Janos Follath

Results 34 comments of Janos Follath

@leorosen Thank you for your report and for submitting the fix. I am not sure I can see the potential for buffer overflow here. I have commented on your PR...

I still can't see a buffer overflow here: https://github.com/Mbed-TLS/mbedtls/pull/6153#issuecomment-1204507139 If you think that it is still there, please post information for reproducing it and we'll reopen when we managed to...

Reopening as the PR that automatically closed this is only the first in a series of PRs implementing this.

Still not done, one more PR to go.

@gilles-peskine-arm just to clarify, my understanding of our agreement was to do #6371 as a followup. We might need to do #6370 in order to do that, but we will...

It makes sense to handle `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` consistently with drivers. In the MVP thread safety is the responsibility of the drivers and the core does not make any guarantees.

During the review of https://github.com/Mbed-TLS/mbedtls/pull/8744 I realised that we have forgotten about the `psa_crypto_transaction` global variable. It should be protected by a mutex as well, question is which one. The...

@daantimmer it needs approval from a second reviewer.

> Is that a case of "hope some other reviewer sees this". Or do we have to assign/poke someone specific? Not anymore, @tom-daubney-arm will be reviewing it. > Do we...

@BensonLiou Thank you for your contribution. Could you please raise a PR with a backport? (Same commit on the top of the `mbedtls-2.28` branch.)