mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 13:20:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
27,596 Commits 172 Branches 267 Tags
Commit Graph

27596 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
70fda48670 Add full round-trip tests for buffer copying 
Test that a buffer pair can be created with psa_crypto_alloc_and_copy()
and destroyed with psa_crypto_copy_and_free() correctly.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:39:42 +00:00
David Horstmann
5b9c21756a Add test case for overlapping buffers 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:39:42 +00:00
David Horstmann
72ab8ad44a Reject zero-lengths in psa_crypto_copy_and_free() 
Zero-length buffers should be represented in the
psa_crypto_buffer_copy_t struct as NULL if it was created in
psa_crypto_alloc_and_copy(), so reject non-NULL zero-length buffers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:39:42 +00:00
David Horstmann
2b79cbaa17 Reject NULL original_output with non-NULL output 
If we have a copy buffer but no original to copy back to, there is not
much sensible we can do. The psa_crypto_buffer_copy_t state is invalid.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:39:42 +00:00
David Horstmann
f4bbb632cd Add implementation of psa_crypto_copy_and_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:39:42 +00:00
David Horstmann
9700876520 Add testcases for psa_crypto_copy_and_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:39:37 +00:00
David Horstmann
0fee689e57 Simplify zero-length buffers to always be NULL 
Since it is implementation-dependent whether
malloc(0) returns NULL or a pointer, explicitly
represent zero-length buffers as NULL in the
buffer-copy struct, so as to have a uniform
behaviour.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:33:17 +00:00
David Horstmann
03b0472413 Zero-length test for psa_crypto_alloc_and_copy() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:33:17 +00:00
David Horstmann
f06ac88284 Add extra testcases for buffer copying 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:33:17 +00:00
David Horstmann
83eef383c7 Add implementation of psa_crypto_alloc_and_copy() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:33:17 +00:00
David Horstmann
24f11f9cc7 Add testcases for psa_crypto_alloc_and_copy() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:33:08 +00:00
David Horstmann
1d838b27b1 Add buffers struct and prototypes for alloc API 
Add function prototypes for psa_crypto_alloc_and_copy() and
psa_crypto_alloc_and_free(), along with the necessary state struct.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 18:25:36 +00:00
David Horstmann
8978f5c32a Add implementation of psa_crypto_copy_output() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 17:16:36 +00:00
David Horstmann
2f96423147 Add testcases for psa_crypto_copy_output() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 17:16:25 +00:00
David Horstmann
fde97394a0 Add implementation of psa_crypto_copy_input() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 17:15:35 +00:00
David Horstmann
0b241ee584 Add testcases for psa_crypto_copy_input() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-02 17:15:30 +00:00
David Horstmann
af45b8333a Add function prototypes for copying functions 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 20:40:44 +00:00
Gilles Peskine
df62f1a010
Merge pull request #1106 from gilles-peskine-arm/psa-shared-buffers-requirements 
PSA shared buffers requirements
 2023-10-17 20:38:00 +02:00
Gilles Peskine
8ebeb9c180 Test for read-read inconsistency with mprotect and ptrace/gdb 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-16 18:37:02 +02:00
Gilles Peskine
87889ebe86 Fix editorial error with semantic consequences 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-16 15:40:02 +02:00
Gilles Peskine
a3ce6437bf Typos 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-16 15:39:37 +02:00
Gilles Peskine
1f2802c403 Suggest validating copy by memory poisoning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 21:49:17 +02:00
Gilles Peskine
6998721c69 Add a section skeleton for copy bypass 
It's something we're likely to want to do at some point.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:05:32 +02:00
Gilles Peskine
7bc1bb65e9 Short explanations of what is expected in the design sections 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:05:25 +02:00
Gilles Peskine
35de1f7a7d Distinguish whole-message signature from other asymmetric cryptography 
Whole-message signature may process the message multiple times (EdDSA
signature does it).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:04:16 +02:00
Gilles Peskine
9cad3b3a70 Design change for cipher/AEAD 
There are many reasons why a driver might violate the security requirements
for plaintext or ciphertext buffers, so mandate copying.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:03:18 +02:00
Gilles Peskine
2859267a27 Clarify terminology: built-in driver 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:02:00 +02:00
Gilles Peskine
db00543b3a Add a section on write-read feedback 
It's a security violation, although it's not clear whether it really needs
to influence the design.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 19:57:53 +02:00
Gilles Peskine
352095ca86 Simplify the relaxed output-output rule 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 19:56:22 +02:00
Gilles Peskine
60c453ee72 Expand explanations of the vulnerabilities 
Add a few more examples.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 19:07:56 +02:00
Gilles Peskine
8daedaeac9 Fix typos and copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 18:47:29 +02:00
Gilles Peskine
73cb6f85a5
Merge pull request #8360 from Mbed-TLS/revert-8352-iar-fixes 
Revert "Fix a few IAR warnings" which breaks the CI
 2023-10-13 13:11:40 +00:00
Gilles Peskine
97a6231b5c
Revert "Fix a few IAR warnings" 2023-10-13 11:39:53 +02:00
Dave Rodgman
2d67e3a07b
Merge pull request #8352 from daverodgman/iar-fixes 
Fix a few IAR warnings
 2023-10-13 09:20:28 +01:00
Tom Cosgrove
71f2e398bd
Merge pull request #8345 from mcagriaksoy/branch_issue_8344 
Add missing casting size_t to int on ssl_tls13_keys.c
 2023-10-12 18:39:33 +00:00
Dave Rodgman
584c8108b3 Use a block to save 12b 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:55:23 +01:00
Dave Rodgman
351a81c65d Keep initialisation of p in its original location 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:36:05 +01:00
Dave Rodgman
bcb1818e19 Fix IAR 'transfer of control bypasses initialization' warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:23:11 +01:00
Gilles Peskine
f7806ca782 Analyze requirements for protection of arguments in shared memory 
Propose a dual-approach strategy where some buffers are copied and others
can remain shared.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-12 16:00:11 +02:00
Dave Rodgman
54bb76e106
Merge pull request #8348 from kasjer/kasjer/aes-rcon-rename 
Rename local variable in aes.c
 2023-10-12 12:30:35 +00:00
Gilles Peskine
bb5d907aa9 Automatically pick up all Markdown files 
Assume GNU make. We already do with the toplevel makefile.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-11 20:47:44 +02:00
Bence Szépkúti
9b0c8164eb
Merge pull request #8330 from KloolK/extern-c 
Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled
 2023-10-11 16:19:39 +00:00
Jerzy Kasenberg
ee62fceade Rename local variable in aes.c 
This changes local variable name RCON to round_constants.

RCON being definition in xc32 compiler headers for some PIC32 register.
Without this change, mynewt project for PIC32 platform fails to build due to
macro redefinition.

This does not changes behavior of library in any way.

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
 2023-10-11 16:36:24 +02:00
Mehmet Cagri Aksoy
56e9011bde Add casting size_t to int 
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
 2023-10-11 15:28:06 +02:00
Mehmet Cagri Aksoy
66f9b3f810 Add casting size_t to int 
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
 2023-10-11 15:26:23 +02:00
Tom Cosgrove
3c1cdc9061
Merge pull request #8185 from yanrayw/aes_benchmark_cfb 
Benchmark: add AES_CFB128 and AES_CFB8
 2023-10-11 09:48:27 +00:00
Bence Szépkúti
cffd7135c6
Merge pull request #8328 from yanrayw/sha256_context_guard 
sha256_context: guard is224 by MBEDTLS_SHA224_C
 2023-10-11 09:13:33 +00:00
Ronald Cron
a89d2ba132
Merge pull request #8327 from ronald-cron-arm/adapt-psa-crypto-repo-name 
Adapt to new PSA Crypto repo name
 2023-10-11 06:45:30 +00:00
Ronald Cron
7871cb14a7 Include psa/build_info.h instead of mbedtls/build_info.h 
In PSA headers include psa/build_info.h instead
of mbedtls/build_info.h. In Mbed TLS, both are
equivalent but not in TF-PSA-Crypto where
psa/build_info.h is the correct one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-10-10 09:35:22 +02:00
Jan Bruckner
946720aac5 Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-10-09 16:53:41 +02:00