mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 00:40:14 +00:00

Author	SHA1	Message	Date
David Horstmann	6f8c95ba1d	Preserve alphabetical sorting of config options In the list that is excluded from the full config. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:52:45 +00:00
David Horstmann	5a71e76e65	Remove MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS from full This option removes a feature (buffer protection) so should not be in the full config. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:47:48 +00:00
David Horstmann	0a8abdea8b	Update wrapper generation script and regenerate Update the guards generated by the wrapper generation script to use !MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS and regenerate the PSA test wrappers. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:47:48 +00:00
David Horstmann	4a48becdba	Invert and rename config option Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse: !MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer protection is enabled by default without any change to the Mbed TLS config file. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-14 14:47:48 +00:00
Gilles Peskine	93b305dc8e	tls13: Use a flag not a counter for CCS and HRR handling Reconcile with 5fbd27055d15c8ac234a229389ff4e31977487a0 on another branch Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>	2024-03-14 15:05:09 +01:00
Ryan Everett	c9515600fd	Fix state transition diagram This now represents the implemented model Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-14 13:22:05 +00:00
Gilles Peskine	91f7e07c63	Merge pull request #1196 from davidhorstmann-arm/buffer-sharing-merge Update development-restricted after buffer-sharing work	2024-03-14 13:28:35 +01:00
Janos Follath	8564f78c89	Merge pull request #1201 from yanesca/add-cve-ids-to-changelog Add CVE IDs to Changelog	2024-03-14 11:41:30 +00:00
Manuel Pégourié-Gonnard	93071cfeec	Merge pull request #8920 from valeriosetti/issue8919 Generalize some PK functions from MBEDTLS_PSA_CRYPTO_C to MBEDTLS_PSA_CRYPTO_CLIENT	2024-03-14 11:32:23 +00:00
BensonLiou	7b8b696790	Add change log Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 18:11:09 +08:00
Janos Follath	9edd7fd002	Add CVE IDs to Changelog Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-14 09:38:03 +00:00
BensonLiou	719c2ed9cb	Bugfix * In TLS 1.3 clients, fix an interoperability problem due to the client generating a new random after a HelloRetryRequest. Fixes #8669. Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 11:47:38 +08:00
BensonLiou	3720809d19	Merge branch 'development' into random_bye_on_hrr Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 11:44:21 +08:00
BensonLiou	368debd384	Merge branch 'development' of https://github.com/Mbed-TLS/mbedtls into random_bye_on_hrr	2024-03-14 11:42:25 +08:00
Gilles Peskine	5c77ad0f4f	Merge pull request #8926 from gilles-peskine-arm/lcov-cannot-write-investigation Work around a bug in ancient lcov	2024-03-13 17:52:15 +00:00
Waleed Elmelegy	b28ab0a45a	Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	daa4da781a	Increase ALPN length in saved session to 2 bytes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	5bc5263b2c	Add code improvments and refactoring in dealing with ALPN Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	7dfba34475	Fix possible overflow in ALPN length when saving session Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	75e33fa12e	Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	fe9ae085e3	Update serialized session description with ALPN information Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	1102563685	Add ALPN bit flag to session header Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	883f77cb08	Add mbedtls_ssl_session_set_alpn() function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	2824a209bc	Add ALPN information in session tickets Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Gilles Peskine	539d7d54af	Work around a bug in ancient lcov lcov had a bug whereby it tries to create the output file relative to / if it has emitted a warning. We do CI runs on Ubuntu 16.04 which is too old to have the fix. As a quick fix for the CI, work around the bug. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-03-13 17:19:17 +01:00
Ryan Everett	f111f35478	Add test cases for concurrently_use_same_persistent_key There is a 1-1 correlation between these test cases and the test cases for import_and_exercise_key. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Ryan Everett	50619991c8	Add test function for concurrently using the same persistent key The thread functions can also be used in future tests for other key types and other test scenarios Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Ryan Everett	fbf815d9cb	Add key_destroyable parameter to key export smoke tests These are only called from mbedtls_test_psa_exercise_key Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Ryan Everett	73e4ea37f4	Add key_destroyable parameter to non-raw key agreement smoke tests All current usages have this parameter set to 0 (this means the tests are unchanged). Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-13 14:31:11 +00:00
Dave Rodgman	775c7768ee	Merge pull request #8877 from gilles-peskine-arm/split-minimal-3.6 Create a minimal framework submodule	2024-03-13 14:30:09 +00:00
David Horstmann	0634168296	Reference issue #3266 This is the issue that tracks incomplete support for buffer overlap, so we should refer to it when we discuss partial support whenever MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 14:12:10 +00:00
David Horstmann	eff3d1ebb5	Use the exact phrase 'shared memory' This allows people searching for this phrase to find this ChangeLog entry. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 14:12:10 +00:00
David Horstmann	5aef299006	Merge pull request #1197 from tom-daubney-arm/buffer_sharing_cleanup Buffer sharing cleanup	2024-03-13 13:55:47 +00:00
David Horstmann	4407aba552	Mention the CVE number that is fixed Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 13:34:31 +00:00
David Horstmann	7fc35a5ea1	Reword ChangeLog entry. Specifically: * Fix a grammatical typo * Mention shared memory * Mention overlap support in the security section * Improve wording Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-13 13:30:55 +00:00
Paul Elliott	0493ab56a4	Add PSA threaded init tests Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-13 12:39:02 +00:00
Paul Elliott	838886da64	Protect the key slot management initialised flag Use the global data mutex, as the key slot mutex has to be held in some of the functions where we are testing the flag, and we already hold the global data mutex when calling the functions where the flag is set. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-13 12:39:02 +00:00
Paul Elliott	47cee8e2ee	Add mbedtls_psa_crypto_init_subsystem() Internal only for now, but can be made external with some more work. Break up psa_crypto_init into chunks to prevent deadlocks when initialising RNG, likewise break up mbedtls_crypto_free() to stop having to hold more than one mutex at a time. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-13 12:39:02 +00:00
BensonLiou	bedd2519e6	fix code style Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-13 20:31:24 +08:00
Gilles Peskine	93b282232f	missing word Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-03-13 13:08:57 +01:00
Ronald Cron	40043d03a5	Merge pull request #8884 from ronald-cron-arm/improve-early-data-status TLS 1.3: CLI: Split early data user status and internal state	2024-03-13 11:59:49 +00:00
Dave Rodgman	e95bf79754	Merge pull request #8922 from daverodgman/gcc-o3 Fix gcc -O3 warnings	2024-03-13 11:47:14 +00:00
Thomas Daubney	dca796b966	Remove further instance of LOCAL_OUTPUT_WITH_COPY Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2024-03-13 10:59:19 +00:00
Manuel Pégourié-Gonnard	fb84c7681c	Merge pull request #8889 from gilles-peskine-arm/pk-psa-bridge-3.6-doc Document PK-PSA bridge functions	2024-03-13 10:55:36 +00:00
Bence Szépkúti	ae0d97ab8b	Update compilers list in docs and changelog Drop support for MSVC 2013, 2015 and Arm Compiler 5 Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2024-03-13 11:23:16 +01:00
Bence Szépkúti	0719d7c3d8	Update the MSBuild toolset versions to VS2017 Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2024-03-13 11:23:16 +01:00
Bence Szépkúti	fac1122b85	Rename solution files to referece VS2017 Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2024-03-13 11:23:16 +01:00
Dave Rodgman	60c2f47f98	Merge pull request #8888 from minosgalanakis/features/add_ssl_session_accessor_8529 [MBEDTLS_PRIVATE] Add accessor for session and ciphersuite_id	2024-03-13 10:02:15 +00:00
Dave Rodgman	386c39f2d5	Check gcc version Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-13 09:55:33 +00:00
Paul Elliott	4de4cc4a29	Merge pull request #8891 from Ryan-Everett-arm/document-SE_C-not-threadsafe Officially document non thread-safety of MBEDTLS_PSA_CRYPTO_SE_C	2024-03-13 09:42:49 +00:00

... 2 3 4 5 6 ...

30629 Commits