AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge 'mbedtls/development' into merge-crypto-development-20190806

Browse Source 
Conflicts and changes:
* Files that do not exist in Mbed Crypto and have changed in Mbed TLS:
  These files should not exist in Mbed Crypto. Keep them deleted.
* tests/data_files/test-ca.server1.db: new file in Mbed TLS, don't create
  it in Mbed Crypto.
* tests/data_files/rsa_pkcs1_1024_clear.pem: do create this file in
  Mbed Crypto. I don't see why it would be kept out.
* tests/data_files/Makefile: don't take any of the changes in sections
  that have been removed in Crypto. Do take in the certificate
  expiration date updates and the extra .crt.der rules (even if Crypto
  doesn't actually use those certificates: removing them would be out
  of scope of the present merge).
* tests/suites/helpers.function: consecutive additions, take
  both (order indifferent).
This commit is contained in:
Gilles Peskine 2019-08-06 19:09:55 +02:00
commit 3963993e2a
6 changed files with 71 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/abi_check.py
View File

@ -107,7 +107,7 @@ class AbiChecker(object):
) )
self.log.debug(worktree_output.decode("utf-8")) self.log.debug(worktree_output.decode("utf-8"))
version.commit = subprocess.check_output( version.commit = subprocess.check_output(
[self.git_command, "rev-parse", worktree_rev], [self.git_command, "rev-parse", "HEAD"],
cwd=git_worktree_path, cwd=git_worktree_path,
stderr=subprocess.STDOUT stderr=subprocess.STDOUT
).decode("ascii").rstrip() ).decode("ascii").rstrip()

24
tests/data_files/Makefile
View File

@ -48,17 +48,19 @@ test-ca.req.sha256: $(test_ca_key_file_rsa)
all_intermediate += test-ca.req.sha256 all_intermediate += test-ca.req.sha256
test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
test-ca.der: test-ca.crt all_final += test-ca.crt
test-ca.crt.der: test-ca.crt
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
all_final += test-ca.crt test-ca.der all_final += test-ca.der
test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
all_final += test-ca-sha1.crt all_final += test-ca-sha1.crt
test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA256 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
all_final += test-ca-sha256.crt all_final += test-ca-sha256.crt
cli_crt_key_file_rsa = cli-rsa.key cli_crt_key_file_rsa = cli-rsa.key
@ -68,10 +70,10 @@ cli-rsa.csr: $(cli_crt_key_file_rsa)
all_intermediate += cli-rsa.csr all_intermediate += cli-rsa.csr
cli-rsa-sha1.crt: cli-rsa.csr cli-rsa-sha1.crt: cli-rsa.csr
$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
cli-rsa-sha256.crt: cli-rsa.csr cli-rsa-sha256.crt: cli-rsa.csr
$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA256 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
all_final += cli-rsa-sha256.crt all_final += cli-rsa-sha256.crt
test_ca_int_rsa1 = test-int-ca.crt test_ca_int_rsa1 = test-int-ca.crt
@ -671,13 +673,15 @@ all_intermediate += server2.req.sha256
# server2* # server2*
server2.crt: server2.req.sha256 server2.crt: server2.req.sha256
$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
all_final += server2.crt
server2.der: server2.crt server2.der: server2.crt
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
all_final += server2.crt server2.der all_final += server2.der
server2-sha256.crt: server2.req.sha256 server2-sha256.crt: server2.req.sha256
$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA256 version=3 output_file=$@ $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
all_final += server2-sha256.crt all_final += server2-sha256.crt

26
tests/data_files/rsa_pkcs1_1024_clear.pem
View File

@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQCvBX05buhPt1/btcKxPH/lplSqiqJHC1Qe4f6wsS0lx5cRUxJJ MIICXAIBAAKBgQDHOJLFw/RwEAhr+BM17PMBHIolD5WCNh6qHpYSVRqs+Ht1Mwtw
4RKWKAQtu7bBINFENSTvTA5uHYlW7rIHevEjSd3u5USDvAbCxhlIzQKyAueWrr2U VzOc2ZXxTUxEN8i+xKA/5GQ80/PJAkM9w3xbjnmqCYSughM3Cr+Fab0qNWJssf7k
06fL+FnCwYGcMky4K5zTTt4mOiq//kcz8HeGnoZg99aDTaU9aQ73mF9rwwIDAQAB rOBCskF8e+SdJxSbLAdrjkM9P2x2OkaaHHANJZ28CMdA/NgCN2L/fev8LQIDAQAB
AoGBAIdL8P/C8qcdFGcd3QFxyVTX/b9QKB5PbZnqDh68+C+qWOe1lf+yk9Gr4X8R AoGBAL2/t6Qf6PDXhH350apaHnYfjcCQ4FEeZQSZj0y0vGylW0mcrbd5hxJM+BDW
CzfEjMDzbDfoTYdmIdMn9ku+CEV9PsQJi6L6CjGfukEcKEHte+gxlqjN+dql0AaU E98h1tVEiHFygrqhEiCRRCROzmDhjlPVymxBXP+Jev4xeV5mvf2PzgwOR8MTdbFo
vDNfxMMiF/4EiLzpy3IC5ZRoserRGQAEd9ssp5f6wZ7aP1jBAkEA4qt2CEG7nTCo dOSI6t9bhpCyp0Ln8eQzGXtuWsH6arJsyJJ9JzCrzeI48sjNAkEA+lgGSPNyWHZW
HSIt4etzgdgiFEB/G5dcu/5OGpRn/ZitvXj2B4Nspb4ZKLnRYNl/1FwS1rUuLJhx E0zdtznvGphYKPMuDUTGzm1gTZ0oes6qjr4OA9rD3NTGHVW1FVLq63leTiqK8sOS
oXTGa0iBEwJBAMWrJ2AhWa59byDDwu6FHkbcES5onijV/Lv5kKme+KkLi7RP02Rn uJduIauW4wJBAMu4214tyhB720BuLH7vD0mCKipzD0cEuAdf3NEel3KZxnHD4AK+
5/wXic62Y6vaM4ZSw8c/ERd0kC6EBWWScJECQQC2zb01T331eaY7SLNkPjU7hImH xeiEfFCstMg5uMCNLkShGjMZ5zNfRIqxfa8CQDJjW0h9r6s8jlCuLQY/I/A/b6c2
d7SLFflOC/wFZ6auWRHVetZAnPdke/liZOm9h+uV4mO3EQuaH5+UrM7Q+vpNAkBx YzOKf1V3UGXu1wH47P10JZADDV86eHHZGWykVuJ0eFXVXEhGsxZybFlcly8CQDet
GV7sN+jSV97PxnKweuY58Qy7mwxznQyAmWjWRKlOP9btkocHehRYPzeQWPdqiuzU Ks7fZsUAhJhkQ+bhAOWPHGUDkx5OrNjfGyNP4AYi/rgi1zsI1l/IrY0C1lmOZO7C
PGLcjA9BdmZQ1yUnWsShAkEAuzLRM+3C4EjUYziLe+nLS+KfS2JQvmA+cONkdQHJ 5u08tkNXBfflRn89KOMCQAwCFgbZqd/VDFyemqwMZAXp+Y1HvGeZI0pr3vBJzO3W
fd3iCk5xvpX9XnF4TiWspLryW+Vziq5Zu/4cmXeBRHorJA== OvIa0KckJ793UjS6Iijfnyy9pWmKJLdKEMe/AtSRDi0=
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

36
tests/suites/helpers.function
View File

@ -187,6 +187,21 @@ typedef enum
} \ } \
while( 0 ) while( 0 )
/**
* \brief This macro tests the expression passed to it and skips the
* running test if it doesn't evaluate to 'true'.
*
* \param TEST The test expression to be tested.
*/
#define TEST_ASSUME( TEST ) \
do { \
if( ! (TEST) ) \
{ \
test_skip( #TEST, __LINE__, __FILE__ ); \
goto exit; \
} \
} while( 0 )
#if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT) #if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT)
/** /**
* \brief This macro tests the statement passed to it as a test step or * \brief This macro tests the statement passed to it as a test step or
@ -372,10 +387,17 @@ typedef enum
/*----------------------------------------------------------------------------*/ /*----------------------------------------------------------------------------*/
/* Global variables */ /* Global variables */
typedef enum
{
TEST_RESULT_SUCCESS = 0,
TEST_RESULT_FAILED,
TEST_RESULT_SKIPPED
} test_result_t;
static struct static struct
{ {
paramfail_test_state_t paramfail_test_state; paramfail_test_state_t paramfail_test_state;
int failed; test_result_t result;
const char *test; const char *test;
const char *filename; const char *filename;
int line_no; int line_no;
@ -411,7 +433,15 @@ jmp_buf jmp_tmp;
void test_fail( const char *test, int line_no, const char* filename ) void test_fail( const char *test, int line_no, const char* filename )
{ {
test_info.failed = 1; test_info.result = TEST_RESULT_FAILED;
test_info.test = test;
test_info.line_no = line_no;
test_info.filename = filename;
}
void test_skip( const char *test, int line_no, const char* filename )
{
test_info.result = TEST_RESULT_SKIPPED;
test_info.test = test; test_info.test = test;
test_info.line_no = line_no; test_info.line_no = line_no;
test_info.filename = filename; test_info.filename = filename;
@ -450,7 +480,7 @@ void mbedtls_param_failed( const char *failure_condition,
/* Record the location of the failure, but not as a failure yet, in case /* Record the location of the failure, but not as a failure yet, in case
* it was part of the test */ * it was part of the test */
test_fail( failure_condition, line, file ); test_fail( failure_condition, line, file );
test_info.failed = 0; test_info.result = TEST_RESULT_SUCCESS;
longjmp( param_fail_jmp, 1 ); longjmp( param_fail_jmp, 1 );
} }

12
tests/suites/host_test.function
View File

@ -498,7 +498,8 @@ int execute_tests( int argc , const char ** argv )
if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
break; break;
mbedtls_fprintf( stdout, "%s%.66s", test_info.failed ? "\n" : "", buf ); mbedtls_fprintf( stdout, "%s%.66s",
test_info.result == TEST_RESULT_FAILED ? "\n" : "", buf );
mbedtls_fprintf( stdout, " " ); mbedtls_fprintf( stdout, " " );
for( i = strlen( buf ) + 1; i < 67; i++ ) for( i = strlen( buf ) + 1; i < 67; i++ )
mbedtls_fprintf( stdout, "." ); mbedtls_fprintf( stdout, "." );
@ -545,7 +546,7 @@ int execute_tests( int argc , const char ** argv )
// If there are no unmet dependencies execute the test // If there are no unmet dependencies execute the test
if( unmet_dep_count == 0 ) if( unmet_dep_count == 0 )
{ {
test_info.failed = 0; test_info.result = TEST_RESULT_SUCCESS;
test_info.paramfail_test_state = PARAMFAIL_TESTSTATE_IDLE; test_info.paramfail_test_state = PARAMFAIL_TESTSTATE_IDLE;
#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
@ -610,10 +611,15 @@ int execute_tests( int argc , const char ** argv )
} }
else if( ret == DISPATCH_TEST_SUCCESS ) else if( ret == DISPATCH_TEST_SUCCESS )
{ {
if( test_info.failed == 0 ) if( test_info.result == TEST_RESULT_SUCCESS )
{ {
mbedtls_fprintf( stdout, "PASS\n" ); mbedtls_fprintf( stdout, "PASS\n" );
} }
else if( test_info.result == TEST_RESULT_SKIPPED )
{
mbedtls_fprintf( stdout, "----\n" );
total_skipped++;
}
else else
{ {
total_errors++; total_errors++;

2
tests/suites/main_test.function
View File

@ -159,7 +159,7 @@ void execute_function_ptr(TestWrapper_t fp, void **params)
else else
{ {
/* Unexpected parameter validation error */ /* Unexpected parameter validation error */
test_info.failed = 1; test_info.result = TEST_RESULT_FAILED;
} }
memset( param_fail_jmp, 0, sizeof(jmp_buf) ); memset( param_fail_jmp, 0, sizeof(jmp_buf) );