yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
27529 commits 1 branch 0 tags 94 MiB
Commit graph

27529 commits

This branch
This branch
All branches
Author SHA1 Message Date
Valerio Setti
b0c618e147 analyze_outcomes: minor improvements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 14:19:49 +02:00
Valerio Setti
aaef0bc172 analyze_outcomes: improve logging system 
- the script now only terminates in case of hard faults
- each task is assigned a log
   - this log tracks messages, warning and errors
   - when task completes, errors and warnings are listed and
     messages are appended to the main log
- on exit the main log is printed and the proper return value
  is returned

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-12 09:16:40 +02:00
Valerio Setti
dfd7ca6344 analyze_outcomes: rename some variables for better readability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-09 16:53:02 +02:00
Dave Rodgman
866b3a1886
Merge pull request #8323 from tom-daubney-arm/fix_mbedtls_styling_docs 
Correct styling of Mbed TLS in documentation
 2023-10-06 19:10:10 +00:00
Dave Rodgman
4934ae7e25
Merge pull request #8319 from davidhorstmann-arm/fix-3rdparty-target-prefix 
Fix 3rdparty target names for custom config
 2023-10-06 18:07:50 +00:00
Thomas Daubney
540324cd21 Correct styling of Mbed TLS in documentation 
Several bits of documentation were incorrectly styling Mbed TLS
as MbedTLS.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-10-06 17:07:24 +01:00
Paul Elliott
3677352631
Merge pull request #8308 from valeriosetti/issue8052 
PKCS12: use one-shot API
 2023-10-06 15:39:31 +00:00
Dave Rodgman
8e00fe0cd8
Merge pull request #8309 from daverodgman/iar-warnings2 
Fix IAR warnings
 2023-10-06 13:24:12 +00:00
David Horstmann
3c33cb599a Fix 3rdparty target names for custom config 
Use the correct names qualified by MBEDTLS_TARGET_PREFIX.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-06 12:04:25 +01:00
Valerio Setti
49c835e5ec test_suite_pkcs12: fix typo in test case description 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-06 11:25:08 +02:00
Valerio Setti
f484884fba pkcs12: use mbedtls_cipher_crypt() instead of explicitly defining all steps 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-06 11:25:08 +02:00
Dave Rodgman
0d315378bf
Merge pull request #8289 from daverodgman/check-changelog-exts 
Check changelog extensions
 2023-10-05 17:23:10 +00:00
minosgalanakis
8d487ad730
Merge pull request #1103 from Mbed-TLS/mbedtls-3.5.0_mergeback 
Mbedtls 3.5.0 mergeback
 2023-10-05 17:33:21 +01:00
Dave Rodgman
2eab462a8c Fix IAR warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 13:30:37 +01:00
Minos Galanakis
4855fdf887 Revert "Auto-generated files for v3.5.0" 
This reverts commit 591416f32b.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-05 00:17:21 +01:00
Paul Elliott
644fd34657
Merge pull request #8284 from gilles-peskine-arm/cmake-fix-3rdparty-custom-config 
CMake: fix build with 3rdparty module enabled through a custom config
 2023-10-04 22:59:58 +00:00
minosgalanakis
1ec69067fa
Merge pull request #1090 from Mbed-TLS/mbedtls-3.5.0rc0-pr 
Mbedtls 3.5.0rc0 pr DO NOT MERGE
 2023-10-04 23:47:01 +01:00
Minos Galanakis
f7e81d97de Updated BRANCHES.MD 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-04 21:10:40 +01:00
Dave Rodgman
5d323bf0e3 Re-assemble changelog to add missing item, plus a couple of typo fixes. 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 18:46:47 +01:00
Minos Galanakis
e35e387ad7 Bump library so-crypto, so-x509, so-tls versions. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-04 16:17:46 +01:00
Minos Galanakis
8f4c19a680 Merge pull request #8273 from davidhorstmann-arm:target-prefix-3rdparty 
Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake
 2023-10-04 16:03:22 +01:00
Minos Galanakis
2546d7da5c Merge pull request #8284 from gilles-peskine-arm:cmake-fix-3rdparty-custom-config 
CMake: fix build with 3rdparty module enabled through a custom config
 2023-10-04 16:03:21 +01:00
Gilles Peskine
35b49c4d7d Ignore tests of built-in interfaces for driver-only testing parity 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-04 12:28:41 +02:00
Gilles Peskine
010f035cdf Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE 
Fix test cases that were merged concurrently to
db6b4db7a0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-04 12:27:14 +02:00
Minos Galanakis
591416f32b Auto-generated files for v3.5.0 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-04 00:55:02 +01:00
Minos Galanakis
974388f706 ChangeLog: Set release date 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:08:53 +01:00
Minos Galanakis
80a8156314 Prepare ChangeLog for 3.5.0 release 
```
./scripts/assemble_changelog.py
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:08:39 +01:00
Minos Galanakis
31ca313efa Bump version to 3.5.0 
```
./scripts/bump_version.sh --version 3.5.0
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:02:18 +01:00
Minos Galanakis
1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 21:57:51 +01:00
Dave Rodgman
3406564b01
Merge pull request #8291 from minosgalanakis/bugfix/updated_check_generated_files 2023-10-03 21:18:57 +01:00
Dave Rodgman
3fb93a8223
Merge pull request #8295 from minosgalanakis/changelog/renamed_psa_crypto_driver_wrappers 
Changelog: Added entry for psa_crypto_driver_wrappers rename
 2023-10-03 14:05:56 +01:00
Dave Rodgman
130938a804
Merge pull request #1088 from gilles-peskine-arm/tls13_read_public_xxdhe_share-overflow 
Fix buffer overflow in TLS 1.3 and USE_PSA_CRYPTO ClientHello ECDH/FFDH parsers
 2023-10-03 12:28:38 +01:00
Minos Galanakis
3974b17631 check-generated-files: Added psa_crypto_driver_wrappers_no_static.c file 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 11:47:03 +01:00
Minos Galanakis
76b709dd44 Changelog: Added entry for psa_crypto_driver_wrappers rename 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 11:14:41 +01:00
Dave Rodgman
61ea46d5d4 Merge remote-tracking branch 'origin/development' into check-changelog-exts 2023-10-03 09:32:13 +01:00
Dave Rodgman
ff3e9e1eb0
Merge pull request #8292 from minosgalanakis/bugfix/changelog_extensions 
ChangeLog: Added .txt extension to log entries.
 2023-10-03 09:29:39 +01:00
Gilles Peskine
3713bee34c Remove leftover local debug line 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 18:43:18 +02:00
Dave Rodgman
65d8ec1444 Move check into list_files_to_merge 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-02 17:19:51 +01:00
Minos Galanakis
08707ecbfe ChangeLog: Added .txt extension to log entries. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-02 16:55:00 +01:00
Dave Rodgman
3901e2ef92 Check for incorrect changelog extensions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-02 16:44:09 +01:00
Gilles Peskine
7910cdd47f Avoid compiler warning about size comparison 
GCC warns about comparing uint8_t to a size that may be >255.

Strangely, casting the uint8_t to a size_t in the comparison expression
doesn't avoid the warning. So change the type of the variable.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 16:11:05 +02:00
Gilles Peskine
530c423ad2 Improve some debug messages and error codes 
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.

On error paths, emit a level-1 debug message. Report the offending sizes.

Downgrade an informational message's level to 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:42:11 +02:00
Gilles Peskine
6dd5b9a60c In TLS 1.2, only servers are affected 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:38:51 +02:00
Gilles Peskine
b782415e1b Changelog entry for xxdh_psa_peerkey size validation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:08:37 +02:00
Gilles Peskine
c29df535ee Improve robustness of ECDH public key length validation 
In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to
validate what is written in handshake->xxdh_psa_peerkey. The previous code
was correct, but a little fragile to misconfiguration or maintenance.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:02:39 +02:00
Gilles Peskine
c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing 
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:02:33 +02:00
Gilles Peskine
12c5aaae57 Fix buffer overflow in TLS 1.3 ECDH public key parsing 
Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The
length of the public key in an ECDH- or FFDH-based key exchange was not
validated. This could result in an overflow of handshake->xxdh_psa_peerkey,
overwriting further data in the handshake structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:02:10 +02:00
David Horstmann
bf66b752b4 Add custom config logic to 3rdparty modules 
These do not link directly against Mbed TLS so need their own
propagation of the custom config values through CMake.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-02 11:07:35 +01:00
Dave Rodgman
0673ed2e93
Merge pull request #8278 from gilles-peskine-arm/7298-changelog 
Changelog entry for 7298
 2023-09-29 15:56:30 +00:00
Gilles Peskine
53307b794d CMake: fix build with 3rdparty module enabled through a custom config 
Fixes #8165

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-29 17:37:55 +02:00