mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 09:40:29 +00:00

Author	SHA1	Message	Date
David Horstmann	24c269fd4a	Rewrite section on PSA copy functions The finally implemented functions were significantly different from the initial design idea, so update the document accordingly. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 18:03:35 +00:00
Ryan Everett	e1b50f38e4	Document unsupported concurrency scenario in psa_exercise_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 17:51:09 +00:00
Ryan Everett	6de38ac91c	Add missing PSA_ASSERT in mbedtls_test_psa_raw_key_agreement_with_self Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 17:50:39 +00:00
Ryan Everett	3de040f62d	Use TEST_FAIL in threaded tests Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 17:50:06 +00:00
Ryan Everett	6c488709d6	Fix typo in thread_import_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 17:49:44 +00:00
David Horstmann	abbf2c4835	Merge pull request #1191 from davidhorstmann-arm/psa-shared-memory-changelog Add ChangeLog for PSA buffer sharing fix	2024-03-14 16:18:23 +00:00
David Horstmann	ea08045275	Merge pull request #1199 from davidhorstmann-arm/invert-buffer-protection-option Invert and rename buffer protection config option	2024-03-14 16:17:18 +00:00
Gilles Peskine	7b333f1e88	Merge pull request #8913 from ronald-cron-arm/tls13-ticket-lifetime TLS 1.3: Enforce ticket maximum lifetime and discard tickets with 0 lifetime	2024-03-14 15:59:25 +00:00
Gilles Peskine	1c5ebf4352	Merge pull request #8697 from BensonLiou/random_bye_on_hrr Do not generate new random number while receiving HRR	2024-03-14 15:59:21 +00:00
Paul Elliott	50da462fc8	Merge pull request #8829 from paul-elliott-arm/add_framework_meta_tests Add metatests for failing TEST_EQUAL and TEST_LE_*	2024-03-14 15:55:14 +00:00
Ryan Everett	f6f973c235	Document security weakness in concurrent execution of psa_destroy_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 15:54:07 +00:00
Manuel Pégourié-Gonnard	e7c08af465	Merge pull request #8575 from lpy4105/issue/wrong-suite-name-in-check_test_cases_py Fix wrong suite name in check_test_cases.py	2024-03-14 15:31:27 +00:00
Ryan Everett	d4d6a7a20d	Rework and update psa-thread-safety.md I have restructured this file, and updated it to reflect changes in design/designs now being implemented. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 15:22:06 +00:00
David Horstmann	6f8c95ba1d	Preserve alphabetical sorting of config options In the list that is excluded from the full config. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:52:45 +00:00
David Horstmann	5a71e76e65	Remove MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS from full This option removes a feature (buffer protection) so should not be in the full config. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:47:48 +00:00
David Horstmann	0a8abdea8b	Update wrapper generation script and regenerate Update the guards generated by the wrapper generation script to use !MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS and regenerate the PSA test wrappers. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:47:48 +00:00
David Horstmann	4a48becdba	Invert and rename config option Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse: !MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer protection is enabled by default without any change to the Mbed TLS config file. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:47:48 +00:00
Gilles Peskine	93b305dc8e	tls13: Use a flag not a counter for CCS and HRR handling Reconcile with 5fbd27055d15c8ac234a229389ff4e31977487a0 on another branch Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>	2024-03-14 15:05:09 +01:00
Ryan Everett	c9515600fd	Fix state transition diagram This now represents the implemented model Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 13:22:05 +00:00
Gilles Peskine	91f7e07c63	Merge pull request #1196 from davidhorstmann-arm/buffer-sharing-merge Update development-restricted after buffer-sharing work	2024-03-14 13:28:35 +01:00
Janos Follath	8564f78c89	Merge pull request #1201 from yanesca/add-cve-ids-to-changelog Add CVE IDs to Changelog	2024-03-14 11:41:30 +00:00
Manuel Pégourié-Gonnard	93071cfeec	Merge pull request #8920 from valeriosetti/issue8919 Generalize some PK functions from MBEDTLS_PSA_CRYPTO_C to MBEDTLS_PSA_CRYPTO_CLIENT	2024-03-14 11:32:23 +00:00
BensonLiou	7b8b696790	Add change log Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 18:11:09 +08:00
Janos Follath	9edd7fd002	Add CVE IDs to Changelog Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-14 09:38:03 +00:00
BensonLiou	719c2ed9cb	Bugfix * In TLS 1.3 clients, fix an interoperability problem due to the client generating a new random after a HelloRetryRequest. Fixes #8669. Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 11:47:38 +08:00
BensonLiou	3720809d19	Merge branch 'development' into random_bye_on_hrr Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 11:44:21 +08:00
BensonLiou	368debd384	Merge branch 'development' of https://github.com/Mbed-TLS/mbedtls into random_bye_on_hrr	2024-03-14 11:42:25 +08:00
Gilles Peskine	5c77ad0f4f	Merge pull request #8926 from gilles-peskine-arm/lcov-cannot-write-investigation Work around a bug in ancient lcov	2024-03-13 17:52:15 +00:00
Waleed Elmelegy	b28ab0a45a	Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	daa4da781a	Increase ALPN length in saved session to 2 bytes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	5bc5263b2c	Add code improvments and refactoring in dealing with ALPN Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	7dfba34475	Fix possible overflow in ALPN length when saving session Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	75e33fa12e	Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	fe9ae085e3	Update serialized session description with ALPN information Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	1102563685	Add ALPN bit flag to session header Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	883f77cb08	Add mbedtls_ssl_session_set_alpn() function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	2824a209bc	Add ALPN information in session tickets Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Gilles Peskine	539d7d54af	Work around a bug in ancient lcov lcov had a bug whereby it tries to create the output file relative to / if it has emitted a warning. We do CI runs on Ubuntu 16.04 which is too old to have the fix. As a quick fix for the CI, work around the bug. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-03-13 17:19:17 +01:00
Ryan Everett	f111f35478	Add test cases for concurrently_use_same_persistent_key There is a 1-1 correlation between these test cases and the test cases for import_and_exercise_key. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Ryan Everett	50619991c8	Add test function for concurrently using the same persistent key The thread functions can also be used in future tests for other key types and other test scenarios Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Ryan Everett	fbf815d9cb	Add key_destroyable parameter to key export smoke tests These are only called from mbedtls_test_psa_exercise_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Ryan Everett	73e4ea37f4	Add key_destroyable parameter to non-raw key agreement smoke tests All current usages have this parameter set to 0 (this means the tests are unchanged). Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Dave Rodgman	775c7768ee	Merge pull request #8877 from gilles-peskine-arm/split-minimal-3.6 Create a minimal framework submodule	2024-03-13 14:30:09 +00:00
David Horstmann	0634168296	Reference issue #3266 This is the issue that tracks incomplete support for buffer overlap, so we should refer to it when we discuss partial support whenever MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 14:12:10 +00:00
David Horstmann	eff3d1ebb5	Use the exact phrase 'shared memory' This allows people searching for this phrase to find this ChangeLog entry. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 14:12:10 +00:00
David Horstmann	5aef299006	Merge pull request #1197 from tom-daubney-arm/buffer_sharing_cleanup Buffer sharing cleanup	2024-03-13 13:55:47 +00:00
David Horstmann	4407aba552	Mention the CVE number that is fixed Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 13:34:31 +00:00
David Horstmann	7fc35a5ea1	Reword ChangeLog entry. Specifically: * Fix a grammatical typo * Mention shared memory * Mention overlap support in the security section * Improve wording Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 13:30:55 +00:00
Paul Elliott	0493ab56a4	Add PSA threaded init tests Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-13 12:39:02 +00:00
Paul Elliott	838886da64	Protect the key slot management initialised flag Use the global data mutex, as the key slot mutex has to be held in some of the functions where we are testing the flag, and we already hold the global data mutex when calling the functions where the flag is set. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-13 12:39:02 +00:00

... 3 4 5 6 7 ...

30692 Commits