mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-12 19:13:31 +00:00

Author	SHA1	Message	Date
Paul Elliott	4fb1955b31	Remove NULL-ing of passed in SSL context in ssl_populate_transform() Remove a piece of code that was meant to ensure non-usage of the ssl context under conditions where it should not be used, as this now makes less sense and also triggers coverity. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-10-18 15:16:45 +01:00
Manuel Pégourié-Gonnard	c6d633ffbc	Merge pull request #8297 from valeriosetti/issue8064 Change accel_aead component to full config	2023-10-18 07:15:59 +00:00
Valerio Setti	2f00b7a5da	cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-17 11:43:34 +02:00
Manuel Pégourié-Gonnard	745ec5d75e	Fix static initializer warning In a hypothetical build with no curves, or in the future when we add a new curve type and possibly forget updating this function with a new block for the new type, we write to `ret` at the beginning or the function then immediately overwrite it with MPI_CHK(check_privkey), which static analyzers understandably find questionable. Use `ret` here and check the key only if it was actually set. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-17 10:13:45 +02:00
Dave Rodgman	2fde39a22c	Merge pull request #8283 from daverodgman/more-aes-checks More AES guards testing and some fixes	2023-10-16 18:22:51 +00:00
Valerio Setti	dcee98730b	cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-16 11:35:57 +02:00
Valerio Setti	596ef6c0b1	cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-16 11:26:08 +02:00
Valerio Setti	0521633559	cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-16 11:22:21 +02:00
Valerio Setti	5f5573fa90	cipher: reintroduce symbol for legacy AEAD support Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-13 17:29:27 +02:00
Bence Szépkúti	195411bb17	Merge pull request #8062 from yanrayw/save_stack_usage_pkwrite pkwrite: use heap to save stack usage for writing keys in PEM string	2023-10-13 14:27:13 +00:00
Dave Rodgman	2457bcd26c	Tidy up logic for MBEDTLS_MAYBE_UNUSED Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-13 12:31:45 +01:00
Gilles Peskine	97a6231b5c	Revert "Fix a few IAR warnings"	2023-10-13 11:39:53 +02:00
Dave Rodgman	2d67e3a07b	Merge pull request #8352 from daverodgman/iar-fixes Fix a few IAR warnings	2023-10-13 09:20:28 +01:00
Tom Cosgrove	71f2e398bd	Merge pull request #8345 from mcagriaksoy/branch_issue_8344 Add missing casting size_t to int on ssl_tls13_keys.c	2023-10-12 18:39:33 +00:00
Dave Rodgman	584c8108b3	Use a block to save 12b Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-12 16:55:23 +01:00
Dave Rodgman	351a81c65d	Keep initialisation of p in its original location Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-12 16:36:05 +01:00
Dave Rodgman	bcb1818e19	Fix IAR 'transfer of control bypasses initialization' warnings Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-12 16:23:11 +01:00
Dave Rodgman	4b779bef9e	Merge branch 'development' into more-aes-checks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-12 16:17:10 +01:00
Dave Rodgman	54bb76e106	Merge pull request #8348 from kasjer/kasjer/aes-rcon-rename Rename local variable in aes.c	2023-10-12 12:30:35 +00:00
Valerio Setti	db1ca8fc33	cipher: keep MBEDTLS_CIPHER_HAVE symbols private This commit also improve the usage of these new symbols in cipher_wrap code Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-12 10:39:54 +02:00
Valerio Setti	e570704f1f	ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-12 10:39:37 +02:00
Jerzy Kasenberg	ee62fceade	Rename local variable in aes.c This changes local variable name RCON to round_constants. RCON being definition in xc32 compiler headers for some PIC32 register. Without this change, mynewt project for PIC32 platform fails to build due to macro redefinition. This does not changes behavior of library in any way. Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>	2023-10-11 16:36:24 +02:00
Mehmet Cagri Aksoy	56e9011bde	Add casting size_t to int Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>	2023-10-11 15:28:06 +02:00
Mehmet Cagri Aksoy	66f9b3f810	Add casting size_t to int Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>	2023-10-11 15:26:23 +02:00
Valerio Setti	d4a10cebe4	cipher/tls: use new symbols for guarding AEAD code Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-11 13:10:34 +02:00
Ronald Cron	a89d2ba132	Merge pull request #8327 from ronald-cron-arm/adapt-psa-crypto-repo-name Adapt to new PSA Crypto repo name	2023-10-11 06:45:30 +00:00
Ronald Cron	7871cb14a7	Include psa/build_info.h instead of mbedtls/build_info.h In PSA headers include psa/build_info.h instead of mbedtls/build_info.h. In Mbed TLS, both are equivalent but not in TF-PSA-Crypto where psa/build_info.h is the correct one. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-10-10 09:35:22 +02:00
Dave Rodgman	e7ebec6723	Merge pull request #8281 from daverodgman/fix-hwonly-warnings Improve AES hardware-only check	2023-10-09 11:25:50 +00:00
Dave Rodgman	866b3a1886	Merge pull request #8323 from tom-daubney-arm/fix_mbedtls_styling_docs Correct styling of Mbed TLS in documentation	2023-10-06 19:10:10 +00:00
Thomas Daubney	540324cd21	Correct styling of Mbed TLS in documentation Several bits of documentation were incorrectly styling Mbed TLS as MbedTLS. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-10-06 17:07:24 +01:00
Paul Elliott	3677352631	Merge pull request #8308 from valeriosetti/issue8052 PKCS12: use one-shot API	2023-10-06 15:39:31 +00:00
Dave Rodgman	8e00fe0cd8	Merge pull request #8309 from daverodgman/iar-warnings2 Fix IAR warnings	2023-10-06 13:24:12 +00:00
Valerio Setti	f484884fba	pkcs12: use mbedtls_cipher_crypt() instead of explicitly defining all steps Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-10-06 11:25:08 +02:00
Dave Rodgman	2eab462a8c	Fix IAR warnings Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-05 13:30:37 +01:00
Dave Rodgman	9bf752c45d	Support MSVS with clang Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-05 08:20:44 +01:00
Minos Galanakis	4855fdf887	Revert "Auto-generated files for v3.5.0" This reverts commit 591416f32b7a6472aa988c5106edbf334e228d2e. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-10-05 00:17:21 +01:00
Dave Rodgman	749f2227c6	Get MBEDTLS_MAYBE_UNUSED to cover more compilers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-04 22:12:33 +01:00
Minos Galanakis	e35e387ad7	Bump library so-crypto, so-x509, so-tls versions. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-10-04 16:17:46 +01:00
Minos Galanakis	8f4c19a680	Merge pull request #8273 from davidhorstmann-arm:target-prefix-3rdparty Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake	2023-10-04 16:03:22 +01:00
Dave Rodgman	feadcaf4a6	Support MBEDTLS_MAYBE_UNUSED in MSVC and IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-04 15:27:33 +01:00
Dave Rodgman	18ddf61a75	Use MBEDTLS_MAYBE_UNUSED to simplify aes.c and let compiler remove unused variables Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-04 14:03:12 +01:00
Dave Rodgman	1ec1a0f0cc	Introduce MBEDTLS_MAYBE_UNUSED Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-04 13:50:54 +01:00
Minos Galanakis	591416f32b	Auto-generated files for v3.5.0 Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-10-04 00:55:02 +01:00
Minos Galanakis	31ca313efa	Bump version to 3.5.0 ``` ./scripts/bump_version.sh --version 3.5.0 ``` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-10-03 22:02:18 +01:00
Minos Galanakis	1a3ad265cc	Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-10-03 21:57:51 +01:00
Gilles Peskine	3713bee34c	Remove leftover local debug line Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 18:43:18 +02:00
Gilles Peskine	7910cdd47f	Avoid compiler warning about size comparison GCC warns about comparing uint8_t to a size that may be >255. Strangely, casting the uint8_t to a size_t in the comparison expression doesn't avoid the warning. So change the type of the variable. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 16:11:05 +02:00
Gilles Peskine	530c423ad2	Improve some debug messages and error codes On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a crypto error code. On error paths, emit a level-1 debug message. Report the offending sizes. Downgrade an informational message's level to 3. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 15:42:11 +02:00
Gilles Peskine	c29df535ee	Improve robustness of ECDH public key length validation In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to validate what is written in handshake->xxdh_psa_peerkey. The previous code was correct, but a little fragile to misconfiguration or maintenance. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 15:02:39 +02:00
Gilles Peskine	c8df898204	Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH or ECDHE key exchange was not validated. This could result in an overflow of handshake->xxdh_psa_peerkey, overwriting further data in the handshake structure or further on the heap. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 15:02:33 +02:00

1 2 3 4 5 ...

12160 Commits