lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-31 21:50:31 +03:00
Code Activity
31,648 Commits 176 Branches 276 Tags
46ea764289ee5ca2a8261c34d76d35cc9be69ea3
Commit Graph

1599 Commits

Author SHA1 Message Date
Thomas Daubney
1ffc5cb4a5 Modify allocation and buffer wiping in sign_finish 
Allocate immediately after declaration and only wipe
tag buffer if allocation didn't fail.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:38 +00:00
Thomas Daubney
7480a74cba Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:38 +00:00
Thomas Daubney
c6705c6cb2 Conditionally include exit label 
... on MAC functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:38 +00:00
Thomas Daubney
8db8d1a83e Implement safe buffer copying in MAC API 
Use buffer local copy macros to implement safe
copy mechanism in MAC API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:02 +00:00
Thomas Daubney
d2411565ce Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:43:07 +00:00
Thomas Daubney
dedd1006b6 Conditionally include exit label 
...on hash functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:43:07 +00:00
Thomas Daubney
51ffac9f40 Implement buffer copy code in psa_hash_compare 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:34:02 +00:00
Thomas Daubney
31d8c0bdb4 Make new internal function static 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:34:02 +00:00
Thomas Daubney
1c5118e58c Implement safe buffer copying in hash API 
Use local copy buffer macros to implement safe
copy mechanism in hash API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:34:02 +00:00
Ryan Everett
e02b63ac89 Merge branch 'Mbed-TLS:development' into threadsafe-key-locking 2024-02-12 10:04:07 +00:00
Janos Follath
f741db3d6e Merge pull request #8764 from Ryan-Everett-arm/threadsafe-key-wiping 
Make key destruction thread safe
 2024-02-12 09:37:59 +00:00
David Horstmann
7175d71328 Remove unnecessary setting of status variable 
The status is guaranteed to be PSA_SUCCESS at these points, so setting
them is redundant.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-09 18:20:05 +00:00
Ryan Everett
ee5920a7d5 Fix error path in psa_key_derivation_output_bytes 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 15:09:28 +00:00
Ryan Everett
7fee4f7318 Fix mutex unlock error handling in psa_destroy_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-09 14:11:27 +00:00
Ryan Everett
5d2e82f0ce Guard memcpy so that it won't fail on null input pointer 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
b41c3c9582 Guard the exit to stop unused label warning 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
da9227de7c Fix psa_key_derivation_output_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
f943e22bb9 Protect key_derivation_output_bytes 
If the alloc fails I belive it is okay to preserve the algorithm.
The alloc cannot fail with BAD_STATE, and this setting is only used
to differentiate between a exhausted and blank.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
d1e398c374 Protect psa_key_derivation_input_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Manuel Pégourié-Gonnard
1d7bc1ecdf Merge pull request #8717 from valeriosetti/issue8030 
PSA FFDH: feature macros for parameters
 2024-02-07 10:06:03 +00:00
Gilles Peskine
f45589b492 Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity 
KDF incorrect initial capacity
 2024-02-06 17:29:43 +00:00
David Horstmann
18dc032fb4 Prevent unused warnings in psa_aead_set_nonce() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
e000a0aedf Add buffer copying to psa_aead_verify() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
6db0e73dc4 Add buffer copying to psa_aead_finish() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
2914fac28a Add buffer copying to psa_aead_update() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
25dac6edc1 Add buffer copying to psa_aead_update_ad() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
fed23777f3 Refactor: Use wrapper around internal set_nonce() 
* Rename psa_aead_set_nonce() to psa_aead_set_nonce_internal()
* Recreate psa_aead_set_nonce() as a wrapper that copies buffers before
  calling the internal function.

This is because psa_aead_set_nonce() is currently called by
psa_aead_generate_nonce(). Refactoring this to call the static internal
function avoids an extra set of buffer copies as well as simplifying
future memory poisoning testing.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
8f0ef519d4 Add buffer copying to psa_aead_set_nonce() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
d3cad8b017 Add buffer copying to psa_aead_generate_nonce() 
Note that this is not strictly necessary as this function only copies to
the output buffer at the end. However, it simplifies testing for the
time being.

Future optimisation work could consider removing this copying.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
David Horstmann
7f2e040a9b Add buffer copying to psa_aead_decrypt() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:00 +00:00
David Horstmann
9d09a020c9 Copy buffers in psa_aead_encrypt() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:38:20 +00:00
Dave Rodgman
e883870cc7 Merge branch 'development-restricted' into update-development-r 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-02 18:03:29 +00:00
Ryan Everett
35f68533d8 Conditionally guard exit label to deter unused label error 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
b1d2c67ee0 Protect buffer in psa_export_public_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
45ac526592 Protect the buffer in psa_export_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
f028fe195b Protect buffer in psa_import_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
a103ec9ad4 Make one shot operations thread safe 
These all follow a pattern of locking some key slot,
reading its contents, and then unregistering from reading the slot.
psa_copy_key also writes to another slot,
but calls the functions needed to be threadsafe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-31 14:17:15 +00:00
Ryan Everett
fb792cad31 Make psa_get_and_lock_X_with_policy threadsafe 
Between the call to psa_get_and_lock_key_slot and psa_unregister_read
we only read the contents of a slot which we are registered to read,
so no extra mutex taking is needed.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-31 13:41:13 +00:00
Thomas Daubney
3e65f52130 Conditionally guard exit label 
...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:37:25 +00:00
Thomas Daubney
4f8847bb5d Implement safe buffer copying in asymmetric signature API 
Use local copy buffer macros to implement safe
copy mechanism in asymmetric signature API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:17:54 +00:00
Ryan Everett
763971f32e Comment on locking strategy in psa_destroy_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-29 17:17:12 +00:00
Ryan Everett
c053d968f2 Make psa_destroy_key threadsafe 
We do not require linearizability in the case of destroying a key in use.
Using a key and destroying it simultaneously will not cause any issues
as the user will only use the copy of the key in the slot.
Two simulatenous deletion calls to one key cannot interfere, the first caller
sets the slot's state to PENDING_DELETION, the second caller will back off.
Remove outdated comment about one key being in multiple slots, psa_open_key
does not put the key into a new slot.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-29 17:06:34 +00:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r 
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
 2024-01-26 12:42:51 +00:00
David Horstmann
c75639daa0 Add copying to PAKE input and output 
Add buffer copying to:
* psa_pake_input()
* psa_pake_output()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 15:42:11 +00:00
David Horstmann
4f534ae9c2 Add copying in PAKE set peer and user functions 
Add copying to:
* psa_pake_set_user()
* psa_pake_set_peer()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 15:42:11 +00:00
Gabor Mezei
1882c51cb3 Add allocate and copy style output buffer handling 
Add a new macro `LOCAL_OUTPUT_ALLOC_WITH_COPY` to support the output buffer
handling of the multipart operations like `psa_cipher_update`. This will
allocate a local buffer and copy the content of the original buffer.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-01-24 13:51:33 +01:00
Manuel Pégourié-Gonnard
34c6e8a770 Merge pull request #8700 from valeriosetti/issue8461 
psa_asymmetric_encrypt() doesn't work with opaque driver
 2024-01-22 08:43:08 +00:00
Gilles Peskine
4d4891e18a Merge pull request #8666 from valeriosetti/issue8340 
Export the mbedtls_md_psa_alg_from_type function
 2024-01-18 13:58:55 +00:00
Gilles Peskine
c9077cccd3 Merge pull request #8664 from valeriosetti/issue7764 
Conversion function from ecp group to PSA curve
 2024-01-18 10:28:55 +00:00
Paul Elliott
2728267ec4 Merge pull request #8672 from Ryan-Everett-arm/implement-new-key-slot-states 
Implement the new key slot state system within the PSA subsystem.
 2024-01-17 17:50:04 +00:00