When exporting an FFDH public key we were not properly checking the
length of the output buffer and would write the full length of the key
in all cases. Fix this by checking the size of the output buffer before
we write to it.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This testcase calls psa_export_public_key() on an FFDH key with an
output buffer that is too small. Since the size is calculated based on
the required key size but not checked against the available buffer size,
we overflow the buffer.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The flawed condition made us accept invalid IPv6 addresses and in some
cases lead to a buffer underread.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The generated unit tests have the input parameters in large stack
buffers and therefore ASan doesn't notice under or overflows in them.
Copy the input parameter into a locally allocated buffer to trigger ASan
if something goes wrong.
Signed-off-by: Janos Follath <janos.follath@arm.com>
As indicated in a comment, with older Clang, we need to define
`__ARM_FEATURE_CRYPTO` before we include `arm_neon.h`, which is done via
`common.h`. 4c44990d65
accidentally broke this. Fix it, while taking care not to include another
header before `common.h`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In `scripts/common.make`, used by `tests/Makefile` and `programs/Makefile`,
we have the following rules to build the library:
```
$(MBEDLIBS):
$(MAKE) -C ../library
```
$(MBEDLIBS) contains three library files but the command is for all
the 3 files instead of single target generation. This would cause a
race when doing parallel build. This commit fixes command so that
the recipe could generate a single library file.
Fix https://github.com/Mbed-TLS/mbedtls/issues/8229
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>
Previously we were looping in one case but not even checking the other.
Let's check both cases and error out immediately. The error path should
never be taken in pratice anyway.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
In library source files, the order of things should be:
1. Define macros that affect the behavior of system headers, such as
`_POSIX_C_SOURCE` and `_GNU_SOURCE`.
2. Include the library's common header: `common.h`.
It takes care of many things, including defining the library
configuration, granting access to private fields in structures, and
activating platform-specific hacks.
3. Possibly a few header inclusions and macro definitions.
4. Guard everything else by `#if defined(MBEDTLS_XXX_C)` or some such.
Enforce this order in files that previously did things they shouldn't have
before including `common.h`. To locate the potentially
problematic files:
```
grep -m1 '^#' library/*.c | grep -v -F common.h
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Was only used in one place so far, but will be used in
rsa_gen_rand_with_inverse()'s upcoming CRT-based implementation.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Will gain a new implementation using the CRT, so we want to hide the
upcoming complexity in a dedicated function.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Previous tests were backported from tf-psa-crypto and they work fine there.
However the library implementation is not the same between 3.6 and
tf-psa-crypto: in 3.6 we only prevent loading of persistent keys if their
ID is within the volatile range, but the built-in one is still allowed.
Therefore this commit fix expected return values for the 3.6 branch
when built-in keys are accessed.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
