Janos Follath
04fa1a4054
Threat Model: fix copy paste
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-16 15:04:21 +00:00
Janos Follath
9118bf5791
Threat Model: adjust modality
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 15:43:24 +00:00
Janos Follath
ba75955cd8
Threat Model: remove references
...
Remove references to scientific papers as they are too specific and
might be misleading.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 14:54:44 +00:00
Janos Follath
4317a9ef1f
Threat Model: clarify stance on timing attacks
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 14:53:03 +00:00
Janos Follath
c51a413c47
Threat Model: improve wording and grammar
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 12:47:27 +00:00
Janos Follath
042e433eda
Threat Model: clarify attack vectors
...
Timing attacks can be launched by any of the main 3 attackers. Clarify
exactly how these are covered.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-08 20:07:59 +00:00
Janos Follath
d5a09400ae
Threat Model: improve wording
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-08 19:58:29 +00:00
Janos Follath
3d377605f3
Threat Model: move the block cipher section
...
The block cipher exception affects both remote and local timing attacks.
Move them to the Caveats section and reference it from both the local
and the remote attack section.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-08 16:58:01 +00:00
Janos Follath
ecaa293d32
Threat model: explain dangling countermeasures
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-08 16:38:07 +00:00
Janos Follath
fef82fd39b
Threat Model: increase classification detail
...
Originally for the sake of simplicity there was a single category for
software based attacks, namely timing side channel attacks.
Be more precise and categorise attacks as software based whether or not
they rely on physical information.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-08 16:10:39 +00:00
Janos Follath
9ec195c984
Threat Model: reorganise threat definitions
...
Simplify organisation by placing threat definitions in their respective
sections.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-06 14:54:59 +00:00
Janos Follath
144dd7d2fa
Threat Model: Miscellaneous clarifications
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-03 14:56:38 +00:00
Janos Follath
24792d0a33
Threat Model: Improve wording
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-03 14:16:12 +00:00
Janos Follath
18d417340f
Add Threat Model Summary
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-02-24 16:00:21 +00:00
Manuel Pégourié-Gonnard
718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san
...
Add the uniformResourceIdentifier subtype for the subjectAltName
2023-02-20 11:29:59 +01:00
Andrzej Kurek
81b0b89a34
Clarify comments on subjectAltName types
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-16 06:55:10 -05:00
Gilles Peskine
e2a9f86755
Merge pull request #6971 from gabor-mezei-arm/6026_Secp192r1_fast_reduction
...
Extract Secp192r1 fast reduction from the prototype
2023-02-15 16:22:36 +01:00
Manuel Pégourié-Gonnard
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy
...
Dual-API hash dispatch strategy
2023-02-15 12:50:13 +01:00
Gilles Peskine
edc6ae9578
Merge pull request #7090 from paul-elliott-arm/fix_iar_warnings_dev
...
Fix IAR Warnings
2023-02-14 20:01:00 +01:00
Gilles Peskine
c5e2a4fe67
Merge pull request #6937 from valeriosetti/issue6886
...
Add test for PK parsing of keys using compressed points
2023-02-14 19:54:29 +01:00
Gabor Mezei
0b4b8e3c5e
Update documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-14 16:36:38 +01:00
Andrzej Kurek
570a0f808b
Move to DER certificates for new x509 tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-14 05:52:49 -05:00
Dave Rodgman
319a5675db
Merge pull request #7084 from daverodgman/sizemax-uintmax
...
Assume SIZE_MAX >= INT_MAX, UINT_MAX
2023-02-14 10:06:22 +00:00
Manuel Pégourié-Gonnard
6b9503a32d
Merge pull request #7064 from valeriosetti/issue6860
...
driver-only ECDSA: get testing parity in SSL
2023-02-14 09:31:07 +01:00
Ronald Cron
70341c17b7
Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local
...
TLS 1.3: Key Generation: Change tls13_early_secrets to local variable
2023-02-14 09:03:32 +01:00
Paul Elliott
1748de160a
Fix IAR Warnings
...
IAR was warning that conditional execution could bypass initialisation of
variables, although those same variables were not used uninitialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-13 15:35:35 +00:00
Gabor Mezei
a264831cff
Update documentation and add comments
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 16:29:05 +01:00
Andrzej Kurek
3e8f65a7e2
Add a changelog entry for URI SAN parsing
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:21:20 -05:00
Andrzej Kurek
50836c4dfb
Fix a comment in x509_crt.h
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:21:14 -05:00
Andrzej Kurek
4077372b98
Fix SHA requirement for SAN URI tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:18:17 -05:00
Andrzej Kurek
7a05fab716
Added the uniformResourceIdentifier subtype for the subjectAltName.
...
Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-02-13 10:03:07 -05:00
Valerio Setti
1b08d421a7
test: fix: replace CAN_ECDSA_SOME with CAN_ECDSA_SIGN+CAN_ECDSA_VERIFY when both are needed
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
16f02e0196
test: adjust include after PK_CAN_ECDSA_SOME was moved
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
d928aeb9ac
test_suite_ssl: use new macros for ECDSA capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
ed02bb1f95
test_suite_debug: replace ECDSA_C with new ECDSA macros
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Valerio Setti
5dc6867f7e
test: don't skip debug and ssl suites in test parity for driver only ECDSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 15:35:37 +01:00
Manuel Pégourié-Gonnard
d3d8c852a0
Merge pull request #6997 from valeriosetti/issue6858
...
driver-only ECDSA: get testing parity in X.509
2023-02-13 15:30:06 +01:00
Gabor Mezei
5c9f401e47
Add more test cases
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:15:08 +01:00
Gabor Mezei
23d4b8baee
Add check for test
...
Check the bit length of the output of p192_raw.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:13:33 +01:00
Gabor Mezei
a9d82dd0a2
Keep the description in one place, just refer it
...
Delete the duplicated file description and refer to the original one
in generate_bignum_tests.py.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-13 14:10:23 +01:00
Valerio Setti
178b5bdddf
pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 11:15:06 +01:00
Valerio Setti
a119cb64ef
test: remove redundant ECDSA_C dependencies from test_suite_x509parse.data
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 09:54:49 +01:00
Manuel Pégourié-Gonnard
daa65956c3
Merge pull request #7046 from mpg/cleanup-md-tests
...
Clean up MD tests
2023-02-13 09:51:28 +01:00
Janos Follath
1e4abae73e
Merge pull request #7048 from KloolK/record-size-limit/extend-test-framework
...
Extend test framework for Record Size Limit Extension
2023-02-13 08:17:12 +00:00
Gilles Peskine
a9d39c42e9
Merge pull request #7085 from sergio-nsk/patch-1
...
Fix unreachable code compiler warning in psa_crypto_driver_wrappers.c
2023-02-12 23:56:32 +01:00
Dave Rodgman
641288bc1e
Restore test guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 22:02:04 +00:00
Dave Rodgman
91e832168f
Restore more test guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 20:07:43 +00:00
Dave Rodgman
a476363042
Restore more test guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 18:36:23 +00:00
Dave Rodgman
d26d7445b8
Restore guards on a couple of tests
...
These tests check for failures, but can only fail where SIZE_MAX
exceeds some limit (UINT_MAX or UINT32_MAX) and do not fail
in this way otherwise - so guards are needed.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-11 17:22:03 +00:00
Sergey
c36c14c7af
Update psa_crypto_driver_wrappers.c.jinja
...
Signed-off-by: Sergey <sergio_nsk@yahoo.de>
2023-02-10 14:14:00 -07:00