Commit graph

13498 commits

Author SHA1 Message Date
Gilles Peskine
d4a853dbd7 Exclude binary files from text checks
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine
0598db84c3 Regex mechanism for check-specific exemptions
Suffixes are convenient but not always sufficient.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine
c1d1b669db Check all files by default
Have an explicit list of exemptions for specific checks rather than
whitelisting files to check. Some checks, such as permissions, should
apply to all files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine
05a51a8a72 More accurate variable name
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:53:32 +02:00
Gilles Peskine
4eb05a4edd Fix article in documentation
Co-authored-by: Andrew Thoelke <andrew.thoelke@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-27 21:51:00 +02:00
danh-arm
14b8b3cd51
Merge pull request #3351 from ronald-cron-arm/make_cmake_versions
Add output of make, cmake and python3 versions
2020-05-27 17:37:19 +01:00
Janos Follath
eee1f3b0c1
Merge pull request #3341 from paul-elliott-arm/fix-contributing
Fix contributing link to changelog howto
2020-05-27 07:44:25 +01:00
Gilles Peskine
b1ccff8725
Merge pull request #2855 from irwir/fix_x509_crt.c
Remove non-working check from x509_get_subject_alt_name
2020-05-26 18:32:16 +02:00
Gilles Peskine
deacf60f79
Merge pull request #3326 from kohnakagawa/fix/utf-8_encoding_bug
fix mbedtls_x509_dn_gets to show non-ASCII string properly
2020-05-25 14:18:48 +02:00
Ronald Cron
87e658d5a4 Add output of python3 version
Add output of python3 version to output_env.sh.
Added in addition to the version of `python` as some
project's scripts try both executable names.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-05-25 13:55:21 +02:00
Ronald Cron
2c1a1f0a2d Add output of make and cmake versions
Add output of make and cmake versions to output_env.sh.
That way we can see their versions in the CI.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-05-25 13:22:18 +02:00
Gilles Peskine
7c3468efbc Fix #3328
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-25 12:26:04 +02:00
Gilles Peskine
583cd7f442 Re-generate error.c
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-25 12:23:55 +02:00
Gilles Peskine
efdce2df0d Do include asn1.h in error.c
When generate_errors.pl was first written, there was no asn1.h. But
now there is one and it does not need any special treatment.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-25 12:23:11 +02:00
Gilles Peskine
5241f85bbd Check that all necessary headers are included in error.c
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-25 12:21:22 +02:00
Manuel Pégourié-Gonnard
4bfa1171ae
Merge pull request #3335 from Redfoxymoon/development
midipix platform support
2020-05-22 13:04:15 +02:00
Manuel Pégourié-Gonnard
c859c21824 Merge branch 'development' into development-restricted
* development: (81 commits)
  Add changelog entry file
  Remove obsolete comment
  Changelog entry noting the behavior change and storage format change
  Update SE support to pass a location when registering a driver
  Update SE support to pass a location when registering a driver
  Update the SE interface to pass a location when registering a driver
  Fix macros
  Missing word
  Define a macro to construct a lifetime from persistence and location
  Document PSA_KEY_PERSISTENCE_xxx and PSA_KEY_LOCATION_xxx
  Rename and clarify the default persistent location and persistence
  PSA_KEY_LIFETIME_PERSISTENT is a lifetime, not just a storage area
  Shorten type and value names for lifetime parts
  Define some structure for lifetime values
  Fix typo in program benchmark.
  Add changelog entry for #3310.
  Add variable initialization to large SSL TLS function.
  Add Changelog entry for #3312
  Scope reduction to enable NULL check to protect dereferencing.
  Expose SSL HW record acceleration error.
  ...
2020-05-22 12:44:43 +02:00
Paul Elliott
8c4fd40bf6 Change Changelog link to point at Changelog readme
Make the contributing document link to how to create a changelog rather
than just linking to the Changelog itself.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-05-21 16:25:56 +01:00
irwir
fcdea0ff69 Remove definitions and settings that are never used or duplicate MSVC
defaults. Fixes #3297.

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-05-21 17:19:56 +03:00
Ørjan Malde
479d8de31d Add support for midipix, a POSIX layer for Microsoft Windows
Signed-off-by: Ørjan Malde <orjan.malde@foxi.me>
2020-05-20 18:14:45 +00:00
Koh M. Nakagawa
46b8782a72 fix mbedtls_x509_dn_gets to escape non-ASCII characters
Signed-off-by: Koh M. Nakagawa <tsunekou1019@gmail.com>
2020-05-21 01:56:55 +09:00
irwir
d742a2416d Add changelog entry
Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-05-20 18:24:12 +03:00
Manuel Pégourié-Gonnard
5eae4dd08e
Merge pull request #3301 from Patater/inline-mbedtls_ecc_group_to_psa
psa: Define mbedtls_ecc_group_to_psa() inline
2020-05-19 09:06:04 +02:00
danh-arm
4850263bb5
Merge pull request #3319 from Kxuan/development
Fix typo in program benchmark.
2020-05-18 10:10:25 +01:00
Gilles Peskine
ee61b6601e
Merge pull request #3302 from gilles-peskine-arm/psa-lifetime-persistence-indicator
Define some structure for lifetime values
2020-05-14 16:13:20 +02:00
Jonas
4a67182962 Add Changelog entry for #3318
Signed-off-by: Jonas <jonas.lejeune4420@gmail.com>
2020-05-13 14:25:57 +09:00
Jonas
923d579369 Add test cases to check rng failure
Signed-off-by: Jonas <jonas.lejeune4420@gmail.com>
2020-05-13 14:25:47 +09:00
Gilles Peskine
e24fc7b0a1
Merge pull request #2595 from k-stachowiak/unified-exit-in-examples
Unify the example programs' termination
2020-05-12 10:46:47 +02:00
Gilles Peskine
24ba42cef7 Fix explanation of rules for function substitution
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:07:42 +02:00
Gilles Peskine
688f6cc591 There are test programs, not just unit tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:07:40 +02:00
Gilles Peskine
5925183b8a Fix explanation of PSA_DONE
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:06:37 +02:00
Gilles Peskine
2182585776 Introduction: present the top-level sections
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:03:33 +02:00
Gilles Peskine
d04b9ed7dd Spelling
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:03:24 +02:00
Gilles Peskine
b88bb5fd7f Add changelog entry file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 22:13:27 +02:00
k-stachowiak
297896e6db Remove obsolete comment 2020-05-11 22:11:10 +02:00
Gilles Peskine
c39a80daee
Merge pull request #3312 from sander-visser/cleanup-nullptr-deref
Scope reduction to enable NULL check to protect dereferencing.
2020-05-11 21:59:07 +02:00
Gilles Peskine
fb79dfef47 Changelog entry noting the behavior change and storage format change
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:15:26 +02:00
Gilles Peskine
344e15b010 Update SE support to pass a location when registering a driver
Now that lifetimes have structures and secure element drivers handle
all the lifetimes with a certain location, update driver registration
to take a location as argument rather than a lifetime.

This commit updates the tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:15:26 +02:00
Gilles Peskine
2b04f4683b Update SE support to pass a location when registering a driver
Now that lifetimes have structures and secure element drivers handle
all the lifetimes with a certain location, update driver registration
to take a location as argument rather than a lifetime.

This commit updates the Mbed TLS implementation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:15:26 +02:00
Gilles Peskine
52ac958d6b Update the SE interface to pass a location when registering a driver
Now that lifetimes have structures and secure element drivers handle
all the lifetimes with a certain location, update driver registration
to take a location as argument rather than a lifetime.

This commit updates the PSA specification draft.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
4cfa443d2a Fix macros
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
e3871f8ae8 Missing word
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
c4ee2f3a87 Define a macro to construct a lifetime from persistence and location
Applications need this to combine implementation-specific values of
persistence levels and location indicators.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
aff1181d67 Document PSA_KEY_PERSISTENCE_xxx and PSA_KEY_LOCATION_xxx
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
ee04e69956 Rename and clarify the default persistent location and persistence
Call persistence "default" because that is genuinely the default that
applications should use if they don't know better. It's slightly
misleading in that the default persistence when you create a key is
volatile, not this: "default" is the default persistence for
persistent keys, not the default persistence for keys in general. But
we haven't found a better name.

Introduce the term "primary local storage" to designate the default
storage location.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
5dcb74f02f PSA_KEY_LIFETIME_PERSISTENT is a lifetime, not just a storage area
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
bbb3c1815a Shorten type and value names for lifetime parts
Drop lifetime_ or LIFETIME_ to make the names shorter. They're still
unambiguous.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Gilles Peskine
2d2bb1dd04 Define some structure for lifetime values
* Lower 8 bits: persistence level
    * 0: volatile
    * 1: persistent (default)
    * 2-127: persistent (reserved for future PSA specifications)
    * 128-254: persistent (reserved for vendors)
    * 255: read-only
* Upper 24 bits: location indicator
    * 0: built-in
    * 1: primary secure element
    * 2-0x7fffff: reserved for future PSA specifications
    * 0x800000-0xffffff: vendor-specific

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 11:14:51 +02:00
Janos Follath
1a4a3f5924
Merge pull request #3311 from sander-visser/validate-tls-mac-key-len
Add variable initialization to large SSL TLS function
2020-05-11 09:39:01 +01:00
Gilles Peskine
f862d73df0
Merge pull request #3310 from sander-visser/fix-wrong-return-with-ssl-hw-accel-if-init-fails
Expose SSL HW record acceleration error.
2020-05-11 10:30:04 +02:00