mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-10 04:13:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
28,586 Commits 174 Branches 263 Tags
Commit Graph

6541 Commits

Author SHA1 Message Date
Janos Follath
890c74447d
Merge pull request #1123 from yanesca/fix-marvin-attack 
Fix for the Marvin attack
 2024-01-10 12:16:57 +00:00
Janos Follath
2125443aef Add warning for PKCS 1.5 decryption 
Any timing variance dependant on the output of this function enables a
Bleichenbacher attack. It is extremely difficult to use safely.

In the Marvin attack paper
(https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf) the
author suggests that implementations of PKCS 1.5 decryption that don't
include a countermeasure should be considered inherently dangerous.

They suggest that all libraries implement the same countermeasure, as
implementing different countermeasures across libraries enables the
Bleichenbacher attack as well.

This is extremely fragile and therefore we don't implement it. The use
of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in
the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable.

Add a warning to PKCS 1.5 decryption to warn users about this.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-12-29 11:14:58 +00:00
David Horstmann
c09f36dd1b Invert note about buffer overlap support 
When MBEDTLS_PSA_COPY_CALLER_BUFFERS is disabled, it causes overlap to
not be supported.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-20 10:57:43 +00:00
David Horstmann
d20ffaf06f Remove accidental addition of MBEDTLS_TEST_HOOKS 
Remove MBEDTLS_TEST_HOOKS from the default config, to which it was
erroneously added.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-15 19:05:40 +00:00
David Horstmann
853f9f97eb Add missing newline at end of file 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-14 17:17:20 +00:00
David Horstmann
0d405d8bb9 Add note about support for buffer overlap 
Note that enabling MBEDTLS_PSA_COPY_CALLER_BUFFERS allows full buffer
overlap support, whereas without it, overlap support is reduced to that
documented in the function descriptions.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-14 16:20:18 +00:00
David Horstmann
513101b00f Add MBEDTLS_PSA_COPY_CALLER_BUFFERS config option 
This allows us to entirely remove copying code, where the convenience
macros are used for copying.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-11 17:58:56 +00:00
Janos Follath
c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction 
Make mutex abstraction and tests thread safe
 2023-11-29 13:26:23 +00:00
Manuel Pégourié-Gonnard
6b5cedf51f
Merge pull request #8547 from valeriosetti/issue8483 
[G2] Make PSA-AEAD work with cipher-light
 2023-11-29 08:53:42 +00:00
Valerio Setti
919e3fa729 check_config: fix guards for PSA builtin implementation of cipher/AEAD 
While the PSA builtin implementation of cipher still depends on
CIPHER_C, the same is no more true for AEADs. When CIPHER_C is not
defined, BLOCK_CIPHER_C is used instead, thus making it possible
to support AEADs without CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 11:45:38 +01:00
Valerio Setti
b1cf8aeda4 adjust_psa_from_legacy: add required CIPHER_C dependencies 
Some PSA_WANT symbols do not have a 1:1 matching with legacy ones.
For example, previous to this commit:

- CCM_C enabled both PSA_WANT_ALG_CCM and PSA_WANT_ALG_CCM_STAR_NO_TAG
  even thought the two are not equivalent (authenticated VS
  non-authenticated).
- there was no legacy equivalent for ECB_NO_PADDING

What it is common to both PSA_WANT_ALG_CCM_STAR_NO_TAG and
PSA_WANT_ALG_ECB_NO_PADDING is the fact that the builtin implementation
depends on CIPHER_C. Therefore this commits adds this guards to
select whether or not to enable the above mentioned PSA_WANT symbols.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 11:45:38 +01:00
Manuel Pégourié-Gonnard
11c3fd1f73
Merge pull request #8568 from yanrayw/issue/8356/block_cipher_no_decrypt_cleanup 
Driver-only: G1: clean up for BLOCK_CIPHER_NO_DECRYPT
 2023-11-28 08:49:48 +00:00
Manuel Pégourié-Gonnard
294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060 
[G2] Make CCM and GCM work with the new block_cipher module
 2023-11-28 08:18:45 +00:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2 
Support hw-accelerated AES on Thumb and Arm
 2023-11-27 09:58:58 +00:00
Yanray Wang
16b00f9522 mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-27 15:52:28 +08:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Dave Rodgman
2e342f6938
Merge pull request #8546 from BrianX7c/development 
[cipher.h]  Arithmetic overflow in binary left shift operation
 2023-11-22 19:36:25 +00:00
Manuel Pégourié-Gonnard
d4dc354185
Merge pull request #8541 from yanrayw/issue/ssl-fix-missing-guard 
ssl_tls: add missing macro guard
 2023-11-21 14:57:47 +00:00
Jerry Yu
04fceb782b Add freshness check information into document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu
cf9135100e fix various issues 
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
342a555eef rename ticket received 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef rename ticket_creation to ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
034a8b77d1 Update document of ticket age tolerance 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
8cf44953b2 guards ticket creation field 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu
702fc590ed Add ticket_creation field 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu
03511b00aa Replace c99 fmt macro 
For c99 compatible compilers, we use PRI64d
and others use official fix.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu
cebffc3446 change time unit of ticket to milliseconds 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Gilles Peskine
473ff34d59
Merge pull request #8489 from valeriosetti/issue8482 
Make CCM* and CCM independent
 2023-11-20 14:07:14 +00:00
Ronald Cron
97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field 
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
 2023-11-20 08:04:57 +00:00
BrianX7c
5c7ab6fe86
[cipher.h] Arithmetic overflow in binary left shift operation (MBEDTLS_KEY_BITLEN_SHIFT) 
Fixing arithmetic overflow warning (C6297), if compiled in Visual Studio

Signed-off-by: BrianX7c <151365853+BrianX7c@users.noreply.github.com>
 2023-11-18 11:07:37 +01:00
Paul Elliott
9e25936241 Rename mutex->is_valid to mutex->state 
Rename struct member to make it more representative of its current use.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:14:16 +00:00
Paul Elliott
3774637518 Make threading helpers tests thread safe 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:49 +00:00
Paul Elliott
5fa986c8cb Move handling of mutex->is_valid into threading_helpers.c 
This is now a field only used for testing.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:05 +00:00
Valerio Setti
9b7a8b2a0c ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 11:48:00 +01:00
Valerio Setti
8db46e4ee1 check_config: remove dependency check of CCM_C/GCM_C on CIPHER_C 
CCM_C/GCM_C can now work with either (in order of preference) CIPHER_C
or BLOCK_CIPHER_C and the latter is auto-enabled in case the former
is not enabled. As a consequence there is no need to enforce the
dependency on CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 10:58:27 +01:00
Valerio Setti
dbfd6a9f62 adjust_legacy_crypto: auto-enable BLOCK_CIPHER_C when CIPHER_C is not defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 10:56:00 +01:00
Yanray Wang
4ed8691f6d ssl: move MBEDTLS_SSL_HAVE_XXX to config_adjust_legacy_crypto.h 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-16 15:20:57 +08:00
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher 
[G2] Add internal module block_cipher
 2023-11-15 11:53:22 +00:00
Manuel Pégourié-Gonnard
9e80a91f27
Merge pull request #8164 from yanrayw/adjust_tfm_configs 
Adjust how we handle TF-M config files
 2023-11-15 08:21:27 +00:00
Valerio Setti
a56eb46ce6 adjust_legacy_from_psa: fix comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti
c2d68f5611 adjust_legacy_from_psa: treat CCM and CCM* separately 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:16:37 +01:00
Valerio Setti
cab5eff98c adjust_config_synonyms: make CCM and CCM* indipendent 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:16:37 +01:00
Jerry Yu
fedaeb21b3 improve document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-15 13:59:07 +08:00
Jerry Yu
6c485dad44 improve document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-15 10:18:47 +08:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
 2023-11-14 11:39:06 +00:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data 
TLS 1.3: Rename early_data and max_early_data_size configuration function
 2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard
5f3361c0c6 Temporary hack to pacify check_names.py 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 12:24:11 +01:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:21:17 +01:00
Valerio Setti
01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h 
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:12:07 +01:00
Yanray Wang
111159b89c BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:23 +08:00