Backport 2.28: Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #8279

gilles-peskine-arm · 2023-09-29T11:33:08Z

Straightforward backport of #7499

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

changelog provided
backport of Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #7499
tests manually

Testing manually:

./config.py set MBEDTLS_ECDSA_SIGN_ALT
make -C programs pkey/ecdsa

Expected: a link error about missing mbedtls_ecdsa_sign (when you enable MBEDTLS_ECDSA_SIGN_ALT, you have to provide that function).
Actual before this fix: also missing mbedtls_ecdsa_can_do

When ECDSA_SIGN_ALT but not ECDSA_VERIFY_ALT, mbedtls_ecdsa_can_do was not being defined causing mbedtls_ecdsa_verify_restartable to always fail Signed-off-by: JonathanWitthoeft <[email protected]>

Signed-off-by: JonathanWitthoeft <[email protected]>

gabor-mezei-arm

LGTM

tom-cosgrove-arm

LGTM - faithful backport, and makes mbedtls_ecdsa_can_do() visible even when MBEDTLS_ECDSA_SIGN_ALT defined

JonathanWitthoeft added 3 commits September 29, 2023 13:31

Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT

bfb0b39

When ECDSA_SIGN_ALT but not ECDSA_VERIFY_ALT, mbedtls_ecdsa_can_do was not being defined causing mbedtls_ecdsa_verify_restartable to always fail Signed-off-by: JonathanWitthoeft <[email protected]>

Make mbedtls_ecdsa_can_do definition unconditional

930679a

Signed-off-by: JonathanWitthoeft <[email protected]>

Adjust ChangeLog

3ead877

Signed-off-by: JonathanWitthoeft <[email protected]>

gilles-peskine-arm added needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review priority-very-high Highest priority - prioritise this over other review work labels Sep 29, 2023

gilles-peskine-arm added the size-xs Estimated task size: extra small (a few hours at most) label Sep 29, 2023

gabor-mezei-arm self-requested a review September 29, 2023 11:40

gabor-mezei-arm approved these changes Sep 29, 2023

View reviewed changes

tom-cosgrove-arm approved these changes Sep 29, 2023

View reviewed changes

tom-cosgrove-arm added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review labels Sep 29, 2023

daverodgman enabled auto-merge September 29, 2023 12:19

daverodgman added this pull request to the merge queue Sep 29, 2023

Merged via the queue into Mbed-TLS:mbedtls-2.28 with commit 8c28032 Sep 29, 2023
1 check passed

minosgalanakis mentioned this pull request Apr 28, 2023

Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #7499

Merged

3 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Backport 2.28: Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #8279

Backport 2.28: Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #8279

gilles-peskine-arm commented Sep 29, 2023 •

edited

Loading

gabor-mezei-arm left a comment

tom-cosgrove-arm left a comment

Backport 2.28: Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #8279

Backport 2.28: Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT #8279

Conversation

gilles-peskine-arm commented Sep 29, 2023 • edited Loading

PR checklist

gabor-mezei-arm left a comment

Choose a reason for hiding this comment

tom-cosgrove-arm left a comment

Choose a reason for hiding this comment

gilles-peskine-arm commented Sep 29, 2023 •

edited

Loading