Skip to content
This repository has been archived by the owner on Mar 5, 2024. It is now read-only.

Releases: intel/tinycrypt

Decryption bug regression fix, static analysis clean up

29 Aug 21:26
Compare
Choose a tag to compare

Static Analysis bug fixes:

  • tinycrypt/sha256: Array compared to NULL has no effect fix
  • tinycrypt/hmac: Array compared to NULL has no effect fix

uECC fixes:

  • tests: ecc_dh: Do not use unitialized variable
  • ecc_dh: Properly clear out temporary secret buffers

Integrates optimized version of Micro-ECC

01 Jul 06:53
Compare
Choose a tag to compare
  • Integrates optimized version of Micro-ECC open-source software (BSD 2 clauses License)
  • AES-CCM mode was not correctly cleaning the output buffer in case of decryption failure as it had no means to know its length (this buffer has variable length, depending on mac and payload size). After this change, the caller now needs to explicitly pass the output buffer length as a parameter, allowing us to clean it in case of decryption failure.
  • In the same spirit as done for the ECC key generation FIPS 186-4 (Appendix B.4.1) compliance, we improved EC-DSA signature generation to be FIPS 184-4 (Appendix B.5.1) compliant.
  • Both improvements come at very marginal performance impact. For the ECC algorithms, for example, FIPS compliance represents not even 1% higher latency, thus we considered their integration as quite reasonable.
  • The overall performance of our ECC algorithms are now competitive.
  • Previous calculation of a shared secret (LESC DHKey) was unacceptable for production use and this latest release aims to significantly improve performance.

Significant speedup on EC-DSA verfification

10 Mar 23:15
Compare
Choose a tag to compare

Significant speedup on EC-DSA verfification: Accelerates ECC point multiplication and modular reduction by removing constant-time bottlenecks (not needed in this process as verification only deals with public information). Slightly increased code size (same lines of expected result for other ECC optimizations).

Fix to make ECC Key Generation FIPS 186-4 compliant
- Previous version used a simplified method

Additional check in ecc_valid_public_key
- Also check that the public key is not the generator of P-256

Fix in double_bytes function
- Previous version used by Colin O'Flynn to show power analysis threat

Change in HMAC API:
- API now ensures it erases secrets before exiting

Added Authors file
- Clarifies contacts for responsible disclosure

Decryption bug fix, static analysis issues, and CTR PRNG reseed bug fix

16 Dec 21:17
Compare
Choose a tag to compare

Decryptions using ccm mode can incorrectly fail
tests: Update return codes and check_result function call
ecc_dh: Fix discrepancy of ecc_make_key definition and declaration
Static analysis issues
Fix warning on incorrect printf type for unsigned int num_bytes
Fix bug in CTR PRNG reseed function to correctly use the seed material
Updates for building on Windows using MinGW-64

TinyCrypt version 2.0 release including ECC_DH, ECC_DSA, CMAC, & CTR_PRNG

19 Apr 01:01
Compare
Choose a tag to compare

TinyCrypt version 2.0 release including ECC_DH, ECC_DSA, CMAC, & CTR_PRNG

Release v0.1.5

12 Dec 00:51
Compare
Choose a tag to compare

Removed windows incompatibility of Makefiles
Updated versioning in README
Removed versioning from .rst file
Updated Version file