That memory leak had been present ever since the san command-line
argument has been added.
Tested that the following invocation is now fully valgrind clean:
programs/x509/cert_write san=DN:C=NL,CN=#0000,CN=foo;DN:CN=#0000,O=foo,OU=bar,C=UK;IP:1.2.3.4;IP:4.3.2.1;URI:http\\://example.org/;URI:foo;DNS:foo.example.org;DNS:bar.example.org
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The runtime error was introduced two commits ago (while avoiding a
use-after-free). Now the programs run cleanly but still leak memory.
The memory leak is long pre-existing and larger than just DN components
(which are made temporarily slightly worse by this commit) and will be
fixed properly in the next commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The documentation doesn't say you can't call these functions more than
once on the same context, and if you do it shouldn't result in a memory
leak. Historically, the call to mbedtls_asn1_free_named_data_list() in
mbedtls_x509_string_to_names() (that was removed in the previous commit)
was ensuring that. Let's restore it where it makes sense. (These are the
only 3 places calling mbedtls_x509_string_to_names() in the library.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Now programs/x509/cert_write san="DN:CN=#0000;DN:CN=#0000" is no longer
crashing with use-after-free, instead it's now failing cleanly:
failed
! mbedtls_x509_string_to_names returned -0x2800 - X509 - Input invalid
That's better of course but still not great, will be fixed by future
commits.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The curve secp224k1 was supported in the legacy API in Mbed TLS <=3.6, but
removed after 3.6, and was never implemented in PSA. Remove this old trace
of it.
This is a partial cherry-pick of 32c82f0c369117b22d8a40e51723c364156d1aff
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The goal of testing with GCC 15 is to validate fixes for
https://github.com/Mbed-TLS/mbedtls/issues/9814 . The bug is present in
multiple places, and some of them affect third-party drivers but not our
built-in implementation. (The bug is that driver contexts might not be
zero-initialized, but some of our built-in implementations happen not to
care about this.) Thus, enable the test drivers in the test component that
uses GCC 15, to gain the extra checks performed in the driver wrappers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is a new warning in GCC 15 that our code base triggers in many places.
Silence it for the time being.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The OID module is used by both crypto and X.509. It has moved to the
`tf-psa-crypto` subdirectory, and the sibling commit
08d8cc57db removes this subdirectory from the
`mbedtls` repository in order to make `tf-psa-crypto` a submodule. We want
to access the relevant parts directly from X.509 rather than go through the
crypto repository, because OID functions are only accessible as private
interfaces, and crypto doesn't know when a particular OID function is needed
in the build since it depends on X.509 configuration options.
Make a copy of the OID module and its unit tests. In a follow-up, the X.509
module will switch to consuming this copy rather than the one that went into
TF-PSA-Crypto.
Rename the files from `*oid*` to `*x509_oid*` to follow the naming
convention that submodules of X.509 are prefixed with `x509`. This also
avoids file name clashes with TF-PSA-Crypto.
Since OID is not a public interface of Mbed TLS 4.x, move the header file
into `library`.
This commit only makes the files available. Subsequent commits will take
care of making these files used in the build.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Parsing of CRT files with message's hash alg different from the MGF1 was
allowed in the past, but now it fails. So we need to move/adapt tests
relying on this feature, from a "verify" scope to a "parse" one.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- Do not store RSA-PSS signature options in CRL/CRT/CSR structures;
- During the parsing phase, just ensure that MGF1 hash alg is the same
as the one used for the message.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Import component_test_platform_get_entropy_alt() from its counterpart
in TF-PSA-Crypto repo.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This had not been updated after test_suite_version was moved back to
mbedtls from TF-PSA-Crypto.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Use the proper Clang C++ compiler to build C++ code otherwise the C
compiler will fail because std::cout() is unknown in
"cpp_dummy_build.cpp".
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Use alternative implementation of mbedtls_platform_get_entropy() since
the default one lives in "platform.c" and that one is excluded in
this test component.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Add C++ specific instructions to the generated *.cpp source file so
that the build will fail in case a C compiler is used.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
By default C++ code would be compiled with GNU while C with Clang and
this can create problems at link time. In order to prevent this we
use Clang for both.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is necessary to let entropy being able to gather entropy data from
the native platform source.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The function is now internal so it cannot be referenced from programs.
A dummy alternative is used instead.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
