cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-06 21:54:52 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,564 Commits 7 Branches 115 Tags
Commit Graph

18564 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
tom-daubney-arm
24d60ad716
Merge branch 'mbedtls-2.28-restricted' into backport_asymmetric_encrypt_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-28 15:43:48 +00:00
David Horstmann
6b01954e09
Merge pull request #1150 from tom-daubney-arm/backport_mac_buffer_protection 
[Backport] - MAC buffer protection
 2024-02-26 19:06:45 +00:00
Thomas Daubney
be060f1e85 Suppress pylint 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-26 13:55:42 +00:00
tom-daubney-arm
8eafe1525d
Merge branch 'mbedtls-2.28-restricted' into backport_mac_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-22 15:28:49 +00:00
David Horstmann
0ce9589e36
Merge pull request #1133 from davidhorstmann-arm/copying-aead-2.28 
[Backport 2.28] Copy buffers in AEAD
 2024-02-20 16:07:36 +00:00
David Horstmann
a9cc4cd1cb
Merge pull request #1179 from Ryan-Everett-arm/key-derivation-buffer-protection-backport 
[Backport] Add buffer copying to the Key Derivation API
 2024-02-15 11:54:28 +00:00
David Horstmann
a2fd778868
Merge pull request #1148 from tom-daubney-arm/backport_hash_buffer_protection 
[Backport] - Hash buffer protection
 2024-02-13 18:17:57 +00:00
Thomas Daubney
2b614f9dad Generate all test wrappers 
One was missed due to typo

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 13:07:48 +00:00
Thomas Daubney
d8adccf45d Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 13:07:43 +00:00
Thomas Daubney
1a6137bbac Implement safe buffer copying in asymm. encryption 
Use local copy buffer macros to implement safe
copy mechanism in asymmetric encryption API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 13:03:16 +00:00
Thomas Daubney
480347d682 Add mac not NULL check before calling memset 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
301491d70c Modify allocation in sign_finish 
Allocate immediately after declaration.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
f298f657c4 Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
2bb3a1fa25 Conditionally include exit label 
...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
6b91503602 Generate test wrappers for MAC functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:43 +00:00
Thomas Daubney
324f7de1dd Implement safe buffer copying in MAC API 
Use buffer local copy macros to implement safe
copy mechanism in MAC API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:20:39 +00:00
Thomas Daubney
cbf0921530 Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:41 +00:00
Thomas Daubney
5e6b84ae12 Conditionally include exit label 
...on hash functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:41 +00:00
Thomas Daubney
ebf9329d88 Generate test wrappers for hash functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:38 +00:00
Thomas Daubney
62cb36a5f2 Implement safe buffer copying in hash API 
Use local copy buffer macros to implement safe
copy mechanism in hash API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:50:51 +00:00
Ryan Everett
d0d12fb42f
Conditionally guard exit label to deter unused label error 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-12 09:19:29 +00:00
Ryan Everett
6c9e69d53b Add key derivation testing wrappers 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:23:25 +00:00
Ryan Everett
6f68206b18 Add buffer copying to psa_key_derivation_input_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:18:39 +00:00
Ryan Everett
08bd24635d Add buffer copying to psa_key_derivation_output_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:15:32 +00:00
David Horstmann
4fc2b9b80f
Merge pull request #1175 from davidhorstmann-arm/cipher-multipart-test-fix-backport 
[Backport 2.28] Fix a multipart test that overwrites the same buffer twice
 2024-02-07 17:18:52 +00:00
David Horstmann
7274590ef6 Update buffer start and length in multipart test 
This fixes a test failure in which the buffer was not properly filled.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:15:52 +00:00
David Horstmann
448bc018d0 Add testcase to fail multipart cipher tests 
Encrypt more than 2 blocks of data, causing both update() calls to
output data as well as the call to finish().

This exposes a test bug where the pointer to a buffer is not updated
as it is filled with data.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:15:51 +00:00
Dave Rodgman
5a2e95dcfa
Merge pull request #1164 from daverodgman/update-2.28-restricted 2024-02-02 17:45:18 +00:00
David Horstmann
8f7a5f6682
Merge pull request #1157 from Ryan-Everett-arm/key-management-buffer-protection-backport 
[Backport] Key management buffer protection
 2024-02-02 17:43:34 +00:00
Ryan Everett
081803d6ec Remove unnecessary dependencies from psa_crypto_helpers.h 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
c8b6c05014 Update tests/scripts/generate_psa_wrappers.py 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
cb4f855456 Fix line-too-long in script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
810421ccc6 Re-add cipher_encrypt buffer copying 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
3a4153a768 Conditionally guard exit label to stop unused label error 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
dcbc1d3750 Generate test wrappers for key management 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
30827915a4 Protect buffer in psa_export_public_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
e3e760cddb Protect buffer in psa_export_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
6b97025466 Protect buffer in psa_import_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
David Horstmann
3e7ef37e07
Merge pull request #1152 from tom-daubney-arm/backport_asymmetric_sign_buffer_protection 
[Backport] asymmetric sign buffer protection
 2024-02-02 10:04:37 +00:00
David Horstmann
90b94ff85f Allow GCM IV to be NULL if zero-length 
The operation will still return an error, but the assert-based
validation checks will pass. This allows GCM to work with buffer
copies / local inputs, which may be NULL when they are zero-length.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-01 19:38:22 +00:00
Thomas Daubney
f446b8917d Conditionally include exit label 
...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 13:36:01 +00:00
Thomas Daubney
c63e31af8b Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 13:33:14 +00:00
Thomas Daubney
290aac472a Implement safe buffer copying in asymmetric signature API 
Use local copy buffer macros to implement safe
copy mechanism in asymmetric signature API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:45:26 +00:00
David Horstmann
435118c0c0
Merge pull request #1163 from gabor-mezei-arm/bp228_buffer_sharing_copy_output_buffer 
[Backport] Add allocate and copy style output buffer protection
 2024-01-29 11:08:25 +00:00
Dave Rodgman
8e3a837e1b Remove already-assembled Changelog entries 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-26 10:29:00 +00:00
Dave Rodgman
9d52c713b2 Merge remote-tracking branch 'restricted/mbedtls-2.28' into mbedtls-2.28-restricted 2024-01-26 10:27:26 +00:00
Dave Rodgman
1b9cea30b1
Merge pull request #1159 from daverodgman/mbedtls-2.28.7rc 
Mbedtls 2.28.7rc
 2024-01-25 12:21:38 +00:00
Gabor Mezei
3b0c371c04
Add allocate and copy style output buffer handling 
Add a new macro `LOCAL_OUTPUT_ALLOC_WITH_COPY` to support the output buffer
handling of the multipart operations like `psa_cipher_update`. This will
allocate a local buffer and copy the content of the original buffer.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-01-24 17:28:33 +01:00
David Horstmann
436b2ef633 Generate poisoning wrappers for AEAD 
Modify wrapper generation script to generate poisoning calls and
regenerate wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 14:58:05 +00:00
David Horstmann
6baf6e9a06 Add buffer copying to psa_aead_decrypt() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 14:58:05 +00:00