mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-11 22:42:23 +02:00

Author	SHA1	Message	Date
David Horstmann	7a31ac02ab	Switch from int to psa_status_t for test args Remove unnecessary casts as well. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:50:09 +00:00
David Horstmann	818b39dbc3	Remove psa_crypto_ prefix from test functions This ensures they have a different name to the functions they test. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:50:09 +00:00
David Horstmann	34342a2410	Remove superfluous comment Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:50:09 +00:00
David Horstmann	f38eb76b34	Replace compound-initializers with memset This should eliminate some pedantic compiler warnings. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:50:08 +00:00
David Horstmann	121994f33e	Refactor: move buffer pattern fills into helper Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:50:06 +00:00
David Horstmann	5e0b4f8b42	Add full round-trip tests for buffer copying Test that a buffer pair can be created with psa_crypto_alloc_and_copy() and destroyed with psa_crypto_copy_and_free() correctly. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:48:00 +00:00
David Horstmann	406d28ba87	Add test case for overlapping buffers Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:47:58 +00:00
David Horstmann	7131b8eecc	Reject zero-lengths in psa_crypto_copy_and_free() Zero-length buffers should be represented in the psa_crypto_buffer_copy_t struct as NULL if it was created in psa_crypto_alloc_and_copy(), so reject non-NULL zero-length buffers. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	0368d20d51	Reject NULL original_output with non-NULL output If we have a copy buffer but no original to copy back to, there is not much sensible we can do. The psa_crypto_buffer_copy_t state is invalid. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	5847b70829	Add implementation of psa_crypto_copy_and_free() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	9ecd53d1bb	Add testcases for psa_crypto_copy_and_free() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	0e38180e1d	Simplify zero-length buffers to always be NULL Since it is implementation-dependent whether malloc(0) returns NULL or a pointer, explicitly represent zero-length buffers as NULL in the buffer-copy struct, so as to have a uniform behaviour. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	ea08ab775d	Zero-length test for psa_crypto_alloc_and_copy() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	41966d7433	Add extra testcases for buffer copying Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	cc4dfa6892	Add implementation of psa_crypto_alloc_and_copy() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	0684069e44	Add testcases for psa_crypto_alloc_and_copy() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	a707a6f56d	Add buffers struct and prototypes for alloc API Add function prototypes for psa_crypto_alloc_and_copy() and psa_crypto_alloc_and_free(), along with the necessary state struct. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	2bd296e890	Add implementation of psa_crypto_copy_output() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	438cd4811a	Add testcases for psa_crypto_copy_output() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:18 +00:00
David Horstmann	957f980379	Add implementation of psa_crypto_copy_input() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:44:16 +00:00
David Horstmann	b0a01b18af	Add testcases for psa_crypto_copy_input() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:39:37 +00:00
David Horstmann	1cc21c31a9	Add function prototypes for copying functions Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-11-22 14:37:17 +00:00
Dave Rodgman	ba1d63e36f	Merge pull request #1085 from daverodgman/update-ct-changelog-2.28 Backport 2.28: Update padding const-time fix changelog	2023-09-28 11:34:03 +01:00
Dave Rodgman	0ea272d110	Update padding const-time fix changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-27 16:31:33 +01:00
Gilles Peskine	9fe480a5f6	Merge pull request #1081 from waleed-elmelegy-arm/backport_check-set_padding-is-called Backport 2.28: Check set_padding has been called in mbedtls_cipher_finish	2023-09-25 17:12:41 +02:00
Waleed Elmelegy	916ed7b8db	restore internal comment in cipher.h due to LTS Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-25 15:18:48 +01:00
Waleed Elmelegy	8ce42ebd87	Remove invalid comments from cipher.h Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-25 14:21:49 +01:00
Manuel Pégourié-Gonnard	e4138e3279	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-25 14:13:24 +01:00
Manuel Pégourié-Gonnard	8013e685f5	Clarify calling sequence in the Cipher layer Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-25 14:12:08 +01:00
Manuel Pégourié-Gonnard	3697954ac6	Fix inconsistent documentation of cipher_setup() - the \internal note said that calling cipher_init() first would be made mandatory later, but the documention of the ctx parameter already said the context had to be initialized... - the documentation was using the word initialize for two different meanings (calling setup() vs calling init()), making the documentation of the ctx parameter quite confusing (you must initialize before you can initialize...) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-09-25 14:10:49 +01:00
Dave Rodgman	fb6f2cc9d7	Merge pull request #1082 from daverodgman/padding-ct-changelog-2.28 Backport 2.28: Add Changelog for CT fixes	2023-09-25 14:02:16 +01:00
Dave Rodgman	0ab94d1239	Merge pull request #1077 from daverodgman/better-ct-2.28 2.28 backport - Use CT module more consistently	2023-09-25 11:50:16 +01:00
Dave Rodgman	e8358d400f	Add Changelog for CT fixes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-25 11:34:35 +01:00
Waleed Elmelegy	08fd33a875	Add warning to mbedtls_cipher_setup() about setting padding mode Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-22 14:45:25 +01:00
Gilles Peskine	f8fc956714	Merge pull request #1072 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer-2.28 Backport 2.28: Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher	2023-09-22 11:43:01 +02:00
Gilles Peskine	326ba3c0bb	mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher With stream ciphers, add a check that there's enough room to read a MAC in the record. Without this check, subtracting the MAC length from the data length resulted in an integer underflow, causing the MAC calculation to try reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-21 18:25:05 +02:00
Gilles Peskine	dc48f6ed27	Test mbedtls_ssl_decrypt_buf(): stream cipher, negative cases Test mbedtls_ssl_decrypt_buf() with a stream cipher (RC4 or null). Test the good case (to make sure the test code constructs the input correctly), test with an invalid MAC, and test with a shortened input. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-21 18:25:05 +02:00
Gilles Peskine	2198cc5273	Refactoring: create mbedtls_test_ssl_prepare_record_mac() No semantic change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-21 18:24:38 +02:00
Gilles Peskine	027e1b4b3d	Refactoring: prepare to create mbedtls_test_ssl_prepare_record_mac() No semantic change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-21 18:24:38 +02:00
Gilles Peskine	9013b818c6	Move testing of mbedtls_ssl_decrypt_buf to a new test suite test_suite_ssl is huge and needs splitting. Create a new test suite focused on mbedtls_ssl_decrypt_buf(), which is a complicated function that needs more thorough testing with malformed inputs. At this point, we are only doing negative testing with CBC-non-ETM test suites. This needs to grow. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-21 18:24:36 +02:00
Dave Rodgman	6063d82f04	Correct macro guards in constant_time_internal.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 21:54:15 +01:00
Dave Rodgman	5ea6bb06a7	Add cast for MSVC Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 20:14:15 +01:00
Dave Rodgman	caa942569f	Improve return value handling Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:26:08 +01:00
Dave Rodgman	e0ad9a4707	Misc CT robustness improvements Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:26:08 +01:00
Dave Rodgman	1924adbf99	Fix macro guards for mbedtls_ct_size_mask Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 18:00:47 +01:00
Dave Rodgman	1d52368e85	build fixes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 16:26:49 +01:00
Dave Rodgman	c1a17f5458	CT fix for get_zeros_padding Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 15:14:28 +01:00
Dave Rodgman	51773aa68b	CT fix for get_zeros_and_len_padding Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 15:14:28 +01:00
Dave Rodgman	df254f6bb6	CT fix for get_one_and_zeros_padding Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 15:14:28 +01:00
Dave Rodgman	9f3f73d212	CT fix for get_pkcs_padding Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 15:14:28 +01:00

1 2 3 4 5 ...

18140 Commits