Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix and test secp224k1 in PSA code #3541

Open
gilles-peskine-arm opened this issue Aug 4, 2020 · 2 comments
Open

Fix and test secp224k1 in PSA code #3541

gilles-peskine-arm opened this issue Aug 4, 2020 · 2 comments
Labels
bug component-crypto Crypto primitives and low-level interfaces help-wanted This issue is not being actively worked on, but PRs welcome.

Comments

@gilles-peskine-arm
Copy link
Contributor

The curve secp224k1 has 225-bit private keys and 224-bit public key coordinates. The PSA code was initially written under the assumption that the size of private keys and public keys is the same, which is true for all the curves supported by Mbed TLS except for secp224k1.

Goals of this task:

  • Add test cases for secp224k1 which would catch if the wrong size (224 vs 225) was used somewhere.
  • If this reveals any bugs, fix them.
@gilles-peskine-arm gilles-peskine-arm added bug component-crypto Crypto primitives and low-level interfaces labels Aug 4, 2020
@gilles-peskine-arm gilles-peskine-arm mentioned this issue Aug 4, 2020
Merged
2 tasks
@danh-arm danh-arm added the help-wanted This issue is not being actively worked on, but PRs welcome. label Aug 6, 2020
@gilles-peskine-arm
Copy link
Contributor Author

#3727 raises a related issue with Curve25519 (255-bit according to PSA, 256-bit according to Mbed TLS).

gilles-peskine-arm added a commit to gilles-peskine-arm/mbedtls that referenced this issue Mar 23, 2021
@gilles-peskine-arm
SECP224K1 is not yet supported via the PSA API
3984130 
Filed as Mbed-TLS#3541. In the
meantime, disable the feature.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm gilles-peskine-arm mentioned this issue Mar 23, 2021
Merged
gilles-peskine-arm added a commit to gilles-peskine-arm/mbedtls that referenced this issue Mar 23, 2021
@gilles-peskine-arm
SECP224K1 is not yet supported via the PSA API
defdc3b 
Filed as Mbed-TLS#3541. In the
meantime, disable the ssl-opt.sh test case that uses it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
daverodgman pushed a commit that referenced this issue Apr 23, 2021
@gilles-peskine-arm
SECP224K1 is not yet supported via the PSA API
6652156 
Filed as #3541. In the
meantime, disable the feature.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
daverodgman pushed a commit that referenced this issue Apr 23, 2021
@gilles-peskine-arm
SECP224K1 is not yet supported via the PSA API
5c7d590 
Filed as #3541. In the
meantime, disable the ssl-opt.sh test case that uses it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm gilles-peskine-arm mentioned this issue Jan 26, 2023
Closed
3 tasks
This was referenced Feb 2, 2023
Closed
Merged
@gilles-peskine-arm
Copy link
Contributor Author

secp224k1 is very rarely used, and we plan to remove it (alongside all curves that are under 255 bits) in the next major version of Mbed TLS. As a consequence, I am keeping this issue open to document the bug, but it is very low priority so we'll probably never get around to fixing it.

@gilles-peskine-arm gilles-peskine-arm mentioned this issue May 24, 2023
Closed
@daverodgman daverodgman mentioned this issue Aug 30, 2023
Open
This was referenced Jan 3, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug component-crypto Crypto primitives and low-level interfaces help-wanted This issue is not being actively worked on, but PRs welcome.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@danh-arm @gilles-peskine-arm