935182fe2b
Merge pull request #1158 from daverodgman/mbedtls-3.5.2rc
...
Mbedtls 3.5.2rc
2024-01-25 12:22:54 +00:00
ef56795fd2
Fix 1 forgotten separate input/output buffer
...
Signed-off-by: Chien Wong <m@xv97.com >
2024-01-25 19:22:50 +08:00
92c17c456c
Use separate input/output buffer. Explain why error is expected
...
Signed-off-by: Chien Wong <m@xv97.com >
2024-01-25 19:11:03 +08:00
f5e231ca84
Merge pull request #8719 from daverodgman/iar-codegen
...
Improve codegen of unaligned access for IAR and gcc
2024-01-25 08:31:45 +00:00
3877d4858b
Refactor macros
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-01-24 13:26:26 +00:00
99ff1f505b
Add test cases on GCM AD, input, IV length
...
Signed-off-by: Chien Wong <m@xv97.com >
2024-01-24 20:52:27 +08:00
13f2f4e7f1
Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc
2024-01-24 09:49:15 +00:00
daca7a3979
Update BRANCHES.md
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-01-24 09:49:11 +00:00
cb05ce30e9
Minor fixes to locking macros
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-01-23 19:25:10 +00:00
90afb132e0
Add ..._GOTO_EXIT macro
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-01-23 18:34:55 +00:00
d6d6a76e46
Add ..._GOTO_RETURN macro
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-01-23 18:32:42 +00:00
019c2a7817
Handle sizeof(size_t) > sizeof(uint64_t)
...
Signed-off-by: Chien Wong <m@xv97.com >
2024-01-23 21:38:06 +08:00
aa3fa98bc4
Merge pull request #8726 from v1gnesh/patch-1
...
Update entropy_poll.c to allow build in z/OS
2024-01-23 12:43:18 +00:00
c64280a2d7
Fix comment typo
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-01-23 10:05:08 +00:00
468c02cf61
Update ChangeLog.d/8726.txt
...
Co-authored-by: Janos Follath <janos.follath@arm.com >
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com >
2024-01-23 15:29:40 +05:30
00b530e395
Limit compiler hint to compilers that are known to benefit from it
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-01-23 09:41:34 +00:00
e23d6479cc
Bump version
...
./scripts/bump_version.sh --version 3.5.1
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-01-22 15:45:49 +00:00
6ba416968b
Assemble Changelog
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-01-22 15:40:12 +00:00
0d57f1034e
Update Marvin fix Changelog entry
...
Upon further consideration we think that a remote attacker close to the
victim might be able to have precise enough timing information to
exploit the side channel as well. Update the Changelog to reflect this.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:58 +00:00
393df9c995
Add warning for PKCS 1.5 decryption
...
Any timing variance dependant on the output of this function enables a
Bleichenbacher attack. It is extremely difficult to use safely.
In the Marvin attack paper
(https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf ) the
author suggests that implementations of PKCS 1.5 decryption that don't
include a countermeasure should be considered inherently dangerous.
They suggest that all libraries implement the same countermeasure, as
implementing different countermeasures across libraries enables the
Bleichenbacher attack as well.
This is extremely fragile and therefore we don't implement it. The use
of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in
the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable.
Add a warning to PKCS 1.5 decryption to warn users about this.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
16ab76bbe7
Fix typo
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
b4b8f3df3b
RSA: improve readability
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
47ee770812
RSA: remove unneeded temporaries
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
e6750b2a0b
RSA: document Montgomery trick in unblind
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
a62a554071
Fix style
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
100dcddfca
Make local function static
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
a865fc951e
Add Changelog for the Marvin attack fix
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
6bcbc925bf
Extend blinding to RSA result check
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
d6b096532c
Make RSA unblinding constant flow
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-01-22 15:33:19 +00:00
968a928659
Add Changelog for #8687
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2024-01-22 15:32:18 +00:00
af553bf719
Add required dependency to the testcase
...
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com >
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
acd35a55c8
Remove unneeded testcase
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
144bfde1cd
Update test-data to use SIZE_MAX
...
Co-authored-by: David Horstmann <david.horstmann@arm.com >
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
93f5240ae5
Add missing newline at the end of test_suite_x509write.data
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
a0c9448bea
Update fix to be more platform-independent
...
Co-authored-by: David Horstmann <david.horstmann@arm.com >
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
63b5e216f8
Fix Issue #8687
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
1c7629c1c0
Add tests for Issue #8687
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com >
2024-01-22 15:31:05 +00:00
858bc65d74
Add comment on impossible overflows
...
Signed-off-by: Chien Wong <m@xv97.com >
2024-01-22 20:47:26 +08:00
bf4b5ed7a4
Add back restriction on AD length of GCM
...
Fixes: bd513bb53dm@xv97.com >
2024-01-22 20:43:54 +08:00
d0b55edea3
Create 8726.txt changelog entry
...
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com >
2024-01-22 17:13:56 +05:30
3c129dd6aa
Update entropy_poll.c
...
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com >
2024-01-22 15:59:49 +05:30
34c6e8a770
Merge pull request #8700 from valeriosetti/issue8461
...
psa_asymmetric_encrypt() doesn't work with opaque driver
2024-01-22 08:43:08 +00:00
f8fdbb5174
tests: tls13: Run early data test only in TLS 1.3 only config
...
Temporary workaround to not run the early data test
in Windows-2013 where there is an issue with
mbedtls_vsnprintf().
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-01-22 09:37:45 +01:00
a8dd81b4de
tests: tls13: Add early data unit test
...
This aims to provide a basis for negative
testing around TLS 1.3 early data.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-01-22 09:37:45 +01:00
ec3408d707
tests: ssl: Move setting of debug callback
...
Move the setting of the debug callback to
the endpoint initialization function. That
way, no need to repeat it in various testing
scenarios.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-01-22 09:37:45 +01:00
d903a86e52
tests: tls13: Add session resume with ticket unit test
...
This aims to provide a basis for negative testing
around TLS 1.3 ticket, replacing eventually the
negative tests done in ssl-opt.sh using the
dummy_ticket option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-01-22 09:37:45 +01:00
77abfe67db
ssl_helpers.c: Add ticket write/parse test functions
...
Add ticket write/parse test functions as defined
by mbedtls_ssl_ticket_write/parse_t. They are
intended to be used in negative testing
involving tickets.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-01-22 09:37:45 +01:00
297c608915
tls13: cli: Fix setting of early data transform
...
Fix setting of early data transform when we
do not send dummy CCS for middlebox compatibility.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-01-22 09:37:45 +01:00
fb12d9204d
Merge pull request #8693 from Ryan-Everett-arm/implement-key-slot-mutex
...
Implement the key slot mutex
2024-01-19 20:49:18 +00:00
075f8797ac
Remove include of build_info.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-01-19 16:48:42 +00:00
