cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-03 10:34:16 -04:00
Code Issues Packages Projects Releases Wiki Activity
29,394 Commits 7 Branches 115 Tags
Commit Graph

29394 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
38e4e9c499 Add explicit UNPOISON calls to memory tests 
These are needed to allow them to operate on buffer copies without
triggering ASan use-after-poison detection.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-11 17:58:56 +00:00
David Horstmann
372b8bb6c5 Add memory poisoning hooks 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-11 17:58:56 +00:00
David Horstmann
dbbfdabfd8
Merge pull request #1121 from gilles-peskine-arm/psa-buffers-test-poison 
Memory poisoning function for Asan
 2023-12-11 17:56:13 +00:00
Xiaokang Qian
a9581d2d5f Fix CI failure of uninitialized fp 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-11 01:50:34 +00:00
Tom Cosgrove
656d4b3c74 Avoid use of ip_len as it clashes with a macro in AIX system headers 
Fixes #8624

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-12-08 21:51:15 +00:00
David Horstmann
e04a97a1eb Move MPI initialization to start of function 
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-08 18:34:15 +00:00
Paul Elliott
0f60c673f0
Merge pull request #8619 from davidhorstmann-arm/fix-selftest-doublefree 
Fix potential double-free in calloc selftest
 2023-12-08 12:23:13 +00:00
Xiaokang Qian
aedfc0932b Revert to ae952174a7 and addressing some comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-08 10:43:24 +00:00
Thomas Daubney
f05b768457 Use existing variable containing full path 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-08 09:47:48 +00:00
Pengyu Lv
f75893bb36 Update comments 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:40:00 +08:00
Pengyu Lv
d90fbf7769 Adjuest checks in generate_key_rsa suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:30:33 +08:00
Pengyu Lv
e9efbc2aa5 Error out when get domain_parameters is not supported 
From time being, domain_parameters could not be extracted
from driver. We need to return error to indicate this
situation. This is temporary and would be fixed after #6494.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:30:26 +08:00
Janos Follath
f7f88d6443 Fix style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-08 08:41:08 +00:00
Janos Follath
8209ff335e Make local function static 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-08 08:41:08 +00:00
Janos Follath
aa5cc7b930 Add Changelog for the Marvin attack fix 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-08 08:41:08 +00:00
Pengyu Lv
94a42ccb3e Add tls13 in ticket flags helper function names 
```
sed -i \
"s/\(mbedtls_ssl\)_\(session_\(\w*_\)\?ticket\)/\1_tls13_\2/g" \
library/*.[ch]
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 11:12:46 +08:00
Yanray Wang
e9be2a259e fix-tls13-server-min-version-check.txt: rephrase ChangeLog 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:41 +08:00
Yanray Wang
90acdc65e5 tl13: srv: improve comment 
Improve comment when received version 1.2 of the protocol while TLS
1.2 is disabled on server side.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:38 +08:00
Yanray Wang
2bef917a3c tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:35 +08:00
Yanray Wang
177e49ad7a tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:33 +08:00
Yanray Wang
408ba6f7b8 tls13: srv: replace with internal API to check is_tls12_enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:30 +08:00
Pengyu Lv
abd844f379 Fix wrong format in the function doc 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
02e72f65da Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
bc4aab7673 Add "_is_" to functions ssl_tls13_key_exchange_.*_available 
Done by command:

```
sed -i \
"s/ssl_tls13_key_exchange_\(.*\)_available/ssl_tls13_key_exchange_is_\1_available/g" \
library/*.[ch]
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
b2cfafbb9e Consistent renaming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
2333b826f4 tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes 
The function is renamed to
`mbedtls_ssl_tls13_is_kex_mode_supported` and
the behaviour is reversed.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
0a1ff2b969 Consistent renaming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
4f537f73fa tls13: rename mbedtls_ssl_session_check_ticket_flags 
The function is renamed to mbedtls_ssl_session_ticket_has_flags.
Descriptions are added.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
d72e858fd1 tls13: srv: rename ssl_tls13_ticket_permission_check 
The function is renamed to
ssl_tls13_ticket_is_kex_mode_permitted

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
fc2cb9632b tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes 
The function is renamed to
mbedtls_ssl_conf_tls13_is_kex_mode_enabled.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
60a22567e4 tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes 
To keep the convention in TLS code, check functions should return 0
when check is successful.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
981ec14744 tls13: rename ssl_tls13_check_*_key_exchange functions 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Waleed Elmelegy
419f841511 Skip checking on maximum fragment length during handshake 
MbedTLS currently does not support maximum fragment length
during handshake so we skip it for now.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-07 18:33:42 +00:00
David Horstmann
64cd2f21ed Fix potential double-free in calloc selftest 
Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-07 14:26:44 +00:00
Ryan Everett
177a45f556 Small clarifications in documentation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:24:30 +00:00
Manuel Pégourié-Gonnard
b8c4254f44 Update cipher light -> block cipher definition 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:12:39 +01:00
Ryan Everett
204c852442 Move psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
1e9733c6a8 Add graph 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
9f06681cb4 Update psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Manuel Pégourié-Gonnard
303121eb16 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:05:07 +01:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst 
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
 2023-12-07 09:25:35 +00:00
Pengyu Lv
abeca020d8 Remove test_psa_crypto_config_accel_rsa_signature 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:25:15 +08:00
Pengyu Lv
98a90c6542 Fix various issue 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-07 17:23:25 +08:00
Xiaokang Qian
dce183f2e2 Remove the duplicate cases and add early_data_file option 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 09:22:38 +00:00
Xiaokang Qian
963468035d Add the test framework of early data 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 09:19:43 +00:00
Xiaokang Qian
daddfb520d Open the file once read in the file path 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 08:14:30 +00:00
Xiaokang Qian
864c62a906 Add one test case with early_data_file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 06:11:38 +00:00
Xiaokang Qian
35c026c09e Read early data file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 06:10:34 +00:00
Xiaokang Qian
dd8a7f8acf Revert the early data test case 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:58:05 +00:00
Xiaokang Qian
2a8035b495 Add read early data code 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-12-07 03:54:40 +00:00