Commit graph

27496 commits

Author SHA1 Message Date
Minos Galanakis
31ca313efa Bump version to 3.5.0
```
./scripts/bump_version.sh --version 3.5.0
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:02:18 +01:00
Minos Galanakis
1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 21:57:51 +01:00
Dave Rodgman
3406564b01
Merge pull request #8291 from minosgalanakis/bugfix/updated_check_generated_files 2023-10-03 21:18:57 +01:00
Dave Rodgman
3fb93a8223
Merge pull request #8295 from minosgalanakis/changelog/renamed_psa_crypto_driver_wrappers
Changelog: Added entry for psa_crypto_driver_wrappers rename
2023-10-03 14:05:56 +01:00
Dave Rodgman
130938a804
Merge pull request #1088 from gilles-peskine-arm/tls13_read_public_xxdhe_share-overflow
Fix buffer overflow in TLS 1.3 and USE_PSA_CRYPTO ClientHello ECDH/FFDH parsers
2023-10-03 12:28:38 +01:00
Minos Galanakis
3974b17631 check-generated-files: Added psa_crypto_driver_wrappers_no_static.c file
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 11:47:03 +01:00
Minos Galanakis
76b709dd44 Changelog: Added entry for psa_crypto_driver_wrappers rename
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 11:14:41 +01:00
Dave Rodgman
ff3e9e1eb0
Merge pull request #8292 from minosgalanakis/bugfix/changelog_extensions
ChangeLog: Added .txt extension to log entries.
2023-10-03 09:29:39 +01:00
Gilles Peskine
3713bee34c Remove leftover local debug line
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 18:43:18 +02:00
Minos Galanakis
08707ecbfe ChangeLog: Added .txt extension to log entries.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-02 16:55:00 +01:00
Gilles Peskine
7910cdd47f Avoid compiler warning about size comparison
GCC warns about comparing uint8_t to a size that may be >255.

Strangely, casting the uint8_t to a size_t in the comparison expression
doesn't avoid the warning. So change the type of the variable.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 16:11:05 +02:00
Gilles Peskine
530c423ad2 Improve some debug messages and error codes
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.

On error paths, emit a level-1 debug message. Report the offending sizes.

Downgrade an informational message's level to 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:42:11 +02:00
Gilles Peskine
6dd5b9a60c In TLS 1.2, only servers are affected
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:38:51 +02:00
Gilles Peskine
b782415e1b Changelog entry for xxdh_psa_peerkey size validation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:08:37 +02:00
Gilles Peskine
c29df535ee Improve robustness of ECDH public key length validation
In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to
validate what is written in handshake->xxdh_psa_peerkey. The previous code
was correct, but a little fragile to misconfiguration or maintenance.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:39 +02:00
Gilles Peskine
c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:33 +02:00
Gilles Peskine
12c5aaae57 Fix buffer overflow in TLS 1.3 ECDH public key parsing
Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The
length of the public key in an ECDH- or FFDH-based key exchange was not
validated. This could result in an overflow of handshake->xxdh_psa_peerkey,
overwriting further data in the handshake structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:10 +02:00
Dave Rodgman
0673ed2e93
Merge pull request #8278 from gilles-peskine-arm/7298-changelog
Changelog entry for 7298
2023-09-29 15:56:30 +00:00
Gilles Peskine
673fec0c8c
Merge pull request #8277 from mpg/cl-ffdh-psa
Fix ChangeLog entry for FFDH in PSA
2023-09-29 13:17:53 +00:00
Gilles Peskine
16e9256fe8
Merge pull request #8272 from daverodgman/iar-warnings
Fix IAR warnings
2023-09-29 13:11:03 +00:00
Gilles Peskine
d39edead25 Changelog entry for #7298
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-29 13:07:01 +02:00
Gilles Peskine
f7baf7bfb3
Merge pull request #8271 from daverodgman/fix-numops
Fix error handling in psa_driver_wrapper_xxx_hash_get_num_ops
2023-09-29 10:46:50 +00:00
Manuel Pégourié-Gonnard
ef89fb80d7 Fix ChangeLog entry for FFDH in PSA
It was jumping directly to "driver support" and omitting the first step
of "PSA support".

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-29 12:26:47 +02:00
Dave Rodgman
9ac0e72386 Undo not-needed change
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-29 10:39:31 +01:00
Dave Rodgman
ed9c22d533 Remove redundant code
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-29 10:33:49 +01:00
Dave Rodgman
3572bde9c9 Assume get_num_ops cannot fail
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 19:33:15 +01:00
Dave Rodgman
fe43d12f60 Always call get_num_ops
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 18:46:11 +01:00
Dave Rodgman
b51f3da354
Merge pull request #8264 from mpg/follow-up-8075
Follow up to 8075
2023-09-28 17:32:12 +00:00
Dave Rodgman
2bc38a6dfe Fix return type
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 18:15:58 +01:00
Dave Rodgman
9329252620 Fix IAR statement is unreachable warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 18:14:53 +01:00
Dave Rodgman
90330a4a2d Fix IAR control bypasses initialisation warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 18:13:46 +01:00
Dave Rodgman
321c7e9ed9 Fix error handling in psa_driver_wrapper_xxx_hash_get_num_ops
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 18:07:25 +01:00
Dave Rodgman
02a53d7bef Fix IAR pointless integer comparison
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 17:19:50 +01:00
Dave Rodgman
7e9af05409 Fix IAR control bypasses initialisation warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 17:08:49 +01:00
Dave Rodgman
73d8591f7f Fix IAR change of sign warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 17:00:50 +01:00
Gilles Peskine
42f8d5f0c9
Merge pull request #8261 from Mbed-TLS/fix-cmake-header-include
Add CMake include path for generated header
2023-09-28 15:16:15 +00:00
Manuel Pégourié-Gonnard
3b2357cdca Remove components that partially accelerate ECC keys
These are build-only components so this was never supported for sure.

Let's stick to what's really tested for now, and expand later (with
proper testing!) if there's demand for more flexibility.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 16:56:12 +02:00
Manuel Pégourié-Gonnard
680b48e6b5 Update list of ECC key types in user-config-for-test.h
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 16:52:44 +02:00
Gilles Peskine
3243539f0e
Merge pull request #8242 from mpg/ecc-bn-wrapup
Driver-only ECC: wrap-up
2023-09-28 14:34:52 +00:00
David Horstmann
f868d6f4e8 Remove spurious comments
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-09-28 14:01:25 +01:00
Dave Rodgman
3a098e9090
Merge pull request #1084 from daverodgman/update-ct-changelog
Update padding const-time fix changelog
2023-09-28 11:34:07 +01:00
David Horstmann
6c979856c3 Remove generated files in all cmake_as_x tests
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-09-28 11:30:43 +01:00
David Horstmann
862abe2d0f Fix lowercase comment start
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-09-28 11:28:20 +01:00
Manuel Pégourié-Gonnard
8c40f3dfad Formatting fixes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 11:06:09 +02:00
Manuel Pégourié-Gonnard
140c08e325 Minor clarifications.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 11:02:37 +02:00
Manuel Pégourié-Gonnard
c0c9b23b23 Test only what's support with partial curves accel
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:19 +02:00
Manuel Pégourié-Gonnard
7f22f3478d Add check for unsupported partial curves acceleration
Manual test: run test_psa_crypto_config_accel_ecc_non_weierstrass_curves
or test_psa_crypto_config_accel_ecc_weierstrass_curves as they are now,
observe it failing with the expected #error.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:18 +02:00
Manuel Pégourié-Gonnard
842d3552b6 Add check for unsupported partial key type acceleration
Tested manually as follows: in
component_test_psa_crypto_config_accel_ecc_some_key_types, modify
loc_accel_list to remove one of the key types between
helper_libtestdriver1_make_drivers and helper_libtestdriver1_make_main,
and observe that the 2nd build fails with the expected #error.

Note: removing one of the key types before
helper_libtestdriver1_make_drivers causes the build of libtestdriver1 to
fail, which is quite acceptable, just not what we're trying to observe.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:16 +02:00
Manuel Pégourié-Gonnard
faea919365 Fix typo: weiErstrass
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:16 +02:00
Manuel Pégourié-Gonnard
6be64f7d5b Use lowercase for local variables
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:16 +02:00