mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-06 03:40:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,032 Commits 170 Branches 263 Tags
Commit Graph

1534 Commits

Author SHA1 Message Date
Janos Follath
5435850017
Merge pull request #9457 from gilles-peskine-arm/announce-4.0-removals-202408 
3.6 only: Announce the main removals planned for 4.0
 2024-08-12 12:41:37 +00:00
Gilles Peskine
7f9470ac02
Merge pull request #9451 from minosgalanakis/fix-v3.6-issues-9186-and-9188-bp 
[Backport 3.6] Fix v3.6 issues 9186 and 9188 bp
 2024-08-12 09:34:19 +00:00
Gilles Peskine
47bf23f748 PSA PAKE wasn't in 2.28 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-12 11:21:54 +02:00
Gilles Peskine
ce629a6ce7 entropy.h is also going away 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-12 11:21:10 +02:00
Gilles Peskine
ee7332104d Mention interfaces replaced by PSA drivers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-10 17:22:45 +02:00
Gilles Peskine
3b41e1d2a5
Merge pull request #9403 from gilles-peskine-arm/psa-keystore-dynamic-prep-3.6 
Backport 3.6: prepare for dynamic key store
 2024-08-09 08:00:03 +00:00
Gilles Peskine
a11687e543 Revised presentation of cipher suites 
Include patterns on the official names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:58:35 +02:00
Gilles Peskine
6df289a56f More relevant characterisation of PSA being from before 3.0 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:45:57 +02:00
Gilles Peskine
086bc91179 Improve mechanism grouping 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:45:35 +02:00
Gilles Peskine
5e64de034e Fix missing bits in crypto mechanisms 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:41:12 +02:00
Gilles Peskine
aada0c869f Mention the PSA transition guide 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 23:05:45 +02:00
Gilles Peskine
1b240c7ec1 Announce the main removals planned for 4.0 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 22:51:35 +02:00
Gilles Peskine
d865c42776 Changelog entry for the move from key_ext to key_custom functions 
Document psa_generate_key_ext() and psa_key_derivation_output_key_ext() as
deprecated in favor of psa_generate_key_custom() and
psa_key_derivation_output_key_custom(), and no longer declared in C++ builds.

Resolves #9020.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:07 +02:00
Michael Schuster
5be4fd784e Fix build of v3.6 with unset MBEDTLS_DHM_C but MBEDTLS_USE_PSA_CRYPTO set (fixes #9188) 
Avoid compiler warning about size comparison (like in commit 7910cdd):

Clang builds fail, warning about comparing uint8_t to a size that may be >255.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 11:26:00 +01:00
Michael Schuster
c9184fe7ab Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes #9186) 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 11:26:00 +01:00
Gilles Peskine
7dea096086 Fix overlap between volatile keys and built-in keys 
Fix interference between PSA volatile keys and built-in keys
when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096. This overlap used to make it
possible that a volatile key would receive the identifier of a built-in key,
and is now caught by a static assertion.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-17 12:21:21 +02:00
Gilles Peskine
d72ad738bd Prevent mbedtls_psa_register_se_key with volatile keys 
mbedtls_psa_register_se_key() is not usable with volatile keys, since there
is no way to return the implementation-chosen key identifier which would be
needed to use the key. Document this limitation. Reject an attempt to create
such an unusable key. Fixes #9253.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-17 12:21:21 +02:00
Gilles Peskine
b47c3b3111 psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes 
Credit to Cryptofuzz. Fixes #9314.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-03 09:42:35 +02:00
Paul Elliott
9bfe69a815
Merge pull request #9274 from eleuzi01/backport-9250 
[Backport 3.6] Fix compiler warnings in test_suite_pk.function
 2024-06-24 10:40:49 +00:00
Valerio Setti
3b665626e8 changelog: add changelog 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-06-21 13:40:16 +02:00
Elena Uziunaite
f99197122d Changelog Fix 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-06-18 10:28:10 +01:00
Elena Uziunaite
0dbb733a63 Add ChangeLog 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-06-18 10:27:57 +01:00
Valerio Setti
18c70295b5 changelog: add changelog for PSA CMAC fix 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-06-03 06:54:46 +02:00
Gilles Peskine
99cb19ad00 Document that there is now an error for dangerous inclusions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-23 14:05:29 +02:00
Gilles Peskine
06972c6ae4 Belated changelog entry for not including check_config.h 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-23 13:53:28 +02:00
Gilles Peskine
b69757ab61 Fix a compilation warning in pk.c when PSA is enabled and RSA is disabled 
It isn't detected on the CI because we only test this with an ancient Clang
that doesn't warn. Old GCC, modern GCC and modern Clang do
warn (-Wunused-but-set-variable).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-14 12:06:20 +02:00
Gilles Peskine
c4f4ff9210
Merge pull request #9085 from nileshkale123/fix/redefinition_warning_for_gnu_source_backport_3.6 
Backport 3.6: Fixed issue of redefinition warning messages for _GNU_SOURCE
 2024-05-06 12:40:45 +00:00
Janos Follath
7fa3134dab Fix Changelog formatting 
Add EOL and remove trailing whitespaces.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-05-03 10:50:33 +05:30
Gilles Peskine
51e96ad34c
Merge pull request #9074 from Ryan-Everett-arm/8357-fix-3.6 
Backport 3.6: Fix error handling for secure element keys in `psa_start_key_creation`
 2024-05-02 16:06:09 +00:00
nilesh.kale
2a0a62859c Fixed issue of redefinition warning messages for _GNU_SOURCE 
Signed-off-by: nilesh.kale <nilesh.kale@espressif.com>
 2024-05-02 14:27:44 +05:30
Ryan Everett
629715aeb1 Add changelog 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 14:09:43 +01:00
Ryan Everett
97cc7f89be Rewrite changelog 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 11:17:04 +01:00
Ryan Everett
b1c3d6e07b Add changelog 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-04-30 11:17:04 +01:00
Paul Elliott
405d1f6434 Add Changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-04-26 19:20:45 +01:00
Valerio Setti
0595dc685f changelog: fix text 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-19 11:11:10 +02:00
Valerio Setti
82c3b40fef add changelog 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-19 09:40:01 +02:00
Gilles Peskine
974006b00d
Merge pull request #9000 from tom-cosgrove-arm/fix-compilation-when-memcpy-is-function-like-macro-3.6 
Backport 3.6: Fix compilation when memcpy() is a function-like macro
 2024-04-09 11:34:51 +00:00
Ronald Cron
05c1ba22f0 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Tom Cosgrove
b32d7ae0fe Fix compilation of ssl_tls13_generic.c when memcpy() is a function-like macro 
Fixes #8994

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-04-02 14:52:29 +01:00
Minos Galanakis
2c1daef183 Assemble Changelog 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 11:46:25 +00:00
Minos Galanakis
d9d6435bc5 Merge branch 'development-restricted' into mbedtls-3.6.0rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-21 15:44:11 +00:00
Valerio Setti
ea01efa589 add changelog 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-20 17:19:08 +01:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
Ronald Cron
a5c5c58107 tls13: srv: Fix potential stack buffer overread 
Fix potential stack buffer overread when
checking PSK binders.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-19 14:46:21 +01:00
Gilles Peskine
b2b9068264
Merge pull request #8942 from valeriosetti/fix-null-dereference 
[Bugfix] Fix null dereference in `mbedtls_pk_verify_ext()`
 2024-03-19 10:47:29 +00:00
Manuel Pégourié-Gonnard
af14b89824
Merge pull request #8932 from ronald-cron-arm/enable-tls13-by-default 
Enable TLS 1.3 by default
 2024-03-19 09:51:49 +00:00
Valerio Setti
8ad5be0e5d add changelog 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-18 17:22:52 +01:00
Paul Elliott
f5f48549e2 Add issues fixed to changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-18 13:52:25 +00:00
Ronald Cron
27eb68d295 Enable TLS 1.3 by default 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-18 13:06:59 +01:00
Manuel Pégourié-Gonnard
47f8d0e840
Merge pull request #8934 from paul-elliott-arm/add_threading_changelog 
Add changelog entry for threading MVP
 2024-03-18 10:25:14 +00:00