Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mbedtls-3.3.0 update #8

Merged
merged 2,069 commits into from
Mar 6, 2023
Merged

mbedtls-3.3.0 update #8

merged 2,069 commits into from
Mar 6, 2023

Conversation

VarunChammenchery
Copy link

@VarunChammenchery VarunChammenchery commented Mar 2, 2023
edited by michaelthomasj
Loading

Notes:

  • Pull requests cannot be accepted until the PR follows the contributing guidelines. In particular, each commit must have at least one Signed-off-by: line from the committer to certify that the contribution is made under the terms of the Developer Certificate of Origin.
  • This is just a template, so feel free to use/remove the unnecessary things

Description

A few sentences describing the overall goals of the pull request's commits.

Status

READY/IN DEVELOPMENT/HOLD

Requires Backporting

When there is a bug fix, it should be backported to all maintained and supported branches.
Changes do not have to be backported if:

  • This PR is a new feature\enhancement
  • This PR contains changes in the API. If this is true, and there is a need for the fix to be backported, the fix should be handled differently in the legacy branch

Yes | NO
Which branch?

Migrations

If there is any API change, what's the incentive and logic for it.

YES | NO

Additional comments

Any additional information that could be of interest

Todos

  • Tests
  • Documentation
  • Changelog updated
  • Backported

Steps to test or reproduce

Outline the steps to test or reproduce the PR here.

yanesca and others added 30 commits November 22, 2022 15:04
@yanesca
mpi_exp_mod: rename local variables
7fa11b8 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: move X next to the precomputed values
3646ff0 
With small exponents (for example, when doing RSA-1024 with CRT, each
prime is 512 bits and we'll use wsize = 5 which may be smaller that the
maximum - or even worse when doing public RSA operations which typically
have a 16-bit exponent so we'll use wsize = 1) the usage of W will have
pre-computed values, then empty space, then the accumulator at the very
end.

Move X next to the precomputed values to make accesses more efficient
and intuitive.

Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: simplify freeing loop
b2c2fca 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: remove the 'one' variable
7460120 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: improve documentation
be54ca7 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
Add paper title to Changelog
74369b2 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca @gilles-peskine-arm
mpi_mod_exp: be pedantic about right shift
9c09326 
The window size starts giving diminishing returns around 6 on most
platforms and highly unlikely to be more than 31 in practical use cases.
Still, compilers and static analysers might complain about this and
better to be pedantic.

Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: fix out of bounds access
0600095 
The table size was set before the configured window size bound was
applied which lead to out of bounds access when the configured window
size bound is less.

Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: reduce the table size by one
c8d66d5 
The first half of the table is not used, let's reuse index 0 for the
result instead of appending it in the end.

Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
Changelog: expand conference acronym for clarity
33480a3 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_exp_mod: use x_index consistently
3165f06 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@tom-cosgrove-arm
Add unit tests for mbedtls_mpi_core_sub_int(), MPI A - scalar b
d66d5b2 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
@valeriosetti
psa_crypto_pake: internally call to psa_pake_abort() in case of errors
fdb77cd 
In this way, in case of error, it is not possible to continue using
the same psa_pake_operation_t without reinitializing it.
This should make the PSA pake's behavior closer to what expected by
the specification

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test_suite_psa_crypto: do not re-use PAKE's contexts in case of errors
1070aed 
As for ecjpake_setup(), now the test function can handle:
- "external" errors, through parameters set by the data file
- "internal" ones, through enums which inject ad-hoc failures

Similarly also ecjpake_rounds() can handle both type of errors,
but right now there's no erroneous case in the associated ".data"
file.

In both cases, after an error the current test is terminated.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: split psa_pake function/data from the generic test_suite_psa_cr…
024b028 
…ypto

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_crypto_pake: enhanced ecjpake_setup()
7bb65ad 
- external errors are now checked in the specified point. If the
  same error happens in another line, then this is not valid and
  the test fails

- fixed some inconsistency in which injected error codes were not
  taken from the data file. Now all the expected error code are
  read from the data file

- added a couple of defines to shrink the code

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
psa_crypto_pake: initialize psa_status_t stack variables
6d4e75f 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: improved description of macros used in ecjpake_setup()
e5d7864 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: fixes in ecjpake_setup()
e65a41f 
Both changes concern the ERR_INJECT_UNINITIALIZED_ACCESS case:

- removed unnecessary psa_pake_abort()
- added psa_pake_get_implicit_key()

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: fix data file for ecjpake_setup()
ac3ba95 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: improved ecjpake_do_round() test function
40323c5 
Now it's possible to inject an error in every single step of the
key exchange process.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: fix erroneously duplicated tests
b697745 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: fix error inject macro in ecjpake_do_round()
b9ef1c2 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: remove empty password test
db4736a 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@valeriosetti
test: psa_pake: add missing initialization in ecjpake_setup()
e0d41de 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@aditya-deshpande-arm
Merge branch 'development' into driver-wrapper-key-agreement
8cc1470
@aditya-deshpande-arm
Merge branch 'development' into driver-wrapper-key-agreement
5e3c70e
@valeriosetti
test: psa_pake: port changes from cd356c3
728b142 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
@yanesca
Add modular exponentiation to bignum core
b6673f0 
Signed-off-by: Janos Follath <janos.follath@arm.com>
@yanesca
mpi_core_exp_mod: fix local variable type
bad42c4 
On platforms with size_t different from int, mismatch between size_t and
mpi_uint can cause incorrect results or complaints from the compiler.

Signed-off-by: Janos Follath <janos.follath@arm.com>

mpi_core_exp_mod: Cast local variable explicitly

Signed-off-by: Janos Follath <janos.follath@arm.com>
tom-cosgrove-arm and others added 27 commits December 6, 2022 12:36
@tom-cosgrove-arm
Add type annotations
21d459d 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
@daverodgman
Merge pull request Mbed-TLS#6689 from gilles-peskine-arm/changelog-20…
98be955 
…221129-pre-3.3

Changelog improvements for 3.3
@tom-cosgrove-arm
Have mbedtls_mpi_core_exp_mod() take a temporary instead of allocatin…
0a0dded 
…g memory

Last PR needed for Mbed-TLS#6293

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
@daverodgman
Fix spelling of test dependency
6146887 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Merge pull request Mbed-TLS#6717 from tom-cosgrove-arm/fix-typos-2212
92011ee 
Fix typos prior to release
@daverodgman
Fix additional mis-spelling
556e8a3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Merge pull request Mbed-TLS#6685 from gilles-peskine-arm/valgrind-cf-…
1fe4529 
…skip-tests

Rationalize Valgrind tests
@yanesca
Merge pull request Mbed-TLS#6731 from tom-cosgrove-arm/issue-6293-mod…
1d26d97 
…_exp

Require input to mbedtls_mpi_core_exp_mod() to already be in Montgomery form
@yanesca
Merge pull request Mbed-TLS#6733 from tom-cosgrove-arm/issue-6293-mod…
d45924d 
…_exp-memory

Have mbedtls_mpi_core_exp_mod() take a temporary instead of allocating memory
@ronald-cron-arm
Merge pull request Mbed-TLS#6537 from yuhaoth/pr/tls13-refactor-early…
fbba0e9 
…-data-configuration-interface

TLS 1.3: Refactor early data configuration interface.
@daverodgman
Merge pull request Mbed-TLS#6734 from daverodgman/fix_test_dep_spelling
90af1a1 
Fix spelling of test dependency
@daverodgman
Add Changelog for Arm compile fix
b74aa5a 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Merge pull request Mbed-TLS#6752 from daverodgman/arm-build-changelog
a6ca882 
Add Changelog for Arm compile fix
@daverodgman
Merge remote-tracking branch 'restricted/development-restricted' into…
a5b2c52 
… mbedtls-3.3.0rc0-pr
@daverodgman
Bump version to 3.3.0. No changes to .so versions.
48223bc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Assemble changelog
69591e9 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Add generated files
c18d932 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Update BRANCHES.md
cd060e2 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Merge pull request Mbed-TLS#979 from Mbed-TLS/mbedtls-3.3.0rc0-pr
c039f8a 
Mbedtls 3.3.0rc0 pr - DO NOT MERGE
@daverodgman
Improve Changelog wording
2b52a2e 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@DemiMarie @bensze01
Test for both PKCS 7 bugs found by OSS-Fuzz
1362c5a 
Previously the same test was repeated twice.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
@bensze01
Correct the fix for the PKCS 7 memory leak
f764154 
This corrects an issue in the origina fix in
4f01121.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
@daverodgman
Merge pull request Mbed-TLS#980 from Mbed-TLS/mbedtls-3.3.0rc1-pr
70f8157 
Mbedtls 3.3.0rc1 pr - Correct PKCS 7 memory leak fix
@daverodgman
ChangeLog fix
552e107 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Bump versions for libmbedcrypto and libmbedtls
e90ed7d 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
@daverodgman
Merge pull request Mbed-TLS#985 from Mbed-TLS/mbedtls-3.3.0rc2-pr
8c89224 
Mbedtls 3.3.0rc2 pr
@VarunChammenchery
Merge remote-tracking branch 'upstream/master' into fspra-699-mbedtls…
7c55090 
…-3-3-0
@VarunChammenchery VarunChammenchery self-assigned this Mar 2, 2023
@michaelthomasj michaelthomasj merged commit b8a530c into renesas_master Mar 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelthomasj michaelthomasj Awaiting requested review from michaelthomasj

Assignees

@VarunChammenchery VarunChammenchery

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.