yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
18330 commits 1 branch 0 tags 94 MiB
Commit graph

661 commits

Author SHA1 Message Date
Ronald Cron
831cf48abf Assemble change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 09:02:38 +01:00
Ronald Cron
acf0df81f2 Add change log for #4842 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 09:02:02 +01:00
Ronald Cron
be252a0da9 Add change log for #4859 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 08:43:53 +01:00
Ronald Cron
7e1cb129e8 Add change log for #4514 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 08:41:32 +01:00
Ronald Cron
2a4344d1fa Add change log for #4883 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-14 18:11:45 +01:00
Dave Rodgman
a53779dba4 Add missing changelog for ARIA (#4959) 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-12-14 18:11:45 +01:00
Manuel Pégourié-Gonnard
28e3bcf6e1 Fix misleading ChangeLog entry formatting. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-12-14 18:11:45 +01:00
Manuel Pégourié-Gonnard
4e511ede90 Double-free goes under security, not bugfix. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-12-14 18:11:45 +01:00
Ronald Cron
8188d19b0e Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr 2021-12-14 10:58:18 +01:00
Gilles Peskine
32d2a58cc2
Merge pull request #5325 from gilles-peskine-arm/zeroize-tag-3.1 
Zeroize expected MAC/tag intermediate variables
 2021-12-13 19:09:30 +01:00
Gilles Peskine
a5c18512b9
Merge pull request #5155 from paul-elliott-arm/pcks12_fix 
Fixes for pkcs12 with NULL and/or zero length password
 2021-12-13 14:52:36 +01:00
Gilles Peskine
36d33f37b6 Generalize MAC zeroization changelog entry 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:43:11 +01:00
Dave Rodgman
050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac 
Check HMAC return values
 2021-12-13 10:51:27 +00:00
Gilles Peskine
ecf6bebb9c Catch failures of md_hmac operations 
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.

Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-11 15:00:57 +01:00
Gilles Peskine
d5ba50e239 Zeroize local MAC variables 
Zeroize local MAC variables used for CBC+HMAC cipher suites. In encryption,
this is just good hygiene but probably not needed for security since the
data protected by the MAC that could leak is about to be transmitted anyway.
In DTLS decryption, this could be a security issue since an adversary could
learn the MAC of data that they were trying to inject. At least with
encrypt-then-MAC, the adversary could then easily inject a datagram with
a corrected packet. TLS would still be safe since the receiver would close
the connection after the bad MAC.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-11 14:59:45 +01:00
Gilles Peskine
c11192fcb2
Merge pull request #5290 from minosgalanakis/development 
Document platform architecture portability constraints
 2021-12-10 21:13:11 +01:00
Minos Galanakis
c10086e33e changelog: Addressed review comments #6 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2021-12-10 15:52:54 +00:00
Ronald Cron
6aeda5305c Add change log for TLS 1.3 MVP 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-10 13:48:12 +01:00
Gilles Peskine
d5b2a59826
Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm 
PSA Multipart AEAD CCM Internal implementation and tests.
 2021-12-09 14:49:42 +01:00
Manuel Pégourié-Gonnard
49c20954e4
Merge pull request #865 from davidhorstmann-arm/3.0-fix-session-copy-bug-chglog 
Add changelog entry for session copy bugfix
 2021-12-09 09:21:28 +01:00
David Horstmann
e217edf49c Add changelog entry for session copy bugfix 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2021-12-08 13:32:59 +00:00
Manuel Pégourié-Gonnard
5d9f42200f
Merge pull request #861 from ronald-cron-arm/fix-aead-nonce 
psa: aead: Fix invalid output buffer usage in generate_nonce()
 2021-12-08 13:30:21 +01:00
Manuel Pégourié-Gonnard
39c2aba920
Merge pull request #849 from ronald-cron-arm/fix-cipher-iv 
Avoid using encryption output buffer to pass generated IV to PSA driver
 2021-12-08 13:30:06 +01:00
Ronald Cron
0118627013 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-07 09:28:36 +01:00
Ronald Cron
6fd156aa6b Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-07 09:21:38 +01:00
Gilles Peskine
aa1e9857a5 Add changelog entry for build error fixes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-06 20:58:47 +01:00
Gilles Peskine
1bbf6d645b
Merge pull request #5149 from mfil/feature/additional_cipher_info_getters 
Additional cipher_info getters
 2021-12-03 17:21:51 +01:00
Paul Elliott
117282f25e Delete unneccesary changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-12-01 17:18:12 +00:00
Gilles Peskine
161d661d90
Merge pull request #5222 from paul-elliott-arm/fix_test_suite_ssl 
Fix test_suite_ssl compilation errors with GCC11
 2021-11-25 22:02:43 +01:00
Paul Elliott
62dc392ef8 Stop CMake out of source tests running on 16.04 
Running the out of source CMake test on Ubuntu 16.04 using more than one
processor (as the CI does) can create a race condition whereby the build
fails to see a generated file, despite that file actually having been
generated. This problem appears to go away with 18.04 or newer, so make
the out of source tests not supported on Ubuntu 16.04

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-25 18:03:50 +00:00
Paul Elliott
472fd176a6 Fix Changelog 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-24 17:45:43 +00:00
Paul Elliott
21c8fe5c6e Fix compilation errors. 
Under gcc11(+) both message and received would cause errors for
potentially being used uninitialised. We fixed many of these issues in
another PR, but this one is only seen under certain configs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-24 17:19:51 +00:00
Gabor Mezei
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00
Gilles Peskine
0c9f058504
Merge pull request #5213 from tom-cosgrove-arm/pr_4950 
Fix GCM calculation with very long IV
 2021-11-22 22:22:37 +01:00
Paul Elliott
0b7d5a88d9 Make changelog more specific 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-18 22:39:16 +00:00
Bence Szépkúti
6d48e20d4b Indicate nonce sizes invalid for ChaCha20-Poly1305 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-11-17 18:06:11 +01:00
Paul Elliott
853c0da8de Fix for pkcs12 with NULL or zero length password 
Previously passing a NULL or zero length password into either
mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate
loop, and it was also possible to pass a NULL password, with a non-zero
length, which would cause memory corruption.
I have fixed these errors, and improved the documentation to reflect the
changes and further explain what is expected of the inputs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-11-11 19:26:37 +00:00
Max Fillinger
7568d1a238 Add Changelog entry for additional getters 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2021-11-10 15:12:04 +01:00
Manuel Pégourié-Gonnard
087f04783d
Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag 
PSA CCM*-no-tag
 2021-11-10 10:18:55 +01:00
Gilles Peskine
c756b5f9fa
Merge pull request #5126 from haampie/fix/DT_NEEDED_for_shared_libraries 
DT_NEEDED for shared builds in makefile
 2021-11-05 12:04:29 +01:00
Harmen Stoppels
3e636161ec Add changelog 
Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>
 2021-11-05 09:32:05 +01:00
Gabor Mezei
77390dc8ec
Update changelog with the new public API 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-03 17:12:56 +01:00
Gilles Peskine
c323d4585f Note the change to PSA_ALG_IS_HASH_AND_SIGN in the changelog 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-11-03 15:51:20 +01:00
Mateusz Starzyk
5bc9bf7584 Add changelog entry for new PSA Crypto API macros. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-11-03 15:47:03 +01:00
Manuel Pégourié-Gonnard
4313d3ac87
Merge pull request #5010 from gilles-peskine-arm/psa-rsa-pss_any_salt 
PSA: fix salt length for PSS verification
 2021-10-29 16:36:36 +02:00
Manuel Pégourié-Gonnard
774b4422e2
Merge pull request #5116 from gilles-peskine-arm/remove-greentea-3.0 
Remove on-target testing
 2021-10-29 09:33:34 +02:00
Gilles Peskine
d025422c28 Remove on-target testing 
It was unmaintained and untested, and the fear of breaking it was holding us
back. Resolves #4934.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-27 11:45:57 +02:00
Mateusz Starzyk
812ef6b379 Fix ccm*-no-tag changelog entry 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-27 11:26:47 +02:00
Gilles Peskine
66c9b84f93 Fix typo in documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-25 22:15:20 +02:00
Gilles Peskine
680747b868 Fix the build of sample programs without mbedtls_strerror 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-10-25 22:09:12 +02:00