Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse:
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer
protection is enabled by default without any change to the Mbed TLS
config file.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Internal only for now, but can be made external with some more
work. Break up psa_crypto_init into chunks to prevent deadlocks when
initialising RNG, likewise break up mbedtls_crypto_free() to stop having
to hold more than one mutex at a time.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Fix errors in merge conflict resolution - change
psa_generate_random_internal() to return directly rather than jumping to
an exit label and restore the variable psa_status_t status.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Reads and writes of rng_state in psa_crypto_init() and psa_crypto_free()
were already covered by mutex.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Unfortunately this requires holding the mutex for the entire
psa_crypto_init() function, as calling psa_crypto_free() from another
thread should block until init has ended, then run.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
If the output buffer is NULL, it either:
* Does not need wiping because it is zero-length.
* Has failed allocation of a copy.
* Has not yet been written to as a copy hasn't been allocated.
In any of these circumstances, we should not try to write the buffer,
so perform a NULL check before wiping it.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Add buffer protection to:
* psa_sign_hash_start(), which takes an input buffer for the hash.
* psa_sign_hash_complete(), which takes an output buffer for the
calculated signature.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Threads lose the mutex between locking the slot and changing the slot's state.
Make it so that threads check if another thread has completed a destruction during this period.
Also fix the issue with the incorrect status variable being used.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
When building with -Og (specifically Zephyr with
CONFIG_DEBUG_OPTIMIZATIONS=y) one observes the following warning:
'shared_secret' may be used uninitialized [-Werror=maybe-uninitialized]
Fix this by zero initializing 'shared_secret' similar to the issue
addressed in commit 2fab5c960 ("Work around for GCC bug").
Signed-off-by: Moritz Fischer <moritzf@google.com>
- define mbedtls_psa_random_context_t even when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
is defined
- define mbedtls_psa_legacy_get_random as pointer to function instead
of #define to make "check_names" test happy.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The `flags` field in `psa_key_attributes_t` was a general mechanism that
only ever got used for a single flag: to indicate that the `slot_number`
field has been set. We have switched to a dedicated indicator for that, so
we can now remove `flags`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In `psa_key_attributes_t`, keep track of whether `slot_number` has been set
through a dedicated field, rather than using a flag.
This paves the way to removing `flags`, which is not used for anything else.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Access the fields of `psa_key_attributes_t` directly rather than through the
`core` field. This makes the `core` field obsolete.
This commit is fully automated:
```
git ls-files '*.h' '*.c' '*.function' '*.jinja' | xargs perl -l -i -pe '$core = qr/\b(core\b|MBEDTLS_PRIVATE\(core\))/; s/->$core\./->/g; s/&(\w+)\.$core\./&$1./g; s/(\w+)\.$core/$1/g'
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that a key slot contains the full `psa_key_attributes_t, the temporary
local variables holding a copy of core attributes read from the slot are no
longer needed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Switch `psa_key_slot_t` to the full `psa_key_attributes_t`, now that this
structure only has psa_core_key_attributes_t`.
To minimize the diff without breaking the build much, temporarily make
`psa_key_attributes_t` contain either the `core` field or all the fields.
This allows both things like `slot->attr.core.type` and `slot->attr.type`
to exist. The build breaks with compilers that don't support anonymous
unions and structs, which are only standard C since C11.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Move the `slot_number` field of `psa_key_attributes_t` to
`psa_core_key_attributes_t`. This makes ``psa_core_key_attributes_t` core`
the sole field of `psa_key_attributes_t`. This paves the way to unifying
the two structures.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
