When building as a submodule of a parent project, like Mbed TLS, use the
parent projects generated source files (error.c, version.c,
version_features.c)
Don't depend on the C compiler's default output file name and path. Make
knows what it wants to build and where it should go, and this may not
always align with the C compiler default, so tell the C compilter to
output to the Make target explicitly.
Since the ITS API has stabilized and we don't plan to make use of more
than ITS, we don't need an abstraction layer between key storage and
key storage over ITS. Merge the ITS code into the generic storage
module.
Now that we have ITS over files, we no longer need a direct backend
for key storage over files. Remove psa_crypto_storage_file and its
tests.
Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on
by default. This preserves functionality and test coverage in the
default configuration, but forgets any key previously stored using the
file backend.
Resolve conflicts by performing the following.
- Take the upstream Mbed TLS ChangeLog verbatim.
- Reject changes to Makefiles and CMake that are related to using Mbed
Crypto as a submodule. It doesn't make sense to use Mbed Crypto as a
submodule of itself.
- Reject README changes, as Mbed Crypto has its own, different README.
- Reject PSA-related changes to config.h. We don't want to disable the
availability of the PSA Crypto API by default in the Mbed Crypto
config.h.
- Don't inadvertently revert dead code removal in
mbedtls_cipher_write_tag() which was added in f2a7529403 ("Fix
double return statement in cipher.c")
- Where Mbed Crypto already had some MBEDTLS_USE_PSA_CRYPTO code (from
past companion PRs) take the latest version from Mbed TLS which
includes integration with MBEDTLS_CHECK_PARAMS.
- Update the version of the shared library files to match what's
currently present in Mbed TLS.
- Reject removal of testing with PSA from config full tests.
- Resolve conflicts in test tests/suites/helpers.function, where both
Mbed Crypto and Mbed TLS both added documentation for TEST_ASSERT.
Combine text from both documentation efforts.
- Reject adding a submodule of ourselves.
- Reject addition of submodule tests in all.sh.
- Reject addition of submodule to library path in
tests/scripts/run-test-suites.pl.
- Avoid using USE_CRYPTO_SUBMODULE=1 in
component_test_use_psa_crypto_full_cmake_asan() in all.sh.
Implement psa_allocate_key, psa_open_key, psa_create_key,
psa_close_key.
Add support for keys designated to handles to psa_get_key_slot, and
thereby to the whole API.
Allocated and non-allocated keys can coexist. This is a temporary
stage in order to transition from the use of direct slot numbers to
allocated handles only. Once all the tests and sample programs have
been migrated to use handles, the implementation will be simplified
and made more robust with support for handles only.
For Makefiles, enable overriding where includes can come from in order to
enable the parent module to set the include path. This allows the parent
module to specify that its config.h should be used, even when the submodule
when built standalone would use a different config.h.
For CMake, always look in the parent's include folder and our own. List the
parent's include folder first, so that preference is given to parent
include files.
The new file is conditionally compiled with the new mbedtls
configuration option that Mbed OS would set by default -
`MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C`.
-
Add new functions, psa_load_persistent_key(),
psa_free_persistent_key_data(), and psa_save_persistent_key(), for
managing persistent keys. These functions load to or save from our
internal representation of key slots. Serialization is a concern of the
storage backend implementation and doesn't abstraction-leak into the
lifetime management code.
An initial implementation for files is provided. Additional storage
backends can implement this interface for other storage types.
New module psa_crypto.c (MBEDTLS_PSA_CRYPTO_C):
Platform Security Architecture compatibility layer on top of
libmedcrypto.
Implement psa_crypto_init function which sets up a RNG.
Add a mbedtls_psa_crypto_free function which deinitializes the
library.
Define a first batch of error codes.
* development: (182 commits)
Change the library version to 2.11.0
Fix version in ChangeLog for fix for #552
Add ChangeLog entry for clang version fix. Issue #1072
Compilation warning fixes on 32b platfrom with IAR
Revert "Turn on MBEDTLS_SSL_ASYNC_PRIVATE by default"
Fix for missing len var when XTS config'd and CTR not
ssl_server2: handle mbedtls_x509_dn_gets failure
Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms
SSL async tests: add a few test cases for error in decrypt
Fix memory leak in ssl_server2 with SNI + async callback
SNI + SSL async callback: make all keys async
ssl_async_resume: free the operation context on error
ssl_server2: get op_name from context in ssl_async_resume as well
Clarify "as directed here" in SSL async callback documentation
SSL async callbacks documentation: clarify resource cleanup
Async callback: use mbedtls_pk_check_pair to compare keys
Rename mbedtls_ssl_async_{get,set}_data for clarity
Fix copypasta in the async callback documentation
SSL async callback: cert is not always from mbedtls_ssl_conf_own_cert
ssl_async_set_key: detect if ctx->slots overflows
...
* development: (97 commits)
Updated version number to 2.10.0 for release
Add a disabled CMAC define in the no-entropy configuration
Adapt the ARIA test cases for new ECB function
Fix file permissions for ssl.h
Add ChangeLog entry for PR#1651
Fix MicroBlaze register typo.
Fix typo in doc and copy missing warning
Fix edit mistake in cipher_wrap.c
Update CTR doc for the 64-bit block cipher
Update CTR doc for other 128-bit block ciphers
Slightly tune ARIA CTR documentation
Remove double declaration of mbedtls_ssl_list_ciphersuites
Update CTR documentation
Use zeroize function from new platform_util
Move to new header style for ALT implementations
Add ifdef for selftest in header file
Fix typo in comments
Use more appropriate type for local variable
Remove useless parameter from function
Wipe sensitive info from the stack
...
While the old name is explicit and aligned with the RFC, it's also very long,
so with the mbedtls_ prefix prepended we get a 31-char prefix to each
identifier, which quickly conflicts with our 80-column policy.
The new name is shorter, it's what a lot of people use when speaking about
that construction anyway, and hopefully should not introduce confusion at
it seems unlikely that variants other than 20/1305 be standardised in the
foreseeable future.
This implementation is based off the description in RFC 7539.
The ChaCha20 code is also updated to provide a means of generating
keystream blocks with arbitrary counter values. This is used to
generated the one-time Poly1305 key in the AEAD construction.
* development: (504 commits)
Fix minor code style issues
Add the uodate to the soversion to the ChangeLog
Fix the ChangeLog for clarity, english and credit
Update version to 2.9.0
ecp: Fix binary compatibility with group ID
Changelog entry
Change accepted ciphersuite versions when parsing server hello
Remove preprocessor directives around platform_util.h include
Fix style for mbedtls_mpi_zeroize()
Improve mbedtls_platform_zeroize() docs
mbedtls_zeroize -> mbedtls_platform_zeroize in docs
Reword config.h docs for MBEDTLS_PLATFORM_ZEROIZE_ALT
Organize CMakeLists targets in alphabetical order
Organize output objs in alfabetical order in Makefile
Regenerate errors after ecp.h updates
Update ecp.h
Change variable bytes_written to header_bytes in record decompression
Update ecp.h
Update ecp.h
Update ecp.h
...
The new header contains common information across various mbed TLS
modules and avoids code duplication. To start, utils.h currently only
contains the mbedtls_zeroize() function.
This commit splits off the RSA helper functions into separate headers and
compilation units to have a clearer separation of the public RSA interface,
intended to be used by end-users, and the helper functions which are publicly
provided only for the benefit of designers of alternative RSA implementations.
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
armar doesn't understand the syntax without dash. OTOH, the syntax with dash
is the only one specified by POSIX, and it's accepted by GNU ar, BSD ar (as
bundled with OS X) and armar, so it looks like the most portable syntax.
fixes#386
CFLAGS are reserved for external interaction via make variable, the
following should work:
$ make CFLAGS="-O3"
$ CFLAGS="-O3" make
1. Move internal flags to LOCAL_CFLAGS
2. Respect external CFLAGS
3. CFLAGS should be last compiler flags.
4. Default CFLAGS is -O optimization, remove OFLAGS.
5. Add WARNING_CFLAGS to control warning setting and enable to remove
if compiler does not support flags.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
LDFLAGS are reserved for external interaction via make variable, the
following should work:
$ make LDFLAGS="-L/xxx"
$ LDFLAGS="-L/xxx" make
1. Move internal flags to LOCAL_LDFLAGS
2. Respect external LDFLAGS
3. LDFLAGS should be last linkage flags.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* development: (100 commits)
Update Changelog for the mem-measure branch
Fix issues introduced when rebasing
Fix compile error in memory_buffer_alloc_selftest
Code cosmetics
Add curve25519 to ecc-heap.sh
Add curve25519 to the benchmark program
Fix compile issue when buffer_alloc not available
New script ecc-heap.sh
Fix unused variable issue in some configs
Rm usunused member in private struct
Add heap usage for PK in benchmark
Use memory_buffer_alloc() in benchmark if available
Only define mode_func if mode is enabled (CBC etc)
PKCS8 encrypted key depend on PKCS5 or PKCS12
Disable SRV_C for client measurement
Output stack+heap usage with massif
Enable NIST_OPTIM by default for config-suite-b
Refactor memory.sh
Adapt memory.sh to config-suite-b
Adapt mini-client for config-suite-b.h
...
Conflicts:
ChangeLog
include/polarssl/net.h
library/Makefile
library/error.c
library/ssl_tls.c
programs/Makefile
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
tests/Makefile
* development: (46 commits)
Fix url again
Fix small bug in base64_encode()
Fix depend that was checked but not documented
Fix dependency that was not checked
Minor gitginore fixes
Move some ignore patterns to subdirectories
Ignore CMake/MSVC-related build files.
Re-categorize changelog entry
Fix misattribution
Minor nits with stdout/stderr.
Add cmake compatibility targets
Add script for polarssl symlink creation
Fix more stdio inclusion issues
Add debug info for cert/suite selection
Fix possible portability issue
Fix bug in ssl_get_verify_result()
aescrypt2.c local char array not initial
Update Changelog
Fix mips64 bignum implementation
Fix usage string of ssl_client2
...
Conflicts:
include/polarssl/ssl.h
library/CMakeLists.txt
library/Makefile
programs/Makefile
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
visualc/VS2010/PolarSSL.sln
visualc/VS2010/mbedTLS.vcxproj
visualc/VS6/mbedtls.dsp
visualc/VS6/mbedtls.dsw
PKCS#8 encrypted key file support has been added to x509parse_key() with
support for some PCKS#12 PBE functions (pbeWithSHAAnd128BitRC4,
pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd2-KeyTripleDES-CBC)
(cherry picked from commit cf6e95d9a81c7b22271beb58a09b5c756148e62a)
Conflicts:
scripts/generate_errors.pl
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).
As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.
All OID definitions have been moved to oid.h
All OID matching code is in the OID module.
The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.
The SSL layer cleanup up as a result and adapted to use the MD layer.
The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.
The X509 writer cleaned up and adapted to use the MD layer.
Apps and tests modified accordingly
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
- Descriptions to all error codes have been added.
- Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.