Merge branch 'iotssl-1071-ca-flags'
Fixes a regression introduced by an earlier commit that modified
x509_crt_verify_top() to ensure that valid certificates that are after past or
future valid in the chain are processed. However the change introduced a change
in behaviour that caused the verification flags MBEDTLS_X509_BADCERT_EXPIRED and
MBEDTLS_BADCERT_FUTURE to always be set whenever there is a failure in the
verification regardless of the cause.
The fix maintains both behaviours:
* Ensure that valid certificates after future and past are verified
* Ensure that the correct verification flags are set.
diff --git a/ChangeLog b/ChangeLog
index f8dcf24..a299b80 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,16 @@
mbed TLS ChangeLog (Sorted per branch, date)
-= mbed TLS x.x.x branch released xxxx-xx-xx
+= mbed TLS 2.x.x branch released xxxx-xx-xx
+
+Security
+ * Fixed potential livelock during the parsing of a CRL in PEM format in
+ mbedtls_x509_crl_parse(). A string containing a CRL followed by trailing
+ characters after the footer could result in the execution of an infinite
+ loop. The issue can be triggered remotely. Found by Greg Zaverucha,
+ Microsoft.
+ * Removed MD5 from the allowed hash algorithms for CertificateRequest and
+ CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
+ Introduced by interoperability fix for #513.
Bugfix
* Fix output certificate verification flags set by x509_crt_verify_top() when
@@ -8,6 +18,28 @@
MBEDTLS_X509_BADCERT_NOT_TRUSTED and MBEDTLS_X509_BADCERT_EXPIRED, to be
set when the verification conditions are not met regardless of the cause.
Found by Harm Verhagen and inestlerode. #665 #561
+ * Fix the redefinition of macro ssl_set_bio to an undefined symbol
+ mbedtls_ssl_set_bio_timeout in compat-1.3.h, by removing it.
+ Found by omlib-lin. #673
+ * Fix unused variable/function compilation warnings in pem.c, x509_crt.c and
+ x509_csr.c that are reported when building mbed TLS with a config.h that
+ does not define MBEDTLS_PEM_PARSE_C. Found by omnium21. #562
+ * Fix incorrect renegotiation condition in ssl_check_ctr_renegotiate() that
+ would compare 64 bits of the record counter instead of 48 bits as indicated
+ in RFC 6347 Section 4.3.1. This could cause the execution of the
+ renegotiation routines at unexpected times when the protocol is DTLS. Found
+ by wariua. #687
+ * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
+ the input string in PEM format to extract the different components. Found
+ by Eyal Itkin.
+ * Fixed potential arithmetic overflow in mbedtls_ctr_drbg_reseed() that could
+ cause buffer bound checks to be bypassed. Found by Eyal Itkin.
+ * Fixed potential arithmetic overflows in mbedtls_cipher_update() that could
+ cause buffer bound checks to be bypassed. Found by Eyal Itkin.
+ * Fixed potential arithmetic overflow in mbedtls_md2_update() that could
+ cause buffer bound checks to be bypassed. Found by Eyal Itkin.
+ * Fixed potential arithmetic overflow in mbedtls_base64_decode() that could
+ cause buffer bound checks to be bypassed. Found by Eyal Itkin.
= mbed TLS 2.4.1 branch released 2016-12-13
diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
index 27abbd9..af51b5f 100644
--- a/include/mbedtls/compat-1.3.h
+++ b/include/mbedtls/compat-1.3.h
@@ -2453,7 +2453,6 @@
#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
#define ssl_set_authmode mbedtls_ssl_conf_authmode
#define ssl_set_bio mbedtls_ssl_set_bio
-#define ssl_set_bio mbedtls_ssl_set_bio_timeout
#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 2c02190..42c9779 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1146,7 +1146,7 @@
*
* \note See the documentation of \c mbedtls_ssl_set_timer_t and
* \c mbedtls_ssl_get_timer_t for the conventions this pair of
- * callbacks must fallow.
+ * callbacks must follow.
*
* \note On some platforms, timing.c provides
* \c mbedtls_timing_set_delay() and
@@ -2183,7 +2183,7 @@
/**
* \brief Set record counter threshold for periodic renegotiation.
- * (Default: 2^64 - 256.)
+ * (Default: 2^48 - 1)
*
* Renegotiation is automatically triggered when a record
* counter (outgoing or ingoing) crosses the defined
@@ -2194,9 +2194,17 @@
* Lower values can be used to enforce policies such as "keys
* must be refreshed every N packets with cipher X".
*
+ * The renegotiation period can be disabled by setting
+ * conf->disable_renegotiation to
+ * MBEDTLS_SSL_RENEGOTIATION_DISABLED.
+ *
+ * \note When the configured transport is
+ * MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation
+ * period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM,
+ * the maximum renegotiation period is 2^64 - 1.
+ *
* \param conf SSL configuration
* \param period The threshold value: a big-endian 64-bit number.
- * Set to 2^64 - 1 to disable periodic renegotiation
*/
void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
const unsigned char period[8] );
diff --git a/library/base64.c b/library/base64.c
index 5cb12cb..f06b57b 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -192,7 +192,11 @@
return( 0 );
}
- n = ( ( n * 6 ) + 7 ) >> 3;
+ /* The following expression is to calculate the following formula without
+ * risk of integer overflow in n:
+ * n = ( ( n * 6 ) + 7 ) >> 3;
+ */
+ n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
n -= j;
if( dst == NULL || dlen < n )
diff --git a/library/cipher.c b/library/cipher.c
index a883438..e9e0b22 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -326,9 +326,9 @@
* If there is not enough data for a full block, cache it.
*/
if( ( ctx->operation == MBEDTLS_DECRYPT &&
- ilen + ctx->unprocessed_len <= block_size ) ||
+ ilen <= block_size - ctx->unprocessed_len ) ||
( ctx->operation == MBEDTLS_ENCRYPT &&
- ilen + ctx->unprocessed_len < block_size ) )
+ ilen < block_size - ctx->unprocessed_len ) )
{
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
ilen );
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 386f8ad..55612c7 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -290,7 +290,8 @@
unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0;
- if( ctx->entropy_len + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
+ if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ||
+ len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
diff --git a/library/md2.c b/library/md2.c
index 8976701..95cbcce 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -158,7 +158,7 @@
while( ilen > 0 )
{
- if( ctx->left + ilen > 16 )
+ if( ilen > 16 - ctx->left )
fill = 16 - ctx->left;
else
fill = ilen;
diff --git a/library/pem.c b/library/pem.c
index 1ee3966..8dd86a4 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -44,12 +44,12 @@
#define mbedtls_free free
#endif
+#if defined(MBEDTLS_PEM_PARSE_C)
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
-#if defined(MBEDTLS_PEM_PARSE_C)
void mbedtls_pem_init( mbedtls_pem_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_pem_context ) );
@@ -249,7 +249,7 @@
enc = 0;
- if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
+ if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
{
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
@@ -262,22 +262,22 @@
#if defined(MBEDTLS_DES_C)
- if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
+ if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
{
enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC;
s1 += 23;
- if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
+ if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 )
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
s1 += 16;
}
- else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
+ else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
{
enc_alg = MBEDTLS_CIPHER_DES_CBC;
s1 += 18;
- if( pem_get_iv( s1, pem_iv, 8) != 0 )
+ if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 )
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
s1 += 16;
@@ -285,9 +285,11 @@
#endif /* MBEDTLS_DES_C */
#if defined(MBEDTLS_AES_C)
- if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
+ if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
{
- if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
+ if( s2 - s1 < 22 )
+ return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
+ else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
enc_alg = MBEDTLS_CIPHER_AES_128_CBC;
else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
enc_alg = MBEDTLS_CIPHER_AES_192_CBC;
@@ -297,7 +299,7 @@
return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
s1 += 22;
- if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
+ if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 )
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
s1 += 32;
@@ -316,7 +318,7 @@
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
}
- if( s1 == s2 )
+ if( s1 >= s2 )
return( MBEDTLS_ERR_PEM_INVALID_DATA );
ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 121c135..d9ab832 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6482,6 +6482,10 @@
*/
static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
{
+ size_t ep_len = ssl_ep_len( ssl );
+ int in_ctr_cmp;
+ int out_ctr_cmp;
+
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
@@ -6489,8 +6493,12 @@
return( 0 );
}
- if( memcmp( ssl->in_ctr, ssl->conf->renego_period, 8 ) <= 0 &&
- memcmp( ssl->out_ctr, ssl->conf->renego_period, 8 ) <= 0 )
+ in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
+ ssl->conf->renego_period + ep_len, 8 - ep_len );
+ out_ctr_cmp = memcmp( ssl->out_ctr + ep_len,
+ ssl->conf->renego_period + ep_len, 8 - ep_len );
+
+ if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
{
return( 0 );
}
@@ -7231,8 +7239,8 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT;
- memset( conf->renego_period, 0xFF, 7 );
- conf->renego_period[7] = 0x00;
+ memset( conf->renego_period, 0x00, 2 );
+ memset( conf->renego_period + 2, 0xFF, 6 );
#endif
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
@@ -7645,8 +7653,7 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_SSL_HASH_MD5:
- ssl->handshake->calc_verify = ssl_calc_verify_tls;
- break;
+ return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
#endif
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_SSL_HASH_SHA1:
diff --git a/library/x509_crl.c b/library/x509_crl.c
index 7b2b473..5b0adef 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -530,7 +530,7 @@
mbedtls_pem_free( &pem );
}
- else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+ else if( is_pem )
{
mbedtls_pem_free( &pem );
return( ret );
diff --git a/library/x509_crt.c b/library/x509_crt.c
index f90a84a..234f145 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -969,8 +969,8 @@
*/
int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen )
{
- int success = 0, first_error = 0, total_failed = 0;
#if defined(MBEDTLS_PEM_PARSE_C)
+ int success = 0, first_error = 0, total_failed = 0;
int buf_format = MBEDTLS_X509_FORMAT_DER;
#endif
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 603d06b..f92b66c 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -265,8 +265,8 @@
*/
int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
{
- int ret;
#if defined(MBEDTLS_PEM_PARSE_C)
+ int ret;
size_t use_len;
mbedtls_pem_context pem;
#endif
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 442a3fb..e18ee42 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -37,7 +37,7 @@
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \
- !defined(MBEDTLS_CERTS_C)
+ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C)
int main( void )
{
mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or "
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 4a22771..b49ffb4 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -494,13 +494,13 @@
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
else
#endif
-#if defined(MBEDTLS_CERTS_C)
+#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
mbedtls_test_cas_pem_len );
#else
{
ret = 1;
- mbedtls_printf("MBEDTLS_CERTS_C not defined.");
+ mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.");
}
#endif
if( ret < 0 )
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 18bda59..d98b669 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -63,6 +63,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>
+#include <inttypes.h>
#if !defined(_WIN32)
#include <signal.h>
@@ -113,7 +115,7 @@
#define DFL_ALLOW_LEGACY -2
#define DFL_RENEGOTIATE 0
#define DFL_RENEGO_DELAY -2
-#define DFL_RENEGO_PERIOD -1
+#define DFL_RENEGO_PERIOD ( (uint64_t)-1 )
#define DFL_EXCHANGES 1
#define DFL_MIN_VERSION -1
#define DFL_MAX_VERSION -1
@@ -292,7 +294,7 @@
" renegotiation=%%d default: 0 (disabled)\n" \
" renegotiate=%%d default: 0 (disabled)\n" \
" renego_delay=%%d default: -2 (library default)\n" \
- " renego_period=%%d default: (library default)\n"
+ " renego_period=%%d default: (2^64 - 1 for TLS, 2^48 - 1 for DTLS)\n"
#else
#define USAGE_RENEGO ""
#endif
@@ -351,6 +353,19 @@
" force_ciphersuite=<name> default: all enabled\n" \
" acceptable ciphersuite names:\n"
+
+#define PUT_UINT64_BE(out_be,in_le,i) \
+{ \
+ (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF ); \
+ (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF ); \
+ (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF ); \
+ (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF ); \
+ (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF ); \
+ (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF ); \
+ (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8 ) & 0xFF ); \
+ (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \
+}
+
/*
* global options
*/
@@ -377,7 +392,7 @@
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
int renego_delay; /* delay before enforcing renegotiation */
- int renego_period; /* period for automatic renegotiation */
+ uint64_t renego_period; /* period for automatic renegotiation */
int exchanges; /* number of data exchanges */
int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */
@@ -1041,8 +1056,8 @@
}
else if( strcmp( p, "renego_period" ) == 0 )
{
- opt.renego_period = atoi( q );
- if( opt.renego_period < 2 || opt.renego_period > 255 )
+ if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 ||
+ opt.renego_period < 2 )
goto usage;
}
else if( strcmp( p, "exchanges" ) == 0 )
@@ -1757,7 +1772,7 @@
if( opt.renego_period != DFL_RENEGO_PERIOD )
{
- renego_period[7] = opt.renego_period;
+ PUT_UINT64_BE( renego_period, opt.renego_period, 0 );
mbedtls_ssl_conf_renegotiation_period( &conf, renego_period );
}
#endif
diff --git a/scripts/data_files/rename-1.3-2.0.txt b/scripts/data_files/rename-1.3-2.0.txt
index 397f6be..cb3381a 100644
--- a/scripts/data_files/rename-1.3-2.0.txt
+++ b/scripts/data_files/rename-1.3-2.0.txt
@@ -1996,7 +1996,6 @@
ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
ssl_set_authmode mbedtls_ssl_conf_authmode
ssl_set_bio mbedtls_ssl_set_bio
-ssl_set_bio_timeout mbedtls_ssl_set_bio_timeout
ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
diff --git a/tests/data_files/crl-malformed-trailing-spaces.pem b/tests/data_files/crl-malformed-trailing-spaces.pem
new file mode 100644
index 0000000..9eae3da
--- /dev/null
+++ b/tests/data_files/crl-malformed-trailing-spaces.pem
@@ -0,0 +1,20 @@
+-----BEGIN X509 CRL-----
+MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ
+b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz
+MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G
+A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO
+TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg
+Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW
+svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm
+56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U=
+-----END X509 CRL-----
+-----BEGIN X509 CRL-----
+MIIBcTCB9wIBATAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
+UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2
+MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu
+BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC
+TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD
+IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwQDaQAwZgIxAL/VFrDIYUECsS0rVpAy
+6zt/CqeAZ1sa/l5LTaG1XW286n2Kibipr6EpkYZNYIQILgIxAI0wb3Py1DHPWpYf
+/BFBH7C3KYq+nWTrLeEnhrjU1LzG/CiQ8lnuskya6lw/P3lJ/A==
+-----END X509 CRL-----
diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl
index 49af2db..84e949d 100755
--- a/tests/scripts/generate_code.pl
+++ b/tests/scripts/generate_code.pl
@@ -256,7 +256,7 @@
$param_defs .= " char *param$i = params[$i];\n";
$param_checks .= " if( verify_string( ¶m$i ) != 0 ) return( DISPATCH_INVALID_TEST_DATA );\n";
push @dispatch_params, "param$i";
- $mapping_regex .= ":[^:\n]+";
+ $mapping_regex .= ":(?:\\\\.|[^:\n])+";
}
else
{
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 57155b8..41fbc3d 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1601,6 +1601,19 @@
-s "=> renegotiate" \
-s "write hello request"
+run_test "Renegotiation: DTLS, renego_period overflow" \
+ "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \
+ "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \
+ 0 \
+ -c "client hello, adding renegotiation extension" \
+ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
+ -s "found renegotiation extension" \
+ -s "server hello, secure renegotiation extension" \
+ -s "record counter limit reached: renegotiate" \
+ -c "=> renegotiate" \
+ -s "=> renegotiate" \
+ -s "write hello request" \
+
requires_gnutls
run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
"$G_SRV -u --mtu 4096" \
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index 3acfb8b..883cfe0 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -39,6 +39,11 @@
TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional,
MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1 ) ==
MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+
+ mbedtls_ctr_drbg_set_entropy_len( &ctx, ~0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional,
+ MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) ==
+ MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
exit:
mbedtls_ctr_drbg_free( &ctx );
}
diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data
index 973c923..065e4a2 100644
--- a/tests/suites/test_suite_pem.data
+++ b/tests/suites/test_suite_pem.data
@@ -15,3 +15,13 @@
PEM write (exactly two lines + 1)
mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
+
+PEM read (DES-EDE3-CBC + invalid iv)
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":MBEDTLS_ERR_PEM_INVALID_ENC_IV
+
+PEM read (DES-CBC + invalid iv)
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":MBEDTLS_ERR_PEM_INVALID_ENC_IV
+
+PEM read (unknown encryption algorithm)
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG
+
diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function
index 6a62bfe..5e02210 100644
--- a/tests/suites/test_suite_pem.function
+++ b/tests/suites/test_suite_pem.function
@@ -3,12 +3,7 @@
#include "mbedtls/pem.h"
/* END_HEADER */
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PEM_WRITE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
void mbedtls_pem_write_buffer( char *start, char *end, char *buf_str, char *result_str )
{
unsigned char buf[5000];
@@ -38,3 +33,20 @@
mbedtls_free( check_buf );
}
/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
+void mbedtls_pem_read_buffer( char *header, char *footer, char *data, int ret )
+{
+ mbedtls_pem_context ctx;
+ size_t use_len = 0;
+
+ mbedtls_pem_init( &ctx );
+
+ TEST_ASSERT( mbedtls_pem_read_buffer( &ctx, header, footer,
+ (const unsigned char *)data, NULL, 0,
+ &use_len ) == ret );
+
+exit:
+ mbedtls_pem_free( &ctx );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 73ec28f..1031bd9 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -198,6 +198,10 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C
mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n"
+X509 CRL Malformed Input (trailing spaces at end of file)
+depends_on:MBEDTLS_PEM_PARSE_C
+mbedtls_x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT
+
X509 CSR Information RSA with MD4
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C
mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n"
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index be85869..156a25f 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -163,6 +163,22 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */
+void mbedtls_x509_crl_parse( char *crl_file, int result )
+{
+ mbedtls_x509_crl crl;
+ char buf[2000];
+
+ mbedtls_x509_crl_init( &crl );
+ memset( buf, 0, 2000 );
+
+ TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == result );
+
+exit:
+ mbedtls_x509_crl_free( &crl );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */
void mbedtls_x509_csr_info( char *csr_file, char *result_str )
{