Merge pull request #1287 from Mbed-TLS/mbedtls-2.28.9_mergeback
Mbedtls 2.28.9 mergeback
diff --git a/BRANCHES.md b/BRANCHES.md
index bcceda8..9d5d779 100644
--- a/BRANCHES.md
+++ b/BRANCHES.md
@@ -107,9 +107,9 @@
- [`development`](https://github.com/Mbed-TLS/mbedtls/)
- [`mbedtls-3.6`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6)
maintained until March 2027, see
- <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0>.
+ <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.1>.
- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28)
maintained until the end of 2024, see
- <https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8>.
+ <https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.9>.
Users are urged to always use the latest version of a maintained branch.
diff --git a/ChangeLog b/ChangeLog
index 4df6a66..d36ff4e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,29 @@
Mbed TLS ChangeLog (Sorted per branch, date)
+= Mbed TLS 2.28.9 branch released 2024-08-30
+
+Security
+ * Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does
+ not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
+ MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.
+ CVE-2024-45157
+
+Bugfix
+ * Fix the build in some configurations when check_config.h is not included.
+ Fix #9152.
+ * Fix issue of redefinition warning messages for _GNU_SOURCE in
+ entropy_poll.c and sha_256.c. There was a build warning during
+ building for linux platform.
+ Resolves #9026
+ * Fix error handling when creating a key in a dynamic secure element
+ (feature enabled by MBEDTLS_PSA_CRYPTO_SE_C). In a low memory condition,
+ the creation could return PSA_SUCCESS but using or destroying the key
+ would not work. Fixes #8537.
+ * Fix a memory leak that could occur when failing to process an RSA
+ key through some PSA functions due to low memory conditions.
+ * Document and enforce the limitation of mbedtls_psa_register_se_key()
+ to persistent keys. Resolves #9253.
+
= Mbed TLS 2.28.8 branch released 2024-03-28
Features
diff --git a/ChangeLog.d/build_without_check_config.txt b/ChangeLog.d/build_without_check_config.txt
deleted file mode 100644
index b7f4766..0000000
--- a/ChangeLog.d/build_without_check_config.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix the build in some configurations when check_config.h is not included.
- Fix #9152.
diff --git a/ChangeLog.d/fix-redefination_warning_messages_for_GNU_SOURCE.txt b/ChangeLog.d/fix-redefination_warning_messages_for_GNU_SOURCE.txt
deleted file mode 100644
index b5c2650..0000000
--- a/ChangeLog.d/fix-redefination_warning_messages_for_GNU_SOURCE.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix issue of redefinition warning messages for _GNU_SOURCE in
- entropy_poll.c and sha_256.c. There was a build warning during
- building for linux platform.
- Resolves #9026
diff --git a/ChangeLog.d/fix-secure-element-key-creation.txt b/ChangeLog.d/fix-secure-element-key-creation.txt
deleted file mode 100644
index 23a46c0..0000000
--- a/ChangeLog.d/fix-secure-element-key-creation.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix error handling when creating a key in a dynamic secure element
- (feature enabled by MBEDTLS_PSA_CRYPTO_SE_C). In a low memory condition,
- the creation could return PSA_SUCCESS but using or destroying the key
- would not work. Fixes #8537.
diff --git a/ChangeLog.d/mbedtls_psa_register_se_key.txt b/ChangeLog.d/mbedtls_psa_register_se_key.txt
deleted file mode 100644
index 2fc2751..0000000
--- a/ChangeLog.d/mbedtls_psa_register_se_key.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Document and enforce the limitation of mbedtls_psa_register_se_key()
- to persistent keys. Resolves #9253.
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index 7a24021..d7c6463 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -10,7 +10,7 @@
*/
/**
- * @mainpage Mbed TLS v2.28.8 API Documentation
+ * @mainpage Mbed TLS v2.28.9 API Documentation
*
* This documentation describes the internal structure of Mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 971a8b2..b75597d 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -1,4 +1,4 @@
-PROJECT_NAME = "Mbed TLS v2.28.8"
+PROJECT_NAME = "Mbed TLS v2.28.9"
OUTPUT_DIRECTORY = ../apidoc/
FULL_PATH_NAMES = NO
OPTIMIZE_OUTPUT_FOR_C = YES
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 5b10078..84af7f7 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -4020,11 +4020,18 @@
* Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
* PSA crypto subsystem.
*
- * If this option is unset:
- * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
- * - Otherwise, the PSA subsystem uses HMAC_DRBG with either
- * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
- * on unspecified heuristics.
+ * If this option is unset, the library chooses a hash (currently between
+ * #MBEDTLS_MD_SHA512 and #MBEDTLS_MD_SHA256) based on availability and
+ * unspecified heuristics.
+ *
+ * \note The PSA crypto subsystem uses the first available mechanism amongst
+ * the following:
+ * - #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if enabled;
+ * - Entropy from #MBEDTLS_ENTROPY_C plus CTR_DRBG with AES
+ * if #MBEDTLS_CTR_DRBG_C is enabled;
+ * - Entropy from #MBEDTLS_ENTROPY_C plus HMAC_DRBG.
+ *
+ * A future version may reevaluate the prioritization of DRBG mechanisms.
*/
//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index bbe76b1..66998bf 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -26,16 +26,16 @@
*/
#define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 28
-#define MBEDTLS_VERSION_PATCH 8
+#define MBEDTLS_VERSION_PATCH 9
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x021C0800
-#define MBEDTLS_VERSION_STRING "2.28.8"
-#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 2.28.8"
+#define MBEDTLS_VERSION_NUMBER 0x021C0900
+#define MBEDTLS_VERSION_STRING "2.28.9"
+#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 2.28.9"
#if defined(MBEDTLS_VERSION_C)
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index fc0950a..8374979 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -206,15 +206,15 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
add_library(${mbedcrypto_target} SHARED ${src_crypto})
- set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.8 SOVERSION 7)
+ set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.9 SOVERSION 7)
target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
add_library(${mbedx509_target} SHARED ${src_x509})
- set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.8 SOVERSION 1)
+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.9 SOVERSION 1)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
add_library(${mbedtls_target} SHARED ${src_tls})
- set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.8 SOVERSION 14)
+ set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.9 SOVERSION 14)
target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
endif(USE_SHARED_MBEDTLS_LIBRARY)
diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h
index 6150fee..d47e057 100644
--- a/library/psa_crypto_random_impl.h
+++ b/library/psa_crypto_random_impl.h
@@ -39,13 +39,10 @@
#else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
/* Choose a DRBG based on configuration and availability */
-#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)
-
-#include "mbedtls/hmac_drbg.h"
-
-#elif defined(MBEDTLS_CTR_DRBG_C)
+#if defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/ctr_drbg.h"
+#undef MBEDTLS_PSA_HMAC_DRBG_MD_TYPE
#elif defined(MBEDTLS_HMAC_DRBG_C)
@@ -67,9 +64,11 @@
#error "No hash algorithm available for HMAC_DBRG."
#endif
-#else
+#else /* !MBEDTLS_CTR_DRBG_C && !MBEDTLS_HMAC_DRBG_C*/
+
#error "No DRBG module available for the psa_crypto module."
-#endif
+
+#endif /* !MBEDTLS_CTR_DRBG_C && !MBEDTLS_HMAC_DRBG_C*/
#include "mbedtls/entropy.h"
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index 3c569b1..3e878ad 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -215,16 +215,14 @@
status = mbedtls_psa_rsa_load_representation(
attributes->core.type, key_buffer, key_buffer_size, &rsa);
- if (status != PSA_SUCCESS) {
- return status;
+ if (status == PSA_SUCCESS) {
+ status = mbedtls_psa_rsa_export_key(PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ rsa,
+ data,
+ data_size,
+ data_length);
}
- status = mbedtls_psa_rsa_export_key(PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- rsa,
- data,
- data_size,
- data_length);
-
mbedtls_rsa_free(rsa);
mbedtls_free(rsa);
@@ -286,6 +284,7 @@
(unsigned int) attributes->core.bits,
exponent);
if (ret != 0) {
+ mbedtls_rsa_free(&rsa);
return mbedtls_to_psa_error(ret);
}
@@ -354,7 +353,7 @@
key_buffer_size,
&rsa);
if (status != PSA_SUCCESS) {
- return status;
+ goto exit;
}
status = psa_rsa_decode_md_type(alg, hash_length, &md_alg);
diff --git a/pkgconfig/CMakeLists.txt b/pkgconfig/CMakeLists.txt
index 40ef9fd..158f9a8 100644
--- a/pkgconfig/CMakeLists.txt
+++ b/pkgconfig/CMakeLists.txt
@@ -9,7 +9,7 @@
set(PKGCONFIG_PROJECT_HOMEPAGE_URL "https://www.trustedfirmware.org/projects/mbed-tls/")
# Following the conventsion for DESCRIPTION and HOMEPAGE_URL, VERSION wasn't added until 3.0 and depends on policy CMP0048
- set(PKGCONFIG_VERSION 2.28.8)
+ set(PKGCONFIG_VERSION 2.28.9)
configure_file(mbedcrypto.pc.in mbedcrypto.pc @ONLY)
install(FILES
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index 148aa46..fa1999a 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compile time library version
-check_compiletime_version:"2.28.8"
+check_compiletime_version:"2.28.9"
Check runtime library version
-check_runtime_version:"2.28.8"
+check_runtime_version:"2.28.9"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0