mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-17 16:13:48 +00:00

Author	SHA1	Message	Date
Ronald Cron	11cc41265b	Merge pull request #8711 from ronald-cron-arm/tls13-ticket-and-early-data-unit-test Add TLS 1.3 ticket and early data unit tests	2024-02-01 13:15:55 +00:00
Paul Elliott	cb88c4945a	Merge pull request #8754 from Redfoxymoon/development fix build for midipix	2024-02-01 10:01:49 +00:00
Ronald Cron	eb84534ee3	Use TEST_EQUAL instead of TEST_ASSERT where possible Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-01-31 15:23:38 +01:00
Ronald Cron	5de9c6f295	Fix and add comments in ticket and early data test function Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-01-31 15:23:33 +01:00
Ronald Cron	095a3a5a29	Fix PSA init and done macros in TLS unit tests Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-01-31 15:02:09 +01:00
Ronald Cron	faf026c67c	Explain purpose of test specific write/parse ticket functions Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-01-31 14:32:11 +01:00
Dave Rodgman	4c92845210	Merge pull request #8767 from daverodgman/sha-glibc-changelog SHA-256 and 512 support for old libc	2024-01-31 13:21:52 +00:00
Paul Elliott	1ee85b4c61	Merge pull request #8766 from tom-cosgrove-arm/unify-clang-version-checking-in-all.sh Unify clang version checking in all.sh	2024-01-31 12:51:34 +00:00
Manuel Pégourié-Gonnard	f1562a7217	Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design PK-PSA bridge design document	2024-01-31 09:51:43 +00:00
Dave Rodgman	dae21d3808	Support SHA-512 hwcap detection on old libc Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-30 15:31:42 +00:00
Gilles Peskine	cbb9caead4	Changelog for building SHA-256 and 512 with old libc Linux/Aarch64: support SHA acceleration detection with older libc On Linux on aarch64 (64-bit ARMv8) processors, we use getauxval() to detect whether the runtime environment supports SHA-256 or SHA-512 acceleration. Some libc do not define the necessary HWCAP_xxx constants to analyze the result of getauxval(), either because they don't bother or because they're too old to recognize the values we need (for example, HWCAP_SHA2 appeared in Glibc 2.24 and HWCAP_SHA512 appeared in Glibc 2.27). In such cases, assume that the values are the same as in the kernel ABI and define the constants manually. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-30 15:25:37 +00:00
Gilles Peskine	36dee75368	Update ECDSA signature conversion based on experimentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-30 16:15:17 +01:00
Tom Cosgrove	d4c373a597	Refactor all.sh clang version detection code Prevents a script failure when attempting to run build_aes_armce on a system without clang Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2024-01-30 13:56:38 +00:00
Tom Cosgrove	9e4eeff6e0	Fix comment about verison of clang required for 'build_aes_armce' Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2024-01-30 13:51:18 +00:00
Ørjan Malde	2a6cb5c881	fix build for midipix Signed-off-by: Ørjan Malde <red@foxi.me>	2024-01-30 14:50:23 +01:00
Paul Elliott	47c74a4773	Merge pull request #8741 from Ryan-Everett-arm/add-locking-macros Add macros for locking/unlocking the key slot mutex	2024-01-26 13:53:38 +00:00
Paul Elliott	12abdde951	Merge pull request #8699 from minosgalanakis/update/rsa_context_in_programs_5014 [MBEDTLS_PRIVATE] Update rsa context in programs 5014	2024-01-26 11:03:43 +00:00
Paul Elliott	c4e911889e	Merge pull request #8751 from trofi/gcc-14-calloc-fix tests: fix `calloc()` argument list (`gcc-14` fix)	2024-01-26 11:02:53 +00:00
Sergei Trofimovich	da2a33de0f	tests: fix `calloc()` argument list (`gcc-14` fix) `gcc-14` added a new `-Wcalloc-transposed-args` warning recently. It detected minor infelicity in `calloc()` API usage in `mbedtls`: In file included from /build/mbedtls/tests/include/test/ssl_helpers.h:19, from /build/mbedtls/tests/src/test_helpers/ssl_helpers.c:11: /build/mbedtls/tests/src/test_helpers/ssl_helpers.c: In function 'mbedtls_test_init_handshake_options': /build/mbedtls/tests/include/test/macros.h:128:46: error: 'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Werror=calloc-transposed-args] 128 \| (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ \| ^ Signed-off-by: Sergei Trofimovich <slyich@gmail.com>	2024-01-25 21:29:56 +00:00
Dave Rodgman	935182fe2b	Merge pull request #1158 from daverodgman/mbedtls-3.5.2rc Mbedtls 3.5.2rc	2024-01-25 12:22:54 +00:00
Dave Rodgman	f5e231ca84	Merge pull request #8719 from daverodgman/iar-codegen Improve codegen of unaligned access for IAR and gcc	2024-01-25 08:31:45 +00:00
Ryan Everett	3877d4858b	Refactor macros Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-24 13:26:26 +00:00
Dave Rodgman	13f2f4e7f1	Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc	2024-01-24 09:49:15 +00:00
Dave Rodgman	daca7a3979	Update BRANCHES.md Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-24 09:49:11 +00:00
Ryan Everett	cb05ce30e9	Minor fixes to locking macros Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-23 19:25:10 +00:00
Ryan Everett	90afb132e0	Add ..._GOTO_EXIT macro Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-23 18:34:55 +00:00
Ryan Everett	d6d6a76e46	Add ..._GOTO_RETURN macro Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-23 18:32:42 +00:00
Janos Follath	aa3fa98bc4	Merge pull request #8726 from v1gnesh/patch-1 Update entropy_poll.c to allow build in z/OS	2024-01-23 12:43:18 +00:00
Dave Rodgman	c64280a2d7	Fix comment typo Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-23 10:05:08 +00:00
v1gnesh	468c02cf61	Update ChangeLog.d/8726.txt Co-authored-by: Janos Follath <janos.follath@arm.com> Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com>	2024-01-23 15:29:40 +05:30
Dave Rodgman	00b530e395	Limit compiler hint to compilers that are known to benefit from it Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-23 09:41:34 +00:00
Dave Rodgman	e23d6479cc	Bump version ./scripts/bump_version.sh --version 3.5.1 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-22 15:45:49 +00:00
Dave Rodgman	6ba416968b	Assemble Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-22 15:40:12 +00:00
Janos Follath	0d57f1034e	Update Marvin fix Changelog entry Upon further consideration we think that a remote attacker close to the victim might be able to have precise enough timing information to exploit the side channel as well. Update the Changelog to reflect this. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:58 +00:00
Janos Follath	393df9c995	Add warning for PKCS 1.5 decryption Any timing variance dependant on the output of this function enables a Bleichenbacher attack. It is extremely difficult to use safely. In the Marvin attack paper (https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf) the author suggests that implementations of PKCS 1.5 decryption that don't include a countermeasure should be considered inherently dangerous. They suggest that all libraries implement the same countermeasure, as implementing different countermeasures across libraries enables the Bleichenbacher attack as well. This is extremely fragile and therefore we don't implement it. The use of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable. Add a warning to PKCS 1.5 decryption to warn users about this. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	16ab76bbe7	Fix typo Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	b4b8f3df3b	RSA: improve readability Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	47ee770812	RSA: remove unneeded temporaries Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	e6750b2a0b	RSA: document Montgomery trick in unblind Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	a62a554071	Fix style Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	100dcddfca	Make local function static Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	a865fc951e	Add Changelog for the Marvin attack fix Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	6bcbc925bf	Extend blinding to RSA result check Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Janos Follath	d6b096532c	Make RSA unblinding constant flow Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-01-22 15:33:19 +00:00
Paul Elliott	968a928659	Add Changelog for #8687 Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-22 15:32:18 +00:00
Jonathan Winzig	af553bf719	Add required dependency to the testcase Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com> Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 15:31:05 +00:00
Jonathan Winzig	acd35a55c8	Remove unneeded testcase Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 15:31:05 +00:00
Jonathan Winzig	144bfde1cd	Update test-data to use SIZE_MAX Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 15:31:05 +00:00
Jonathan Winzig	93f5240ae5	Add missing newline at the end of test_suite_x509write.data Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 15:31:05 +00:00
Jonathan Winzig	a0c9448bea	Update fix to be more platform-independent Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-22 15:31:05 +00:00

1 2 3 4 5 ...

29186 Commits