cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-17 11:08:28 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,575 Commits 7 Branches 115 Tags
Commit Graph

18575 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gabor Mezei
ff783e0bda
Do not copy the content to the local output buffer with allocation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:46:12 +00:00
Gabor Mezei
7f4b7dd382
Remove write check in driver wrappers tests 
This check is intended to ensure that we do not write intermediate
results to the shared output buffer. This check will be made obselete
by generic memory-poisoning-based testing for all functions.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:24 +00:00
Gabor Mezei
8677edda6e
Fix buffer protection handling for cipher_generate_iv 
Use the `LOCAL_OUTPUT_` macros for buffer protection instead of the existing
local variable.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:24 +00:00
Gabor Mezei
50bcca26b3
Update test wrapper functions for ciper buffer protection 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:23 +00:00
Gabor Mezei
282bb53edc
Add buffer protection for cipher_generate_iv and cipher_set_iv 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:44:23 +00:00
Gabor Mezei
ed96d687d7
Move local buffer allocation just before usage 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:50 +00:00
Gabor Mezei
69f680ac9c
Add LOCAL_OUTPUT_ALLOC_WITH_COPY macro if buffer protection is disabled 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:49 +00:00
Gabor Mezei
92905be298
Fix ASAN error for psa_cipher_update 
The ASAN gives an error for `psa_cipher_update` when the `input_length`
is 0 and the `input` buffer is `NULL`. The root cause of this issue is
`mbedtls_cipher_update` always need a valid pointer for the
input buffer even if the length is 0.
This fix avoids the `mbedtls_cipher_update` to be called if the
input buffer length is 0.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:49 +00:00
Gabor Mezei
143864c121
Add test wrapper functions for cipher buffer protection 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:49 +00:00
Gabor Mezei
13a15c2390
Add buffer protection for cipher functions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-29 16:41:03 +00:00
David Horstmann
be49b6b239
Merge pull request #1154 from tom-daubney-arm/backport_asymmetric_encrypt_buffer_protection 
[Backport] Asymmetric encrypt buffer protection
 2024-02-29 14:17:10 +00:00
tom-daubney-arm
24d60ad716
Merge branch 'mbedtls-2.28-restricted' into backport_asymmetric_encrypt_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-28 15:43:48 +00:00
David Horstmann
6b01954e09
Merge pull request #1150 from tom-daubney-arm/backport_mac_buffer_protection 
[Backport] - MAC buffer protection
 2024-02-26 19:06:45 +00:00
Thomas Daubney
be060f1e85 Suppress pylint 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-26 13:55:42 +00:00
tom-daubney-arm
8eafe1525d
Merge branch 'mbedtls-2.28-restricted' into backport_mac_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-22 15:28:49 +00:00
David Horstmann
0ce9589e36
Merge pull request #1133 from davidhorstmann-arm/copying-aead-2.28 
[Backport 2.28] Copy buffers in AEAD
 2024-02-20 16:07:36 +00:00
David Horstmann
a9cc4cd1cb
Merge pull request #1179 from Ryan-Everett-arm/key-derivation-buffer-protection-backport 
[Backport] Add buffer copying to the Key Derivation API
 2024-02-15 11:54:28 +00:00
David Horstmann
a2fd778868
Merge pull request #1148 from tom-daubney-arm/backport_hash_buffer_protection 
[Backport] - Hash buffer protection
 2024-02-13 18:17:57 +00:00
Thomas Daubney
2b614f9dad Generate all test wrappers 
One was missed due to typo

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 13:07:48 +00:00
Thomas Daubney
d8adccf45d Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 13:07:43 +00:00
Thomas Daubney
1a6137bbac Implement safe buffer copying in asymm. encryption 
Use local copy buffer macros to implement safe
copy mechanism in asymmetric encryption API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 13:03:16 +00:00
Thomas Daubney
480347d682 Add mac not NULL check before calling memset 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
301491d70c Modify allocation in sign_finish 
Allocate immediately after declaration.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
f298f657c4 Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
2bb3a1fa25 Conditionally include exit label 
...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:46 +00:00
Thomas Daubney
6b91503602 Generate test wrappers for MAC functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:21:43 +00:00
Thomas Daubney
324f7de1dd Implement safe buffer copying in MAC API 
Use buffer local copy macros to implement safe
copy mechanism in MAC API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:20:39 +00:00
Thomas Daubney
cbf0921530 Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:41 +00:00
Thomas Daubney
5e6b84ae12 Conditionally include exit label 
...on hash functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:41 +00:00
Thomas Daubney
ebf9329d88 Generate test wrappers for hash functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:51:38 +00:00
Thomas Daubney
62cb36a5f2 Implement safe buffer copying in hash API 
Use local copy buffer macros to implement safe
copy mechanism in hash API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:50:51 +00:00
Ryan Everett
d0d12fb42f
Conditionally guard exit label to deter unused label error 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-12 09:19:29 +00:00
Ryan Everett
6c9e69d53b Add key derivation testing wrappers 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:23:25 +00:00
Ryan Everett
6f68206b18 Add buffer copying to psa_key_derivation_input_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:18:39 +00:00
Ryan Everett
08bd24635d Add buffer copying to psa_key_derivation_output_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 16:15:32 +00:00
David Horstmann
4fc2b9b80f
Merge pull request #1175 from davidhorstmann-arm/cipher-multipart-test-fix-backport 
[Backport 2.28] Fix a multipart test that overwrites the same buffer twice
 2024-02-07 17:18:52 +00:00
David Horstmann
7274590ef6 Update buffer start and length in multipart test 
This fixes a test failure in which the buffer was not properly filled.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:15:52 +00:00
David Horstmann
448bc018d0 Add testcase to fail multipart cipher tests 
Encrypt more than 2 blocks of data, causing both update() calls to
output data as well as the call to finish().

This exposes a test bug where the pointer to a buffer is not updated
as it is filled with data.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:15:51 +00:00
Dave Rodgman
5a2e95dcfa
Merge pull request #1164 from daverodgman/update-2.28-restricted 2024-02-02 17:45:18 +00:00
David Horstmann
8f7a5f6682
Merge pull request #1157 from Ryan-Everett-arm/key-management-buffer-protection-backport 
[Backport] Key management buffer protection
 2024-02-02 17:43:34 +00:00
Ryan Everett
081803d6ec Remove unnecessary dependencies from psa_crypto_helpers.h 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
c8b6c05014 Update tests/scripts/generate_psa_wrappers.py 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
cb4f855456 Fix line-too-long in script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
810421ccc6 Re-add cipher_encrypt buffer copying 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
3a4153a768 Conditionally guard exit label to stop unused label error 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
dcbc1d3750 Generate test wrappers for key management 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
30827915a4 Protect buffer in psa_export_public_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
e3e760cddb Protect buffer in psa_export_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
Ryan Everett
6b97025466 Protect buffer in psa_import_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:50:51 +00:00
David Horstmann
3e7ef37e07
Merge pull request #1152 from tom-daubney-arm/backport_asymmetric_sign_buffer_protection 
[Backport] asymmetric sign buffer protection
 2024-02-02 10:04:37 +00:00