mbedtls/ChangeLog.d
Gilles Peskine 2fa6b5f503 ECC import: more useful choice of INVALID_ARGUMENT vs NOT_SUPPORTED
Attempting to create an ECC key with a curve specification that is not
valid can plausibly fail with PSA_ERROR_INVALID_ARGUMENT ("this is not
a curve specification at all") or PSA_ERROR_NOT_SUPPORTED ("this may
be a curve specification, but not one I support"). The choice of error
is somewhat subjective.

Before this commit, due to happenstance in the implementation, an
attempt to use a curve that is declared in the PSA API but not
implemented in Mbed TLS returned PSA_ERROR_INVALID_ARGUMENT, whereas
an attempt to use a curve that Mbed TLS supports but for which support
was disabled at compile-time returned PSA_ERROR_NOT_SUPPORTED. This
inconsistency made it difficult to write negative tests that could
work whether the curve is implemented via Mbed TLS code or via a
driver.

After this commit, any attempt to use parameters that are not
recognized fails with NOT_SUPPORTED, whether a curve with the
specified size might plausibly exist or not, because "might plausibly
exist" is not something Mbed TLS can determine.

To keep returning INVALID_ARGUMENT when importing an ECC key with an
explicit "bits" attribute that is inconsistent with the size of the
key material, this commit changes the way mbedtls_ecc_group_of_psa()
works: it now works on a size in bits rather than bytes, with an extra
flag indicating whether the bit-size must be exact or not.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-08 18:43:26 +01:00
..
00README.md 2.24.0 is still covered by the old policy 2020-10-01 00:35:49 +02:00
issue3819.txt Updated change description as suggested by @gilles-peskine-arm. 2021-01-05 11:28:30 -06:00
issue4093.txt adjusting Changelog entry for PR #4094 2021-02-02 12:38:26 +01:00
mbedtls_ecc_group_of_psa.txt ECC import: more useful choice of INVALID_ARGUMENT vs NOT_SUPPORTED 2021-02-08 18:43:26 +01:00
mpi_sub_abs.txt mbedtls_mpi_sub_abs: fix buffer overflow in error case 2021-02-01 17:28:03 +01:00
no_ecp_fallback.txt Documentation update for MBEDTLS_ECP_NO_FALLBACK 2021-01-21 13:58:31 +01:00
programs-ssl-use-after-scope.txt Add Changelog entry 2020-12-16 15:02:50 +01:00
psa-crypto-hmac-drbg.txt PSA support for HMAC_DRBG: changelog entry 2020-11-23 17:42:54 +01:00
psa-crypto-rename-output-buffer-size-macros.txt Add changelog entry 2021-01-21 14:03:57 +01:00
psa_close_key_memory_leak_fix.txt PSA Crypto: Don't skip key data removal when SE driver is not in use 2020-12-17 11:05:36 +01:00
rsa_private-ret.txt Fix an incorrect error code if RSA private operation glitched 2021-01-06 18:22:40 +01:00