Merge pull request #3169 from gilles-peskine-arm/check-windows-files-2.16
Backport 2.16: Check Windows files for sanity as well
diff --git a/.pylintrc b/.pylintrc
index 168e0b7..08c114a 100644
--- a/.pylintrc
+++ b/.pylintrc
@@ -40,7 +40,27 @@
max-module-lines=2000
[MESSAGES CONTROL]
-disable=
+# * locally-disabled, locally-enabled: If we disable or enable a message
+# locally, it's by design. There's no need to clutter the Pylint output
+# with this information.
+# * logging-format-interpolation: Pylint warns about things like
+# ``log.info('...'.format(...))``. It insists on ``log.info('...', ...)``.
+# This is of minor utility (mainly a performance gain when there are
+# many messages that use formatting and are below the log level).
+# Some versions of Pylint (including 1.8, which is the version on
+# Ubuntu 18.04) only recognize old-style format strings using '%',
+# and complain about something like ``log.info('{}', foo)`` with
+# logging-too-many-args (Pylint supports new-style formatting if
+# declared globally with logging_format_style under [LOGGING] but
+# this requires Pylint >=2.2).
+# * no-else-return: Allow the perfectly reasonable idiom
+# if condition1:
+# return value1
+# else:
+# return value2
+# * unnecessary-pass: If we take the trouble of adding a line with "pass",
+# it's because we think the code is clearer that way.
+disable=locally-disabled,locally-enabled,logging-format-interpolation,no-else-return,unnecessary-pass
[REPORTS]
# Don't diplay statistics. Just the facts.
diff --git a/ChangeLog b/ChangeLog
index 6ec1e7ec..96fa9f3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,10 +1,21 @@
mbed TLS ChangeLog (Sorted per branch, date)
-= mbed TLS x.x.x branch released xxxx-xx-xx
+= mbed TLS 2.16.6 branch released 2020-04-14
+
+Security
+ * Fix side channel in ECC code that allowed an adversary with access to
+ precise enough timing and memory access information (typically an
+ untrusted operating system attacking a secure enclave) to fully recover
+ an ECDSA private key. Found and reported by Alejandro Cabrera Aldaya,
+ Billy Brumley and Cesar Pereida Garcia. CVE-2020-10932
+ * Fix a potentially remotely exploitable buffer overread in a
+ DTLS client when parsing the Hello Verify Request message.
Bugfix
* Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.
+ * Fix a function name in a debug message. Contributed by Ercan Ozturk in
+ #3013.
= mbed TLS 2.16.5 branch released 2020-02-20
diff --git a/Makefile b/Makefile
index 1ae6bd9..0a9640f 100644
--- a/Makefile
+++ b/Makefile
@@ -123,8 +123,10 @@
## Editor navigation files
C_SOURCE_FILES = $(wildcard include/*/*.h library/*.[hc] programs/*/*.[hc] tests/suites/*.function)
+# Exuberant-ctags invocation. Other ctags implementations may require different options.
+CTAGS = ctags --langmap=c:+.h.function -o
tags: $(C_SOURCE_FILES)
- ctags -o $@ $(C_SOURCE_FILES)
+ $(CTAGS) $@ $(C_SOURCE_FILES)
TAGS: $(C_SOURCE_FILES)
etags -o $@ $(C_SOURCE_FILES)
GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index bc55d13..db5bb49 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -24,7 +24,7 @@
*/
/**
- * @mainpage mbed TLS v2.16.5 source code documentation
+ * @mainpage mbed TLS v2.16.6 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index d0b1744..1edc9ce 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -28,7 +28,7 @@
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
-PROJECT_NAME = "mbed TLS v2.16.5"
+PROJECT_NAME = "mbed TLS v2.16.6"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index 8e2ce03..e0a2e7f 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -40,16 +40,16 @@
*/
#define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 16
-#define MBEDTLS_VERSION_PATCH 5
+#define MBEDTLS_VERSION_PATCH 6
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x02100500
-#define MBEDTLS_VERSION_STRING "2.16.5"
-#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.5"
+#define MBEDTLS_VERSION_NUMBER 0x02100600
+#define MBEDTLS_VERSION_STRING "2.16.6"
+#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.6"
#if defined(MBEDTLS_VERSION_C)
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 5c67d5b..93ce7b8 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -165,15 +165,15 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.5 SOVERSION 3)
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.6 SOVERSION 3)
target_link_libraries(mbedcrypto ${libs})
add_library(mbedx509 SHARED ${src_x509})
- set_target_properties(mbedx509 PROPERTIES VERSION 2.16.5 SOVERSION 0)
+ set_target_properties(mbedx509 PROPERTIES VERSION 2.16.6 SOVERSION 0)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.16.5 SOVERSION 12)
+ set_target_properties(mbedtls PROPERTIES VERSION 2.16.6 SOVERSION 12)
target_link_libraries(mbedtls ${libs} mbedx509)
install(TARGETS mbedtls mbedx509 mbedcrypto
diff --git a/library/ecp.c b/library/ecp.c
index 040c20b..725e176 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -1938,6 +1938,20 @@
final_norm:
#endif
+ /*
+ * Knowledge of the jacobian coordinates may leak the last few bits of the
+ * scalar [1], and since our MPI implementation isn't constant-flow,
+ * inversion (used for coordinate normalization) may leak the full value
+ * of its input via side-channels [2].
+ *
+ * [1] https://eprint.iacr.org/2003/191
+ * [2] https://eprint.iacr.org/2020/055
+ *
+ * Avoid the leak by randomizing coordinates before we normalize them.
+ */
+ if( f_rng != 0 )
+ MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) );
+
MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV );
MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) );
@@ -2308,6 +2322,20 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) );
}
+ /*
+ * Knowledge of the projective coordinates may leak the last few bits of the
+ * scalar [1], and since our MPI implementation isn't constant-flow,
+ * inversion (used for coordinate normalization) may leak the full value
+ * of its input via side-channels [2].
+ *
+ * [1] https://eprint.iacr.org/2003/191
+ * [2] https://eprint.iacr.org/2020/055
+ *
+ * Avoid the leak by randomizing coordinates before we normalize them.
+ */
+ if( f_rng != NULL )
+ MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
+
MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
cleanup:
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index afced7a..c5c3af6 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1417,6 +1417,19 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) );
+ /* Check that there is enough room for:
+ * - 2 bytes of version
+ * - 1 byte of cookie_len
+ */
+ if( mbedtls_ssl_hs_hdr_len( ssl ) + 3 > ssl->in_msglen )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1,
+ ( "incoming HelloVerifyRequest message is too short" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+ }
+
/*
* struct {
* ProtocolVersion server_version;
@@ -1445,8 +1458,6 @@
}
cookie_len = *p++;
- MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len );
-
if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len )
{
MBEDTLS_SSL_DEBUG_MSG( 1,
@@ -1455,6 +1466,7 @@
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
+ MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len );
mbedtls_free( ssl->handshake->verify_cookie );
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 9c2e365..176e885 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -514,6 +514,12 @@
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+ /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer
+ * overflow, which is an undefined behavior. */
+ if( *max_pathlen == INT_MAX )
+ return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+ MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+
(*max_pathlen)++;
return( 0 );
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 9c06d07..0835107 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -155,6 +155,16 @@
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
+/* How much space to reserve for the title when printing heap usage results.
+ * Updated manually as the output of the following command:
+ *
+ * sed -n 's/.*[T]IME_PUBLIC.*"\(.*\)",/\1/p' programs/test/benchmark.c |
+ * awk '{print length+2}' | sort -rn | head -n1
+ *
+ * This computes the maximum length of a title +2 (because we appends "/s").
+ * (If the value is too small, the only consequence is poor alignement.) */
+#define TITLE_SPACE 11
+
#define MEMORY_MEASURE_INIT \
size_t max_used, max_blocks, max_bytes; \
size_t prv_used, prv_blocks; \
@@ -163,7 +173,8 @@
#define MEMORY_MEASURE_PRINT( title_len ) \
mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \
- for( ii = 12 - (title_len); ii != 0; ii-- ) mbedtls_printf( " " ); \
+ ii = TITLE_SPACE > (title_len) ? TITLE_SPACE - (title_len) : 1; \
+ while( ii-- ) mbedtls_printf( " " ); \
max_used -= prv_used; \
max_blocks -= prv_blocks; \
max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \
diff --git a/scripts/abi_check.py b/scripts/abi_check.py
index e19f2c0..c2aca50 100755
--- a/scripts/abi_check.py
+++ b/scripts/abi_check.py
@@ -29,7 +29,7 @@
import xml.etree.ElementTree as ET
-class AbiChecker(object):
+class AbiChecker:
"""API and ABI checker."""
def __init__(self, old_version, new_version, configuration):
diff --git a/tests/data_files/server1_pathlen_int_max-1.crt b/tests/data_files/server1_pathlen_int_max-1.crt
new file mode 100644
index 0000000..4944844
--- /dev/null
+++ b/tests/data_files/server1_pathlen_int_max-1.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSDCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o1YwVDASBgNVHRMECzAJAQH/AgR////+MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIs
+Pai9Q1kCpjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG
+9w0BAQUFAAOCAQEAfuvq7FomQTSJmGInVwQjQddgoXpnmCZ97TpVq7jHLCFADowQ
+jeiAsxmD8mwAQqw/By0U2PSmQcS7Vrn7Le0nFKNRYYrtpx5rsTFJzS/tQsgCe0Pf
+zhiBgD1Dhw6PWAPmy+JlvhJF7REmFsM8KHQd0xSvJzB1gLN9FVlnd87C73bdDJZQ
+Zdn977+Sn5anAFGHDWeKo8GYaYGnPBQqkX0Q2EKWR7yrwcKMogOevxELogB0jRj3
+L+nBpz7mO2J6XQ85ip+tLWAGCEHo0omAIQorAoCSqtLiaz47HxOdNK0hnM7V5k8P
+05AVhxDa3WqZ9FmMaDc8j8XqmOgKYVMC4/WS0g==
+-----END CERTIFICATE-----
diff --git a/tests/data_files/server1_pathlen_int_max.crt b/tests/data_files/server1_pathlen_int_max.crt
new file mode 100644
index 0000000..517e0d6
--- /dev/null
+++ b/tests/data_files/server1_pathlen_int_max.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSDCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/
+uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD
+d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf
+CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr
+lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w
+bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB
+o1YwVDASBgNVHRMECzAJAQH/AgR/////MB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIs
+Pai9Q1kCpjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG
+9w0BAQUFAAOCAQEAe5jPPMyWrKYGljJH2uh1gEh7KoYhmGIUfYu5A8Z2ou04yFZh
+LDyWJnkE/qpNaIw3kPuoyGBTtADYzttPvxretUmaMyteOQe8DK/mmr8vl+gb54ZP
+2jUE+R27Jp5GSGfl20LNVTBkKJloSyDaVzPI3ozje2lAsXsil8NTKbVJtfjZ9un+
+mGrpywSV7RpZC2PznGFdqQehwwnOscz0cVeMQqGcMRH3D5Bk2SjVexCaPu47QSyE
+fNm6cATiNHjw/2dg5Aue7e4K+R6le+xY3Qy85Fq/lKDeMmbrJRrNyJ9lblCeihUd
+qhkAEPelpaq5ZRM6cYJQoo0Ak64j4svjOZeF0g==
+-----END CERTIFICATE-----
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index dd8f510..4e49515 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1409,15 +1409,6 @@
unset gdb_disable_aslr
}
-support_check_python_files () {
- # Find the installed version of Pylint. Installed as a distro package this can
- # be pylint3 and as a PEP egg, pylint.
- if type pylint >/dev/null 2>/dev/null || type pylint3 >/dev/null 2>/dev/null; then
- true;
- else
- false;
- fi
-}
component_check_python_files () {
msg "Lint: Python scripts"
record_status tests/scripts/check-python-files.sh
diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py
index dcccf1f..4bc27f0 100755
--- a/tests/scripts/check-files.py
+++ b/tests/scripts/check-files.py
@@ -17,7 +17,7 @@
import sys
-class FileIssueTracker(object):
+class FileIssueTracker:
"""Base class for file-wide issue tracking.
To implement a checker that processes a file as a whole, inherit from
@@ -37,20 +37,31 @@
self.files_with_issues = {}
def should_check_file(self, filepath):
+ """Whether the given file name should be checked.
+
+ Files whose name ends with a string listed in ``self.files_exemptions``
+ will not be checked.
+ """
for files_exemption in self.files_exemptions:
if filepath.endswith(files_exemption):
return False
return True
def check_file_for_issue(self, filepath):
+ """Check the specified file for the issue that this class is for.
+
+ Subclasses must implement this method.
+ """
raise NotImplementedError
def record_issue(self, filepath, line_number):
+ """Record that an issue was found at the specified location."""
if filepath not in self.files_with_issues.keys():
self.files_with_issues[filepath] = []
self.files_with_issues[filepath].append(line_number)
def output_file_issues(self, logger):
+ """Log all the locations where the issue was found."""
if self.files_with_issues.values():
logger.info(self.heading)
for filename, lines in sorted(self.files_with_issues.items()):
@@ -70,6 +81,10 @@
"""
def issue_with_line(self, line, filepath):
+ """Check the specified line for the issue that this class is for.
+
+ Subclasses must implement this method.
+ """
raise NotImplementedError
def check_file_line(self, filepath, line, line_number):
@@ -77,6 +92,10 @@
self.record_issue(filepath, line_number)
def check_file_for_issue(self, filepath):
+ """Check the lines of the specified file.
+
+ Subclasses must implement the ``issue_with_line`` method.
+ """
with open(filepath, "rb") as f:
for i, line in enumerate(iter(f.readline, b"")):
self.check_file_line(filepath, line, i + 1)
@@ -193,7 +212,7 @@
return False
-class IntegrityChecker(object):
+class IntegrityChecker:
"""Sanity-check files under the current directory."""
def __init__(self, log_file):
diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh
index 6b864d2..cd18518 100755
--- a/tests/scripts/check-python-files.sh
+++ b/tests/scripts/check-python-files.sh
@@ -9,15 +9,10 @@
# Run 'pylint' on Python files for programming errors and helps enforcing
# PEP8 coding standards.
-# Find the installed version of Pylint. Installed as a distro package this can
-# be pylint3 and as a PEP egg, pylint. We prefer pylint over pylint3
-if type pylint >/dev/null 2>/dev/null; then
- PYLINT=pylint
-elif type pylint3 >/dev/null 2>/dev/null; then
- PYLINT=pylint3
+if type python3 >/dev/null 2>/dev/null; then
+ PYTHON=python3
else
- echo 'Pylint was not found.'
- exit 1
+ PYTHON=python
fi
-$PYLINT -j 2 scripts/*.py tests/scripts/*.py
+$PYTHON -m pylint -j 2 scripts/*.py tests/scripts/*.py
diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py
index 1fff099..21f816e 100755
--- a/tests/scripts/generate_test_code.py
+++ b/tests/scripts/generate_test_code.py
@@ -208,7 +208,7 @@
pass
-class FileWrapper(io.FileIO, object):
+class FileWrapper(io.FileIO):
"""
This class extends built-in io.FileIO class with attribute line_no,
that indicates line number for the line that is read.
@@ -402,8 +402,7 @@
:param inp_str: Input string with macros delimited by ':'.
:return: list of dependencies
"""
- dependencies = [dep for dep in map(validate_dependency,
- inp_str.split(':'))]
+ dependencies = list(map(validate_dependency, inp_str.split(':')))
return dependencies
diff --git a/tests/scripts/mbedtls_test.py b/tests/scripts/mbedtls_test.py
index 8f24435..709bb1a 100755
--- a/tests/scripts/mbedtls_test.py
+++ b/tests/scripts/mbedtls_test.py
@@ -1,3 +1,5 @@
+#!/usr/bin/env python3
+
# Greentea host test script for Mbed TLS on-target test suite testing.
#
# Copyright (C) 2018, Arm Limited, All Rights Reserved
@@ -46,7 +48,7 @@
pass
-class TestDataParser(object):
+class TestDataParser:
"""
Parses test name, dependencies, test function name and test parameters
from the data file.
@@ -260,7 +262,7 @@
data_bytes += bytearray(dependencies)
data_bytes += bytearray([function_id, len(parameters)])
for typ, param in parameters:
- if typ == 'int' or typ == 'exp':
+ if typ in ('int', 'exp'):
i = int(param, 0)
data_bytes += b'I' if typ == 'int' else b'E'
self.align_32bit(data_bytes)
diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py
index 6d7113e..c8e8c5c 100755
--- a/tests/scripts/test_generate_test_code.py
+++ b/tests/scripts/test_generate_test_code.py
@@ -294,7 +294,7 @@
self.assertEqual(code, expected)
-class StringIOWrapper(StringIO, object):
+class StringIOWrapper(StringIO):
"""
file like class to mock file object in tests.
"""
@@ -1127,9 +1127,8 @@
dhm_selftest:
"""
stream = StringIOWrapper('test_suite_ut.function', data)
- tests = [(name, test_function, dependencies, args)
- for name, test_function, dependencies, args in
- parse_test_data(stream)]
+ # List of (name, function_name, dependencies, args)
+ tests = list(parse_test_data(stream))
test1, test2, test3, test4 = tests
self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
self.assertEqual(test1[1], 'dhm_do_dhm')
@@ -1170,9 +1169,8 @@
"""
stream = StringIOWrapper('test_suite_ut.function', data)
- tests = [(name, function_name, dependencies, args)
- for name, function_name, dependencies, args in
- parse_test_data(stream)]
+ # List of (name, function_name, dependencies, args)
+ tests = list(parse_test_data(stream))
test1, test2 = tests
self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1')
self.assertEqual(test1[1], 'dhm_do_dhm')
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index ccd4d42..278de16 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -229,6 +229,40 @@
mbedtls_exit( 1 ); \
}
+#if defined(__GNUC__)
+/* Test if arg and &(arg)[0] have the same type. This is true if arg is
+ * an array but not if it's a pointer. */
+#define IS_ARRAY_NOT_POINTER( arg ) \
+ ( ! __builtin_types_compatible_p( __typeof__( arg ), \
+ __typeof__( &( arg )[0] ) ) )
+#else
+/* On platforms where we don't know how to implement this check,
+ * omit it. Oh well, a non-portable check is better than nothing. */
+#define IS_ARRAY_NOT_POINTER( arg ) 1
+#endif
+
+/* A compile-time constant with the value 0. If `const_expr` is not a
+ * compile-time constant with a nonzero value, cause a compile-time error. */
+#define STATIC_ASSERT_EXPR( const_expr ) \
+ ( 0 && sizeof( struct { int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) )
+/* Return the scalar value `value` (possibly promoted). This is a compile-time
+ * constant if `value` is. `condition` must be a compile-time constant.
+ * If `condition` is false, arrange to cause a compile-time error. */
+#define STATIC_ASSERT_THEN_RETURN( condition, value ) \
+ ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) )
+
+#define ARRAY_LENGTH_UNSAFE( array ) \
+ ( sizeof( array ) / sizeof( *( array ) ) )
+/** Return the number of elements of a static or stack array.
+ *
+ * \param array A value of array (not pointer) type.
+ *
+ * \return The number of elements of the array.
+ */
+#define ARRAY_LENGTH( array ) \
+ ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \
+ ARRAY_LENGTH_UNSAFE( array ) ) )
+
/*
* 32-bit integer manipulation macros (big endian)
*/
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index 26a7be4..5951e46 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -385,15 +385,16 @@
const char *default_filename = "DATA_FILE";
const char *test_filename = NULL;
const char **test_files = NULL;
- int testfile_count = 0;
+ size_t testfile_count = 0;
int option_verbose = 0;
int function_id = 0;
/* Other Local variables */
int arg_index = 1;
const char *next_arg;
- int testfile_index, ret, i, cnt;
- int total_errors = 0, total_tests = 0, total_skipped = 0;
+ size_t testfile_index, i, cnt;
+ int ret;
+ unsigned total_errors = 0, total_tests = 0, total_skipped = 0;
FILE *file;
char buf[5000];
char *params[50];
@@ -473,8 +474,9 @@
testfile_index < testfile_count;
testfile_index++ )
{
- int unmet_dep_count = 0;
+ size_t unmet_dep_count = 0;
int unmet_dependencies[20];
+ int missing_unmet_dependencies = 0;
test_filename = test_files[ testfile_index ];
@@ -495,6 +497,7 @@
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
}
unmet_dep_count = 0;
+ missing_unmet_dependencies = 0;
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
break;
@@ -520,8 +523,16 @@
int dep_id = strtol( params[i], NULL, 10 );
if( dep_check( dep_id ) != DEPENDENCY_SUPPORTED )
{
- unmet_dependencies[unmet_dep_count] = dep_id;
- unmet_dep_count++;
+ if( unmet_dep_count <
+ ARRAY_LENGTH( unmet_dependencies ) )
+ {
+ unmet_dependencies[unmet_dep_count] = dep_id;
+ unmet_dep_count++;
+ }
+ else
+ {
+ missing_unmet_dependencies = 1;
+ }
}
}
@@ -590,11 +601,14 @@
mbedtls_fprintf( stdout, "%d ",
unmet_dependencies[i] );
}
+ if( missing_unmet_dependencies )
+ mbedtls_fprintf( stdout, "..." );
}
mbedtls_fprintf( stdout, "\n" );
fflush( stdout );
unmet_dep_count = 0;
+ missing_unmet_dependencies = 0;
}
else if( ret == DISPATCH_TEST_SUCCESS )
{
@@ -641,8 +655,8 @@
else
mbedtls_fprintf( stdout, "FAILED" );
- mbedtls_fprintf( stdout, " (%d / %d tests (%d skipped))\n",
- total_tests - total_errors, total_tests, total_skipped );
+ mbedtls_fprintf( stdout, " (%u / %u tests (%u skipped))\n",
+ total_tests - total_errors, total_tests, total_skipped );
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
!defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index f8a2918..54c1220 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compiletime library version
-check_compiletime_version:"2.16.5"
+check_compiletime_version:"2.16.6"
Check runtime library version
-check_runtime_version:"2.16.5"
+check_runtime_version:"2.16.6"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 91f8ac9..2c52d08 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1166,6 +1166,14 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
x509parse_crt:"30819f30819ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA
+X509 Certificate ASN1 (inv extBasicConstraint, pathlen is INT_MAX)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
+x509parse_crt_file:"data_files/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH
+
+X509 Certificate ASN1 (pathlen is INT_MAX-1)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
+x509parse_crt_file:"data_files/server1_pathlen_int_max-1.crt":0
+
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet len mismatch)
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
x509parse_crt:"3081a230819fa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH