Gilles Peskine
67a85d1d3b
Merge pull request #3492 from stevew817/rework/key_slot_contains_key_buffer
...
Rework PSA Crypto core to store keys in export representation
2020-08-05 21:16:11 +02:00
Steven Cooreman
3fa684ed91
Allow importing Montgomery public keys in PSA Crypto
...
PSA Crypto was checking the byte length of a to-be-imported public ECP key
against the expected length for Weierstrass keys, forgetting that
Curve25519/Curve448 exists.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-07-30 15:35:14 +02:00
Gilles Peskine
0478c2f77e
Add ChangeLog entry for single-curve build fixes
...
Fix #941 , #1412 , #1147 , #2017
Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>
2020-07-22 03:17:24 +02:00
Steven Cooreman
aec44e9fe8
Merge remote-tracking branch 'mbedtls/development' into montgomery-keys-clarification
2020-07-13 11:48:21 +02:00
Manuel Pégourié-Gonnard
d4d6ad0363
Merge pull request #3464 from CodeMonkeyLeet/csr_heap_alloc
...
Dynamically allocate requested CSR write buffer size
2020-07-10 10:57:22 +02:00
Simon Leet
40ca54a9ac
Revise comments for x509write_csr_der_internal
...
Address remaining PR comments for #2118
- Add ChangeLog.d/x509write_csr_heap_alloc.txt.
- Fix parameter alignment per Gille's recommendation.
- Update comments to more explicitly describe the manipulation of buf.
- Replace use of `MBEDTLS_MPI_MAX_SIZE` as `sig` buffer size for
call to `x509write_csr_der_internal()` with more intuitive
`MBEDTLS_PK_SIGNATURE_MAX_SIZE`.
- Update `mbedtls_x509write_csr_der()` to return
`MBEDTLS_ERR_X509_ALLOC_FAILED` on mbedtls_calloc error.
Signed-off-by: Simon Leet <simon.leet@microsoft.com>
2020-07-08 18:32:47 +00:00
Manuel Pégourié-Gonnard
3ee91f47f4
Merge pull request #3452 from okhowang/local-labels
...
Use local labels in padlock.c
2020-07-07 11:48:05 +02:00
Manuel Pégourié-Gonnard
fafe8553c6
Merge pull request #3392 from paul-elliott-arm/psa_ecc_dh_macros
...
PSA: update EC curve and DH group family macros
2020-07-07 09:20:44 +02:00
Steven Cooreman
bd3a6f4497
Rewrite changelog for #3425 as requested
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-07-06 10:52:38 +02:00
Steven Cooreman
e3fd39289e
Fix endianness and masking for Curve25519 keys handled by PSA
...
Changed PSA core (and PKWrite) from reaching into MPI to using the proper
ecp function to fetch a private key.
Added changelog.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-07-06 10:45:31 +02:00
okhowang(王沛文)
0c4bbda16a
Use local labels in padlock.c
...
Fixes #3451
Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-07-04 01:43:41 +08:00
okhowang(王沛文)
0cd8e0f6a7
Only pass -Wformat-signedness to versions of GCC that support it.
...
Fixes #3478
Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-07-03 16:51:14 +08:00
Manuel Pégourié-Gonnard
527b87890d
Merge pull request #3454 from gilles-peskine-arm/include-common-h-development
...
Include common.h from all library source files
2020-07-03 09:44:18 +02:00
Paul Elliott
06a28082af
Add Changelog entry for PSA DH/ECC Macros rename
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 17:00:06 +01:00
Gilles Peskine
280165c9b3
Library files aren't supposed to be executable
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 13:19:17 +02:00
Janos Follath
be9a5752c2
Merge tag 'mbedtls-2.23.0' into merge-2.23.0-release-to-development
...
Mbed TLS 2.23.0
2020-07-01 11:23:17 +01:00
Janos Follath
1959010c4b
Assemble changelog
...
Executed scripts/assemble_changelog.py and manually fixed style where it
diverged from the instructions in ChangeLog.d/00README.md.
Manually added ChangeLog.d/bugfix_PR3405 which didn't have the .txt
extension as prescribed in ChangeLog.d/00README.md and deleted it
afterwards.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:35:07 +01:00
Gilles Peskine
961914df12
Merge pull request #3382 from stevew817/feature/volatile-keys-in-SE
...
Support volatile keys in external SE
2020-06-26 20:27:11 +02:00
Janos Follath
a805c4d328
Add ChangeLog entry for #3319 : fix typo in test
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-25 13:29:46 +01:00
Janos Follath
0b849818d3
Add ChangeLog entry for #3311 : fix uninitialised variable
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-25 13:28:58 +01:00
Janos Follath
3ec2e4a464
Add ChangeLog entry for #3239 : win2k net support
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-25 13:28:51 +01:00
Janos Follath
8a43bd1d20
Add ChangeLog entry for #3217 : avoid re-assignment
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-25 13:27:54 +01:00
Janos Follath
f8f5026a3b
Add ChangeLog entry for #3147 : MSVC flags
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-25 13:27:06 +01:00
Janos Follath
4d1884916b
Merge branch 'development-restricted' into mbedtls-2.23.0r0
2020-06-25 09:17:25 +01:00
Manuel Pégourié-Gonnard
1cb2beb905
Merge pull request #3423 from niacat/sysctl-arnd
...
entropy: Add support for BSD sysctl(KERN_ARND)
2020-06-25 09:34:20 +02:00
Manuel Pégourié-Gonnard
1c7d54a209
Merge pull request #700 from mpg/l13-hw-starts-finish-restricted
...
Lucky 13: just use starts/finish around calls to process()
2020-06-23 10:43:13 +02:00
Gilles Peskine
dda104558b
Merge pull request #3419 from ndilieto/development
...
Pass "certificate policies" extension to callback
2020-06-23 09:35:45 +02:00
Gilles Peskine
e81dc00df4
Merge pull request #3422 from niacat/net-sockets-fixes
...
NetBSD 9.0 build fixes
2020-06-22 23:33:53 +02:00
Manuel Pégourié-Gonnard
d335f2b6cb
Merge pull request #3421 from niacat/posix_c_source
...
Define _POSIX_C_SOURCE to be 200112L, as a minimum for C99.
2020-06-18 13:01:38 +02:00
Nicola Di Lieto
c84b1e6aa0
Pass "certificate policies" extension to callback
...
Pass the "certificate policies" extension to the callback supplied to
mbedtls_x509_crt_parse_der_with_ext_cb() if it contains unsupported
policies. This allows the callback to fully replicate the behaviour
of the deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
configuration.
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
2020-06-17 17:55:29 +02:00
Steven Cooreman
14b8184db1
Added missing newline in changelog entry
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-06-17 13:54:18 +02:00
Steven Cooreman
de18338865
Add changelog entry for #3382
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-06-17 13:54:18 +02:00
danh-arm
c4b6656a91
Merge pull request #3405 from AndrzejKurek/variable-buffers-cid-serialization
...
Update iv and len context pointers manually when reallocating buffers
2020-06-17 12:26:24 +01:00
Andrzej Kurek
b657783269
Update iv and len context pointers manually when reallocating buffers
...
These fields might be shifted accordingly in `ssl_parse_record_header()`
when receiving a connection with CID, so they require a manual update
after calling the generic `mbedtls_ssl_reset_in_out_pointers()`.
This commit also adds a regression test which is run by all.sh.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-06-16 11:54:51 -04:00
Manuel Pégourié-Gonnard
f4e3fc9133
Use starts/finish around Lucky 13 dummy compressions
...
Fixes #3246
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-15 11:55:53 +02:00
Manuel Pégourié-Gonnard
b21b1f5e7c
Merge pull request #3387 from ronald-cron-arm/tests-common-code
...
Add support to build and link common code in tests
2020-06-15 11:33:19 +02:00
Manuel Pégourié-Gonnard
a92e3def48
Merge pull request #873 from hanno-arm/ssl_write_client_hello
...
Bounds checks in ssl_write_client_hello
2020-06-15 10:57:51 +02:00
Ronald Cron
ff1825ec19
Add changelog entry
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-12 14:48:47 +02:00
nia
ecef1ddd5b
Add ChangeLog.d entry for PR3421
...
Signed-off-by: nia <nia@netbsd.org>
2020-06-11 18:43:59 +01:00
nia
6777dcb16f
Add ChangeLog.d entry for kern.arandom support.
...
Signed-off-by: nia <nia@netbsd.org>
2020-06-11 14:08:07 +01:00
nia
508e21ccfd
Add ChangeLog.d entry for #3422
...
Signed-off-by: nia <nia@netbsd.org>
2020-06-11 14:05:41 +01:00
Manuel Pégourié-Gonnard
87a51aa08e
Merge pull request #3243 from ndilieto/development
...
New mbedtls_x509_crt_parse_der_with_ext_cb() routine
2020-06-10 12:59:58 +02:00
okhowang(王沛文)
3c1b090e58
Use FindPython3 when cmake version >= 3.15.0
...
Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-06-10 10:21:50 +08:00
danh-arm
5afc4c7124
Merge pull request #3333 from irwir/fix_vcxproj2
...
Fix minor issues in MSVC projects.
2020-06-09 15:43:49 +01:00
irwir
672257b7d9
Add changelog entry
...
Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-06-09 15:03:03 +03:00
Janos Follath
3c4a46c44a
Merge pull request #3398 from gilles-peskine-arm/montmul-cmp-branch-development
...
Remove a secret-dependent branch in Montgomery multiplication
2020-06-09 12:40:51 +01:00
Manuel Pégourié-Gonnard
c721178487
Add Security ChangeLog entry for lack of blinding
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-08 09:09:20 +02:00
Manuel Pégourié-Gonnard
1a3f9edc08
Add config.h option MBEDTLS_ECP_NO_INTERNAL_RNG
...
No effect so far, except on dependency checking, as the feature it's meant to
disable isn't implemented yet (so the descriptions in config.h and the
ChangeLog entry are anticipation for now).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-08 09:09:20 +02:00
Manuel Pégourié-Gonnard
e860fef438
Merge pull request #3318 from Jonas4420/development
...
Fix potential memory leak in EC multiplication
2020-06-05 11:43:52 +02:00
Gilles Peskine
d55bfe962a
Add changelog entry: fix #3394
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-04 21:55:23 +02:00