50bcca26b3
Update test wrapper functions for ciper buffer protection
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:44:23 +00:00
282bb53edc
Add buffer protection for cipher_generate_iv and cipher_set_iv
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:44:23 +00:00
ed96d687d7
Move local buffer allocation just before usage
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:41:50 +00:00
69f680ac9c
Add LOCAL_OUTPUT_ALLOC_WITH_COPY macro if buffer protection is disabled
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:41:49 +00:00
92905be298
Fix ASAN error for psa_cipher_update
...
The ASAN gives an error for `psa_cipher_update` when the `input_length`
is 0 and the `input` buffer is `NULL`. The root cause of this issue is
`mbedtls_cipher_update` always need a valid pointer for the
input buffer even if the length is 0.
This fix avoids the `mbedtls_cipher_update` to be called if the
input buffer length is 0.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:41:49 +00:00
143864c121
Add test wrapper functions for cipher buffer protection
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:41:49 +00:00
13a15c2390
Add buffer protection for cipher functions
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-02-29 16:41:03 +00:00
9f1003b381
blank line for readability
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 15:01:29 +00:00
7a659102f5
Use export to set VERBOSE_LOGS
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:59:40 +00:00
98397f0bba
Merge branch 'mbedtls-2.28-restricted' into generate-random-buffer-protection-backport
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-29 14:27:16 +00:00
ffdd957049
Fix compilation on macOS without apple-clang
...
Signed-off-by: Steven WdV <swdv@cs.ru.nl >
2024-02-29 15:23:01 +01:00
be49b6b239
Merge pull request #1154 from tom-daubney-arm/backport_asymmetric_encrypt_buffer_protection
...
[Backport] Asymmetric encrypt buffer protection
2024-02-29 14:17:10 +00:00
f4aa1ce006
Fix docs
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:14:53 +00:00
c2a27492bc
simplify printf call
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:13:35 +00:00
b93ae3b453
improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
03b232ae4e
Add editor hint for emacs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
7c84471ed7
Rename quiet to quiet.sh
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
04e0f41f08
Send printed command to stderr
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
cdf57d1ddc
remove trailing space from printed command
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
f57529903d
Improve simplified quoting
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
a8e671d7bb
remove shebang from quiet
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
043325d191
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
6122cb1013
Quote directory name from cmake wrapper
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
62ba696bae
Undo not-needed change
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
e2317649dd
Allow wrappers to be missing; quote directory name from make
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
0b069bd5b1
Avoid infinite loop
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
57783d7459
Extract common parts of quiet wrapper
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
6529f12d35
Tidy up quiet wrappers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:50 +00:00
4cb98a930c
Move quiet wrapper setup
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:48 +00:00
634fe908b7
Improve quote_args output readability
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:16 +00:00
d4a5563417
Improve output from make/cmake wrapper
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:16 +00:00
59f9df999d
Always display make/cmake invocation command
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:16 +00:00
75da313166
Pacify check_files
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:16 +00:00
8470d114e2
Spelling fix
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:16 +00:00
a0b7c08b60
Use quiet make wrappers from all.sh
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:11:14 +00:00
99fa0d08d3
Create quiet wrappers for make and cmake
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-29 14:09:58 +00:00
24d60ad716
Merge branch 'mbedtls-2.28-restricted' into backport_asymmetric_encrypt_buffer_protection
...
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com >
2024-02-28 15:43:48 +00:00
80de1475a1
Fix incorrect conflict resolution
...
A return statement was missing in the wrapper generation script.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-28 15:16:44 +00:00
10e44f3fd1
Add missing guards around exit label
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-28 14:17:49 +00:00
cb086af4bc
Merge pull request #8860 from gilles-peskine-arm/ecp-write-doc-2.28
...
Backport 2.28: Document ECP write functions
2024-02-28 11:04:27 +00:00
6b01954e09
Merge pull request #1150 from tom-daubney-arm/backport_mac_buffer_protection
...
[Backport] - MAC buffer protection
2024-02-26 19:06:45 +00:00
4e8215057c
Generate test wrappers for psa_generate_random()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-26 18:26:06 +00:00
65bf12ce6b
Add buffer copying to psa_generate_random()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-26 18:26:00 +00:00
be060f1e85
Suppress pylint
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2024-02-26 13:55:42 +00:00
9721b868a2
Allow null buffers when the length is 0
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-26 12:38:16 +01:00
84dc44b9b5
Note that ecp read/write functions don't support Curve448 yet
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-26 09:05:45 +01:00
7ce99c0f3a
mbedtls_ecp_write_key: document that this function doesn't detect unset data
...
Fixes #8803 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-26 09:04:29 +01:00
e65e98a1dc
mbedtls_ecp_write_key: document and test smaller output buffer
...
Document and test the current behavior, even if it is weird:
* For Weierstrass keys, the error is MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL,
not MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL.
* For Weierstrass keys, a smaller output buffer is ok if the output fits.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-26 09:02:44 +01:00
75bb596de8
mbedtls_ecp_write_key: document and test larger output buffer
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-26 09:01:51 +01:00
c2c74b9cef
mbedtls_ecp_write_key: no FEATURE_UNAVAILABLE error
...
When exporting a key, MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE should not happen.
This error indicates that the curve is not supported, but that would prevent
the creation of the key.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-26 08:54:25 +01:00
