Gilles Peskine

icon indicating an email [email protected]

icon company @Mbed-TLS icon location Paris, France icon location Mbed TLS team member

Results 196 issues of Gilles Peskine

psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes

[Found by Cryptofuzz](https://github.com/guidovranken/cryptofuzz/pull/77#issuecomment-2189533504). Fixes #9314. Specification links: * [`PSA_ALG_CCM_STAR_NO_TAG`](https://arm-software.github.io/psa-api/crypto/1.2/api/ops/ciphers.html#c.PSA_ALG_CCM_STAR_NO_TAG) — note in particular “default IV length of 13”. * [`psa_cipher_decrypt`](https://arm-software.github.io/psa-api/crypto/1.2/api/ops/ciphers.html#c.psa_cipher_decrypt) ## PR checklist Please tick as appropriate and edit the...

needs-review
component-crypto
needs-reviewer
priority-high
size-xs

psa_util.c included in builds without PSA, which can break the build

9 comment

In Mbed TLS 3.6.0, when `MBEDTLS_ECDSA_C` is enabled but `MBEDTLS_PSA_CRYPTO_C` is disabled, some code from `psa_util.c` is included and declares a 0-size array, resulting in a compilation error (except under...

bug
component-crypto
size-s

Default to stricter warning flags in CMakeLists.txt and all.sh

In `all.sh`, we do most builds with `gcc -Wall -Wextra` or `clang -Wall -Wextra`, sometimes a few more flags from `CMakeLists.txt` when doing a CMake build (depending on the build...

enhancement
component-test

Report configuration settings in the outcome file

6 comment

Record compile-time configuration options (boolean options only) for a test run in the outcome file. This gives us a handy way to know what configuration settings each configuration name corresponds...

approved
needs-backports
size-s
component-test
priority-high

Backport 3.6: Report configuration settings in the outcome file

Trivial backport of https://github.com/Mbed-TLS/mbedtls/pull/9172 ## PR checklist - [x] **changelog** no (test only) - [x] Backport of https://github.com/Mbed-TLS/mbedtls/pull/9172 - [x] Framework: https://github.com/Mbed-TLS/mbedtls-framework/pull/28 - [x] **tests** provided

approved
size-s
component-test
priority-high

psa_cipher_decrypt with CCM* rejects very short messages

`psa_cipher_decrypt` takes an input which is the IV concatenated with the ciphertext proper. It validates that the input is at least as large as the IV. This validation is wrong...

bug
component-crypto
size-xs

Backport 3.6: Document the key store design

Document the design of the PSA key store, which is getting a bit complex. Include the proposed dynamic and fully-static key stores that are currently proposed in https://github.com/Mbed-TLS/mbedtls/pull/9240 and https://github.com/Mbed-TLS/mbedtls/pull/9302....

needs-review
needs-reviewer
component-psa
priority-high
size-xs

mbedtls_cipher functions return 0 in invalid scenarios

1 comment

If you call `mbedtls_cipher_update_ad` or `mbedtls_cipher_write_tag` or `mbedtls_cipher_check_tag` on a non-AEAD algorithm, they return 0. This looks wrong: surely it's an application error, and it's easily detectable, so we should...

bug
component-crypto
api-break
size-s

Misleading macro names in cipher.h

2 comment

A number of identifers in `cipher.h` don't have `CIPHER` or `cipher` in their name, and some are misleading because they look like they would apply more generally: * Macros `MBEDTLS_MAX_IV_LENGTH`,...

enhancement
component-crypto
priority-medium
deprecation

Backport 3.6: dynamically sized key store

Resolve the static limitation on the number of PSA keys at the expense of code size. The new option `MBEDTLS_PSA_KEY_SLOT_DYNAMIC` is enabled by the default `mbedtls_config.h`, but will remain disabled...

bug
needs-work
component-psa
size-s
priority-high