Don't use the output buffer in psa_cipher_encrypt()
to pass the generated IV to the driver as local
attacker could potentially control it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add non regression test for invalid usage of
the output buffer in psa_cipher_encrypt().
The output buffer should not be used to pass
the IV to the driver as a local attacker could
be able to control the used IV.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Align the execution of cipher one-shot APIs with
that of cipher multi-part APIs: always exit
through the exit-labelled section.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Don't use the output buffer in psa_cipher_generate_iv()
to pass the generated IV to the driver as local
attacker could potentially control it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add non regression test for invalid usage of
the output buffer in psa_cipher_generate_iv().
The output buffer should not be used to pass
the IV to the driver as a local attacker could
be able to control the used IV.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move fields around to have fewer accesses outside the 128-element Thumb
direct access window.
Make the same change as in 2.27+, for the same small benefit.
Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/psa_crypto.o: 16434 -> 16414 (diff: 20)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Move fields around to have fewer accesses outside the 128-element Thumb
direct access window.
In psa_hkdf_key_derivation_t, move the large fields (output_block, prk,
hmac) after the state bit-fields. Experimentally, it's slightly better
to put hmac last.
Other operations structures don't go outside the window, at least when not
considering nested structures.
Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/psa_crypto.o: 16510 -> 16434 (diff: 76)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Empty the current line if it's entirely inside a comment.
Don't incorrectly end a block comment at the second line if it doesn't
contain `*/`.
Recognize `/*` to start a multiline comment even if it isn't at the start of
the line.
When stripping off comments, consistently strip off `/*` and `*/`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use '|'.join([comma-separated list]) rather than r'...|' r'...|'. This way
there's less risk of forgetting a '|'. Pylint will yell if we forget a comma
between list elements.
Use match rather than search + mandatory start anchor for EXCLUSION_LINES.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Make parse_identifiers less complex. Pylint was complaining that it had too
many local variables, and it had a point.
* Lift the constants identifier_regex and exclusion_lines to class
constants (renamed to uppercase because they're constants).
* Lift the per-file loop into a new function parse_identifiers_in_file.
No intended behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix cases like
```
/*short comment*/ /*long
comment */
int mbedtls_foo;
```
where the previous code thought that the second line started outside of a
comment and ended inside of a comment.
I believe that the new code strips comments correctly. It also strips string
literals, just in case.
Fixes#5191.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Several files among include/psa/crypto_*.h are not meant to be included
directly, and are not guaranteed to be valid if included directly. This
makes it harder to perform some static analyses. So make these files more
self-contained so that at least, if included on their own, there is no
missing macro or type definition (excluding the deliberate use of forward
declarations of structs and unions).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Running the out of source CMake test on Ubuntu 16.04 using more than one
processor (as the CI does) can create a race condition whereby the build
fails to see a generated file, despite that file actually having been
generated. This problem appears to go away with 18.04 or newer, so make
the out of source tests not supported on Ubuntu 16.04
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Remove support signature PKCS1 v1.5 in CertificateVerify.
Remove useless server states in test script
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
Under gcc11(+) both message and received would cause errors for
potentially being used uninitialised. We fixed many of these issues in
another PR, but this one is only seen under certain configs.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
