lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
30,870 Commits 176 Branches 276 Tags
e3abb6a148c99f1ee33f79736cafd9b091ef662c
Commit Graph

37 Commits

Author SHA1 Message Date
David Horstmann
cd84bb287b Update references to mbedtls_dev 
Change these to point to the new mbedtls_framework module in the
framework submodule.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-13 14:43:29 +01:00
David Horstmann
0a8abdea8b Update wrapper generation script and regenerate 
Update the guards generated by the wrapper generation script to use
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS and regenerate the PSA test
wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 14:47:48 +00:00
David Horstmann
5ba3f5f7a5 Flip logic of generate_psa_wrappers.py 
Change from a long list of PSA functions to a list of excluded
false-positives.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-11 15:57:43 +00:00
David Horstmann
5d64c6acca Generate memory poisoning in wrappers 
Generate memory poisoning code in test wrappers for:
* psa_sign_hash_start()
* psa_sign_hash_complete()
* psa_verify_hash_start()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-11 15:56:13 +00:00
David Horstmann
63dfb45e5e Merge pull request #1181 from tom-daubney-arm/key_agreement_buffer_protection 
Implement safe buffer copying in key agreement
 2024-03-11 15:10:49 +00:00
tom-daubney-arm
d4c57c0ad2 Merge branch 'development-restricted' into key_agreement_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-03-06 16:47:13 +00:00
David Horstmann
a5175634b0 Merge branch 'development-restricted' into copying-pake 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-06 11:18:28 +00:00
Gábor Mezei
716cf2d4e0 Merge branch 'development-restricted' into buffer_protection_for_cipher 
Signed-off-by: Gábor Mezei <63054694+gabor-mezei-arm@users.noreply.github.com>
 2024-03-04 15:38:05 +00:00
David Horstmann
c5688a2629 Merge branch 'development-restricted' into generate-random-buffer-protection 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 14:25:56 +00:00
David Horstmann
7581363122 Fix incorrect conflict resolution 
A return statement was missing in the wrapper generation script.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 11:26:45 +00:00
tom-daubney-arm
840dfe8b41 Merge branch 'development-restricted' into asymmetric_encrypt_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-28 15:42:38 +00:00
Gabor Mezei
b74ac66c8b Update test wrapper functions for ciper buffer protection 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-28 15:17:18 +00:00
Gabor Mezei
b8f97a1f3f Add test wrapper functions for cipher buffer protection 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-02-28 15:17:17 +00:00
David Horstmann
075c5fb76f Generate test wrappers for psa_generate_random() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-26 17:12:34 +00:00
Thomas Daubney
4a46d73bb0 Suppress pylint 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-26 13:49:26 +00:00
tom-daubney-arm
5cd611d144 Merge branch 'development-restricted' into mac_buffer_protection 
Signed-off-by: tom-daubney-arm <74920390+tom-daubney-arm@users.noreply.github.com>
 2024-02-22 15:26:06 +00:00
David Horstmann
cf3457ef26 Merge pull request #1132 from davidhorstmann-arm/copying-aead 
Copy buffers in AEAD
 2024-02-20 16:07:30 +00:00
Thomas Daubney
fe2bda3257 Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-15 13:35:06 +00:00
David Horstmann
b539126670 Merge pull request #1156 from Ryan-Everett-arm/key-derivation-buffer-protection 
Add buffer copying to the Key Derivation API
 2024-02-15 11:54:20 +00:00
Thomas Daubney
54e6b412bd Generate all test wrappers 
One was missed due to a typo

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:49:22 +00:00
Thomas Daubney
27b48a312f Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:49:19 +00:00
Thomas Daubney
a1cf1010cc Generate test wrappers for mac functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 12:07:35 +00:00
Thomas Daubney
45c8586a91 Generate test wrappers for hash functions 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-02-12 11:43:03 +00:00
Ryan Everett
eb8c665a53 Reformat wrapper generation code 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
0f54727bf4 Restructure wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
198a4d98d5 Generate test wrappers for key derivation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
David Horstmann
86e6fe0cce Generate poisoning wrappers for AEAD 
Modify wrapper generation script to generate poisoning calls and
regenerate wrappers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 13:39:02 +00:00
Ryan Everett
4c74c4fe84 Fix line-too-long in script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
84a666daa8 Re-add cipher_encrypt to test wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
77b91e3930 Generate test wrappers for key management 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Thomas Daubney
f430f47434 Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:25:35 +00:00
David Horstmann
6076fe486b Generate poisoning in PAKE test wrappers 
Enable memory poisoning for all functions whose names start with
'psa_pake'. Regenerate the wrappers and commit the result.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-24 15:42:11 +00:00
Gilles Peskine
4411c9c1f8 Disable PSA wrappers psa_collect_statuses builds 
`psa_collect_statuses.py` runs `make RECORD_PSA_STATUS_COVERAGE_LOG=1`,
which builds with `RECORD_PSA_STATUS_COVERAGE_LOG`. In this mode, the build
includes wrappers for PSA functions, which conflict with the newly
introduced wrappers that are enabled whenever `MBEDTLS_TEST_HOOKS` is
enabled. In the future, the collect-statuses mechanism should use the new
generic wrapper mechanism. For the time being, keep the old wrappers and
avoid the new wrappers when doing the collect-statuses build.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:30:48 +01:00
Gilles Peskine
88385c2f74 PSA wrappers: don't poison buffers when buffer copying is disabled 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:30:29 +01:00
Gilles Peskine
a1871f318b Add review exception warning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:30:28 +01:00
Gilles Peskine
4adacac142 Generated PSA wrappers: poison/unpoison buffer parameters 
For now, only instrument the one function for which buffer copying has been
implemented, namely `psa_cipher_encrypt`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:20:59 +01:00
Gilles Peskine
5294bb347c PSA wrapper generator 
The new script `tests/scripts/generate_psa_wrappers.py` generates the
implementation of wrapper functions for PSA API functions, as well as a
header that defines macros that redirect calls to the wrapper functions. By
default, the wrapper functions just call the underlying library function.
With `--log`, the wrapper functions log the arguments and return values.

This commit only introduces the new script. Subsequent commits will
integrate the wrappers in the build.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-15 19:03:08 +01:00