mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-12 03:40:04 +00:00

Author	SHA1	Message	Date
Valerio Setti	6fbde6e242	test_suite_pk: revert erroneous missing initialization of PSA key IDs Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-12 11:00:39 +01:00
Manuel Pégourié-Gonnard	1c191c1317	Merge pull request #8917 from gilles-peskine-arm/mbedtls_pk_decrypt-USE_PSA_CRYPTO-changelog-correction mbedtls_pk_decrypt/encrypt actually check the padding mode	2024-03-12 07:53:54 +00:00
Valerio Setti	8b3c6fffa7	test_suite_pk: add comment for pk_copy_from_psa_builtin_fail Explain why this kind of test is possible for RSA keys, while it is not possible for EC ones. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-12 06:05:03 +01:00
Valerio Setti	d286491ed7	changelog: fix text Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-12 05:11:09 +01:00
Gilles Peskine	88c2755a30	mbedtls_pk_decrypt/encrypt actually check the padding mode The sign/verify functions happily use the wrong algorithm, but the encrypt/decrypt functions error out if the padding mode specifies V21. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-03-11 18:49:54 +01:00
Dave Rodgman	66ebde46df	Merge pull request #8916 from daverodgman/iar-bignum-fix Fix IAR warning	2024-03-11 17:43:43 +00:00
David Horstmann	5fb5cce066	Add ChangeLog for PSA buffer sharing fix Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 17:28:09 +00:00
Ronald Cron	e98a492cf5	Merge pull request #1187 from ronald-cron-arm/issue-1185 Add security change log for issue 1185	2024-03-11 18:04:47 +01:00
David Horstmann	c5064c83a1	Do not attempt to wipe output buffer if it is NULL If the output buffer is NULL, it either: * Does not need wiping because it is zero-length. * Has failed allocation of a copy. * Has not yet been written to as a copy hasn't been allocated. In any of these circumstances, we should not try to write the buffer, so perform a NULL check before wiping it. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 17:02:03 +00:00
David Horstmann	5ba3f5f7a5	Flip logic of generate_psa_wrappers.py Change from a long list of PSA functions to a list of excluded false-positives. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:57:43 +00:00
David Horstmann	5d64c6acca	Generate memory poisoning in wrappers Generate memory poisoning code in test wrappers for: * psa_sign_hash_start() * psa_sign_hash_complete() * psa_verify_hash_start() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:56:13 +00:00
David Horstmann	0fea6a52b4	Add buffer copying to psa_verify_hash_start() Protect input buffers to psa_verify_hash_start(), namely the hash and signature parameters. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:56:13 +00:00
David Horstmann	4a523a608e	Add buffer copying to psa_sign_hash_start/complete Add buffer protection to: * psa_sign_hash_start(), which takes an input buffer for the hash. * psa_sign_hash_complete(), which takes an output buffer for the calculated signature. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:56:13 +00:00
Dave Rodgman	d282e264cd	Fix IAR warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-11 15:28:48 +00:00
David Horstmann	63dfb45e5e	Merge pull request #1181 from tom-daubney-arm/key_agreement_buffer_protection Implement safe buffer copying in key agreement	2024-03-11 15:10:49 +00:00
Janos Follath	43edc75e31	Merge pull request #8882 from Ryan-Everett-arm/threading-key-tests Test multi-threaded key generation	2024-03-11 15:07:48 +00:00
Dave Rodgman	9cc01ccbf8	Merge pull request #8831 from yanesca/switch_to_new_exp Use mpi_core_exp_mod in bignum	2024-03-11 13:40:46 +00:00
Ronald Cron	44193fa573	Fix and improve the change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-11 13:40:24 +01:00
Paul Elliott	a09b01b5a8	Merge pull request #8912 from Ryan-Everett-arm/double-destroy-key-bugfix Fix threading bug when multiple destroy_key calls run on the same key	2024-03-11 12:04:04 +00:00
Janos Follath	23dc8b5fd8	Fix code style Co-authored-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 10:39:57 +00:00
Valerio Setti	e095a67bb2	pk: improve mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	6f5f9f5ce8	test_suite_pk: fix some comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3b98c640ce	pk: fix documentation for mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	64d5fc0070	changelog: fix text and typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	4f1650d4af	changelog: enhance description Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	ab7ddbc812	test_suite_pk: when ANY_HASH is used then pick any available MD alg in the build Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3433f832fb	test_suite_pk: improve PSA alg selection in pk_copy_from_psa_success() Use the same hashing algorithm as md_for_test. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	039bbbac33	test_suite_pk: destroy original xkey after pk_copy_from_psa() in pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	4114a54403	test_suite_pk: add description for psa_pub_key_from_priv() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	42a58a5249	test_suite_pk: minor fixes for test failures Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	e700d8086e	rsa: rsa_rsassa_pss_sign() to check MD alg both in parameters and RSA context This helps fixing a disparity between the legacy and the USE_PSA case for rsa_sign_wrap() in pk_wrap.c. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	f22eff99a6	test_suite_pk: add new test case for an algorithm only avaible in driver Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	a657ae388a	pk: pk_copy_from_psa() performs the conversion even if the algorithm doesn't match This commit also: - fixes existing tests and add new ones - updates documentation. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	1015985d8a	test_suite_pk: add more test cases for pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	d2ccc2f468	test_suite_pk: various minor fixes - removed redundant info from data file (i.e. informations that can be extrapolated somehow) - removed unecessary parameters in functions - added some extra check on the generated PK contexts - etc... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	8fb0fe8e12	pk: fixed documentation of mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	2f08f4cdb8	add changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	61a47a46ea	test_suite_pk: extend testing in pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	aeeefef64e	pk_wrap: use correct PSA alg in rsa_encrypt_wrap() when USE_PSA This bugfix was due in PR #8826, but we didn't catch that. This commit also add proper testing in test_suite_pk that was not implemented in #8826. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	88e2dac6d6	test_suite_pk: rename PK context variables Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	e8fe3e76c4	test_suite_pk: add key pair check in pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	5ac511b45a	pk: let psa_export_key() check if the key is exportable or not Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3a815cbd2f	all.sh: keep RSA_C enabled in component_full_no_pkparse_pkwrite() This is possible because after #8740 RSA_C no longer depends on PK to parse and write private/public keys. This commit also solves related issues that arose after this change in "pk.c" and "test_suite_pk". In particular now we can use rsa's module functions for parsing and writing keys without need to rely on pk_parse and pk_write functions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:53 +01:00
Minos Galanakis	f9a6893b55	Changelog: Added entry for ssl_session accessors. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-11 10:09:44 +00:00
Janos Follath	adb9d2d822	Remove volatile from declaration Use of volatile is more an internal implementation detail (ensuring const-time) than part of the contract (the caller doesn't care about volatile as such). Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 10:03:05 +00:00
Janos Follath	d6df0a5dac	Fix use of volatile We need the pointer, A, to be volatile, to ensure the reads happen. bits does not need to be volatile. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 09:40:03 +00:00
Janos Follath	b888bc0be6	Fix typo Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 09:29:53 +00:00
Valerio Setti	61532e9a6b	test_suite_pk: fix typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	1346075cfd	pk_ecc: fix documentation Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	01ba66d56e	pk: replace CRYPTO_CLIENT guards with CRYPTO_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00

... 5 6 7 8 9 ...

30666 Commits