Commit graph

1948 commits

Author SHA1 Message Date
Dave Rodgman
83f6a3b02c Remove not-required Changelog entries
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 17:28:56 +01:00
Dave Rodgman
a84a8eb545 Update changelog to cover #4197
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 17:01:04 +01:00
Dave Rodgman
0eb215f4a4 Update changelog to cover #4246 and #4158
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 17:00:38 +01:00
Dave Rodgman
aa6a9b1725 Update changelog to cover #4488
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 17:00:06 +01:00
Dave Rodgman
9bd038907b Update changelog to cover #4517
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 16:59:49 +01:00
Dave Rodgman
eaef0b78db Update changelog to cover #4720
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 16:59:13 +01:00
Dave Rodgman
bb2eece7cf Create aggregated ChangeLog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-30 23:09:51 +01:00
Gilles Peskine
f4998b0a20 Fix multiplication producing a negative zero
Fix mbedtls_mpi_mul_mpi() when one of the operands is zero and the
other is negative. The sign of the result must be 1, since some
library functions do not treat {-1, 0, NULL} or {-1, n, {0}} as
representing the value 0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-22 12:47:21 +02:00
Thomas Daubney
d596e99d61 Modifies ChangeLog
Corrects erroneous removal from ChangeLog.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-06-18 11:50:56 +01:00
Thomas Daubney
379227cc59 Modifies ChangeLog and Migration Guide
Entries in ChangeLog and Migration guide files
have been merged to cover both the removal of
MBEDTLS_SSL_TRUNCATED_HMAC and
MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-06-18 10:46:12 +01:00
Gilles Peskine
6a2fb61896 Rename library/ecp_alt.h to ecp_internal_alt.h
library/ecp_alt.h (declaring individual functions of the ECP module that can
be substituted, included when building the library with
MBEDTLS_ECP_INTERNAL_ALT enabled) clashes with ecp_alt.h (not provided,
declaring types of the ECP module when the whole implementation is
substituted, included when building the library with MBEDTLS_ECP_ALT enabled).
Depending on the search path during build, this can make MBEDTLS_ECP_ALT
unusable.

Rename library/ecp_alt.h to follow the naming convention of other alt headers:
MBEDTLS_XXX_ALT corresponds to xxx_alt.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-15 00:10:37 +02:00
Manuel Pégourié-Gonnard
143b1e387b Fix a number of typos
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Co-authored-by: Ronald Cron <ronald.cron@arm.com>
2021-05-05 09:47:47 +02:00
Manuel Pégourié-Gonnard
e756306dd6 Move some details from ChangeLog to migration guide
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:36:33 +02:00
Dave Rodgman
dca8509bb6 Update future Mbed TLS version in Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:22 +01:00
Dave Rodgman
10ba553c2e Update Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:22 +01:00
Dave Rodgman
74755e484c Update Changelog for 2.26.0
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:35:44 +00:00
Bence Szépkúti
fe9a425941 Fix mistake in 2.25.0 Changelog
The mistake was introduced in #3948.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-02-08 18:33:16 +01:00
Janos Follath
e921626dec Fix ChangeLog format
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-10 11:03:01 +00:00
Janos Follath
d6ce116090 Consolidate partial feature into single entry
These entries were for different aspects of a new, partially implemented
feature. Therefore we are consolidating them into a single entry for
clarity.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-10 10:59:15 +00:00
Janos Follath
76027f68cf Add missing Changelog entry
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 16:28:35 +00:00
Janos Follath
56b38c2bb0 Finalize ChangeLog
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 15:05:22 +00:00
Janos Follath
7ac5fd1861 Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 15:03:46 +00:00
Janos Follath
6012f0ee5b Finalize ChangeLog
Fix alignment where necessary and update ChangeLog header.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-08-26 16:23:19 +01:00
Janos Follath
c18a7b8466 Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-08-26 14:49:16 +01:00
Janos Follath
13cba685be Update ChangeLog header.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:48:24 +01:00
Janos Follath
1959010c4b Assemble changelog
Executed scripts/assemble_changelog.py and manually fixed style where it
diverged from the instructions in ChangeLog.d/00README.md.

Manually added ChangeLog.d/bugfix_PR3405 which didn't have the .txt
extension as prescribed in ChangeLog.d/00README.md and deleted it
afterwards.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:35:07 +01:00
Janos Follath
ac15f842a5 Merge remote-tracking branch 'restricted/pr/684' into mbedtls-2.22.0r0 2020-04-14 08:16:27 +01:00
Jaeden Amero
66e21efe47
Merge pull request #3163 from AndrzejKurek/variable-buffers-renegotiation
Variable buffers & renegotiation - fixes
2020-04-09 12:11:02 +01:00
Manuel Pégourié-Gonnard
28482397d3 Merge branch 'development-restricted' into prepare-rc-2.22.0-updated
* development-restricted:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 12:17:11 +02:00
Manuel Pégourié-Gonnard
215d2e14a3 Merge remote-tracking branch 'restricted/pr/662' into development-restricted
* restricted/pr/662:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 11:53:01 +02:00
Janos Follath
940bc0048c Add missing ChangeLog entry
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-09 09:34:47 +01:00
Andrzej Kurek
90c6e84a9c
Split the maximum fragment length into two - an input and output MFL
Since the server might want to have a different maximum fragment length
for the outgoing messages than the negotiated one - introduce a new way of
computing it. This commit also adds additional ssl-opt.sh tests ensuring
that the maximum fragment lengths are set as expected. 
mbedtls_ssl_get_max_frag_len() is now a deprecated function,
being an alias to mbedtls_ssl_get_output_max_frag_len(). The behaviour
of this function is the same as before.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:30:34 -04:00
Janos Follath
876e0259d5 Bump version to Mbed TLS 2.22.0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 17:15:18 +01:00
Janos Follath
ee85686339 Add missing ChangeLog entry
The MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH build option has been added since
the last release, but there was no entry for it in the ChangeLog.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 16:58:36 +01:00
Janos Follath
dca973bbeb Merge branch 'development-restricted' into mbedtls-2.22.0r0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 15:11:40 +01:00
Manuel Pégourié-Gonnard
15f30dc7e6 Merge remote-tracking branch 'public/pr/2856' into development
* public/pr/2856:
  Fix issue  #2718 (condition always false)
2020-04-06 10:15:49 +02:00
Manuel Pégourié-Gonnard
824655c837 Fix lack of cookie check on hard reconnect
Section 4.2.8 of RFC 6347 describes how to handle the case of a DTLS client
establishing a new connection using the same UDP quartet as an already active
connection, which we implement under the compile option
MBEDTLS_SSL_DLTS_CLIENT_PORT_REUSE. Relevant excerpts:

    [the server] MUST NOT destroy the existing
    association until the client has demonstrated reachability either by
    completing a cookie exchange or by completing a complete handshake
    including delivering a verifiable Finished message.
    [...]
    The reachability requirement prevents
    off-path/blind attackers from destroying associations merely by
    sending forged ClientHellos.

Our code chooses to use a cookie exchange for establishing reachability, but
unfortunately that check was effectively removed in a recent refactoring,
which changed what value ssl_handle_possible_reconnect() needs to return in
order for ssl_get_next_record() (introduced in that refactoring) to take the
proper action. Unfortunately, in addition to changing the value, the
refactoring also changed a return statement to an assignment to the ret
variable, causing the function to reach the code for a valid cookie, which
immediately destroys the existing association, effectively bypassing the
cookie verification.

This commit fixes that by immediately returning after sending a
HelloVerifyRequest when a ClientHello without a valid cookie is found. It also
updates the description of the function to reflect the new return value
convention (the refactoring updated the code but not the documentation).

The commit that changed the return value convention (and introduced the bug)
is 2fddd3765e, whose commit message explains the
change.

Note: this bug also indirectly caused the ssl-opt.sh test case "DTLS client
reconnect from same port: reconnect" to occasionally fail due to a race
condition between the reception of the ClientHello carrying a valid cookie and
the closure of the connection by the server after noticing the ClientHello
didn't carry a valid cookie after it incorrectly destroyed the previous
connection, that could cause that ClientHello to be invisible to the server
(if that message reaches the server just before it does `net_close()`). A
welcome side effect of this commit is to remove that race condition, as the
new connection will immediately start with a ClientHello carrying a valid
cookie in the SSL input buffer, so the server will not call `net_close()` and
not risk discarding a better ClientHello that arrived in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-27 10:50:05 +01:00
Manuel Pégourié-Gonnard
a4aa89b16e Fix leakage of projective coordinates in ECC
See the comments in the code for how an attack would go, and the ChangeLog
entry for an impact assessment. (For ECDSA, leaking a few bits of the scalar
over several signatures translates to full private key recovery using a
lattice attack.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-27 09:43:34 +01:00
Gilles Peskine
5e7d6fd240 Merge 'mbedtls/development' into merge-crypto-unremoved-20200304
Merge the latest state of the target branch (mbedtls/development) into the
pull request to merge mbed-crypto into mbedtls.

Conflicts:

* ChangeLog: add/add conflict. Resolve by using the usual section order.
2020-03-23 18:02:07 +01:00
Gilles Peskine
2f084fe02c Add changelog entries about the crypto submodule
Add a changelog entry for an already-released version to indicate when
the crypto submodule became mandatory.

Add a changelog entry for the removal of the crypto submodule.
2020-03-23 17:55:32 +01:00
Manuel Pégourié-Gonnard
830540b598 Add ChangeLog entry for SSL_HW_RECORD_ACCEL fix
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-26 10:49:26 +01:00
Andres Amaya Garcia
84b4e796a3 Deprecate MBEDTLS_SSL_HW_RECORD_ACCEL config
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-25 12:47:27 +01:00
Janos Follath
138c2eac55 Add release info to ChangeLog 2020-02-19 14:35:16 +00:00
Janos Follath
d1692ee07a Update ChangeLog for crypto changes from a591985c62
Add ChangeLog entries for changes brought by the submodule update in
the previous commit.
2020-02-19 14:30:44 +00:00
Gilles Peskine
25a5c09fbb Update ChangeLog for crypto changes from 799ae77f90
Add ChangeLog entries for changes brought by the submodule update in
the previous commit.
2020-02-17 11:49:33 +01:00
Gilles Peskine
f142d4ccab Update ChangeLog for crypto changes since Mbed Crypto 3.0.1
Add ChangeLog entries for changes brought by the submodule update in
81d3100250.
2020-02-17 11:46:12 +01:00
Gilles Peskine
393defe7ed Clarify two identical changelog entries
The contribution from #2663 was split in two: the crypto part was
mereged in 2.19.1 and the x509 part was merged after 2.20.0. Tweak the
wording of the changelog entries to specify which is which.
2020-02-11 15:31:18 +01:00
Gilles Peskine
3ca1bcc7e5 Add ChangeLog entry for #2663 2020-02-10 19:50:22 +01:00
Janos Follath
755548538e
Merge pull request #3033 from yanesca/revert_pr_3008
Revert "Merge pull request #3008 from jp-bennett/development"
2020-02-05 15:12:46 +00:00
Janos Follath
85de7a6018 Revert "Merge pull request #3008 from jp-bennett/development"
This reverts commit c0c92fea3d, reversing
changes made to bfc73bcfd2.

stat() will never return S_IFLNK as the file type, as stat() explicitly
follows symlinks.

Fixes #3005.
2020-02-04 14:12:03 +00:00