mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 18:40:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
28,133 Commits 170 Branches 263 Tags
Commit Graph

1315 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
c9d9b1fdb1 Update ChangeLog for ECC.BN EPIC 
Actually not much to change there, from a high level perspective things are
quite simple: you used to be able to disable ECP_C, now you can disable
BIGNUM_C too.

There will be more to update in driver-only-build.md which is the right
place for a more detailed explanation of the limitations.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:51:51 +02:00
Dave Rodgman
e614129895 Update padding const-time fix changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-27 16:27:50 +01:00
Dave Rodgman
0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016 
driver-only ECC: curve acceleration macros
 2023-09-27 14:39:02 +00:00
Manuel Pégourié-Gonnard
bdc678f910 Add ChangeLog entry for change in driver config API 
While this was arguably a bug as much as it is a change, I'm choosing
the "API changes" section in order to give this more visibility as it
seems likely to "break" (that is, compile in the built-implementation
when it isn't desired) the build of some people who were relying on the
old behaviour by not declaring which curves were accelerated (as most of
our tests did before this PR).

Said otherwise, as a user, I expect that most of the time "Bugfix" is
for things that were not working and are now working, but here
interested users are more likely to see it as "previously doing what I
want, but now no longer doing what I want unless I make changes to my
code". (Though of course there's no clear distinction, see xkcd 1172.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-27 10:53:44 +02:00
Dave Rodgman
6da7872aa2
Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925 
Merge development into development-restricted
 2023-09-25 18:16:01 +01:00
Gilles Peskine
ffe590d197
Merge pull request #1058 from waleed-elmelegy-arm/check-set_padding-is-called 
Check set_padding has been called in mbedtls_cipher_finish
 2023-09-25 17:12:36 +02:00
Gilles Peskine
ca1e605b9c Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925 
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
  `MBEDTLS_CIPHER_PADDING_PKCS7` was added in
  c9f4040f7f3356293e90c58d11f6567def641e08 in `development-restricted`.
  In `development`, this section of the file has moved to
  `include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
  comment change in development. The comment change in `development` is not
  really relevant, so just take the line from `development-restricted`.
 2023-09-25 16:16:26 +02:00
Minos Galanakis
c91d847e0d ChangeLog: Adjusted the updated_windows_apis log 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis
7afebccf69 ChangeLog.d: Added mininum required Windows version. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis
e960365957 ChangeLog.d: Reworded updated_windows_apis.txt. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis
8792717309 Changelog: Removed entry from root file 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Dave Rodgman
76059e5ef8
Merge pull request #1078 from daverodgman/padding-ct-changelog 
Padding ct changelog
 2023-09-25 14:02:42 +01:00
Manuel Pégourié-Gonnard
1f61b7b8ea Document driver-only hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:46 +02:00
Gilles Peskine
18e1d11cfe
Merge pull request #1049 from waleed-elmelegy-arm/Switch-pkparse-to-mbedtls_pkcs5_pbe2_ext 
Switch pkparse to use new pkcs5/12 pbe functions
 2023-09-22 18:06:50 +02:00
Dave Rodgman
d162c662b0 Update changelog text 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 16:33:12 +01:00
Gilles Peskine
193f94276e
Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer 
Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher
 2023-09-22 11:43:03 +02:00
Waleed Elmelegy
38202a2b18 Improve pkparse test dependencies and changelog 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-21 15:21:10 +01:00
Dave Rodgman
c3cb97896b Changelog for padding CT fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 10:26:52 +01:00
Gilles Peskine
efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Waleed Elmelegy
8d83b05ee0 Add changelog entry for switching pkparse to new pbe functions 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Gilles Peskine
452beb9076
Merge pull request #8203 from gilles-peskine-arm/p256-m-production 
Declare p256-m as ready for production
 2023-09-20 09:36:05 +00:00
Gilles Peskine
faf0b8604a mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher 
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-18 19:07:50 +02:00
Waleed Elmelegy
6d2c5d5f5c Adjust cipher tests to new requirement of specifying padding mode 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-18 17:41:25 +01:00
Gilles Peskine
8a7fb2d799
Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun 
Add new pkcs12 pbe2 ext fun
 2023-09-15 18:43:03 +02:00
mcagriaksoy
7f84471a60 Adding changelog for log level message fix 
Signed-off-by: mcagriaksoy <mcagriaksoy@yandex.com>
 2023-09-14 22:43:08 +02:00
Waleed Elmelegy
50888643f4 Reduce line size in new pkcs function changelog 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-14 18:27:17 +01:00
Gilles Peskine
528ec901ab Add a changelog entry for p256-m 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-13 15:41:23 +02:00
Waleed Elmelegy
0684965f5a Modify changelog entry to add pkcs12 pbe functions 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-13 13:35:16 +01:00
Gilles Peskine
3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 
Accept numericoid hexstring x509
 2023-09-13 08:54:33 +00:00
Waleed Elmelegy
2b143c67a4 Add changelog entry for checking set_padding() before cipher_finish() 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 16:20:35 +01:00
Dave Rodgman
1a1b03bfb4
Merge pull request #1024 from daverodgman/safer-ct-changelog 
Changelog for safer constant-time
 2023-09-12 10:59:14 +01:00
Dave Rodgman
7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309 
Fix module configuration options in mbedtls_config.h
 2023-09-11 15:08:56 +00:00
Dave Rodgman
26923c7e49 Add missing hyphen 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:45:34 +01:00
Dave Rodgman
241a80b717 Improve changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Dave Rodgman
3fc3ae708e wip 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Dave Rodgman
d441a14f38 Add reference to x86 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Dave Rodgman
cd1de6350e Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Gilles Peskine
d65ea42262 Fix some TLS 1.3 settings that were required in mbedtls_config.h 
Mbed TLS can be configured by writing a configuration file from scratch,
without copying mbedtls_config.h. As a consequence, all the macro
definitions in mbedtls_config.h must be optional. This was not the case for
some MBEDTLS_SSL_TLS1_3_xxx macros with numerical values related to session
tickets. Fix that.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-05 21:10:35 +02:00
Gilles Peskine
1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun 
Add new pkcs5 pbe2 ext fun
 2023-09-04 15:33:42 +02:00
Dave Rodgman
16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization 
Fix TLS pad buffer zeroization
 2023-09-01 23:35:23 +00:00
Tom Cosgrove
02ad791f29
Merge pull request #8116 from gilles-peskine-arm/config_psa-changelog-3.5 
Announce that #7420 is fixed
 2023-09-01 13:53:44 +00:00
Paul Elliott
83ae22dbbd Add Changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-09-01 14:29:04 +01:00
Paul Elliott
6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name 
Coverity fix: Set `type_id` in `x509_get_other_name()`
 2023-08-31 16:26:00 +00:00
Dave Rodgman
730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Waleed Elmelegy
4ac8619282 Improve mbedtls_pkcs5_pbes2_ext changelog description 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:56:15 +01:00
Gilles Peskine
2a296729d0
Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts 
Remove type qualifier in assignment casts
 2023-08-24 18:02:11 +00:00
Gilles Peskine
ef483255db Announce that #7420 is fixed 
This is part of a bigger issue https://github.com/Mbed-TLS/mbedtls/issues/7609
which is still pending since there are still configurations that are not
handled correctly. However https://github.com/Mbed-TLS/mbedtls/issues/7420
itself was fixed by https://github.com/Mbed-TLS/mbedtls/pull/7611.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-23 18:08:45 +02:00
Agathiyan Bragadeesh
7d20138385 Add Changelog entry for DN changes 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 15:46:29 +01:00
Agathiyan Bragadeesh
1515f351a1 Remove IAR warning fixes to 2.28 from changelog 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 15:24:38 +01:00
Agathiyan Bragadeesh
c5eb13d2a9 Reword IAR changelog for fixing compiler warnings 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 15:13:04 +01:00