Gilles Peskine
0b17255da1
Introduce mbedtls_pk_get_psa_attributes
...
Follow the specification in https://github.com/Mbed-TLS/mbedtls/pull/8657
as of dd77343381
, i.e.
dd77343381/docs/architecture/psa-migration/psa-legacy-bridges.md (api-to-create-a-psa-key-from-a-pk-context)
This commit introduces the function declaration, its documentation, the
definition without the interesting parts and a negative unit test function.
Subsequent commits will add RSA, ECC and PK_OPAQUE support.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-23 20:09:38 +01:00
Ryan Everett
90afb132e0
Add ..._GOTO_EXIT macro
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-23 18:34:55 +00:00
Ryan Everett
d6d6a76e46
Add ..._GOTO_RETURN macro
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-23 18:32:42 +00:00
Chien Wong
019c2a7817
Handle sizeof(size_t) > sizeof(uint64_t)
...
Signed-off-by: Chien Wong <m@xv97.com>
2024-01-23 21:38:06 +08:00
Janos Follath
aa3fa98bc4
Merge pull request #8726 from v1gnesh/patch-1
...
Update entropy_poll.c to allow build in z/OS
2024-01-23 12:43:18 +00:00
Dave Rodgman
c64280a2d7
Fix comment typo
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-23 10:05:08 +00:00
v1gnesh
468c02cf61
Update ChangeLog.d/8726.txt
...
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com>
2024-01-23 15:29:40 +05:30
Dave Rodgman
00b530e395
Limit compiler hint to compilers that are known to benefit from it
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-23 09:41:34 +00:00
Dave Rodgman
e23d6479cc
Bump version
...
./scripts/bump_version.sh --version 3.5.1
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-22 15:45:49 +00:00
Dave Rodgman
6ba416968b
Assemble Changelog
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-22 15:40:12 +00:00
Janos Follath
0d57f1034e
Update Marvin fix Changelog entry
...
Upon further consideration we think that a remote attacker close to the
victim might be able to have precise enough timing information to
exploit the side channel as well. Update the Changelog to reflect this.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:58 +00:00
Janos Follath
393df9c995
Add warning for PKCS 1.5 decryption
...
Any timing variance dependant on the output of this function enables a
Bleichenbacher attack. It is extremely difficult to use safely.
In the Marvin attack paper
(https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf ) the
author suggests that implementations of PKCS 1.5 decryption that don't
include a countermeasure should be considered inherently dangerous.
They suggest that all libraries implement the same countermeasure, as
implementing different countermeasures across libraries enables the
Bleichenbacher attack as well.
This is extremely fragile and therefore we don't implement it. The use
of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in
the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable.
Add a warning to PKCS 1.5 decryption to warn users about this.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
16ab76bbe7
Fix typo
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
b4b8f3df3b
RSA: improve readability
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
47ee770812
RSA: remove unneeded temporaries
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
e6750b2a0b
RSA: document Montgomery trick in unblind
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
a62a554071
Fix style
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
100dcddfca
Make local function static
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
a865fc951e
Add Changelog for the Marvin attack fix
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
6bcbc925bf
Extend blinding to RSA result check
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
d6b096532c
Make RSA unblinding constant flow
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Paul Elliott
968a928659
Add Changelog for #8687
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-01-22 15:32:18 +00:00
Jonathan Winzig
af553bf719
Add required dependency to the testcase
...
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
acd35a55c8
Remove unneeded testcase
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
144bfde1cd
Update test-data to use SIZE_MAX
...
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
93f5240ae5
Add missing newline at the end of test_suite_x509write.data
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
a0c9448bea
Update fix to be more platform-independent
...
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
63b5e216f8
Fix Issue #8687
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
1c7629c1c0
Add tests for Issue #8687
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Antonio de Angelis
90d18343ce
Update the initialization macros
...
The initializatio macros need to be updated to support the case
where the crypto client view of the structures is being initialized
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2024-01-22 13:15:39 +00:00
Chien Wong
858bc65d74
Add comment on impossible overflows
...
Signed-off-by: Chien Wong <m@xv97.com>
2024-01-22 20:47:26 +08:00
Chien Wong
bf4b5ed7a4
Add back restriction on AD length of GCM
...
Fixes: bd513bb53d
Signed-off-by: Chien Wong <m@xv97.com>
2024-01-22 20:43:54 +08:00
v1gnesh
d0b55edea3
Create 8726.txt changelog entry
...
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com>
2024-01-22 17:13:56 +05:30
Antonio de Angelis
6425a188df
Add a client view of the multipart contexts
...
In case MBEDTLS_PSA_CRYPTO_CLIENT is defined and MBEDTLS_PSA_CRYPTO_C
is not, a client view of the multipart operation contexts is provided
through an handle object that allows mapping to the corresponding
service side data structures.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2024-01-22 11:39:36 +00:00
v1gnesh
3c129dd6aa
Update entropy_poll.c
...
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com>
2024-01-22 15:59:49 +05:30
Manuel Pégourié-Gonnard
34c6e8a770
Merge pull request #8700 from valeriosetti/issue8461
...
psa_asymmetric_encrypt() doesn't work with opaque driver
2024-01-22 08:43:08 +00:00
Ronald Cron
f8fdbb5174
tests: tls13: Run early data test only in TLS 1.3 only config
...
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Ronald Cron
a8dd81b4de
tests: tls13: Add early data unit test
...
This aims to provide a basis for negative
testing around TLS 1.3 early data.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Ronald Cron
ec3408d707
tests: ssl: Move setting of debug callback
...
Move the setting of the debug callback to
the endpoint initialization function. That
way, no need to repeat it in various testing
scenarios.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Ronald Cron
d903a86e52
tests: tls13: Add session resume with ticket unit test
...
This aims to provide a basis for negative testing
around TLS 1.3 ticket, replacing eventually the
negative tests done in ssl-opt.sh using the
dummy_ticket option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Ronald Cron
77abfe67db
ssl_helpers.c: Add ticket write/parse test functions
...
Add ticket write/parse test functions as defined
by mbedtls_ssl_ticket_write/parse_t. They are
intended to be used in negative testing
involving tickets.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Ronald Cron
297c608915
tls13: cli: Fix setting of early data transform
...
Fix setting of early data transform when we
do not send dummy CCS for middlebox compatibility.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Janos Follath
fb12d9204d
Merge pull request #8693 from Ryan-Everett-arm/implement-key-slot-mutex
...
Implement the key slot mutex
2024-01-19 20:49:18 +00:00
Dave Rodgman
075f8797ac
Remove include of build_info.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:48:42 +00:00
Dave Rodgman
336efeec50
Move MBEDTLS_COMPILER_IS_GCC & MBEDTLS_GCC_VERSION into build_info
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:38:53 +00:00
Dave Rodgman
00b4eeb0b3
Improve comments
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:14:55 +00:00
Dave Rodgman
7470557855
Add changelog entry
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:14:55 +00:00
Dave Rodgman
2143a4ad1f
Improve mbedtls_xor docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00
Dave Rodgman
18d90d7519
Make mbedtls_xor always inline
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00
Dave Rodgman
55b5dd2cfc
Make unaligned accessors always inline
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00