Merge remote-tracking branch 'public/pr/1217' into mbedtls-1.3
* public/pr/1217:
compat.sh: use wait_server_start
wait_server_start: minor efficiency improvement
diff --git a/ChangeLog b/ChangeLog
index 70a003d..7903fc7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@
= mbed TLS 1.3.22 branch released 2017-xx-xx
+Features
+ * Allow comments in test data files.
+
Bugfix
* Fix memory leak in ssl_set_hostname() when called multiple times.
Found by projectgus and jethrogb, #836.
@@ -38,11 +41,14 @@
* Add a check for invalid private parameters in ecdsa_sign.
Reported by Yolan Romailler.
* Fix word size check in in pk.c to not depend on MBEDTLS_HAVE_INT64.
+ * Fix crash when calling mbedtls_ssl_cache_free() twice. Found by
+ MilenkoMitrovic, #1104
Changes
* Extend cert_write example program by options to set the CRT version
and the message digest. Further, allow enabling/disabling of authority
identifier, subject identifier and basic constraints extensions.
+ * Improve makefiles on Windows: don't run find, and call perl explicitly.
= mbed TLS 1.3.21 branch released 2017-08-10
diff --git a/Makefile b/Makefile
index 441d1f9..def9c9a 100644
--- a/Makefile
+++ b/Makefile
@@ -55,11 +55,14 @@
$(MAKE) -C library clean
$(MAKE) -C programs clean
$(MAKE) -C tests clean
- find . \( -name \*.gcno -o -name \*.gcda -o -name *.info \) -exec rm {} +
+ifndef WINDOWS
+ find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} +
+endif
check: tests
$(MAKE) -C tests check
+ifndef WINDOWS
test-ref-configs:
tests/scripts/test-ref-configs.pl
@@ -90,3 +93,4 @@
then \
rm -rf apidoc ; \
fi
+endif
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index 0c2df29..0cad148 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -324,6 +324,8 @@
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &cache->mutex );
#endif
+
+ cache->chain = NULL;
}
#endif /* POLARSSL_SSL_CACHE_C */
diff --git a/tests/Makefile b/tests/Makefile
index 307b7e1..c4ee35d 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -10,6 +10,8 @@
LOCAL_LDFLAGS = -L../library -lmbedtls$(SHARED_SUFFIX)
DLEXT=so
+PERL ?= perl
+
ifndef SHARED
DEP=../library/libmbedtls.a
CHECK_PRELOAD=
@@ -89,103 +91,103 @@
test_suite_aes.ecb.c : suites/test_suite_aes.function suites/test_suite_aes.ecb.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_aes test_suite_aes.ecb
+ $(PERL) scripts/generate_code.pl suites test_suite_aes test_suite_aes.ecb
test_suite_aes.cbc.c : suites/test_suite_aes.function suites/test_suite_aes.cbc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_aes test_suite_aes.cbc
+ $(PERL) scripts/generate_code.pl suites test_suite_aes test_suite_aes.cbc
test_suite_aes.cfb.c : suites/test_suite_aes.function suites/test_suite_aes.cfb.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_aes test_suite_aes.cfb
+ $(PERL) scripts/generate_code.pl suites test_suite_aes test_suite_aes.cfb
test_suite_aes.rest.c : suites/test_suite_aes.function suites/test_suite_aes.rest.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_aes test_suite_aes.rest
+ $(PERL) scripts/generate_code.pl suites test_suite_aes test_suite_aes.rest
test_suite_cipher.aes.c : suites/test_suite_cipher.function suites/test_suite_cipher.aes.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.aes
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.aes
test_suite_cipher.arc4.c : suites/test_suite_cipher.function suites/test_suite_cipher.arc4.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.arc4
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.arc4
test_suite_cipher.ccm.c : suites/test_suite_cipher.function suites/test_suite_cipher.ccm.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.ccm
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.ccm
test_suite_cipher.gcm.c : suites/test_suite_cipher.function suites/test_suite_cipher.gcm.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.gcm
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.gcm
test_suite_cipher.blowfish.c : suites/test_suite_cipher.function suites/test_suite_cipher.blowfish.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.blowfish
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.blowfish
test_suite_cipher.camellia.c : suites/test_suite_cipher.function suites/test_suite_cipher.camellia.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.camellia
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.camellia
test_suite_cipher.des.c : suites/test_suite_cipher.function suites/test_suite_cipher.des.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.des
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.des
test_suite_cipher.null.c : suites/test_suite_cipher.function suites/test_suite_cipher.null.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.null
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.null
test_suite_cipher.padding.c : suites/test_suite_cipher.function suites/test_suite_cipher.padding.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.padding
+ $(PERL) scripts/generate_code.pl suites test_suite_cipher test_suite_cipher.padding
test_suite_gcm.aes128_de.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes128_de.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes128_de
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes128_de
test_suite_gcm.aes192_de.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes192_de.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes192_de
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes192_de
test_suite_gcm.aes256_de.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes256_de.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes256_de
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes256_de
test_suite_gcm.aes128_en.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes128_en.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes128_en
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes128_en
test_suite_gcm.aes192_en.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes192_en.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes192_en
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes192_en
test_suite_gcm.aes256_en.c : suites/test_suite_gcm.function suites/test_suite_gcm.aes256_en.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes256_en
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.aes256_en
test_suite_gcm.camellia.c : suites/test_suite_gcm.function suites/test_suite_gcm.camellia.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia
+ $(PERL) scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia
test_suite_hmac_drbg.misc.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.misc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc
+ $(PERL) scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc
test_suite_hmac_drbg.no_reseed.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.no_reseed.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.no_reseed
+ $(PERL) scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.no_reseed
test_suite_hmac_drbg.nopr.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.nopr.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.nopr
+ $(PERL) scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.nopr
test_suite_hmac_drbg.pr.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.pr.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.pr
+ $(PERL) scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.pr
%.c : suites/%.function suites/%.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
- scripts/generate_code.pl suites $* $*
+ $(PERL) scripts/generate_code.pl suites $* $*
test_suite_aes.ecb$(EXEXT): test_suite_aes.ecb.c $(DEP)
echo " CC $<"
diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl
index 5d7d219..3a8f94f 100755
--- a/tests/scripts/generate_code.pl
+++ b/tests/scripts/generate_code.pl
@@ -1,5 +1,26 @@
#!/usr/bin/env perl
#
+# A test data file consists of a sequence of paragraphs separated by
+# a single empty line. Line breaks may be in Unix (LF) or Windows (CRLF)
+# format. Lines starting with the character '#' are ignored
+# (the parser behaves as if they were not present).
+#
+# Each paragraph describes one test case and must consist of: (1) one
+# line which is the test case name; (2) an optional line starting with
+# the 11-character prefix "depends_on:"; (3) a line containing the test
+# function to execute and its parameters.
+#
+# A depends_on: line consists of a list of compile-time options
+# separated by the character ':', with no whitespace. The test case
+# is executed only if this compilation option is enabled in config.h.
+#
+# The last line of each paragraph contains a test function name and
+# a list of parameters separated by the character ':'. Running the
+# test case calls this function with the specified parameters. Each
+# parameter may either be an integer written in decimal or hexadecimal,
+# or a string surrounded by double quotes which may not contain the
+# ':' character.
+#
use strict;
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index d67d875..5c0b539 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -132,18 +132,31 @@
return( ret );
}
+/** Retrieve one input line into buf, which must have room for len
+ * bytes. The trailing line break (if any) is stripped from the result.
+ * Lines beginning with the character '#' are skipped. Lines that are
+ * more than len-1 bytes long including the trailing line break are
+ * truncated; note that the following bytes remain in the input stream.
+ *
+ * \return 0 on success, -1 on error or end of file
+ */
int get_line( FILE *f, char *buf, size_t len )
{
char *ret;
- ret = fgets( buf, len, f );
- if( ret == NULL )
- return( -1 );
+ do
+ {
+ ret = fgets( buf, len, f );
+ if( ret == NULL )
+ return( -1 );
+ }
+ while( buf[0] == '#' );
- if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
- buf[strlen(buf) - 1] = '\0';
- if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
- buf[strlen(buf) - 1] = '\0';
+ ret = buf + strlen( buf );
+ if( ret-- > buf && *ret == '\n' )
+ *ret = '\0';
+ if( ret-- > buf && *ret == '\r' )
+ *ret = '\0';
return( 0 );
}
diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data
index 85be7df..b7d2fbd 100644
--- a/tests/suites/test_suite_md.data
+++ b/tests/suites/test_suite_md.data
@@ -1,3 +1,4 @@
+# Tests of the generic message digest interface
MD process
md_process:
diff --git a/tests/suites/test_suite_mdx.data b/tests/suites/test_suite_mdx.data
index b815bd6..56a9c80 100644
--- a/tests/suites/test_suite_mdx.data
+++ b/tests/suites/test_suite_mdx.data
@@ -1,3 +1,4 @@
+# Test MD2, MD4, MD5 and RIPEMD160
md2 Test vector RFC1319 #1
md2_text:"":"8350e5a3e24c153df2275c9f80692773"
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index 57843e3..3b9c5b5 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -1,5 +1,6 @@
RSA PKCS1 Verify v1.5 CAVS #1
depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
+# Good padding but wrong hash
rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":RSA_PKCS_V15:POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED
RSA PKCS1 Verify v1.5 CAVS #2
@@ -24,6 +25,7 @@
RSA PKCS1 Verify v1.5 CAVS #7
depends_on:POLARSSL_SHA512_C:POLARSSL_PKCS1_V15
+# Bad padding after performing the public key operation
rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":RSA_PKCS_V15:POLARSSL_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":POLARSSL_ERR_RSA_INVALID_PADDING
RSA PKCS1 Verify v1.5 CAVS #8
@@ -365,6 +367,7 @@
rsa_gen_key:2048:3:0
RSA Generate Key - 1025 bit key
+# rsa_gen_key only supports even-sized keys
rsa_gen_key:1025:3:POLARSSL_ERR_RSA_BAD_INPUT_DATA
RSA PKCS1 Encrypt Bad RNG
diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data
index cb81cd0..9ec96f4 100644
--- a/tests/suites/test_suite_shax.data
+++ b/tests/suites/test_suite_shax.data
@@ -1,3 +1,4 @@
+# Test the operation of SHA-1 and SHA-2
SHA-1 Test Vector NIST CAVS #1
depends_on:POLARSSL_SHA1_C
sha1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"