TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 8d073c73300174c56bf57beaa8fc052e84aa6a49^1..8d073c73300174c56bf57beaa8fc052e84aa6a49 / .
commit8d073c73300174c56bf57beaa8fc052e84aa6a49[log] [tgz]
authorGilles Peskine <gilles.peskine@arm.com>Tue Feb 18 10:29:18 2020 +0100
committerGitHub <noreply@github.com>Tue Feb 18 10:29:18 2020 +0100
treea430dfc42eaa05f8a48e172af777a8828eb1be42
parenta0c164a2d455d850ebdc2a6c03b1a83cff829232 [diff]
parent25a5c09fbb50bf186cabffebf9b75cc1aff07ab3 [diff]
Merge pull request #3037 from gilles-peskine-arm/update-submodule-20200206

Update crypto submodule 2020-02-06
diff --git a/ChangeLog b/ChangeLog
index aadc9e9..4bbf8f1 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -10,12 +10,40 @@
      library which allows TLS authentication to use keys stored in a
      PKCS#11 token such as a smartcard.
 
+Security
+   * Fix potential memory overread when performing an ECDSA signature
+     operation. The overread only happens with cryptographically low
+     probability (of the order of 2^-n where n is the bitsize of the curve)
+     unless the RNG is broken, and could result in information disclosure or
+     denial of service (application crash or extra resource consumption).
+     Found by Auke Zeilstra and Peter Schwabe, using static analysis.
+   * To avoid a side channel vulnerability when parsing an RSA private key,
+     read all the CRT parameters from the DER structure rather than
+     reconstructing them. Found by Alejandro Cabrera Aldaya and Billy Bob
+     Brumley. Reported and fix contributed by Jack Lloyd.
+     ARMmbed/mbed-crypto#352
+
+Features
+   * The new build option MBEDTLS_SHA512_NO_SHA384 allows building SHA-512
+     support without SHA-384.
+
+API changes
+   * Change the encoding of key types and curves in the PSA API. The new
+     values are aligned with the upcoming release of the PSA Crypto API
+     specification version 1.0.0. The main change which may break some
+     existing code is that elliptic curve key types no longer encode the
+     exact curve: a psa_ecc_curve_t or psa_key_type_t value only encodes
+     a curve family and the key size determines the exact curve (for example,
+     PSA_ECC_CURVE_SECP_R1 with 256 bits is P256R1). ARMmbed/mbed-crypto#330
+
 Bugfix
    * Fix an unchecked call to mbedtls_md() in the x509write module.
    * Fix build failure with MBEDTLS_ZLIB_SUPPORT enabled. Reported by
      Jack Lloyd in #2859. Fix submitted by jiblime in #2963.
    * Fix some false-positive uninitialized variable warnings in X.509. Fix
      contributed by apple-ihack-geek in #2663.
+   * Fix a possible error code mangling in psa_mac_verify_finish() when
+     a cryptographic accelerator fails. ARMmbed/mbed-crypto#345
 
 = mbed TLS 2.20.0 branch released 2020-01-15
 

diff --git a/crypto b/crypto
index 819799c..4d8c836 160000
--- a/crypto
+++ b/crypto

@@ -1 +1 @@
-Subproject commit 819799cfc68e4c4381673a8a27af19802c8263f2
+Subproject commit 4d8c836cdc4559d862337c5b2ecc9ca5d1e7810f