diff --git a/ChangeLog b/ChangeLog index 55cccd5e65..227faed6b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,69 +1,80 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS x.x.x branch released xxxx-xx-xx += mbed TLS 2.6.0 branch released 2017-08-10 Security - * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional, + * Fix authentication bypass in SSL/TLS: when authmode is set to optional, mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA - (default: 8) intermediates, even when it was not trusted. Could be - triggered remotely on both sides. (With auth_mode set to required - (default), the handshake was correctly aborted.) + (default: 8) intermediates, even when it was not trusted. This could be + triggered remotely from either side. (With authmode set to 'required' + (the default), the handshake was correctly aborted). + * Reliably wipe sensitive data after use in the AES example applications + programs/aes/aescrypt2 and programs/aes/crypt_and_hash. + Found by Laurent Simon. Features * Add the functions mbedtls_platform_setup() and mbedtls_platform_teardown() and the context struct mbedtls_platform_context to perform platform-specific setup and teardown operations. The macro MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT allows the functions to be overridden - by the user in a platform_alt.h file. This new APIs are required in some - embedded environments that have hardware acceleration support. + by the user in a platform_alt.h file. These new functions are required in + some embedded environments to provide a means of initialising underlying + cryptographic acceleration hardware. API Changes * Reverted API/ABI breaking changes introduced in mbed TLS 2.5.1, to make the API consistent with mbed TLS 2.5.0. Specifically removed the inline qualifier from the functions mbedtls_aes_decrypt, mbedtls_aes_encrypt, - mbedtls_ssl_ciphersuite_uses_ec and mbedtls_ssl_ciphersuite_uses_psk. #978 - Found by James Cowgill. + mbedtls_ssl_ciphersuite_uses_ec and mbedtls_ssl_ciphersuite_uses_psk. Found + by James Cowgill. #978 * Certificate verification functions now set flags to -1 in case the full chain was not verified due to an internal error (including in the verify callback) or chain length limitations. - * With authmode set to optional, handshake is now aborted if the + * With authmode set to optional, the TLS handshake is now aborted if the verification of the peer's certificate failed due to an overlong chain or - a fatal error in the vrfy callback. + a fatal error in the verify callback. Bugfix - * Add a check if iv_len is zero, and return an error if it is zero. reported - by roberto. #716 - * Replace preproccessor condition from #if defined(MBEDTLS_THREADING_PTHREAD) + * Add a check if iv_len is zero in GCM, and return an error if it is zero. + Reported by roberto. #716 + * Replace preprocessor condition from #if defined(MBEDTLS_THREADING_PTHREAD) to #if defined(MBEDTLS_THREADING_C) as the library cannot assume they will - always be implemented by pthread support. Fix for #696 - * Fix resource leak on windows platform, in mbedtls_x509_crt_parse_path. - In case of failure, when an error occures, goto cleanup. - Found by redplait #590 + always be implemented by pthread support. #696 + * Fix a resource leak on Windows platforms in mbedtls_x509_crt_parse_path(), + in the case of an error. Found by redplait. #590 * Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random. - Reported and fix suggested by guidovranken in #740 + Reported and fix suggested by guidovranken. #740 * Fix conditional preprocessor directives in bignum.h to enable 64-bit compilation when using ARM Compiler 6. * Fix a potential integer overflow in the version verification for DER - encoded X509 CRLs. The overflow would enable maliciously constructed CRLs + encoded X.509 CRLs. The overflow could enable maliciously constructed CRLs to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, KNOX Security, Samsung Research America * Fix potential integer overflow in the version verification for DER - encoded X509 CSRs. The overflow would enable maliciously constructed CSRs + encoded X.509 CSRs. The overflow could enable maliciously constructed CSRs to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, KNOX Security, Samsung Research America * Fix a potential integer overflow in the version verification for DER - encoded X509 certificates. The overflow would enable maliciously + encoded X.509 certificates. The overflow could enable maliciously constructed certificates to bypass the certificate verification check. + * Fix a call to the libc function time() to call the platform abstraction + function mbedtls_time() instead. Found by wairua. #666 + * Avoid shadowing of time and index functions through mbed TLS function + arguments. Found by inestlerode. #557. Changes * Added config.h option MBEDTLS_NO_UDBL_DIVISION, to prevent the use of - 64-bit division. #708 + 64-bit division. This is useful on embedded platforms where 64-bit division + created a dependency on external libraries. #708 * Removed mutexes from ECP hardware accelerator code. Now all hardware accelerator code in the library leaves concurrency handling to the platform. Reported by Steven Cooreman. #863 * Define the macro MBEDTLS_AES_ROM_TABLES in the configuration file config-no-entropy.h to reduce the RAM footprint. + * Added a test script that can be hooked into git that verifies commits + before they are pushed. + * Improve documentation of PKCS1 decryption functions. = mbed TLS 2.5.1 released 2017-06-21 diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index 929c1bee52..87b5041bb1 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -21,7 +21,7 @@ */ /** - * @mainpage mbed TLS v2.5.1 source code documentation + * @mainpage mbed TLS v2.6.0 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 4bc322df56..5df1c932db 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.5.1" +PROJECT_NAME = "mbed TLS v2.6.0" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index bf9abeff6b..dad9aef002 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -461,7 +461,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp * \brief Set a group using well-known domain parameters * * \param grp Destination group - * \param index Index in the list of well-known domain parameters + * \param id Index in the list of well-known domain parameters * * \return 0 if successful, * MBEDTLS_ERR_MPI_XXX if initialization failed @@ -470,7 +470,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp * \note Index should be a value of RFC 4492's enum NamedCurve, * usually in the form of a MBEDTLS_ECP_DP_XXX macro. */ -int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id index ); +int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); /** * \brief Set a group from a TLS ECParameters record diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 45486a995c..3b209a6b07 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -38,17 +38,17 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 5 -#define MBEDTLS_VERSION_PATCH 1 +#define MBEDTLS_VERSION_MINOR 6 +#define MBEDTLS_VERSION_PATCH 0 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x02050100 -#define MBEDTLS_VERSION_STRING "2.5.1" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.5.1" +#define MBEDTLS_VERSION_NUMBER 0x02060000 +#define MBEDTLS_VERSION_STRING "2.6.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.6.0" #if defined(MBEDTLS_VERSION_C) diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 128eaded6f..d7e318dfdc 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -247,12 +247,12 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se * \note Intended usage is "if( is_past( valid_to ) ) ERROR". * Hence the return value of 1 if on internal errors. * - * \param time mbedtls_x509_time to check + * \param to mbedtls_x509_time to check * * \return 1 if the given time is in the past or an error occured, * 0 otherwise. */ -int mbedtls_x509_time_is_past( const mbedtls_x509_time *time ); +int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); /** * \brief Check a given mbedtls_x509_time against the system time @@ -261,12 +261,12 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *time ); * \note Intended usage is "if( is_future( valid_from ) ) ERROR". * Hence the return value of 1 if on internal errors. * - * \param time mbedtls_x509_time to check + * \param from mbedtls_x509_time to check * * \return 1 if the given time is in the future or an error occured, * 0 otherwise. */ -int mbedtls_x509_time_is_future( const mbedtls_x509_time *time ); +int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); /** * \brief Checkup routine @@ -295,7 +295,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50 mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, void **sig_opts ); int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *time ); + mbedtls_x509_time *t ); int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial ); int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 7a9f185e2c..c332d45777 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -140,15 +140,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedcrypto SHARED ${src_crypto}) - set_target_properties(mbedcrypto PROPERTIES VERSION 2.5.1 SOVERSION 0) + set_target_properties(mbedcrypto PROPERTIES VERSION 2.6.0 SOVERSION 0) target_link_libraries(mbedcrypto ${libs}) add_library(mbedx509 SHARED ${src_x509}) - set_target_properties(mbedx509 PROPERTIES VERSION 2.5.1 SOVERSION 0) + set_target_properties(mbedx509 PROPERTIES VERSION 2.6.0 SOVERSION 0) target_link_libraries(mbedx509 ${libs} mbedcrypto) add_library(mbedtls SHARED ${src_tls}) - set_target_properties(mbedtls PROPERTIES VERSION 2.5.1 SOVERSION 10) + set_target_properties(mbedtls PROPERTIES VERSION 2.6.0 SOVERSION 10) target_link_libraries(mbedtls ${libs} mbedx509) install(TARGETS mbedtls mbedx509 mbedcrypto diff --git a/library/cmac.c b/library/cmac.c index 035ad071d4..6df56aa9a8 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -169,10 +169,10 @@ static void cmac_xor_block( unsigned char *output, const unsigned char *input1, const unsigned char *input2, const size_t block_size ) { - size_t index; + size_t idx; - for( index = 0; index < block_size; index++ ) - output[ index ] = input1[ index ] ^ input2[ index ]; + for( idx = 0; idx < block_size; idx++ ) + output[ idx ] = input1[ idx ] ^ input2[ idx ]; } /* diff --git a/library/entropy.c b/library/entropy.c index d4d1b27b7f..23de4062a4 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -132,24 +132,24 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, mbedtls_entropy_f_source_ptr f_source, void *p_source, size_t threshold, int strong ) { - int index, ret = 0; + int idx, ret = 0; #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) return( ret ); #endif - index = ctx->source_count; - if( index >= MBEDTLS_ENTROPY_MAX_SOURCES ) + idx = ctx->source_count; + if( idx >= MBEDTLS_ENTROPY_MAX_SOURCES ) { ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES; goto exit; } - ctx->source[index].f_source = f_source; - ctx->source[index].p_source = p_source; - ctx->source[index].threshold = threshold; - ctx->source[index].strong = strong; + ctx->source[idx].f_source = f_source; + ctx->source[idx].p_source = p_source; + ctx->source[idx].threshold = threshold; + ctx->source[idx].strong = strong; ctx->source_count++; diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 9b62de2dcc..c771d7fe2a 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -138,7 +138,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = time( NULL ), oldest = 0; + mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; mbedtls_ssl_cache_entry *old = NULL; #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; diff --git a/library/x509.c b/library/x509.c index 88e32b067e..e94a8a329f 100644 --- a/library/x509.c +++ b/library/x509.c @@ -496,25 +496,25 @@ static int x509_parse_int( unsigned char **p, size_t n, int *res ) return( 0 ); } -static int x509_date_is_valid(const mbedtls_x509_time *time) +static int x509_date_is_valid(const mbedtls_x509_time *t) { int ret = MBEDTLS_ERR_X509_INVALID_DATE; - CHECK_RANGE( 0, 9999, time->year ); - CHECK_RANGE( 0, 23, time->hour ); - CHECK_RANGE( 0, 59, time->min ); - CHECK_RANGE( 0, 59, time->sec ); + CHECK_RANGE( 0, 9999, t->year ); + CHECK_RANGE( 0, 23, t->hour ); + CHECK_RANGE( 0, 59, t->min ); + CHECK_RANGE( 0, 59, t->sec ); - switch( time->mon ) + switch( t->mon ) { case 1: case 3: case 5: case 7: case 8: case 10: case 12: - CHECK_RANGE( 1, 31, time->day ); + CHECK_RANGE( 1, 31, t->day ); break; case 4: case 6: case 9: case 11: - CHECK_RANGE( 1, 30, time->day ); + CHECK_RANGE( 1, 30, t->day ); break; case 2: - CHECK_RANGE( 1, 28 + (time->year % 4 == 0), time->day ); + CHECK_RANGE( 1, 28 + (t->year % 4 == 0), t->day ); break; default: return( ret ); @@ -528,7 +528,7 @@ static int x509_date_is_valid(const mbedtls_x509_time *time) * field. */ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, - mbedtls_x509_time *time ) + mbedtls_x509_time *tm ) { int ret; @@ -542,26 +542,26 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, /* * Parse year, month, day, hour, minute */ - CHECK( x509_parse_int( p, yearlen, &time->year ) ); + CHECK( x509_parse_int( p, yearlen, &tm->year ) ); if ( 2 == yearlen ) { - if ( time->year < 50 ) - time->year += 100; + if ( tm->year < 50 ) + tm->year += 100; - time->year += 1900; + tm->year += 1900; } - CHECK( x509_parse_int( p, 2, &time->mon ) ); - CHECK( x509_parse_int( p, 2, &time->day ) ); - CHECK( x509_parse_int( p, 2, &time->hour ) ); - CHECK( x509_parse_int( p, 2, &time->min ) ); + CHECK( x509_parse_int( p, 2, &tm->mon ) ); + CHECK( x509_parse_int( p, 2, &tm->day ) ); + CHECK( x509_parse_int( p, 2, &tm->hour ) ); + CHECK( x509_parse_int( p, 2, &tm->min ) ); /* * Parse seconds if present */ if ( len >= 2 ) { - CHECK( x509_parse_int( p, 2, &time->sec ) ); + CHECK( x509_parse_int( p, 2, &tm->sec ) ); len -= 2; } else @@ -582,7 +582,7 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, if ( 0 != len ) return ( MBEDTLS_ERR_X509_INVALID_DATE ); - CHECK( x509_date_is_valid( time ) ); + CHECK( x509_date_is_valid( tm ) ); return ( 0 ); } @@ -593,7 +593,7 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, * generalTime GeneralizedTime } */ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *time ) + mbedtls_x509_time *tm ) { int ret; size_t len, year_len; @@ -619,7 +619,7 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, if( ret != 0 ) return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); - return x509_parse_time( p, len, year_len, time ); + return x509_parse_time( p, len, year_len, tm ); } int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) diff --git a/library/x509write_crt.c b/library/x509write_crt.c index d1d9a22a7e..4d674abcf8 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -264,7 +264,7 @@ int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, } static int x509_write_time( unsigned char **p, unsigned char *start, - const char *time, size_t size ) + const char *t, size_t size ) { int ret; size_t len = 0; @@ -272,10 +272,10 @@ static int x509_write_time( unsigned char **p, unsigned char *start, /* * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter) */ - if( time[0] == '2' && time[1] == '0' && time [2] < '5' ) + if( t[0] == '2' && t[1] == '0' && t[2] < '5' ) { MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) time + 2, + (const unsigned char *) t + 2, size - 2 ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) ); @@ -283,7 +283,7 @@ static int x509_write_time( unsigned char **p, unsigned char *start, else { MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) time, + (const unsigned char *) t, size ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) ); diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c index c77d77f5fb..4acf38dd74 100644 --- a/programs/aes/aescrypt2.c +++ b/programs/aes/aescrypt2.c @@ -79,7 +79,9 @@ int main( int argc, char *argv[] ) FILE *fkey, *fin = NULL, *fout = NULL; char *p; + unsigned char IV[16]; + unsigned char tmp[16]; unsigned char key[512]; unsigned char digest[32]; unsigned char buffer[1024]; @@ -123,10 +125,10 @@ int main( int argc, char *argv[] ) } mode = atoi( argv[1] ); - memset(IV, 0, sizeof(IV)); - memset(key, 0, sizeof(key)); - memset(digest, 0, sizeof(digest)); - memset(buffer, 0, sizeof(buffer)); + memset( IV, 0, sizeof( IV ) ); + memset( key, 0, sizeof( key ) ); + memset( digest, 0, sizeof( digest ) ); + memset( buffer, 0, sizeof( buffer ) ); if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT ) { @@ -153,7 +155,7 @@ int main( int argc, char *argv[] ) } /* - * Read the secret key and clean the command line. + * Read the secret key from file or command line */ if( ( fkey = fopen( argv[4], "rb" ) ) != NULL ) { @@ -185,8 +187,6 @@ int main( int argc, char *argv[] ) } } - memset( argv[4], 0, strlen( argv[4] ) ); - #if defined(_WIN32_WCE) filesize = fseek( fin, 0L, SEEK_END ); #else @@ -272,7 +272,6 @@ int main( int argc, char *argv[] ) mbedtls_md_finish( &sha_ctx, digest ); } - memset( key, 0, sizeof( key ) ); mbedtls_aes_setkey_enc( &aes_ctx, digest, 256 ); mbedtls_md_hmac_starts( &sha_ctx, digest, 32 ); @@ -319,8 +318,6 @@ int main( int argc, char *argv[] ) if( mode == MODE_DECRYPT ) { - unsigned char tmp[16]; - /* * The encrypted file must be structured as follows: * @@ -374,7 +371,6 @@ int main( int argc, char *argv[] ) mbedtls_md_finish( &sha_ctx, digest ); } - memset( key, 0, sizeof( key ) ); mbedtls_aes_setkey_dec( &aes_ctx, digest, 256 ); mbedtls_md_hmac_starts( &sha_ctx, digest, 32 ); @@ -441,6 +437,15 @@ exit: if( fout ) fclose( fout ); + /* Zeroize all command line arguments to also cover + the case when the user has missed or reordered some, + in which case the key might not be in argv[4]. */ + for( i = 0; i < (unsigned int) argc; i++ ) + memset( argv[i], 0, strlen( argv[i] ) ); + + memset( IV, 0, sizeof( IV ) ); + memset( key, 0, sizeof( key ) ); + memset( tmp, 0, sizeof( tmp ) ); memset( buffer, 0, sizeof( buffer ) ); memset( digest, 0, sizeof( digest ) ); diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index adb95e03ca..0e272ebe48 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -192,7 +192,7 @@ int main( int argc, char *argv[] ) } /* - * Read the secret key and clean the command line. + * Read the secret key from file or command line */ if( ( fkey = fopen( argv[6], "rb" ) ) != NULL ) { @@ -224,8 +224,6 @@ int main( int argc, char *argv[] ) } } - memset( argv[6], 0, strlen( argv[6] ) ); - #if defined(_WIN32_WCE) filesize = fseek( fin, 0L, SEEK_END ); #else @@ -303,8 +301,6 @@ int main( int argc, char *argv[] ) } - memset( key, 0, sizeof( key ) ); - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, MBEDTLS_ENCRYPT ) != 0 ) { @@ -444,8 +440,6 @@ int main( int argc, char *argv[] ) mbedtls_md_finish( &md_ctx, digest ); } - memset( key, 0, sizeof( key ) ); - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, MBEDTLS_DECRYPT ) != 0 ) { @@ -540,7 +534,16 @@ exit: if( fout ) fclose( fout ); + /* Zeroize all command line arguments to also cover + the case when the user has missed or reordered some, + in which case the key might not be in argv[6]. */ + for( i = 0; i < argc; i++ ) + memset( argv[i], 0, strlen( argv[i] ) ); + + memset( IV, 0, sizeof( IV ) ); + memset( key, 0, sizeof( key ) ); memset( buffer, 0, sizeof( buffer ) ); + memset( output, 0, sizeof( output ) ); memset( digest, 0, sizeof( digest ) ); mbedtls_cipher_free( &cipher_ctx ); diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 2432b46ebc..1442a384c4 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.5.1" +check_compiletime_version:"2.6.0" Check runtime library version -check_runtime_version:"2.5.1" +check_runtime_version:"2.6.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0