OID_C #define POLARSSL_SHA1_C #define POLARSSL_SHA256_C #define POLARSSL_SSL_CLI_C From 4d9b7849ae67c177ce9dc0df237cc59426f6420e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 16:29:54 +0200 Subject: [PATCH 12/19] Warning against RC4 in example config --- configs/config-psk-rc4-tls1_0.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/configs/config-psk-rc4-tls1_0.h b/configs/config-psk-rc4-tls1_0.h index d94318e0a9..ef995e8108 100644 --- a/configs/config-psk-rc4-tls1_0.h +++ b/configs/config-psk-rc4-tls1_0.h @@ -2,6 +2,10 @@ * Custom compact configuration for TLS 1.0 with PSK and RC4 * Distinguishing features: no bignum, no PK, no X509. * + * WARNING: RC4 is in the process of being deprecated! + * This configuration is kept for testing purposes only, DO NOT USE it! + * For a safe and lean PSK-based configuration, see config-ccm-psk-tls1_2.h + * * See README.txt for usage instructions. */ #ifndef POLARSSL_CONFIG_H From 0ac844cba4cd53afd6d63b4966db514ec8abef0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 16:30:49 +0200 Subject: [PATCH 13/19] Optimize RAM usage in CCM-PSK config --- configs/config-ccm-psk-tls1_2.h | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 3941028a4c..8560a7b565 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -1,5 +1,10 @@ /* * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * Distinguishing features: + * - no bignum, no PK, no X509 + * - fully modern and secure (provided the pre-shared keys have high entropy) + * - very low record overhead if using the CCM-8 suites + * - optimized for low RAM usage * * See README.txt for usage instructions. */ @@ -27,6 +32,21 @@ #define POLARSSL_SSL_SRV_C #define POLARSSL_SSL_TLS_C +/* Save RAM at the expense of ROM */ +#define POLARSSL_AES_ROM_TABLES + +/* + * You should adjust this to the exact number of sources you're using: default + * is the "platform_entrpy_poll" source, but you may want to add other ones + */ +#define ENTROPY_MAX_SOURCES 1 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See coments in "polarssl/ssl.h".) + */ +#define SSL_MAX_CONTENT_LEN 512 + #include "check_config.h" #endif /* POLARSSL_CONFIG_H */ From f87cad9397f4fd77edccab5e5ecd3b0ba77c6f55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 16:55:17 +0200 Subject: [PATCH 14/19] Fix some curve-specific depends in tests --- tests/suites/test_suite_ecdsa.data | 2 +- tests/suites/test_suite_ecp.data | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index 501bdebd6d..b03549bf58 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -23,7 +23,7 @@ depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED ecdsa_prim_test_vectors:POLARSSL_ECP_DP_SECP256R1:"DC51D3866A15BACDE33D96F992FCA99DA7E6EF0934E7097559C27F1614C88A7F":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":"9E56F509196784D963D1C0A401510EE7ADA3DCC5DEE04B154BF61AF1D5A6DECE":"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD":"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"86FA3BB4E26CAD5BF90B7F81899256CE7594BB1EA0C89212748BFF3B3D5B0315" ECDSA primitive rfc 4754 p384 -depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED +depends_on:POLARSSL_ECP_DP_SECP384R1_ENABLED ecdsa_prim_test_vectors:POLARSSL_ECP_DP_SECP384R1:"0BEB646634BA87735D77AE4809A0EBEA865535DE4C1E1DCB692E84708E81A5AF62E528C38B2A81B35309668D73524D9F":"96281BF8DD5E0525CA049C048D345D3082968D10FEDF5C5ACA0C64E6465A97EA5CE10C9DFEC21797415710721F437922":"447688BA94708EB6E2E4D59F6AB6D7EDFF9301D249FE49C33096655F5D502FAD3D383B91C5E7EDAA2B714CC99D5743CA":"B4B74E44D71A13D568003D7489908D564C7761E229C58CBFA18950096EB7463B854D7FA992F934D927376285E63414FA":"CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED8086072BA1E7CC2358BAECA134C825A7":"FB017B914E29149432D8BAC29A514640B46F53DDAB2C69948084E2930F1C8F7E08E07C9C63F2D21A07DCB56A6AF56EB3":"B263A1305E057F984D38726A1B46874109F417BCA112674C528262A40A629AF1CBB9F516CE0FA7D2FF630863A00E8B9F" ECDSA primitive rfc 4754 p521 diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 278fa88f9c..d871a8dfc3 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -269,7 +269,7 @@ depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED ecp_tls_read_group:"030017":0:256 ECP tls read group #5 (OK, buffer continues) -depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED +depends_on:POLARSSL_ECP_DP_SECP384R1_ENABLED ecp_tls_read_group:"0300180000":0:384 ECP tls write-read group #1 From e38eb0b7be41a5977515d1e10b208a0aaad020fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 17:30:05 +0200 Subject: [PATCH 15/19] Optimize config-suite-b for low RAM usage --- configs/config-ccm-psk-tls1_2.h | 1 + configs/config-suite-b.h | 38 +++++++++++++++++++++++++++++-- tests/scripts/test-ref-configs.pl | 2 +- 3 files changed, 38 insertions(+), 3 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 8560a7b565..1c7c4b44ce 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -44,6 +44,7 @@ /* * Save RAM at the expense of interoperability: do this only if you control * both ends of the connection! (See coments in "polarssl/ssl.h".) + * The optimal size here depends on the typical size of records. */ #define SSL_MAX_CONTENT_LEN 512 diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index bfd604807e..8a98b9de14 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -1,6 +1,14 @@ /* * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) * + * Distinguishing features: + * - no RSA or classic DH, fully based on ECC + * - optimized for low RAM usage + * + * Possible improvements: + * - if 128-bit security is enough, disable secp384r1 and SHA-512 + * - use embedded certs in DER format and disable PEM_PARSE_C and BASE64_C + * * See README.txt for usage instructions. */ @@ -48,8 +56,34 @@ #define POLARSSL_CERTS_C #define POLARSSL_PEM_PARSE_C -/* For testing with compat.sh */ -#define POLARSSL_FS_IO +/* Save RAM at the expense of ROM */ +#define POLARSSL_AES_ROM_TABLES + +/* Save RAM by adjusting to our exact needs */ +#define POLARSSL_MPI_MAX_SIZE 96 +#define POLARSSL_ECP_MAX_BITS 384 + +/* Save RAM at the expense of speed, see ecp.h */ +#define POLARSSL_ECP_WINDOW_SIZE 2 +#define POLARSSL_ECP_FIXED_POINT_OPTIM 0 + +/* Uncomment for a significant speed benefit at the expense of some ROM */ +//#define POLARSSL_ECP_NIST_OPTIM + +/* + * You should adjust this to the exact number of sources you're using: default + * is the "platform_entrpy_poll" source, but you may want to add other ones. + * Minimum is 2 for the entropy test suite. + */ +#define ENTROPY_MAX_SOURCES 2 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See coments in "polarssl/ssl.h".) + * The minimum size here depends on the certificate chain used as well as the + * typical size of records. + */ +#define SSL_MAX_CONTENT_LEN 1024 #include "check_config.h" diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index fddfe65eac..9b09e34640 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -16,7 +16,7 @@ my %configs = ( 'config-mini-tls1_1.h' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', 'config-suite-b.h' - => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM'", + => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p PolarSSL", 'config-picocoin.h' => 0, 'config-ccm-psk-tls1_2.h' From 3579522d3146b0c59c129a4fba7acdff33e7993b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 17:33:54 +0200 Subject: [PATCH 16/19] Update Changelog for example configs changes --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index c1df109581..2ba5a50990 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,8 @@ Features * Support for parsing and verifying RSASSA-PSS signatures in the X.509 modules (certificates, CRLs and CSRs). * Blowfish in the cipher layer now supports variable length keys. + * Add example config.h for PSK with CCM, optimized for low RAM usage. + * Optimize for RAM usage in example config.h for NSA Suite B profile. Changes * Add LINK_WITH_PTHREAD option in CMake for explicit linking that is From 66e20c6318a172cb508949dff0ce38d2c5790d40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 17:47:40 +0200 Subject: [PATCH 17/19] Fix warning and typo->error. --- configs/config-ccm-psk-tls1_2.h | 5 +++-- configs/config-suite-b.h | 2 +- library/pkparse.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 1c7c4b44ce..0c6d128c99 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -37,9 +37,10 @@ /* * You should adjust this to the exact number of sources you're using: default - * is the "platform_entrpy_poll" source, but you may want to add other ones + * is the "platform_entropy_poll" source, but you may want to add other ones + * Minimum is 2 for the entropy test suite. */ -#define ENTROPY_MAX_SOURCES 1 +#define ENTROPY_MAX_SOURCES 2 /* * Save RAM at the expense of interoperability: do this only if you control diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 8a98b9de14..4651e0df27 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -72,7 +72,7 @@ /* * You should adjust this to the exact number of sources you're using: default - * is the "platform_entrpy_poll" source, but you may want to add other ones. + * is the "platform_entropy_poll" source, but you may want to add other ones. * Minimum is 2 for the entropy test suite. */ #define ENTROPY_MAX_SOURCES 2 diff --git a/library/pkparse.c b/library/pkparse.c index 3c8063fe7b..29217a28a2 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -62,12 +62,12 @@ #define polarssl_free free #endif +#if defined(POLARSSL_FS_IO) /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if defined(POLARSSL_FS_IO) /* * Load all data from a file into a given buffer. */ From 417670a030a3bb2d762bf3f77200c357801ceb04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 17:50:22 +0200 Subject: [PATCH 18/19] Adjust bound more tightly --- configs/config-suite-b.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 4651e0df27..0600c2e1cf 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -60,8 +60,8 @@ #define POLARSSL_AES_ROM_TABLES /* Save RAM by adjusting to our exact needs */ -#define POLARSSL_MPI_MAX_SIZE 96 #define POLARSSL_ECP_MAX_BITS 384 +#define POLARSSL_MPI_MAX_SIZE 48 // 384 bits is 48 bytes /* Save RAM at the expense of speed, see ecp.h */ #define POLARSSL_ECP_WINDOW_SIZE 2 From 0389b54063c16dcd15b297ef397474f800983505 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 24 Jun 2014 22:22:50 +0200 Subject: [PATCH 19/19] Some configs without HAVE_TIME or HAVE_IPV6 --- configs/config-ccm-psk-tls1_2.h | 5 +++-- configs/config-psk-rc4-tls1_0.h | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 0c6d128c99..f425391d0a 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -12,8 +12,9 @@ #define POLARSSL_CONFIG_H /* System support */ -#define POLARSSL_HAVE_IPV6 -#define POLARSSL_HAVE_TIME +//#define POLARSSL_HAVE_IPV6 /* Optional */ +//#define POLARSSL_HAVE_TIME /* Optionnaly used in Hello messages */ +/* Other POLARSSL_HAVE_XXX flags irrelevant for this configuration */ /* PolarSSL feature support */ #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED diff --git a/configs/config-psk-rc4-tls1_0.h b/configs/config-psk-rc4-tls1_0.h index ef995e8108..e4fc4520ce 100644 --- a/configs/config-psk-rc4-tls1_0.h +++ b/configs/config-psk-rc4-tls1_0.h @@ -12,8 +12,9 @@ #define POLARSSL_CONFIG_H /* System support */ -#define POLARSSL_HAVE_TIME -#define POLARSSL_HAVE_IPV6 +//#define POLARSSL_HAVE_IPV6 /* Optional */ +//#define POLARSSL_HAVE_TIME /* Optionnaly used in Hello messages */ +/* Other POLARSSL_HAVE_XXX flags irrelevant for this configuration */ /* PolarSSL feature support */ #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED