cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-12 00:26:27 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,600 Commits 7 Branches 115 Tags
Commit Graph

18600 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Daubney
6b91503602 Generate test wrappers for MAC functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:43 +00:00
Thomas Daubney
324f7de1dd Implement safe buffer copying in MAC API 
Use buffer local copy macros to implement safe
copy mechanism in MAC API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:20:39 +00:00
Thomas Daubney
cbf0921530 Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:41 +00:00
Thomas Daubney
5e6b84ae12 Conditionally include exit label 
...on hash functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:41 +00:00
Thomas Daubney
ebf9329d88 Generate test wrappers for hash functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:38 +00:00
Thomas Daubney
62cb36a5f2 Implement safe buffer copying in hash API 
Use local copy buffer macros to implement safe
copy mechanism in hash API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:50:51 +00:00
Ryan Everett
d0d12fb42f
Conditionally guard exit label to deter unused label error 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-12 09:19:29 +00:00
Ryan Everett
6c9e69d53b Add key derivation testing wrappers 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:23:25 +00:00
Ryan Everett
6f68206b18 Add buffer copying to psa_key_derivation_input_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:18:39 +00:00
Ryan Everett
08bd24635d Add buffer copying to psa_key_derivation_output_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:15:32 +00:00
David Horstmann
4fc2b9b80f
Merge pull request #1175 from davidhorstmann-arm/cipher-multipart-test-fix-backport 
[Backport 2.28] Fix a multipart test that overwrites the same buffer twice
 2024-02-07 17:18:52 +00:00
David Horstmann
7274590ef6 Update buffer start and length in multipart test 
This fixes a test failure in which the buffer was not properly filled.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:15:52 +00:00
David Horstmann
448bc018d0 Add testcase to fail multipart cipher tests 
Encrypt more than 2 blocks of data, causing both update() calls to
output data as well as the call to finish().

This exposes a test bug where the pointer to a buffer is not updated
as it is filled with data.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:15:51 +00:00
Dave Rodgman
5a2e95dcfa
Merge pull request #1164 from daverodgman/update-2.28-restricted 2024-02-02 17:45:18 +00:00
David Horstmann
8f7a5f6682
Merge pull request #1157 from Ryan-Everett-arm/key-management-buffer-protection-backport 
[Backport] Key management buffer protection
 2024-02-02 17:43:34 +00:00
Ryan Everett
081803d6ec Remove unnecessary dependencies from psa_crypto_helpers.h 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
c8b6c05014 Update tests/scripts/generate_psa_wrappers.py 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
cb4f855456 Fix line-too-long in script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
810421ccc6 Re-add cipher_encrypt buffer copying 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
3a4153a768 Conditionally guard exit label to stop unused label error 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
dcbc1d3750 Generate test wrappers for key management 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
30827915a4 Protect buffer in psa_export_public_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
e3e760cddb Protect buffer in psa_export_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
6b97025466 Protect buffer in psa_import_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
David Horstmann
3e7ef37e07
Merge pull request #1152 from tom-daubney-arm/backport_asymmetric_sign_buffer_protection 
[Backport] asymmetric sign buffer protection
 2024-02-02 10:04:37 +00:00
David Horstmann
90b94ff85f Allow GCM IV to be NULL if zero-length 
The operation will still return an error, but the assert-based
validation checks will pass. This allows GCM to work with buffer
copies / local inputs, which may be NULL when they are zero-length.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-01 19:38:22 +00:00
Thomas Daubney
f446b8917d Conditionally include exit label 
...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 13:36:01 +00:00
Thomas Daubney
c63e31af8b Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 13:33:14 +00:00
Thomas Daubney
290aac472a Implement safe buffer copying in asymmetric signature API 
Use local copy buffer macros to implement safe
copy mechanism in asymmetric signature API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:45:26 +00:00
David Horstmann
435118c0c0
Merge pull request #1163 from gabor-mezei-arm/bp228_buffer_sharing_copy_output_buffer 
[Backport] Add allocate and copy style output buffer protection
 2024-01-29 11:08:25 +00:00
Dave Rodgman
8e3a837e1b Remove already-assembled Changelog entries 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-26 10:29:00 +00:00
Dave Rodgman
9d52c713b2 Merge remote-tracking branch 'restricted/mbedtls-2.28' into mbedtls-2.28-restricted 2024-01-26 10:27:26 +00:00
Dave Rodgman
1b9cea30b1
Merge pull request #1159 from daverodgman/mbedtls-2.28.7rc 
Mbedtls 2.28.7rc
 2024-01-25 12:21:38 +00:00
Gabor Mezei
3b0c371c04
Add allocate and copy style output buffer handling 
Add a new macro `LOCAL_OUTPUT_ALLOC_WITH_COPY` to support the output buffer
handling of the multipart operations like `psa_cipher_update`. This will
allocate a local buffer and copy the content of the original buffer.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-01-24 17:28:33 +01:00
David Horstmann
436b2ef633 Generate poisoning wrappers for AEAD 
Modify wrapper generation script to generate poisoning calls and
regenerate wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 14:58:05 +00:00
David Horstmann
6baf6e9a06 Add buffer copying to psa_aead_decrypt() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 14:58:05 +00:00
David Horstmann
21c1a94813 Copy buffers in psa_aead_encrypt() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 14:58:05 +00:00
David Horstmann
001ae3349d
Merge pull request #1143 from davidhorstmann-arm/memory-poisoning-runtime-enable-2.28 
[Backport 2.28] Enable and disable memory poisoning at runtime
 2024-01-24 14:46:52 +00:00
David Horstmann
7dfb6121fc Remove _Thread_local variable for 2.28 
We do not intend to support multithreaded testing in 2.28, so
introducing a C11 feature here is an unnecessary burden.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-23 15:35:20 +00:00
Dave Rodgman
2866a6bb20 Merge remote-tracking branch 'restricted/mbedtls-2.28' into mbedtls-2.28.7rc 2024-01-22 16:48:18 +00:00
Dave Rodgman
555f84735a Update BRANCHES.md 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 16:47:55 +00:00
Dave Rodgman
f154831067 bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 16:47:12 +00:00
Dave Rodgman
e557764cf3 Assemble changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 16:46:41 +00:00
Paul Elliott
634748da23 Add Changelog for #8687 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-01-22 16:00:33 +00:00
Jonathan Winzig
e90cbc3d12 Fix Issue #8687 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 16:00:07 +00:00
Jonathan Winzig
d78496cccf Add tests for Issue #8687 
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
 2024-01-22 16:00:07 +00:00
Janos Follath
4a606d6f3f Update Marvin fix Changelog entry 
Upon further consideration we think that a remote attacker close to the
victim might be able to have precise enough timing information to
exploit the side channel as well. Update the Changelog to reflect this.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:59:22 +00:00
Janos Follath
80a12f86f9 Add new internal header to visualc project 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:58:57 +00:00
Janos Follath
1a9a69778e Fix 'missing prototype' warnings 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:58:57 +00:00
Janos Follath
8cdb6064de Align Montgomery init with development 
The signature and naming of the Montgomrey initialisation function in
development and in the LTS was different. Align them for easier
readability and maintenance.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:58:57 +00:00