mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-12 03:40:04 +00:00

Author	SHA1	Message	Date
Gilles Peskine	42649d9270	Fix NULL+0 undefined behavior in ECB encryption and decryption psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to a null pointer when the cipher does not use an IV. This is undefined behavior, although it works as naively expected on most platforms. This can cause a crash with modern Clang+ASan (depending on compiler optimizations). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-23 14:16:52 +01:00
Manuel Pégourié-Gonnard	ef25a99f20	Merge pull request #6533 from valeriosetti/issue5847 Use PSA EC-JPAKE in TLS (1.2) - Part 2	2022-11-23 13:27:30 +01:00
Manuel Pégourié-Gonnard	3518fb11d0	Improve ChangeLog entry for driver-only hashes - avoid long unstructured paragraph with long messy sentences - de-emphasize "no longer depends on MD" and emphasize "can work in some driver-only builds" instead - that's what users are interested in (building without MD is just the current way to accomplish that, but that will change in the future) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-11-23 13:23:28 +01:00
Ronald Cron	1d1d53622f	Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee The internal CI merge job ran successfully.	2022-11-23 12:31:25 +01:00
Ronald Cron	cb0e680779	Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over TLS 1.3: Fix tls13 mbedtls ssl is handshake over	2022-11-23 12:12:02 +01:00
Xiaokang Qian	b157e915ad	Move the early data status set afeter all of the extensions parse Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-23 08:12:26 +00:00
Ronald Cron	d8603a7b44	Merge pull request #6638 from ronald-cron-arm/tls13-misc TLS 1.3: Adjustments for the coming release	2022-11-23 09:07:36 +01:00
Xiaokang Qian	e861ba01d4	Remove the duplicate early_data_status check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-23 03:21:02 +00:00
Xiaokang Qian	ca09afc60a	Remove useless function and parse early data in ee Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-23 02:16:49 +00:00
Dave Rodgman	fdd967ebdc	Detect support for unaligned memory access Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 18:55:17 +00:00
Dave Rodgman	8c18baf8c1	Add test for unaligned buffers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 18:15:55 +00:00
Dave Rodgman	c36a56e890	Use mbedtls_xor in TLS messaging layer Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	74b345f282	Use mbedtls_xor in PKCS #5 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	99a507ee55	Use mbedtls_xor in md Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	d22fb73e3e	Use mbedtls_xor in GCM Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	2e9db8e9bf	Use mbedtls_xor in DES Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	ffb5499988	Use mbedtls_xor in CTR_DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	8c0ff81ce7	Use mbedtls_xor in CMAC Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:44 +00:00
Dave Rodgman	c1d9022bab	Use mbedtls_xor in ChaCha20 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:43 +00:00
Dave Rodgman	0d3b55bca8	Use mbedtls_xor in ccm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:43 +00:00
Dave Rodgman	d23399eb69	Use mbedtls_xor in Camellia Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:43 +00:00
Dave Rodgman	7bb6b84b29	Use mbedtls_xor in ARIA Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:43 +00:00
Dave Rodgman	a8cf607458	Use mbedtls_xor in AES Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:43 +00:00
Dave Rodgman	4413b6690f	Add tests for mbedtls_xor Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 17:32:43 +00:00
Tom Cosgrove	d66d5b2fef	Add unit tests for mbedtls_mpi_core_sub_int(), MPI A - scalar b Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-11-22 15:07:31 +00:00
Valerio Setti	99d88c1ab4	tls: psa_pake: fix missing casting in mbedtls_psa_ecjpake_write_round Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-22 16:03:43 +01:00
Dave Rodgman	c3d8041fe7	Introduce mbedtls_xor Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-22 15:01:39 +00:00
Tom Cosgrove	452c99c173	Use mbedtls_mpi_core_sub_int() in mbedtls_mpi_sub_abs() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-11-22 14:58:15 +00:00
Tom Cosgrove	f7ff4c9a11	Tidy up, remove MPI_CORE(), and apply the naming convention Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-11-22 14:58:15 +00:00
Hanno Becker	d9b2348d8f	Extract MPI_CORE(sub_int) from the prototype Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-11-22 14:58:15 +00:00
Bence Szépkúti	a17d038ee1	Merge branch 'development' into pr3431	2022-11-22 15:54:52 +01:00
Janos Follath	0fc88779ec	Merge pull request #6632 from yanesca/refactor_bignum_test_framework Refactor bignum test framework	2022-11-22 14:53:58 +00:00
Gilles Peskine	a08103aa94	Merge pull request #6611 from gilles-peskine-arm/run-test-suites-out-of-tree Fix run-test-suites.pl in out-of-tree builds	2022-11-22 15:01:13 +01:00
Gilles Peskine	4f19d86e3f	Merge pull request #6608 from mprse/ecjpake_password_fix Make a copy of the password key in operation object while setting j-pake password	2022-11-22 14:52:12 +01:00
Ronald Cron	da13072c5b	tls13: Make ..._RECEIVED_NEW_SESSION_TICKET experimental We are considering using a callback instead. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-11-22 13:21:13 +01:00
Manuel Pégourié-Gonnard	18a3856a03	Document another limitation of driver-only hashes Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-11-22 11:59:55 +01:00
Valerio Setti	d4a9b1ab8d	tls: psa_pake: remove useless defines and fix a comment Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-22 11:11:10 +01:00
Xiaokang Qian	8bee89994d	Add parse function for early data in encrypted extentions Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-22 09:40:07 +00:00
Przemek Stekiel	0bdec19c93	Further optimizations of pake set_password implementation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-11-22 09:10:35 +01:00
Ronald Cron	c2e110f445	tls13: Disable MBEDTLS_SSL_EARLY_DATA by default Eventually we want it to be enabled by default when TLS 1.3 is enabled but currently the feature is on development thus it should not be enabled by default. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-11-22 09:01:46 +01:00
Jerry Yu	fdd24b8c49	Revert change in flight transmit Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-22 14:08:03 +08:00
Gilles Peskine	339406daf9	Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub Fix undefined behavior in bignum: NULL+0 and -most-negative-sint	2022-11-21 19:51:58 +01:00
Gilles Peskine	8b85b4835e	Merge pull request #6617 from tom-cosgrove-arm/call-mbedtls_mpi_mod_modulus_init-first-final-2 Must call mbedtls_mpi_mod_modulus_init() before anything else in tests	2022-11-21 19:50:20 +01:00
Przemek Stekiel	f82effa982	Optimize pake test code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-11-21 15:10:32 +01:00
Przemek Stekiel	ad0f357178	Optimize pake code that sets/use password key Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-11-21 15:04:37 +01:00
Przemek Stekiel	e2d6b5f45b	psa_key_slot_get_slot_number: Move documentation to header file Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-11-21 15:03:52 +01:00
Valerio Setti	5151bdf46e	tls: psa_pake: add missing braces Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-21 14:30:02 +01:00
Valerio Setti	79f6b6bb1b	tls: psa_pake: fixing mbedtls_psa_ecjpake_write_round() It might happen that the psa_pake_output() function returns elements which are not exactly 32 or 65 bytes as expected, but 1 bytes less. As a consequence, insted of hardcoding the expected value for the length in the output buffer, we write the correct one as obtained from psa_pake_output() Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-21 14:17:03 +01:00
Przemek Stekiel	cd356c3cdb	Add ec-jpake test to verify if key can be destroyed after set_password_key Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-11-21 12:25:21 +01:00
Dave Rodgman	9e1836cc16	Merge pull request #6593 from Mbed-TLS/fix_tls12_sent_sigalgs Fix TLS1.2 signature algorithms list entry getting overwritten by length.	2022-11-21 10:09:57 +00:00

1 2 3 4 5 ...

22365 Commits