yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
16374 commits 1 branch 0 tags 94 MiB
Commit graph

16374 commits

This branch
This branch
All branches
Author SHA1 Message Date
Gilles Peskine
e9bc857327
Merge pull request #4552 from hanno-arm/mbedtls_3_0_key_export 
Implement modified key export API for Mbed TLS 3.0
 2021-06-22 18:52:37 +02:00
Dave Rodgman
5ec5003992 Document the return type change in the migration guide 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-22 13:49:09 +01:00
Gilles Peskine
36ff66c4b4
Merge pull request #4316 from gabor-mezei-arm/3258_implement_one-shot_MAC 
Implement one-shot MAC
 2021-06-22 12:18:25 +02:00
Manuel Pégourié-Gonnard
3e7ddb2bb6
Merge pull request #4604 from gilles-peskine-arm/default-hashes-curves-3.0 
Update the default hash and curve selection for X.509 and TLS
 2021-06-22 12:08:37 +02:00
Manuel Pégourié-Gonnard
508d3a5824
Merge pull request #4664 from tom-daubney-arm/rm_truncated_HMAC_ext 
Remove truncated HMAC extension
 2021-06-22 11:53:10 +02:00
Manuel Pégourié-Gonnard
32750ef5c2
Merge pull request #4685 from mpg/improve-all-sh-robustness 
all.sh: Clean up old files before generating them
 2021-06-22 11:14:49 +02:00
Dave Rodgman
8f2b66a39a
Merge pull request #4676 from JoeSubbiani/MissingContextFree-test_suite_aes.function 
Add missing free context in at the end of aes_crypt_xts_size()
 2021-06-22 09:24:08 +01:00
Manuel Pégourié-Gonnard
ffafae4f51
Merge pull request #4687 from gilles-peskine-arm/winsock-fd-range-3.0 
Fix net_sockets regression on Windows
 2021-06-22 09:29:23 +02:00
Manuel Pégourié-Gonnard
a805d57261
Merge pull request #4588 from TRodziewicz/remove_MD2_MD4_RC4_Blowfish_and_XTEA 
Remove MD2, MD4, RC4, Blowfish and XTEA
 2021-06-22 09:27:41 +02:00
Joe Subbiani
08b5ab2b81 Reword changelog - Test Resource Leak 
- “Fix an issue where X happens” → ”Fix X“
  the extra words are just a distraction.
- “resource” → “a resource”
- “where resource is never freed” has a name: it's a resource leak
- “when running one particular test suite” → “in a test suite”

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-06-21 16:50:51 +01:00
TRodziewicz
4a28ade6e9 Changing the key length to 32 bytes in one of the PSA cipher setup tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-21 17:44:19 +02:00
TRodziewicz
f41dc7cb35 Removal of RC4 certs and fixes to docs and tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-21 13:27:29 +02:00
Hanno Becker
296fefeb98 Fix return type of example key export callbacks 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-21 09:33:02 +01:00
Joe Subbiani
3f9e64c03c Fix improper spacing 
Spacing between brackets did not follow the appropriate coding style

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-06-21 09:10:55 +01:00
Ronald Cron
4d91bcd413 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:58:10 +02:00
Ronald Cron
fb01081212 psa: mac: Add driver dispatch tests for psa_mac_verify 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
a587cbc3a4 psa: mac: Add driver delegation support for psa_mac_verify() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
cd989b5598 psa: mac: Introduce psa_mac_compute_internal 
Introduce psa_mac_compute_internal with an
additional `is_sign` parameter compared to
the psa_mac_compute API. The intent is to
call psa_mac_compute_internal() from
psa_mac_verify() as well to compute the
message MAC.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
094b06a572 psa: mac: Add driver dispatch tests for psa_mac_compute 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
c3dd75f71b psa: mac: Improve MAC finalization code 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
51131b53fe psa: mac: Add driver delegation support for psa_mac_compute() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:09 +02:00
Gilles Peskine
a5dd7bded8 Fix fd range for select on Windows 
Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
MBEDTLS_ERR_NET_POLL_FAILED on Windows: they were testing that the file
descriptor is in range for fd_set, but on Windows socket descriptors are not
limited to a small range. Fixes #4465.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-20 23:14:36 +02:00
Gilles Peskine
05360005e3 Refactor file descriptor checks into a common function 
This will make it easier to change the behavior uniformly.

No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-20 23:10:15 +02:00
Ronald Cron
76be3e08a6 psa: mac: Add MAC compute builtin implementation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 22:18:35 +02:00
Ronald Cron
79bdd82eaa psa: mac: Improve implementation of psa_mac_finalize_alg_and_key_validation() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 22:18:06 +02:00
Ronald Cron
2dff3b2a18 psa: mac: Split psa_mac_setup() 
Split out of psa_mac_setup() the final checks on
the requested algorithm and the key attributes.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 22:09:28 +02:00
Ronald Cron
28ea050cf4 psa: mac: Re-organize psa_mac_setup() internal function 
Re-organize psa_mac_setup() to prepare the move
to a dedicated function of the additional checks
on the algorithm and the key attributes done by
this function. We want to move those checks in
a dedicated function to be able to do them
without duplicating them in psa_mac_compute().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 21:02:32 +02:00
Joe Subbiani
e6ef5febfb Update changelog formatting - Missing Free Context 
Missing trailing full stop added to the end of the fixed issue number

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-06-18 18:54:08 +01:00
Hanno Becker
d8f32e72b4 Move export callback and context to the end of SSL context 
This saves some code when compiling for Thumb, where access to
fields with offset index > 127 requires intermediate address
computations. Frequently used fields should therefore be located
at the top of the structure, while less frequently used ones --
such as the export callback -- can be moved to the back.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
1e1c23d768 Improve ChangeLog wording for key export 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
e0dad720ee Remove return value from key export callback 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
7e6c178b6d Make key export callback and context connection-specific 
Fixes #2188

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
a7991f2e11 Remove all occurrences of TLS < 1.2 PRF identifier 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
22b34f75cd Remote key export identifier used for TLS < 1.2. 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
ddc739cac4 Add missing documentation for key export callback parameters 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
11a4c1abcd Adapt key export test in ssl-opt.sh to reduced output 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
5a234e8718 Add ChangeLog entry 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
d5c9cc7c90 Add migration guide for modified key export API 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
c4c38caca5 Adjust example programs to new key export API 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
457d61602f Define and implement new key export API for Mbed TLS 3.0 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
2d6e6f8fec Remove '_ext' suffix from SSL key exporter API 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Hanno Becker
78ba2af7c2 Remove old key export API 
Seems to be an oversight that this wasn't marked deprecated.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-18 18:40:19 +01:00
Joe Subbiani
dc5660c4c0 Update changlog formatting - Missing Free Context 
Trailing white space causing `check_files.py` to fail

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-06-18 17:40:54 +01:00
Manuel Pégourié-Gonnard
9a32d45819
Merge pull request #4517 from hanno-arm/ticket_api_3_0 
Implement 3.0-API for SSL session resumption
 2021-06-18 18:34:45 +02:00
Manuel Pégourié-Gonnard
ae35830295
Merge pull request #4661 from mpg/make-blinding-mandatory 
Make blinding mandatory
 2021-06-18 18:32:13 +02:00
Dave Rodgman
8c8166a7f1
Merge pull request #4640 from TRodziewicz/move_part_of_timing_module_out_of_the_library_and_to_test 
Move part of timing module out of the library
 2021-06-18 16:35:58 +01:00
gabor-mezei-arm
534bb99f17 Add test for one-shot MAC functions 
Tests for psa_mac_compute and psa_mac_verify functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 16:58:30 +02:00
Joe Subbiani
487b4ae426 Update changelog formatting - Missing Free Context 
The original formatting was in dos and the changelog
assembler would fail. The length of the description was
too long horizontally. This has been updated.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-06-18 15:37:21 +01:00
Thomas Daubney
ac84469dd1 Modifies Migration Guide entry 
Commit makes corrections to Migration Guide
entry for this task.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-06-18 14:08:56 +01:00
Manuel Pégourié-Gonnard
87db8a2676 Clean up old files before generating them 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-06-18 13:30:14 +02:00