mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-10 13:14:30 +00:00

Author	SHA1	Message	Date
Gábor Mezei	716cf2d4e0	Merge branch 'development-restricted' into buffer_protection_for_cipher Signed-off-by: Gábor Mezei <63054694+gabor-mezei-arm@users.noreply.github.com>	2024-03-04 15:38:05 +00:00
David Horstmann	c5688a2629	Merge branch 'development-restricted' into generate-random-buffer-protection Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-29 14:25:56 +00:00
Gabor Mezei	0b04116cc8	Do not copy the content to the local output buffer with allocation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-29 10:08:16 +00:00
tom-daubney-arm	840dfe8b41	Merge branch 'development-restricted' into asymmetric_encrypt_buffer_protection Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>	2024-02-28 15:42:38 +00:00
Gabor Mezei	358eb218ab	Fix buffer protection handling for `cipher_generate_iv` Use the `LOCAL_OUTPUT_` macros for buffer protection instead of the existing local variable. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-28 15:17:19 +00:00
Gabor Mezei	7abf8ee51b	Add buffer protection for `cipher_generate_iv` and `cipher_set_iv` Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-28 15:17:18 +00:00
Gabor Mezei	8b8e485961	Move local buffer allocation just before usage Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-28 15:17:18 +00:00
Gabor Mezei	4892d75e9b	Add `LOCAL_OUTPUT_ALLOC_WITH_COPY` macro if buffer protection is disabled Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-28 15:17:17 +00:00
Gabor Mezei	c25fbd2cc1	Fix ASAN error for `psa_cipher_update` The ASAN gives an error for `psa_cipher_update` when the `input_length` is 0 and the `input` buffer is `NULL`. The root cause of this issue is `mbedtls_cipher_update` always need a valid pointer for the input buffer even if the length is 0. This fix avoids the `mbedtls_cipher_update` to be called if the input buffer length is 0. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-28 15:17:17 +00:00
Gabor Mezei	212eb08884	Add buffer protection for cipher functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-02-28 15:15:49 +00:00
David Horstmann	e097bbdcf3	Add missing guards around exit label Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-28 14:17:10 +00:00
David Horstmann	6e99bb203f	Add buffer copying to psa_generate_random() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-26 17:12:34 +00:00
tom-daubney-arm	5cd611d144	Merge branch 'development-restricted' into mac_buffer_protection Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>	2024-02-22 15:26:06 +00:00
David Horstmann	cf3457ef26	Merge pull request #1132 from davidhorstmann-arm/copying-aead Copy buffers in AEAD	2024-02-20 16:07:30 +00:00
David Horstmann	b539126670	Merge pull request #1156 from Ryan-Everett-arm/key-derivation-buffer-protection Add buffer copying to the Key Derivation API	2024-02-15 11:54:20 +00:00
Thomas Daubney	6adbb2a351	Implement safe buffer copying in asymm. encryption Use local copy buffer macros to implement safe copy mechanism in asymmetric encryption API. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:48:36 +00:00
Thomas Daubney	03f1ea3624	Change condition on wiping tag buffer Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:07:38 +00:00
Thomas Daubney	1ffc5cb4a5	Modify allocation and buffer wiping in sign_finish Allocate immediately after declaration and only wipe tag buffer if allocation didn't fail. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:07:38 +00:00
Thomas Daubney	7480a74cba	Fix code style Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:07:38 +00:00
Thomas Daubney	c6705c6cb2	Conditionally include exit label ... on MAC functions where the label was only added due to the modifications required by this PR. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:07:38 +00:00
Thomas Daubney	8db8d1a83e	Implement safe buffer copying in MAC API Use buffer local copy macros to implement safe copy mechanism in MAC API. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 12:07:02 +00:00
Thomas Daubney	d2411565ce	Fix code style Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 11:43:07 +00:00
Thomas Daubney	dedd1006b6	Conditionally include exit label ...on hash functions where the label was only added due to the modifications required by this PR. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 11:43:07 +00:00
Thomas Daubney	51ffac9f40	Implement buffer copy code in psa_hash_compare Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 11:34:02 +00:00
Thomas Daubney	31d8c0bdb4	Make new internal function static Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 11:34:02 +00:00
Thomas Daubney	1c5118e58c	Implement safe buffer copying in hash API Use local copy buffer macros to implement safe copy mechanism in hash API. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-02-12 11:34:02 +00:00
Ryan Everett	ee5920a7d5	Fix error path in `psa_key_derivation_output_bytes` Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-09 15:09:28 +00:00
Ronald Cron	195c0bc24e	tls: Reset TLS maximum negotiable version When reseting an SSL context with mbedtls_ssl_session_reset() reset the TLS maximum negotiable version as configured. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-08 11:54:55 +01:00
Ryan Everett	5d2e82f0ce	Guard memcpy so that it won't fail on null input pointer Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Ryan Everett	b41c3c9582	Guard the exit to stop unused label warning Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Ryan Everett	da9227de7c	Fix psa_key_derivation_output_bytes Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Ryan Everett	f943e22bb9	Protect key_derivation_output_bytes If the alloc fails I belive it is okay to preserve the algorithm. The alloc cannot fail with BAD_STATE, and this setting is only used to differentiate between a exhausted and blank. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
Ryan Everett	d1e398c374	Protect psa_key_derivation_input_bytes Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-07 17:32:16 +00:00
David Horstmann	18dc032fb4	Prevent unused warnings in psa_aead_set_nonce() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	e000a0aedf	Add buffer copying to psa_aead_verify() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	6db0e73dc4	Add buffer copying to psa_aead_finish() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	2914fac28a	Add buffer copying to psa_aead_update() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	25dac6edc1	Add buffer copying to psa_aead_update_ad() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	fed23777f3	Refactor: Use wrapper around internal set_nonce() * Rename psa_aead_set_nonce() to psa_aead_set_nonce_internal() * Recreate psa_aead_set_nonce() as a wrapper that copies buffers before calling the internal function. This is because psa_aead_set_nonce() is currently called by psa_aead_generate_nonce(). Refactoring this to call the static internal function avoids an extra set of buffer copies as well as simplifying future memory poisoning testing. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	8f0ef519d4	Add buffer copying to psa_aead_set_nonce() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	d3cad8b017	Add buffer copying to psa_aead_generate_nonce() Note that this is not strictly necessary as this function only copies to the output buffer at the end. However, it simplifies testing for the time being. Future optimisation work could consider removing this copying. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:02 +00:00
David Horstmann	7f2e040a9b	Add buffer copying to psa_aead_decrypt() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:39:00 +00:00
David Horstmann	9d09a020c9	Copy buffers in psa_aead_encrypt() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-02-06 13:38:20 +00:00
Dave Rodgman	e883870cc7	Merge branch 'development-restricted' into update-development-r Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-02-02 18:03:29 +00:00
Ryan Everett	35f68533d8	Conditionally guard exit label to deter unused label error Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:33:09 +00:00
Ryan Everett	b1d2c67ee0	Protect buffer in psa_export_public_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:33:09 +00:00
Ryan Everett	45ac526592	Protect the buffer in psa_export_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:33:09 +00:00
Ryan Everett	f028fe195b	Protect buffer in psa_import_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-02-02 10:33:09 +00:00
Thomas Daubney	3e65f52130	Conditionally guard exit label ...on functions where the label was only added due to the modifications required by this PR. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-01-30 12:37:25 +00:00
Thomas Daubney	4f8847bb5d	Implement safe buffer copying in asymmetric signature API Use local copy buffer macros to implement safe copy mechanism in asymmetric signature API. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-01-30 12:17:54 +00:00

1 2 3 4 5 ...

12814 Commits