Merge pull request #9906 from mpg/rm-conf-curves
[dev] Remove deprecated function mbedtls_ssl_conf_curves()
diff --git a/ChangeLog.d/9892.txt b/ChangeLog.d/9892.txt
new file mode 100644
index 0000000..01d21b6
--- /dev/null
+++ b/ChangeLog.d/9892.txt
@@ -0,0 +1,4 @@
+Removals
+ * Remove deprecated mbedtls_x509write_crt_set_serial(). The function was
+ already deprecated and superseeded by
+ mbedtls_x509write_crt_set_serial_raw().
diff --git a/SECURITY.md b/SECURITY.md
index 9506eb9..4682f7a 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -144,3 +144,22 @@
The Everest variant is only used when `MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED`
configuration option is defined. This option is off by default.
+
+#### Formatting of X.509 certificates and certificate signing requests
+
+When parsing X.509 certificates and certificate signing requests (CSRs),
+Mbed TLS does not check that they are strictly compliant with X.509 and other
+relevant standards. In the case of signed certificates, the signing party is
+assumed to have performed this validation (and the certificate is trusted to
+be correctly formatted as long as the signature is correct).
+Similarly, CSRs are implicitly trusted by Mbed TLS to be standards-compliant.
+
+**Warning!** Mbed TLS must not be used to sign untrusted CSRs unless extra
+validation is performed separately to ensure that they are compliant to the
+relevant specifications. This makes Mbed TLS on its own unsuitable for use in
+a Certificate Authority (CA).
+
+However, Mbed TLS aims to protect against memory corruption and other
+undefined behavior when parsing certificates and CSRs. If a CSR or signed
+certificate causes undefined behavior when it is parsed by Mbed TLS, that
+is considered a security vulnerability.
diff --git a/framework b/framework
index 71171b7..8296a73 160000
--- a/framework
+++ b/framework
@@ -1 +1 @@
-Subproject commit 71171b77f50302206cc87b93bc8bf76f16b6e1c4
+Subproject commit 8296a73ce0cb31fadf411b6929a3201beece37a5
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 491343f..5943cfc 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -943,28 +943,6 @@
*/
void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version);
-#if defined(MBEDTLS_BIGNUM_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
-/**
- * \brief Set the serial number for a Certificate.
- *
- * \deprecated This function is deprecated and will be removed in a
- * future version of the library. Please use
- * mbedtls_x509write_crt_set_serial_raw() instead.
- *
- * \note Even though the MBEDTLS_BIGNUM_C guard looks redundant since
- * X509 depends on PK and PK depends on BIGNUM, this emphasizes
- * a direct dependency between X509 and BIGNUM which is going
- * to be deprecated in the future.
- *
- * \param ctx CRT context to use
- * \param serial serial number to set
- *
- * \return 0 if successful
- */
-int MBEDTLS_DEPRECATED mbedtls_x509write_crt_set_serial(
- mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial);
-#endif // MBEDTLS_BIGNUM_C && !MBEDTLS_DEPRECATED_REMOVED
-
/**
* \brief Set the serial number for a Certificate.
*
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 8bce1cc..4bae0fb 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -92,30 +92,6 @@
return mbedtls_x509_string_to_names(&ctx->issuer, issuer_name);
}
-#if defined(MBEDTLS_BIGNUM_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
-int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx,
- const mbedtls_mpi *serial)
-{
- int ret;
- size_t tmp_len;
-
- /* Ensure that the MPI value fits into the buffer */
- tmp_len = mbedtls_mpi_size(serial);
- if (tmp_len > MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) {
- return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
- }
-
- ctx->serial_len = tmp_len;
-
- ret = mbedtls_mpi_write_binary(serial, ctx->serial, tmp_len);
- if (ret < 0) {
- return ret;
- }
-
- return 0;
-}
-#endif // MBEDTLS_BIGNUM_C && !MBEDTLS_DEPRECATED_REMOVED
-
int mbedtls_x509write_crt_set_serial_raw(mbedtls_x509write_cert *ctx,
unsigned char *serial, size_t serial_len)
{
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index a3b18c6..e8e830d 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -33,41 +33,6 @@
r'.*\b(?:' + r'|'.join(words) + r')\b.*',
re.DOTALL)
- # generate_psa_tests.py generates test cases involving cryptographic
- # mechanisms (key types, families, algorithms) that are declared but
- # not implemented. Until we improve the Python scripts, ignore those
- # test cases in the analysis.
- # https://github.com/Mbed-TLS/mbedtls/issues/9572
- _PSA_MECHANISMS_NOT_IMPLEMENTED = [
- r'CBC_MAC',
- r'DETERMINISTIC_DSA',
- r'DET_DSA',
- r'DSA',
- r'ECC_KEY_PAIR\(BRAINPOOL_P_R1\) (?:160|192|224|320)-bit',
- r'ECC_KEY_PAIR\(SECP_K1\) 225-bit',
- r'ECC_PAIR\(BP_R1\) (?:160|192|224|320)-bit',
- r'ECC_PAIR\(SECP_K1\) 225-bit',
- r'ECC_PUBLIC_KEY\(BRAINPOOL_P_R1\) (?:160|192|224|320)-bit',
- r'ECC_PUBLIC_KEY\(SECP_K1\) 225-bit',
- r'ECC_PUB\(BP_R1\) (?:160|192|224|320)-bit',
- r'ECC_PUB\(SECP_K1\) 225-bit',
- r'ED25519PH',
- r'ED448PH',
- r'PEPPER',
- r'PURE_EDDSA',
- r'SECP_R2',
- r'SECT_K1',
- r'SECT_R1',
- r'SECT_R2',
- r'SHAKE256_512',
- r'SHA_512_224',
- r'SHA_512_256',
- r'TWISTED_EDWARDS',
- r'XTS',
- ]
- PSA_MECHANISM_NOT_IMPLEMENTED_SEARCH_RE = \
- _has_word_re(_PSA_MECHANISMS_NOT_IMPLEMENTED)
-
IGNORED_TESTS = {
'ssl-opt': [
# We don't run ssl-opt.sh with Valgrind on the CI because
@@ -224,18 +189,6 @@
'PSA import DH_PUBLIC_KEY(RFC7919) 2048-bit group not supported',
],
'test_suite_psa_crypto_op_fail.generated': [
- # Ignore mechanisms that are not implemented, except
- # for test cases that assume the mechanism is not supported.
- _has_word_re(_PSA_MECHANISMS_NOT_IMPLEMENTED,
- exclude=(r'.*: !(?:' +
- r'|'.join(_PSA_MECHANISMS_NOT_IMPLEMENTED) +
- r')\b')),
- # Incorrect dependency generation. To be fixed as part of the
- # resolution of https://github.com/Mbed-TLS/mbedtls/issues/9167
- # by forward-porting the commit
- # "PSA test case generation: dependency inference class: operation fail"
- # from https://github.com/Mbed-TLS/mbedtls/pull/9025 .
- re.compile(r'.* with (?:DH|ECC)_(?:KEY_PAIR|PUBLIC_KEY)\(.*'),
# We don't test this unusual, but sensible configuration.
# https://github.com/Mbed-TLS/mbedtls/issues/9592
re.compile(r'.*: !ECDSA but DETERMINISTIC_ECDSA with ECC_.*'),
@@ -243,6 +196,12 @@
# key type disabled. Those dependencies don't really make sense.
# https://github.com/Mbed-TLS/mbedtls/issues/9573
re.compile(r'.* !HMAC with HMAC'),
+ # We don't test with ECDH disabled but the key type enabled.
+ # https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/161
+ re.compile(r'PSA key_agreement.* !ECDH with ECC_KEY_PAIR\(.*'),
+ # We don't test with FFDH disabled but the key type enabled.
+ # https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/160
+ re.compile(r'PSA key_agreement.* !FFDH with DH_KEY_PAIR\(.*'),
],
'test_suite_psa_crypto_op_fail.misc': [
# We don't test this unusual, but sensible configuration.
diff --git a/tests/scripts/components-basic-checks.sh b/tests/scripts/components-basic-checks.sh
index 6266e9f..3ee88a3 100644
--- a/tests/scripts/components-basic-checks.sh
+++ b/tests/scripts/components-basic-checks.sh
@@ -74,65 +74,6 @@
unset opt
}
-component_check_test_dependencies () {
- msg "Check: test case dependencies: legacy vs PSA" # < 1s
- # The purpose of this component is to catch unjustified dependencies on
- # legacy feature macros (MBEDTLS_xxx) in PSA tests. Generally speaking,
- # PSA test should use PSA feature macros (PSA_WANT_xxx, more rarely
- # MBEDTLS_PSA_xxx).
- #
- # Most of the time, use of legacy MBEDTLS_xxx macros are mistakes, which
- # this component is meant to catch. However a few of them are justified,
- # mostly by the absence of a PSA equivalent, so this component includes a
- # list of expected exceptions.
-
- found="check-test-deps-found-$$"
- expected="check-test-deps-expected-$$"
-
- # Find legacy dependencies in PSA tests
- grep 'depends_on' \
- tf-psa-crypto/tests/suites/test_suite_psa*.data \
- tf-psa-crypto/tests/suites/test_suite_psa*.function |
- grep -Eo '!?MBEDTLS_[^: ]*' |
- grep -v -e MBEDTLS_PSA_ -e MBEDTLS_TEST_ |
- sort -u > $found
-
- # Expected ones with justification - keep in sorted order by ASCII table!
- rm -f $expected
- # No PSA equivalent - WANT_KEY_TYPE_AES means all sizes
- echo "!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" >> $expected
- # No PSA equivalent - used to skip decryption tests in PSA-ECB, CBC/XTS/NIST_KW/DES
- echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected
- # MBEDTLS_ASN1_WRITE_C is used by import_rsa_made_up() in test_suite_psa_crypto
- # in order to build a fake RSA key of the wanted size based on
- # PSA_VENDOR_RSA_MAX_KEY_BITS. The legacy module is only used by
- # the test code and that's probably the most convenient way of achieving
- # the test's goal.
- echo "MBEDTLS_ASN1_WRITE_C" >> $expected
- # No PSA equivalent - used in test_suite_psa_crypto to get some "known" size
- # for raw key generation.
- echo "MBEDTLS_CTR_DRBG_MAX_REQUEST" >> $expected
- # No PSA equivalent - we should probably have one in the future.
- echo "MBEDTLS_ECP_RESTARTABLE" >> $expected
- # No PSA equivalent - needed by some init tests
- echo "MBEDTLS_ENTROPY_NV_SEED" >> $expected
- # No PSA equivalent - required to run threaded tests.
- echo "MBEDTLS_THREADING_PTHREAD" >> $expected
-
- # Compare reality with expectation.
- # We want an exact match, to ensure the above list remains up-to-date.
- #
- # The output should be empty. When it's not:
- # - Each '+' line is a macro that was found but not expected. You want to
- # find where that macro occurs, and either replace it with PSA macros, or
- # add it to the exceptions list above with a justification.
- # - Each '-' line is a macro that was expected but not found; it means the
- # exceptions list above should be updated by removing that macro.
- diff -U0 $expected $found
-
- rm $found $expected
-}
-
component_check_doxygen_warnings () {
msg "Check: doxygen warnings (builds the documentation)" # ~ 3s
./framework/scripts/doxygen.sh
diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh
index f3a8d19..d6ad88a 100644
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@@ -116,7 +116,7 @@
./cmake_package
if [[ "$OSTYPE" == linux* ]]; then
PKG_CONFIG_PATH="${build_variant_dir}/mbedtls/pkgconfig" \
- ${root_dir}/tests/scripts/pkgconfig.sh \
+ ${root_dir}/framework/scripts/pkgconfig.sh \
mbedtls mbedx509 mbedcrypto
# These are the EXPECTED package names. Renaming these could break
# consumers of pkg-config, consider carefully.
@@ -137,7 +137,7 @@
./cmake_package
if [[ "$OSTYPE" == linux* ]]; then
PKG_CONFIG_PATH="${build_variant_dir}/tf-psa-crypto/pkgconfig" \
- ${root_dir}/tests/scripts/pkgconfig.sh \
+ ${root_dir}/framework/scripts/pkgconfig.sh \
tfpsacrypto
# This is the EXPECTED package name. Renaming it could break consumers
# of pkg-config, consider carefully.
diff --git a/tests/scripts/pkgconfig.sh b/tests/scripts/pkgconfig.sh
deleted file mode 100755
index 07a73b3..0000000
--- a/tests/scripts/pkgconfig.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh
-#
-# Copyright The Mbed TLS Contributors
-# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
-#
-# Purpose
-#
-# Test pkgconfig files.
-#
-# For each of the build pkg-config files, .pc files, check that
-# they validate and do some basic sanity testing on the output,
-# i.e. that the strings are non-empty.
-#
-# NOTE: This requires the built pc files to be on the pkg-config
-# search path, this can be controlled with env variable
-# PKG_CONFIG_PATH. See man(1) pkg-config for details.
-#
-
-set -e -u
-
-if [ $# -le 0 ]
-then
- echo " [!] No package names specified" >&2
- echo "Usage: $0 <package name 1> <package name 2> ..." >&2
- exit 1
-fi
-
-for pc in "$@"; do
- printf "testing package config file: ${pc} ... "
- pkg-config --validate "${pc}"
- version="$(pkg-config --modversion "${pc}")"
- test -n "$version"
- cflags="$(pkg-config --cflags "${pc}")"
- test -n "$cflags"
- libs="$(pkg-config --libs "${pc}")"
- test -n "$libs"
- printf "passed\n"
-done
-
-exit 0
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index d0fdd8a..d1df9e3 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -471,14 +471,8 @@
mbedtls_x509write_crt_set_version(&crt, ver);
}
-#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
- TEST_ASSERT(mbedtls_mpi_read_binary(&serial_mpi, serial_arg->x,
- serial_arg->len) == 0);
- TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial_mpi) == 0);
-#else
TEST_ASSERT(mbedtls_x509write_crt_set_serial_raw(&crt, serial_arg->x,
serial_arg->len) == 0);
-#endif
TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before,
not_after) == 0);
mbedtls_x509write_crt_set_md_alg(&crt, md_type);
@@ -665,13 +659,6 @@
USE_PSA_INIT();
memset(invalid_serial, 0x01, sizeof(invalid_serial));
-#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
- TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial,
- sizeof(invalid_serial)), 0);
- TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi),
- MBEDTLS_ERR_X509_BAD_INPUT_DATA);
-#endif
-
TEST_EQUAL(mbedtls_x509write_crt_set_serial_raw(&ctx, invalid_serial,
sizeof(invalid_serial)),
MBEDTLS_ERR_X509_BAD_INPUT_DATA);
diff --git a/tf-psa-crypto b/tf-psa-crypto
index c78da5a..1bc29c9 160000
--- a/tf-psa-crypto
+++ b/tf-psa-crypto
@@ -1 +1 @@
-Subproject commit c78da5a1e7fd503685f28b18e17756a38f10444e
+Subproject commit 1bc29c97c99ad40aa9f17b5a873b391454c9c068