cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-07 22:27:01 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,668 Commits 7 Branches 115 Tags
Commit Graph

18668 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
43c128db3e Update wrapper generation script and regenerate 
Update the guards generated by the wrapper generation script to use
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS and regenerate the PSA test
wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 11:18:22 +00:00
David Horstmann
4201533196 Invert and rename config option 
Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse:
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer
protection is enabled by default without any change to the Mbed TLS
config file.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 11:17:56 +00:00
David Horstmann
b596eb644f
Merge pull request #1198 from tom-daubney-arm/backpot_buffer_sharing_cleanup 
[Backport] Buffer sharing cleanup
 2024-03-13 13:55:50 +00:00
David Horstmann
9a1e3e43e9
Merge pull request #1195 from davidhorstmann-arm/wrapper-generation-logic-invert 
[Backport 2.28] Flip logic of PSA memory poisoning generation
 2024-03-13 09:38:04 +00:00
Thomas Daubney
28fe6654d8 Remove LOCAL_OUTPUT_ALLOC_WITH_COPY 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-03-12 17:54:55 +00:00
Thomas Daubney
ca92831a60 Add missing semicolon 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-03-12 17:53:30 +00:00
David Horstmann
4698e692e8 Flip logic of PSA memory poisoning generation 
Change to excluding mbedtls_psa_inject_entropy() (not a PSA function)
rather than explicitly including every PSA function.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-12 14:15:38 +00:00
Gilles Peskine
4fef9337a9
Merge pull request #1189 from davidhorstmann-arm/buffer-sharing-merge-2.28 
Update mbedtls-2.28-restricted after buffer sharing work completion
 2024-03-12 11:36:14 +01:00
David Horstmann
f06494dc9e Merge branch 'mbedtls-2.28' into buffer-sharing-merge-2.28 2024-03-11 16:28:50 +00:00
David Horstmann
479448dbc8
Merge pull request #1182 from tom-daubney-arm/backport_key_agreement_buffer_protection 
[Backport] Implement safe buffer copying in key agreement
 2024-03-11 15:10:51 +00:00
tom-daubney-arm
7c89d1f8de
Merge branch 'mbedtls-2.28-restricted' into backport_key_agreement_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-03-06 17:35:59 +00:00
Thomas Daubney
9d0fe6e8df Fix issue with large allocation in tests 
In test_suite_psa_crypto_op_fail.generated.function
the function key_agreement_fail was setting the
public_key_length variable to SIZE_MAX which meant that
a huge allocation was being attempted.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-03-06 17:34:35 +00:00
David Horstmann
81a14e0dfd
Merge pull request #1168 from gabor-mezei-arm/bp228_buffer_protection_for_cipher 
[Backport] Buffer protection for cipher functions
 2024-03-05 18:43:01 +00:00
Gilles Peskine
5bc604f33c
Merge pull request #8873 from daverodgman/quietbuild-2.28 
Make builds less verbose - 2.28 backport
 2024-03-05 18:04:11 +00:00
Gilles Peskine
a19f6bfcad
Merge pull request #8823 from davidhorstmann-arm/fix-config-bitflag-2.28 
[Backport 2.28] Update `SSL_SERIALIZED_SESSION_CONFIG_BITFLAG` with new flags
 2024-03-05 13:17:43 +00:00
David Horstmann
fc8cacf9a2 Add missing config guards in comment 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-05 10:46:26 +00:00
Gabor Mezei
f3c3504f5a
Fix merge 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-03-04 17:17:51 +01:00
Gábor Mezei
26bbd8dd4e
Merge branch 'mbedtls-2.28-restricted' into bp228_buffer_protection_for_cipher 
Signed-off-by: Gábor Mezei <63054694+gabor-mezei-arm@users.noreply.github.com>
 2024-03-04 15:39:35 +00:00
David Horstmann
126dc1cd52
Merge pull request #1173 from davidhorstmann-arm/generate-random-buffer-protection-backport 
[Backport 2.28] Add secure buffer copying to `psa_generate_random()`
 2024-03-04 13:23:50 +00:00
Dave Rodgman
dff18da29a fix zlib test 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-01 15:53:52 +00:00
David Horstmann
f5a6fa2e4a Fix code style 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:31:35 +00:00
David Horstmann
ec8a5b175e Add ChangeLog entry for ssl serialization bitflags 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:19:00 +00:00
David Horstmann
11def97472 Fix naming inconsistencies in config bits 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:15:56 +00:00
David Horstmann
363db7759a Add config guards to ssl session comment 
Show which members of the session structure are dependent on
configuration options and which aren't.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:11:24 +00:00
Dave Rodgman
e264a7dcd1 Fix generate_visualc_files.pl 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 21:22:59 +00:00
Dave Rodgman
422f9bcea0 Fix formatting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 18:42:07 +00:00
Gabor Mezei
ff783e0bda
Do not copy the content to the local output buffer with allocation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:46:12 +00:00
Gabor Mezei
7f4b7dd382
Remove write check in driver wrappers tests 
This check is intended to ensure that we do not write intermediate
results to the shared output buffer. This check will be made obselete
by generic memory-poisoning-based testing for all functions.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:24 +00:00
Gabor Mezei
8677edda6e
Fix buffer protection handling for cipher_generate_iv 
Use the `LOCAL_OUTPUT_` macros for buffer protection instead of the existing
local variable.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:24 +00:00
Gabor Mezei
50bcca26b3
Update test wrapper functions for ciper buffer protection 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:23 +00:00
Gabor Mezei
282bb53edc
Add buffer protection for cipher_generate_iv and cipher_set_iv 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:23 +00:00
Gabor Mezei
ed96d687d7
Move local buffer allocation just before usage 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:50 +00:00
Gabor Mezei
69f680ac9c
Add LOCAL_OUTPUT_ALLOC_WITH_COPY macro if buffer protection is disabled 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:49 +00:00
Gabor Mezei
92905be298
Fix ASAN error for psa_cipher_update 
The ASAN gives an error for `psa_cipher_update` when the `input_length`
is 0 and the `input` buffer is `NULL`. The root cause of this issue is
`mbedtls_cipher_update` always need a valid pointer for the
input buffer even if the length is 0.
This fix avoids the `mbedtls_cipher_update` to be called if the
input buffer length is 0.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:49 +00:00
Gabor Mezei
143864c121
Add test wrapper functions for cipher buffer protection 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:49 +00:00
Gabor Mezei
13a15c2390
Add buffer protection for cipher functions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:03 +00:00
Dave Rodgman
9f1003b381 blank line for readability 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 15:01:29 +00:00
Dave Rodgman
7a659102f5 Use export to set VERBOSE_LOGS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:59:40 +00:00
David Horstmann
98397f0bba
Merge branch 'mbedtls-2.28-restricted' into generate-random-buffer-protection-backport 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 14:27:16 +00:00
David Horstmann
be49b6b239
Merge pull request #1154 from tom-daubney-arm/backport_asymmetric_encrypt_buffer_protection 
[Backport] Asymmetric encrypt buffer protection
 2024-02-29 14:17:10 +00:00
Dave Rodgman
f4aa1ce006 Fix docs 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:14:53 +00:00
Dave Rodgman
c2a27492bc simplify printf call 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:13:35 +00:00
Dave Rodgman
b93ae3b453 improve docs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
03b232ae4e Add editor hint for emacs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
7c84471ed7 Rename quiet to quiet.sh 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
04e0f41f08 Send printed command to stderr 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
cdf57d1ddc remove trailing space from printed command 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
f57529903d Improve simplified quoting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
a8e671d7bb remove shebang from quiet 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00
Dave Rodgman
043325d191 Improve docs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 14:11:50 +00:00