Merge pull request #1196 from davidhorstmann-arm/buffer-sharing-merge

Update development-restricted after buffer-sharing work
diff --git a/ChangeLog.d/tls-max-version-reset.txt b/ChangeLog.d/tls-max-version-reset.txt
index 2fa5816..b7c81eb 100644
--- a/ChangeLog.d/tls-max-version-reset.txt
+++ b/ChangeLog.d/tls-max-version-reset.txt
@@ -4,3 +4,4 @@
      An attacker was able to prevent an Mbed TLS server from establishing any
      TLS 1.3 connection potentially resulting in a Denial of Service or forced
      version downgrade from TLS 1.3 to TLS 1.2. Fixes #8654 reported by hey3e.
+     Fixes CVE-2024-28755.
diff --git a/ChangeLog.d/tls13-only-server.txt b/ChangeLog.d/tls13-only-server.txt
index 9583bfb..736896e 100644
--- a/ChangeLog.d/tls13-only-server.txt
+++ b/ChangeLog.d/tls13-only-server.txt
@@ -8,3 +8,4 @@
      - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client
        was able to successfully establish a TLS 1.2 connection with the server.
        Reported by alluettiv on GitHub.
+    Fixes CVE-2024-28836.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9d772fc..5ba94c4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -181,23 +181,6 @@
     } \
     output_copy = LOCAL_OUTPUT_COPY_OF_##output.buffer;
 
-/* Allocate a copy of the buffer output and set the pointer output_copy to
- * point to the start of the copy.
- *
- * Assumptions:
- * - psa_status_t status exists
- * - An exit label is declared
- * - output is the name of a pointer to the buffer to be copied
- * - LOCAL_OUTPUT_DECLARE(output, output_copy) has previously been called
- */
-#define LOCAL_OUTPUT_ALLOC_WITH_COPY(output, length, output_copy) \
-    status = psa_crypto_local_output_alloc_with_copy(output, length, \
-                                                     &LOCAL_OUTPUT_COPY_OF_##output); \
-    if (status != PSA_SUCCESS) { \
-        goto exit; \
-    } \
-    output_copy = LOCAL_OUTPUT_COPY_OF_##output.buffer;
-
 /* Free the local output copy allocated previously by LOCAL_OUTPUT_ALLOC()
  * after first copying back its contents to the original buffer.
  *
@@ -229,8 +212,6 @@
     uint8_t *output_copy_name = NULL;
 #define LOCAL_OUTPUT_ALLOC(output, length, output_copy) \
     output_copy = output;
-#define LOCAL_OUTPUT_ALLOC_WITH_COPY(output, length, output_copy) \
-    output_copy = output;
 #define LOCAL_OUTPUT_FREE(output, output_copy) \
     output_copy = NULL;
 #endif /* MBEDTLS_PSA_COPY_CALLER_BUFFERS */
@@ -7541,7 +7522,7 @@
         return status;
     }
 
-    LOCAL_INPUT_ALLOC(peer_key_external, peer_key_length, peer_key)
+    LOCAL_INPUT_ALLOC(peer_key_external, peer_key_length, peer_key);
     status = psa_key_agreement_internal(operation, step,
                                         slot,
                                         peer_key, peer_key_length);
@@ -8923,39 +8904,6 @@
     return PSA_SUCCESS;
 }
 
-psa_status_t psa_crypto_local_output_alloc_with_copy(uint8_t *output, size_t output_len,
-                                                     psa_crypto_local_output_t *local_output)
-{
-    psa_status_t status;
-    *local_output = PSA_CRYPTO_LOCAL_OUTPUT_INIT;
-
-    if (output_len == 0) {
-        return PSA_SUCCESS;
-    }
-    local_output->buffer = mbedtls_calloc(output_len, 1);
-    if (local_output->buffer == NULL) {
-        /* Since we dealt with the zero-length case above, we know that
-         * a NULL return value means a failure of allocation. */
-        return PSA_ERROR_INSUFFICIENT_MEMORY;
-    }
-    local_output->length = output_len;
-    local_output->original = output;
-
-    status = psa_crypto_copy_input(output, output_len,
-                                   local_output->buffer, local_output->length);
-    if (status != PSA_SUCCESS) {
-        goto error;
-    }
-
-    return PSA_SUCCESS;
-
-error:
-    mbedtls_free(local_output->buffer);
-    local_output->buffer = NULL;
-    local_output->length = 0;
-    return status;
-}
-
 psa_status_t psa_crypto_local_output_free(psa_crypto_local_output_t *local_output)
 {
     psa_status_t status;
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 4d47594..9462d2e 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -941,25 +941,6 @@
 psa_status_t psa_crypto_local_output_alloc(uint8_t *output, size_t output_len,
                                            psa_crypto_local_output_t *local_output);
 
-/** Allocate a local copy of an output buffer and copy the contents into it.
- *
- * \note                        This allocates and copies a buffer
- *                              whose contents will be copied back to the
- *                              original in a future call to
- *                              psa_crypto_local_output_free().
- *
- * \param[in] output            Pointer to output buffer.
- * \param[in] output_len        Length of the output buffer.
- * \param[out] local_output     Pointer to a psa_crypto_local_output_t struct to
- *                              populate with the local output copy.
- * \return                      #PSA_SUCCESS, if the buffer was successfully
- *                              copied.
- * \return                      #PSA_ERROR_INSUFFICIENT_MEMORY, if a copy of
- *                              the buffer cannot be allocated.
- */
-psa_status_t psa_crypto_local_output_alloc_with_copy(uint8_t *output, size_t output_len,
-                                                     psa_crypto_local_output_t *local_output);
-
 /** Copy from a local copy of an output buffer back to the original, then
  *  free the local copy.
  *