AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Changes after code review

Browse Source 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
This commit is contained in:
TRodziewicz 2021-05-25 15:15:57 +02:00
parent caf2ae04b8
commit 062f353804
15 changed files with 29 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
ChangeLog.d/issue4313.txt
View File

@ -1,25 +1,4 @@
Removals Removals
* Remove the following macros: MBEDTLS_CHECK_PARAMS, * Remove the following macros: MBEDTLS_CHECK_PARAMS,
MBEDTLS_CHECK_PARAMS_ASSERT, MBEDTLS_PARAM_FAILED, MBEDTLS_CHECK_PARAMS_ASSERT, MBEDTLS_PARAM_FAILED,
MBEDTLS_PARAM_FAILED_ALT, TEST_INVALID_PARAM, TEST_INVALID_PARAM_RET, MBEDTLS_PARAM_FAILED_ALT. Fixes #4313.
the following macros have been inactivated MBEDTLS_INTERNAL_VALIDATE_RET
and MBEDTLS_INTERNAL_VALIDATE, structures: param_failed_ctx_t,
mbedtls_test_param_failed_location_record_t, functions:
mbedtls_test_param_failed_get_location_record(),
mbedtls_test_param_failed_expect_call(),
mbedtls_test_param_failed_check_expected_call(),
mbedtls_test_param_failed_get_state_buf(),
mbedtls_test_param_failed_reset_state(),
mbedtls_param_failed(). Remove the following functions from all.sh:
component_test_check_params_functionality(),
component_test_check_params_without_platform(),
component_test_check_params_silent().
Remove the following test functions from test_suite_*.function files:
aes_check_params(), aria_invalid_param(), blowfish_invalid_param(),
camellia_invalid_param(), ccm_invalid_param(), chacha20_bad_params(),
chachapoly_bad_params(), cipher_invalid_param_conditional(),
dhm_invalid_params(), ecdh_invalid_param(), ecdsa_invalid_param(),
ecjpake_invalid_param(), ecp_invalid_param(), gcm_invalid_param(),
mpi_invalid_param(), invalid_parameters() (pk), poly1305_bad_params(),
rsa_invalid_param(), sha1_invalid_param(), sha256_invalid_param(),
sha512_invalid_param(). Fixes #4313.

40
docs/3.0-migration-guide.d/remove_mbedtls_check_params_option.md
View File

@ -1,10 +1,11 @@
Remove MBEDTLS_CHECK_PARAMS option Remove MBEDTLS_CHECK_PARAMS option
---------------------------------- ----------------------------------
This change affects the way of how parameters are validated. This change does not affect users who use the default configuration; it only
affects users who enabled that option.
The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enables certain kinds of The option `MBEDTLS_CHECK_PARAMS` (disabled by default) enabled certain kinds
“parameter validation”. It covers two kinds of validations: of “parameter validation”. It covered two kinds of validations:
- In some functions that require a valid pointer, “parameter validation” checks - In some functions that require a valid pointer, “parameter validation” checks
that the pointer is non-null. With the feature disabled, a null pointer is not that the pointer is non-null. With the feature disabled, a null pointer is not
@ -14,34 +15,17 @@ runtime crash. 90% of the uses of the feature are of this kind.
checks that the value is a valid one. With the feature disabled, an invalid checks that the value is a valid one. With the feature disabled, an invalid
value causes a silent default to one of the valid values. value causes a silent default to one of the valid values.
The default reaction to a failed check is to call a function mbedtls_param_failed The default reaction to a failed check was to call a function
which the application must provide. If this function returns, its caller returns `mbedtls_param_failed()` which the application had to provide. If this function
an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`. returned, its caller returned an error `MBEDTLS_ERR_xxx_BAD_INPUT_DATA`.
This feature is only used in some classic (non-PSA) cryptography modules. It is This feature was only used in some classic (non-PSA) cryptography modules. It was
not used in X.509, TLS or in PSA crypto, and it has not been implemented in all not used in X.509, TLS or in PSA crypto, and it was not implemented in all
classic crypto modules. classic crypto modules.
Removal of `MBEDTLS_CHECK_PARAMS` and all dependent features means changing This feature has been removed. The library no longer checks for NULL pointers;
code that does something like this: checks for enum-like arguments will be kept or re-introduced on a case-by-case
``` basis, but their presence will no longer be dependent on a compile-time option.
#if MBEDTLS_CHECK_PARAMS
#define VALIDATE(cond) do {if(cond) return BAD_INPUT_DATA;} while (0)
#else
#define VALIDATE(cond) do {} while (0)
#endif
...
VALIDATE(coin == HEADS || coin == TAILS);
VALIDATE(data != NULL);
if (coin == HEADS) heads();
else tails();
```
to something like this:
```
if (coin == HEADS) heads();
else if (coin == TAILS) tails();
else return BAD_INPUT_DATA;
```
Validation of enum-like values is somewhat useful, but not extremely important, Validation of enum-like values is somewhat useful, but not extremely important,
because the parameters concerned are usually constants in applications. because the parameters concerned are usually constants in applications.

5
library/psa_crypto.c
View File

@ -1021,10 +1021,7 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
/* /*
* As the return error code may not be handled in case of multiple errors, * As the return error code may not be handled in case of multiple errors,
* do our best to report an unexpected lock counter: if available * do our best to report an unexpected lock counter.
* call MBEDTLS_PARAM_FAILED that may terminate execution (if called as
* part of the execution of a test suite this will stop the test suite
* execution).
*/ */
if( slot->lock_count != 1 ) if( slot->lock_count != 1 )
{ {

8
tests/include/test/macros.h
View File

@ -177,14 +177,6 @@
} \ } \
} while( 0 ) } while( 0 )
#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \
do { if( ( TEST ) != ( PARAM_ERR_VALUE ) ) goto exit; } while( 0 )
#define TEST_INVALID_PARAM( TEST ) \
do { TEST; } while( 0 )
#endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */
/** /**
* \brief This macro tests the statement passed to it as a test step or * \brief This macro tests the statement passed to it as a test step or
* individual test in a test case. The macro assumes the test will not fail. * individual test in a test case. The macro assumes the test will not fail.

5
tests/suites/test_suite_aes.function
View File

@ -206,9 +206,6 @@ void aes_crypt_xts_size( int size, int retval )
mbedtls_aes_xts_init( &ctx ); mbedtls_aes_xts_init( &ctx );
memset( data_unit, 0x00, sizeof( data_unit ) ); memset( data_unit, 0x00, sizeof( data_unit ) );
/* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as
* otherwise we wouldn't get to the size check we're interested in. */
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
} }
/* END_CASE */ /* END_CASE */
@ -359,7 +356,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void aes_invalid_mode( ) void aes_invalid_mode( )
{ {
mbedtls_aes_context aes_ctx; mbedtls_aes_context aes_ctx;

2
tests/suites/test_suite_aria.function
View File

@ -23,7 +23,7 @@ void aria_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void aria_invalid_param( ) void aria_invalid_param( )
{ {
mbedtls_aria_context ctx; mbedtls_aria_context ctx;

2
tests/suites/test_suite_blowfish.function
View File

@ -14,7 +14,7 @@ void blowfish_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void blowfish_invalid_param( ) void blowfish_invalid_param( )
{ {
mbedtls_blowfish_context ctx; mbedtls_blowfish_context ctx;

2
tests/suites/test_suite_camellia.function
View File

@ -14,7 +14,7 @@ void camellia_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void camellia_invalid_param( ) void camellia_invalid_param( )
{ {
mbedtls_camellia_context ctx; mbedtls_camellia_context ctx;

2
tests/suites/test_suite_cipher.function
View File

@ -207,7 +207,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void cipher_invalid_param_conditional( ) void cipher_invalid_param_conditional( )
{ {
mbedtls_cipher_context_t valid_ctx; mbedtls_cipher_context_t valid_ctx;

2
tests/suites/test_suite_ecdh.function
View File

@ -50,7 +50,7 @@ void ecdh_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void ecdh_invalid_param( ) void ecdh_invalid_param( )
{ {
mbedtls_ecdh_context ctx; mbedtls_ecdh_context ctx;

2
tests/suites/test_suite_ecjpake.function
View File

@ -98,7 +98,7 @@ cleanup:
* END_DEPENDENCIES * END_DEPENDENCIES
*/ */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void ecjpake_invalid_param( ) void ecjpake_invalid_param( )
{ {
mbedtls_ecjpake_context ctx; mbedtls_ecjpake_context ctx;

2
tests/suites/test_suite_ecp.function
View File

@ -38,7 +38,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void ecp_invalid_param( ) void ecp_invalid_param( )
{ {
mbedtls_ecp_group grp; mbedtls_ecp_group grp;

2
tests/suites/test_suite_gcm.function
View File

@ -181,7 +181,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:NOT_DEFINED */
void gcm_invalid_param( ) void gcm_invalid_param( )
{ {
mbedtls_gcm_context ctx; mbedtls_gcm_context ctx;

3
tests/suites/test_suite_shax.data
View File

@ -1,9 +1,6 @@
SHA-1 - Valid parameters SHA-1 - Valid parameters
sha1_valid_param: sha1_valid_param:
SHA-1 - Invalid parameters
sha1_invalid_param:
# Test the operation of SHA-1 and SHA-2 # Test the operation of SHA-1 and SHA-2
SHA-1 Test Vector NIST CAVS #1 SHA-1 Test Vector NIST CAVS #1
depends_on:MBEDTLS_SHA1_C depends_on:MBEDTLS_SHA1_C

108
tests/suites/test_suite_shax.function
View File

@ -11,46 +11,6 @@ void sha1_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
void sha1_invalid_param( )
{
mbedtls_sha1_context ctx;
unsigned char buf[64] = { 0 };
size_t const buflen = sizeof( buf );
TEST_INVALID_PARAM( mbedtls_sha1_init( NULL ) );
TEST_INVALID_PARAM( mbedtls_sha1_clone( NULL, &ctx ) );
TEST_INVALID_PARAM( mbedtls_sha1_clone( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_starts_ret( NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_update_ret( NULL, buf, buflen ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_update_ret( &ctx, NULL, buflen ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_finish_ret( NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_finish_ret( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_internal_sha1_process( NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_internal_sha1_process( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_ret( NULL, buflen, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA,
mbedtls_sha1_ret( buf, buflen, NULL ) );
exit:
return;
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */
void mbedtls_sha1( data_t * src_str, data_t * hash ) void mbedtls_sha1( data_t * src_str, data_t * hash )
{ {
@ -72,7 +32,7 @@ void sha256_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:NOT_DEFINED */
void sha256_invalid_param( ) void sha256_invalid_param( )
{ {
mbedtls_sha256_context ctx; mbedtls_sha256_context ctx;
@ -81,38 +41,10 @@ void sha256_invalid_param( )
int valid_type = 0; int valid_type = 0;
int invalid_type = 42; int invalid_type = 42;
TEST_INVALID_PARAM( mbedtls_sha256_init( NULL ) ); TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
TEST_INVALID_PARAM( mbedtls_sha256_clone( NULL, &ctx ) );
TEST_INVALID_PARAM( mbedtls_sha256_clone( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_starts_ret( NULL, valid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_starts_ret( &ctx, invalid_type ) ); mbedtls_sha256_starts_ret( &ctx, invalid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_update_ret( NULL, buf, buflen ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_update_ret( &ctx, NULL, buflen ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_finish_ret( NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_finish_ret( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_internal_sha256_process( NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_internal_sha256_process( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_ret( NULL, buflen,
buf, valid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_ret( buf, buflen,
NULL, valid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
mbedtls_sha256_ret( buf, buflen, mbedtls_sha256_ret( buf, buflen,
buf, invalid_type ) ); buf, invalid_type ) );
@ -156,7 +88,7 @@ void sha512_valid_param( )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:NOT_DEFINED */
void sha512_invalid_param( ) void sha512_invalid_param( )
{ {
mbedtls_sha512_context ctx; mbedtls_sha512_context ctx;
@ -165,38 +97,10 @@ void sha512_invalid_param( )
int valid_type = 0; int valid_type = 0;
int invalid_type = 42; int invalid_type = 42;
TEST_INVALID_PARAM( mbedtls_sha512_init( NULL ) ); TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
TEST_INVALID_PARAM( mbedtls_sha512_clone( NULL, &ctx ) );
TEST_INVALID_PARAM( mbedtls_sha512_clone( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_starts_ret( NULL, valid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_starts_ret( &ctx, invalid_type ) ); mbedtls_sha512_starts_ret( &ctx, invalid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_update_ret( NULL, buf, buflen ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_update_ret( &ctx, NULL, buflen ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_finish_ret( NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_finish_ret( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_internal_sha512_process( NULL, buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_internal_sha512_process( &ctx, NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_ret( NULL, buflen,
buf, valid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_ret( buf, buflen,
NULL, valid_type ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
mbedtls_sha512_ret( buf, buflen, mbedtls_sha512_ret( buf, buflen,
buf, invalid_type ) ); buf, invalid_type ) );