Merge branch 'mbedtls-2.1'
diff --git a/ChangeLog b/ChangeLog
index a0ab246..686b221 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,12 @@
* Fix issue in Makefile that prevented building using armar. #386
* Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer after DER certificates to be included in the raw representation.
+ * Fix issue that caused a hang when generating RSA keys of odd bitlength
+ * Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer
+ dereference possible.
+ * Fix issue that caused a crash if invalid curves were passed to
+ mbedtls_ssl_conf_curves. #373
+ * Fix issue in ssl_fork_server which was preventing it from functioning. #429
Changes
* On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5,
diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h
index 661bc08..d5df316 100644
--- a/include/mbedtls/memory_buffer_alloc.h
+++ b/include/mbedtls/memory_buffer_alloc.h
@@ -98,8 +98,10 @@
/**
* \brief Get the peak heap usage so far
*
- * \param max_used Peak number of bytes reauested by the application
- * \param max_blocks Peak number of blocks reauested by the application
+ * \param max_used Peak number of bytes in use or committed. This
+ * includes bytes in allocated blocks too small to split
+ * into smaller blocks but larger than the requested size.
+ * \param max_blocks Peak number of blocks in use, including free and used
*/
void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
@@ -111,8 +113,10 @@
/**
* \brief Get the current heap usage
*
- * \param cur_used Number of bytes reauested by the application
- * \param cur_blocks Number of blocks reauested by the application
+ * \param cur_used Current number of bytes in use or committed. This
+ * includes bytes in allocated blocks too small to split
+ * into smaller blocks but larger than the requested size.
+ * \param cur_blocks Current number of blocks in use, including free and used
*/
void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
#endif /* MBEDTLS_MEMORY_DEBUG */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 1e6915a..fa7fbda 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -854,7 +854,7 @@
* pointers and data.
*
* \param ssl SSL context
- * \return 0 if successful, or POLASSL_ERR_SSL_MALLOC_FAILED,
+ * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED,
MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or
* MBEDTLS_ERR_SSL_COMPRESSION_FAILED
*/
diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c
index b2c775a..545d5a2 100644
--- a/library/memory_buffer_alloc.c
+++ b/library/memory_buffer_alloc.c
@@ -417,6 +417,12 @@
heap.total_used -= hdr->size;
#endif
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+ free( hdr->trace );
+ hdr->trace = NULL;
+ hdr->trace_count = 0;
+#endif
+
// Regroup with block before
//
if( hdr->prev != NULL && hdr->prev->alloc == 0 )
@@ -432,9 +438,6 @@
if( hdr->next != NULL )
hdr->next->prev = hdr;
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
- free( old->trace );
-#endif
memset( old, 0, sizeof(memory_header) );
}
@@ -474,9 +477,6 @@
if( hdr->next != NULL )
hdr->next->prev = hdr;
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
- free( old->trace );
-#endif
memset( old, 0, sizeof(memory_header) );
}
@@ -491,11 +491,6 @@
heap.first_free = hdr;
}
-#if defined(MBEDTLS_MEMORY_BACKTRACE)
- hdr->trace = NULL;
- hdr->trace_count = 0;
-#endif
-
if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 )
mbedtls_exit( 1 );
}
diff --git a/library/rsa.c b/library/rsa.c
index 4bdf200..119431d 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -96,7 +96,8 @@
if( f_rng == NULL || nbits < 128 || exponent < 3 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
- mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
+ mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
+ mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
/*
* find primes P and Q with Q < P so that:
@@ -106,14 +107,19 @@
do
{
- MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0,
+ MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0,
f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0,
+ if( nbits % 2 )
+ {
+ MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits >> 1 ) + 1, 0,
f_rng, p_rng ) );
-
- if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
- mbedtls_mpi_swap( &ctx->P, &ctx->Q );
+ }
+ else
+ {
+ MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
+ f_rng, p_rng ) );
+ }
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 )
continue;
@@ -585,7 +591,8 @@
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
- if( f_rng == NULL )
+ // We don't check p_rng because it won't be dereferenced here
+ if( f_rng == NULL || input == NULL || output == NULL )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len;
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 09fc337..1d8b33f 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -269,6 +269,12 @@
for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ )
{
#endif
+ if( info == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid curve in ssl configuration" ) );
+ return;
+ }
+
elliptic_curve_len += 2;
}
@@ -288,7 +294,6 @@
for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ )
{
#endif
-
elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
}
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 13ce5dd..545e2fb 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -127,7 +127,7 @@
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+ mbedtls_printf( " failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret );
goto exit;
}
@@ -148,7 +148,7 @@
mbedtls_test_srv_crt_len );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret );
goto exit;
}
@@ -156,7 +156,7 @@
mbedtls_test_cas_pem_len );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret );
goto exit;
}
@@ -164,7 +164,7 @@
mbedtls_test_srv_key_len, NULL, 0 );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret );
goto exit;
}
@@ -181,7 +181,7 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
@@ -191,7 +191,7 @@
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
@@ -205,7 +205,7 @@
if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_net_bind returned %d\n\n", ret );
goto exit;
}
@@ -219,96 +219,101 @@
mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
- mbedtls_printf( " . Waiting for a remote connection ..." );
+ mbedtls_printf( " . Waiting for a remote connection ...\n" );
fflush( stdout );
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
+ mbedtls_printf( " failed! mbedtls_net_accept returned %d\n\n", ret );
goto exit;
}
- mbedtls_printf( " ok\n" );
-
/*
* 3.5. Forking server thread
*/
- pid = fork();
-
mbedtls_printf( " . Forking to handle connection ..." );
fflush( stdout );
+ pid = fork();
+
if( pid < 0 )
{
- mbedtls_printf(" failed\n ! fork returned %d\n\n", pid );
+ mbedtls_printf(" failed! fork returned %d\n\n", pid );
goto exit;
}
- mbedtls_printf( " ok\n" );
-
if( pid != 0 )
{
+ mbedtls_printf( " ok\n" );
+
if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg,
(const unsigned char *) "parent",
6 ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_reseed returned %d\n", ret );
+ mbedtls_printf( " failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret );
goto exit;
}
- mbedtls_net_free( &client_fd );
continue;
}
- mbedtls_net_free( &listen_fd );
+ mbedtls_net_init( &listen_fd );
+
+ pid = getpid();
/*
* 4. Setup stuff
*/
- mbedtls_printf( " . Setting up the SSL data...." );
+ mbedtls_printf( "pid %d: Setting up the SSL data.\n", pid );
fflush( stdout );
if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg,
(const unsigned char *) "child",
5 ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_reseed returned %d\n", ret );
+ mbedtls_printf(
+ "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n",
+ pid, ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
+ mbedtls_printf(
+ "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n",
+ pid, ret );
goto exit;
}
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
- mbedtls_printf( " ok\n" );
+ mbedtls_printf( "pid %d: SSL setup ok\n", pid );
/*
* 5. Handshake
*/
- mbedtls_printf( " . Performing the SSL/TLS handshake..." );
+ mbedtls_printf( "pid %d: Performing the SSL/TLS handshake.\n", pid );
fflush( stdout );
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
{
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
+ mbedtls_printf(
+ "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n",
+ pid, ret );
goto exit;
}
}
- mbedtls_printf( " ok\n" );
+ mbedtls_printf( "pid %d: SSL handshake ok\n", pid );
/*
* 6. Read the HTTP Request
*/
- mbedtls_printf( " < Read from client:" );
+ mbedtls_printf( "pid %d: Start reading from client.\n", pid );
fflush( stdout );
do
@@ -325,15 +330,15 @@
switch( ret )
{
case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
- mbedtls_printf( " connection was closed gracefully\n" );
+ mbedtls_printf( "pid %d: connection was closed gracefully\n", pid );
break;
case MBEDTLS_ERR_NET_CONN_RESET:
- mbedtls_printf( " connection was reset by peer\n" );
+ mbedtls_printf( "pid %d: connection was reset by peer\n", pid );
break;
default:
- mbedtls_printf( " mbedtls_ssl_read returned %d\n", ret );
+ mbedtls_printf( "pid %d: mbedtls_ssl_read returned %d\n", pid, ret );
break;
}
@@ -341,7 +346,7 @@
}
len = ret;
- mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
+ mbedtls_printf( "pid %d: %d bytes read\n\n%s", pid, len, (char *) buf );
if( ret > 0 )
break;
@@ -351,7 +356,7 @@
/*
* 7. Write the 200 Response
*/
- mbedtls_printf( " > Write to client:" );
+ mbedtls_printf( "pid %d: Start writing to client.\n", pid );
fflush( stdout );
len = sprintf( (char *) buf, HTTP_RESPONSE,
@@ -363,18 +368,21 @@
{
if( ret == MBEDTLS_ERR_NET_CONN_RESET )
{
- mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
+ mbedtls_printf(
+ "pid %d: Write failed! peer closed the connection\n\n", pid );
goto exit;
}
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
+ mbedtls_printf(
+ "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n",
+ pid, ret );
goto exit;
}
}
len = ret;
- mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
+ mbedtls_printf( "pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf );
mbedtls_net_usleep( 1000000 );
}
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index c43d6ae..d522332 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -345,7 +345,7 @@
RSA Public (Data larger than N)
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-RSA Generate Key
+RSA Generate Key - 128bit key
mbedtls_rsa_gen_key:128:3:0
RSA Generate Key (Number of bits too small)
@@ -354,9 +354,15 @@
RSA Generate Key (Exponent too small)
mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
-RSA Generate Key
+RSA Generate Key - 1024 bit key
mbedtls_rsa_gen_key:1024:3:0
+RSA Generate Key - 2048 bit key
+mbedtls_rsa_gen_key:2048:3:0
+
+RSA Generate Key - 1025 bit key
+mbedtls_rsa_gen_key:1025:3:0
+
RSA PKCS1 Encrypt Bad RNG
depends_on:MBEDTLS_PKCS1_V15
rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED