Merge pull request #6873 from mpg/fix-derive-key-exercise
Fix test function derive_key_exercise()
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 7751560..ac13275 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1656,9 +1656,11 @@
mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform); /*!< negotiated transform params
* This pointer owns the transform
* it references. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_negotiate); /*!< transform params in negotiation
* This pointer owns the transform
* it references. */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/*! The application data transform in TLS 1.3.
diff --git a/library/aesni.c b/library/aesni.c
index 87d818a..12125c9 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -36,9 +36,11 @@
#include <string.h>
+/* *INDENT-OFF* */
#ifndef asm
#define asm __asm
#endif
+/* *INDENT-ON* */
#if defined(MBEDTLS_HAVE_X86_64)
diff --git a/library/bn_mul.h b/library/bn_mul.h
index 6b8106f..b7e9690 100644
--- a/library/bn_mul.h
+++ b/library/bn_mul.h
@@ -80,6 +80,7 @@
#endif /* bits in mbedtls_mpi_uint */
+/* *INDENT-OFF* */
#if defined(MBEDTLS_HAVE_ASM)
#ifndef asm
@@ -1071,4 +1072,5 @@
#define MULADDC_X8_CORE MULADDC_X4_CORE MULADDC_X4_CORE
#endif /* MULADDC_X8_CORE */
+/* *INDENT-ON* */
#endif /* bn_mul.h */
diff --git a/library/padlock.c b/library/padlock.c
index a128775..81bea1f 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -31,9 +31,11 @@
#include <string.h>
+/* *INDENT-OFF* */
#ifndef asm
#define asm __asm
#endif
+/* *INDENT-ON* */
#if defined(MBEDTLS_HAVE_X86)
diff --git a/library/sha256.c b/library/sha256.c
index 6965820..6e6a58f 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -89,9 +89,11 @@
#include <signal.h>
#include <setjmp.h>
+/* *INDENT-OFF* */
#ifndef asm
#define asm __asm__
#endif
+/* *INDENT-ON* */
static jmp_buf return_from_sigill;
diff --git a/library/sha512.c b/library/sha512.c
index 5de151d..46e3dab 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -104,9 +104,11 @@
#include <signal.h>
#include <setjmp.h>
+/* *INDENT-OFF* */
#ifndef asm
#define asm __asm__
#endif
+/* *INDENT-ON* */
static jmp_buf return_from_sigill;
@@ -297,9 +299,11 @@
# define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process
#endif
+/* *INDENT-OFF* */
#ifndef asm
#define asm __asm__
#endif
+/* *INDENT-ON* */
/* Accelerated SHA-512 implementation originally written by Simon Tatham for PuTTY,
* under the MIT licence; dual-licensed as Apache 2 with his kind permission.
diff --git a/library/ssl_client.c b/library/ssl_client.c
index e838845..92137ba 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -24,15 +24,11 @@
#if defined(MBEDTLS_SSL_CLI_C)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
-#include "mbedtls/platform.h"
-
#include <string.h>
#include "mbedtls/debug.h"
#include "mbedtls/error.h"
-#if defined(MBEDTLS_HAVE_TIME)
-#include "mbedtls/platform_time.h"
-#endif
+#include "mbedtls/platform.h"
#include "ssl_client.h"
#include "ssl_misc.h"
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 8254964..1012b3a 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2073,6 +2073,12 @@
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
+ * Write Signature Algorithm extension
+ */
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
+ const unsigned char *end, size_t *out_len );
+/*
* Parse TLS Signature Algorithm extension
*/
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -2619,10 +2625,6 @@
mbedtls_ssl_protocol_version min_tls_version,
mbedtls_ssl_protocol_version max_tls_version );
-MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
- const unsigned char *end, size_t *out_len );
-
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 753998e..194c326 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5094,7 +5094,9 @@
* data.
*/
MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) );
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
ssl->transform_in = ssl->transform_negotiate;
+#endif
ssl->session_in = ssl->session_negotiate;
#if defined(MBEDTLS_SSL_PROTO_DTLS)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b757613..d25a439 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -965,13 +965,16 @@
static int ssl_handshake_init( mbedtls_ssl_context *ssl )
{
/* Clear old handshake information if present */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->transform_negotiate )
mbedtls_ssl_transform_free( ssl->transform_negotiate );
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
if( ssl->session_negotiate )
mbedtls_ssl_session_free( ssl->session_negotiate );
if( ssl->handshake )
mbedtls_ssl_handshake_free( ssl );
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
/*
* Either the pointers are now NULL or cleared properly and can be freed.
* Now allocate missing structures.
@@ -980,6 +983,7 @@
{
ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) );
}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
if( ssl->session_negotiate == NULL )
{
@@ -998,18 +1002,23 @@
#endif
/* All pointers should exist and can be directly freed without issue */
- if( ssl->handshake == NULL ||
+ if( ssl->handshake == NULL ||
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
ssl->transform_negotiate == NULL ||
- ssl->session_negotiate == NULL )
+#endif
+ ssl->session_negotiate == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) );
mbedtls_free( ssl->handshake );
- mbedtls_free( ssl->transform_negotiate );
- mbedtls_free( ssl->session_negotiate );
-
ssl->handshake = NULL;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ mbedtls_free( ssl->transform_negotiate );
ssl->transform_negotiate = NULL;
+#endif
+
+ mbedtls_free( ssl->session_negotiate );
ssl->session_negotiate = NULL;
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
@@ -1017,9 +1026,12 @@
/* Initialize structures */
mbedtls_ssl_session_init( ssl->session_negotiate );
- mbedtls_ssl_transform_init( ssl->transform_negotiate );
ssl_handshake_params_init( ssl->handshake );
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ mbedtls_ssl_transform_init( ssl->transform_negotiate );
+#endif
+
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_SSL_SRV_C) && \
defined(MBEDTLS_SSL_SESSION_TICKETS)
@@ -3215,12 +3227,14 @@
size_t max_len = MBEDTLS_SSL_IN_CONTENT_LEN;
size_t read_mfl;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
/* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE )
{
return ssl_mfl_code_to_length( ssl->conf->mfl_code );
}
+#endif
/* Check if a smaller max length was negotiated */
if( ssl->session_out != NULL )
@@ -3232,7 +3246,7 @@
}
}
- // During a handshake, use the value being negotiated
+ /* During a handshake, use the value being negotiated */
if( ssl->session_negotiate != NULL )
{
read_mfl = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code );
@@ -3497,12 +3511,15 @@
* // the structure of mbedtls_ssl_session.
*
* uint8_t minor_ver; // Protocol minor version. Possible values:
- * // - TLS 1.2 (3)
+ * // - TLS 1.2 (0x0303)
+ * // - TLS 1.3 (0x0304)
*
* select (serialized_session.tls_version) {
*
* case MBEDTLS_SSL_VERSION_TLS1_2:
* serialized_session_tls12 data;
+ * case MBEDTLS_SSL_VERSION_TLS1_3:
+ * serialized_session_tls13 data;
*
* };
*
@@ -4004,7 +4021,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_abort( &handshake->fin_sha256_psa );
#else
- mbedtls_sha256_free( &handshake->fin_sha256 );
+ mbedtls_sha256_free( &handshake->fin_sha256 );
#endif
#endif
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
@@ -4549,10 +4566,12 @@
/* This has been allocated by ssl_handshake_init(), called by
* by either mbedtls_ssl_session_reset_int() or mbedtls_ssl_setup(). */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
ssl->transform = ssl->transform_negotiate;
ssl->transform_in = ssl->transform;
ssl->transform_out = ssl->transform;
ssl->transform_negotiate = NULL;
+#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
prf_func = ssl_tls12prf_from_cs( ssl->session->ciphersuite );
@@ -4788,11 +4807,14 @@
if( ssl->handshake )
{
mbedtls_ssl_handshake_free( ssl );
- mbedtls_ssl_transform_free( ssl->transform_negotiate );
- mbedtls_ssl_session_free( ssl->session_negotiate );
-
mbedtls_free( ssl->handshake );
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ mbedtls_ssl_transform_free( ssl->transform_negotiate );
mbedtls_free( ssl->transform_negotiate );
+#endif
+
+ mbedtls_ssl_session_free( ssl->session_negotiate );
mbedtls_free( ssl->session_negotiate );
}
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 839b954..08d4924 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -2805,11 +2805,10 @@
switch( ssl->state )
{
- /*
- * ssl->state is initialized as HELLO_REQUEST. It is the same
- * as CLIENT_HELLO state.
- */
case MBEDTLS_SSL_HELLO_REQUEST:
+ mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO );
+ break;
+
case MBEDTLS_SSL_CLIENT_HELLO:
ret = mbedtls_ssl_write_client_hello( ssl );
break;
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 761c00e..0aecb35 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -28,16 +28,14 @@
#include "mbedtls/oid.h"
#include "mbedtls/platform.h"
#include "mbedtls/constant_time.h"
-#include <string.h>
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
#include "ssl_misc.h"
#include "ssl_tls13_invasive.h"
#include "ssl_tls13_keys.h"
#include "ssl_debug_helpers.h"
-#include "psa/crypto.h"
-#include "mbedtls/psa_util.h"
-
const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[
MBEDTLS_SERVER_HELLO_RANDOM_LEN ] =
{ 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 6caae89..685e10b 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -30,16 +30,6 @@
#include "ssl_tls13_keys.h"
#include "ssl_debug_helpers.h"
-#if defined(MBEDTLS_ECP_C)
-#include "mbedtls/ecp.h"
-#endif /* MBEDTLS_ECP_C */
-
-#include "mbedtls/platform.h"
-
-#include "ssl_misc.h"
-#include "ssl_tls13_keys.h"
-#include "ssl_debug_helpers.h"
-
static const mbedtls_ssl_ciphersuite_t *ssl_tls13_validate_peer_ciphersuite(
mbedtls_ssl_context *ssl,
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 1ad2034..8fb0fef 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -61,9 +61,11 @@
#include "mbedtls/error.h"
+/* *INDENT-OFF* */
#ifndef asm
#define asm __asm
#endif
+/* *INDENT-ON* */
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
diff --git a/scripts/code_style.py b/scripts/code_style.py
index 8e82b93..aae3e24 100755
--- a/scripts/code_style.py
+++ b/scripts/code_style.py
@@ -106,8 +106,12 @@
style_correct = True
for src_file in src_file_list:
uncrustify_cmd = [UNCRUSTIFY_EXE] + UNCRUSTIFY_ARGS + [src_file]
- subprocess.run(uncrustify_cmd, stdout=subprocess.PIPE, \
+ result = subprocess.run(uncrustify_cmd, stdout=subprocess.PIPE, \
stderr=subprocess.PIPE, check=False)
+ if result.returncode != 0:
+ print_err("Uncrustify returned " + str(result.returncode) + \
+ " correcting file " + src_file)
+ return False
# Uncrustify makes changes to the code and places the result in a new
# file with the extension ".uncrustify". To get the changes (if any)
@@ -128,22 +132,30 @@
return style_correct
-def fix_style_single_pass(src_file_list: List[str]) -> None:
+def fix_style_single_pass(src_file_list: List[str]) -> bool:
"""
Run Uncrustify once over the source files.
"""
code_change_args = UNCRUSTIFY_ARGS + ["--no-backup"]
for src_file in src_file_list:
uncrustify_cmd = [UNCRUSTIFY_EXE] + code_change_args + [src_file]
- subprocess.run(uncrustify_cmd, check=False, stdout=STDOUT_UTF8, \
- stderr=STDERR_UTF8)
+ result = subprocess.run(uncrustify_cmd, check=False, \
+ stdout=STDOUT_UTF8, stderr=STDERR_UTF8)
+ if result.returncode != 0:
+ print_err("Uncrustify with file returned: " + \
+ str(result.returncode) + " correcting file " + \
+ src_file)
+ return False
+ return True
def fix_style(src_file_list: List[str]) -> int:
"""
Fix the code style. This takes 2 passes of Uncrustify.
"""
- fix_style_single_pass(src_file_list)
- fix_style_single_pass(src_file_list)
+ if not fix_style_single_pass(src_file_list):
+ return 1
+ if not fix_style_single_pass(src_file_list):
+ return 1
# Guard against future changes that cause the codebase to require
# more passes.
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 0d4ce6e..df78c8f 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2090,6 +2090,8 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: no suitable algorithm found" \
"$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \
"$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
@@ -2103,6 +2105,8 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: suitable algorithm found" \
"$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
"$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
@@ -2111,11 +2115,13 @@
-c "key type: Opaque" \
-s "key types: Opaque, Opaque" \
-C "error" \
- -S "error" \
+ -S "error"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: first client sig alg not suitable" \
"$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \
"$P_CLI debug_level=4 sig_algs=rsa_pss_rsae_sha256,rsa_pss_rsae_sha512" \
@@ -2130,6 +2136,8 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_RSA_C
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \
"$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
"$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \