From 5e1b195d1f19aa8ecb943a55d421186c693c4298 Mon Sep 17 00:00:00 2001 From: Krzysztof Stachowiak Date: Wed, 24 Apr 2019 14:24:46 +0200 Subject: [PATCH 01/81] Unify the example programs' termination This is done to account for platforms, for which we want custom behavior upon the program termination, hence we call `mbedtls_exit()` instead of returning from `main()`. --- programs/aes/aescrypt2.c | 4 ++-- programs/aes/crypt_and_hash.c | 4 ++-- programs/hash/generic_sum.c | 10 +++++----- programs/hash/hello.c | 6 +++--- programs/pkey/dh_client.c | 4 ++-- programs/pkey/dh_genprime.c | 6 +++--- programs/pkey/dh_server.c | 4 ++-- programs/pkey/ecdh_curve25519.c | 4 ++-- programs/pkey/ecdsa.c | 4 ++-- programs/pkey/gen_key.c | 4 ++-- programs/pkey/key_app.c | 4 ++-- programs/pkey/key_app_writer.c | 4 ++-- programs/pkey/mpi_demo.c | 4 ++-- programs/pkey/pk_decrypt.c | 4 ++-- programs/pkey/pk_encrypt.c | 4 ++-- programs/pkey/pk_sign.c | 4 ++-- programs/pkey/pk_verify.c | 4 ++-- programs/pkey/rsa_decrypt.c | 4 ++-- programs/pkey/rsa_encrypt.c | 4 ++-- programs/pkey/rsa_genkey.c | 4 ++-- programs/pkey/rsa_sign.c | 4 ++-- programs/pkey/rsa_sign_pss.c | 4 ++-- programs/pkey/rsa_verify.c | 4 ++-- programs/pkey/rsa_verify_pss.c | 4 ++-- programs/random/gen_entropy.c | 8 ++++---- programs/random/gen_random_ctr_drbg.c | 8 ++++---- programs/random/gen_random_havege.c | 8 ++++---- programs/ssl/dtls_client.c | 5 +++-- programs/ssl/dtls_server.c | 5 +++-- programs/ssl/mini_client.c | 4 ++-- programs/ssl/ssl_client1.c | 4 ++-- programs/ssl/ssl_client2.c | 6 +++--- programs/ssl/ssl_fork_server.c | 6 +++--- programs/ssl/ssl_mail_client.c | 4 ++-- programs/ssl/ssl_pthread_server.c | 4 ++-- programs/ssl/ssl_server.c | 4 ++-- programs/ssl/ssl_server2.c | 6 +++--- programs/test/selftest.c | 3 +-- programs/test/udp_proxy.c | 2 +- programs/x509/cert_app.c | 4 ++-- programs/x509/cert_req.c | 4 ++-- programs/x509/cert_write.c | 4 ++-- programs/x509/crl_app.c | 4 ++-- programs/x509/req_app.c | 4 ++-- 44 files changed, 102 insertions(+), 101 deletions(-) diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c index 8242ea7c9e1e..bb300822a725 100644 --- a/programs/aes/aescrypt2.c +++ b/programs/aes/aescrypt2.c @@ -76,7 +76,7 @@ int main( void ) mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C " "and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C " "not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -465,6 +465,6 @@ int main( int argc, char *argv[] ) mbedtls_aes_free( &aes_ctx ); mbedtls_md_free( &sha_ctx ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index a5acf5b8bfd0..83731d0e6744 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -78,7 +78,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -562,6 +562,6 @@ int main( int argc, char *argv[] ) mbedtls_cipher_free( &cipher_ctx ); mbedtls_md_free( &md_ctx ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 709a149e0e65..97f7a46f9e89 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -48,7 +48,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -203,7 +203,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } /* @@ -213,12 +213,12 @@ int main( int argc, char *argv[] ) if( md_info == NULL ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] ); - return( exit_code ); + mbedtls_exit( exit_code ); } if( mbedtls_md_setup( &md_ctx, md_info, 0 ) ) { mbedtls_fprintf( stderr, "Failed to initialize context.\n" ); - return( exit_code ); + mbedtls_exit( exit_code ); } ret = 0; @@ -237,6 +237,6 @@ int main( int argc, char *argv[] ) exit: mbedtls_md_free( &md_ctx ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 55a0c7e74b4e..66fd3155431a 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -44,7 +44,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_MD5_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -58,7 +58,7 @@ int main( void ) mbedtls_printf( "\n MD5('%s') = ", str ); if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 ) - return( MBEDTLS_EXIT_FAILURE ); + mbedtls_exit( MBEDTLS_EXIT_FAILURE ); for( i = 0; i < 16; i++ ) mbedtls_printf( "%02x", digest[i] ); @@ -70,6 +70,6 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( MBEDTLS_EXIT_SUCCESS ); + mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); } #endif /* MBEDTLS_MD5_C */ diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 86b260ca0306..90fc4e546c8a 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -68,7 +68,7 @@ int main( void ) "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -307,7 +307,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index bf5482ed0a03..5293f899cc92 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -45,7 +45,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_GENPRIME not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -91,7 +91,7 @@ int main( int argc, char **argv ) { usage: mbedtls_printf( USAGE ); - return( exit_code ); + mbedtls_exit( exit_code ); } for( i = 1; i < argc; i++ ) @@ -197,7 +197,7 @@ int main( int argc, char **argv ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index c01177485346..06676c08d2ad 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -68,7 +68,7 @@ int main( void ) "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -330,7 +330,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index 9f849dd29d9a..e79dce09a987 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -45,7 +45,7 @@ int main( void ) "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " "not defined\n" ); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -238,7 +238,7 @@ int main( int argc, char *argv[] ) mbedtls_ctr_drbg_free( &ctr_drbg ); mbedtls_entropy_free( &entropy ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index b851c3173ad0..b898b6275ebf 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -66,7 +66,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else #if defined(VERBOSE) @@ -248,7 +248,7 @@ int main( int argc, char *argv[] ) mbedtls_ctr_drbg_free( &ctr_drbg ); mbedtls_entropy_free( &entropy ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && ECPARAMS */ diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 23e4e145c618..04e88bb78d9d 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -133,7 +133,7 @@ int main( void ) "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_PEM_WRITE_C" "not defined.\n" ); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -446,7 +446,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO && * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 79393099193b..442e1732da20 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -70,7 +70,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -311,6 +311,6 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 60964292b938..b0b831a11cd2 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -94,7 +94,7 @@ int main( void ) { mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" ); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -436,6 +436,6 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index ecdcd329a19e..816378137001 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -46,7 +46,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -112,6 +112,6 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index bf425079e2e1..c80928d2149a 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -56,7 +56,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or " "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -171,7 +171,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index a32b1476154d..1850d93ef4a9 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -57,7 +57,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -176,7 +176,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 47a098a1a102..f27d8ea26016 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -47,7 +47,7 @@ int main( void ) "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -174,7 +174,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index a6bfe3f29717..e6d7d4c41997 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -45,7 +45,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or " "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " "MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -147,7 +147,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index ff71bd0553b6..6e675c657c1f 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -55,7 +55,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -207,6 +207,6 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 4a71c15dd177..48f01abbc0f2 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -55,7 +55,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -184,7 +184,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index d556c190218e..4d1da9bbaa8d 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -60,7 +60,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or " "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -186,7 +186,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 9bcd7a6270a6..570a64490e76 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -46,7 +46,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_C and/or " "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -188,7 +188,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 42209e27c1d9..b65225e59eb7 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -47,7 +47,7 @@ int main( void ) "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -175,7 +175,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 94f0ef9ce9c2..0cbce682e578 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -45,7 +45,7 @@ int main( void ) mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_C and/or " "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -161,7 +161,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 148cd5110b03..f788ff1566b3 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -47,7 +47,7 @@ int main( void ) "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -152,7 +152,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index 6ae63b725da2..e19ab61d0a54 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -47,7 +47,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -63,13 +63,13 @@ int main( int argc, char *argv[] ) if( argc < 2 ) { mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - return( exit_code ); + mbedtls_exit( exit_code ); } if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) { mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - return( exit_code ); + mbedtls_exit( exit_code ); } mbedtls_entropy_init( &entropy ); @@ -99,6 +99,6 @@ int main( int argc, char *argv[] ) fclose( f ); mbedtls_entropy_free( &entropy ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_ENTROPY_C */ diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index 59df34b665a1..b0882767a0a0 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -50,7 +50,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -69,13 +69,13 @@ int main( int argc, char *argv[] ) if( argc < 2 ) { mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - return( exit_code ); + mbedtls_exit( exit_code ); } if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) { mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - return( exit_code ); + mbedtls_exit( exit_code ); } mbedtls_entropy_init( &entropy ); @@ -132,6 +132,6 @@ int main( int argc, char *argv[] ) mbedtls_ctr_drbg_free( &ctr_drbg ); mbedtls_entropy_free( &entropy ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */ diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c index 5ea52aec9bb2..6a65de093204 100644 --- a/programs/random/gen_random_havege.c +++ b/programs/random/gen_random_havege.c @@ -48,7 +48,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -65,13 +65,13 @@ int main( int argc, char *argv[] ) if( argc < 2 ) { mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - return( exit_code ); + mbedtls_exit( exit_code ); } if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) { mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - return( exit_code ); + mbedtls_exit( exit_code ); } mbedtls_havege_init( &hs ); @@ -104,6 +104,6 @@ int main( int argc, char *argv[] ) exit: mbedtls_havege_free( &hs ); fclose( f ); - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_HAVEGE_C */ diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 3ea2a680b618..b74926e392da 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -29,6 +29,7 @@ #include "mbedtls/platform.h" #else #include +#include #define mbedtls_printf printf #define mbedtls_fprintf fprintf #define mbedtls_exit exit @@ -48,7 +49,7 @@ int main( void ) "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -355,7 +356,7 @@ int main( int argc, char *argv[] ) if( ret < 0 ) ret = 1; - return( ret ); + mbedtls_exit( ret ); } #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index bb32724780d0..9121c34df23b 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -29,6 +29,7 @@ #include "mbedtls/platform.h" #else #include +#include #define mbedtls_printf printf #define mbedtls_fprintf fprintf #define mbedtls_time_t time_t @@ -61,7 +62,7 @@ int main( void ) "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " "MBEDTLS_TIMING_C not defined.\n" ); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -430,7 +431,7 @@ int main( void ) if( ret < 0 ) ret = 1; - return( ret ); + mbedtls_exit( ret ); } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 4b8140e683e1..c568242f76d4 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -60,7 +60,7 @@ int main( void ) mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " "not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -296,6 +296,6 @@ int main( void ) mbedtls_x509_crt_free( &ca ); #endif - return( ret ); + mbedtls_exit( ret ); } #endif diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index b723243c9cb0..2976a5afc067 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -51,7 +51,7 @@ int main( void ) "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " "not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -312,7 +312,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 7ba4565c21c0..13e749fb568f 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -50,7 +50,7 @@ int main( void ) mbedtls_printf("MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -1556,7 +1556,7 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "query_config" ) == 0 ) { - return query_config( q ); + mbedtls_exit( query_config( q ) ); } else if( strcmp( p, "eap_tls" ) == 0 ) { @@ -2989,7 +2989,7 @@ int main( int argc, char *argv[] ) if( ret < 0 ) ret = 1; - return( ret ); + mbedtls_exit( ret ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 80407e49aa45..1ff5369c4554 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -54,14 +54,14 @@ int main( int argc, char *argv[] ) "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #elif defined(_WIN32) int main( void ) { mbedtls_printf("_WIN32 defined. This application requires fork() and signals " "to work correctly.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -416,7 +416,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 3163e2124cfe..08ff02595651 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -56,7 +56,7 @@ int main( void ) "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " "not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -853,7 +853,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C ** diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 0624d3363e3b..3496ef6a5c36 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -54,7 +54,7 @@ int main( void ) "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -524,7 +524,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( ret ); + mbedtls_exit( ret ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 3e1d9a4e6135..21ba2c1c7f39 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -52,7 +52,7 @@ int main( void ) "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -397,7 +397,7 @@ int main( void ) fflush( stdout ); getchar(); #endif - return( ret ); + mbedtls_exit( ret ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 3279cda9e20e..088fcc155e63 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -50,7 +50,7 @@ int main( void ) mbedtls_printf("MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_CTR_DRBG_C and/or not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -2284,7 +2284,7 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "query_config" ) == 0 ) { - return query_config( q ); + mbedtls_exit( query_config( q ) ); } else if( strcmp( p, "eap_tls" ) == 0 ) { @@ -4031,7 +4031,7 @@ int main( int argc, char *argv[] ) if( ret < 0 ) ret = 1; - return( ret ); + mbedtls_exit( ret ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 727054ee6067..43add341200f 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -418,6 +418,5 @@ int main( int argc, char *argv[] ) mbedtls_exit( MBEDTLS_EXIT_FAILURE ); /* return() is here to prevent compiler warnings */ - return( MBEDTLS_EXIT_SUCCESS ); + mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); } - diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 979910e6bc8d..732a7edb8486 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -179,7 +179,7 @@ static void exit_usage( const char *name, const char *value ) mbedtls_printf( " option %s: illegal value: %s\n", name, value ); mbedtls_printf( USAGE ); - exit( 1 ); + mbedtls_exit( 1 ); } static void get_options( int argc, char *argv[] ) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 432eefbf7d5b..7c3e50aa7662 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -51,7 +51,7 @@ int main( void ) "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -497,7 +497,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index f3d915750fc0..81e0d8c94a18 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -46,7 +46,7 @@ int main( void ) "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " "not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -444,7 +444,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */ diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index d36d73c0d43d..09b8b1e66a88 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -47,7 +47,7 @@ int main( void ) "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_ERROR_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -815,7 +815,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 127320a138aa..cebc724e7885 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -42,7 +42,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -147,7 +147,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 3bb4277fd910..3182d30bc941 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -42,7 +42,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -147,7 +147,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C && MBEDTLS_FS_IO */ From 776521aee836fe60745d9fd5eab5127ef562d376 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Thu, 23 May 2019 09:46:47 +0200 Subject: [PATCH 02/81] Return from the test and utility examples via exit() All the core examples have been modified not to return from main by the means of the return statement, but rather via exit() function, which was done to make the examples more bare metal friendly. This commit, for the sake of consistency, introduces the modifications to the test and utility examples. These, while less likely to be used in the low level environments, won't suffer from such a change. --- programs/test/benchmark.c | 4 ++-- programs/test/udp_proxy.c | 5 +++-- programs/test/zeroize.c | 7 ++++--- programs/util/pem2der.c | 4 ++-- programs/util/strerror.c | 8 +++++--- 5 files changed, 16 insertions(+), 12 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 2b86566925d1..a8f7f6e1b8b6 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -43,7 +43,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_TIMING_C not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -999,7 +999,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( 0 ); + mbedtls_exit( 0 ); } #endif /* MBEDTLS_TIMING_C */ diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 732a7edb8486..3a759c0af3db 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -42,6 +42,7 @@ #define mbedtls_printf printf #define mbedtls_calloc calloc #define mbedtls_free free +#define mbedtls_exit exit #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #endif /* MBEDTLS_PLATFORM_C */ @@ -50,7 +51,7 @@ int main( void ) { mbedtls_printf( "MBEDTLS_NET_C not defined.\n" ); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -964,7 +965,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_NET_C */ diff --git a/programs/test/zeroize.c b/programs/test/zeroize.c index 29cc0ac3c113..c670a6b58fee 100644 --- a/programs/test/zeroize.c +++ b/programs/test/zeroize.c @@ -42,6 +42,7 @@ #else #include #define mbedtls_printf printf +#define mbedtls_exit exit #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE #endif @@ -72,14 +73,14 @@ int main( int argc, char** argv ) { mbedtls_printf( "This program takes exactly 1 agument\n" ); usage(); - return( exit_code ); + mbedtls_exit( exit_code ); } fp = fopen( argv[1], "r" ); if( fp == NULL ) { mbedtls_printf( "Could not open file '%s'\n", argv[1] ); - return( exit_code ); + mbedtls_exit( exit_code ); } while( ( c = fgetc( fp ) ) != EOF && p < end - 1 ) @@ -97,5 +98,5 @@ int main( int argc, char** argv ) fclose( fp ); mbedtls_platform_zeroize( buf, sizeof( buf ) ); - return( exit_code ); + mbedtls_exit( exit_code ); } diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index f18493926675..f1961a145e76 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -61,7 +61,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else @@ -290,6 +290,6 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( exit_code ); + mbedtls_exit( exit_code ); } #endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */ diff --git a/programs/util/strerror.c b/programs/util/strerror.c index 458280c989b1..5d1bbc9e60f5 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -29,7 +29,9 @@ #include "mbedtls/platform.h" #else #include +#include #define mbedtls_printf printf +#define mbedtls_exit exit #endif #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) @@ -48,7 +50,7 @@ int main( void ) { mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n"); - return( 0 ); + mbedtls_exit( 0 ); } #else int main( int argc, char *argv[] ) @@ -59,7 +61,7 @@ int main( int argc, char *argv[] ) if( argc != 2 ) { mbedtls_printf( USAGE ); - return( 0 ); + mbedtls_exit( 0 ); } val = strtol( argv[1], &end, 10 ); @@ -87,6 +89,6 @@ int main( int argc, char *argv[] ) fflush( stdout ); getchar(); #endif - return( val ); + mbedtls_exit( val ); } #endif /* MBEDTLS_ERROR_C */ From f64db80448564702925445be7a563dde3ecf5bab Mon Sep 17 00:00:00 2001 From: Carlos Gomes Martinho Date: Tue, 31 Mar 2020 14:43:44 +0200 Subject: [PATCH 03/81] build: do not treat compiler warnings as errors for unsafe builds with msvc this is the same behaviour as with gcc and clang Signed-off-by: Carlos Gomes Martinho --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 1e3098cd9161..c5fd56233140 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -162,7 +162,7 @@ if(CMAKE_COMPILER_IS_IAR) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts --warnings_are_errors -Ohz") endif(CMAKE_COMPILER_IS_IAR) -if(CMAKE_COMPILER_IS_MSVC) +if(CMAKE_COMPILER_IS_MSVC AND NOT UNSAFE_BUILD) # Strictest warnings, and treat as errors set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") From a5f0bd34b6cbcc7d50f849d9c9fcd4f5f2289916 Mon Sep 17 00:00:00 2001 From: Carlos Gomes Martinho Date: Fri, 3 Apr 2020 09:42:37 +0200 Subject: [PATCH 04/81] build: add option to treat compiler warnings as errors Signed-off-by: Carlos Gomes Martinho --- CMakeLists.txt | 32 +++++++++++++++++++++----------- library/CMakeLists.txt | 6 ------ 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c5fd56233140..3dd2270f6dbc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -14,6 +14,7 @@ option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) +option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}") string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${CMAKE_C_COMPILER_ID}") @@ -140,9 +141,9 @@ if(CMAKE_COMPILER_IS_GNU) set(CMAKE_C_FLAGS_RELEASE "-O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") - set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") - set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_CHECK "-Werror -Os") + set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") + set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_CHECK "-Os") set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual") endif(CMAKE_COMPILER_IS_GNU) @@ -151,23 +152,32 @@ if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS_RELEASE "-O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") - set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") - set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") - set(CMAKE_C_FLAGS_MEMSAN "-Werror -fsanitize=memory -O3") - set(CMAKE_C_FLAGS_MEMSANDBG "-Werror -fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") - set(CMAKE_C_FLAGS_CHECK "-Werror -Os") + set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") + set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3") + set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") + set(CMAKE_C_FLAGS_CHECK "-Os") endif(CMAKE_COMPILER_IS_CLANG) if(CMAKE_COMPILER_IS_IAR) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts --warnings_are_errors -Ohz") endif(CMAKE_COMPILER_IS_IAR) -if(CMAKE_COMPILER_IS_MSVC AND NOT UNSAFE_BUILD) - # Strictest warnings, and treat as errors +if(CMAKE_COMPILER_IS_MSVC) + # Strictest warnings set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") endif(CMAKE_COMPILER_IS_MSVC) +if(MBEDTLS_FATAL_WARNINGS) + if(CMAKE_COMPILER_IS_MSVC) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") + endif(CMAKE_COMPILER_IS_MSVC) + + if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") + endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) +endif(MBEDTLS_FATAL_WARNINGS) + if(CMAKE_BUILD_TYPE STREQUAL "Coverage") if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) set(CMAKE_SHARED_LINKER_FLAGS "--coverage") diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 14dfa221b470..cd6cbde9868f 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -113,12 +113,6 @@ if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") endif(CMAKE_COMPILER_IS_CLANG) -if(UNSAFE_BUILD) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error") - set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error") - set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error") -endif(UNSAFE_BUILD) - if(WIN32) set(libs ${libs} ws2_32) endif(WIN32) From 227a9db71e44b66e0bc368689e333ada805b5fa7 Mon Sep 17 00:00:00 2001 From: Carlos Gomes Martinho Date: Fri, 3 Apr 2020 09:42:57 +0200 Subject: [PATCH 05/81] docs: show cross platform instructions Signed-off-by: Carlos Gomes Martinho --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f868a0a806b7..2058d24d615d 100644 --- a/README.md +++ b/README.md @@ -85,11 +85,11 @@ In order to build the source using CMake in a separate directory (recommended), mkdir /path/to/build_dir && cd /path/to/build_dir cmake /path/to/mbedtls_source - make + cmake --build . In order to run the tests, enter: - make test + ctest The test suites need Python to be built and Perl to be executed. If you don't have one of these installed, you'll want to disable the test suites with: From 77764da7cb71564dacf897632c31a1802f1509eb Mon Sep 17 00:00:00 2001 From: Carlos Gomes Martinho Date: Fri, 3 Apr 2020 09:47:26 +0200 Subject: [PATCH 06/81] chore: irgnore build directory in repository Signed-off-by: Carlos Gomes Martinho --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 0f95b4c795b5..ee2cd46404d8 100644 --- a/.gitignore +++ b/.gitignore @@ -34,6 +34,9 @@ massif-* # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those: *.dir/ +# Microsoft CMake extension for Visual Studio Code generates a build directory by default +/build/ + # Visual Studio artifacts /visualc/VS2010/.localhistory/ /visualc/VS2010/.vs/ From bbaa2b784a17505810a22824e51006ee5bf16494 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 13:33:57 +0200 Subject: [PATCH 07/81] Move long lists out of functions Signed-off-by: Gilles Peskine --- scripts/config.py | 102 ++++++++++++++++++++++++---------------------- 1 file changed, 53 insertions(+), 49 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index b7a9a080e4df..2557cf194ce7 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -159,42 +159,44 @@ def realfull_adapter(_name, active, section): return active return True +EXCLUDE_FROM_FULL = frozenset([ + 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', + 'MBEDTLS_DEPRECATED_REMOVED', + 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', + 'MBEDTLS_ECP_RESTARTABLE', + 'MBEDTLS_ENTROPY_FORCE_SHA256', # Variant toggle, tested separately + 'MBEDTLS_HAVE_SSE2', + 'MBEDTLS_MEMORY_BACKTRACE', + 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', + 'MBEDTLS_MEMORY_DEBUG', + 'MBEDTLS_NO_64BIT_MULTIPLICATION', + 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', + 'MBEDTLS_NO_PLATFORM_ENTROPY', + 'MBEDTLS_NO_UDBL_DIVISION', + 'MBEDTLS_PKCS11_C', + 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', + 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', + 'MBEDTLS_PSA_CRYPTO_SE_C', + 'MBEDTLS_PSA_CRYPTO_SPM', + 'MBEDTLS_PSA_INJECT_ENTROPY', + 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', + 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', + 'MBEDTLS_RSA_NO_CRT', + 'MBEDTLS_SHA512_NO_SHA384', + 'MBEDTLS_SSL_HW_RECORD_ACCEL', + 'MBEDTLS_SSL_PROTO_SSL3', + 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', + 'MBEDTLS_TEST_NULL_ENTROPY', + 'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3', + 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', + 'MBEDTLS_ZLIB_SUPPORT', +]) + def include_in_full(name): """Rules for symbols in the "full" configuration.""" if re.search(r'PLATFORM_[A-Z0-9]+_ALT', name): return True - if name in [ - 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', - 'MBEDTLS_DEPRECATED_REMOVED', - 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', - 'MBEDTLS_ECP_RESTARTABLE', - 'MBEDTLS_ENTROPY_FORCE_SHA256', # Variant toggle, tested separately - 'MBEDTLS_HAVE_SSE2', - 'MBEDTLS_MEMORY_BACKTRACE', - 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', - 'MBEDTLS_MEMORY_DEBUG', - 'MBEDTLS_NO_64BIT_MULTIPLICATION', - 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', - 'MBEDTLS_NO_PLATFORM_ENTROPY', - 'MBEDTLS_NO_UDBL_DIVISION', - 'MBEDTLS_PKCS11_C', - 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', - 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', - 'MBEDTLS_PSA_CRYPTO_SE_C', - 'MBEDTLS_PSA_CRYPTO_SPM', - 'MBEDTLS_PSA_INJECT_ENTROPY', - 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', - 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', - 'MBEDTLS_RSA_NO_CRT', - 'MBEDTLS_SHA512_NO_SHA384', - 'MBEDTLS_SSL_HW_RECORD_ACCEL', - 'MBEDTLS_SSL_PROTO_SSL3', - 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', - 'MBEDTLS_TEST_NULL_ENTROPY', - 'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3', - 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', - 'MBEDTLS_ZLIB_SUPPORT', - ]: + if name in EXCLUDE_FROM_FULL: return False if name.endswith('_ALT'): return False @@ -206,25 +208,27 @@ def full_adapter(name, active, section): return active return include_in_full(name) +EXCLUDE_FROM_BAREMETAL = frozenset([ + 'MBEDTLS_DEPRECATED_WARNING', + 'MBEDTLS_ENTROPY_NV_SEED', + 'MBEDTLS_FS_IO', + 'MBEDTLS_HAVEGE_C', + 'MBEDTLS_HAVE_TIME', + 'MBEDTLS_HAVE_TIME_DATE', + 'MBEDTLS_NET_C', + 'MBEDTLS_PLATFORM_FPRINTF_ALT', + 'MBEDTLS_PLATFORM_TIME_ALT', + 'MBEDTLS_PSA_CRYPTO_SE_C', + 'MBEDTLS_PSA_CRYPTO_STORAGE_C', + 'MBEDTLS_PSA_ITS_FILE_C', + 'MBEDTLS_THREADING_C', + 'MBEDTLS_THREADING_PTHREAD', + 'MBEDTLS_TIMING_C', +]) + def keep_in_baremetal(name): """Rules for symbols in the "baremetal" configuration.""" - if name in [ - 'MBEDTLS_DEPRECATED_WARNING', - 'MBEDTLS_ENTROPY_NV_SEED', - 'MBEDTLS_FS_IO', - 'MBEDTLS_HAVEGE_C', - 'MBEDTLS_HAVE_TIME', - 'MBEDTLS_HAVE_TIME_DATE', - 'MBEDTLS_NET_C', - 'MBEDTLS_PLATFORM_FPRINTF_ALT', - 'MBEDTLS_PLATFORM_TIME_ALT', - 'MBEDTLS_PSA_CRYPTO_SE_C', - 'MBEDTLS_PSA_CRYPTO_STORAGE_C', - 'MBEDTLS_PSA_ITS_FILE_C', - 'MBEDTLS_THREADING_C', - 'MBEDTLS_THREADING_PTHREAD', - 'MBEDTLS_TIMING_C', - ]: + if name in EXCLUDE_FROM_BAREMETAL: return False return True From cfffc28a8066c3364185279013d9611812e4746e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 13:55:45 +0200 Subject: [PATCH 08/81] Document the full and baremetal configurations For each excluded symbol, explain why it's excluded. Signed-off-by: Gilles Peskine --- scripts/config.py | 107 +++++++++++++++++++++++++++------------------- 1 file changed, 63 insertions(+), 44 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 2557cf194ce7..d09353fd1363 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -159,46 +159,58 @@ def realfull_adapter(_name, active, section): return active return True +# The goal of the full configuration is to have everything that can be tested +# together. This includes deprecated or insecure options. It excludes: +# * Options that require additional build dependencies or unusual hardware. +# * Options that make testing less effective. +# * Options that are incompatible with other options. +# * Options that remove features. +# * Options that are variants, so that we need to test both with and without. EXCLUDE_FROM_FULL = frozenset([ - 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', - 'MBEDTLS_DEPRECATED_REMOVED', - 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', - 'MBEDTLS_ECP_RESTARTABLE', - 'MBEDTLS_ENTROPY_FORCE_SHA256', # Variant toggle, tested separately - 'MBEDTLS_HAVE_SSE2', - 'MBEDTLS_MEMORY_BACKTRACE', - 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', - 'MBEDTLS_MEMORY_DEBUG', - 'MBEDTLS_NO_64BIT_MULTIPLICATION', - 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', - 'MBEDTLS_NO_PLATFORM_ENTROPY', - 'MBEDTLS_NO_UDBL_DIVISION', - 'MBEDTLS_PKCS11_C', - 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', - 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', + #pylint: disable=line-too-long + 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # variant toggle + 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options + 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # variant toggle + 'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO + 'MBEDTLS_ENTROPY_FORCE_SHA256', # variant toggle + 'MBEDTLS_HAVE_SSE2', # hardware dependency + 'MBEDTLS_MEMORY_BACKTRACE', # depends on MEMORY_BUFFER_ALLOC_C + 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', # makes sanitizers (e.g. ASan) less effective + 'MBEDTLS_MEMORY_DEBUG', # depends on MEMORY_BUFFER_ALLOC_C + 'MBEDTLS_NO_64BIT_MULTIPLICATION', # variant toggle + 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature + 'MBEDTLS_NO_PLATFORM_ENTROPY', # removes a feature + 'MBEDTLS_NO_UDBL_DIVISION', # variant toggle + 'MBEDTLS_PKCS11_C', # build dependecy (libpkcs11-helper) + 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature + 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # variant toggle 'MBEDTLS_PSA_CRYPTO_SE_C', - 'MBEDTLS_PSA_CRYPTO_SPM', - 'MBEDTLS_PSA_INJECT_ENTROPY', - 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', - 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', - 'MBEDTLS_RSA_NO_CRT', - 'MBEDTLS_SHA512_NO_SHA384', - 'MBEDTLS_SSL_HW_RECORD_ACCEL', + 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) + 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) + 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature + 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', # removes a feature + 'MBEDTLS_RSA_NO_CRT', # variant toggle + 'MBEDTLS_SHA512_NO_SHA384', # removes a feature + 'MBEDTLS_SSL_HW_RECORD_ACCEL', # build dependency (hook functions) 'MBEDTLS_SSL_PROTO_SSL3', 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', - 'MBEDTLS_TEST_NULL_ENTROPY', + 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature 'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3', - 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', - 'MBEDTLS_ZLIB_SUPPORT', + 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # variant toggle + 'MBEDTLS_ZLIB_SUPPORT', # build dependency (libz) ]) def include_in_full(name): """Rules for symbols in the "full" configuration.""" if re.search(r'PLATFORM_[A-Z0-9]+_ALT', name): + # Include configurable functions that default to the built-in function. + # This way we test that they're in place without changing the behavior. return True if name in EXCLUDE_FROM_FULL: return False if name.endswith('_ALT'): + # Exclude alt implementations since they require an implementation + # of the relevant functions. return False return True @@ -208,22 +220,28 @@ def full_adapter(name, active, section): return active return include_in_full(name) +# The baremetal configuration excludes options that require a library or +# operating system feature that is typically not present on bare metal +# systems. Features that are excluded from "full" won't be in "baremetal" +# either (unless explicitly turned on in baremetal_adapter) so they don't +# need to be repeated here. EXCLUDE_FROM_BAREMETAL = frozenset([ + #pylint: disable=line-too-long 'MBEDTLS_DEPRECATED_WARNING', - 'MBEDTLS_ENTROPY_NV_SEED', - 'MBEDTLS_FS_IO', - 'MBEDTLS_HAVEGE_C', - 'MBEDTLS_HAVE_TIME', - 'MBEDTLS_HAVE_TIME_DATE', - 'MBEDTLS_NET_C', - 'MBEDTLS_PLATFORM_FPRINTF_ALT', - 'MBEDTLS_PLATFORM_TIME_ALT', - 'MBEDTLS_PSA_CRYPTO_SE_C', - 'MBEDTLS_PSA_CRYPTO_STORAGE_C', - 'MBEDTLS_PSA_ITS_FILE_C', - 'MBEDTLS_THREADING_C', - 'MBEDTLS_THREADING_PTHREAD', - 'MBEDTLS_TIMING_C', + 'MBEDTLS_ENTROPY_NV_SEED', # requires FS_IO or alternate NV seed hooks + 'MBEDTLS_FS_IO', # requires a filesystem + 'MBEDTLS_HAVEGE_C', # requires a clock + 'MBEDTLS_HAVE_TIME', # requires a clock + 'MBEDTLS_HAVE_TIME_DATE', # requires a clock + 'MBEDTLS_NET_C', # requires POSIX-like networking + 'MBEDTLS_PLATFORM_FPRINTF_ALT', # requires FILE* from stdio.h + 'MBEDTLS_PLATFORM_TIME_ALT', # requires timing + 'MBEDTLS_PSA_CRYPTO_SE_C', # requires a filesystem + 'MBEDTLS_PSA_CRYPTO_STORAGE_C', # requires a filesystem + 'MBEDTLS_PSA_ITS_FILE_C', # requires a filesystem + 'MBEDTLS_THREADING_C', # requires a threading interface + 'MBEDTLS_THREADING_PTHREAD', # requires pthread + 'MBEDTLS_TIMING_C', # requires a clock ]) def keep_in_baremetal(name): @@ -237,6 +255,7 @@ def baremetal_adapter(name, active, section): if not is_full_section(section): return active if name == 'MBEDTLS_NO_PLATFORM_ENTROPY': + # No OS-provided entropy source return True return include_in_full(name) and keep_in_baremetal(name) @@ -247,10 +266,10 @@ def include_in_crypto(name): name.startswith('MBEDTLS_KEY_EXCHANGE_'): return False if name in [ - 'MBEDTLS_CERTS_C', - 'MBEDTLS_DEBUG_C', - 'MBEDTLS_NET_C', - 'MBEDTLS_PKCS11_C', + 'MBEDTLS_CERTS_C', # part of libmbedx509 + 'MBEDTLS_DEBUG_C', # part of libmbedtls + 'MBEDTLS_NET_C', # part of libmbedtls + 'MBEDTLS_PKCS11_C', # part of libmbedx509 ]: return False return True From 32e889dfc3c7808d254750f09f11f0c397482368 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 23:43:28 +0200 Subject: [PATCH 09/81] Document and fix the MBEDTLS_xxx_ALT logic for the full config The intended logic around MBEDTLS_xxx_ALT is to exclude them from full because they require the alternative implementation of one or more library functions, except that MBEDTLS_PLATFORM_xxx_ALT are different: they're alternative implementations of a platform function and they have a built-in default, so they should be included in full. Document this. Fix a bug whereby MBEDTLS_PLATFORM_xxx_ALT didn't catch symbols where xxx contains an underscore. As a consequence, MBEDTLS_PLATFORM_GMTIME_R_ALT and MBEDTLS_PLATFORM_NV_SEED_ALT are now enabled in the full config. Explicitly exclude MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT because it behaves like the non-platform ones, requiring an extra build-time dependency. Explicitly exclude MBEDTLS_PLATFORM_NV_SEED_ALT from baremetal because it requires MBEDTLS_ENTROPY_NV_SEED, and likewise explicitly unset it from builds that unset MBEDTLS_ENTROPY_NV_SEED. Signed-off-by: Gilles Peskine --- scripts/config.py | 24 +++++++++++++++++------- tests/scripts/all.sh | 4 ++++ 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index d09353fd1363..cd69ebfdefa6 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -183,6 +183,7 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_NO_UDBL_DIVISION', # variant toggle 'MBEDTLS_PKCS11_C', # build dependecy (libpkcs11-helper) 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature + 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', # similar to non-platform xxx_ALT, requires platform_alt.h 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # variant toggle 'MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) @@ -200,18 +201,26 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_ZLIB_SUPPORT', # build dependency (libz) ]) +def is_seamless_alt(name): + """Include xxx_ALT symbols that don't have external dependencies. + + Include alternative implementations of platform functions, which are + configurable function pointers that default to the built-in function. + This way we test that the function pointers exist and build correctly + without changing the behavior, and tests can verify that the function + pointers are used by modifying those pointers. + + Exclude alternative implementations of library functions since they require + an implementation of the relevant functions and an xxx_alt.h header. + """ + return name.startswith('MBEDTLS_PLATFORM_') + def include_in_full(name): """Rules for symbols in the "full" configuration.""" - if re.search(r'PLATFORM_[A-Z0-9]+_ALT', name): - # Include configurable functions that default to the built-in function. - # This way we test that they're in place without changing the behavior. - return True if name in EXCLUDE_FROM_FULL: return False if name.endswith('_ALT'): - # Exclude alt implementations since they require an implementation - # of the relevant functions. - return False + return is_seamless_alt(name) return True def full_adapter(name, active, section): @@ -235,6 +244,7 @@ def full_adapter(name, active, section): 'MBEDTLS_HAVE_TIME_DATE', # requires a clock 'MBEDTLS_NET_C', # requires POSIX-like networking 'MBEDTLS_PLATFORM_FPRINTF_ALT', # requires FILE* from stdio.h + 'MBEDTLS_PLATFORM_NV_SEED_ALT', # requires a filesystem 'MBEDTLS_PLATFORM_TIME_ALT', # requires timing 'MBEDTLS_PSA_CRYPTO_SE_C', # requires a filesystem 'MBEDTLS_PSA_CRYPTO_STORAGE_C', # requires a filesystem diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9b69aa204a54..1085de0a2209 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1023,6 +1023,7 @@ component_test_check_params_without_platform () { scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_MEMORY + scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED @@ -1052,6 +1053,7 @@ component_test_no_platform () { scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT + scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED scripts/config.py unset MBEDTLS_FS_IO scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C @@ -1069,6 +1071,7 @@ component_build_no_std_function () { scripts/config.py full scripts/config.py set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED + scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' } @@ -1252,6 +1255,7 @@ component_test_null_entropy () { scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES scripts/config.py set MBEDTLS_ENTROPY_C scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED + scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT scripts/config.py unset MBEDTLS_HAVEGE_C CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON . From 72d40fc6cab30872a3b0c5bbdc8fa27fe50369b0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 21:28:42 +0200 Subject: [PATCH 10/81] Fix build failure with MBEDTLS_PLATFORM_NV_SEED_ALT Signed-off-by: Gilles Peskine --- tests/suites/test_suite_entropy.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 9f10a90432dd..d9ea441492cc 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" +#include "mbedtls/md.h" #include "string.h" typedef enum From 6710e159216515f9fa0eea462e617539b042fbb5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 14:21:30 +0200 Subject: [PATCH 11/81] Enable X509_ALLOW_EXTENSIONS_NON_V3 in config full and fix tests Enable MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 in the full config. There's no reason to keep it out. We weren't testing it at all on the CI. Add a missing dependency on !MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 to some test cases that either were testing that v3 extensions are only accepted in v3 certificates, or where parsing returns a different error when MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 is enabled. Add a few positive and negative test cases with MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 enabled. Fix one test case with MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 where the intended output of mbedtls_x509_crt_info had changed in 890819a597bd7a67f0b8185a4409733504f792b3 but the test case was missed because it was never executed. Signed-off-by: Gilles Peskine --- scripts/config.py | 1 - tests/suites/test_suite_x509parse.data | 32 +++++++++++++++++++++----- 2 files changed, 26 insertions(+), 7 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index cd69ebfdefa6..34b79e0320e5 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -196,7 +196,6 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_SSL_PROTO_SSL3', 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature - 'MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3', 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # variant toggle 'MBEDTLS_ZLIB_SUPPORT', # build dependency (libz) ]) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 3099e632d6bb..6ae13cb0d886 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -176,7 +176,7 @@ x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial X509 certificate v1 with extension depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \:\n dNSName \: identity-check.org\n dNSName \: www.identity-check.org\n" +x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \:\n dNSName \: identity-check.org\n dNSName \: www.identity-check.org\n \n" X509 SAN parsing otherName depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C @@ -1563,7 +1563,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBSCertificate v3, ext SubjectAlternativeName malformed) @@ -1583,13 +1583,21 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT, ALLOW_EXTENSIONS_NON_V3) +depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT, ALLOW_EXTENSIONS_NON_V3) +depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + X509 CRT ASN1 (TBS, inv v3Ext, inv tag) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG @@ -1830,12 +1838,24 @@ X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated outside Extensions) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT) +X509 CRT (TBS, valid v3Ext in v1 CRT, ALLOW_EXTENSIONS_NON_V3) +depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 + +X509 CRT (TBS, valid v3Ext in v2 CRT, ALLOW_EXTENSIONS_NON_V3) +depends_on:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 2\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 + +X509 CRT (TBS, valid v3Ext in v3 CRT) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 + +X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT) +depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid v3Ext in v2 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid SubjectID, valid IssuerID, inv v3Ext, SubjectAltName repeated outside Extensions, inv SubjectAltNames tag) From dc6d838a73316736c6a094319be3363d7f4afd62 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 14:21:55 +0200 Subject: [PATCH 12/81] Enable MBEDTLS_PSA_CRYPTO_SE_C in config full It started out as be experimental, but it is now robust enough not to break the rest, so there's no reason to leave it out. Signed-off-by: Gilles Peskine --- scripts/config.py | 1 - tests/scripts/all.sh | 11 +---------- tests/scripts/basic-build-test.sh | 3 +-- 3 files changed, 2 insertions(+), 13 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 34b79e0320e5..79e8e4e09d44 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -185,7 +185,6 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', # similar to non-platform xxx_ALT, requires platform_alt.h 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # variant toggle - 'MBEDTLS_PSA_CRYPTO_SE_C', 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1085de0a2209..34e71c79e038 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -985,6 +985,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { scripts/config.py unset MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1373,16 +1374,6 @@ component_test_se_default () { make test } -component_test_se_full () { - msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C - make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" - - msg "test: full config + MBEDTLS_PSA_CRYPTO_SE_C" - make test -} - component_test_make_shared () { msg "build/test: make shared" # ~ 40s make SHARED=1 all check diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index aca2f11fb429..5080c57908b4 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -68,10 +68,9 @@ export LDFLAGS=' --coverage' make clean cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.py full -# Enable some deprecated or experimental features that are not in the +# Enable some deprecated features that are not in the # full config, but are compatible with it and have tests. scripts/config.py set MBEDTLS_SSL_PROTO_SSL3 -scripts/config.py set MBEDTLS_PSA_CRYPTO_SE_C make -j From 01fd875b32223f5ca38ac9b14e92d0c83fbb0167 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 19:31:52 +0200 Subject: [PATCH 13/81] Strict C99: Don't repeat the typedef for psa_se_drv_table_entry_t GCC and Clang accept ``` typedef struct foo foo_t; typedef struct foo { ... } foo_t; ``` But this is not valid ISO C due to the redefinition of `foo_t`. Signed-off-by: Gilles Peskine --- library/psa_crypto_se.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index b7fa0c5c5e9d..9418b5f45c65 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -64,7 +64,7 @@ typedef struct uintptr_t transient_data; } psa_drv_se_internal_context_t; -typedef struct psa_se_drv_table_entry_s +struct psa_se_drv_table_entry_s { psa_key_lifetime_t lifetime; const psa_drv_se_t *methods; @@ -73,7 +73,7 @@ typedef struct psa_se_drv_table_entry_s psa_drv_se_internal_context_t internal; psa_drv_se_context_t context; }; -} psa_se_drv_table_entry_t; +}; static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; From 1a75d0c15566f0d34d3b8eac92438f7a0d7e6153 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 19:33:25 +0200 Subject: [PATCH 14/81] Strict C99: don't use an anonymous union field GCC and Clang accept anonymous union fields, but this is not valid ISO C. Use a named field. Signed-off-by: Gilles Peskine --- library/psa_crypto_se.c | 42 ++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 9418b5f45c65..b9f186a96d93 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -72,7 +72,7 @@ struct psa_se_drv_table_entry_s { psa_drv_se_internal_context_t internal; psa_drv_se_context_t context; - }; + } u; }; static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; @@ -104,7 +104,7 @@ const psa_drv_se_t *psa_get_se_driver_methods( psa_drv_se_context_t *psa_get_se_driver_context( psa_se_drv_table_entry_t *driver ) { - return( &driver->context ); + return( &driver->u.context ); } int psa_get_se_driver( psa_key_lifetime_t lifetime, @@ -115,7 +115,7 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime, if( p_methods != NULL ) *p_methods = ( driver ? driver->methods : NULL ); if( p_drv_context != NULL ) - *p_drv_context = ( driver ? &driver->context : NULL ); + *p_drv_context = ( driver ? &driver->u.context : NULL ); return( driver != NULL ); } @@ -134,7 +134,7 @@ static psa_status_t psa_get_se_driver_its_file_uid( #if SIZE_MAX > UINT32_MAX /* ITS file sizes are limited to 32 bits. */ - if( driver->internal.persistent_data_size > UINT32_MAX ) + if( driver->u.internal.persistent_data_size > UINT32_MAX ) return( PSA_ERROR_NOT_SUPPORTED ); #endif @@ -162,8 +162,8 @@ psa_status_t psa_load_se_persistent_data( * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ return( psa_its_get( uid, 0, - (uint32_t) driver->internal.persistent_data_size, - driver->internal.persistent_data, + (uint32_t) driver->u.internal.persistent_data_size, + driver->u.internal.persistent_data, &length ) ); } @@ -181,8 +181,8 @@ psa_status_t psa_save_se_persistent_data( * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ return( psa_its_set( uid, - (uint32_t) driver->internal.persistent_data_size, - driver->internal.persistent_data, + (uint32_t) driver->u.internal.persistent_data_size, + driver->u.internal.persistent_data, 0 ) ); } @@ -221,8 +221,8 @@ psa_status_t psa_find_se_slot_for_key( driver->methods->key_management->p_validate_slot_number; if( p_validate_slot_number == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - status = p_validate_slot_number( &driver->context, - driver->internal.persistent_data, + status = p_validate_slot_number( &driver->u.context, + driver->u.internal.persistent_data, attributes, method, *slot_number ); } @@ -240,8 +240,8 @@ psa_status_t psa_find_se_slot_for_key( driver->methods->key_management->p_allocate; if( p_allocate == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); - status = p_allocate( &driver->context, - driver->internal.persistent_data, + status = p_allocate( &driver->u.context, + driver->u.internal.persistent_data, attributes, method, slot_number ); } @@ -265,8 +265,8 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, driver->methods->key_management->p_destroy == NULL ) return( PSA_ERROR_NOT_PERMITTED ); status = driver->methods->key_management->p_destroy( - &driver->context, - driver->internal.persistent_data, + &driver->u.context, + driver->u.internal.persistent_data, slot_number ); storage_status = psa_save_se_persistent_data( driver ); return( status == PSA_SUCCESS ? storage_status : status ); @@ -284,8 +284,8 @@ psa_status_t psa_init_all_se_drivers( void ) if( methods->p_init != NULL ) { psa_status_t status = methods->p_init( - &driver->context, - driver->internal.persistent_data, + &driver->u.context, + driver->u.internal.persistent_data, driver->lifetime ); if( status != PSA_SUCCESS ) return( status ); @@ -341,14 +341,14 @@ psa_status_t psa_register_se_driver( driver_table[i].lifetime = lifetime; driver_table[i].methods = methods; - driver_table[i].internal.persistent_data_size = + driver_table[i].u.internal.persistent_data_size = methods->persistent_data_size; if( methods->persistent_data_size != 0 ) { - driver_table[i].internal.persistent_data = + driver_table[i].u.internal.persistent_data = mbedtls_calloc( 1, methods->persistent_data_size ); - if( driver_table[i].internal.persistent_data == NULL ) + if( driver_table[i].u.internal.persistent_data == NULL ) { status = PSA_ERROR_INSUFFICIENT_MEMORY; goto error; @@ -373,8 +373,8 @@ void psa_unregister_all_se_drivers( void ) size_t i; for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) { - if( driver_table[i].internal.persistent_data != NULL ) - mbedtls_free( driver_table[i].internal.persistent_data ); + if( driver_table[i].u.internal.persistent_data != NULL ) + mbedtls_free( driver_table[i].u.internal.persistent_data ); } memset( driver_table, 0, sizeof( driver_table ) ); } From a5fc939bddbf71f1f80897649ff633763e82cdde Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 19:34:19 +0200 Subject: [PATCH 15/81] Strict C99: don't use a signed* when an unsigned* is expected It works in practice on almost every platform, given that we're only using the wrong type in cases where the value is guaranteed to stay within the value bits of a signed int. But even in this case it may or may not be strictly conforming. Anyway `gcc -std=c99 -pedantic` rejects it. Signed-off-by: Gilles Peskine --- programs/aes/crypt_and_hash.c | 3 ++- programs/pkey/pk_decrypt.c | 3 ++- programs/pkey/rsa_decrypt.c | 2 +- programs/pkey/rsa_verify.c | 3 ++- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index a5acf5b8bfd0..472c28aa8060 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -85,7 +85,8 @@ int main( void ) int main( int argc, char *argv[] ) { - int ret = 1, i, n; + int ret = 1, i; + unsigned n; int exit_code = MBEDTLS_EXIT_FAILURE; int mode; size_t keylen, ilen, olen; diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index bf425079e2e1..998c7ac89fb5 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -64,7 +64,8 @@ int main( void ) int main( int argc, char *argv[] ) { FILE *f; - int ret = 1, c; + int ret = 1; + unsigned c; int exit_code = MBEDTLS_EXIT_FAILURE; size_t i, olen = 0; mbedtls_pk_context pk; diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index ff71bd0553b6..c725f7ca1b0f 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -65,7 +65,7 @@ int main( int argc, char *argv[] ) FILE *f; int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; - int c; + unsigned c; size_t i; mbedtls_rsa_context rsa; mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 94f0ef9ce9c2..74030e45e56a 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -59,7 +59,8 @@ int main( void ) int main( int argc, char *argv[] ) { FILE *f; - int ret = 1, c; + int ret = 1; + unsigned c; int exit_code = MBEDTLS_EXIT_FAILURE; size_t i; mbedtls_rsa_context rsa; From 31f88a29dee0b8ab5d93c34e83d118daf01a7b21 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 19:39:56 +0200 Subject: [PATCH 16/81] Strict C99: make sure that fileno() is declared only declares the non-ISO-C function fileno() if an appropriate POSIX symbol is defined or if using a compiler such as GCC in non-pedantic mode. Define the appropriate POSIX symbol. Signed-off-by: Gilles Peskine --- tests/suites/main_test.function | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index a1ba6105851a..db1c88a80e54 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -19,6 +19,12 @@ * This file is part of Mbed TLS (https://tls.mbed.org) */ +#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) +#if !defined(_POSIX_C_SOURCE) +#define _POSIX_C_SOURCE 1 // for fileno() from +#endif +#endif + #if !defined(MBEDTLS_CONFIG_FILE) #include #else From b2971ff942f69094594274e858075bd2ca55fe5f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 19:41:01 +0200 Subject: [PATCH 17/81] Strict C99: don't use extremely large string literals Don't use string literals that are longer than 4095 bytes, which is the minimum that C99 compilers are required to support. Compilers are extremely likely to support longer literals, but `gcc -std=c99 -pedantic` complains. Signed-off-by: Gilles Peskine --- programs/ssl/ssl_client2.c | 18 +++++++++++++----- programs/ssl/ssl_server2.c | 18 +++++++++++++----- 2 files changed, 26 insertions(+), 10 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index f6284feeb9be..97088916f948 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -370,7 +370,9 @@ int main( void ) #define USAGE_SERIALIZATION "" #endif -#define USAGE \ +/* USAGE is arbitrarily split to stay under the portable string literal + * length limit: 4095 bytes in C99. */ +#define USAGE1 \ "\n usage: ssl_client2 param=<>...\n" \ "\n acceptable parameters:\n" \ " server_name=%%s default: localhost\n" \ @@ -394,7 +396,8 @@ int main( void ) "\n" \ USAGE_DTLS \ USAGE_CID \ - "\n" \ + "\n" +#define USAGE2 \ " auth_mode=%%s default: (library default: none)\n" \ " options: none, optional, required\n" \ USAGE_IO \ @@ -404,7 +407,8 @@ int main( void ) USAGE_PSK \ USAGE_ECJPAKE \ USAGE_ECRESTART \ - "\n" \ + "\n" +#define USAGE3 \ " allow_legacy=%%d default: (library default: no)\n" \ USAGE_RENEGO \ " exchanges=%%d default: 1\n" \ @@ -427,7 +431,8 @@ int main( void ) USAGE_CURVES \ USAGE_RECSPLIT \ USAGE_DHMLEN \ - "\n" \ + "\n" +#define USAGE4 \ " arc4=%%d default: (library default: 0)\n" \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1)\n" \ @@ -1234,7 +1239,10 @@ int main( int argc, char *argv[] ) if( ret == 0 ) ret = 1; - mbedtls_printf( USAGE ); + mbedtls_printf( USAGE1 ); + mbedtls_printf( USAGE2 ); + mbedtls_printf( USAGE3 ); + mbedtls_printf( USAGE4 ); list = mbedtls_ssl_list_ciphersuites(); while( *list ) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 845881f93290..76b1ba6cc09d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -456,7 +456,9 @@ int main( void ) #define USAGE_SERIALIZATION "" #endif -#define USAGE \ +/* USAGE is arbitrarily split to stay under the portable string literal + * length limit: 4095 bytes in C99. */ +#define USAGE1 \ "\n usage: ssl_server2 param=<>...\n" \ "\n acceptable parameters:\n" \ " server_addr=%%s default: (all interfaces)\n" \ @@ -477,7 +479,8 @@ int main( void ) USAGE_COOKIES \ USAGE_ANTI_REPLAY \ USAGE_BADMAC_LIMIT \ - "\n" \ + "\n" +#define USAGE2 \ " auth_mode=%%s default: (library default: none)\n" \ " options: none, optional, required\n" \ " cert_req_ca_list=%%d default: 1 (send ca list)\n" \ @@ -489,7 +492,8 @@ int main( void ) USAGE_PSK \ USAGE_CA_CALLBACK \ USAGE_ECJPAKE \ - "\n" \ + "\n" +#define USAGE3 \ " allow_legacy=%%d default: (library default: no)\n" \ USAGE_RENEGO \ " exchanges=%%d default: 1\n" \ @@ -506,7 +510,8 @@ int main( void ) USAGE_EMS \ USAGE_ETM \ USAGE_CURVES \ - "\n" \ + "\n" +#define USAGE4 \ " arc4=%%d default: (library default: 0)\n" \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1)\n" \ @@ -1900,7 +1905,10 @@ int main( int argc, char *argv[] ) if( ret == 0 ) ret = 1; - mbedtls_printf( USAGE ); + mbedtls_printf( USAGE1 ); + mbedtls_printf( USAGE2 ); + mbedtls_printf( USAGE3 ); + mbedtls_printf( USAGE4 ); list = mbedtls_ssl_list_ciphersuites(); while( *list ) From e094a18f6bf2e8effffffa2a644d7207ae2f4a3d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 14 Apr 2020 20:08:41 +0200 Subject: [PATCH 18/81] Strict C99: check it in the full config Ensure that there is a build with -pedantic in the full config, not just in "exotic" configurations. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 34e71c79e038..9fd6522e72f6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1392,7 +1392,7 @@ test_build_opt () { info=$1 cc=$2; shift 2 for opt in "$@"; do msg "build/test: $cc $opt, $info" # ~ 30s - make CC="$cc" CFLAGS="$opt -Wall -Wextra -Werror" + make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" # We're confident enough in compilers to not run _all_ the tests, # but at least run the unit tests. In particular, runs with # optimizations use inline assembly whereas runs with -O0 From 90581ee629dd1926154cc62f38091e2d8b80daca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 14:02:47 +0200 Subject: [PATCH 19/81] Turn off DEPRECATED_WARNING in full and baremetal MBEDTLS_DEPRECATED_REMOVED is turned off in full since we don't want to turn off deprecated features. Also turn off MBEDTLS_DEPRECATED_WARNING since we wouldn't want expected warnings: we're aware that we're enabling deprecated modules. Since MBEDTLS_DEPRECATED_WARNING is excluded from full, it doesn't need to be excluded from baremetal explicitly. Signed-off-by: Gilles Peskine --- scripts/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index 79e8e4e09d44..acc92100a385 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -170,6 +170,7 @@ def realfull_adapter(_name, active, section): #pylint: disable=line-too-long 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # variant toggle 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options + 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # variant toggle 'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO 'MBEDTLS_ENTROPY_FORCE_SHA256', # variant toggle @@ -234,7 +235,6 @@ def full_adapter(name, active, section): # need to be repeated here. EXCLUDE_FROM_BAREMETAL = frozenset([ #pylint: disable=line-too-long - 'MBEDTLS_DEPRECATED_WARNING', 'MBEDTLS_ENTROPY_NV_SEED', # requires FS_IO or alternate NV seed hooks 'MBEDTLS_FS_IO', # requires a filesystem 'MBEDTLS_HAVEGE_C', # requires a clock From be1d609c19d97843f8212132c1a2b22337ceee68 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 14:17:16 +0200 Subject: [PATCH 20/81] New config: full_non_deprecated Enable everything that can be tested together and isn't deprecated. Signed-off-by: Gilles Peskine --- scripts/config.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index acc92100a385..62891ce956ae 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -296,6 +296,28 @@ def continuation(name, active, section): return adapter(name, active, section) return continuation +DEPRECATED = frozenset([ + 'MBEDTLS_SSL_PROTO_SSL3', + 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', +]) + +def non_deprecated_adapter(adapter): + """Modify an adapter to disable deprecated symbols. + + ``non_deprecated_adapter(adapter)(name, active, section)`` is like + ``adapter(name, active, section)``, but unsets all deprecated symbols + and sets ``MBEDTLS_DEPRECATED_REMOVED``. + """ + def continuation(name, active, section): + if name == 'MBEDTLS_DEPRECATED_REMOVED': + return True + if name in DEPRECATED: + return False + if adapter is None: + return active + return adapter(name, active, section) + return continuation + class ConfigFile(Config): """Representation of the Mbed TLS configuration read for a file. @@ -457,6 +479,10 @@ def add_adapter(name, function, description): Exclude alternative implementations and platform support options, as well as some options that are awkward to test. """) + add_adapter('full_non_deprecated', non_deprecated_adapter(full_adapter), + """Uncomment most non-deprecated features. + Like "full", but without deprecated features. + """) add_adapter('realfull', realfull_adapter, """Uncomment all boolean #defines. Suitable for generating documentation, but not for building.""") From 3a584aecca23de40129d0596a3b0409f135d904a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 12 Apr 2020 23:15:51 +0200 Subject: [PATCH 21/81] Enable SSLv3 in the full config It's deprecated, but not otherwise counter-indicated for the full config: it doesn't conflict with anything and enabling it doesn't make testing harder (especially since it defaults off in compat.sh). Signed-off-by: Gilles Peskine --- scripts/config.py | 2 -- tests/scripts/basic-build-test.sh | 3 --- 2 files changed, 5 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 62891ce956ae..aeba64f26019 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -193,8 +193,6 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_RSA_NO_CRT', # variant toggle 'MBEDTLS_SHA512_NO_SHA384', # removes a feature 'MBEDTLS_SSL_HW_RECORD_ACCEL', # build dependency (hook functions) - 'MBEDTLS_SSL_PROTO_SSL3', - 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # variant toggle 'MBEDTLS_ZLIB_SUPPORT', # build dependency (libz) diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 5080c57908b4..08c141052879 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -68,9 +68,6 @@ export LDFLAGS=' --coverage' make clean cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.py full -# Enable some deprecated features that are not in the -# full config, but are compatible with it and have tests. -scripts/config.py set MBEDTLS_SSL_PROTO_SSL3 make -j From 1093d9f9afa89f310ef0b569a53c28b13f4b004a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 13 Apr 2020 01:03:21 +0200 Subject: [PATCH 22/81] all.sh: reorganize testing around deprecated features build_deprecated combined the testing of deprecated features, and testing of the build without deprecated features. Also, it violated the component naming convention by being called build_xxx but running tests. Replace it by: * test_default_no_deprecated: check that you can remove deprecated features from the default build. * test_full_no_deprecated: check that the library builds when deprecated features are disabled (and incidentally that the tests run). * test_no_deprecated_warning: check that there are no warnings when deprecated features are disabled and MBEDTLS_DEPRECATED_WARNING is enabled. * test_deprecated: test the deprecated features. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 55 +++++++++++++++++++++++++++++++------------- 1 file changed, 39 insertions(+), 16 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9fd6522e72f6..83d2d1bfe5c2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -897,26 +897,49 @@ component_test_full_cmake_clang () { if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } -component_build_deprecated () { - msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s +component_test_default_no_deprecated () { + msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s + scripts/config.py set MBEDTLS_DEPRECATED_REMOVED + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + + msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s + make test +} + +component_test_full_no_deprecated () { + msg "build: make, full_non_deprecated config" # ~ 30s + scripts/config.py full_non_deprecated + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + + msg "test: make, full_non_deprecated config" # ~ 5s + make test +} + +component_test_no_deprecated_warning () { + msg "build: make, full_non_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s + scripts/config.py full_non_deprecated + scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED + scripts/config.py set MBEDTLS_DEPRECATED_WARNING + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + + msg "test: make, full_non_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s + make test +} + +component_test_deprecated () { + msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s scripts/config.py full scripts/config.py set MBEDTLS_DEPRECATED_WARNING - # Build with -O -Wextra to catch a maximum of issues. - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests + # Expect warnings from '#warning' directives in check_config.h. + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs - msg "test: make, full config + DEPRECATED_WARNING, expect warnings" # ~ 30s - make -C tests clean - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -DMBEDTLS_TEST_DEPRECATED' tests + msg "build: make tests, full config + MBEDTLS_TEST_DEPRECATED, expect warnings" # ~ 30s + # Expect warnings from '#warning' directives in check_config.h and + # from the use of deprecated functions in test suites. + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests - msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s - # No cleanup, just tweak the configuration and rebuild - make clean - scripts/config.py unset MBEDTLS_DEPRECATED_WARNING - scripts/config.py set MBEDTLS_DEPRECATED_REMOVED - # Build with -O -Wextra to catch a maximum of issues. - make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs - make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests + msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s + make test } # Check that the specified libraries exist and are empty. From c9d0433ecef36120bee71deefcf98c0b2f9513c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 Apr 2020 20:50:17 +0200 Subject: [PATCH 23/81] Improve the description of EXCLUDED_FROM_FULL Every boolean (defined/undefined) symbol is a "variant toggle" in some sense, even enabling a module with MBEDTLS_xxx_C. What matters is whether the symbol influences some other part of the system in such a way that we need to run tests separately with and without it being defined. Signed-off-by: Gilles Peskine --- scripts/config.py | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index aeba64f26019..bc9a5147c85c 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -163,38 +163,39 @@ def realfull_adapter(_name, active, section): # together. This includes deprecated or insecure options. It excludes: # * Options that require additional build dependencies or unusual hardware. # * Options that make testing less effective. -# * Options that are incompatible with other options. +# * Options that are incompatible with other options, or more generally that +# interact with other parts of the code in such a way that a bulk enabling +# is not a good way to test them. # * Options that remove features. -# * Options that are variants, so that we need to test both with and without. EXCLUDE_FROM_FULL = frozenset([ #pylint: disable=line-too-long - 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # variant toggle + 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options - 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # variant toggle + 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS 'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO - 'MBEDTLS_ENTROPY_FORCE_SHA256', # variant toggle + 'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_HAVE_SSE2', # hardware dependency 'MBEDTLS_MEMORY_BACKTRACE', # depends on MEMORY_BUFFER_ALLOC_C 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', # makes sanitizers (e.g. ASan) less effective 'MBEDTLS_MEMORY_DEBUG', # depends on MEMORY_BUFFER_ALLOC_C - 'MBEDTLS_NO_64BIT_MULTIPLICATION', # variant toggle + 'MBEDTLS_NO_64BIT_MULTIPLICATION', # influences anything that uses bignum 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature 'MBEDTLS_NO_PLATFORM_ENTROPY', # removes a feature - 'MBEDTLS_NO_UDBL_DIVISION', # variant toggle + 'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum 'MBEDTLS_PKCS11_C', # build dependecy (libpkcs11-helper) 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', # similar to non-platform xxx_ALT, requires platform_alt.h - 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # variant toggle + 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # platform dependency (PSA SPM) (at this time) 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', # removes a feature - 'MBEDTLS_RSA_NO_CRT', # variant toggle + 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA512_NO_SHA384', # removes a feature 'MBEDTLS_SSL_HW_RECORD_ACCEL', # build dependency (hook functions) 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature - 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # variant toggle + 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS 'MBEDTLS_ZLIB_SUPPORT', # build dependency (libz) ]) From 659db005176b3872b2de3f1edbbd48a0245542ab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 Apr 2020 20:54:01 +0200 Subject: [PATCH 24/81] Clarify that EXCLUDE_FROM_FULL has exceptions from is_seamless_alt Signed-off-by: Gilles Peskine --- scripts/config.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index bc9a5147c85c..ecf95d1653c0 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -210,6 +210,9 @@ def is_seamless_alt(name): Exclude alternative implementations of library functions since they require an implementation of the relevant functions and an xxx_alt.h header. + + If a symbol matches this naming pattern but doesn't behave like the others, + list it in EXCLUDE_FROM_FULL. """ return name.startswith('MBEDTLS_PLATFORM_') From 98f8f95208ab634bb6af9f0c95d776cf27278fbc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Apr 2020 15:38:39 +0200 Subject: [PATCH 25/81] Minor improvements to the description of full and baremetal Signed-off-by: Gilles Peskine --- scripts/config.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index ecf95d1653c0..8aca1f48b146 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -183,7 +183,7 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature 'MBEDTLS_NO_PLATFORM_ENTROPY', # removes a feature 'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum - 'MBEDTLS_PKCS11_C', # build dependecy (libpkcs11-helper) + 'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper) 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', # similar to non-platform xxx_ALT, requires platform_alt.h 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # platform dependency (PSA SPM) (at this time) @@ -237,16 +237,16 @@ def full_adapter(name, active, section): # need to be repeated here. EXCLUDE_FROM_BAREMETAL = frozenset([ #pylint: disable=line-too-long - 'MBEDTLS_ENTROPY_NV_SEED', # requires FS_IO or alternate NV seed hooks + 'MBEDTLS_ENTROPY_NV_SEED', # requires a filesystem and FS_IO or alternate NV seed hooks 'MBEDTLS_FS_IO', # requires a filesystem 'MBEDTLS_HAVEGE_C', # requires a clock 'MBEDTLS_HAVE_TIME', # requires a clock 'MBEDTLS_HAVE_TIME_DATE', # requires a clock 'MBEDTLS_NET_C', # requires POSIX-like networking 'MBEDTLS_PLATFORM_FPRINTF_ALT', # requires FILE* from stdio.h - 'MBEDTLS_PLATFORM_NV_SEED_ALT', # requires a filesystem - 'MBEDTLS_PLATFORM_TIME_ALT', # requires timing - 'MBEDTLS_PSA_CRYPTO_SE_C', # requires a filesystem + 'MBEDTLS_PLATFORM_NV_SEED_ALT', # requires a filesystem and ENTROPY_NV_SEED + 'MBEDTLS_PLATFORM_TIME_ALT', # requires a clock and HAVE_TIME + 'MBEDTLS_PSA_CRYPTO_SE_C', # requires a filesystem and PSA_CRYPTO_STORAGE_C 'MBEDTLS_PSA_CRYPTO_STORAGE_C', # requires a filesystem 'MBEDTLS_PSA_ITS_FILE_C', # requires a filesystem 'MBEDTLS_THREADING_C', # requires a threading interface From c34faba8fcad18bdf1e1e8480987f522f4c0d99e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Apr 2020 15:44:14 +0200 Subject: [PATCH 26/81] List MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT in is_seamless_alt Group all the logic about _ALT symbols in one place, even the lone exception. Signed-off-by: Gilles Peskine --- scripts/config.py | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 8aca1f48b146..8f69f9fb04fd 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -185,7 +185,6 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum 'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper) 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature - 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', # similar to non-platform xxx_ALT, requires platform_alt.h 'MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER', # platform dependency (PSA SPM) (at this time) 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) @@ -200,9 +199,9 @@ def realfull_adapter(_name, active, section): ]) def is_seamless_alt(name): - """Include xxx_ALT symbols that don't have external dependencies. + """Whether the xxx_ALT symbol should be included in the full configuration. - Include alternative implementations of platform functions, which are + Include alternative implementations of platform functions, which are configurable function pointers that default to the built-in function. This way we test that the function pointers exist and build correctly without changing the behavior, and tests can verify that the function @@ -210,10 +209,10 @@ def is_seamless_alt(name): Exclude alternative implementations of library functions since they require an implementation of the relevant functions and an xxx_alt.h header. - - If a symbol matches this naming pattern but doesn't behave like the others, - list it in EXCLUDE_FROM_FULL. """ + if name == 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT': + # Similar to non-platform xxx_ALT, requires platform_alt.h + return False return name.startswith('MBEDTLS_PLATFORM_') def include_in_full(name): From 30de2e84ef9c11564d64c54d6594fdccbe805355 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 20 Apr 2020 21:39:22 +0200 Subject: [PATCH 27/81] Make no_deprecated naming more consistent Use "no_deprecated" both in the name of the configuration and in the name of all.sh components, rather than a mixture of "no_deprecated" and "non_deprecated". Make all.sh component names more consistent. Signed-off-by: Gilles Peskine --- scripts/config.py | 6 +++--- tests/scripts/all.sh | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 8f69f9fb04fd..63d052ba64cd 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -302,10 +302,10 @@ def continuation(name, active, section): 'MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO', ]) -def non_deprecated_adapter(adapter): +def no_deprecated_adapter(adapter): """Modify an adapter to disable deprecated symbols. - ``non_deprecated_adapter(adapter)(name, active, section)`` is like + ``no_deprecated_adapter(adapter)(name, active, section)`` is like ``adapter(name, active, section)``, but unsets all deprecated symbols and sets ``MBEDTLS_DEPRECATED_REMOVED``. """ @@ -480,7 +480,7 @@ def add_adapter(name, function, description): Exclude alternative implementations and platform support options, as well as some options that are awkward to test. """) - add_adapter('full_non_deprecated', non_deprecated_adapter(full_adapter), + add_adapter('full_no_deprecated', no_deprecated_adapter(full_adapter), """Uncomment most non-deprecated features. Like "full", but without deprecated features. """) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 83d2d1bfe5c2..4a142c7dfa27 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -907,22 +907,22 @@ component_test_default_no_deprecated () { } component_test_full_no_deprecated () { - msg "build: make, full_non_deprecated config" # ~ 30s - scripts/config.py full_non_deprecated + msg "build: make, full_no_deprecated config" # ~ 30s + scripts/config.py full_no_deprecated make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' - msg "test: make, full_non_deprecated config" # ~ 5s + msg "test: make, full_no_deprecated config" # ~ 5s make test } -component_test_no_deprecated_warning () { - msg "build: make, full_non_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s - scripts/config.py full_non_deprecated +component_test_full_no_deprecated_warning () { + msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s + scripts/config.py full_no_deprecated scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED scripts/config.py set MBEDTLS_DEPRECATED_WARNING make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' - msg "test: make, full_non_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s + msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s make test } From d3085ab2b856692960b0574013c28f36f8883bdf Mon Sep 17 00:00:00 2001 From: irwir Date: Tue, 21 Apr 2020 22:26:05 +0300 Subject: [PATCH 28/81] Avoid re-assigning zero to `ret` variable. Resolve #3182. Signed-off-by: irwir --- library/ssl_tls.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index dbc5a3e8801d..ccfc4bdaa89f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2747,9 +2747,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) { ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) - ret = 0; - else + if( authmode != MBEDTLS_SSL_VERIFY_OPTIONAL ) ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; goto exit; From 8663c7415a7970798345170f62002265a6bf26e9 Mon Sep 17 00:00:00 2001 From: Gaurav Aggarwal Date: Tue, 21 Apr 2020 14:04:19 -0700 Subject: [PATCH 29/81] Remove error_description variable from strerr functions This was suggested on this PR: https://github.com/ARMmbed/mbedtls/pull/3176 Signed-off-by: Gaurav Aggarwal --- library/error.c | 765 ++++++++++++----------------------- scripts/data_files/error.fmt | 6 +- scripts/generate_errors.pl | 3 +- 3 files changed, 258 insertions(+), 516 deletions(-) diff --git a/library/error.c b/library/error.c index 38b658006d08..e60082fcdb1d 100644 --- a/library/error.c +++ b/library/error.c @@ -216,7 +216,6 @@ const char * mbedtls_high_level_strerr( int error_code ) { int high_level_error_code; - const char *error_description = NULL; if( error_code < 0 ) error_code = -error_code; @@ -229,497 +228,343 @@ const char * mbedtls_high_level_strerr( int error_code ) /* Begin Auto-Generated Code. */ #if defined(MBEDTLS_CIPHER_C) case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE): - error_description = "CIPHER - The selected feature is not available"; - break; + return "CIPHER - The selected feature is not available"; case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA): - error_description = "CIPHER - Bad input parameters"; - break; + return "CIPHER - Bad input parameters"; case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED): - error_description = "CIPHER - Failed to allocate memory"; - break; + return "CIPHER - Failed to allocate memory"; case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING): - error_description = "CIPHER - Input data contains invalid padding and is rejected"; - break; + return "CIPHER - Input data contains invalid padding and is rejected"; case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED): - error_description = "CIPHER - Decryption of block requires a full block"; - break; + return "CIPHER - Decryption of block requires a full block"; case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED): - error_description = "CIPHER - Authentication failed (for AEAD modes)"; - break; + return "CIPHER - Authentication failed (for AEAD modes)"; case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT): - error_description = "CIPHER - The context is invalid. For example, because it was freed"; - break; + return "CIPHER - The context is invalid. For example, because it was freed"; case -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED): - error_description = "CIPHER - Cipher hardware accelerator failed"; - break; + return "CIPHER - Cipher hardware accelerator failed"; #endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_DHM_C) case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA): - error_description = "DHM - Bad input parameters"; - break; + return "DHM - Bad input parameters"; case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED): - error_description = "DHM - Reading of the DHM parameters failed"; - break; + return "DHM - Reading of the DHM parameters failed"; case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED): - error_description = "DHM - Making of the DHM parameters failed"; - break; + return "DHM - Making of the DHM parameters failed"; case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED): - error_description = "DHM - Reading of the public values failed"; - break; + return "DHM - Reading of the public values failed"; case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED): - error_description = "DHM - Making of the public value failed"; - break; + return "DHM - Making of the public value failed"; case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED): - error_description = "DHM - Calculation of the DHM secret failed"; - break; + return "DHM - Calculation of the DHM secret failed"; case -(MBEDTLS_ERR_DHM_INVALID_FORMAT): - error_description = "DHM - The ASN.1 data is not formatted correctly"; - break; + return "DHM - The ASN.1 data is not formatted correctly"; case -(MBEDTLS_ERR_DHM_ALLOC_FAILED): - error_description = "DHM - Allocation of memory failed"; - break; + return "DHM - Allocation of memory failed"; case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR): - error_description = "DHM - Read or write of file failed"; - break; + return "DHM - Read or write of file failed"; case -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED): - error_description = "DHM - DHM hardware accelerator failed"; - break; + return "DHM - DHM hardware accelerator failed"; case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED): - error_description = "DHM - Setting the modulus and generator failed"; - break; + return "DHM - Setting the modulus and generator failed"; #endif /* MBEDTLS_DHM_C */ #if defined(MBEDTLS_ECP_C) case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA): - error_description = "ECP - Bad input parameters to function"; - break; + return "ECP - Bad input parameters to function"; case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL): - error_description = "ECP - The buffer is too small to write to"; - break; + return "ECP - The buffer is too small to write to"; case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE): - error_description = "ECP - The requested feature is not available, for example, the requested curve is not supported"; - break; + return "ECP - The requested feature is not available, for example, the requested curve is not supported"; case -(MBEDTLS_ERR_ECP_VERIFY_FAILED): - error_description = "ECP - The signature is not valid"; - break; + return "ECP - The signature is not valid"; case -(MBEDTLS_ERR_ECP_ALLOC_FAILED): - error_description = "ECP - Memory allocation failed"; - break; + return "ECP - Memory allocation failed"; case -(MBEDTLS_ERR_ECP_RANDOM_FAILED): - error_description = "ECP - Generation of random value, such as ephemeral key, failed"; - break; + return "ECP - Generation of random value, such as ephemeral key, failed"; case -(MBEDTLS_ERR_ECP_INVALID_KEY): - error_description = "ECP - Invalid private or public key"; - break; + return "ECP - Invalid private or public key"; case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH): - error_description = "ECP - The buffer contains a valid signature followed by more data"; - break; + return "ECP - The buffer contains a valid signature followed by more data"; case -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED): - error_description = "ECP - The ECP hardware accelerator failed"; - break; + return "ECP - The ECP hardware accelerator failed"; case -(MBEDTLS_ERR_ECP_IN_PROGRESS): - error_description = "ECP - Operation in progress, call again with the same parameters to continue"; - break; + return "ECP - Operation in progress, call again with the same parameters to continue"; #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_MD_C) case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE): - error_description = "MD - The selected feature is not available"; - break; + return "MD - The selected feature is not available"; case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA): - error_description = "MD - Bad input parameters to function"; - break; + return "MD - Bad input parameters to function"; case -(MBEDTLS_ERR_MD_ALLOC_FAILED): - error_description = "MD - Failed to allocate memory"; - break; + return "MD - Failed to allocate memory"; case -(MBEDTLS_ERR_MD_FILE_IO_ERROR): - error_description = "MD - Opening or reading of file failed"; - break; + return "MD - Opening or reading of file failed"; case -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED): - error_description = "MD - MD hardware accelerator failed"; - break; + return "MD - MD hardware accelerator failed"; #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT): - error_description = "PEM - No PEM header or footer found"; - break; + return "PEM - No PEM header or footer found"; case -(MBEDTLS_ERR_PEM_INVALID_DATA): - error_description = "PEM - PEM string is not as expected"; - break; + return "PEM - PEM string is not as expected"; case -(MBEDTLS_ERR_PEM_ALLOC_FAILED): - error_description = "PEM - Failed to allocate memory"; - break; + return "PEM - Failed to allocate memory"; case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV): - error_description = "PEM - RSA IV is not in hex-format"; - break; + return "PEM - RSA IV is not in hex-format"; case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG): - error_description = "PEM - Unsupported key encryption algorithm"; - break; + return "PEM - Unsupported key encryption algorithm"; case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED): - error_description = "PEM - Private key password can't be empty"; - break; + return "PEM - Private key password can't be empty"; case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH): - error_description = "PEM - Given private key password does not allow for correct decryption"; - break; + return "PEM - Given private key password does not allow for correct decryption"; case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE): - error_description = "PEM - Unavailable feature, e.g. hashing/encryption combination"; - break; + return "PEM - Unavailable feature, e.g. hashing/encryption combination"; case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA): - error_description = "PEM - Bad input parameters to function"; - break; + return "PEM - Bad input parameters to function"; #endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ #if defined(MBEDTLS_PK_C) case -(MBEDTLS_ERR_PK_ALLOC_FAILED): - error_description = "PK - Memory allocation failed"; - break; + return "PK - Memory allocation failed"; case -(MBEDTLS_ERR_PK_TYPE_MISMATCH): - error_description = "PK - Type mismatch, eg attempt to encrypt with an ECDSA key"; - break; + return "PK - Type mismatch, eg attempt to encrypt with an ECDSA key"; case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA): - error_description = "PK - Bad input parameters to function"; - break; + return "PK - Bad input parameters to function"; case -(MBEDTLS_ERR_PK_FILE_IO_ERROR): - error_description = "PK - Read/write of file failed"; - break; + return "PK - Read/write of file failed"; case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION): - error_description = "PK - Unsupported key version"; - break; + return "PK - Unsupported key version"; case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT): - error_description = "PK - Invalid key tag or value"; - break; + return "PK - Invalid key tag or value"; case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG): - error_description = "PK - Key algorithm is unsupported (only RSA and EC are supported)"; - break; + return "PK - Key algorithm is unsupported (only RSA and EC are supported)"; case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED): - error_description = "PK - Private key password can't be empty"; - break; + return "PK - Private key password can't be empty"; case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH): - error_description = "PK - Given private key password does not allow for correct decryption"; - break; + return "PK - Given private key password does not allow for correct decryption"; case -(MBEDTLS_ERR_PK_INVALID_PUBKEY): - error_description = "PK - The pubkey tag or value is invalid (only RSA and EC are supported)"; - break; + return "PK - The pubkey tag or value is invalid (only RSA and EC are supported)"; case -(MBEDTLS_ERR_PK_INVALID_ALG): - error_description = "PK - The algorithm tag or value is invalid"; - break; + return "PK - The algorithm tag or value is invalid"; case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE): - error_description = "PK - Elliptic curve is unsupported (only NIST curves are supported)"; - break; + return "PK - Elliptic curve is unsupported (only NIST curves are supported)"; case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE): - error_description = "PK - Unavailable feature, e.g. RSA disabled for RSA key"; - break; + return "PK - Unavailable feature, e.g. RSA disabled for RSA key"; case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH): - error_description = "PK - The buffer contains a valid signature followed by more data"; - break; + return "PK - The buffer contains a valid signature followed by more data"; case -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED): - error_description = "PK - PK hardware accelerator failed"; - break; + return "PK - PK hardware accelerator failed"; #endif /* MBEDTLS_PK_C */ #if defined(MBEDTLS_PKCS12_C) case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA): - error_description = "PKCS12 - Bad input parameters to function"; - break; + return "PKCS12 - Bad input parameters to function"; case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE): - error_description = "PKCS12 - Feature not available, e.g. unsupported encryption scheme"; - break; + return "PKCS12 - Feature not available, e.g. unsupported encryption scheme"; case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT): - error_description = "PKCS12 - PBE ASN.1 data not as expected"; - break; + return "PKCS12 - PBE ASN.1 data not as expected"; case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH): - error_description = "PKCS12 - Given private key password does not allow for correct decryption"; - break; + return "PKCS12 - Given private key password does not allow for correct decryption"; #endif /* MBEDTLS_PKCS12_C */ #if defined(MBEDTLS_PKCS5_C) case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA): - error_description = "PKCS5 - Bad input parameters to function"; - break; + return "PKCS5 - Bad input parameters to function"; case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT): - error_description = "PKCS5 - Unexpected ASN.1 data"; - break; + return "PKCS5 - Unexpected ASN.1 data"; case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE): - error_description = "PKCS5 - Requested encryption or digest alg not available"; - break; + return "PKCS5 - Requested encryption or digest alg not available"; case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH): - error_description = "PKCS5 - Given private key password does not allow for correct decryption"; - break; + return "PKCS5 - Given private key password does not allow for correct decryption"; #endif /* MBEDTLS_PKCS5_C */ #if defined(MBEDTLS_RSA_C) case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA): - error_description = "RSA - Bad input parameters to function"; - break; + return "RSA - Bad input parameters to function"; case -(MBEDTLS_ERR_RSA_INVALID_PADDING): - error_description = "RSA - Input data contains invalid padding and is rejected"; - break; + return "RSA - Input data contains invalid padding and is rejected"; case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED): - error_description = "RSA - Something failed during generation of a key"; - break; + return "RSA - Something failed during generation of a key"; case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED): - error_description = "RSA - Key failed to pass the validity check of the library"; - break; + return "RSA - Key failed to pass the validity check of the library"; case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED): - error_description = "RSA - The public key operation failed"; - break; + return "RSA - The public key operation failed"; case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED): - error_description = "RSA - The private key operation failed"; - break; + return "RSA - The private key operation failed"; case -(MBEDTLS_ERR_RSA_VERIFY_FAILED): - error_description = "RSA - The PKCS#1 verification failed"; - break; + return "RSA - The PKCS#1 verification failed"; case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE): - error_description = "RSA - The output buffer for decryption is not large enough"; - break; + return "RSA - The output buffer for decryption is not large enough"; case -(MBEDTLS_ERR_RSA_RNG_FAILED): - error_description = "RSA - The random generator failed to generate non-zeros"; - break; + return "RSA - The random generator failed to generate non-zeros"; case -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION): - error_description = "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality"; - break; + return "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality"; case -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED): - error_description = "RSA - RSA hardware accelerator failed"; - break; + return "RSA - RSA hardware accelerator failed"; #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_SSL_TLS_C) case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE): - error_description = "SSL - The requested feature is not available"; - break; + return "SSL - The requested feature is not available"; case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA): - error_description = "SSL - Bad input parameters to function"; - break; + return "SSL - Bad input parameters to function"; case -(MBEDTLS_ERR_SSL_INVALID_MAC): - error_description = "SSL - Verification of the message MAC failed"; - break; + return "SSL - Verification of the message MAC failed"; case -(MBEDTLS_ERR_SSL_INVALID_RECORD): - error_description = "SSL - An invalid SSL record was received"; - break; + return "SSL - An invalid SSL record was received"; case -(MBEDTLS_ERR_SSL_CONN_EOF): - error_description = "SSL - The connection indicated an EOF"; - break; + return "SSL - The connection indicated an EOF"; case -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER): - error_description = "SSL - An unknown cipher was received"; - break; + return "SSL - An unknown cipher was received"; case -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN): - error_description = "SSL - The server has no ciphersuites in common with the client"; - break; + return "SSL - The server has no ciphersuites in common with the client"; case -(MBEDTLS_ERR_SSL_NO_RNG): - error_description = "SSL - No RNG was provided to the SSL module"; - break; + return "SSL - No RNG was provided to the SSL module"; case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): - error_description = "SSL - No client certification received from the client, but required by the authentication mode"; - break; + return "SSL - No client certification received from the client, but required by the authentication mode"; case -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE): - error_description = "SSL - Our own certificate(s) is/are too large to send in an SSL message"; - break; + return "SSL - Our own certificate(s) is/are too large to send in an SSL message"; case -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED): - error_description = "SSL - The own certificate is not set, but needed by the server"; - break; + return "SSL - The own certificate is not set, but needed by the server"; case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): - error_description = "SSL - The own private key or pre-shared key is not set, but needed"; - break; + return "SSL - The own private key or pre-shared key is not set, but needed"; case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED): - error_description = "SSL - No CA Chain is set, but required to operate"; - break; + return "SSL - No CA Chain is set, but required to operate"; case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE): - error_description = "SSL - An unexpected message was received from our peer"; - break; + return "SSL - An unexpected message was received from our peer"; case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE): - error_description = "SSL - A fatal alert message was received from our peer"; - break; + return "SSL - A fatal alert message was received from our peer"; case -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED): - error_description = "SSL - Verification of our peer failed"; - break; + return "SSL - Verification of our peer failed"; case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY): - error_description = "SSL - The peer notified us that the connection is going to be closed"; - break; + return "SSL - The peer notified us that the connection is going to be closed"; case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO): - error_description = "SSL - Processing of the ClientHello handshake message failed"; - break; + return "SSL - Processing of the ClientHello handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO): - error_description = "SSL - Processing of the ServerHello handshake message failed"; - break; + return "SSL - Processing of the ServerHello handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE): - error_description = "SSL - Processing of the Certificate handshake message failed"; - break; + return "SSL - Processing of the Certificate handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST): - error_description = "SSL - Processing of the CertificateRequest handshake message failed"; - break; + return "SSL - Processing of the CertificateRequest handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE): - error_description = "SSL - Processing of the ServerKeyExchange handshake message failed"; - break; + return "SSL - Processing of the ServerKeyExchange handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE): - error_description = "SSL - Processing of the ServerHelloDone handshake message failed"; - break; + return "SSL - Processing of the ServerHelloDone handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE): - error_description = "SSL - Processing of the ClientKeyExchange handshake message failed"; - break; + return "SSL - Processing of the ClientKeyExchange handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP): - error_description = "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public"; - break; + return "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public"; case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS): - error_description = "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret"; - break; + return "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret"; case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY): - error_description = "SSL - Processing of the CertificateVerify handshake message failed"; - break; + return "SSL - Processing of the CertificateVerify handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC): - error_description = "SSL - Processing of the ChangeCipherSpec handshake message failed"; - break; + return "SSL - Processing of the ChangeCipherSpec handshake message failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED): - error_description = "SSL - Processing of the Finished handshake message failed"; - break; + return "SSL - Processing of the Finished handshake message failed"; case -(MBEDTLS_ERR_SSL_ALLOC_FAILED): - error_description = "SSL - Memory allocation failed"; - break; + return "SSL - Memory allocation failed"; case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED): - error_description = "SSL - Hardware acceleration function returned with error"; - break; + return "SSL - Hardware acceleration function returned with error"; case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH): - error_description = "SSL - Hardware acceleration function skipped / left alone data"; - break; + return "SSL - Hardware acceleration function skipped / left alone data"; case -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED): - error_description = "SSL - Processing of the compression / decompression failed"; - break; + return "SSL - Processing of the compression / decompression failed"; case -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION): - error_description = "SSL - Handshake protocol not within min/max boundaries"; - break; + return "SSL - Handshake protocol not within min/max boundaries"; case -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET): - error_description = "SSL - Processing of the NewSessionTicket handshake message failed"; - break; + return "SSL - Processing of the NewSessionTicket handshake message failed"; case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED): - error_description = "SSL - Session ticket has expired"; - break; + return "SSL - Session ticket has expired"; case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH): - error_description = "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)"; - break; + return "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)"; case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY): - error_description = "SSL - Unknown identity received (eg, PSK identity)"; - break; + return "SSL - Unknown identity received (eg, PSK identity)"; case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR): - error_description = "SSL - Internal error (eg, unexpected failure in lower-level module)"; - break; + return "SSL - Internal error (eg, unexpected failure in lower-level module)"; case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING): - error_description = "SSL - A counter would wrap (eg, too many messages exchanged)"; - break; + return "SSL - A counter would wrap (eg, too many messages exchanged)"; case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO): - error_description = "SSL - Unexpected message at ServerHello in renegotiation"; - break; + return "SSL - Unexpected message at ServerHello in renegotiation"; case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED): - error_description = "SSL - DTLS client must retry for hello verification"; - break; + return "SSL - DTLS client must retry for hello verification"; case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL): - error_description = "SSL - A buffer is too small to receive or write a message"; - break; + return "SSL - A buffer is too small to receive or write a message"; case -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE): - error_description = "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)"; - break; + return "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)"; case -(MBEDTLS_ERR_SSL_WANT_READ): - error_description = "SSL - No data of requested type currently available on underlying transport"; - break; + return "SSL - No data of requested type currently available on underlying transport"; case -(MBEDTLS_ERR_SSL_WANT_WRITE): - error_description = "SSL - Connection requires a write call"; - break; + return "SSL - Connection requires a write call"; case -(MBEDTLS_ERR_SSL_TIMEOUT): - error_description = "SSL - The operation timed out"; - break; + return "SSL - The operation timed out"; case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT): - error_description = "SSL - The client initiated a reconnect from the same port"; - break; + return "SSL - The client initiated a reconnect from the same port"; case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD): - error_description = "SSL - Record header looks valid but is not expected"; - break; + return "SSL - Record header looks valid but is not expected"; case -(MBEDTLS_ERR_SSL_NON_FATAL): - error_description = "SSL - The alert message received indicates a non-fatal error"; - break; + return "SSL - The alert message received indicates a non-fatal error"; case -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH): - error_description = "SSL - Couldn't set the hash for verifying CertificateVerify"; - break; + return "SSL - Couldn't set the hash for verifying CertificateVerify"; case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING): - error_description = "SSL - Internal-only message signaling that further message-processing should be done"; - break; + return "SSL - Internal-only message signaling that further message-processing should be done"; case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS): - error_description = "SSL - The asynchronous operation is not completed yet"; - break; + return "SSL - The asynchronous operation is not completed yet"; case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE): - error_description = "SSL - Internal-only message signaling that a message arrived early"; - break; + return "SSL - Internal-only message signaling that a message arrived early"; case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID): - error_description = "SSL - An encrypted DTLS-frame with an unexpected CID was received"; - break; + return "SSL - An encrypted DTLS-frame with an unexpected CID was received"; case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH): - error_description = "SSL - An operation failed due to an unexpected version or configuration"; - break; + return "SSL - An operation failed due to an unexpected version or configuration"; case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS): - error_description = "SSL - A cryptographic operation is in progress. Try again later"; - break; + return "SSL - A cryptographic operation is in progress. Try again later"; #endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE): - error_description = "X509 - Unavailable feature, e.g. RSA hashing/encryption combination"; - break; + return "X509 - Unavailable feature, e.g. RSA hashing/encryption combination"; case -(MBEDTLS_ERR_X509_UNKNOWN_OID): - error_description = "X509 - Requested OID is unknown"; - break; + return "X509 - Requested OID is unknown"; case -(MBEDTLS_ERR_X509_INVALID_FORMAT): - error_description = "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected"; - break; + return "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected"; case -(MBEDTLS_ERR_X509_INVALID_VERSION): - error_description = "X509 - The CRT/CRL/CSR version element is invalid"; - break; + return "X509 - The CRT/CRL/CSR version element is invalid"; case -(MBEDTLS_ERR_X509_INVALID_SERIAL): - error_description = "X509 - The serial tag or value is invalid"; - break; + return "X509 - The serial tag or value is invalid"; case -(MBEDTLS_ERR_X509_INVALID_ALG): - error_description = "X509 - The algorithm tag or value is invalid"; - break; + return "X509 - The algorithm tag or value is invalid"; case -(MBEDTLS_ERR_X509_INVALID_NAME): - error_description = "X509 - The name tag or value is invalid"; - break; + return "X509 - The name tag or value is invalid"; case -(MBEDTLS_ERR_X509_INVALID_DATE): - error_description = "X509 - The date tag or value is invalid"; - break; + return "X509 - The date tag or value is invalid"; case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE): - error_description = "X509 - The signature tag or value invalid"; - break; + return "X509 - The signature tag or value invalid"; case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS): - error_description = "X509 - The extension tag or value is invalid"; - break; + return "X509 - The extension tag or value is invalid"; case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION): - error_description = "X509 - CRT/CRL/CSR has an unsupported version number"; - break; + return "X509 - CRT/CRL/CSR has an unsupported version number"; case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG): - error_description = "X509 - Signature algorithm (oid) is unsupported"; - break; + return "X509 - Signature algorithm (oid) is unsupported"; case -(MBEDTLS_ERR_X509_SIG_MISMATCH): - error_description = "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)"; - break; + return "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)"; case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED): - error_description = "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed"; - break; + return "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed"; case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT): - error_description = "X509 - Format not recognized as DER or PEM"; - break; + return "X509 - Format not recognized as DER or PEM"; case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA): - error_description = "X509 - Input invalid"; - break; + return "X509 - Input invalid"; case -(MBEDTLS_ERR_X509_ALLOC_FAILED): - error_description = "X509 - Allocation of memory failed"; - break; + return "X509 - Allocation of memory failed"; case -(MBEDTLS_ERR_X509_FILE_IO_ERROR): - error_description = "X509 - Read/write of file failed"; - break; + return "X509 - Read/write of file failed"; case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL): - error_description = "X509 - Destination buffer is too small"; - break; + return "X509 - Destination buffer is too small"; case -(MBEDTLS_ERR_X509_FATAL_ERROR): - error_description = "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed"; - break; + return "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed"; #endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ /* End Auto-Generated Code. */ @@ -727,13 +572,12 @@ const char * mbedtls_high_level_strerr( int error_code ) break; } - return error_description; + return NULL; } const char * mbedtls_low_level_strerr( int error_code ) { int low_level_error_code; - const char *error_description = NULL; if( error_code < 0 ) error_code = -error_code; @@ -746,398 +590,299 @@ const char * mbedtls_low_level_strerr( int error_code ) /* Begin Auto-Generated Code. */ #if defined(MBEDTLS_AES_C) case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH): - error_description = "AES - Invalid key length"; - break; + return "AES - Invalid key length"; case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH): - error_description = "AES - Invalid data input length"; - break; + return "AES - Invalid data input length"; case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA): - error_description = "AES - Invalid input data"; - break; + return "AES - Invalid input data"; case -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE): - error_description = "AES - Feature not available. For example, an unsupported AES key size"; - break; + return "AES - Feature not available. For example, an unsupported AES key size"; case -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED): - error_description = "AES - AES hardware accelerator failed"; - break; + return "AES - AES hardware accelerator failed"; #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_ARC4_C) case -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED): - error_description = "ARC4 - ARC4 hardware accelerator failed"; - break; + return "ARC4 - ARC4 hardware accelerator failed"; #endif /* MBEDTLS_ARC4_C */ #if defined(MBEDTLS_ARIA_C) case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA): - error_description = "ARIA - Bad input data"; - break; + return "ARIA - Bad input data"; case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH): - error_description = "ARIA - Invalid data input length"; - break; + return "ARIA - Invalid data input length"; case -(MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE): - error_description = "ARIA - Feature not available. For example, an unsupported ARIA key size"; - break; + return "ARIA - Feature not available. For example, an unsupported ARIA key size"; case -(MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED): - error_description = "ARIA - ARIA hardware accelerator failed"; - break; + return "ARIA - ARIA hardware accelerator failed"; #endif /* MBEDTLS_ARIA_C */ #if defined(MBEDTLS_ASN1_PARSE_C) case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA): - error_description = "ASN1 - Out of data when parsing an ASN1 data structure"; - break; + return "ASN1 - Out of data when parsing an ASN1 data structure"; case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG): - error_description = "ASN1 - ASN1 tag was of an unexpected value"; - break; + return "ASN1 - ASN1 tag was of an unexpected value"; case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH): - error_description = "ASN1 - Error when trying to determine the length or invalid length"; - break; + return "ASN1 - Error when trying to determine the length or invalid length"; case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH): - error_description = "ASN1 - Actual length differs from expected length"; - break; + return "ASN1 - Actual length differs from expected length"; case -(MBEDTLS_ERR_ASN1_INVALID_DATA): - error_description = "ASN1 - Data is invalid"; - break; + return "ASN1 - Data is invalid"; case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED): - error_description = "ASN1 - Memory allocation failed"; - break; + return "ASN1 - Memory allocation failed"; case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL): - error_description = "ASN1 - Buffer too small when writing ASN.1 data structure"; - break; + return "ASN1 - Buffer too small when writing ASN.1 data structure"; #endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_BASE64_C) case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL): - error_description = "BASE64 - Output buffer too small"; - break; + return "BASE64 - Output buffer too small"; case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER): - error_description = "BASE64 - Invalid character in input"; - break; + return "BASE64 - Invalid character in input"; #endif /* MBEDTLS_BASE64_C */ #if defined(MBEDTLS_BIGNUM_C) case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR): - error_description = "BIGNUM - An error occurred while reading from or writing to a file"; - break; + return "BIGNUM - An error occurred while reading from or writing to a file"; case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA): - error_description = "BIGNUM - Bad input parameters to function"; - break; + return "BIGNUM - Bad input parameters to function"; case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER): - error_description = "BIGNUM - There is an invalid character in the digit string"; - break; + return "BIGNUM - There is an invalid character in the digit string"; case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL): - error_description = "BIGNUM - The buffer is too small to write to"; - break; + return "BIGNUM - The buffer is too small to write to"; case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE): - error_description = "BIGNUM - The input arguments are negative or result in illegal output"; - break; + return "BIGNUM - The input arguments are negative or result in illegal output"; case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO): - error_description = "BIGNUM - The input argument for division is zero, which is not allowed"; - break; + return "BIGNUM - The input argument for division is zero, which is not allowed"; case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE): - error_description = "BIGNUM - The input arguments are not acceptable"; - break; + return "BIGNUM - The input arguments are not acceptable"; case -(MBEDTLS_ERR_MPI_ALLOC_FAILED): - error_description = "BIGNUM - Memory allocation failed"; - break; + return "BIGNUM - Memory allocation failed"; #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_BLOWFISH_C) case -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA): - error_description = "BLOWFISH - Bad input data"; - break; + return "BLOWFISH - Bad input data"; case -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH): - error_description = "BLOWFISH - Invalid data input length"; - break; + return "BLOWFISH - Invalid data input length"; case -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED): - error_description = "BLOWFISH - Blowfish hardware accelerator failed"; - break; + return "BLOWFISH - Blowfish hardware accelerator failed"; #endif /* MBEDTLS_BLOWFISH_C */ #if defined(MBEDTLS_CAMELLIA_C) case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA): - error_description = "CAMELLIA - Bad input data"; - break; + return "CAMELLIA - Bad input data"; case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH): - error_description = "CAMELLIA - Invalid data input length"; - break; + return "CAMELLIA - Invalid data input length"; case -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED): - error_description = "CAMELLIA - Camellia hardware accelerator failed"; - break; + return "CAMELLIA - Camellia hardware accelerator failed"; #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CCM_C) case -(MBEDTLS_ERR_CCM_BAD_INPUT): - error_description = "CCM - Bad input parameters to the function"; - break; + return "CCM - Bad input parameters to the function"; case -(MBEDTLS_ERR_CCM_AUTH_FAILED): - error_description = "CCM - Authenticated decryption failed"; - break; + return "CCM - Authenticated decryption failed"; case -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED): - error_description = "CCM - CCM hardware accelerator failed"; - break; + return "CCM - CCM hardware accelerator failed"; #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHA20_C) case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA): - error_description = "CHACHA20 - Invalid input parameter(s)"; - break; + return "CHACHA20 - Invalid input parameter(s)"; case -(MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE): - error_description = "CHACHA20 - Feature not available. For example, s part of the API is not implemented"; - break; + return "CHACHA20 - Feature not available. For example, s part of the API is not implemented"; case -(MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED): - error_description = "CHACHA20 - Chacha20 hardware accelerator failed"; - break; + return "CHACHA20 - Chacha20 hardware accelerator failed"; #endif /* MBEDTLS_CHACHA20_C */ #if defined(MBEDTLS_CHACHAPOLY_C) case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE): - error_description = "CHACHAPOLY - The requested operation is not permitted in the current state"; - break; + return "CHACHAPOLY - The requested operation is not permitted in the current state"; case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED): - error_description = "CHACHAPOLY - Authenticated decryption failed: data was not authentic"; - break; + return "CHACHAPOLY - Authenticated decryption failed: data was not authentic"; #endif /* MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_CMAC_C) case -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED): - error_description = "CMAC - CMAC hardware accelerator failed"; - break; + return "CMAC - CMAC hardware accelerator failed"; #endif /* MBEDTLS_CMAC_C */ #if defined(MBEDTLS_CTR_DRBG_C) case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED): - error_description = "CTR_DRBG - The entropy source failed"; - break; + return "CTR_DRBG - The entropy source failed"; case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG): - error_description = "CTR_DRBG - The requested random buffer length is too big"; - break; + return "CTR_DRBG - The requested random buffer length is too big"; case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG): - error_description = "CTR_DRBG - The input (entropy + additional data) is too large"; - break; + return "CTR_DRBG - The input (entropy + additional data) is too large"; case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR): - error_description = "CTR_DRBG - Read or write error in file"; - break; + return "CTR_DRBG - Read or write error in file"; #endif /* MBEDTLS_CTR_DRBG_C */ #if defined(MBEDTLS_DES_C) case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH): - error_description = "DES - The data input has an invalid length"; - break; + return "DES - The data input has an invalid length"; case -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED): - error_description = "DES - DES hardware accelerator failed"; - break; + return "DES - DES hardware accelerator failed"; #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_ENTROPY_C) case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED): - error_description = "ENTROPY - Critical entropy source failure"; - break; + return "ENTROPY - Critical entropy source failure"; case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES): - error_description = "ENTROPY - No more sources can be added"; - break; + return "ENTROPY - No more sources can be added"; case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED): - error_description = "ENTROPY - No sources have been added to poll"; - break; + return "ENTROPY - No sources have been added to poll"; case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE): - error_description = "ENTROPY - No strong sources have been added to poll"; - break; + return "ENTROPY - No strong sources have been added to poll"; case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR): - error_description = "ENTROPY - Read/write error in file"; - break; + return "ENTROPY - Read/write error in file"; #endif /* MBEDTLS_ENTROPY_C */ #if defined(MBEDTLS_ERROR_C) case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR): - error_description = "ERROR - Generic error"; - break; + return "ERROR - Generic error"; case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED): - error_description = "ERROR - This is a bug in the library"; - break; + return "ERROR - This is a bug in the library"; #endif /* MBEDTLS_ERROR_C */ #if defined(MBEDTLS_GCM_C) case -(MBEDTLS_ERR_GCM_AUTH_FAILED): - error_description = "GCM - Authenticated decryption failed"; - break; + return "GCM - Authenticated decryption failed"; case -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED): - error_description = "GCM - GCM hardware accelerator failed"; - break; + return "GCM - GCM hardware accelerator failed"; case -(MBEDTLS_ERR_GCM_BAD_INPUT): - error_description = "GCM - Bad input parameters to function"; - break; + return "GCM - Bad input parameters to function"; #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_HKDF_C) case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA): - error_description = "HKDF - Bad input parameters to function"; - break; + return "HKDF - Bad input parameters to function"; #endif /* MBEDTLS_HKDF_C */ #if defined(MBEDTLS_HMAC_DRBG_C) case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG): - error_description = "HMAC_DRBG - Too many random requested in single call"; - break; + return "HMAC_DRBG - Too many random requested in single call"; case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG): - error_description = "HMAC_DRBG - Input too large (Entropy + additional)"; - break; + return "HMAC_DRBG - Input too large (Entropy + additional)"; case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR): - error_description = "HMAC_DRBG - Read/write error in file"; - break; + return "HMAC_DRBG - Read/write error in file"; case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED): - error_description = "HMAC_DRBG - The entropy source failed"; - break; + return "HMAC_DRBG - The entropy source failed"; #endif /* MBEDTLS_HMAC_DRBG_C */ #if defined(MBEDTLS_MD2_C) case -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED): - error_description = "MD2 - MD2 hardware accelerator failed"; - break; + return "MD2 - MD2 hardware accelerator failed"; #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) case -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED): - error_description = "MD4 - MD4 hardware accelerator failed"; - break; + return "MD4 - MD4 hardware accelerator failed"; #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) case -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED): - error_description = "MD5 - MD5 hardware accelerator failed"; - break; + return "MD5 - MD5 hardware accelerator failed"; #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_NET_C) case -(MBEDTLS_ERR_NET_SOCKET_FAILED): - error_description = "NET - Failed to open a socket"; - break; + return "NET - Failed to open a socket"; case -(MBEDTLS_ERR_NET_CONNECT_FAILED): - error_description = "NET - The connection to the given server / port failed"; - break; + return "NET - The connection to the given server / port failed"; case -(MBEDTLS_ERR_NET_BIND_FAILED): - error_description = "NET - Binding of the socket failed"; - break; + return "NET - Binding of the socket failed"; case -(MBEDTLS_ERR_NET_LISTEN_FAILED): - error_description = "NET - Could not listen on the socket"; - break; + return "NET - Could not listen on the socket"; case -(MBEDTLS_ERR_NET_ACCEPT_FAILED): - error_description = "NET - Could not accept the incoming connection"; - break; + return "NET - Could not accept the incoming connection"; case -(MBEDTLS_ERR_NET_RECV_FAILED): - error_description = "NET - Reading information from the socket failed"; - break; + return "NET - Reading information from the socket failed"; case -(MBEDTLS_ERR_NET_SEND_FAILED): - error_description = "NET - Sending information through the socket failed"; - break; + return "NET - Sending information through the socket failed"; case -(MBEDTLS_ERR_NET_CONN_RESET): - error_description = "NET - Connection was reset by peer"; - break; + return "NET - Connection was reset by peer"; case -(MBEDTLS_ERR_NET_UNKNOWN_HOST): - error_description = "NET - Failed to get an IP address for the given hostname"; - break; + return "NET - Failed to get an IP address for the given hostname"; case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL): - error_description = "NET - Buffer is too small to hold the data"; - break; + return "NET - Buffer is too small to hold the data"; case -(MBEDTLS_ERR_NET_INVALID_CONTEXT): - error_description = "NET - The context is invalid, eg because it was free()ed"; - break; + return "NET - The context is invalid, eg because it was free()ed"; case -(MBEDTLS_ERR_NET_POLL_FAILED): - error_description = "NET - Polling the net context failed"; - break; + return "NET - Polling the net context failed"; case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA): - error_description = "NET - Input invalid"; - break; + return "NET - Input invalid"; #endif /* MBEDTLS_NET_C */ #if defined(MBEDTLS_OID_C) case -(MBEDTLS_ERR_OID_NOT_FOUND): - error_description = "OID - OID is not found"; - break; + return "OID - OID is not found"; case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL): - error_description = "OID - output buffer is too small"; - break; + return "OID - output buffer is too small"; #endif /* MBEDTLS_OID_C */ #if defined(MBEDTLS_PADLOCK_C) case -(MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED): - error_description = "PADLOCK - Input data should be aligned"; - break; + return "PADLOCK - Input data should be aligned"; #endif /* MBEDTLS_PADLOCK_C */ #if defined(MBEDTLS_PLATFORM_C) case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): - error_description = "PLATFORM - Hardware accelerator failed"; - break; + return "PLATFORM - Hardware accelerator failed"; case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED): - error_description = "PLATFORM - The requested feature is not supported by the platform"; - break; + return "PLATFORM - The requested feature is not supported by the platform"; #endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_POLY1305_C) case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA): - error_description = "POLY1305 - Invalid input parameter(s)"; - break; + return "POLY1305 - Invalid input parameter(s)"; case -(MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE): - error_description = "POLY1305 - Feature not available. For example, s part of the API is not implemented"; - break; + return "POLY1305 - Feature not available. For example, s part of the API is not implemented"; case -(MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED): - error_description = "POLY1305 - Poly1305 hardware accelerator failed"; - break; + return "POLY1305 - Poly1305 hardware accelerator failed"; #endif /* MBEDTLS_POLY1305_C */ #if defined(MBEDTLS_RIPEMD160_C) case -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED): - error_description = "RIPEMD160 - RIPEMD160 hardware accelerator failed"; - break; + return "RIPEMD160 - RIPEMD160 hardware accelerator failed"; #endif /* MBEDTLS_RIPEMD160_C */ #if defined(MBEDTLS_SHA1_C) case -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED): - error_description = "SHA1 - SHA-1 hardware accelerator failed"; - break; + return "SHA1 - SHA-1 hardware accelerator failed"; case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA): - error_description = "SHA1 - SHA-1 input data was malformed"; - break; + return "SHA1 - SHA-1 input data was malformed"; #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) case -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED): - error_description = "SHA256 - SHA-256 hardware accelerator failed"; - break; + return "SHA256 - SHA-256 hardware accelerator failed"; case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA): - error_description = "SHA256 - SHA-256 input data was malformed"; - break; + return "SHA256 - SHA-256 input data was malformed"; #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) case -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED): - error_description = "SHA512 - SHA-512 hardware accelerator failed"; - break; + return "SHA512 - SHA-512 hardware accelerator failed"; case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA): - error_description = "SHA512 - SHA-512 input data was malformed"; - break; + return "SHA512 - SHA-512 input data was malformed"; #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_THREADING_C) case -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE): - error_description = "THREADING - The selected feature is not available"; - break; + return "THREADING - The selected feature is not available"; case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA): - error_description = "THREADING - Bad input parameters to function"; - break; + return "THREADING - Bad input parameters to function"; case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR): - error_description = "THREADING - Locking / unlocking / free failed with error code"; - break; + return "THREADING - Locking / unlocking / free failed with error code"; #endif /* MBEDTLS_THREADING_C */ #if defined(MBEDTLS_XTEA_C) case -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH): - error_description = "XTEA - The data input has an invalid length"; - break; + return "XTEA - The data input has an invalid length"; case -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED): - error_description = "XTEA - XTEA hardware accelerator failed"; - break; + return "XTEA - XTEA hardware accelerator failed"; #endif /* MBEDTLS_XTEA_C */ /* End Auto-Generated Code. */ @@ -1145,7 +890,7 @@ const char * mbedtls_low_level_strerr( int error_code ) break; } - return error_description; + return NULL; } void mbedtls_strerror( int ret, char *buf, size_t buflen ) diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 0e128e84f8b2..e908aac02f2d 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -45,7 +45,6 @@ HEADER_INCLUDED const char * mbedtls_high_level_strerr( int error_code ) { int high_level_error_code; - const char *error_description = NULL; if( error_code < 0 ) error_code = -error_code; @@ -63,13 +62,12 @@ HIGH_LEVEL_CODE_CHECKS break; } - return error_description; + return NULL; } const char * mbedtls_low_level_strerr( int error_code ) { int low_level_error_code; - const char *error_description = NULL; if( error_code < 0 ) error_code = -error_code; @@ -87,7 +85,7 @@ LOW_LEVEL_CODE_CHECKS break; } - return error_description; + return NULL; } void mbedtls_strerror( int ret, char *buf, size_t buflen ) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index cb596694cda2..5aef37ab2ff3 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -161,8 +161,7 @@ } ${$code_check} .= "${white_space}case -($error_name):\n". - "${white_space} error_description = \"$module_name - $description\";\n". - "${white_space} break;\n" + "${white_space} return \"$module_name - $description\";\n" }; if ($ll_old_define ne "") From 88d7eee00b7c5b5a08f5a78c58026a24932ec483 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 22 Apr 2020 11:07:34 +0200 Subject: [PATCH 30/81] Check for empty string in outcome file name Signed-off-by: gabor-mezei-arm --- tests/suites/host_test.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 9dde6c275419..db65c0f249be 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -551,7 +551,7 @@ int execute_tests( int argc , const char ** argv ) return( 1 ); } - if( outcome_file_name != NULL ) + if( outcome_file_name != NULL && *outcome_file_name != '\0' ) { outcome_file = fopen( outcome_file_name, "a" ); if( outcome_file == NULL ) From cabde252895bf5a6bebe3aff816aa73397d554ea Mon Sep 17 00:00:00 2001 From: Gaurav Aggarwal Date: Wed, 22 Apr 2020 08:13:25 -0700 Subject: [PATCH 31/81] Align with coding style return statements use parentheses to contain their value. Signed-off-by: Gaurav Aggarwal --- library/error.c | 510 +++++++++++++++++------------------ scripts/data_files/error.fmt | 4 +- scripts/generate_errors.pl | 2 +- 3 files changed, 258 insertions(+), 258 deletions(-) diff --git a/library/error.c b/library/error.c index e60082fcdb1d..dd9b415fdfd8 100644 --- a/library/error.c +++ b/library/error.c @@ -228,343 +228,343 @@ const char * mbedtls_high_level_strerr( int error_code ) /* Begin Auto-Generated Code. */ #if defined(MBEDTLS_CIPHER_C) case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE): - return "CIPHER - The selected feature is not available"; + return( "CIPHER - The selected feature is not available" ); case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA): - return "CIPHER - Bad input parameters"; + return( "CIPHER - Bad input parameters" ); case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED): - return "CIPHER - Failed to allocate memory"; + return( "CIPHER - Failed to allocate memory" ); case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING): - return "CIPHER - Input data contains invalid padding and is rejected"; + return( "CIPHER - Input data contains invalid padding and is rejected" ); case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED): - return "CIPHER - Decryption of block requires a full block"; + return( "CIPHER - Decryption of block requires a full block" ); case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED): - return "CIPHER - Authentication failed (for AEAD modes)"; + return( "CIPHER - Authentication failed (for AEAD modes)" ); case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT): - return "CIPHER - The context is invalid. For example, because it was freed"; + return( "CIPHER - The context is invalid. For example, because it was freed" ); case -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED): - return "CIPHER - Cipher hardware accelerator failed"; + return( "CIPHER - Cipher hardware accelerator failed" ); #endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_DHM_C) case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA): - return "DHM - Bad input parameters"; + return( "DHM - Bad input parameters" ); case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED): - return "DHM - Reading of the DHM parameters failed"; + return( "DHM - Reading of the DHM parameters failed" ); case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED): - return "DHM - Making of the DHM parameters failed"; + return( "DHM - Making of the DHM parameters failed" ); case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED): - return "DHM - Reading of the public values failed"; + return( "DHM - Reading of the public values failed" ); case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED): - return "DHM - Making of the public value failed"; + return( "DHM - Making of the public value failed" ); case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED): - return "DHM - Calculation of the DHM secret failed"; + return( "DHM - Calculation of the DHM secret failed" ); case -(MBEDTLS_ERR_DHM_INVALID_FORMAT): - return "DHM - The ASN.1 data is not formatted correctly"; + return( "DHM - The ASN.1 data is not formatted correctly" ); case -(MBEDTLS_ERR_DHM_ALLOC_FAILED): - return "DHM - Allocation of memory failed"; + return( "DHM - Allocation of memory failed" ); case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR): - return "DHM - Read or write of file failed"; + return( "DHM - Read or write of file failed" ); case -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED): - return "DHM - DHM hardware accelerator failed"; + return( "DHM - DHM hardware accelerator failed" ); case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED): - return "DHM - Setting the modulus and generator failed"; + return( "DHM - Setting the modulus and generator failed" ); #endif /* MBEDTLS_DHM_C */ #if defined(MBEDTLS_ECP_C) case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA): - return "ECP - Bad input parameters to function"; + return( "ECP - Bad input parameters to function" ); case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL): - return "ECP - The buffer is too small to write to"; + return( "ECP - The buffer is too small to write to" ); case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE): - return "ECP - The requested feature is not available, for example, the requested curve is not supported"; + return( "ECP - The requested feature is not available, for example, the requested curve is not supported" ); case -(MBEDTLS_ERR_ECP_VERIFY_FAILED): - return "ECP - The signature is not valid"; + return( "ECP - The signature is not valid" ); case -(MBEDTLS_ERR_ECP_ALLOC_FAILED): - return "ECP - Memory allocation failed"; + return( "ECP - Memory allocation failed" ); case -(MBEDTLS_ERR_ECP_RANDOM_FAILED): - return "ECP - Generation of random value, such as ephemeral key, failed"; + return( "ECP - Generation of random value, such as ephemeral key, failed" ); case -(MBEDTLS_ERR_ECP_INVALID_KEY): - return "ECP - Invalid private or public key"; + return( "ECP - Invalid private or public key" ); case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH): - return "ECP - The buffer contains a valid signature followed by more data"; + return( "ECP - The buffer contains a valid signature followed by more data" ); case -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED): - return "ECP - The ECP hardware accelerator failed"; + return( "ECP - The ECP hardware accelerator failed" ); case -(MBEDTLS_ERR_ECP_IN_PROGRESS): - return "ECP - Operation in progress, call again with the same parameters to continue"; + return( "ECP - Operation in progress, call again with the same parameters to continue" ); #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_MD_C) case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE): - return "MD - The selected feature is not available"; + return( "MD - The selected feature is not available" ); case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA): - return "MD - Bad input parameters to function"; + return( "MD - Bad input parameters to function" ); case -(MBEDTLS_ERR_MD_ALLOC_FAILED): - return "MD - Failed to allocate memory"; + return( "MD - Failed to allocate memory" ); case -(MBEDTLS_ERR_MD_FILE_IO_ERROR): - return "MD - Opening or reading of file failed"; + return( "MD - Opening or reading of file failed" ); case -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED): - return "MD - MD hardware accelerator failed"; + return( "MD - MD hardware accelerator failed" ); #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT): - return "PEM - No PEM header or footer found"; + return( "PEM - No PEM header or footer found" ); case -(MBEDTLS_ERR_PEM_INVALID_DATA): - return "PEM - PEM string is not as expected"; + return( "PEM - PEM string is not as expected" ); case -(MBEDTLS_ERR_PEM_ALLOC_FAILED): - return "PEM - Failed to allocate memory"; + return( "PEM - Failed to allocate memory" ); case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV): - return "PEM - RSA IV is not in hex-format"; + return( "PEM - RSA IV is not in hex-format" ); case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG): - return "PEM - Unsupported key encryption algorithm"; + return( "PEM - Unsupported key encryption algorithm" ); case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED): - return "PEM - Private key password can't be empty"; + return( "PEM - Private key password can't be empty" ); case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH): - return "PEM - Given private key password does not allow for correct decryption"; + return( "PEM - Given private key password does not allow for correct decryption" ); case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE): - return "PEM - Unavailable feature, e.g. hashing/encryption combination"; + return( "PEM - Unavailable feature, e.g. hashing/encryption combination" ); case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA): - return "PEM - Bad input parameters to function"; + return( "PEM - Bad input parameters to function" ); #endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ #if defined(MBEDTLS_PK_C) case -(MBEDTLS_ERR_PK_ALLOC_FAILED): - return "PK - Memory allocation failed"; + return( "PK - Memory allocation failed" ); case -(MBEDTLS_ERR_PK_TYPE_MISMATCH): - return "PK - Type mismatch, eg attempt to encrypt with an ECDSA key"; + return( "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA): - return "PK - Bad input parameters to function"; + return( "PK - Bad input parameters to function" ); case -(MBEDTLS_ERR_PK_FILE_IO_ERROR): - return "PK - Read/write of file failed"; + return( "PK - Read/write of file failed" ); case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION): - return "PK - Unsupported key version"; + return( "PK - Unsupported key version" ); case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT): - return "PK - Invalid key tag or value"; + return( "PK - Invalid key tag or value" ); case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG): - return "PK - Key algorithm is unsupported (only RSA and EC are supported)"; + return( "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED): - return "PK - Private key password can't be empty"; + return( "PK - Private key password can't be empty" ); case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH): - return "PK - Given private key password does not allow for correct decryption"; + return( "PK - Given private key password does not allow for correct decryption" ); case -(MBEDTLS_ERR_PK_INVALID_PUBKEY): - return "PK - The pubkey tag or value is invalid (only RSA and EC are supported)"; + return( "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); case -(MBEDTLS_ERR_PK_INVALID_ALG): - return "PK - The algorithm tag or value is invalid"; + return( "PK - The algorithm tag or value is invalid" ); case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE): - return "PK - Elliptic curve is unsupported (only NIST curves are supported)"; + return( "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE): - return "PK - Unavailable feature, e.g. RSA disabled for RSA key"; + return( "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH): - return "PK - The buffer contains a valid signature followed by more data"; + return( "PK - The buffer contains a valid signature followed by more data" ); case -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED): - return "PK - PK hardware accelerator failed"; + return( "PK - PK hardware accelerator failed" ); #endif /* MBEDTLS_PK_C */ #if defined(MBEDTLS_PKCS12_C) case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA): - return "PKCS12 - Bad input parameters to function"; + return( "PKCS12 - Bad input parameters to function" ); case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE): - return "PKCS12 - Feature not available, e.g. unsupported encryption scheme"; + return( "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT): - return "PKCS12 - PBE ASN.1 data not as expected"; + return( "PKCS12 - PBE ASN.1 data not as expected" ); case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH): - return "PKCS12 - Given private key password does not allow for correct decryption"; + return( "PKCS12 - Given private key password does not allow for correct decryption" ); #endif /* MBEDTLS_PKCS12_C */ #if defined(MBEDTLS_PKCS5_C) case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA): - return "PKCS5 - Bad input parameters to function"; + return( "PKCS5 - Bad input parameters to function" ); case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT): - return "PKCS5 - Unexpected ASN.1 data"; + return( "PKCS5 - Unexpected ASN.1 data" ); case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE): - return "PKCS5 - Requested encryption or digest alg not available"; + return( "PKCS5 - Requested encryption or digest alg not available" ); case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH): - return "PKCS5 - Given private key password does not allow for correct decryption"; + return( "PKCS5 - Given private key password does not allow for correct decryption" ); #endif /* MBEDTLS_PKCS5_C */ #if defined(MBEDTLS_RSA_C) case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA): - return "RSA - Bad input parameters to function"; + return( "RSA - Bad input parameters to function" ); case -(MBEDTLS_ERR_RSA_INVALID_PADDING): - return "RSA - Input data contains invalid padding and is rejected"; + return( "RSA - Input data contains invalid padding and is rejected" ); case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED): - return "RSA - Something failed during generation of a key"; + return( "RSA - Something failed during generation of a key" ); case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED): - return "RSA - Key failed to pass the validity check of the library"; + return( "RSA - Key failed to pass the validity check of the library" ); case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED): - return "RSA - The public key operation failed"; + return( "RSA - The public key operation failed" ); case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED): - return "RSA - The private key operation failed"; + return( "RSA - The private key operation failed" ); case -(MBEDTLS_ERR_RSA_VERIFY_FAILED): - return "RSA - The PKCS#1 verification failed"; + return( "RSA - The PKCS#1 verification failed" ); case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE): - return "RSA - The output buffer for decryption is not large enough"; + return( "RSA - The output buffer for decryption is not large enough" ); case -(MBEDTLS_ERR_RSA_RNG_FAILED): - return "RSA - The random generator failed to generate non-zeros"; + return( "RSA - The random generator failed to generate non-zeros" ); case -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION): - return "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality"; + return( "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality" ); case -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED): - return "RSA - RSA hardware accelerator failed"; + return( "RSA - RSA hardware accelerator failed" ); #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_SSL_TLS_C) case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE): - return "SSL - The requested feature is not available"; + return( "SSL - The requested feature is not available" ); case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA): - return "SSL - Bad input parameters to function"; + return( "SSL - Bad input parameters to function" ); case -(MBEDTLS_ERR_SSL_INVALID_MAC): - return "SSL - Verification of the message MAC failed"; + return( "SSL - Verification of the message MAC failed" ); case -(MBEDTLS_ERR_SSL_INVALID_RECORD): - return "SSL - An invalid SSL record was received"; + return( "SSL - An invalid SSL record was received" ); case -(MBEDTLS_ERR_SSL_CONN_EOF): - return "SSL - The connection indicated an EOF"; + return( "SSL - The connection indicated an EOF" ); case -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER): - return "SSL - An unknown cipher was received"; + return( "SSL - An unknown cipher was received" ); case -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN): - return "SSL - The server has no ciphersuites in common with the client"; + return( "SSL - The server has no ciphersuites in common with the client" ); case -(MBEDTLS_ERR_SSL_NO_RNG): - return "SSL - No RNG was provided to the SSL module"; + return( "SSL - No RNG was provided to the SSL module" ); case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): - return "SSL - No client certification received from the client, but required by the authentication mode"; + return( "SSL - No client certification received from the client, but required by the authentication mode" ); case -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE): - return "SSL - Our own certificate(s) is/are too large to send in an SSL message"; + return( "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); case -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED): - return "SSL - The own certificate is not set, but needed by the server"; + return( "SSL - The own certificate is not set, but needed by the server" ); case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): - return "SSL - The own private key or pre-shared key is not set, but needed"; + return( "SSL - The own private key or pre-shared key is not set, but needed" ); case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED): - return "SSL - No CA Chain is set, but required to operate"; + return( "SSL - No CA Chain is set, but required to operate" ); case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE): - return "SSL - An unexpected message was received from our peer"; + return( "SSL - An unexpected message was received from our peer" ); case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE): - return "SSL - A fatal alert message was received from our peer"; + return( "SSL - A fatal alert message was received from our peer" ); case -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED): - return "SSL - Verification of our peer failed"; + return( "SSL - Verification of our peer failed" ); case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY): - return "SSL - The peer notified us that the connection is going to be closed"; + return( "SSL - The peer notified us that the connection is going to be closed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO): - return "SSL - Processing of the ClientHello handshake message failed"; + return( "SSL - Processing of the ClientHello handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO): - return "SSL - Processing of the ServerHello handshake message failed"; + return( "SSL - Processing of the ServerHello handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE): - return "SSL - Processing of the Certificate handshake message failed"; + return( "SSL - Processing of the Certificate handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST): - return "SSL - Processing of the CertificateRequest handshake message failed"; + return( "SSL - Processing of the CertificateRequest handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE): - return "SSL - Processing of the ServerKeyExchange handshake message failed"; + return( "SSL - Processing of the ServerKeyExchange handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE): - return "SSL - Processing of the ServerHelloDone handshake message failed"; + return( "SSL - Processing of the ServerHelloDone handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE): - return "SSL - Processing of the ClientKeyExchange handshake message failed"; + return( "SSL - Processing of the ClientKeyExchange handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP): - return "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public"; + return( "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS): - return "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret"; + return( "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY): - return "SSL - Processing of the CertificateVerify handshake message failed"; + return( "SSL - Processing of the CertificateVerify handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC): - return "SSL - Processing of the ChangeCipherSpec handshake message failed"; + return( "SSL - Processing of the ChangeCipherSpec handshake message failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED): - return "SSL - Processing of the Finished handshake message failed"; + return( "SSL - Processing of the Finished handshake message failed" ); case -(MBEDTLS_ERR_SSL_ALLOC_FAILED): - return "SSL - Memory allocation failed"; + return( "SSL - Memory allocation failed" ); case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED): - return "SSL - Hardware acceleration function returned with error"; + return( "SSL - Hardware acceleration function returned with error" ); case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH): - return "SSL - Hardware acceleration function skipped / left alone data"; + return( "SSL - Hardware acceleration function skipped / left alone data" ); case -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED): - return "SSL - Processing of the compression / decompression failed"; + return( "SSL - Processing of the compression / decompression failed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION): - return "SSL - Handshake protocol not within min/max boundaries"; + return( "SSL - Handshake protocol not within min/max boundaries" ); case -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET): - return "SSL - Processing of the NewSessionTicket handshake message failed"; + return( "SSL - Processing of the NewSessionTicket handshake message failed" ); case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED): - return "SSL - Session ticket has expired"; + return( "SSL - Session ticket has expired" ); case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH): - return "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)"; + return( "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY): - return "SSL - Unknown identity received (eg, PSK identity)"; + return( "SSL - Unknown identity received (eg, PSK identity)" ); case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR): - return "SSL - Internal error (eg, unexpected failure in lower-level module)"; + return( "SSL - Internal error (eg, unexpected failure in lower-level module)" ); case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING): - return "SSL - A counter would wrap (eg, too many messages exchanged)"; + return( "SSL - A counter would wrap (eg, too many messages exchanged)" ); case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO): - return "SSL - Unexpected message at ServerHello in renegotiation"; + return( "SSL - Unexpected message at ServerHello in renegotiation" ); case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED): - return "SSL - DTLS client must retry for hello verification"; + return( "SSL - DTLS client must retry for hello verification" ); case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL): - return "SSL - A buffer is too small to receive or write a message"; + return( "SSL - A buffer is too small to receive or write a message" ); case -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE): - return "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)"; + return( "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); case -(MBEDTLS_ERR_SSL_WANT_READ): - return "SSL - No data of requested type currently available on underlying transport"; + return( "SSL - No data of requested type currently available on underlying transport" ); case -(MBEDTLS_ERR_SSL_WANT_WRITE): - return "SSL - Connection requires a write call"; + return( "SSL - Connection requires a write call" ); case -(MBEDTLS_ERR_SSL_TIMEOUT): - return "SSL - The operation timed out"; + return( "SSL - The operation timed out" ); case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT): - return "SSL - The client initiated a reconnect from the same port"; + return( "SSL - The client initiated a reconnect from the same port" ); case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD): - return "SSL - Record header looks valid but is not expected"; + return( "SSL - Record header looks valid but is not expected" ); case -(MBEDTLS_ERR_SSL_NON_FATAL): - return "SSL - The alert message received indicates a non-fatal error"; + return( "SSL - The alert message received indicates a non-fatal error" ); case -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH): - return "SSL - Couldn't set the hash for verifying CertificateVerify"; + return( "SSL - Couldn't set the hash for verifying CertificateVerify" ); case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING): - return "SSL - Internal-only message signaling that further message-processing should be done"; + return( "SSL - Internal-only message signaling that further message-processing should be done" ); case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS): - return "SSL - The asynchronous operation is not completed yet"; + return( "SSL - The asynchronous operation is not completed yet" ); case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE): - return "SSL - Internal-only message signaling that a message arrived early"; + return( "SSL - Internal-only message signaling that a message arrived early" ); case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID): - return "SSL - An encrypted DTLS-frame with an unexpected CID was received"; + return( "SSL - An encrypted DTLS-frame with an unexpected CID was received" ); case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH): - return "SSL - An operation failed due to an unexpected version or configuration"; + return( "SSL - An operation failed due to an unexpected version or configuration" ); case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS): - return "SSL - A cryptographic operation is in progress. Try again later"; + return( "SSL - A cryptographic operation is in progress. Try again later" ); #endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE): - return "X509 - Unavailable feature, e.g. RSA hashing/encryption combination"; + return( "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); case -(MBEDTLS_ERR_X509_UNKNOWN_OID): - return "X509 - Requested OID is unknown"; + return( "X509 - Requested OID is unknown" ); case -(MBEDTLS_ERR_X509_INVALID_FORMAT): - return "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected"; + return( "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); case -(MBEDTLS_ERR_X509_INVALID_VERSION): - return "X509 - The CRT/CRL/CSR version element is invalid"; + return( "X509 - The CRT/CRL/CSR version element is invalid" ); case -(MBEDTLS_ERR_X509_INVALID_SERIAL): - return "X509 - The serial tag or value is invalid"; + return( "X509 - The serial tag or value is invalid" ); case -(MBEDTLS_ERR_X509_INVALID_ALG): - return "X509 - The algorithm tag or value is invalid"; + return( "X509 - The algorithm tag or value is invalid" ); case -(MBEDTLS_ERR_X509_INVALID_NAME): - return "X509 - The name tag or value is invalid"; + return( "X509 - The name tag or value is invalid" ); case -(MBEDTLS_ERR_X509_INVALID_DATE): - return "X509 - The date tag or value is invalid"; + return( "X509 - The date tag or value is invalid" ); case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE): - return "X509 - The signature tag or value invalid"; + return( "X509 - The signature tag or value invalid" ); case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS): - return "X509 - The extension tag or value is invalid"; + return( "X509 - The extension tag or value is invalid" ); case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION): - return "X509 - CRT/CRL/CSR has an unsupported version number"; + return( "X509 - CRT/CRL/CSR has an unsupported version number" ); case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG): - return "X509 - Signature algorithm (oid) is unsupported"; + return( "X509 - Signature algorithm (oid) is unsupported" ); case -(MBEDTLS_ERR_X509_SIG_MISMATCH): - return "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)"; + return( "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED): - return "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed"; + return( "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT): - return "X509 - Format not recognized as DER or PEM"; + return( "X509 - Format not recognized as DER or PEM" ); case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA): - return "X509 - Input invalid"; + return( "X509 - Input invalid" ); case -(MBEDTLS_ERR_X509_ALLOC_FAILED): - return "X509 - Allocation of memory failed"; + return( "X509 - Allocation of memory failed" ); case -(MBEDTLS_ERR_X509_FILE_IO_ERROR): - return "X509 - Read/write of file failed"; + return( "X509 - Read/write of file failed" ); case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL): - return "X509 - Destination buffer is too small"; + return( "X509 - Destination buffer is too small" ); case -(MBEDTLS_ERR_X509_FATAL_ERROR): - return "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed"; + return( "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" ); #endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ /* End Auto-Generated Code. */ @@ -572,7 +572,7 @@ const char * mbedtls_high_level_strerr( int error_code ) break; } - return NULL; + return( NULL ); } const char * mbedtls_low_level_strerr( int error_code ) @@ -590,299 +590,299 @@ const char * mbedtls_low_level_strerr( int error_code ) /* Begin Auto-Generated Code. */ #if defined(MBEDTLS_AES_C) case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH): - return "AES - Invalid key length"; + return( "AES - Invalid key length" ); case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH): - return "AES - Invalid data input length"; + return( "AES - Invalid data input length" ); case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA): - return "AES - Invalid input data"; + return( "AES - Invalid input data" ); case -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE): - return "AES - Feature not available. For example, an unsupported AES key size"; + return( "AES - Feature not available. For example, an unsupported AES key size" ); case -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED): - return "AES - AES hardware accelerator failed"; + return( "AES - AES hardware accelerator failed" ); #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_ARC4_C) case -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED): - return "ARC4 - ARC4 hardware accelerator failed"; + return( "ARC4 - ARC4 hardware accelerator failed" ); #endif /* MBEDTLS_ARC4_C */ #if defined(MBEDTLS_ARIA_C) case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA): - return "ARIA - Bad input data"; + return( "ARIA - Bad input data" ); case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH): - return "ARIA - Invalid data input length"; + return( "ARIA - Invalid data input length" ); case -(MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE): - return "ARIA - Feature not available. For example, an unsupported ARIA key size"; + return( "ARIA - Feature not available. For example, an unsupported ARIA key size" ); case -(MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED): - return "ARIA - ARIA hardware accelerator failed"; + return( "ARIA - ARIA hardware accelerator failed" ); #endif /* MBEDTLS_ARIA_C */ #if defined(MBEDTLS_ASN1_PARSE_C) case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA): - return "ASN1 - Out of data when parsing an ASN1 data structure"; + return( "ASN1 - Out of data when parsing an ASN1 data structure" ); case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG): - return "ASN1 - ASN1 tag was of an unexpected value"; + return( "ASN1 - ASN1 tag was of an unexpected value" ); case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH): - return "ASN1 - Error when trying to determine the length or invalid length"; + return( "ASN1 - Error when trying to determine the length or invalid length" ); case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH): - return "ASN1 - Actual length differs from expected length"; + return( "ASN1 - Actual length differs from expected length" ); case -(MBEDTLS_ERR_ASN1_INVALID_DATA): - return "ASN1 - Data is invalid"; + return( "ASN1 - Data is invalid" ); case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED): - return "ASN1 - Memory allocation failed"; + return( "ASN1 - Memory allocation failed" ); case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL): - return "ASN1 - Buffer too small when writing ASN.1 data structure"; + return( "ASN1 - Buffer too small when writing ASN.1 data structure" ); #endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_BASE64_C) case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL): - return "BASE64 - Output buffer too small"; + return( "BASE64 - Output buffer too small" ); case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER): - return "BASE64 - Invalid character in input"; + return( "BASE64 - Invalid character in input" ); #endif /* MBEDTLS_BASE64_C */ #if defined(MBEDTLS_BIGNUM_C) case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR): - return "BIGNUM - An error occurred while reading from or writing to a file"; + return( "BIGNUM - An error occurred while reading from or writing to a file" ); case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA): - return "BIGNUM - Bad input parameters to function"; + return( "BIGNUM - Bad input parameters to function" ); case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER): - return "BIGNUM - There is an invalid character in the digit string"; + return( "BIGNUM - There is an invalid character in the digit string" ); case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL): - return "BIGNUM - The buffer is too small to write to"; + return( "BIGNUM - The buffer is too small to write to" ); case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE): - return "BIGNUM - The input arguments are negative or result in illegal output"; + return( "BIGNUM - The input arguments are negative or result in illegal output" ); case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO): - return "BIGNUM - The input argument for division is zero, which is not allowed"; + return( "BIGNUM - The input argument for division is zero, which is not allowed" ); case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE): - return "BIGNUM - The input arguments are not acceptable"; + return( "BIGNUM - The input arguments are not acceptable" ); case -(MBEDTLS_ERR_MPI_ALLOC_FAILED): - return "BIGNUM - Memory allocation failed"; + return( "BIGNUM - Memory allocation failed" ); #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_BLOWFISH_C) case -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA): - return "BLOWFISH - Bad input data"; + return( "BLOWFISH - Bad input data" ); case -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH): - return "BLOWFISH - Invalid data input length"; + return( "BLOWFISH - Invalid data input length" ); case -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED): - return "BLOWFISH - Blowfish hardware accelerator failed"; + return( "BLOWFISH - Blowfish hardware accelerator failed" ); #endif /* MBEDTLS_BLOWFISH_C */ #if defined(MBEDTLS_CAMELLIA_C) case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA): - return "CAMELLIA - Bad input data"; + return( "CAMELLIA - Bad input data" ); case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH): - return "CAMELLIA - Invalid data input length"; + return( "CAMELLIA - Invalid data input length" ); case -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED): - return "CAMELLIA - Camellia hardware accelerator failed"; + return( "CAMELLIA - Camellia hardware accelerator failed" ); #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CCM_C) case -(MBEDTLS_ERR_CCM_BAD_INPUT): - return "CCM - Bad input parameters to the function"; + return( "CCM - Bad input parameters to the function" ); case -(MBEDTLS_ERR_CCM_AUTH_FAILED): - return "CCM - Authenticated decryption failed"; + return( "CCM - Authenticated decryption failed" ); case -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED): - return "CCM - CCM hardware accelerator failed"; + return( "CCM - CCM hardware accelerator failed" ); #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHA20_C) case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA): - return "CHACHA20 - Invalid input parameter(s)"; + return( "CHACHA20 - Invalid input parameter(s)" ); case -(MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE): - return "CHACHA20 - Feature not available. For example, s part of the API is not implemented"; + return( "CHACHA20 - Feature not available. For example, s part of the API is not implemented" ); case -(MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED): - return "CHACHA20 - Chacha20 hardware accelerator failed"; + return( "CHACHA20 - Chacha20 hardware accelerator failed" ); #endif /* MBEDTLS_CHACHA20_C */ #if defined(MBEDTLS_CHACHAPOLY_C) case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE): - return "CHACHAPOLY - The requested operation is not permitted in the current state"; + return( "CHACHAPOLY - The requested operation is not permitted in the current state" ); case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED): - return "CHACHAPOLY - Authenticated decryption failed: data was not authentic"; + return( "CHACHAPOLY - Authenticated decryption failed: data was not authentic" ); #endif /* MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_CMAC_C) case -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED): - return "CMAC - CMAC hardware accelerator failed"; + return( "CMAC - CMAC hardware accelerator failed" ); #endif /* MBEDTLS_CMAC_C */ #if defined(MBEDTLS_CTR_DRBG_C) case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED): - return "CTR_DRBG - The entropy source failed"; + return( "CTR_DRBG - The entropy source failed" ); case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG): - return "CTR_DRBG - The requested random buffer length is too big"; + return( "CTR_DRBG - The requested random buffer length is too big" ); case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG): - return "CTR_DRBG - The input (entropy + additional data) is too large"; + return( "CTR_DRBG - The input (entropy + additional data) is too large" ); case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR): - return "CTR_DRBG - Read or write error in file"; + return( "CTR_DRBG - Read or write error in file" ); #endif /* MBEDTLS_CTR_DRBG_C */ #if defined(MBEDTLS_DES_C) case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH): - return "DES - The data input has an invalid length"; + return( "DES - The data input has an invalid length" ); case -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED): - return "DES - DES hardware accelerator failed"; + return( "DES - DES hardware accelerator failed" ); #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_ENTROPY_C) case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED): - return "ENTROPY - Critical entropy source failure"; + return( "ENTROPY - Critical entropy source failure" ); case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES): - return "ENTROPY - No more sources can be added"; + return( "ENTROPY - No more sources can be added" ); case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED): - return "ENTROPY - No sources have been added to poll"; + return( "ENTROPY - No sources have been added to poll" ); case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE): - return "ENTROPY - No strong sources have been added to poll"; + return( "ENTROPY - No strong sources have been added to poll" ); case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR): - return "ENTROPY - Read/write error in file"; + return( "ENTROPY - Read/write error in file" ); #endif /* MBEDTLS_ENTROPY_C */ #if defined(MBEDTLS_ERROR_C) case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR): - return "ERROR - Generic error"; + return( "ERROR - Generic error" ); case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED): - return "ERROR - This is a bug in the library"; + return( "ERROR - This is a bug in the library" ); #endif /* MBEDTLS_ERROR_C */ #if defined(MBEDTLS_GCM_C) case -(MBEDTLS_ERR_GCM_AUTH_FAILED): - return "GCM - Authenticated decryption failed"; + return( "GCM - Authenticated decryption failed" ); case -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED): - return "GCM - GCM hardware accelerator failed"; + return( "GCM - GCM hardware accelerator failed" ); case -(MBEDTLS_ERR_GCM_BAD_INPUT): - return "GCM - Bad input parameters to function"; + return( "GCM - Bad input parameters to function" ); #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_HKDF_C) case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA): - return "HKDF - Bad input parameters to function"; + return( "HKDF - Bad input parameters to function" ); #endif /* MBEDTLS_HKDF_C */ #if defined(MBEDTLS_HMAC_DRBG_C) case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG): - return "HMAC_DRBG - Too many random requested in single call"; + return( "HMAC_DRBG - Too many random requested in single call" ); case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG): - return "HMAC_DRBG - Input too large (Entropy + additional)"; + return( "HMAC_DRBG - Input too large (Entropy + additional)" ); case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR): - return "HMAC_DRBG - Read/write error in file"; + return( "HMAC_DRBG - Read/write error in file" ); case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED): - return "HMAC_DRBG - The entropy source failed"; + return( "HMAC_DRBG - The entropy source failed" ); #endif /* MBEDTLS_HMAC_DRBG_C */ #if defined(MBEDTLS_MD2_C) case -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED): - return "MD2 - MD2 hardware accelerator failed"; + return( "MD2 - MD2 hardware accelerator failed" ); #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) case -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED): - return "MD4 - MD4 hardware accelerator failed"; + return( "MD4 - MD4 hardware accelerator failed" ); #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) case -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED): - return "MD5 - MD5 hardware accelerator failed"; + return( "MD5 - MD5 hardware accelerator failed" ); #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_NET_C) case -(MBEDTLS_ERR_NET_SOCKET_FAILED): - return "NET - Failed to open a socket"; + return( "NET - Failed to open a socket" ); case -(MBEDTLS_ERR_NET_CONNECT_FAILED): - return "NET - The connection to the given server / port failed"; + return( "NET - The connection to the given server / port failed" ); case -(MBEDTLS_ERR_NET_BIND_FAILED): - return "NET - Binding of the socket failed"; + return( "NET - Binding of the socket failed" ); case -(MBEDTLS_ERR_NET_LISTEN_FAILED): - return "NET - Could not listen on the socket"; + return( "NET - Could not listen on the socket" ); case -(MBEDTLS_ERR_NET_ACCEPT_FAILED): - return "NET - Could not accept the incoming connection"; + return( "NET - Could not accept the incoming connection" ); case -(MBEDTLS_ERR_NET_RECV_FAILED): - return "NET - Reading information from the socket failed"; + return( "NET - Reading information from the socket failed" ); case -(MBEDTLS_ERR_NET_SEND_FAILED): - return "NET - Sending information through the socket failed"; + return( "NET - Sending information through the socket failed" ); case -(MBEDTLS_ERR_NET_CONN_RESET): - return "NET - Connection was reset by peer"; + return( "NET - Connection was reset by peer" ); case -(MBEDTLS_ERR_NET_UNKNOWN_HOST): - return "NET - Failed to get an IP address for the given hostname"; + return( "NET - Failed to get an IP address for the given hostname" ); case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL): - return "NET - Buffer is too small to hold the data"; + return( "NET - Buffer is too small to hold the data" ); case -(MBEDTLS_ERR_NET_INVALID_CONTEXT): - return "NET - The context is invalid, eg because it was free()ed"; + return( "NET - The context is invalid, eg because it was free()ed" ); case -(MBEDTLS_ERR_NET_POLL_FAILED): - return "NET - Polling the net context failed"; + return( "NET - Polling the net context failed" ); case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA): - return "NET - Input invalid"; + return( "NET - Input invalid" ); #endif /* MBEDTLS_NET_C */ #if defined(MBEDTLS_OID_C) case -(MBEDTLS_ERR_OID_NOT_FOUND): - return "OID - OID is not found"; + return( "OID - OID is not found" ); case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL): - return "OID - output buffer is too small"; + return( "OID - output buffer is too small" ); #endif /* MBEDTLS_OID_C */ #if defined(MBEDTLS_PADLOCK_C) case -(MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED): - return "PADLOCK - Input data should be aligned"; + return( "PADLOCK - Input data should be aligned" ); #endif /* MBEDTLS_PADLOCK_C */ #if defined(MBEDTLS_PLATFORM_C) case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): - return "PLATFORM - Hardware accelerator failed"; + return( "PLATFORM - Hardware accelerator failed" ); case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED): - return "PLATFORM - The requested feature is not supported by the platform"; + return( "PLATFORM - The requested feature is not supported by the platform" ); #endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_POLY1305_C) case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA): - return "POLY1305 - Invalid input parameter(s)"; + return( "POLY1305 - Invalid input parameter(s)" ); case -(MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE): - return "POLY1305 - Feature not available. For example, s part of the API is not implemented"; + return( "POLY1305 - Feature not available. For example, s part of the API is not implemented" ); case -(MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED): - return "POLY1305 - Poly1305 hardware accelerator failed"; + return( "POLY1305 - Poly1305 hardware accelerator failed" ); #endif /* MBEDTLS_POLY1305_C */ #if defined(MBEDTLS_RIPEMD160_C) case -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED): - return "RIPEMD160 - RIPEMD160 hardware accelerator failed"; + return( "RIPEMD160 - RIPEMD160 hardware accelerator failed" ); #endif /* MBEDTLS_RIPEMD160_C */ #if defined(MBEDTLS_SHA1_C) case -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED): - return "SHA1 - SHA-1 hardware accelerator failed"; + return( "SHA1 - SHA-1 hardware accelerator failed" ); case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA): - return "SHA1 - SHA-1 input data was malformed"; + return( "SHA1 - SHA-1 input data was malformed" ); #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) case -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED): - return "SHA256 - SHA-256 hardware accelerator failed"; + return( "SHA256 - SHA-256 hardware accelerator failed" ); case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA): - return "SHA256 - SHA-256 input data was malformed"; + return( "SHA256 - SHA-256 input data was malformed" ); #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) case -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED): - return "SHA512 - SHA-512 hardware accelerator failed"; + return( "SHA512 - SHA-512 hardware accelerator failed" ); case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA): - return "SHA512 - SHA-512 input data was malformed"; + return( "SHA512 - SHA-512 input data was malformed" ); #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_THREADING_C) case -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE): - return "THREADING - The selected feature is not available"; + return( "THREADING - The selected feature is not available" ); case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA): - return "THREADING - Bad input parameters to function"; + return( "THREADING - Bad input parameters to function" ); case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR): - return "THREADING - Locking / unlocking / free failed with error code"; + return( "THREADING - Locking / unlocking / free failed with error code" ); #endif /* MBEDTLS_THREADING_C */ #if defined(MBEDTLS_XTEA_C) case -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH): - return "XTEA - The data input has an invalid length"; + return( "XTEA - The data input has an invalid length" ); case -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED): - return "XTEA - XTEA hardware accelerator failed"; + return( "XTEA - XTEA hardware accelerator failed" ); #endif /* MBEDTLS_XTEA_C */ /* End Auto-Generated Code. */ @@ -890,7 +890,7 @@ const char * mbedtls_low_level_strerr( int error_code ) break; } - return NULL; + return( NULL ); } void mbedtls_strerror( int ret, char *buf, size_t buflen ) diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index e908aac02f2d..d106acdfc73b 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -62,7 +62,7 @@ HIGH_LEVEL_CODE_CHECKS break; } - return NULL; + return( NULL ); } const char * mbedtls_low_level_strerr( int error_code ) @@ -85,7 +85,7 @@ LOW_LEVEL_CODE_CHECKS break; } - return NULL; + return( NULL ); } void mbedtls_strerror( int ret, char *buf, size_t buflen ) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 5aef37ab2ff3..0512d59828c9 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -161,7 +161,7 @@ } ${$code_check} .= "${white_space}case -($error_name):\n". - "${white_space} return \"$module_name - $description\";\n" + "${white_space} return( \"$module_name - $description\" );\n" }; if ($ll_old_define ne "") From 2b2acf1111a56ef960448f890a39302259e2426f Mon Sep 17 00:00:00 2001 From: opatomic Date: Fri, 24 Apr 2020 10:00:36 -0400 Subject: [PATCH 32/81] add support for win2k getaddrinfo() is not available on win2k. By including wspiapi.h (if _WIN32_WINNT is defined as value < 0x0501) then a compatibility layer will be used when running on win2k. For more details, refer to Microsoft docs for getaddrinfo(). Signed-off-by: opatomic --- library/net_sockets.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/net_sockets.c b/library/net_sockets.c index dbde510db8c3..5c1e665ea9a6 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -54,8 +54,7 @@ #define IS_EINTR( ret ) ( ( ret ) == WSAEINTR ) -#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0501) -#undef _WIN32_WINNT +#if !defined(_WIN32_WINNT) /* Enables getaddrinfo() & Co */ #define _WIN32_WINNT 0x0501 #endif @@ -64,6 +63,9 @@ #include #include +#if (_WIN32_WINNT < 0x0501) +#include +#endif #if defined(_MSC_VER) #if defined(_WIN32_WCE) From 97bea01ff4ad8ac5c6b6e43908c61c2af7f80620 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 23:37:45 +0200 Subject: [PATCH 33/81] all.sh: run selftest in the full config and with ASan Almost everything the selftest program does is in the test suites. But just in case run the selftest program itself once in the full configuration, and once in the default configuration with ASan, in addition to running it out of box. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5b70caa225fd..730c80755e4a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -645,7 +645,7 @@ component_test_default_out_of_box () { make test msg "selftest: make, default config (out-of-box)" # ~10s - programs/test/selftest + if_build_succeeded programs/test/selftest export MBEDTLS_TEST_OUTCOME_FILE="$SAVE_MBEDTLS_TEST_OUTCOME_FILE" unset SAVE_MBEDTLS_TEST_OUTCOME_FILE @@ -659,6 +659,9 @@ component_test_default_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s make test + msg "test: selftest (ASan build)" # ~ 10s + if_build_succeeded programs/test/selftest + msg "test: ssl-opt.sh (ASan build)" # ~ 1 min if_build_succeeded tests/ssl-opt.sh @@ -678,6 +681,9 @@ component_test_full_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (full config, ASan build)" make test + msg "test: selftest (ASan build)" # ~ 10s + if_build_succeeded programs/test/selftest + msg "test: ssl-opt.sh (full config, ASan build)" if_build_succeeded tests/ssl-opt.sh From 60f267bb1ef4cbc39fd56dafd0ce8296b6fedcb2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 22:21:30 +0200 Subject: [PATCH 34/81] all.sh: make the arm-gcc cross-compiler prefix configurable Make it possible to use a compiler that isn't in $PATH, or that's installed with a different name, or even a compiler for a different target such as arm-linux-gnueabi. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 730c80755e4a..6f473bdcd82f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -138,6 +138,7 @@ pre_initialize_variables () { : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} + : ${ARM_GCC_PREFIX:=arm-none-eabi-} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -z "${MAKEFLAGS+set}" ]; then @@ -203,6 +204,8 @@ General options: -k|--keep-going Run all tests and report errors at the end. -m|--memory Additional optional memory tests. --append-outcome Append to the outcome file (if used). + --arm-gcc-prefix= Prefix for gcc as a cross-compiler for arm + (default: "${ARM_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). --except Exclude the COMPONENTs listed on the command line, instead of running only those. @@ -335,6 +338,7 @@ pre_parse_command_line () { while [ $# -gt 0 ]; do case "$1" in --append-outcome) append_outcome=1;; + --arm-gcc-prefix) shift; ARM_GCC_PREFIX="$1";; --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; @@ -547,7 +551,7 @@ pre_check_tools () { esac case " $RUN_COMPONENTS " in - *_arm_none_eabi_gcc[_\ ]*) check_tools "arm-none-eabi-gcc";; + *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_GCC_PREFIX}gcc";; esac case " $RUN_COMPONENTS " in @@ -1572,36 +1576,36 @@ component_test_no_64bit_multiplication () { } component_build_arm_none_eabi_gcc () { - msg "build: arm-none-eabi-gcc, make" # ~ 10s + msg "build: ${ARM_GCC_PREFIX}gcc, make" # ~ 10s scripts/config.py baremetal - make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib + make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" LD="${ARM_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib } component_build_arm_none_eabi_gcc_arm5vte () { - msg "build: arm-none-eabi-gcc -march=arm5vte, make" # ~ 10s + msg "build: ${ARM_GCC_PREFIX}gcc -march=arm5vte, make" # ~ 10s scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. # It would be better to build with arm-linux-gnueabi-gcc but # we don't have that on our CI at this time. - make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib + make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib } component_build_arm_none_eabi_gcc_no_udbl_division () { - msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s + msg "build: ${ARM_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s scripts/config.py baremetal scripts/config.py set MBEDTLS_NO_UDBL_DIVISION - make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib + make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" LD="${ARM_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib echo "Checking that software 64-bit division is not required" if_build_succeeded not grep __aeabi_uldiv library/*.o } component_build_arm_none_eabi_gcc_no_64bit_multiplication () { - msg "build: arm-none-eabi-gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s + msg "build: ${ARM_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s scripts/config.py baremetal scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION - make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib + make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" LD="${ARM_GCC_PREFIX}ld" CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib echo "Checking that software 64-bit multiplication is not required" if_build_succeeded not grep __aeabi_lmul library/*.o } From c9cdd21a0407c76ffc239c0e232b0bcc922c5449 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Apr 2020 22:13:43 +0200 Subject: [PATCH 35/81] Travis: don't test with both gcc and clang In practice, we hardly ever get different outcomes, so there is no gain in running tests with different compilers. Experimentally, with the builds and tests we currently do and with the compiler versions on a Travis Ubuntu 16.04, gcc jobs are significantly faster than clang jobs (13 min vs 24 min). So use gcc. Signed-off-by: Gilles Peskine --- .travis.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0685bdbb4a6a..11d679c7c5a7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,7 +1,5 @@ language: c -compiler: -- clang -- gcc +compiler: gcc sudo: false cache: ccache From d0f543a5dcc6a41c0d3969f3249ba366f2d1b764 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Apr 2020 22:18:58 +0200 Subject: [PATCH 36/81] Travis: split the build into three parallel jobs Split the build between: * Basic checks * A build in the default configuration with extensive tests * Builds in other configurations with less testing The intent is to have one shorter job with basic tests, and two longer jobs that take roughly the same amount of time (split as evenly as possible while keeping an easy-to-understand separation). Signed-off-by: Gilles Peskine --- .travis.yml | 43 +++++++++++++++++++++++++++---------------- 1 file changed, 27 insertions(+), 16 deletions(-) diff --git a/.travis.yml b/.travis.yml index 11d679c7c5a7..39d42636efba 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,24 +3,35 @@ compiler: gcc sudo: false cache: ccache -script: -- tests/scripts/recursion.pl library/*.c -- tests/scripts/check-generated-files.sh -- tests/scripts/check-doxy-blocks.pl -- tests/scripts/check-names.sh -- tests/scripts/check-files.py -- tests/scripts/doxygen.sh -- cmake -D CMAKE_BUILD_TYPE:String="Check" . -- make -- make test -- programs/test/selftest -- OSSL_NO_DTLS=1 tests/compat.sh -- tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' -- tests/scripts/test-ref-configs.pl -- tests/scripts/curves.pl -- tests/scripts/key-exchanges.pl +jobs: + include: + - name: basic checks + script: + - tests/scripts/recursion.pl library/*.c + - tests/scripts/check-generated-files.sh + - tests/scripts/check-doxy-blocks.pl + - tests/scripts/check-names.sh + - tests/scripts/check-files.py + - tests/scripts/doxygen.sh + + - name: default configuration + script: + - cmake -D CMAKE_BUILD_TYPE:String="Check" . + - make + - make test + - programs/test/selftest + - OSSL_NO_DTLS=1 tests/compat.sh + - tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' + + - name: enumerated configurations + script: + - tests/scripts/test-ref-configs.pl + - tests/scripts/curves.pl + - tests/scripts/key-exchanges.pl + after_failure: - tests/scripts/travis-log-failure.sh + env: global: - SEED=1 From b49a4576ae8f92705b7027cdbf3fe607775efc78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 23:45:55 +0200 Subject: [PATCH 37/81] Travis: move doxygen dependencies into the "sanity" job Only this job uses doxygen and graphviz. Signed-off-by: Gilles Peskine --- .travis.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 39d42636efba..2463a7ef8b3e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,6 +6,11 @@ cache: ccache jobs: include: - name: basic checks + addons: + apt: + packages: + - doxygen + - graphviz script: - tests/scripts/recursion.pl library/*.c - tests/scripts/check-generated-files.sh @@ -38,10 +43,6 @@ env: - secure: "FrI5d2s+ckckC17T66c8jm2jV6i2DkBPU5nyWzwbedjmEBeocREfQLd/x8yKpPzLDz7ghOvr+/GQvsPPn0dVkGlNzm3Q+hGHc/ujnASuUtGrcuMM+0ALnJ3k4rFr9xEvjJeWb4SmhJO5UCAZYvTItW4k7+bj9L+R6lt3TzQbXzg=" addons: - apt: - packages: - - doxygen - - graphviz coverity_scan: project: name: "ARMmbed/mbedtls" From a38f3685dc09fa765040e00d431b84a67baeb465 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 21:15:07 +0200 Subject: [PATCH 38/81] Travis: run Pylint Declare an explicit Python version. Pick 3.5 which is the default version on Ubuntu 16.04. This is necessary on Travis to have a working pip for Python 3. Install Pylint 2.4.4. There's nothing special about this version, it's just the latest version. Signed-off-by: Gilles Peskine --- .travis.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.travis.yml b/.travis.yml index 2463a7ef8b3e..113ef19e0d90 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,6 +11,10 @@ jobs: packages: - doxygen - graphviz + language: python # Needed to get pip for Python 3 + python: 3.5 # version from Ubuntu 16.04 + install: + - pip install pylint==2.4.4 script: - tests/scripts/recursion.pl library/*.c - tests/scripts/check-generated-files.sh @@ -18,6 +22,7 @@ jobs: - tests/scripts/check-names.sh - tests/scripts/check-files.py - tests/scripts/doxygen.sh + - tests/scripts/check-python-files.sh - name: default configuration script: From 3c7ffd7a4091916db501d41c8e9ce6bc7e2f0586 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Apr 2020 22:23:35 +0200 Subject: [PATCH 39/81] Travis: call all.sh for sanity checks Different releases have different sets of sanity checks. Keep the list in one place, namely all.sh. Signed-off-by: Gilles Peskine --- .travis.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index 113ef19e0d90..9f439ad90bd9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,13 +16,7 @@ jobs: install: - pip install pylint==2.4.4 script: - - tests/scripts/recursion.pl library/*.c - - tests/scripts/check-generated-files.sh - - tests/scripts/check-doxy-blocks.pl - - tests/scripts/check-names.sh - - tests/scripts/check-files.py - - tests/scripts/doxygen.sh - - tests/scripts/check-python-files.sh + - tests/scripts/all.sh -k 'check_*' - name: default configuration script: From dc566758a30a7511a8dccbbfcb29f70defa106a7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 23:32:52 +0200 Subject: [PATCH 40/81] Travis: call all.sh for the default-configuration build This way anything we change in all.sh, such as adding tests for programs/*/*, will be reflected here. The build now uses GCC instead of Clang, which doesn't make much difference in practice. The build now enables ASan and UBSan. The tests now run compat.sh and ssl-opt.sh fully. Signed-off-by: Gilles Peskine --- .travis.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 9f439ad90bd9..f9cedf0e31ca 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,13 +19,12 @@ jobs: - tests/scripts/all.sh -k 'check_*' - name: default configuration + addons: + apt: + packages: + - gnutls-bin script: - - cmake -D CMAKE_BUILD_TYPE:String="Check" . - - make - - make test - - programs/test/selftest - - OSSL_NO_DTLS=1 tests/compat.sh - - tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' + - tests/scripts/all.sh -k test_default_cmake_gcc_asan - name: enumerated configurations script: From a2d3ec22bb3badfdf3f874763329877d08fc94e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 21:31:04 +0200 Subject: [PATCH 41/81] Travis: replace "default configuration by "full configuration" For the one long job with ASan, use the full configuration. We get more coverage this way, at the cost of a slightly longer runtime which we can afford since the "enumerated configurations" job is slower. Add a default-configuration build to the "basic checks" job. This job is fairly quick (no ASan, no SSL testing). Signed-off-by: Gilles Peskine --- .travis.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index f9cedf0e31ca..c3580b8f9576 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,14 +17,15 @@ jobs: - pip install pylint==2.4.4 script: - tests/scripts/all.sh -k 'check_*' + - tests/scripts/all.sh -k test_default_out_of_box - - name: default configuration + - name: full configuration addons: apt: packages: - gnutls-bin script: - - tests/scripts/all.sh -k test_default_cmake_gcc_asan + - tests/scripts/all.sh -k test_full_cmake_gcc_asan - name: enumerated configurations script: From a5ced5b103181b8666731fc2b0d29d0755d66945 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 23:36:00 +0200 Subject: [PATCH 42/81] Travis: install gnutls-bin for all jobs Some jobs don't actually test against GnuTLS, but all.sh checks its presence in all test jobs, so it needs to be installed regardless. Signed-off-by: Gilles Peskine --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index c3580b8f9576..c3bd3527836c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ jobs: addons: apt: packages: + - gnutls-bin - doxygen - graphviz language: python # Needed to get pip for Python 3 @@ -20,10 +21,6 @@ jobs: - tests/scripts/all.sh -k test_default_out_of_box - name: full configuration - addons: - apt: - packages: - - gnutls-bin script: - tests/scripts/all.sh -k test_full_cmake_gcc_asan @@ -42,6 +39,9 @@ env: - secure: "FrI5d2s+ckckC17T66c8jm2jV6i2DkBPU5nyWzwbedjmEBeocREfQLd/x8yKpPzLDz7ghOvr+/GQvsPPn0dVkGlNzm3Q+hGHc/ujnASuUtGrcuMM+0ALnJ3k4rFr9xEvjJeWb4SmhJO5UCAZYvTItW4k7+bj9L+R6lt3TzQbXzg=" addons: + apt: + packages: + - gnutls-bin coverity_scan: project: name: "ARMmbed/mbedtls" From 5dcfb947d133eda40f06bcde71f275668d5d3bb3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 21:46:42 +0200 Subject: [PATCH 43/81] Travis: call all depends_* tests Call all.sh to run all the available test_depends_* components. This adds a run of depends-hashes.pl and depends-pkgalgs.pl. Keep invoking test-ref-configs.pl rather than via all.sh so that it doesn't run with ASan. This saves some time and ASan there doesn't turn up much more than in the full config. Signed-off-by: Gilles Peskine --- .travis.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index c3bd3527836c..39933b58b225 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,8 +27,7 @@ jobs: - name: enumerated configurations script: - tests/scripts/test-ref-configs.pl - - tests/scripts/curves.pl - - tests/scripts/key-exchanges.pl + - tests/scripts/all.sh -k 'test_depends_*' 'build_key_exchanges' after_failure: - tests/scripts/travis-log-failure.sh From f2f39ddd89728c996a06b4fd282ec3aa6d3e813e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 22:30:31 +0200 Subject: [PATCH 44/81] Travis: add a baremetal build Add a baremetal build to Travis, to catch inadvertent dependencies on platform functions. The exact choice of target platform doesn't matter for this purpose. Pick one that's present in all.sh, that uses a compiler that's available in the Travis build environment (Ubuntu 16.04), and that happens to be close to the Debian "armel" distribution. Signed-off-by: Gilles Peskine --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index 39933b58b225..0569909255e8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,6 +12,8 @@ jobs: - gnutls-bin - doxygen - graphviz + - gcc-arm-none-eabi + - libnewlib-arm-none-eabi language: python # Needed to get pip for Python 3 python: 3.5 # version from Ubuntu 16.04 install: @@ -19,6 +21,7 @@ jobs: script: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box + - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte - name: full configuration script: From 129d04169a1a0070b1eced5e3a2ca48366f6d2e9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 22:42:41 +0200 Subject: [PATCH 45/81] Travis: add a build on macOS Just do the default build with Clang and run the unit tests. The objective is to have one build on a Unix-like platform other than Linux. Signed-off-by: Gilles Peskine --- .travis.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.travis.yml b/.travis.yml index 0569909255e8..eefb2552d880 100644 --- a/.travis.yml +++ b/.travis.yml @@ -32,6 +32,12 @@ jobs: - tests/scripts/test-ref-configs.pl - tests/scripts/all.sh -k 'test_depends_*' 'build_key_exchanges' + - name: macOS + os: osx + compiler: clang + script: + - tests/scripts/all.sh -k test_default_out_of_box + after_failure: - tests/scripts/travis-log-failure.sh From af387e0ce1b347a75a0956d0d77aa3f083b805d3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 00:33:13 +0200 Subject: [PATCH 46/81] check-files: support Windows .bat files Signed-off-by: Gilles Peskine --- tests/scripts/check-files.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py index 7474ac798cb8..e8abd751e736 100755 --- a/tests/scripts/check-files.py +++ b/tests/scripts/check-files.py @@ -103,7 +103,7 @@ def check_file_for_issue(self, filepath): def is_windows_file(filepath): _root, ext = os.path.splitext(filepath) - return ext in ('.dsp', '.sln', '.vcxproj') + return ext in ('.bat', '.dsp', '.sln', '.vcxproj') class PermissionIssueTracker(FileIssueTracker): @@ -224,6 +224,7 @@ def __init__(self, log_file): self.logger = None self.setup_logger(log_file) self.extensions_to_check = ( + ".bat", ".c", ".data", ".dsp", From a4a8f047181444adeffeb14392710ddb0de5c332 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 00:33:28 +0200 Subject: [PATCH 47/81] Add a simple build script for Windows with Visual Studio Keep it simple and mostly non-parametrizable for now. A path to Visual Studio 2017 is hard-coded. Signed-off-by: Gilles Peskine --- scripts/windows_msbuild.bat | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 scripts/windows_msbuild.bat diff --git a/scripts/windows_msbuild.bat b/scripts/windows_msbuild.bat new file mode 100644 index 000000000000..e41993101d0c --- /dev/null +++ b/scripts/windows_msbuild.bat @@ -0,0 +1,20 @@ +@rem Build and test Mbed TLS with Visual Studio using msbuild. +@rem Usage: windows_msbuild [RETARGET] +@rem RETARGET: version of Visual Studio to emulate +@rem https://docs.microsoft.com/en-us/cpp/build/how-to-modify-the-target-framework-and-platform-toolset + +@rem These parameters are hard-coded for now. +set "arch=x64" & @rem "x86" or "x64" +set "cfg=Release" & @rem "Debug" or "Release" +set "vcvarsall=C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\VC\Auxiliary\Build\vcvarsall.bat" + +if not "%~1"=="" set "retarget=,PlatformToolset=%1" + +@rem If the %USERPROFILE%\Source directory exists, then running +@rem vcvarsall.bat will silently change the directory to that directory. +@rem Setting the VSCMD_START_DIR environment variable causes it to change +@rem to that directory instead. +set "VSCMD_START_DIR=%~dp0\..\visualc\VS2010" + +"%vcvarsall%" x64 && ^ +msbuild /t:Rebuild /p:Configuration=%cfg%%retarget% /m mbedTLS.sln From 040251001b614253267c2a2cdd688d00cfb35ed5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 25 Apr 2020 23:25:10 +0200 Subject: [PATCH 48/81] Travis: add a build with Visual Studio on Windows Travis now offers a Windows environment. Do a build with Visual Studio. This brings diversity into the Travis CI which otherwise only uses GCC and Clang. Signed-off-by: Gilles Peskine --- .travis.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.travis.yml b/.travis.yml index eefb2552d880..057875abc655 100644 --- a/.travis.yml +++ b/.travis.yml @@ -38,6 +38,11 @@ jobs: script: - tests/scripts/all.sh -k test_default_out_of_box + - name: Windows + os: windows + script: + - scripts/windows_msbuild.bat + after_failure: - tests/scripts/travis-log-failure.sh From 23d249a99eb41b27e9dd7cbc84f6a2904a7998e7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 13:12:55 +0200 Subject: [PATCH 49/81] Travis: Windows: target Visual Studio 2017 Only the Visual Studio 2017 toolset is currently preinstalled on Travis. Use this, instead of our solution's default which is VS 2010. Signed-off-by: Gilles Peskine --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 057875abc655..ac997b097a79 100644 --- a/.travis.yml +++ b/.travis.yml @@ -41,7 +41,7 @@ jobs: - name: Windows os: windows script: - - scripts/windows_msbuild.bat + - scripts/windows_msbuild.bat v141 # Visual Studio 2017 after_failure: - tests/scripts/travis-log-failure.sh From b97a04483724452f59deaca8fe8c07172aa9839b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 14:09:09 +0200 Subject: [PATCH 50/81] Travis: Windows: install Python 3 and run generate_psa_constants.py Travis Windows machines currently don't have Python 3 preinstalled. We need it to run scripts/generate_psa_constants.py which is needed to build mbedTLS.sln. Signed-off-by: Gilles Peskine --- .travis.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.travis.yml b/.travis.yml index ac997b097a79..2d59ec9f37ed 100644 --- a/.travis.yml +++ b/.travis.yml @@ -40,7 +40,16 @@ jobs: - name: Windows os: windows + before_install: + - choco install python --version=3.5.4 + env: + # Add the directory where the Choco package goes + - PATH=/c/Python35:/c/Python35/Scripts:$PATH script: + - type python; python --version + - python scripts/generate_psa_constants.py + # Logs appear out of sequence on Windows. Give time to catch up. + - sleep 5 - scripts/windows_msbuild.bat v141 # Visual Studio 2017 after_failure: From 10cb160000c89ec131ca62f4e0f928041cdca362 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 21:26:42 +0200 Subject: [PATCH 51/81] Travis: rebalance the Linux builds Make the running time more even. Signed-off-by: Gilles Peskine --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 2d59ec9f37ed..a059ea8f45ed 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,7 @@ cache: ccache jobs: include: - - name: basic checks + - name: basic checks and reference configurations addons: apt: packages: @@ -21,15 +21,15 @@ jobs: script: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box - - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte + - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte # baremetal + - tests/scripts/test-ref-configs.pl - name: full configuration script: - tests/scripts/all.sh -k test_full_cmake_gcc_asan - - name: enumerated configurations + - name: check compilation guards script: - - tests/scripts/test-ref-configs.pl - tests/scripts/all.sh -k 'test_depends_*' 'build_key_exchanges' - name: macOS From e150c77969755d59dcd78a8518a0e2dde6a95d6b Mon Sep 17 00:00:00 2001 From: Carlos Gomes Martinho Date: Tue, 21 Apr 2020 22:15:01 +0200 Subject: [PATCH 52/81] build: readd unsafe build to show #warnings in CI Signed-off-by: Carlos Gomes Martinho --- CMakeLists.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3dd2270f6dbc..88145f238e40 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -175,6 +175,11 @@ if(MBEDTLS_FATAL_WARNINGS) if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") + if(UNSAFE_BUILD) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp") + set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp") + set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp") + endif(UNSAFE_BUILD) endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) endif(MBEDTLS_FATAL_WARNINGS) From 8386ea22b26f300aa3946a62f883abcfd8017740 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Apr 2020 09:07:29 +0200 Subject: [PATCH 53/81] all.sh: explain the testing around deprecated features Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4a142c7dfa27..a06dc1b61769 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -898,6 +898,8 @@ component_test_full_cmake_clang () { } component_test_default_no_deprecated () { + # Test that removing the deprecated features from the default + # configuration leaves something consistent. msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s scripts/config.py set MBEDTLS_DEPRECATED_REMOVED make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' @@ -915,7 +917,10 @@ component_test_full_no_deprecated () { make test } -component_test_full_no_deprecated_warning () { +component_test_full_no_deprecated_deprecated_warning () { + # Test that there is nothing deprecated in "full_no_deprecated". + # A deprecated feature would trigger a warning (made fatal) from + # MBEDTLS_DEPRECATED_WARNING. msg "build: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 30s scripts/config.py full_no_deprecated scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED @@ -926,14 +931,18 @@ component_test_full_no_deprecated_warning () { make test } -component_test_deprecated () { +component_test_full_deprecated_warning () { + # Test that when MBEDTLS_DEPRECATED_WARNING is enabled, the build passes + # with only certain whitelisted types of warnings. msg "build: make, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s scripts/config.py full scripts/config.py set MBEDTLS_DEPRECATED_WARNING # Expect warnings from '#warning' directives in check_config.h. make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs - msg "build: make tests, full config + MBEDTLS_TEST_DEPRECATED, expect warnings" # ~ 30s + msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s + # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features. + # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. # Expect warnings from '#warning' directives in check_config.h and # from the use of deprecated functions in test suites. make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests From 6d06134e9318ae1949faabc0a39e7a526d28198c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Apr 2020 18:19:32 +0200 Subject: [PATCH 54/81] Rename --arm-gcc-prefix to --arm-none-eabi-gcc-prefix This is supposed to be for GCC (or a compiler with a compatible command line interface) targeting arm-none-eabi, so name it accordingly. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6f473bdcd82f..2a4bf8b7cf98 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -138,7 +138,7 @@ pre_initialize_variables () { : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} - : ${ARM_GCC_PREFIX:=arm-none-eabi-} + : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -z "${MAKEFLAGS+set}" ]; then @@ -204,8 +204,9 @@ General options: -k|--keep-going Run all tests and report errors at the end. -m|--memory Additional optional memory tests. --append-outcome Append to the outcome file (if used). - --arm-gcc-prefix= Prefix for gcc as a cross-compiler for arm - (default: "${ARM_GCC_PREFIX}") + --arm-none-eabi-gcc-prefix= + Prefix for a cross-compiler for arm-none-eabi + (default: "${ARM_NONE_EABI_GCC_PREFIX}") --armcc Run ARM Compiler builds (on by default). --except Exclude the COMPONENTs listed on the command line, instead of running only those. @@ -338,7 +339,7 @@ pre_parse_command_line () { while [ $# -gt 0 ]; do case "$1" in --append-outcome) append_outcome=1;; - --arm-gcc-prefix) shift; ARM_GCC_PREFIX="$1";; + --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; @@ -551,7 +552,7 @@ pre_check_tools () { esac case " $RUN_COMPONENTS " in - *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_GCC_PREFIX}gcc";; + *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_NONE_EABI_GCC_PREFIX}gcc";; esac case " $RUN_COMPONENTS " in @@ -1576,36 +1577,36 @@ component_test_no_64bit_multiplication () { } component_build_arm_none_eabi_gcc () { - msg "build: ${ARM_GCC_PREFIX}gcc, make" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc, make" # ~ 10s scripts/config.py baremetal - make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" LD="${ARM_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib + make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib } component_build_arm_none_eabi_gcc_arm5vte () { - msg "build: ${ARM_GCC_PREFIX}gcc -march=arm5vte, make" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte, make" # ~ 10s scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. # It would be better to build with arm-linux-gnueabi-gcc but # we don't have that on our CI at this time. - make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib + make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib } component_build_arm_none_eabi_gcc_no_udbl_division () { - msg "build: ${ARM_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s scripts/config.py baremetal scripts/config.py set MBEDTLS_NO_UDBL_DIVISION - make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" LD="${ARM_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib + make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib echo "Checking that software 64-bit division is not required" if_build_succeeded not grep __aeabi_uldiv library/*.o } component_build_arm_none_eabi_gcc_no_64bit_multiplication () { - msg "build: ${ARM_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s scripts/config.py baremetal scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION - make CC="${ARM_GCC_PREFIX}gcc" AR="${ARM_GCC_PREFIX}ar" LD="${ARM_GCC_PREFIX}ld" CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib + make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib echo "Checking that software 64-bit multiplication is not required" if_build_succeeded not grep __aeabi_lmul library/*.o } From 6537588d76c02b0f027ff25dba93e90bf54ce038 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Apr 2020 22:54:00 +0200 Subject: [PATCH 55/81] all.sh: build_arm_none_eabi_gcc: do optimize Otherwise the bignum assembly code is not used. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2a4bf8b7cf98..284ea1f0d0f7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1579,7 +1579,7 @@ component_test_no_64bit_multiplication () { component_build_arm_none_eabi_gcc () { msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc, make" # ~ 10s scripts/config.py baremetal - make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib + make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -O1' lib } component_build_arm_none_eabi_gcc_arm5vte () { From 6e2fb86c1e30746b77fbc2dbae4cf9fda050145a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Apr 2020 23:00:53 +0200 Subject: [PATCH 56/81] all.sh: add a Cortex-M0+ build It's pretty fast and adds a little variety. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 284ea1f0d0f7..df003b43c718 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1593,6 +1593,12 @@ component_build_arm_none_eabi_gcc_arm5vte () { make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib } +component_build_arm_none_eabi_gcc_m0plus () { + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus" # ~ 10s + scripts/config.py baremetal + make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib +} + component_build_arm_none_eabi_gcc_no_udbl_division () { msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s scripts/config.py baremetal From 18487f62d8c47b1b94f67501bd048041df12ffdf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Apr 2020 23:11:54 +0200 Subject: [PATCH 57/81] all.sh: on arm builds (GCC or Arm Compiler), show the code size Just show the code size in the logs, for human consumption. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index df003b43c718..f5e0a87568c3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -299,9 +299,13 @@ armc6_build_test() { FLAGS="$1" - msg "build: ARM Compiler 6 ($FLAGS), make" + msg "build: ARM Compiler 6 ($FLAGS)" ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ WARNING_CFLAGS='-xc -std=c99' make lib + + msg "size: ARM Compiler 6 ($FLAGS)" + "$ARMC6_FROMELF" -z library/*.o + make clean } @@ -567,9 +571,12 @@ pre_check_tools () { *_armcc*) ARMC5_CC="$ARMC5_BIN_DIR/armcc" ARMC5_AR="$ARMC5_BIN_DIR/armar" + ARMC5_FROMELF="$ARMC5_BIN_DIR/fromelf" ARMC6_CC="$ARMC6_BIN_DIR/armclang" ARMC6_AR="$ARMC6_BIN_DIR/armar" - check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";; + ARMC6_FROMELF="$ARMC6_BIN_DIR/fromelf" + check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC5_FROMELF" \ + "$ARMC6_CC" "$ARMC6_AR" "$ARMC6_FROMELF";; esac msg "info: output_env.sh" @@ -1577,13 +1584,16 @@ component_test_no_64bit_multiplication () { } component_build_arm_none_eabi_gcc () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc, make" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s scripts/config.py baremetal make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -O1' lib + + msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" + ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } component_build_arm_none_eabi_gcc_arm5vte () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte, make" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). @@ -1591,12 +1601,18 @@ component_build_arm_none_eabi_gcc_arm5vte () { # It would be better to build with arm-linux-gnueabi-gcc but # we don't have that on our CI at this time. make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib + + msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" + ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } component_build_arm_none_eabi_gcc_m0plus () { msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus" # ~ 10s scripts/config.py baremetal make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib + + msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os" + ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } component_build_arm_none_eabi_gcc_no_udbl_division () { @@ -1618,10 +1634,13 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { } component_build_armcc () { - msg "build: ARM Compiler 5, make" + msg "build: ARM Compiler 5" scripts/config.py baremetal - make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib + + msg "size: ARM Compiler 5" + "$ARMC5_FROMELF" -z library/*.o + make clean # ARM Compiler 6 - Target ARMv7-A From 907211da885e8c39027d9c2eedc6732771bd74b2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Apr 2020 23:10:48 +0200 Subject: [PATCH 58/81] Travis: do both a Cortex-A build and a Cortex-M0+ build The Cortex-A build is similar to Debian armel. The Cortex-M0+ is a handy point of comparison for code size. Put that one last so that it's easy to find in the log. Signed-off-by: Gilles Peskine --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index a059ea8f45ed..c67c0cd33ccc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,8 +21,8 @@ jobs: script: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box - - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte # baremetal - tests/scripts/test-ref-configs.pl + - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus - name: full configuration script: From 1bde9cdf71c62ab5317f1936aa2910b6a2572b6c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 5 May 2020 10:17:01 +0100 Subject: [PATCH 59/81] psa: Clear bits in mbedtls_ecc_group_to_psa() Clear bits in mbedtls_ecc_group_to_psa() to avoid static analyzers and possibly compilers from warning that bits may be used uninitialized in certain code paths. For example, if mbedtls_ecc_group_to_psa() were to be inlined in crypto_extra.h, the following compiler warning is likely. In file included from ../include/psa/crypto.h:3774:0, from ../include/mbedtls/pk.h:49, from pk.c:29: pk.c: In function 'mbedtls_pk_wrap_as_opaque': ../include/psa/crypto_struct.h:460:33: error: 'bits' may be used uninitialized in this function [-Werror=maybe-uninitialized] attributes->core.bits = (psa_key_bits_t) bits; ^~~~~~~~~~~~~~~~~~~~~ pk.c:608:12: note: 'bits' was declared here size_t bits; ^~~~ Signed-off-by: Jaeden Amero --- library/psa_crypto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 733a2e46c4dc..0ac62909881b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -420,6 +420,7 @@ psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, *bits = 448; return( PSA_ECC_CURVE_MONTGOMERY ); default: + *bits = 0; return( 0 ); } } From 2f0eb51aae139c8eba3be9d063dc8a7787bd2ae6 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Fri, 24 Apr 2020 15:21:14 +0100 Subject: [PATCH 60/81] psa: Define mbedtls_ecc_group_to_psa() inline On dual world platforms, we want to run the PK module (pk.c) on the NS side so TLS can use PSA APIs via the PK interface. PK currently has a hard dependency on mbedtls_ecc_group_to_psa() which is declared in crypto_extra.h, but only defined in psa_crypto.c, which is only built for the S side. Without this change, dual world platforms get error messages like the following. [Error] @0,0: L6218E: Undefined symbol mbedtls_ecc_group_to_psa (referred from BUILD/LPC55S69_NS/ARM/mbed-os/features/mbedtls/mbed-crypto/src/pk.o) Make mbedtls_ecc_group_to_psa() inline within crypto_extra.h so that it is available to both NS and S world code. Fixes #3300 Signed-off-by: Darryl Green Signed-off-by: Jaeden Amero --- .../inline-mbedtls_gcc_group_to_psa.txt | 4 ++ include/psa/crypto_extra.h | 51 ++++++++++++++++++- library/psa_crypto.c | 50 ------------------ 3 files changed, 53 insertions(+), 52 deletions(-) create mode 100644 ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt diff --git a/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt b/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt new file mode 100644 index 000000000000..d0bd1dc6a9e2 --- /dev/null +++ b/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix potential linker errors on dual world platforms by inlining + mbedtls_gcc_group_to_psa(). This allows the pk.c module to link separately + from psa_crypto.c. Fixes #3300. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index e9fa31189c35..84cc5ab0b97c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -578,8 +578,55 @@ psa_status_t psa_get_key_domain_parameters( * (`PSA_ECC_CURVE_xxx`). * \return \c 0 on failure (\p grpid is not recognized). */ -psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, - size_t *bits ); +static inline psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, + size_t *bits ) +{ + switch( grpid ) + { + case MBEDTLS_ECP_DP_SECP192R1: + *bits = 192; + return( PSA_ECC_CURVE_SECP_R1 ); + case MBEDTLS_ECP_DP_SECP224R1: + *bits = 224; + return( PSA_ECC_CURVE_SECP_R1 ); + case MBEDTLS_ECP_DP_SECP256R1: + *bits = 256; + return( PSA_ECC_CURVE_SECP_R1 ); + case MBEDTLS_ECP_DP_SECP384R1: + *bits = 384; + return( PSA_ECC_CURVE_SECP_R1 ); + case MBEDTLS_ECP_DP_SECP521R1: + *bits = 521; + return( PSA_ECC_CURVE_SECP_R1 ); + case MBEDTLS_ECP_DP_BP256R1: + *bits = 256; + return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); + case MBEDTLS_ECP_DP_BP384R1: + *bits = 384; + return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); + case MBEDTLS_ECP_DP_BP512R1: + *bits = 512; + return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); + case MBEDTLS_ECP_DP_CURVE25519: + *bits = 255; + return( PSA_ECC_CURVE_MONTGOMERY ); + case MBEDTLS_ECP_DP_SECP192K1: + *bits = 192; + return( PSA_ECC_CURVE_SECP_K1 ); + case MBEDTLS_ECP_DP_SECP224K1: + *bits = 224; + return( PSA_ECC_CURVE_SECP_K1 ); + case MBEDTLS_ECP_DP_SECP256K1: + *bits = 256; + return( PSA_ECC_CURVE_SECP_K1 ); + case MBEDTLS_ECP_DP_CURVE448: + *bits = 448; + return( PSA_ECC_CURVE_MONTGOMERY ); + default: + *bits = 0; + return( 0 ); + } +} /** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0ac62909881b..69323184d0fc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -375,56 +375,6 @@ static inline int psa_key_slot_is_external( const psa_key_slot_t *slot ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_ECP_C) -psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, - size_t *bits ) -{ - switch( grpid ) - { - case MBEDTLS_ECP_DP_SECP192R1: - *bits = 192; - return( PSA_ECC_CURVE_SECP_R1 ); - case MBEDTLS_ECP_DP_SECP224R1: - *bits = 224; - return( PSA_ECC_CURVE_SECP_R1 ); - case MBEDTLS_ECP_DP_SECP256R1: - *bits = 256; - return( PSA_ECC_CURVE_SECP_R1 ); - case MBEDTLS_ECP_DP_SECP384R1: - *bits = 384; - return( PSA_ECC_CURVE_SECP_R1 ); - case MBEDTLS_ECP_DP_SECP521R1: - *bits = 521; - return( PSA_ECC_CURVE_SECP_R1 ); - case MBEDTLS_ECP_DP_BP256R1: - *bits = 256; - return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); - case MBEDTLS_ECP_DP_BP384R1: - *bits = 384; - return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); - case MBEDTLS_ECP_DP_BP512R1: - *bits = 512; - return( PSA_ECC_CURVE_BRAINPOOL_P_R1 ); - case MBEDTLS_ECP_DP_CURVE25519: - *bits = 255; - return( PSA_ECC_CURVE_MONTGOMERY ); - case MBEDTLS_ECP_DP_SECP192K1: - *bits = 192; - return( PSA_ECC_CURVE_SECP_K1 ); - case MBEDTLS_ECP_DP_SECP224K1: - *bits = 224; - return( PSA_ECC_CURVE_SECP_K1 ); - case MBEDTLS_ECP_DP_SECP256K1: - *bits = 256; - return( PSA_ECC_CURVE_SECP_K1 ); - case MBEDTLS_ECP_DP_CURVE448: - *bits = 448; - return( PSA_ECC_CURVE_MONTGOMERY ); - default: - *bits = 0; - return( 0 ); - } -} - mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve, size_t byte_length ) { From a85c2b27f381b5b5551f3f33efff8015c709eb84 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 6 May 2020 11:11:39 +0100 Subject: [PATCH 61/81] Update link in contributing guide The link pointed to the website, this information is out of date, the correct place to start discussions is the mailing list. Signed-off-by: Janos Follath --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c1ae452e21c3..7a0d95d0eaeb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -14,7 +14,7 @@ Coding Standards Making a Contribution --------------------- -1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://tls.mbed.org/discussions) around a feature idea or a bug. +1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls) around a feature idea or a bug. 1. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/ARMmbed/mbedtls/tree/development) as a basis. 1. Write a test which shows that the bug was fixed or that the feature works as expected. 1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :) From 1abe8ee55482dd77a8c315fea1803c61113536a7 Mon Sep 17 00:00:00 2001 From: sander-visser Date: Wed, 6 May 2020 21:27:14 +0200 Subject: [PATCH 62/81] Expose SSL HW record acceleration error. Fix issue with variable shadowing. Signed-off-by: sander-visser --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ccfc4bdaa89f..760ba90a5167 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1175,7 +1175,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_init != NULL ) { - int ret = 0; + ret = 0; MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) ); From b8aa2071f600a7c0377dcfc3dfaf673f4617c56a Mon Sep 17 00:00:00 2001 From: sander-visser Date: Wed, 6 May 2020 22:05:13 +0200 Subject: [PATCH 63/81] Scope reduction to enable NULL check to protect dereferencing. Signed-off-by: sander-visser --- library/ssl_tls.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ccfc4bdaa89f..bbbe80f46cc9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6661,14 +6661,6 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *context, */ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) { -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - size_t in_buf_len = ssl->in_buf_len; - size_t out_buf_len = ssl->out_buf_len; -#else - size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; - size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; -#endif - if( ssl == NULL ) return; @@ -6676,6 +6668,12 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) if( ssl->out_buf != NULL ) { +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + size_t out_buf_len = ssl->out_buf_len; +#else + size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; +#endif + mbedtls_platform_zeroize( ssl->out_buf, out_buf_len ); mbedtls_free( ssl->out_buf ); ssl->out_buf = NULL; @@ -6683,6 +6681,12 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) if( ssl->in_buf != NULL ) { +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + size_t in_buf_len = ssl->in_buf_len; +#else + size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; +#endif + mbedtls_platform_zeroize( ssl->in_buf, in_buf_len ); mbedtls_free( ssl->in_buf ); ssl->in_buf = NULL; From c64b72394dd3c7fe8003bcd25720741b378bf339 Mon Sep 17 00:00:00 2001 From: sander-visser Date: Thu, 7 May 2020 20:09:14 +0200 Subject: [PATCH 64/81] Add Changelog entry for #3312 Signed-off-by: sander-visser --- ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt diff --git a/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt b/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt new file mode 100644 index 000000000000..9554aa03cad9 --- /dev/null +++ b/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt @@ -0,0 +1,3 @@ +Bugfix + * Avoid NULL pointer dereferencing if mbedtls_ssl_free() is called with a + NULL pointer argument. Contributed by Sander Visser in #3312. \ No newline at end of file From 3888b03e314ec3dd4697488d50c6830f772b42ff Mon Sep 17 00:00:00 2001 From: sander-visser Date: Wed, 6 May 2020 21:49:46 +0200 Subject: [PATCH 65/81] Add variable initialization to large SSL TLS function. change triggered by false positive reported by Cppcheck 1.89. Signed-off-by: sander-visser --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ccfc4bdaa89f..caaee23258ed 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -863,7 +863,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, unsigned char *key2; unsigned char *mac_enc; unsigned char *mac_dec; - size_t mac_key_len; + size_t mac_key_len = 0; size_t iv_copy_len; unsigned keylen; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; From a65fe0b8cbcf9be3be1ed46e1b8ca42717b8f5c7 Mon Sep 17 00:00:00 2001 From: sander-visser Date: Thu, 7 May 2020 20:37:31 +0200 Subject: [PATCH 66/81] Add changelog entry for #3310. Signed-off-by: sander-visser --- ChangeLog.d/fix-masked-hw-record-init-error.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/fix-masked-hw-record-init-error.txt diff --git a/ChangeLog.d/fix-masked-hw-record-init-error.txt b/ChangeLog.d/fix-masked-hw-record-init-error.txt new file mode 100644 index 000000000000..2ef80daaefba --- /dev/null +++ b/ChangeLog.d/fix-masked-hw-record-init-error.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix issue with a detected HW accelerated record error not being exposed + due to shadowed variable. Contributed by Sander Visser in #3310. From e22da99224050305777add1c74b81092d09c6006 Mon Sep 17 00:00:00 2001 From: Zhai Zhaoxuan Date: Sat, 9 May 2020 23:50:32 +0800 Subject: [PATCH 67/81] Fix typo in program benchmark. Signed-off-by: Zhai Zhaoxuan --- programs/test/benchmark.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 157593066aa1..d76fe34fb18a 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -101,7 +101,7 @@ int main( void ) #define OPTIONS \ "md4, md5, ripemd160, sha1, sha256, sha512,\n" \ "arc4, des3, des, camellia, blowfish, chacha20,\n" \ - "aes_cbc, aes_gcm, aes_ccm, aes_ctx, chachapoly,\n" \ + "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \ "aes_cmac, des3_cmac, poly1305\n" \ "havege, ctr_drbg, hmac_drbg\n" \ "rsa, dhm, ecdsa, ecdh.\n" From 2d2bb1dd044fa4269c1958e6ee8f7024bf7b3ab2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 5 Feb 2020 19:07:18 +0100 Subject: [PATCH 68/81] Define some structure for lifetime values * Lower 8 bits: persistence level * 0: volatile * 1: persistent (default) * 2-127: persistent (reserved for future PSA specifications) * 128-254: persistent (reserved for vendors) * 255: read-only * Upper 24 bits: location indicator * 0: built-in * 1: primary secure element * 2-0x7fffff: reserved for future PSA specifications * 0x800000-0xffffff: vendor-specific Signed-off-by: Gilles Peskine --- include/psa/crypto_types.h | 109 ++++++++++++++++++++++++++++++++++-- include/psa/crypto_values.h | 44 ++++++++++++++- 2 files changed, 147 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index d96c66e5c4a1..2f0f74699e64 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -108,18 +108,117 @@ typedef uint32_t psa_algorithm_t; * The lifetime of a key indicates where it is stored and what system actions * may create and destroy it. * - * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically - * destroyed when the application terminates or on a power reset. + * Lifetime values have the following structure: + * - Bits 0-7 (#PSA_KEY_LIFETIME_GET_PERSISTENCE(\c lifetime)): + * persistence level. This value indicates what device management + * actions can cause it to be destroyed. In particular, it indicates + * whether the key is _volatile_ or _persistent_. + * See ::psa_key_lifetime_persistence_t for more information. + * - Bits 8-31 (#PSA_KEY_LIFETIME_GET_LOCATION(\c lifetime)): + * location indicator. This value indicates where the key is stored + * and where operations on the key are performed. + * See ::psa_key_lifetime_location_t for more information. + * + * Volatile keys are automatically destroyed when the application instance + * terminates or on a power reset of the device. Persistent keys are + * preserved until the application explicitly destroys them or until an + * implementation-specific device management event occurs (for example, + * a factory reset). * - * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said - * to be _persistent_. - * Persistent keys are preserved if the application or the system restarts. * Persistent keys have a key identifier of type #psa_key_id_t. + * This identifier remains valid throughout the lifetime of the key, + * even if the application instance that created the key terminates. * The application can call psa_open_key() to open a persistent key that * it created previously. + * + * This specification defines two basic lifetime values: + * - Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are volatile. + * All implementations should support this lifetime. + * - Keys with the lifetime #PSA_KEY_LIFETIME_PERSISTENT are persistent. + * All implementations that have access to persistent storage with + * appropriate security guarantees should support this lifetime. */ typedef uint32_t psa_key_lifetime_t; +/** Encoding of key persistence levels. + * + * What distinguishes different persistence levels is what device management + * events may cause keys to be destroyed. _Volatile_ keys are destroyed + * by a power reset. Persistent keys may be destroyed by events such as + * a transfer of ownership or a factory reset. What management events + * actually affect persistent keys at different levels is outside the + * scope of the PSA Cryptography specification. + * + * This specification defines the following values of persistence levels: + * - \c 0 = #PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE: volatile key. + * A volatile key is automatically destroyed by the implementation when + * the application instance terminates. In particular, a volatile key + * is automatically destroyed on a power reset of the device. + * - \c 1 = #PSA_KEY_LIFETIME_PERSISTENCE_PRIMARY: + * persistent key with a default lifetime. + * Implementations should support this value if they support persistent + * keys at all. + * Applications should use this value if they have no specific needs that + * are only met by implementation-specific features. + * - \c 2-127: persistent key with a PSA-specified lifetime. + * The PSA Cryptography specification does not define the meaning of these + * values, but other PSA specifications may do so. + * - \c 128-254: persistent key with a vendor-specified lifetime. + * No PSA specification will define the meaning of these values, so + * implementations may choose the meaning freely. + * As a guideline, higher persistence levels should cause a key to survive + * more management events than lower levels. + * - \c 255 = #PSA_KEY_LIFETIME_PERSISTENCE_READ_ONLY: + * read-only or write-once key. + * A key with this persistence level cannot be destroyed. + * Implementations that support such keys may either allow their creation + * through the PSA Cryptography API, preferably only to applications with + * the appropriate privilege, or only expose keys created through + * implementation-specific means such as a factory ROM engraving process. + * Note that keys that are read-only due to policy restrictions + * rather than due to physical limitations should not have this + * persistence levels. + * + * \note Key persistence levels are 8-bit values. Key management + * interfaces operate on lifetimes (type ::psa_key_lifetime_t) which + * encode the persistence as the lower 8 bits of a 32-bit value. + */ +typedef uint8_t psa_key_lifetime_persistence_t; + +/** Encoding of key location indicators. + * + * If an implementation of this API can make calls to external + * cryptoprocessors such as secure elements, the location of a key + * indicates which secure element performs the operations on the key. + * If an implementation offers multiple physical locations for persistent + * storage, the location indicator reflects at which physical location + * the key is stored. + * + * This specification defines the following values of location indicators: + * - \c 0: default location. + * All implementations should support this value. + * The default location typically indicates that the key material is + * used and stored within the same security boundary as the key metadata. + * - \c 1: primary secure element. + * Implementations should support this value if there is a secure element + * attached to the operating environment. + * As a guideline, secure elements may provide higher resistance against + * side channel and physical attacks than the default location, but may + * have restrictions on supported key types, sizes, policies and operations + * and may have different performance characteristics. + * - \c 2-0x7fffff: other locations defined by a PSA specification. + * The PSA Cryptography does not currently assign any meaning to these + * locations, but future versions of this specification or other PSA + * specifications may do so. + * - \c 0x800000-0xffffff: vendor-defined locations. + * No PSA specification will assign a meaning to locations in this range. + * + * \note Key location indicators are 24-bit values. Key management + * interfaces operate on lifetimes (type ::psa_key_lifetime_t) which + * encode the location as the upper 24 bits of a 32-bit value. + */ +typedef uint32_t psa_key_lifetime_location_t; + /** Encoding of identifiers of persistent keys. * * - Applications may freely choose key identifiers in the range diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index baaabff1e0d3..14cae3932d11 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1539,8 +1539,16 @@ * @{ */ -/** A volatile key only exists as long as the handle to it is not closed. +/** The default lifetime for volatile keys. + * + * A volatile key only exists as long as the handle to it is not closed. * The key material is guaranteed to be erased on a power reset. + * + * A key with this lifetime is typically stored in the RAM area of the + * PSA Crypto subsystem. However this is an implementation choice. + * If an implementation stores data about the key in a non-volatile memory, + * it must release all the resources associated with the key and erase the + * key material if the calling application terminates. */ #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) @@ -1555,9 +1563,43 @@ * This lifetime value is the default storage area for the calling * application. Implementations may offer other storage areas designated * by other lifetime values as implementation-specific extensions. + * See ::psa_key_lifetime_location_t for more information. */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE ((psa_key_lifetime_persistence_t)0x00) +#define PSA_KEY_LIFETIME_PERSISTENCE_PRIMARY ((psa_key_lifetime_persistence_t)0x01) +#define PSA_KEY_LIFETIME_PERSISTENCE_READ_ONLY ((psa_key_lifetime_persistence_t)0xff) + +#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ + ((psa_key_lifetime_persistence_t)((lifetime) & 0x000000ff) + +#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ + ((psa_key_lifetime_location_t)((lifetime) >> 8) + +/** Whether a key lifetime indicates that the key is volatile. + * + * A volatile key is automatically destroyed by the implementation when + * the application instance terminates. In particular, a volatile key + * is automatically destroyed on a power reset of the device. + * + * A key that is not volatile is persistent. Persistent keys are + * preserved until the application explicitly destroys them or until an + * implementation-specific device management event occurs (for example, + * a factory reset). + * + * \param lifetime The lifetime value to query (value of type + * ::psa_key_lifetime_t). + * + * \return \c 1 if the key is volatile, otherwise \c 0. + */ +#define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \ + (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ + PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE) + +#define PSA_KEY_LIFETIME_LOCATION_BUILT_IN ((psa_key_lifetime_location_t)0x000000) +#define PSA_KEY_LIFETIME_LOCATION_VENDOR_FLAG ((psa_key_lifetime_location_t)0x800000) + /** The minimum value for a key identifier chosen by the application. */ #define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) From bbb3c1815ab5c5e1ce9d86d05e08bb3f49e47ab3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 May 2020 18:42:06 +0200 Subject: [PATCH 69/81] Shorten type and value names for lifetime parts Drop lifetime_ or LIFETIME_ to make the names shorter. They're still unambiguous. Signed-off-by: Gilles Peskine --- include/psa/crypto_types.h | 14 +++++++------- include/psa/crypto_values.h | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 2f0f74699e64..de72b5944b60 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -113,11 +113,11 @@ typedef uint32_t psa_algorithm_t; * persistence level. This value indicates what device management * actions can cause it to be destroyed. In particular, it indicates * whether the key is _volatile_ or _persistent_. - * See ::psa_key_lifetime_persistence_t for more information. + * See ::psa_key_persistence_t for more information. * - Bits 8-31 (#PSA_KEY_LIFETIME_GET_LOCATION(\c lifetime)): * location indicator. This value indicates where the key is stored * and where operations on the key are performed. - * See ::psa_key_lifetime_location_t for more information. + * See ::psa_key_location_t for more information. * * Volatile keys are automatically destroyed when the application instance * terminates or on a power reset of the device. Persistent keys are @@ -150,11 +150,11 @@ typedef uint32_t psa_key_lifetime_t; * scope of the PSA Cryptography specification. * * This specification defines the following values of persistence levels: - * - \c 0 = #PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE: volatile key. + * - \c 0 = #PSA_KEY_PERSISTENCE_VOLATILE: volatile key. * A volatile key is automatically destroyed by the implementation when * the application instance terminates. In particular, a volatile key * is automatically destroyed on a power reset of the device. - * - \c 1 = #PSA_KEY_LIFETIME_PERSISTENCE_PRIMARY: + * - \c 1 = #PSA_KEY_PERSISTENCE_PRIMARY: * persistent key with a default lifetime. * Implementations should support this value if they support persistent * keys at all. @@ -168,7 +168,7 @@ typedef uint32_t psa_key_lifetime_t; * implementations may choose the meaning freely. * As a guideline, higher persistence levels should cause a key to survive * more management events than lower levels. - * - \c 255 = #PSA_KEY_LIFETIME_PERSISTENCE_READ_ONLY: + * - \c 255 = #PSA_KEY_PERSISTENCE_READ_ONLY: * read-only or write-once key. * A key with this persistence level cannot be destroyed. * Implementations that support such keys may either allow their creation @@ -183,7 +183,7 @@ typedef uint32_t psa_key_lifetime_t; * interfaces operate on lifetimes (type ::psa_key_lifetime_t) which * encode the persistence as the lower 8 bits of a 32-bit value. */ -typedef uint8_t psa_key_lifetime_persistence_t; +typedef uint8_t psa_key_persistence_t; /** Encoding of key location indicators. * @@ -217,7 +217,7 @@ typedef uint8_t psa_key_lifetime_persistence_t; * interfaces operate on lifetimes (type ::psa_key_lifetime_t) which * encode the location as the upper 24 bits of a 32-bit value. */ -typedef uint32_t psa_key_lifetime_location_t; +typedef uint32_t psa_key_location_t; /** Encoding of identifiers of persistent keys. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 14cae3932d11..1d2068b38c2b 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1567,15 +1567,15 @@ */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) -#define PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE ((psa_key_lifetime_persistence_t)0x00) -#define PSA_KEY_LIFETIME_PERSISTENCE_PRIMARY ((psa_key_lifetime_persistence_t)0x01) -#define PSA_KEY_LIFETIME_PERSISTENCE_READ_ONLY ((psa_key_lifetime_persistence_t)0xff) +#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) +#define PSA_KEY_PERSISTENCE_PRIMARY ((psa_key_persistence_t)0x01) +#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ - ((psa_key_lifetime_persistence_t)((lifetime) & 0x000000ff) + ((psa_key_persistence_t)((lifetime) & 0x000000ff) #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ - ((psa_key_lifetime_location_t)((lifetime) >> 8) + ((psa_key_location_t)((lifetime) >> 8) /** Whether a key lifetime indicates that the key is volatile. * @@ -1597,8 +1597,8 @@ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE) -#define PSA_KEY_LIFETIME_LOCATION_BUILT_IN ((psa_key_lifetime_location_t)0x000000) -#define PSA_KEY_LIFETIME_LOCATION_VENDOR_FLAG ((psa_key_lifetime_location_t)0x800000) +#define PSA_KEY_LOCATION_BUILT_IN ((psa_key_location_t)0x000000) +#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) /** The minimum value for a key identifier chosen by the application. */ From 5dcb74f02fd8f2b090abc38df471492200d2dbe4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 May 2020 18:42:44 +0200 Subject: [PATCH 70/81] PSA_KEY_LIFETIME_PERSISTENT is a lifetime, not just a storage area Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 1d2068b38c2b..ded1756e2bd3 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1552,7 +1552,7 @@ */ #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) -/** The default storage area for persistent keys. +/** The default lifetime for persistent keys. * * A persistent key remains in storage until it is explicitly destroyed or * until the corresponding storage area is wiped. This specification does @@ -1563,7 +1563,7 @@ * This lifetime value is the default storage area for the calling * application. Implementations may offer other storage areas designated * by other lifetime values as implementation-specific extensions. - * See ::psa_key_lifetime_location_t for more information. + * See ::psa_key_lifetime_t for more information. */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) From ee04e6995629c094a666ac34e166440380dbb768 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 May 2020 18:52:21 +0200 Subject: [PATCH 71/81] Rename and clarify the default persistent location and persistence Call persistence "default" because that is genuinely the default that applications should use if they don't know better. It's slightly misleading in that the default persistence when you create a key is volatile, not this: "default" is the default persistence for persistent keys, not the default persistence for keys in general. But we haven't found a better name. Introduce the term "primary local storage" to designate the default storage location. Signed-off-by: Gilles Peskine --- include/psa/crypto_types.h | 10 +++++----- include/psa/crypto_values.h | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index de72b5944b60..b4557140900b 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -154,7 +154,7 @@ typedef uint32_t psa_key_lifetime_t; * A volatile key is automatically destroyed by the implementation when * the application instance terminates. In particular, a volatile key * is automatically destroyed on a power reset of the device. - * - \c 1 = #PSA_KEY_PERSISTENCE_PRIMARY: + * - \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT: * persistent key with a default lifetime. * Implementations should support this value if they support persistent * keys at all. @@ -195,15 +195,15 @@ typedef uint8_t psa_key_persistence_t; * the key is stored. * * This specification defines the following values of location indicators: - * - \c 0: default location. + * - \c 0: primary local storage. * All implementations should support this value. - * The default location typically indicates that the key material is - * used and stored within the same security boundary as the key metadata. + * The primary local storage is typically the same storage area that + * contains the key metadata. * - \c 1: primary secure element. * Implementations should support this value if there is a secure element * attached to the operating environment. * As a guideline, secure elements may provide higher resistance against - * side channel and physical attacks than the default location, but may + * side channel and physical attacks than the primary local storage, but may * have restrictions on supported key types, sizes, policies and operations * and may have different performance characteristics. * - \c 2-0x7fffff: other locations defined by a PSA specification. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ded1756e2bd3..48e085c0876e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1568,7 +1568,7 @@ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) -#define PSA_KEY_PERSISTENCE_PRIMARY ((psa_key_persistence_t)0x01) +#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ @@ -1597,7 +1597,7 @@ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE) -#define PSA_KEY_LOCATION_BUILT_IN ((psa_key_location_t)0x000000) +#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) /** The minimum value for a key identifier chosen by the application. From aff1181d671f09315a549f80616b0ae8877f1109 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 May 2020 19:03:10 +0200 Subject: [PATCH 72/81] Document PSA_KEY_PERSISTENCE_xxx and PSA_KEY_LOCATION_xxx Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 48e085c0876e..ee125ab4cc69 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1567,8 +1567,22 @@ */ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +/** The persistence level of volatile keys. + * + * See ::psa_key_persistence_t for more information. + */ #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) + +/** The default persistence level for persistent keys. + * + * See ::psa_key_persistence_t for more information. + */ #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) + +/** A persistence level indicating that a key is never destroyed. + * + * See ::psa_key_persistence_t for more information. + */ #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ @@ -1597,7 +1611,15 @@ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE) +/** The local storage area for persistent keys. + * + * This storage area is available on all systems that can store persistent + * keys without delegating the storage to a third-party cryptoprocessor. + * + * See ::psa_key_location_t for more information. + */ #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) + #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) /** The minimum value for a key identifier chosen by the application. From c4ee2f3a87b3b101e02032228d674e4f48d9cf16 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 May 2020 19:07:18 +0200 Subject: [PATCH 73/81] Define a macro to construct a lifetime from persistence and location Applications need this to combine implementation-specific values of persistence levels and location indicators. Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ee125ab4cc69..ed8471e7b4b5 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1611,6 +1611,18 @@ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE) +/** Construct a lifetime from a persistence level and a location. + * + * \param persistence The persistence level + * (value of type ::psa_key_persistence_t). + * \param location The location indicator + * (value of type ::psa_key_location_t). + * + * \return The constructed lifetime value. + */ +#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \ + ((location) << 8 | (persistence)) + /** The local storage area for persistent keys. * * This storage area is available on all systems that can store persistent From e3871f8ae8ff565b3286a45373c322a4feae9da4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 May 2020 17:32:15 +0200 Subject: [PATCH 74/81] Missing word Co-authored-by: Janos Follath Signed-off-by: Gilles Peskine --- include/psa/crypto_types.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index b4557140900b..41f1bea77f74 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -207,7 +207,7 @@ typedef uint8_t psa_key_persistence_t; * have restrictions on supported key types, sizes, policies and operations * and may have different performance characteristics. * - \c 2-0x7fffff: other locations defined by a PSA specification. - * The PSA Cryptography does not currently assign any meaning to these + * The PSA Cryptography API does not currently assign any meaning to these * locations, but future versions of this specification or other PSA * specifications may do so. * - \c 0x800000-0xffffff: vendor-defined locations. From 4cfa443d2a2ae2ec184b5d44d40bb361f038d0da Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 May 2020 13:44:32 +0200 Subject: [PATCH 75/81] Fix macros Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ed8471e7b4b5..18b2d5ad1378 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1586,10 +1586,10 @@ #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ - ((psa_key_persistence_t)((lifetime) & 0x000000ff) + ((psa_key_persistence_t)((lifetime) & 0x000000ff)) #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ - ((psa_key_location_t)((lifetime) >> 8) + ((psa_key_location_t)((lifetime) >> 8)) /** Whether a key lifetime indicates that the key is volatile. * From 52ac958d6bc45b3adab41d72c810d6b1d1fe849d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 10 May 2020 00:39:18 +0200 Subject: [PATCH 76/81] Update the SE interface to pass a location when registering a driver Now that lifetimes have structures and secure element drivers handle all the lifetimes with a certain location, update driver registration to take a location as argument rather than a lifetime. This commit updates the PSA specification draft. Signed-off-by: Gilles Peskine --- include/psa/crypto_se_driver.h | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 7ac1ed1c41de..869fa3f2714a 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -119,8 +119,10 @@ typedef struct { * \param[in,out] drv_context The driver context structure. * \param[in,out] persistent_data A pointer to the persistent data * that allows writing. - * \param lifetime The lifetime value for which this driver - * is registered. + * \param location The location value for which this driver + * is registered. The driver will be invoked + * for all keys whose lifetime is in this + * location. * * \retval #PSA_SUCCESS * The driver is operational. @@ -132,7 +134,7 @@ typedef struct { */ typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, void *persistent_data, - psa_key_lifetime_t lifetime); + psa_key_location_t location); #if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Mbed Crypto with secure element support enabled defines this type in @@ -1341,17 +1343,19 @@ typedef struct { * after psa_crypto_init(). * * \note Implementations store metadata about keys including the lifetime - * value. Therefore, from one instantiation of the PSA Cryptography + * value, which contains the driver's location indicator. Therefore, + * from one instantiation of the PSA Cryptography * library to the next one, if there is a key in storage with a certain * lifetime value, you must always register the same driver (or an * updated version that communicates with the same secure element) - * with the same lifetime value. + * with the same location value. * - * \param lifetime The lifetime value through which this driver will + * \param location The location value through which this driver will * be exposed to applications. - * The values #PSA_KEY_LIFETIME_VOLATILE and - * #PSA_KEY_LIFETIME_PERSISTENT are reserved and - * may not be used for drivers. Implementations + * This driver will be used for all keys such that + * `location == PSA_KEY_LIFETIME_LOCATION( lifetime )`. + * The value #PSA_KEY_LOCATION_LOCAL_STORAGE is reserved + * and may not be used for drivers. Implementations * may reserve other values. * \param[in] methods The method table of the driver. This structure must * remain valid for as long as the cryptography From 2b04f4683b6727293b042d112ef7125f573accfe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 10 May 2020 00:44:04 +0200 Subject: [PATCH 77/81] Update SE support to pass a location when registering a driver Now that lifetimes have structures and secure element drivers handle all the lifetimes with a certain location, update driver registration to take a location as argument rather than a lifetime. This commit updates the Mbed TLS implementation. Signed-off-by: Gilles Peskine --- library/psa_crypto_se.c | 58 ++++++++++++++++++++--------------------- library/psa_crypto_se.h | 23 ++++++++-------- 2 files changed, 40 insertions(+), 41 deletions(-) diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index b9f186a96d93..087c768f4ba2 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -66,7 +66,7 @@ typedef struct struct psa_se_drv_table_entry_s { - psa_key_lifetime_t lifetime; + psa_key_location_t location; const psa_drv_se_t *methods; union { @@ -81,15 +81,16 @@ psa_se_drv_table_entry_t *psa_get_se_driver_entry( psa_key_lifetime_t lifetime ) { size_t i; - /* In the driver table, lifetime=0 means an entry that isn't used. - * No driver has a lifetime of 0 because it's a reserved value - * (which designates volatile keys). Make sure we never return - * a driver entry for lifetime 0. */ - if( lifetime == 0 ) + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); + /* In the driver table, location=0 means an entry that isn't used. + * No driver has a location of 0 because it's a reserved value + * (which designates transparent keys). Make sure we never return + * a driver entry for location 0. */ + if( location == 0 ) return( NULL ); for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) { - if( driver_table[i].lifetime == lifetime ) + if( driver_table[i].location == location ) return( &driver_table[i] ); } return( NULL ); @@ -129,7 +130,7 @@ static psa_status_t psa_get_se_driver_its_file_uid( const psa_se_drv_table_entry_t *driver, psa_storage_uid_t *uid ) { - if( driver->lifetime > PSA_MAX_SE_LIFETIME ) + if( driver->location > PSA_MAX_SE_LOCATION ) return( PSA_ERROR_NOT_SUPPORTED ); #if SIZE_MAX > UINT32_MAX @@ -139,7 +140,7 @@ static psa_status_t psa_get_se_driver_its_file_uid( #endif /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */ - *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->lifetime; + *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location; return( PSA_SUCCESS ); } @@ -186,12 +187,12 @@ psa_status_t psa_save_se_persistent_data( 0 ) ); } -psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime ) +psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location ) { psa_storage_uid_t uid; - if( lifetime > PSA_MAX_SE_LIFETIME ) + if( location > PSA_MAX_SE_LOCATION ) return( PSA_ERROR_NOT_SUPPORTED ); - uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime; + uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location; return( psa_its_remove( uid ) ); } @@ -202,9 +203,11 @@ psa_status_t psa_find_se_slot_for_key( psa_key_slot_number_t *slot_number ) { psa_status_t status; + psa_key_location_t key_location = + PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) ); - /* If the lifetime is wrong, it's a bug in the library. */ - if( driver->lifetime != psa_get_key_lifetime( attributes ) ) + /* If the location is wrong, it's a bug in the library. */ + if( driver->location != key_location ) return( PSA_ERROR_CORRUPTION_DETECTED ); /* If the driver doesn't support key creation in any way, give up now. */ @@ -278,7 +281,7 @@ psa_status_t psa_init_all_se_drivers( void ) for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) { psa_se_drv_table_entry_t *driver = &driver_table[i]; - if( driver->lifetime == 0 ) + if( driver->location == 0 ) continue; /* skipping unused entry */ const psa_drv_se_t *methods = psa_get_se_driver_methods( driver ); if( methods->p_init != NULL ) @@ -286,7 +289,7 @@ psa_status_t psa_init_all_se_drivers( void ) psa_status_t status = methods->p_init( &driver->u.context, driver->u.internal.persistent_data, - driver->lifetime ); + driver->location ); if( status != PSA_SUCCESS ) return( status ); status = psa_save_se_persistent_data( driver ); @@ -304,7 +307,7 @@ psa_status_t psa_init_all_se_drivers( void ) /****************************************************************/ psa_status_t psa_register_se_driver( - psa_key_lifetime_t lifetime, + psa_key_location_t location, const psa_drv_se_t *methods) { size_t i; @@ -313,33 +316,30 @@ psa_status_t psa_register_se_driver( if( methods->hal_version != PSA_DRV_SE_HAL_VERSION ) return( PSA_ERROR_NOT_SUPPORTED ); /* Driver table entries are 0-initialized. 0 is not a valid driver - * lifetime because it means a volatile key. */ + * location because it means a transparent key. */ #if defined(static_assert) - static_assert( PSA_KEY_LIFETIME_VOLATILE == 0, - "Secure element support requires 0 to mean a volatile key" ); + static_assert( PSA_KEY_LOCATION_LOCAL_STORAGE == 0, + "Secure element support requires 0 to mean a local key" ); #endif - if( lifetime == PSA_KEY_LIFETIME_VOLATILE || - lifetime == PSA_KEY_LIFETIME_PERSISTENT ) - { + if( location == PSA_KEY_LOCATION_LOCAL_STORAGE ) return( PSA_ERROR_INVALID_ARGUMENT ); - } - if( lifetime > PSA_MAX_SE_LIFETIME ) + if( location > PSA_MAX_SE_LOCATION ) return( PSA_ERROR_NOT_SUPPORTED ); for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) { - if( driver_table[i].lifetime == 0 ) + if( driver_table[i].location == 0 ) break; - /* Check that lifetime isn't already in use up to the first free + /* Check that location isn't already in use up to the first free * entry. Since entries are created in order and never deleted, * there can't be a used entry after the first free entry. */ - if( driver_table[i].lifetime == lifetime ) + if( driver_table[i].location == location ) return( PSA_ERROR_ALREADY_EXISTS ); } if( i == PSA_MAX_SE_DRIVERS ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - driver_table[i].lifetime = lifetime; + driver_table[i].location = location; driver_table[i].methods = methods; driver_table[i].u.internal.persistent_data_size = methods->persistent_data_size; diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 86bf7a7b1ac0..c1450656c748 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -31,31 +31,30 @@ #include "psa/crypto.h" #include "psa/crypto_se_driver.h" -/** The maximum lifetime value that this implementation supports +/** The maximum location value that this implementation supports * for a secure element. * * This is not a characteristic that each PSA implementation has, but a * limitation of the current implementation due to the constraints imposed * by storage. See #PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. * - * The minimum lifetime value for a secure element is 2, like on any - * PSA implementation (0=volatile and 1=internal-storage are taken). + * The minimum location value for a secure element is 1, like on any + * PSA implementation (0 means a transparent key). */ -#define PSA_MAX_SE_LIFETIME 255 +#define PSA_MAX_SE_LOCATION 255 /** The base of the range of ITS file identifiers for secure element * driver persistent data. * * We use a slice of the implemenation reserved range 0xffff0000..0xffffffff, * specifically the range 0xfffffe00..0xfffffeff. The length of this range - * drives the value of #PSA_MAX_SE_LIFETIME. - * The identifiers 0xfffffe00 and 0xfffffe01 are actually not used since - * they correspond to #PSA_KEY_LIFETIME_VOLATILE and - * #PSA_KEY_LIFETIME_PERSISTENT which don't have a driver. + * drives the value of #PSA_MAX_SE_LOCATION. The identifier 0xfffffe00 is + * actually not used since it corresponds to #PSA_KEY_LOCATION_LOCAL_STORAGE + * which doesn't have a driver. */ #define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 ) -/** The maximum number of registered secure element driver lifetimes. */ +/** The maximum number of registered secure element driver locations. */ #define PSA_MAX_SE_DRIVERS 4 /** Unregister all secure element drivers. @@ -173,10 +172,10 @@ psa_status_t psa_save_se_persistent_data( * * This is currently only used for testing. * - * \param[in] lifetime The driver lifetime whose persistent data should - * be erased. + * \param[in] location The location identifier for the driver whose + * persistent data is to be erased. */ -psa_status_t psa_destroy_se_persistent_data( psa_key_lifetime_t lifetime ); +psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location ); /** The storage representation of a key whose data is in a secure element. From 344e15b0107a4354f23ead88ecc1069106e60df0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 10 May 2020 00:44:30 +0200 Subject: [PATCH 78/81] Update SE support to pass a location when registering a driver Now that lifetimes have structures and secure element drivers handle all the lifetimes with a certain location, update driver registration to take a location as argument rather than a lifetime. This commit updates the tests. Signed-off-by: Gilles Peskine --- include/psa/crypto_se_driver.h | 2 +- .../test_suite_psa_crypto_se_driver_hal.data | 17 +-- ...st_suite_psa_crypto_se_driver_hal.function | 123 ++++++++++-------- ..._suite_psa_crypto_se_driver_hal_mocks.data | 11 +- ...te_psa_crypto_se_driver_hal_mocks.function | 56 ++++---- 5 files changed, 117 insertions(+), 92 deletions(-) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 869fa3f2714a..0c28579dbd08 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -1380,7 +1380,7 @@ typedef struct { * \return PSA_ERROR_NOT_PERMITTED */ psa_status_t psa_register_se_driver( - psa_key_lifetime_t lifetime, + psa_key_location_t location, const psa_drv_se_t *methods); /**@}*/ diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 0c2411b3409c..55c34266b80a 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -6,14 +6,11 @@ register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS Register SE driver: good, again register_one:2:PSA_DRV_SE_HAL_VERSION:PSA_SUCCESS -Register SE driver: invalid lifetime (0) +Register SE driver: invalid location (0) register_one:0:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT -Register SE driver: invalid lifetime (VOLATILE) -register_one:PSA_KEY_LIFETIME_VOLATILE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT - -Register SE driver: invalid lifetime (PERSISTENT) -register_one:PSA_KEY_LIFETIME_PERSISTENT:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT +Register SE driver: invalid location (local) +register_one:PSA_KEY_LOCATION_LOCAL_STORAGE:PSA_DRV_SE_HAL_VERSION:PSA_ERROR_INVALID_ARGUMENT Register SE driver: invalid version (ancient) register_one:2:0x00000003:PSA_ERROR_NOT_SUPPORTED @@ -121,7 +118,7 @@ Key generation smoke test: HMAC-SHA-256 generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 ) Key registration: smoke test -register_key_smoke_test:MIN_DRIVER_LIFETIME:1:PSA_SUCCESS +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:PSA_SUCCESS Key registration: invalid lifetime (volatile) register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT @@ -130,13 +127,13 @@ Key registration: invalid lifetime (internal storage) register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_INVALID_ARGUMENT Key registration: invalid lifetime (no registered driver) -register_key_smoke_test:MIN_DRIVER_LIFETIME + 1:1:PSA_ERROR_INVALID_ARGUMENT +register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:PSA_ERROR_INVALID_ARGUMENT Key registration: rejected -register_key_smoke_test:MIN_DRIVER_LIFETIME:0:PSA_ERROR_NOT_PERMITTED +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:0:PSA_ERROR_NOT_PERMITTED Key registration: not supported -register_key_smoke_test:MIN_DRIVER_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED +register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED Import-sign-verify: sign in driver, ECDSA depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index b468d5e5c2e4..f95f7e526519 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -18,8 +18,14 @@ /* Test driver helpers */ /****************************************************************/ -/** The minimum valid lifetime value for a secure element driver. */ -#define MIN_DRIVER_LIFETIME 2 +/** The minimum valid location value for a secure element driver. */ +#define MIN_DRIVER_LOCATION 1 + +/** The location and lifetime used for tests that use a single driver. */ +#define TEST_DRIVER_LOCATION 1 +#define TEST_SE_PERSISTENT_LIFETIME \ + ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) ) /** The driver detected a condition that shouldn't happen. * This is probably a bug in the library. */ @@ -547,7 +553,7 @@ static int check_key_attributes( psa_get_key_lifetime( &actual_attributes ); psa_status_t status = psa_get_key_slot_number( &actual_attributes, &actual_slot_number ); - if( lifetime < MIN_DRIVER_LIFETIME ) + if( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) < MIN_DRIVER_LOCATION ) { /* The key is not in a secure element. */ TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); @@ -571,23 +577,23 @@ exit: return( ok ); } -/* Get the file UID corresponding to the specified lifetime. +/* Get the file UID corresponding to the specified location. * If this changes, the storage format version must change. * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c. */ -psa_storage_uid_t file_uid_for_lifetime( psa_key_lifetime_t lifetime ) +psa_storage_uid_t file_uid_for_location( psa_key_location_t location ) { - if( lifetime > PSA_MAX_SE_LIFETIME ) + if( location > PSA_MAX_SE_LOCATION ) return( 0 ); - return( 0xfffffe00 + lifetime ); + return( 0xfffffe00 + location ); } /* Check that the persistent data of a driver has its expected content. */ -static int check_persistent_data( psa_key_lifetime_t lifetime, +static int check_persistent_data( psa_key_location_t location, const void *expected_data, size_t size ) { - psa_storage_uid_t uid = file_uid_for_lifetime( lifetime ); + psa_storage_uid_t uid = file_uid_for_location( location ); struct psa_storage_info_t info; uint8_t *loaded = NULL; int ok = 0; @@ -737,7 +743,7 @@ exit: static void psa_purge_storage( void ) { psa_key_id_t id; - psa_key_lifetime_t lifetime; + psa_key_location_t location; /* The tests may have potentially created key ids from 1 to * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id * 0, which file-based storage uses as a temporary file. */ @@ -746,8 +752,8 @@ static void psa_purge_storage( void ) /* Purge the transaction file. */ psa_crypto_stop_transaction( ); /* Purge driver persistent data. */ - for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ ) - psa_destroy_se_persistent_data( lifetime ); + for( location = 0; location < PSA_MAX_SE_LOCATION; location++ ) + psa_destroy_se_persistent_data( location ); } /* END_HEADER */ @@ -758,7 +764,7 @@ static void psa_purge_storage( void ) */ /* BEGIN_CASE */ -void register_one( int lifetime, int version, int expected_status_arg ) +void register_one( int location, int version, int expected_status_arg ) { psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; @@ -766,7 +772,7 @@ void register_one( int lifetime, int version, int expected_status_arg ) memset( &driver, 0, sizeof( driver ) ); driver.hal_version = version; - TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + TEST_EQUAL( psa_register_se_driver( location, &driver ), expected_status ); PSA_ASSERT( psa_crypto_init( ) ); @@ -780,16 +786,16 @@ exit: void register_twice( int count ) { psa_drv_se_t driver; - psa_key_lifetime_t lifetime; - psa_key_lifetime_t max = MIN_DRIVER_LIFETIME + count; + psa_key_location_t location; + psa_key_location_t max = MIN_DRIVER_LOCATION + count; memset( &driver, 0, sizeof( driver ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ ) - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); - for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ ) - TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + for( location = MIN_DRIVER_LOCATION; location < max; location++ ) + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); + for( location = MIN_DRIVER_LOCATION; location < max; location++ ) + TEST_EQUAL( psa_register_se_driver( location, &driver ), PSA_ERROR_ALREADY_EXISTS ); PSA_ASSERT( psa_crypto_init( ) ); @@ -803,16 +809,16 @@ exit: void register_max( ) { psa_drv_se_t driver; - psa_key_lifetime_t lifetime; - psa_key_lifetime_t max = MIN_DRIVER_LIFETIME + PSA_MAX_SE_DRIVERS; + psa_key_location_t location; + psa_key_location_t max = MIN_DRIVER_LOCATION + PSA_MAX_SE_DRIVERS; memset( &driver, 0, sizeof( driver ) ); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - for( lifetime = MIN_DRIVER_LIFETIME; lifetime < max; lifetime++ ) - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + for( location = MIN_DRIVER_LOCATION; location < max; location++ ) + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + TEST_EQUAL( psa_register_se_driver( location, &driver ), PSA_ERROR_INSUFFICIENT_MEMORY ); PSA_ASSERT( psa_crypto_init( ) ); @@ -827,7 +833,8 @@ void key_creation_import_export( int min_slot, int restart ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -846,7 +853,7 @@ void key_creation_import_export( int min_slot, int restart ) key_management.p_export = ram_export; ram_min_slot = min_slot; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ @@ -857,7 +864,7 @@ void key_creation_import_export( int min_slot, int restart ) PSA_ASSERT( psa_import_key( &attributes, key_material, sizeof( key_material ), &handle ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; @@ -866,9 +873,9 @@ void key_creation_import_export( int min_slot, int restart ) if( restart ) { mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; @@ -894,7 +901,7 @@ void key_creation_import_export( int min_slot, int restart ) PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; @@ -921,7 +928,8 @@ void key_creation_in_chosen_slot( int slot_arg, psa_status_t status; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -937,7 +945,7 @@ void key_creation_in_chosen_slot( int slot_arg, key_management.p_destroy = ram_destroy; key_management.p_export = ram_export; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ @@ -953,7 +961,7 @@ void key_creation_in_chosen_slot( int slot_arg, if( status != PSA_SUCCESS ) goto exit; - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; @@ -962,9 +970,9 @@ void key_creation_in_chosen_slot( int slot_arg, if( restart ) { mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; @@ -980,7 +988,7 @@ void key_creation_in_chosen_slot( int slot_arg, PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &ram_shadow_slot_usage, sizeof( ram_shadow_slot_usage ) ) ) goto exit; @@ -1002,7 +1010,8 @@ void import_key_smoke( int type_arg, int alg_arg, psa_algorithm_t alg = alg_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1016,7 +1025,7 @@ void import_key_smoke( int type_arg, int alg_arg, key_management.p_import = null_import; key_management.p_destroy = null_destroy; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ @@ -1031,7 +1040,7 @@ void import_key_smoke( int type_arg, int alg_arg, PSA_ASSERT( psa_import_key( &attributes, key_material->x, key_material->len, &handle ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; @@ -1041,9 +1050,9 @@ void import_key_smoke( int type_arg, int alg_arg, /* Restart and try again. */ mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; PSA_ASSERT( psa_open_key( id, &handle ) ); @@ -1053,7 +1062,7 @@ void import_key_smoke( int type_arg, int alg_arg, /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; TEST_EQUAL( psa_open_key( id, &handle ), @@ -1073,7 +1082,8 @@ void generate_key_not_supported( int type_arg, int bits_arg ) size_t bits = bits_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1086,7 +1096,7 @@ void generate_key_not_supported( int type_arg, int bits_arg ) key_management.p_allocate = counter_allocate; /* No p_generate method */ - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -1111,7 +1121,8 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_algorithm_t alg = alg_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1125,7 +1136,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) key_management.p_generate = null_generate; key_management.p_destroy = null_destroy; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); /* Create a key. */ @@ -1139,7 +1150,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_set_key_type( &attributes, type ); psa_set_key_bits( &attributes, bits ); PSA_ASSERT( psa_generate_key( &attributes, &handle ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; @@ -1149,9 +1160,9 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) /* Restart and try again. */ mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; PSA_ASSERT( psa_open_key( id, &handle ) ); @@ -1161,7 +1172,7 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) /* We're done. */ PSA_ASSERT( psa_destroy_key( handle ) ); handle = 0; - if( ! check_persistent_data( lifetime, + if( ! check_persistent_data( location, &shadow_counter, sizeof( shadow_counter ) ) ) goto exit; TEST_EQUAL( psa_open_key( id, &handle ), @@ -1190,7 +1201,8 @@ void sign_verify( int flow, psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t drv_handle = 0; /* key managed by the driver */ psa_key_handle_t sw_handle = 0; /* transparent key */ @@ -1229,7 +1241,7 @@ void sign_verify( int flow, } asymmetric.p_verify = ram_verify; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); /* Prepare to create two keys with the same key material: a transparent @@ -1347,6 +1359,7 @@ void register_key_smoke_test( int lifetime_arg, int expected_status_arg ) { psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; @@ -1371,7 +1384,7 @@ void register_key_smoke_test( int lifetime_arg, ( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED ); } - PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LIFETIME, &driver ) ); + PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LOCATION, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -1395,7 +1408,7 @@ void register_key_smoke_test( int lifetime_arg, /* Restart and try again. */ PSA_DONE( ); - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); PSA_ASSERT( psa_open_key( id, &handle ) ); if( ! check_key_attributes( handle, &attributes ) ) diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data index f60bd76021b0..23e035a411b3 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.data @@ -1,11 +1,14 @@ SE init mock test: success -mock_init:2:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:1 +mock_init:1:PSA_SUCCESS:PSA_SUCCESS:PSA_SUCCESS:1 SE init mock test: failure -mock_init:2:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE:1 +mock_init:1:PSA_SUCCESS:PSA_ERROR_HARDWARE_FAILURE:PSA_ERROR_HARDWARE_FAILURE:1 -SE init mock test: invalid lifetime -mock_init:1:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0 +SE init mock test: invalid location (0) +mock_init:0:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0 + +SE init mock test: location not supported (INT_MAX) +mock_init:INT_MAX:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_BAD_STATE:PSA_SUCCESS:0 SE key importing mock test mock_import:PSA_SUCCESS:PSA_SUCCESS:0:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 9f17b84f197e..f6acb07271a0 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -5,10 +5,16 @@ #include "psa_crypto_se.h" #include "psa_crypto_storage.h" +/** The location and lifetime used for tests that use a single driver. */ +#define TEST_DRIVER_LOCATION 1 +#define TEST_SE_PERSISTENT_LIFETIME \ + ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) ) + static struct { uint16_t called; - psa_key_lifetime_t lifetime; + psa_key_location_t location; psa_status_t return_value; } mock_init_data; @@ -84,7 +90,7 @@ static struct static void psa_purge_storage( void ) { psa_key_id_t id; - psa_key_lifetime_t lifetime; + psa_key_location_t location; /* The tests may have potentially created key ids from 1 to * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id * 0, which file-based storage uses as a temporary file. */ @@ -93,8 +99,8 @@ static void psa_purge_storage( void ) /* Purge the transaction file. */ psa_crypto_stop_transaction( ); /* Purge driver persistent data. */ - for( lifetime = 0; lifetime < PSA_MAX_SE_LIFETIME; lifetime++ ) - psa_destroy_se_persistent_data( lifetime ); + for( location = 0; location < PSA_MAX_SE_LOCATION; location++ ) + psa_destroy_se_persistent_data( location ); } static void mock_teardown( void ) @@ -113,13 +119,13 @@ static void mock_teardown( void ) static psa_status_t mock_init( psa_drv_se_context_t *drv_context, void *persistent_data, - psa_key_lifetime_t lifetime ) + psa_key_location_t location ) { (void) drv_context; (void) persistent_data; mock_init_data.called++; - mock_init_data.lifetime = lifetime; + mock_init_data.location = location; return( mock_init_data.return_value ); } @@ -279,13 +285,13 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, */ /* BEGIN_CASE */ -void mock_init( int lifetime_arg, +void mock_init( int location_arg, int expected_register_status_arg, int driver_status_arg, int expected_psa_status_arg, int expected_called ) { - psa_key_lifetime_t lifetime = lifetime_arg; + psa_key_location_t location = location_arg; psa_status_t expected_register_status = expected_register_status_arg; psa_status_t driver_status = driver_status_arg; psa_status_t expected_psa_status = expected_psa_status_arg; @@ -297,7 +303,7 @@ void mock_init( int lifetime_arg, mock_init_data.return_value = driver_status; - TEST_EQUAL( psa_register_se_driver( lifetime, &driver ), + TEST_EQUAL( psa_register_se_driver( location, &driver ), expected_register_status ); psa_crypto_init_called = 1; @@ -305,7 +311,7 @@ void mock_init( int lifetime_arg, TEST_EQUAL( mock_init_data.called, expected_called ); if( expected_called ) - TEST_EQUAL( mock_init_data.lifetime, lifetime ); + TEST_EQUAL( mock_init_data.location, location ); exit: if( psa_crypto_init_called ) @@ -322,7 +328,8 @@ void mock_import( int mock_alloc_return_value, { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -339,7 +346,7 @@ void mock_import( int mock_alloc_return_value, key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -378,7 +385,8 @@ void mock_export( int mock_export_return_value, int expected_result ) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -397,7 +405,7 @@ void mock_export( int mock_export_return_value, int expected_result ) key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -431,7 +439,8 @@ void mock_generate( int mock_alloc_return_value, { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -446,7 +455,7 @@ void mock_generate( int mock_alloc_return_value, key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -485,7 +494,8 @@ void mock_export_public( int mock_export_public_return_value, { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -503,7 +513,7 @@ void mock_export_public( int mock_export_public_return_value, key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -534,7 +544,8 @@ void mock_sign( int mock_sign_return_value, int expected_result ) psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -559,7 +570,7 @@ void mock_sign( int mock_sign_return_value, int expected_result ) driver.asymmetric = &asymmetric; asymmetric.p_sign = mock_sign; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); @@ -594,7 +605,8 @@ void mock_verify( int mock_verify_return_value, int expected_result ) psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; - psa_key_lifetime_t lifetime = 2; + psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); psa_key_id_t id = 1; psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -618,7 +630,7 @@ void mock_verify( int mock_verify_return_value, int expected_result ) driver.asymmetric = &asymmetric; asymmetric.p_verify = mock_verify; - PSA_ASSERT( psa_register_se_driver( lifetime, &driver ) ); + PSA_ASSERT( psa_register_se_driver( location, &driver ) ); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_id( &attributes, id ); From fb79dfef479be0c41ffb934af68bb6ccb28e5f7d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 10 May 2020 00:51:22 +0200 Subject: [PATCH 79/81] Changelog entry noting the behavior change and storage format change Signed-off-by: Gilles Peskine --- ChangeLog.d/psa-lifetime-locations.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/psa-lifetime-locations.txt diff --git a/ChangeLog.d/psa-lifetime-locations.txt b/ChangeLog.d/psa-lifetime-locations.txt new file mode 100644 index 000000000000..6ac02bc61262 --- /dev/null +++ b/ChangeLog.d/psa-lifetime-locations.txt @@ -0,0 +1,8 @@ +Default behavior changes + * In the experimental PSA secure element interface, change the encoding of + key lifetimes to encode a persistence level and the location. Although C + prototypes do not effectively change, code calling + psa_register_se_driver() must be modified to pass the driver's location + instead of the keys' lifetime. If the library is upgraded on an existing + device, keys created with the old lifetime value will not be readable or + removable through Mbed TLS after the upgrade. From 297896e6db74899e68ed9c189ce0f167000c1b87 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 16 Aug 2019 08:15:04 +0200 Subject: [PATCH 80/81] Remove obsolete comment --- programs/test/selftest.c | 1 - 1 file changed, 1 deletion(-) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 43add341200f..869c7b6b1443 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -417,6 +417,5 @@ int main( int argc, char *argv[] ) if( suites_failed > 0) mbedtls_exit( MBEDTLS_EXIT_FAILURE ); - /* return() is here to prevent compiler warnings */ mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); } From b88bb5fd7f2877ba181d985007aa5aa1d31055c7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 11 May 2020 22:13:27 +0200 Subject: [PATCH 81/81] Add changelog entry file Signed-off-by: Gilles Peskine --- ChangeLog.d/unified-exit-in-examples.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/unified-exit-in-examples.txt diff --git a/ChangeLog.d/unified-exit-in-examples.txt b/ChangeLog.d/unified-exit-in-examples.txt new file mode 100644 index 000000000000..3ef9798ad17b --- /dev/null +++ b/ChangeLog.d/unified-exit-in-examples.txt @@ -0,0 +1,4 @@ +Changes + * Unify the example programs termination to call mbedtls_exit() instead of + using a return command. This has been done to enable customization of the + behavior in bare metal environments.