cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-08 06:40:16 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,385 Commits 7 Branches 115 Tags
Commit Graph

18385 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
7d68a1954c Protect against compiler optimizations 
GCC 5.4 optimized the write after poisoning (the surprising thing is that
11.4 doesn't).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
0c7d3eda0a Memory poisoning: meta-test writes as well as reads 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
014d89b782 Avoid unused variable warnings in some plausible usage 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
5e8740576c Use the existing definition of MBEDTLS_TEST_HAVE_ASAN 
A definition now exists in tests/helpers.h, which is a better place.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
d751406f8d Port to platforms where printf doesn't have %zu 
Reuse the existing abstraction from include/mbedtls/debug.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
ac8cd66bda Fix MSVC build failure 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
721a64463a Basic functional test for memory poisoning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
962c5da52a Fix memory poisoning with Asan on arbitrary byte boundaries 
Asan poisons memory with an 8-byte granularity. We want to make sure that
the whole specified region is poisoned (our typical use case is a
heap-allocated object, and we want to poison the whole object, and we don't
care about the bytes after the end of the object and up to the beginning of
the next object). So align the start and end of the region to (un)poison to
an 8-byte boundary.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
071d144a2e Add memory poisoning framework 
While an area of memory is poisoned, reading or writing from it triggers a
sanitizer violation.

Implemented for ASan.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
87270e5337 New files for memory-related test functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
242e4efcad Merge remote-tracking branch 'mbedtls-2.28' into mbedtls-2.28-restricted 2023-11-29 19:50:46 +01:00
Gilles Peskine
7655fd2d93
Merge pull request #8570 from yuhaoth/pr/fix-ciphersuite-list-wrong-for-mbedtls-2.28 
Backport 2.28: ssl-opt.sh: Fix getting the list of supported ciphersuites.
 2023-11-29 11:31:35 +00:00
Ronald Cron
ba77a66475 Align forced ciphersuite with test description 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:15:14 +08:00
Ronald Cron
6f2183f756 ssl-opt.sh: Remove unnecessary symmetric crypto dependencies 
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
   forced ciphersuite is available.
3) The fact that the forced ciphersuite is
   available implies that the symmetric
   cipher algorithm it uses is available as
   well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:15:12 +08:00
Ronald Cron
237e3f8e53 ssl-opt.sh: Fix some symmetric crypto dependencies 
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:13:50 +08:00
Ronald Cron
a8b474f42f ssl-opt.sh: Add a check of the list of supported ciphersuites 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:11:47 +08:00
Ronald Cron
46a660a2c5 ssl-opt.sh: Fix getting the list of supported ciphersuites. 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:11:17 +08:00
Dave Rodgman
806c27c5f4
Merge pull request #1126 from davidhorstmann-arm/psa-buffer-copy-fn-2.28 
[Backport 2.28] Implement buffer copying functions for PSA crypto
 2023-11-24 10:46:31 +00:00
David Horstmann
8e1f0d0d31 Improve description of psa_crypto_input_copy_alloc 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-23 16:04:11 +00:00
David Horstmann
0d52c71ccd Use initializers in alloc functions 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-23 16:04:11 +00:00
David Horstmann
45221ffdc4 Add casts to local input / output initializers 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-23 16:04:11 +00:00
Dave Rodgman
60dcdd1686
Merge pull request #8558 from gilles-peskine-arm/MBEDTLS_TEST_HAVE_xSAN-2.28 
Backport 2.28: Fix test_suite_platform failure with Asan on modern Clang
 2023-11-23 14:04:09 +00:00
Paul Elliott
20e76134ea
Merge pull request #8557 from gilles-peskine-arm/metatest-gcc-12-2.28 
Backport 2.28: Fix metatest.c with gcc-12 -Wuse-after-free
 2023-11-23 11:09:24 +00:00
Gilles Peskine
c3a9bdb2b5 Detect enabled GCC/Clang sanitizers 
Occasionally we want tests to take advantage of sanitizers, or work around
them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 18:00:31 +01:00
Gilles Peskine
e9616fdbc9 Fix the build with gcc-12 -Wuse-after-free 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:37:57 +01:00
David Horstmann
1a76ab1c34 Rename "output_copy" -> "local_output" 
This helps to prevent confusion as it avoids overloading the word
"copy" as both an action and an object.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:09:04 +00:00
David Horstmann
81a0d57e36 Rename "input_copy" -> "local_input" 
This helps to prevent confusion as it avoids overloading the word
"copy" as both an action and an object.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:09:02 +00:00
David Horstmann
48ffb93d7f De-abbreviate "len" -> "length" 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
232ab25bcd Change psa_crypto_copy_output error code 
When we are copying output, it makes sense to return
PSA_ERROR_BUFFER_TOO_SMALL since the buffer we are copying to is a user
output buffer.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
34c434a3ca Add initializers for input / output copies 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
37e3fc6c76 Remove unnecessary checks for NULL-ness of copies 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
d79d5e7ed0 Check for len == 0 rather than buffer == NULL 
This makes the intention clearer

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
c3be8cb24a Fix code style in psa_crypto_core.h 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
2d730c015e Compare buffers even for zero-length cases 
This enables us to test that lengths are correctly zero when the buffer
pointer is NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
0ee4d18bc6 Use TEST_CALLOC_NONNULL 
Check that input/output copying works for zero-length NULL input
buffers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
e8a92227dc Change data pattern to simpler one 
Just use the index modulo 256, as this has a greater stride and is
simpler to use.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
726bf058fe Remove redundant NULL check 
A NULL buffer with a non-zero length is an internal error, so just
check the length.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
660027f310 Skip call to memcpy if buffer length is zero 
This allows the copy functions to work when passed a (NULL, 0) buffer.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
df49355faa Make copy functions static-testable 
This allows greater compiler optimisation.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:29 +00:00
David Horstmann
761761ff64 Fix unintentional direct use of memcpy() 
Change psa_crypto_output_copy_free() to use psa_crypto_copy_output()
rather than calling memcpy directly as was erroneously done previously.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
ba65bd79e8 Add output round-trip testcase 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
aca210d4c7 Add input round-trip testcase 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
aeeb2740a9 Add psa_crypto_output_copy_free() implementation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
3bc1316ceb Add testcase for psa_crypto_output_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
953cd5b372 Add implementation of psa_crypto_output_alloc() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
1acf7afa83 Add testcase for psa_crypto_output_copy_alloc() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
b80367e3b4 Add function prototypes for psa_crypto_output fns 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
fa2d75d30a Add implementation of psa_crypto_input_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
6790a6d36f Add testcase for psa_crypto_input_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00
David Horstmann
8d9d4fe20d Add psa_crypto_input_copy_alloc() implementation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 14:59:17 +00:00