commit 0d50d41c92d853a9aa61a66ff457ba684f80b641
author Gilles Peskine <gilles.peskine@arm.com> Tue Oct 08 15:34:11 2019 +0200
committer GitHub <noreply@github.com> Tue Oct 08 15:34:11 2019 +0200
tree c45ddf627f2ed99fa2b02b95ca72f9c326ec816e
parent 74692aeb8c7e2c1c0f273592d87472a6f2aabacf
parent f70d3eb43a440b0cfd82dc3f724f4940e1cad1db

Merge pull request #2882 from gilles-peskine-arm/update-crypto-20191004

Update crypto submodule:

* https://github.com/ARMmbed/mbed-crypto/pull/277: Improve speed of PBKDF2 by caching the digest state of the passphras
* https://github.com/ARMmbed/mbed-crypto/pull/269: Add PSA API versioning
* https://github.com/ARMmbed/mbed-crypto/pull/278: Fix on target test issues
* https://github.com/ARMmbed/mbed-crypto/pull/286: Fix defgroup syntax for API version section
* https://github.com/ARMmbed/mbed-crypto/pull/75: ASN.1 tests without x509

crypto

diff --git a/crypto b/crypto
index 37b5c83..9ab7c07 160000
--- a/crypto
+++ b/crypto
@@ -1 +1 @@
-Subproject commit 37b5c831b41cd41456caa979f1444234c51e4c51
+Subproject commit 9ab7c07f1f370636fcaa8bc02e6f45035fab1596

library/error.c

diff --git a/library/error.c b/library/error.c
index 23a0f97..d8b5780 100644
--- a/library/error.c
+++ b/library/error.c
@@ -642,7 +642,7 @@
     if( use_ret == -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH) )
         mbedtls_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
     if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_DATA) )
-        mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
+        mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid" );
     if( use_ret == -(MBEDTLS_ERR_ASN1_ALLOC_FAILED) )
         mbedtls_snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
     if( use_ret == -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) )

tests/suites/test_suite_x509parse.data

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 0589715..0186bf7 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1832,15 +1832,10 @@
 # signature = bit string with invalid encoding (number of unused bits too large)
 x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030108":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA
 
-## This edge case currently fails to parse due to an ASN.1 bug.
-## It doesn't matter as far as X.509 is concerned since the signature would
-## not be valid anyway.
-## https://github.com/ARMmbed/mbed-crypto/pull/75 will fix this bug and make
-## this test case pass.
-# X509 CRT ASN1 (empty Signature)
-# depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
-# # signature = empty bit string in DER encoding
-# x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"cert. version     \: 3\nserial number     \: DE\:AD\:BE\:EF\nissuer name       \: ??=Test\nsubject name      \: ??=Test\nissued  on        \: 2009-01-01 00\:00\:00\nexpires on        \: 2009-12-31 23\:59\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 128 bits\nsubject alt name  \:\n    dNSName \: foo.test\n    dNSName \: bar.test\n":0
+X509 CRT ASN1 (empty Signature)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+# signature = empty bit string in DER encoding
+x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"cert. version     \: 3\nserial number     \: DE\:AD\:BE\:EF\nissuer name       \: ??=Test\nsubject name      \: ??=Test\nissued  on        \: 2009-01-01 00\:00\:00\nexpires on        \: 2009-12-31 23\:59\:59\nsigned using      \: RSA with SHA-256\nRSA key size      \: 128 bits\nsubject alt name  \:\n    dNSName \: foo.test\n    dNSName \: bar.test\n":0
 
 X509 CRT ASN1 (dummy 24-bit Signature)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C