polarssl

mirror of https://github.com/cuberite/polarssl.git synced 2025-09-08 14:49:59 -04:00

Author	SHA1	Message	Date
Thomas Daubney	f298f657c4	Fix code style Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:21:46 +00:00
Thomas Daubney	2bb3a1fa25	Conditionally include exit label ...on functions where the label was only added due to the modifications required by this PR. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:21:46 +00:00
Thomas Daubney	6b91503602	Generate test wrappers for MAC functions Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:21:43 +00:00
Thomas Daubney	324f7de1dd	Implement safe buffer copying in MAC API Use buffer local copy macros to implement safe copy mechanism in MAC API. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:20:39 +00:00
David Horstmann	4fc2b9b80f	Merge pull request #1175 from davidhorstmann-arm/cipher-multipart-test-fix-backport [Backport 2.28] Fix a multipart test that overwrites the same buffer twice	2024-02-07 17:18:52 +00:00
David Horstmann	7274590ef6	Update buffer start and length in multipart test This fixes a test failure in which the buffer was not properly filled. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 17:15:52 +00:00
David Horstmann	448bc018d0	Add testcase to fail multipart cipher tests Encrypt more than 2 blocks of data, causing both update() calls to output data as well as the call to finish(). This exposes a test bug where the pointer to a buffer is not updated as it is filled with data. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 17:15:51 +00:00
Dave Rodgman	5a2e95dcfa	Merge pull request #1164 from daverodgman/update-2.28-restricted	2024-02-02 17:45:18 +00:00
David Horstmann	8f7a5f6682	Merge pull request #1157 from Ryan-Everett-arm/key-management-buffer-protection-backport [Backport] Key management buffer protection	2024-02-02 17:43:34 +00:00
Ryan Everett	081803d6ec	Remove unnecessary dependencies from psa_crypto_helpers.h Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	c8b6c05014	Update tests/scripts/generate_psa_wrappers.py Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	cb4f855456	Fix line-too-long in script Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	810421ccc6	Re-add cipher_encrypt buffer copying Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	3a4153a768	Conditionally guard exit label to stop unused label error Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	dcbc1d3750	Generate test wrappers for key management Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	30827915a4	Protect buffer in psa_export_public_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	e3e760cddb	Protect buffer in psa_export_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
Ryan Everett	6b97025466	Protect buffer in psa_import_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:50:51 +00:00
David Horstmann	3e7ef37e07	Merge pull request #1152 from tom-daubney-arm/backport_asymmetric_sign_buffer_protection [Backport] asymmetric sign buffer protection	2024-02-02 10:04:37 +00:00
Thomas Daubney	f446b8917d	Conditionally include exit label ...on functions where the label was only added due to the modifications required by this PR. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-01-30 13:36:01 +00:00
Thomas Daubney	c63e31af8b	Generate test wrappers Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-01-30 13:33:14 +00:00
Thomas Daubney	290aac472a	Implement safe buffer copying in asymmetric signature API Use local copy buffer macros to implement safe copy mechanism in asymmetric signature API. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-01-30 12:45:26 +00:00
David Horstmann	435118c0c0	Merge pull request #1163 from gabor-mezei-arm/bp228_buffer_sharing_copy_output_buffer [Backport] Add allocate and copy style output buffer protection	2024-01-29 11:08:25 +00:00
Dave Rodgman	8e3a837e1b	Remove already-assembled Changelog entries Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-26 10:29:00 +00:00
Dave Rodgman	9d52c713b2	Merge remote-tracking branch 'restricted/mbedtls-2.28' into mbedtls-2.28-restricted	2024-01-26 10:27:26 +00:00
Dave Rodgman	1b9cea30b1	Merge pull request #1159 from daverodgman/mbedtls-2.28.7rc Mbedtls 2.28.7rc	2024-01-25 12:21:38 +00:00
Gabor Mezei	3b0c371c04	Add allocate and copy style output buffer handling Add a new macro `LOCAL_OUTPUT_ALLOC_WITH_COPY` to support the output buffer handling of the multipart operations like `psa_cipher_update`. This will allocate a local buffer and copy the content of the original buffer. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-01-24 17:28:33 +01:00
David Horstmann	001ae3349d	Merge pull request #1143 from davidhorstmann-arm/memory-poisoning-runtime-enable-2.28 [Backport 2.28] Enable and disable memory poisoning at runtime	2024-01-24 14:46:52 +00:00
David Horstmann	7dfb6121fc	Remove _Thread_local variable for 2.28 We do not intend to support multithreaded testing in 2.28, so introducing a C11 feature here is an unnecessary burden. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-01-23 15:35:20 +00:00
Dave Rodgman	2866a6bb20	Merge remote-tracking branch 'restricted/mbedtls-2.28' into mbedtls-2.28.7rc	2024-01-22 16:48:18 +00:00
Dave Rodgman	555f84735a	Update BRANCHES.md Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-22 16:47:55 +00:00
Dave Rodgman	f154831067	bump version Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-22 16:47:12 +00:00
Dave Rodgman	e557764cf3	Assemble changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-22 16:46:41 +00:00
Paul Elliott	634748da23	Add Changelog for #8687 Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-22 16:00:33 +00:00
Jonathan Winzig	e90cbc3d12	Fix Issue #8687 Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 16:00:07 +00:00
Jonathan Winzig	d78496cccf	Add tests for Issue #8687 Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 16:00:07 +00:00
Janos Follath	4a606d6f3f	Update Marvin fix Changelog entry Upon further consideration we think that a remote attacker close to the victim might be able to have precise enough timing information to exploit the side channel as well. Update the Changelog to reflect this. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:59:22 +00:00
Janos Follath	80a12f86f9	Add new internal header to visualc project Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	1a9a69778e	Fix 'missing prototype' warnings Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	8cdb6064de	Align Montgomery init with development The signature and naming of the Montgomrey initialisation function in development and in the LTS was different. Align them for easier readability and maintenance. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	f10bfbbe74	Add Changelog for the Marvin attack fix Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	eaeff5b75a	Add warning for PKCS 1.5 decryption Any timing variance dependant on the output of this function enables a Bleichenbacher attack. It is extremely difficult to use safely. In the Marvin attack paper (https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf) the author suggests that implementations of PKCS 1.5 decryption that don't include a countermeasure should be considered inherently dangerous. They suggest that all libraries implement the same countermeasure, as implementing different countermeasures across libraries enables the Bleichenbacher attack as well. This is extremely fragile and therefore we don't implement it. The use of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable. Add a warning to PKCS 1.5 decryption to warn users about this. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	601bffc4ce	Extend blinding to RSA result check Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	aa6760d7b5	Make RSA unblinding constant flow Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	4fe396f1e1	Move some bignum functions to internal header We will need a couple of low level functions to implement safe unblinding in RSA. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
Janos Follath	42175031ca	Move calculating RR into a separate function So far we needed it only locally here, but we will need calculating RR for safe unblinding in RSA as well. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:58:57 +00:00
David Horstmann	e7a84a67f4	Merge pull request #1135 from gilles-peskine-arm/psa-buffers-generate-wrappers-introduce-2.28 Backport 2.28: PSA wrappers with buffer poisoning for psa_cipher_encrypt	2024-01-19 15:13:02 +00:00
Tom Cosgrove	c7e208d2fa	Merge pull request #8662 from LocutusOfBorg/mbedtls-2.28 timing.c fix build failure with -O3 optimization level	2024-01-18 13:52:02 +00:00
Gianfranco Costamagna	d7768235da	Update library/timing.c Co-authored-by: Gilles Peskine <gilles.peskine@arm.com> Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>	2024-01-18 12:25:18 +01:00
David Horstmann	e7bfbc27bf	Add underflow check to UNPOISON counter decrement Make sure that extra UNPOISON calls do not cause the poisoning counter to underflow and wrap around. Memory that is unpoisoned multiple times should remain unpoisoned. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-01-17 15:37:54 +00:00

1 2 3 4 5 ...

18540 Commits