Dave Rodgman
790370b392
code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 11:02:23 +01:00
Dave Rodgman
3ba9ce3c1d
Warn if using runtime detection and no Neon
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:58:33 +01:00
Dave Rodgman
cd65400c48
Add tests for runtime detection
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:40:07 +01:00
Dave Rodgman
7ed619d3fa
Enable run-time detection for Thumb and Arm
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:39:56 +01:00
Dave Rodgman
bfe6021e85
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:31:22 +01:00
Dave Rodgman
ca92f50e12
Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:24:55 +01:00
Minos Galanakis
4855fdf887
Revert "Auto-generated files for v3.5.0"
...
This reverts commit 591416f32b
2023-10-05 00:17:21 +01:00
Dave Rodgman
9ed1853093
require clang 4 for testing
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 00:06:47 +01:00
Paul Elliott
644fd34657
Merge pull request #8284 from gilles-peskine-arm/cmake-fix-3rdparty-custom-config
...
CMake: fix build with 3rdparty module enabled through a custom config
2023-10-04 22:59:58 +00:00
minosgalanakis
1ec69067fa
Merge pull request #1090 from Mbed-TLS/mbedtls-3.5.0rc0-pr
...
Mbedtls 3.5.0rc0 pr DO NOT MERGE
2023-10-04 23:47:01 +01:00
Minos Galanakis
f7e81d97de
Updated BRANCHES.MD
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-04 21:10:40 +01:00
Dave Rodgman
5d323bf0e3
Re-assemble changelog to add missing item, plus a couple of typo fixes.
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 18:46:47 +01:00
Dave Rodgman
04d0d06e83
Code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 18:05:08 +01:00
Dave Rodgman
d30728cf5e
Add Changelog
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 18:04:39 +01:00
Dave Rodgman
8690859097
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:40:25 +01:00
Dave Rodgman
ebe4292a9c
Improve behaviour on gcc targetting arm or thumb
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:36:44 +01:00
Dave Rodgman
793e264fbb
Fix indentation
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:36:20 +01:00
Dave Rodgman
d9e8083d26
Add tests for SHA256 on ARMCE for thumb, arm and aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:17:46 +01:00
Minos Galanakis
e35e387ad7
Bump library so-crypto, so-x509, so-tls versions.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-04 16:17:46 +01:00
Minos Galanakis
8f4c19a680
Merge pull request #8273 from davidhorstmann-arm:target-prefix-3rdparty
...
Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake
2023-10-04 16:03:22 +01:00
Minos Galanakis
2546d7da5c
Merge pull request #8284 from gilles-peskine-arm:cmake-fix-3rdparty-custom-config
...
CMake: fix build with 3rdparty module enabled through a custom config
2023-10-04 16:03:21 +01:00
Gilles Peskine
35b49c4d7d
Ignore tests of built-in interfaces for driver-only testing parity
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-04 12:28:41 +02:00
Gilles Peskine
010f035cdf
Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE
...
Fix test cases that were merged concurrently to
db6b4db7a0
2023-10-04 12:27:14 +02:00
Minos Galanakis
591416f32b
Auto-generated files for v3.5.0
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-04 00:55:02 +01:00
Minos Galanakis
974388f706
ChangeLog: Set release date
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:08:53 +01:00
Minos Galanakis
80a8156314
Prepare ChangeLog for 3.5.0 release
...
```
./scripts/assemble_changelog.py
```
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:08:39 +01:00
Minos Galanakis
31ca313efa
Bump version to 3.5.0
...
```
./scripts/bump_version.sh --version 3.5.0
```
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:02:18 +01:00
Minos Galanakis
1a3ad265cc
Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 21:57:51 +01:00
Dave Rodgman
3406564b01
Merge pull request #8291 from minosgalanakis/bugfix/updated_check_generated_files
2023-10-03 21:18:57 +01:00
Dave Rodgman
cc5bf4946f
Make SHA256 depend on Armv8, not aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:56 +01:00
Dave Rodgman
5ed7b2dec2
Introduce MBEDTLS_ARCH_IS_ARMV8
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:31 +01:00
Dave Rodgman
3fb93a8223
Merge pull request #8295 from minosgalanakis/changelog/renamed_psa_crypto_driver_wrappers
...
Changelog: Added entry for psa_crypto_driver_wrappers rename
2023-10-03 14:05:56 +01:00
Dave Rodgman
130938a804
Merge pull request #1088 from gilles-peskine-arm/tls13_read_public_xxdhe_share-overflow
...
Fix buffer overflow in TLS 1.3 and USE_PSA_CRYPTO ClientHello ECDH/FFDH parsers
2023-10-03 12:28:38 +01:00
Minos Galanakis
3974b17631
check-generated-files: Added psa_crypto_driver_wrappers_no_static.c file
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 11:47:03 +01:00
Ronald Cron
466286a14a
Remove redundant test component
...
In the full configuration MBEDTLS_TEST_HOOKS is
enabled thus the configurations in
test_full_cmake_gcc_asan_new_bignum and
test_full_cmake_gcc_asan_new_bignum_test_hooks
are the same. Keep the component that runs more
tests.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-10-03 12:44:15 +02:00
Minos Galanakis
76b709dd44
Changelog: Added entry for psa_crypto_driver_wrappers rename
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 11:14:41 +01:00
Dave Rodgman
61ea46d5d4
Merge remote-tracking branch 'origin/development' into check-changelog-exts
2023-10-03 09:32:13 +01:00
Dave Rodgman
ff3e9e1eb0
Merge pull request #8292 from minosgalanakis/bugfix/changelog_extensions
...
ChangeLog: Added .txt extension to log entries.
2023-10-03 09:29:39 +01:00
Gilles Peskine
3713bee34c
Remove leftover local debug line
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 18:43:18 +02:00
Dave Rodgman
65d8ec1444
Move check into list_files_to_merge
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-02 17:19:51 +01:00
Minos Galanakis
08707ecbfe
ChangeLog: Added .txt extension to log entries.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-02 16:55:00 +01:00
Dave Rodgman
3901e2ef92
Check for incorrect changelog extensions
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-02 16:44:09 +01:00
Gilles Peskine
7910cdd47f
Avoid compiler warning about size comparison
...
GCC warns about comparing uint8_t to a size that may be >255.
Strangely, casting the uint8_t to a size_t in the comparison expression
doesn't avoid the warning. So change the type of the variable.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 16:11:05 +02:00
Gilles Peskine
530c423ad2
Improve some debug messages and error codes
...
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.
On error paths, emit a level-1 debug message. Report the offending sizes.
Downgrade an informational message's level to 3.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:42:11 +02:00
Gilles Peskine
6dd5b9a60c
In TLS 1.2, only servers are affected
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:38:51 +02:00
Gilles Peskine
b782415e1b
Changelog entry for xxdh_psa_peerkey size validation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:08:37 +02:00
Gilles Peskine
c29df535ee
Improve robustness of ECDH public key length validation
...
In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to
validate what is written in handshake->xxdh_psa_peerkey. The previous code
was correct, but a little fragile to misconfiguration or maintenance.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:39 +02:00
Gilles Peskine
c8df898204
Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
...
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:33 +02:00
Gilles Peskine
12c5aaae57
Fix buffer overflow in TLS 1.3 ECDH public key parsing
...
Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The
length of the public key in an ECDH- or FFDH-based key exchange was not
validated. This could result in an overflow of handshake->xxdh_psa_peerkey,
overwriting further data in the handshake structure or further on the heap.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:10 +02:00
David Horstmann
bf66b752b4
Add custom config logic to 3rdparty modules
...
These do not link directly against Mbed TLS so need their own
propagation of the custom config values through CMake.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-10-02 11:07:35 +01:00
