lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge branch 'development' into iotssl-1941-aria-ciphersuites

Browse Source 
* development: (504 commits)
  Fix minor code style issues
  Add the uodate to the soversion to the ChangeLog
  Fix the ChangeLog for clarity, english and credit
  Update version to 2.9.0
  ecp: Fix binary compatibility with group ID
  Changelog entry
  Change accepted ciphersuite versions when parsing server hello
  Remove preprocessor directives around platform_util.h include
  Fix style for mbedtls_mpi_zeroize()
  Improve mbedtls_platform_zeroize() docs
  mbedtls_zeroize -> mbedtls_platform_zeroize in docs
  Reword config.h docs for MBEDTLS_PLATFORM_ZEROIZE_ALT
  Organize CMakeLists targets in alphabetical order
  Organize output objs in alfabetical order in Makefile
  Regenerate errors after ecp.h updates
  Update ecp.h
  Change variable bytes_written to header_bytes in record decompression
  Update ecp.h
  Update ecp.h
  Update ecp.h
  ...
This commit is contained in:
Manuel Pégourié-Gonnard
2018-05-22 15:58:50 +02:00
parent 0960b80d53 c4bd8ec5ed
commit a3712beb9b
204 changed files with 7933 additions and 4006 deletions
Download Patch File Download Diff File Expand all files Collapse all files

191
tests/scripts/all.sh
View File

@ -94,7 +94,6 @@ CONFIG_BAK="$CONFIG_H.bak"
MEMORY=0
FORCE=0
KEEP_GOING=0
RELEASE=0
RUN_ARMCC=1
YOTTA=1
@ -127,8 +126,12 @@ General options:
-m|--memory Additional optional memory tests.
--armcc Run ARM Compiler builds (on by default).
--no-armcc Skip ARM Compiler builds.
--no-force Refuse to overwrite modified files (default).
--no-keep-going Stop at the first error (default).
--no-memory No additional memory tests (default).
--no-yotta Skip yotta module build.
--out-of-source-dir=<path> Directory used for CMake out-of-source build tests.
--random-seed Use a random seed value for randomized tests (default).
-r|--release-test Run this script in release mode. This fixes the seed value to 1.
-s|--seed Integer seed value to use for this test run.
--yotta Build yotta module (on by default).
@ -216,78 +219,30 @@ check_tools()
while [ $# -gt 0 ]; do
case "$1" in
--armcc)
RUN_ARMCC=1
;;
--armc5-bin-dir)
shift
ARMC5_BIN_DIR="$1"
;;
--armc6-bin-dir)
shift
ARMC6_BIN_DIR="$1"
;;
--force|-f)
FORCE=1
;;
--gnutls-cli)
shift
GNUTLS_CLI="$1"
;;
--gnutls-legacy-cli)
shift
GNUTLS_LEGACY_CLI="$1"
;;
--gnutls-legacy-serv)
shift
GNUTLS_LEGACY_SERV="$1"
;;
--gnutls-serv)
shift
GNUTLS_SERV="$1"
;;
--help|-h)
usage
exit
;;
--keep-going|-k)
KEEP_GOING=1
;;
--memory|-m)
MEMORY=1
;;
--no-armcc)
RUN_ARMCC=0
;;
--no-yotta)
YOTTA=0
;;
--openssl)
shift
OPENSSL="$1"
;;
--openssl-legacy)
shift
OPENSSL_LEGACY="$1"
;;
--openssl-next)
shift
OPENSSL_NEXT="$1"
;;
--out-of-source-dir)
shift
OUT_OF_SOURCE_DIR="$1"
;;
--release-test|-r)
RELEASE=1
;;
--seed|-s)
shift
SEED="$1"
;;
--yotta)
YOTTA=1
;;
--armcc) RUN_ARMCC=1;;
--armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
--armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
--force|-f) FORCE=1;;
--gnutls-cli) shift; GNUTLS_CLI="$1";;
--gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
--gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
--gnutls-serv) shift; GNUTLS_SERV="$1";;
--help|-h) usage; exit;;
--keep-going|-k) KEEP_GOING=1;;
--memory|-m) MEMORY=1;;
--no-armcc) RUN_ARMCC=0;;
--no-force) FORCE=0;;
--no-keep-going) KEEP_GOING=0;;
--no-memory) MEMORY=0;;
--no-yotta) YOTTA=0;;
--openssl) shift; OPENSSL="$1";;
--openssl-legacy) shift; OPENSSL_LEGACY="$1";;
--openssl-next) shift; OPENSSL_NEXT="$1";;
--out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
--random-seed) unset SEED;;
--release-test|-r) SEED=1;;
--seed|-s) shift; SEED="$1";;
--yotta) YOTTA=1;;
*)
echo >&2 "Unknown option: $1"
echo >&2 "Run $0 --help for usage."
@ -334,7 +289,7 @@ if [ $KEEP_GOING -eq 1 ]; then
start_red=
end_color=
if [ -t 1 ]; then
case "$TERM" in
case "${TERM:-}" in
*color*|cygwin|linux|rxvt*|screen|[Eex]term*)
start_red=$(printf '\033[31m')
end_color=$(printf '\033[0m')
@ -392,11 +347,6 @@ if_build_succeeded () {
fi
}
if [ $RELEASE -eq 1 ]; then
# Fix the seed value to 1 to ensure that the tests are deterministic.
SEED=1
fi
msg "info: $0 configuration"
echo "MEMORY: $MEMORY"
echo "FORCE: $FORCE"
@ -423,13 +373,15 @@ export GNUTLS_CLI="$GNUTLS_CLI"
export GNUTLS_SERV="$GNUTLS_SERV"
# Avoid passing --seed flag in every call to ssl-opt.sh
[ ! -z ${SEED+set} ] && export SEED
if [ -n "${SEED-}" ]; then
export SEED
fi
# Make sure the tools we need are available.
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
"$GNUTLS_CLI" "$GNUTLS_SERV" \
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \
"arm-none-eabi-gcc" "i686-w64-mingw32-gcc"
"arm-none-eabi-gcc" "i686-w64-mingw32-gcc" "gdb"
if [ $RUN_ARMCC -ne 0 ]; then
check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR"
fi
@ -455,7 +407,7 @@ msg "info: output_env.sh"
OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \
GNUTLS_SERV="$GNUTLS_SERV" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \
GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" ARMC5_CC="$ARMC5_CC" \
ARMC6_CC="$ARMC6_CC" scripts/output_env.sh
ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh
msg "test: recursion.pl" # < 1s
tests/scripts/recursion.pl library/*.c
@ -500,7 +452,7 @@ msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
if_build_succeeded tests/ssl-opt.sh
msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s
if_build_succeeded tests/scripts/test-ref-configs.pl
record_status tests/scripts/test-ref-configs.pl
msg "build: with ASan (rebuild after ref-configs)" # ~ 1 min
make
@ -538,16 +490,32 @@ make test
msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
if_build_succeeded tests/ssl-opt.sh
msg "build: cmake, full config, clang, C99" # ~ 50s
msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl set MBEDTLS_RSA_NO_CRT
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
make test
msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
tests/ssl-opt.sh -f RSA
msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
tests/compat.sh -t RSA
msg "build: cmake, full config, clang" # ~ 50s
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
make CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic'
make
msg "test: main suites (full config)" # ~ 5s
make CFLAGS='-Werror -Wall -Wextra' test
make test
msg "test: ssl-opt.sh default (full config)" # ~ 1s
if_build_succeeded tests/ssl-opt.sh -f Default
@ -560,13 +528,19 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'A
msg "test/build: curves.pl (gcc)" # ~ 4 min
cleanup
cmake -D CMAKE_BUILD_TYPE:String=Debug .
if_build_succeeded tests/scripts/curves.pl
record_status tests/scripts/curves.pl
msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min
cleanup
record_status tests/scripts/depends-hashes.pl
msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min
cleanup
record_status tests/scripts/depends-pkalgs.pl
msg "test/build: key-exchanges (gcc)" # ~ 1 min
cleanup
cmake -D CMAKE_BUILD_TYPE:String=Check .
if_build_succeeded tests/scripts/key-exchanges.pl
record_status tests/scripts/key-exchanges.pl
msg "build: Unix make, -Os (gcc)" # ~ 30s
cleanup
@ -653,6 +627,34 @@ make
msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
make test
msg "build: default config with AES_FEWER_TABLES enabled"
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl set MBEDTLS_AES_FEWER_TABLES
make CC=gcc CFLAGS='-Werror -Wall -Wextra'
msg "test: AES_FEWER_TABLES"
make test
msg "build: default config with AES_ROM_TABLES enabled"
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl set MBEDTLS_AES_ROM_TABLES
make CC=gcc CFLAGS='-Werror -Wall -Wextra'
msg "test: AES_ROM_TABLES"
make test
msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled"
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl set MBEDTLS_AES_FEWER_TABLES
scripts/config.pl set MBEDTLS_AES_ROM_TABLES
make CC=gcc CFLAGS='-Werror -Wall -Wextra'
msg "test: AES_FEWER_TABLES + AES_ROM_TABLES"
make test
if uname -a | grep -F Linux >/dev/null; then
msg "build/test: make shared" # ~ 40s
cleanup
@ -868,6 +870,15 @@ make test
cd "$MBEDTLS_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
for optimization_flag in -O2 -O3 -Ofast -Os; do
for compiler in clang gcc; do
msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
cleanup
CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" make programs
gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx
done
done
################################################################

12
tests/scripts/curves.pl
View File

@ -17,9 +17,12 @@
#
# And any test suite with the wrong dependencies will fail.
#
# Usage: curves.pl
# Usage: tests/scripts/curves.pl
#
# This script should be executed from the root of the project directory.
#
# For best effect, run either with cmake disabled, or cmake enabled in a mode
# that includes -Werror.
use warnings;
use strict;
@ -33,14 +36,17 @@ my @curves = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
die $_[0];
# use an exit code between 1 and 124 for git bisect (die returns 255)
warn $_[0];
exit 1;
}
for my $curve (@curves) {
system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
system( "make clean" ) and die;
# depends on a specific curve. Also, ignore error if it wasn't enabled
system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" );
system( "make clean" ) and die;
print "\n******************************************\n";
print "* Testing without curve: $curve\n";

77
tests/scripts/depends-hashes.pl Executable file
View File

@ -0,0 +1,77 @@
#!/usr/bin/perl
# depends-hashes.pl
#
# Copyright (c) 2017, ARM Limited, All Rights Reserved
#
# Purpose
#
# To test the code dependencies on individual hashes in each test suite. This
# is a verification step to ensure we don't ship test suites that do not work
# for some build options.
#
# The process is:
# for each possible hash
# build the library and test suites with the hash disabled
# execute the test suites
#
# And any test suite with the wrong dependencies will fail.
#
# Usage: tests/scripts/depends-hashes.pl
#
# This script should be executed from the root of the project directory.
#
# For best effect, run either with cmake disabled, or cmake enabled in a mode
# that includes -Werror.
use warnings;
use strict;
-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
my $config_h = 'include/mbedtls/config.h';
# as many SSL options depend on specific hashes,
# and SSL is not in the test suites anyways,
# disable it to avoid dependcies issues
my $ssl_sed_cmd = 's/^#define \(MBEDTLS_SSL.*\)/\1/p';
my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` );
# for md we want to catch MD5_C but not MD_C, hence the extra dot
my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p';
my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p';
my @hashes = split( /\s+/,
`sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` );
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
# use an exit code between 1 and 124 for git bisect (die returns 255)
warn $_[0];
exit 1;
}
for my $hash (@hashes) {
system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
system( "make clean" ) and die;
print "\n******************************************\n";
print "* Testing without hash: $hash\n";
print "******************************************\n";
system( "scripts/config.pl unset $hash" )
and abort "Failed to disable $hash\n";
for my $opt (@ssl) {
system( "scripts/config.pl unset $opt" )
and abort "Failed to disable $opt\n";
}
system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
and abort "Failed to build lib: $hash\n";
system( "cd tests && make" ) and abort "Failed to build tests: $hash\n";
system( "make test" ) and abort "Failed test suite: $hash\n";
}
system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
system( "make clean" ) and die;
exit 0;

91
tests/scripts/depends-pkalgs.pl Executable file
View File

@ -0,0 +1,91 @@
#!/usr/bin/perl
# depends-pkalgs.pl
#
# Copyright (c) 2017, ARM Limited, All Rights Reserved
#
# Purpose
#
# To test the code dependencies on individual PK algs (those that can be used
# from the PK layer, so currently signature and encryption but not key
# exchange) in each test suite. This is a verification step to ensure we don't
# ship test suites that do not work for some build options.
#
# The process is:
# for each possible PK alg
# build the library and test suites with that alg disabled
# execute the test suites
#
# And any test suite with the wrong dependencies will fail.
#
# Usage: tests/scripts/depends-pkalgs.pl
#
# This script should be executed from the root of the project directory.
#
# For best effect, run either with cmake disabled, or cmake enabled in a mode
# that includes -Werror.
use warnings;
use strict;
-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
my $config_h = 'include/mbedtls/config.h';
# Some algorithms can't be disabled on their own as others depend on them, so
# we list those reverse-dependencies here to keep check_config.h happy.
my %algs = (
'MBEDTLS_ECDSA_C' => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],
'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C',
'MBEDTLS_ECDH_C',
'MBEDTLS_ECJPAKE_C',
'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],
'MBEDTLS_X509_RSASSA_PSS_SUPPORT' => [],
'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
'MBEDTLS_PKCS1_V15' => ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT',
'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'],
);
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
# use an exit code between 1 and 124 for git bisect (die returns 255)
warn $_[0];
exit 1;
}
while( my ($alg, $extras) = each %algs ) {
system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n";
system( "make clean" ) and die;
print "\n******************************************\n";
print "* Testing without alg: $alg\n";
print "******************************************\n";
system( "scripts/config.pl unset $alg" )
and abort "Failed to disable $alg\n";
for my $opt (@$extras) {
system( "scripts/config.pl unset $opt" )
and abort "Failed to disable $opt\n";
}
system( "CFLAGS='-Werror -Wall -Wextra' make lib" )
and abort "Failed to build lib: $alg\n";
system( "cd tests && make" ) and abort "Failed to build tests: $alg\n";
system( "make test" ) and abort "Failed test suite: $alg\n";
}
system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n";
system( "make clean" ) and die;
exit 0;

2
tests/scripts/gen_ctr_drbg.pl
View File

@ -64,7 +64,7 @@ while (my $line = <TEST_DATA>)
my $AdditionalInput2 = get_val("AdditionalInput");
my $EntropyInputPR2 = get_val("EntropyInputPR") if ($PredictionResistance == 1);
my $ReturnedBits = get_val("ReturnedBits");
if ($PredictionResistance == 1)
{
print("CTR_DRBG NIST Validation (AES-256 use df,$PredictionResistanceStr,$EntropyInputLen,$NonceLen,$PersonalizationStringLen,$AdditionalInputLen) #$Count\n");

6
tests/scripts/gen_pkcs1_v21_sign_verify.pl
View File

@ -18,10 +18,10 @@ sub get_val($$)
next if($line !~ /^# $str/);
last;
}
while(my $line = <TEST_DATA>)
{
last if($line eq "\r\n");
last if($line eq "\r\n");
$val .= $line;
}
@ -66,7 +66,7 @@ while (my $line = <TEST_DATA>)
print(":\"$val_salt\"");
print(":\"$val_sig\":0");
print("\n\n");
}
}
$cnt++;
}
close(TEST_DATA);

23
tests/scripts/key-exchanges.pl
View File

@ -1,8 +1,25 @@
#!/usr/bin/perl
# test that all configs with only a single key exchange enabled build
# key-exchanges.pl
#
# Copyright (c) 2015-2017, ARM Limited, All Rights Reserved
#
# Purpose
#
# To test the code dependencies on individual key exchanges in the SSL module.
# is a verification step to ensure we don't ship SSL code that do not work
# for some build options.
#
# The process is:
# for each possible key exchange
# build the library with all but that key exchange disabled
#
# Usage: tests/scripts/key-exchanges.pl
#
# This script should be executed from the root of the project directory.
#
# For best effect, run either with cmake disabled, or cmake enabled in a mode
# that includes -Werror.
use warnings;
use strict;
@ -16,7 +33,9 @@ my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` );
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
die $_[0];
# use an exit code between 1 and 124 for git bisect (die returns 255)
warn $_[0];
exit 1;
}
for my $kex (@kexes) {

1
tests/scripts/run-test-suites.pl
View File

@ -41,6 +41,7 @@ die "$0: no test suite found\n" unless @suites;
# in case test suites are linked dynamically
$ENV{'LD_LIBRARY_PATH'} = '../library';
$ENV{'DYLD_LIBRARY_PATH'} = '../library';
my $prefix = $^O eq "MSWin32" ? '' : './';

4
tests/scripts/test-ref-configs.pl
View File

@ -53,7 +53,9 @@ my $config_h = 'include/mbedtls/config.h';
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
die $_[0];
# use an exit code between 1 and 124 for git bisect (die returns 255)
warn $_[0];
exit 1;
}
while( my ($conf, $data) = each %configs ) {

70
tests/scripts/test_zeroize.gdb Normal file
View File

@ -0,0 +1,70 @@
# test_zeroize.gdb
#
# This file is part of Mbed TLS (https://tls.mbed.org)
#
# Copyright (c) 2018, Arm Limited, All Rights Reserved
#
# Purpose
#
# Run a test using the debugger to check that the mbedtls_platform_zeroize()
# function in platform_util.h is not being optimized out by the compiler. To do
# so, the script loads the test program at programs/test/zeroize.c and sets a
# breakpoint at the last return statement in main(). When the breakpoint is
# hit, the debugger manually checks the contents to be zeroized and checks that
# it is actually cleared.
#
# The mbedtls_platform_zeroize() test is debugger driven because there does not
# seem to be a mechanism to reliably check whether the zeroize calls are being
# eliminated by compiler optimizations from within the compiled program. The
# problem is that a compiler would typically remove what it considers to be
# "unecessary" assignments as part of redundant code elimination. To identify
# such code, the compilar will create some form dependency graph between
# reads and writes to variables (among other situations). It will then use this
# data structure to remove redundant code that does not have an impact on the
# program's observable behavior. In the case of mbedtls_platform_zeroize(), an
# intelligent compiler could determine that this function clears a block of
# memory that is not accessed later in the program, so removing the call to
# mbedtls_platform_zeroize() does not have an observable behavior. However,
# inserting a test after a call to mbedtls_platform_zeroize() to check whether
# the block of memory was correctly zeroed would force the compiler to not
# eliminate the mbedtls_platform_zeroize() call. If this does not occur, then
# the compiler potentially has a bug.
#
# Note: This test requires that the test program is compiled with -g3.
#
# WARNING: There does not seem to be a mechanism in GDB scripts to set a
# breakpoint at the end of a function (probably because there are a lot of
# complications as function can have multiple exit points, etc). Therefore, it
# was necessary to hard-code the line number of the breakpoint in the zeroize.c
# test app. The assumption is that zeroize.c is a simple test app that does not
# change often (as opposed to the actual library code), so the breakpoint line
# number does not need to be updated often.
set confirm off
file ./programs/test/zeroize
break zeroize.c:100
set args ./programs/test/zeroize.c
run
set $i = 0
set $len = sizeof(buf)
set $buf = buf
while $i < $len
if $buf[$i++] != 0
echo The buffer at was not zeroized\n
quit 1
end
end
echo The buffer was correctly zeroized\n
continue
if $_exitcode != 0
echo The program did not terminate correctly\n
quit 1
end
quit 0