mbedtls

Author	SHA1	Message	Date
Dave Rodgman	d26a3d6da7	Eliminate duplicate ct memcmp Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-18 19:09:45 +01:00
Gilles Peskine	8a7fb2d799	Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun Add new pkcs12 pbe2 ext fun	2023-09-15 18:43:03 +02:00
Waleed Elmelegy	50888643f4	Reduce line size in new pkcs function changelog Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-14 18:27:17 +01:00
Waleed Elmelegy	0684965f5a	Modify changelog entry to add pkcs12 pbe functions Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-13 13:35:16 +01:00
Dave Rodgman	9b1ae3d7c8	Merge pull request #1059 from daverodgman/ct_memcmp_fix Constant time memcmp check for 16-bit int	2023-09-12 16:13:03 +01:00
Waleed Elmelegy	57d09b72ef	Return back to modifying input parameters in pkcs12_parse_pbe_params Return back to modifying input parameters in pkcs12_parse_pbe_params to avoid change in behaviour. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-12 14:05:10 +01:00
Dave Rodgman	bd58944252	Avoid implementation defined behaviour Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 12:38:53 +01:00
Dave Rodgman	49d7223036	Fix test under memsan Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 11:03:23 +01:00
Dave Rodgman	1a1b03bfb4	Merge pull request #1024 from daverodgman/safer-ct-changelog Changelog for safer constant-time	2023-09-12 10:59:14 +01:00
Dave Rodgman	50b0a35494	Test INT_MAX rather than UINT_MAX Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 09:30:44 +01:00
Dave Rodgman	98926d5fb1	Update comment, and replace bit-twiddling with #error Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 09:29:33 +01:00
Dave Rodgman	70e022b024	code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-12 09:29:13 +01:00
Dave Rodgman	4f26770291	Ensure mbedtls_ct_memcpy behaves correctly with 16-bit int Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-11 19:10:09 +01:00
Dave Rodgman	140d5c77d0	Add single-bit difference tests Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-11 19:10:05 +01:00
Waleed Elmelegy	e1cb35b719	Add new mbedtls_pkcs12_pbe_ext function to replace old function Add new mbedtls_pkcs12_pbe_ext function to replace old mbedtls_pkcs12_pbe function that have security issues. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-08 16:51:26 +01:00
Gilles Peskine	31d49cd57f	Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe Improve & test legacy mbedtls_pkcs12_pbe	2023-09-08 13:08:05 +02:00
Dave Rodgman	26923c7e49	Add missing hyphen Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-08 10:45:34 +01:00
Dave Rodgman	241a80b717	Improve changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-08 10:21:18 +01:00
Dave Rodgman	3fc3ae708e	wip Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-08 10:21:18 +01:00
Dave Rodgman	d441a14f38	Add reference to x86 asm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-08 10:21:18 +01:00
Dave Rodgman	cd1de6350e	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-08 10:21:18 +01:00
Waleed Elmelegy	1f59ee078f	Add correct dependencies to pkcs12 tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 17:59:35 +01:00
Waleed Elmelegy	096017023d	Fix identation error in pkcs12 tests Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 17:48:40 +01:00
Waleed Elmelegy	75b9eb36b4	Change pkcs12 test comparison macro to the new macro Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 17:02:37 +01:00
Waleed Elmelegy	8317e91b1e	Change pkcs12 test allocation macros to the new macros Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-07 15:46:58 +01:00
Waleed Elmelegy	15de809e1a	Improve pkcs12 pbe tests * Simplify pkcs12 tests to use algo parameters instead of asn1 buffers. * Fix output buffers allocation size. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-05 16:34:55 +01:00
Waleed Elmelegy	255db80910	Improve & test legacy mbedtls_pkcs12_pbe * Prevent pkcs12_pbe encryption when PKCS7 padding has been disabled since this not part of the specs. * Allow decryption when PKCS7 padding is disabled for legacy reasons, However, invalid padding is not checked. * Document new behaviour, known limitations and possible security concerns. * Add tests to check these scenarios. Test data has been generated by the below code using OpenSSL as a reference: #include <openssl/pkcs12.h> #include <openssl/evp.h> #include <openssl/des.h> #include <openssl/asn1.h> #include "crypto/asn1.h" #include <string.h> int main() { char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"; unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC"; unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"; unsigned char ciphertext = NULL; int iter = 10; X509_ALGOR alg = X509_ALGOR_new(); int ciphertext_len = 0; int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; alg->parameter = ASN1_TYPE_new(); struct asn1_object_st * aobj; PKCS5_pbe_set0_algor(alg, alg_nid, iter, salt, sizeof(salt)-1); aobj = alg->algorithm; printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length); printf("06%.2X", aobj->length); for (int i = 0; i < aobj->length; i++) { printf("%.2X", aobj->data[i]); } for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) { printf("%.2X", alg->parameter->value.asn1_string->data[i]); } printf("\":\""); for (int i = 0; i < sizeof(pass)-1; i++) { printf("%.2X", pass[i] & 0xFF); } printf("\":\""); for (int i = 0; i < sizeof(plaintext)-1; i++) { printf("%.2X", plaintext[i]); } printf("\":"); printf("0"); printf(":\""); unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1); if (res == NULL) printf("Encryption failed!\n"); for (int i = 0; i < ciphertext_len; i++) { printf("%.2X", res[i]); } printf("\"\n"); return 0; } Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com> #	2023-09-05 15:45:55 +01:00
Gilles Peskine	1a7d387072	Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun Add new pkcs5 pbe2 ext fun	2023-09-04 15:33:42 +02:00
Janos Follath	3574ec27fe	Merge pull request #1052 from yanesca/add_everest_to_threat_model Add Everest to threat model	2023-09-04 14:05:13 +01:00
Janos Follath	4d43f2ed0e	Add Everest to threat model Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-09-01 16:22:25 +01:00
Waleed-Ziad Maamoun-Elmelegy	c5fef82c52	Fix typo in pkcs5.c Co-authored-by: Janos Follath <janos.follath@arm.com> Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-01 11:45:39 +01:00
Gilles Peskine	1a8ebe39bf	Merge pull request #1050 from Mbed-TLS/update-restricted-2023-08-30 Sync development-restricted with tip of development	2023-08-30 15:47:22 +02:00
Waleed Elmelegy	21d7d85af7	Fix mbedtls_pkcs5_pbes test function failure Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-30 13:12:09 +01:00
Dave Rodgman	730bbee226	Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30	2023-08-30 11:22:00 +01:00
Gilles Peskine	f3a41685e7	Merge pull request #8126 from daverodgman/p256-m-aarch64 Disable p256-m asm on aarch64	2023-08-29 14:15:08 +00:00
Gilles Peskine	a878b663cf	Merge pull request #8090 from silabs-Kusumit/PBKDF2_higher_cost_tests PBKDF2: tests with higher input costs	2023-08-29 14:00:17 +00:00
Waleed Elmelegy	4ac8619282	Improve mbedtls_pkcs5_pbes2_ext changelog description Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-29 14:56:15 +01:00
Waleed Elmelegy	79b6e26b1b	Improve mbedtls_pkcs5_pbes2_ext function test data Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-08-29 14:55:03 +01:00
Dave Rodgman	024a3b3f04	Disable p256-m asm on aarch64 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-08-29 13:21:43 +01:00
Dave Rodgman	d395590597	Merge pull request #7579 from daverodgman/safer-ct-asm Arm assembly implementation of constant time primitives	2023-08-28 08:26:29 +00:00
Gilles Peskine	8ca2041145	Merge pull request #8074 from tgonzalezorlandoarm/tg/allowlist Implement allowlist of test cases that are legitimately not executed	2023-08-24 18:03:20 +00:00
Gilles Peskine	2a296729d0	Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts Remove type qualifier in assignment casts	2023-08-24 18:02:11 +00:00
Tomás González	d43cab3f5c	Correct analyze_outcomes identation Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-24 09:12:40 +01:00
Tom Cosgrove	41d689f389	Merge pull request #7985 from tom-cosgrove-arm/single-source-of-truth-for-licensing Single source of truth for licensing	2023-08-22 16:27:21 +00:00
Agathiyan Bragadeesh	1515f351a1	Remove IAR warning fixes to 2.28 from changelog Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 15:24:38 +01:00
Agathiyan Bragadeesh	c5eb13d2a9	Reword IAR changelog for fixing compiler warnings Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 15:13:04 +01:00
Tom Cosgrove	3d2d599d3e	Merge pull request #7996 from gilles-peskine-arm/small_primes-gaps Reduce the size of the small primes table used by primality testing	2023-08-22 12:48:56 +00:00
Gilles Peskine	e65bba4dd2	Merge pull request #7803 from gilles-peskine-arm/psa-low-hash-mac-size Start testing the PSA built-in drivers: hashes	2023-08-22 11:19:41 +00:00
Tomás González	a0631446b5	Correct analyze_outcomes.py identation Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>	2023-08-22 12:18:04 +01:00
Gilles Peskine	30b0378008	Fix off-by-one error The value of p after adding the last entry in the gap table is not used. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-22 11:06:47 +02:00

1 2 3 4 5 ...

26813 commits