yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
28911 commits 1 branch 0 tags 94 MiB
Commit graph

1350 commits

Author SHA1 Message Date
Yanray Wang
aa01ee303a Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-10-16 17:38:32 +08:00
Gilles Peskine
28b56335bb
Merge pull request #7942 from tom-daubney-arm/psa_crypto_example_hash 
Add example program for PSA hash
 2023-10-13 15:22:58 +00:00
Bence Szépkúti
195411bb17
Merge pull request #8062 from yanrayw/save_stack_usage_pkwrite 
pkwrite: use heap to save stack usage for writing keys in PEM string
 2023-10-13 14:27:13 +00:00
Waleed Elmelegy
0badeb4560 Fix changelog code style issue 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:27:13 +01:00
Waleed Elmelegy
107c60c765 Fix changelog style issue 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:25:58 +01:00
Waleed Elmelegy
737cfe184b Add changelog entry for x509 cert_req null dereference fix 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 15:51:13 +01:00
Waleed Elmelegy
1444c0eb20 Add changelog entry for x509 cert_write null dereference fix 
Also fix a typo in cert_write.c

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 14:31:06 +01:00
Dave Rodgman
0d3fe733cc
Clarify changelog 
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 11:00:49 +01:00
Dave Rodgman
b0d9830373
Merge branch 'development' into sha-armce-thumb2 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-11 13:53:41 +01:00
Dave Rodgman
830dc3dc71 Improve Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-11 11:20:16 +01:00
Dave Rodgman
d680d4fbf9 SHA256 renaming - fix some missed things 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-11 11:05:22 +01:00
Dave Rodgman
f097bef6ea Refer to Armv8-A (not Armv8) in docs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 15:14:30 +01:00
Dave Rodgman
6ab314f71d More config option renaming 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 14:00:17 +01:00
Dave Rodgman
88d8062545 Fix excess newline 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 10:14:26 +01:00
Jan Bruckner
946720aac5 Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-10-09 16:53:41 +02:00
David Horstmann
3c33cb599a Fix 3rdparty target names for custom config 
Use the correct names qualified by MBEDTLS_TARGET_PREFIX.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-06 12:04:25 +01:00
minosgalanakis
8d487ad730
Merge pull request #1103 from Mbed-TLS/mbedtls-3.5.0_mergeback 
Mbedtls 3.5.0 mergeback
 2023-10-05 17:33:21 +01:00
Paul Elliott
644fd34657
Merge pull request #8284 from gilles-peskine-arm/cmake-fix-3rdparty-custom-config 
CMake: fix build with 3rdparty module enabled through a custom config
 2023-10-04 22:59:58 +00:00
Dave Rodgman
5d323bf0e3 Re-assemble changelog to add missing item, plus a couple of typo fixes. 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 18:46:47 +01:00
Dave Rodgman
d30728cf5e Add Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 18:04:39 +01:00
Minos Galanakis
2546d7da5c Merge pull request #8284 from gilles-peskine-arm:cmake-fix-3rdparty-custom-config 
CMake: fix build with 3rdparty module enabled through a custom config
 2023-10-04 16:03:21 +01:00
Minos Galanakis
80a8156314 Prepare ChangeLog for 3.5.0 release 
```
./scripts/assemble_changelog.py
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:08:39 +01:00
Minos Galanakis
1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 21:57:51 +01:00
Dave Rodgman
3fb93a8223
Merge pull request #8295 from minosgalanakis/changelog/renamed_psa_crypto_driver_wrappers 
Changelog: Added entry for psa_crypto_driver_wrappers rename
 2023-10-03 14:05:56 +01:00
Minos Galanakis
76b709dd44 Changelog: Added entry for psa_crypto_driver_wrappers rename 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 11:14:41 +01:00
Minos Galanakis
08707ecbfe ChangeLog: Added .txt extension to log entries. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-02 16:55:00 +01:00
Gilles Peskine
6dd5b9a60c In TLS 1.2, only servers are affected 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:38:51 +02:00
Gilles Peskine
b782415e1b Changelog entry for xxdh_psa_peerkey size validation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:08:37 +02:00
Dave Rodgman
0673ed2e93
Merge pull request #8278 from gilles-peskine-arm/7298-changelog 
Changelog entry for 7298
 2023-09-29 15:56:30 +00:00
Gilles Peskine
53307b794d CMake: fix build with 3rdparty module enabled through a custom config 
Fixes #8165

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-29 17:37:55 +02:00
Gilles Peskine
d39edead25 Changelog entry for #7298 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-29 13:07:01 +02:00
Manuel Pégourié-Gonnard
ef89fb80d7 Fix ChangeLog entry for FFDH in PSA 
It was jumping directly to "driver support" and omitting the first step
of "PSA support".

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-29 12:26:47 +02:00
Manuel Pégourié-Gonnard
c9d9b1fdb1 Update ChangeLog for ECC.BN EPIC 
Actually not much to change there, from a high level perspective things are
quite simple: you used to be able to disable ECP_C, now you can disable
BIGNUM_C too.

There will be more to update in driver-only-build.md which is the right
place for a more detailed explanation of the limitations.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:51:51 +02:00
Dave Rodgman
e614129895 Update padding const-time fix changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-27 16:27:50 +01:00
Dave Rodgman
0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016 
driver-only ECC: curve acceleration macros
 2023-09-27 14:39:02 +00:00
Manuel Pégourié-Gonnard
bdc678f910 Add ChangeLog entry for change in driver config API 
While this was arguably a bug as much as it is a change, I'm choosing
the "API changes" section in order to give this more visibility as it
seems likely to "break" (that is, compile in the built-implementation
when it isn't desired) the build of some people who were relying on the
old behaviour by not declaring which curves were accelerated (as most of
our tests did before this PR).

Said otherwise, as a user, I expect that most of the time "Bugfix" is
for things that were not working and are now working, but here
interested users are more likely to see it as "previously doing what I
want, but now no longer doing what I want unless I make changes to my
code". (Though of course there's no clear distinction, see xkcd 1172.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-27 10:53:44 +02:00
Dave Rodgman
6da7872aa2
Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925 
Merge development into development-restricted
 2023-09-25 18:16:01 +01:00
Gilles Peskine
ffe590d197
Merge pull request #1058 from waleed-elmelegy-arm/check-set_padding-is-called 
Check set_padding has been called in mbedtls_cipher_finish
 2023-09-25 17:12:36 +02:00
Gilles Peskine
ca1e605b9c Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925 
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
  `MBEDTLS_CIPHER_PADDING_PKCS7` was added in
  c9f4040f7f in `development-restricted`.
  In `development`, this section of the file has moved to
  `include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
  comment change in development. The comment change in `development` is not
  really relevant, so just take the line from `development-restricted`.
 2023-09-25 16:16:26 +02:00
Minos Galanakis
c91d847e0d ChangeLog: Adjusted the updated_windows_apis log 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis
7afebccf69 ChangeLog.d: Added mininum required Windows version. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis
e960365957 ChangeLog.d: Reworded updated_windows_apis.txt. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis
8792717309 Changelog: Removed entry from root file 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Dave Rodgman
76059e5ef8
Merge pull request #1078 from daverodgman/padding-ct-changelog 
Padding ct changelog
 2023-09-25 14:02:42 +01:00
Manuel Pégourié-Gonnard
1f61b7b8ea Document driver-only hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:46 +02:00
Gilles Peskine
18e1d11cfe
Merge pull request #1049 from waleed-elmelegy-arm/Switch-pkparse-to-mbedtls_pkcs5_pbe2_ext 
Switch pkparse to use new pkcs5/12 pbe functions
 2023-09-22 18:06:50 +02:00
Dave Rodgman
d162c662b0 Update changelog text 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 16:33:12 +01:00
Gilles Peskine
193f94276e
Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer 
Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher
 2023-09-22 11:43:03 +02:00
Waleed Elmelegy
38202a2b18 Improve pkparse test dependencies and changelog 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-21 15:21:10 +01:00
Dave Rodgman
c3cb97896b Changelog for padding CT fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 10:26:52 +01:00
Gilles Peskine
efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Waleed Elmelegy
8d83b05ee0 Add changelog entry for switching pkparse to new pbe functions 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Gilles Peskine
452beb9076
Merge pull request #8203 from gilles-peskine-arm/p256-m-production 
Declare p256-m as ready for production
 2023-09-20 09:36:05 +00:00
Gilles Peskine
faf0b8604a mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher 
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-18 19:07:50 +02:00
Waleed Elmelegy
6d2c5d5f5c Adjust cipher tests to new requirement of specifying padding mode 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-18 17:41:25 +01:00
Gilles Peskine
8a7fb2d799
Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun 
Add new pkcs12 pbe2 ext fun
 2023-09-15 18:43:03 +02:00
mcagriaksoy
7f84471a60 Adding changelog for log level message fix 
Signed-off-by: mcagriaksoy <mcagriaksoy@yandex.com>
 2023-09-14 22:43:08 +02:00
Waleed Elmelegy
50888643f4 Reduce line size in new pkcs function changelog 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-14 18:27:17 +01:00
Gilles Peskine
528ec901ab Add a changelog entry for p256-m 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-13 15:41:23 +02:00
Waleed Elmelegy
0684965f5a Modify changelog entry to add pkcs12 pbe functions 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-13 13:35:16 +01:00
Gilles Peskine
3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 
Accept numericoid hexstring x509
 2023-09-13 08:54:33 +00:00
Waleed Elmelegy
2b143c67a4 Add changelog entry for checking set_padding() before cipher_finish() 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 16:20:35 +01:00
Dave Rodgman
1a1b03bfb4
Merge pull request #1024 from daverodgman/safer-ct-changelog 
Changelog for safer constant-time
 2023-09-12 10:59:14 +01:00
Dave Rodgman
7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309 
Fix module configuration options in mbedtls_config.h
 2023-09-11 15:08:56 +00:00
Yanray Wang
3caaf0c61e Enable CIPHER_ENCRYPT_ONLY when DES is disabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-11 10:10:44 +08:00
Dave Rodgman
26923c7e49 Add missing hyphen 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:45:34 +01:00
Dave Rodgman
241a80b717 Improve changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Dave Rodgman
3fc3ae708e wip 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Dave Rodgman
d441a14f38 Add reference to x86 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Dave Rodgman
cd1de6350e Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 10:21:18 +01:00
Yanray Wang
9b811658a8 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-09-07 16:18:00 +08:00
Gilles Peskine
d65ea42262 Fix some TLS 1.3 settings that were required in mbedtls_config.h 
Mbed TLS can be configured by writing a configuration file from scratch,
without copying mbedtls_config.h. As a consequence, all the macro
definitions in mbedtls_config.h must be optional. This was not the case for
some MBEDTLS_SSL_TLS1_3_xxx macros with numerical values related to session
tickets. Fix that.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-05 21:10:35 +02:00
Gilles Peskine
1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun 
Add new pkcs5 pbe2 ext fun
 2023-09-04 15:33:42 +02:00
Dave Rodgman
16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization 
Fix TLS pad buffer zeroization
 2023-09-01 23:35:23 +00:00
Tom Cosgrove
02ad791f29
Merge pull request #8116 from gilles-peskine-arm/config_psa-changelog-3.5 
Announce that #7420 is fixed
 2023-09-01 13:53:44 +00:00
Paul Elliott
83ae22dbbd Add Changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-09-01 14:29:04 +01:00
Yanray Wang
a6757765c0 Add ChangeLog entry for MBEDTLS_CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 18:37:38 +08:00
Paul Elliott
6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name 
Coverity fix: Set `type_id` in `x509_get_other_name()`
 2023-08-31 16:26:00 +00:00
Dave Rodgman
730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Waleed Elmelegy
4ac8619282 Improve mbedtls_pkcs5_pbes2_ext changelog description 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:56:15 +01:00
Gilles Peskine
2a296729d0
Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts 
Remove type qualifier in assignment casts
 2023-08-24 18:02:11 +00:00
Gilles Peskine
ef483255db Announce that #7420 is fixed 
This is part of a bigger issue https://github.com/Mbed-TLS/mbedtls/issues/7609
which is still pending since there are still configurations that are not
handled correctly. However https://github.com/Mbed-TLS/mbedtls/issues/7420
itself was fixed by https://github.com/Mbed-TLS/mbedtls/pull/7611.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-23 18:08:45 +02:00
Agathiyan Bragadeesh
7d20138385 Add Changelog entry for DN changes 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 15:46:29 +01:00
Agathiyan Bragadeesh
1515f351a1 Remove IAR warning fixes to 2.28 from changelog 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 15:24:38 +01:00
Agathiyan Bragadeesh
c5eb13d2a9 Reword IAR changelog for fixing compiler warnings 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 15:13:04 +01:00
Tom Cosgrove
17d5081ffb
Merge pull request #8099 from gilles-peskine-arm/split-config_psa-prepare 
Prepare to split config_psa.h
 2023-08-22 07:30:46 +00:00
David Horstmann
43f7602fcc Fixup incorrectly-formatted ChangeLog entry 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-21 17:34:45 +01:00
Gilles Peskine
7b7ecf5e0d Fix condition to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 
Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when
MBEDTLS_PSA_CRYPTO_CONFIG is disabled. This didn't make sense and was an
editorial mistake when adding it: it's meant as an addition to
MBEDTLS_PSA_CRYPTO_CONFIG_FILE, so it should be included under the same
conditions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-21 16:09:14 +02:00
Tom Cosgrove
d29648026b
Merge pull request #8017 from ivq/unchecked_return 
Fix a few unchecked return values
 2023-08-21 13:02:53 +00:00
Yanray Wang
edbab91bf8 pkwrite.c: write ChangeLog accurately 
The heap memory is used for both RSA and EC keys. So removing `RSA`
in the ChangeLog.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-21 15:17:46 +08:00
Dave Rodgman
1fdc884ed8
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode 
AES: Add accelerator only mode
 2023-08-18 20:55:44 +00:00
David Horstmann
1923c91e15 Add ChangeLog entry for otherName SAN fixes 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 19:36:42 +01:00
Waleed Elmelegy
1a89170f8d Add changelog entry for new mbedtls_pkcs5_pbe2_ext function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-17 16:00:58 +01:00
Agathiyan Bragadeesh
48eae138a5 Fix formatting in changelog 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-17 14:08:47 +01:00
Agathiyan Bragadeesh
2c018744e5 Add newline at end of changelog 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-17 14:00:10 +01:00
Gilles Peskine
294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation 
PBKDF2 CMAC implementation
 2023-08-17 11:15:16 +00:00
Agathiyan Bragadeesh
da8c587531 Add ChangeLog entry 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-17 09:37:46 +01:00
Yanray Wang
0882828b51 pkwrite: add Changelog entry 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-17 15:05:26 +08:00
Gilles Peskine
a4c01dd6e9
Merge pull request #7991 from sarveshb14/fix/psa_rsa_signature_using_large_stack 
rsa_signature: Use heap memory to allocate DER encoded RSA private key
 2023-08-16 09:23:29 +00:00
Gilles Peskine
d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn 
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
 2023-08-16 09:19:46 +00:00