Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Coverage improvements #540

Closed
wants to merge 14 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ clean:
$(MAKE) -C programs clean
$(MAKE) -C tests clean
ifndef WINDOWS
find . \( -name \*.gcno -o -name \*.gcda -o -name *.info \) -exec rm {} +
find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} +
endif

check: lib
Expand Down
43 changes: 35 additions & 8 deletions library/asn1write.c
Original file line number Diff line number Diff line change
Expand Up @@ -60,16 +60,43 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
return( 2 );
}

if( *p - start < 3 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
if( len <= 0xFFFF )
{
if( *p - start < 3 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

// We assume we never have lengths larger than 65535 bytes
//
*--(*p) = len % 256;
*--(*p) = ( len / 256 ) % 256;
*--(*p) = 0x82;
*--(*p) = ( len ) & 0xFF;
*--(*p) = ( len >> 8 ) & 0xFF;
*--(*p) = 0x82;
return( 3 );
}

if( len <= 0xFFFFFF )
{
if( *p - start < 4 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

*--(*p) = ( len ) & 0xFF;
*--(*p) = ( len >> 8 ) & 0xFF;
*--(*p) = ( len >> 16 ) & 0xFF;
*--(*p) = 0x83;
return( 4 );
}

if( len <= 0xFFFFFFFF )
{
if( *p - start < 5 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

*--(*p) = ( len ) & 0xFF;
*--(*p) = ( len >> 8 ) & 0xFF;
*--(*p) = ( len >> 16 ) & 0xFF;
*--(*p) = ( len >> 24 ) & 0xFF;
*--(*p) = 0x84;
return( 5 );
}

return( 3 );
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
}

int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
Expand Down
4 changes: 4 additions & 0 deletions library/entropy.c
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@
#include <stdio.h>
#endif

#if defined(MBEDTLS_ENTROPY_NV_SEED)
#include "mbedtls/platform.h"
#endif

#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
Expand Down
14 changes: 7 additions & 7 deletions programs/test/selftest.c
Original file line number Diff line number Diff line change
Expand Up @@ -106,8 +106,8 @@ static int run_test_snprintf( void )
* self-test. If this fails, we attempt the test anyway, so no error is passed
* back.
*/
#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_ENTROPY_NV_SEED) && \
!defined(MBEDTLS_NO_PLATFORM_ENTROPY)
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
static void create_entropy_seed_file( void )
{
int result;
Expand Down Expand Up @@ -138,7 +138,7 @@ static void create_entropy_seed_file( void )
int main( int argc, char *argv[] )
{
int v, suites_tested = 0, suites_failed = 0;
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_SELF_TEST)
unsigned char buf[1000000];
#endif
void *pointer;
Expand Down Expand Up @@ -396,10 +396,6 @@ int main( int argc, char *argv[] )
suites_tested++;
#endif

#else
mbedtls_printf( " MBEDTLS_SELF_TEST not defined.\n" );
#endif

if( v != 0 )
{
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG)
Expand All @@ -416,6 +412,10 @@ int main( int argc, char *argv[] )
suites_tested++;
#endif

#else
mbedtls_printf( " MBEDTLS_SELF_TEST not defined.\n" );
#endif

if( v != 0 )
{
mbedtls_printf( " Executed %d test suites\n\n", suites_tested );
Expand Down
42 changes: 42 additions & 0 deletions tests/suites/test_suite_asn1write.data
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,45 @@ mbedtls_asn1_write_ia5_string:"ABC":"":3:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

ASN.1 Write IA5 String #5 (Buffer too small for string)
mbedtls_asn1_write_ia5_string:"ABC":"":2:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

ASN.1 Write / Read Length #0 (Len = 0, short form)
mbedtls_asn1_write_len:0:"00":1:1

ASN.1 Write / Read Length #1 (Len = 127, short form)
mbedtls_asn1_write_len:127:"7F":1:1

ASN.1 Write / Read Length #2 (Len = 127, buffer too small)
mbedtls_asn1_write_len:127:"7F":0:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

ASN.1 Write / Read Length #3 (Len = 128, long form)
mbedtls_asn1_write_len:128:"8180":2:2

ASN.1 Write / Read Length #4 (Len = 255, long form)
mbedtls_asn1_write_len:255:"81FF":2:2

ASN.1 Write / Read Length #5 (Len = 255, buffer too small)
mbedtls_asn1_write_len:255:"81FF":1:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

ASN.1 Write / Read Length #6 (Len = 258, byte order)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does byte order mean here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With 0xFFFF you cannot see if the bytes were place in the correct order into the ASN1 representation. With 0x0102 you can.

-------- Original message --------
From: Janos Follath notifications@github.com
Date: 7/15/16 15:48 (GMT+01:00)
To: ARMmbed/mbedtls mbedtls@noreply.github.com
Cc: Paul Bakker Paul.Bakker@arm.com, Author author@noreply.github.com
Subject: Re: [ARMmbed/mbedtls] Coverage improvements (#540)

In tests/suites/test_suite_asn1write.datahttps://github.com//pull/540#discussion_r70975243:

@@ -67,14 +67,26 @@ mbedtls_asn1_write_len:255:"81FF":2:2
ASN.1 Write / Read Length #5 (Len = 255, buffer too small)
mbedtls_asn1_write_len:255:"81FF":1:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

-ASN.1 Write / Read Length #6 (Len = 256, long form)
-mbedtls_asn1_write_len:256:"820100":3:3
+ASN.1 Write / Read Length #6 (Len = 258, byte order)

What does byte order mean here?

You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHubhttps://github.com//pull/540/files/7d1ad315a8570948c2b60e9b59e764e3036d0fa8..9d63b77#r70975243, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ABNYRIVQ0RrrO7gTOFq08lYxJgK1co8Zks5qV4-AgaJpZM4JMg88.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

mbedtls_asn1_write_len:258:"820102":3:3

ASN.1 Write / Read Length #7 (Len = 65535, long form)
mbedtls_asn1_write_len:65535:"82FFFF":3:3

ASN.1 Write / Read Length #8 (Len = 65535, buffer too small)
mbedtls_asn1_write_len:65535:"82FFFF":2:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

ASN.1 Write / Read Length #9 (Len = 66051, byte order)
mbedtls_asn1_write_len:66051:"83010203":4:4

ASN.1 Write / Read Length #10 (Len = 16777215, long form)
mbedtls_asn1_write_len:16777215:"83FFFFFF":4:4

ASN.1 Write / Read Length #11 (Len = 16777215, buffer too small)
mbedtls_asn1_write_len:16777215:"83FFFFFF":3:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL

ASN.1 Write / Read Length #12 (Len = 16909060, byte order)
mbedtls_asn1_write_len:16909060:"8401020304":5:5

ASN.1 Write / Read Length #12 (Len = 16909060, buffer too small)
mbedtls_asn1_write_len:16909060:"8401020304":4:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL
54 changes: 54 additions & 0 deletions tests/suites/test_suite_asn1write.function
Original file line number Diff line number Diff line change
Expand Up @@ -82,3 +82,57 @@ void mbedtls_asn1_write_ia5_string( char *str, char *hex_asn1,
}
}
/* END_CASE */

/* BEGIN_CASE */
void mbedtls_asn1_write_len( int len, char *check_str, int buf_len,
int result )
{
int ret;
unsigned char buf[150];
unsigned char asn1[150];
unsigned char *p;
size_t asn1_len, i, read_len;

memset( buf, GUARD_VAL, sizeof( buf ) );
memset( asn1, 0, sizeof( asn1 ) );
asn1_len = unhexify( asn1, check_str );

p = buf + GUARD_LEN + buf_len;

ret = mbedtls_asn1_write_len( &p, buf + GUARD_LEN, (size_t) len );

TEST_ASSERT( ret == result );

/* Check for buffer overwrite on both sides */
for( i = 0; i < GUARD_LEN; i++ )
{
TEST_ASSERT( buf[i] == GUARD_VAL );
TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL );
}

if( result >= 0 )
{
TEST_ASSERT( (size_t) ret == asn1_len );
TEST_ASSERT( p + asn1_len == buf + GUARD_LEN + buf_len );

TEST_ASSERT( memcmp( p, asn1, asn1_len ) == 0 );

/* Read back with mbedtls_asn1_get_len() to check */
ret = mbedtls_asn1_get_len( &p, buf + GUARD_LEN + buf_len, &read_len );

if( len == 0 )
{
TEST_ASSERT( ret == 0 );
}
else
{
/* Return will be MBEDTLS_ERR_ASN1_OUT_OF_DATA because the rest of
* the buffer is missing
*/
TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA );
}
TEST_ASSERT( read_len == (size_t) len );
TEST_ASSERT( p == buf + GUARD_LEN + buf_len );
}
}
/* END_CASE */
3 changes: 3 additions & 0 deletions tests/suites/test_suite_cipher.aes.data
Original file line number Diff line number Diff line change
Expand Up @@ -1097,3 +1097,6 @@ test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"00000000000000000000000
AES-256-ECB Decrypt NIST KAT #12
depends_on:MBEDTLS_AES_C
test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0

Cipher Corner Case behaviours
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this special case should be dependent on MBEDTLS_AES_C.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please see line 95 in the patch to test_suit_cipher.function where the dependency is stated..

cipher_special_behaviours:
38 changes: 38 additions & 0 deletions tests/suites/test_suite_cipher.function
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,44 @@ void cipher_null_args( )
}
/* END_CASE */

/* BEGIN_CASE depends_on:MBEDTLS_AES_C */
void cipher_special_behaviours( )
{
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_context_t ctx;
unsigned char input[32];
unsigned char output[32];
unsigned char iv[32];
size_t olen = 0;

mbedtls_cipher_init( &ctx );
memset( input, 0, sizeof( input ) );
memset( output, 0, sizeof( output ) );
memset( iv, 0, sizeof( iv ) );

/* Check and get info structures */
cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
TEST_ASSERT( NULL != cipher_info );

TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) );

/* IV too big */
TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 )
== MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );

/* IV too small */
TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 )
== MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );

/* Update ECB with partial block */
TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen )
== MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );

exit:
mbedtls_cipher_free( &ctx );
}
/* END_CASE */

/* BEGIN_CASE */
void enc_dec_buf( int cipher_id, char *cipher_string, int key_len,
int length_val, int pad_mode )
Expand Down
3 changes: 3 additions & 0 deletions tests/suites/test_suite_ctr_drbg.data
Original file line number Diff line number Diff line change
Expand Up @@ -727,6 +727,9 @@ ctr_drbg_seed_file:"data_files/ctr_drbg_seed":0
CTR_DRBG write/update seed file
ctr_drbg_seed_file:"no_such_dir/file":MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR

CTR_DRBG Special Behaviours
ctr_drbg_special_behaviours:

CTR_DRBG self test
ctr_drbg_selftest:

28 changes: 28 additions & 0 deletions tests/suites/test_suite_ctr_drbg.function
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,34 @@ int mbedtls_entropy_func( void *data, unsigned char *buf, size_t len )
* END_DEPENDENCIES
*/

/* BEGIN_CASE */
void ctr_drbg_special_behaviours( )
{
mbedtls_ctr_drbg_context ctx;
unsigned char output[512];
unsigned char additional[512];

mbedtls_ctr_drbg_init( &ctx );
memset( output, 0, sizeof( output ) );
memset( additional, 0, sizeof( additional ) );

TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx,
output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1,
additional, 16 ) ==
MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG );
TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx,
output, 16,
additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1 ) ==
MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );

TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional,
MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1 ) ==
MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
exit:
mbedtls_ctr_drbg_free( &ctx );
}
/* END_CASE */

/* BEGIN_CASE */
void ctr_drbg_validate_pr( char *add_init_string, char *entropy_string,
char *add1_string, char *add2_string,
Expand Down
Loading