mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-31 00:32:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,361 Commits 170 Branches 263 Tags
Commit Graph

29361 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Everett
0f54727bf4 Restructure wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
198a4d98d5 Generate test wrappers for key derivation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
da9227de7c Fix psa_key_derivation_output_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
f943e22bb9 Protect key_derivation_output_bytes 
If the alloc fails I belive it is okay to preserve the algorithm.
The alloc cannot fail with BAD_STATE, and this setting is only used
to differentiate between a exhausted and blank.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
Ryan Everett
d1e398c374 Protect psa_key_derivation_input_bytes 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-07 17:32:16 +00:00
David Horstmann
2f387e98a0
Merge pull request #1174 from davidhorstmann-arm/cipher-multipart-test-fix 
Fix a multipart test that overwrites the same buffer twice
 2024-02-07 17:18:48 +00:00
David Horstmann
b8dc2453f1 Update buffer start and length in multipart test 
This fixes a test failure in which the buffer was not properly filled.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 17:03:13 +00:00
David Horstmann
30a61f2ec8 Add testcase to fail multipart cipher tests 
Encrypt more than 2 blocks of data, causing both update() calls to
output data as well as the call to finish().

This exposes a test bug where the pointer to a buffer is not updated
as it is filled with data.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-06 16:55:19 +00:00
Dave Rodgman
fe4f7e5fc0
Merge pull request #1165 from daverodgman/update-development-r 2024-02-02 22:00:49 +00:00
Dave Rodgman
e883870cc7
Merge branch 'development-restricted' into update-development-r 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-02 18:03:29 +00:00
David Horstmann
52ff236a98
Merge pull request #1137 from Ryan-Everett-arm/key-management-buffer-protection 
Add buffer copying to the Key Management API
 2024-02-02 17:43:14 +00:00
Ryan Everett
8d606857da Remove unnecessary dependencies from psa_crypto_helpers.h 
The psa_test_wrappers.h inclusion was breaking the examples in programs/
on functions with poisoning added

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
4c74c4fe84 Fix line-too-long in script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
35f68533d8 Conditionally guard exit label to deter unused label error 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
84a666daa8 Re-add cipher_encrypt to test wrapper script 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
77b91e3930 Generate test wrappers for key management 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
b1d2c67ee0 Protect buffer in psa_export_public_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
45ac526592 Protect the buffer in psa_export_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
Ryan Everett
f028fe195b Protect buffer in psa_import_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-02-02 10:33:09 +00:00
David Horstmann
8a35fd58ee
Merge pull request #1151 from tom-daubney-arm/asymmetric_sign_buffer_protection 
Implement safe buffer copying in asymmetric signature API
 2024-02-02 10:04:21 +00:00
David Horstmann
b2c9f0e2df Disable poisoning with PSA_CRYPTO_DRIVER_TEST 
This option causes nested calls to PSA functions, so is not compatible
with memory poisoning as it currently stands.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-01-31 14:38:15 +00:00
Thomas Daubney
3e65f52130 Conditionally guard exit label 
...on functions where the label was only added
due to the modifications required by this PR.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:37:25 +00:00
Thomas Daubney
f430f47434 Generate test wrappers 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:25:35 +00:00
Thomas Daubney
4f8847bb5d Implement safe buffer copying in asymmetric signature API 
Use local copy buffer macros to implement safe
copy mechanism in asymmetric signature API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-01-30 12:17:54 +00:00
Tom Cosgrove
f35d24479e
Merge pull request #1166 from daverodgman/ct-cmac 
Use ct module from cmac
 2024-01-30 09:54:02 +01:00
Dave Rodgman
64172bc2ec Use constant_time module from cmac 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-29 12:41:02 +00:00
David Horstmann
eec797a0a7
Merge pull request #1162 from gabor-mezei-arm/buffer_sharing_copy_output_buffer 
Add allocate and copy style output buffer protection
 2024-01-29 11:08:20 +00:00
Dave Rodgman
fc587a337f Remove already-assmebled Changelog entry 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-26 12:48:33 +00:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r 
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
 2024-01-26 12:42:51 +00:00
Dave Rodgman
935182fe2b
Merge pull request #1158 from daverodgman/mbedtls-3.5.2rc 
Mbedtls 3.5.2rc
 2024-01-25 12:22:54 +00:00
Dave Rodgman
f5e231ca84
Merge pull request #8719 from daverodgman/iar-codegen 
Improve codegen of unaligned access for IAR and gcc
 2024-01-25 08:31:45 +00:00
David Horstmann
9c5c9c351d
Merge pull request #1141 from davidhorstmann-arm/memory-poisoning-runtime-enable 
Enable and disable memory poisoning at runtime
 2024-01-24 14:46:43 +00:00
Gabor Mezei
1882c51cb3
Add allocate and copy style output buffer handling 
Add a new macro `LOCAL_OUTPUT_ALLOC_WITH_COPY` to support the output buffer
handling of the multipart operations like `psa_cipher_update`. This will
allocate a local buffer and copy the content of the original buffer.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2024-01-24 13:51:33 +01:00
Dave Rodgman
13f2f4e7f1 Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc 2024-01-24 09:49:15 +00:00
Dave Rodgman
daca7a3979 Update BRANCHES.md 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
v3.5.2 mbedtls-3.5.2 		2024-01-24 09:49:11 +00:00
Janos Follath
aa3fa98bc4
Merge pull request #8726 from v1gnesh/patch-1 
Update entropy_poll.c to allow build in z/OS
 2024-01-23 12:43:18 +00:00
Dave Rodgman
c64280a2d7 Fix comment typo 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-23 10:05:08 +00:00
v1gnesh
468c02cf61
Update ChangeLog.d/8726.txt 
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com>
 2024-01-23 15:29:40 +05:30
Dave Rodgman
00b530e395 Limit compiler hint to compilers that are known to benefit from it 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-23 09:41:34 +00:00
Dave Rodgman
e23d6479cc Bump version 
./scripts/bump_version.sh --version 3.5.1

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 15:45:49 +00:00
Dave Rodgman
6ba416968b Assemble Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 15:40:12 +00:00
Janos Follath
0d57f1034e Update Marvin fix Changelog entry 
Upon further consideration we think that a remote attacker close to the
victim might be able to have precise enough timing information to
exploit the side channel as well. Update the Changelog to reflect this.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:58 +00:00
Janos Follath
393df9c995 Add warning for PKCS 1.5 decryption 
Any timing variance dependant on the output of this function enables a
Bleichenbacher attack. It is extremely difficult to use safely.

In the Marvin attack paper
(https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf) the
author suggests that implementations of PKCS 1.5 decryption that don't
include a countermeasure should be considered inherently dangerous.

They suggest that all libraries implement the same countermeasure, as
implementing different countermeasures across libraries enables the
Bleichenbacher attack as well.

This is extremely fragile and therefore we don't implement it. The use
of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in
the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable.

Add a warning to PKCS 1.5 decryption to warn users about this.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
16ab76bbe7 Fix typo 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
b4b8f3df3b RSA: improve readability 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
47ee770812 RSA: remove unneeded temporaries 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
e6750b2a0b RSA: document Montgomery trick in unblind 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
a62a554071 Fix style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
100dcddfca Make local function static 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
a865fc951e Add Changelog for the Marvin attack fix 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00