It was jumping directly to "driver support" and omitting the first step
of "PSA support".
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Actually not much to change there, from a high level perspective things are
quite simple: you used to be able to disable ECP_C, now you can disable
BIGNUM_C too.
There will be more to update in driver-only-build.md which is the right
place for a more detailed explanation of the limitations.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
While this was arguably a bug as much as it is a change, I'm choosing
the "API changes" section in order to give this more visibility as it
seems likely to "break" (that is, compile in the built-implementation
when it isn't desired) the build of some people who were relying on the
old behaviour by not declaring which curves were accelerated (as most of
our tests did before this PR).
Said otherwise, as a user, I expect that most of the time "Bugfix" is
for things that were not working and are now working, but here
interested users are more likely to see it as "previously doing what I
want, but now no longer doing what I want unless I make changes to my
code". (Though of course there's no clear distinction, see xkcd 1172.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
`MBEDTLS_CIPHER_PADDING_PKCS7` was added in
c9f4040f7f3356293e90c58d11f6567def641e08 in `development-restricted`.
In `development`, this section of the file has moved to
`include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
comment change in development. The comment change in `development` is not
really relevant, so just take the line from `development-restricted`.
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Mbed TLS can be configured by writing a configuration file from scratch,
without copying mbedtls_config.h. As a consequence, all the macro
definitions in mbedtls_config.h must be optional. This was not the case for
some MBEDTLS_SSL_TLS1_3_xxx macros with numerical values related to session
tickets. Fix that.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
