From 6b0f911b9aaef49e705c7e744cb3b223eb681df6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 00:21:58 +0200 Subject: [PATCH 01/14] Use Python 3 instead of Python 2 to generate test files Python 2 is no longer officially supported, but we were still using it to generate test suite .c files from .function files when using GNU make. Switch to looking for Python 3. This change was done for CMake a long time ago. Signed-off-by: Gilles Peskine --- tests/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index d250d717ac..59ed45a66e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -54,8 +54,7 @@ else DLEXT ?= so EXEXT= SHARED_SUFFIX= -# python2 for POSIX since FreeBSD has only python2 as default. -PYTHON ?= python2 +PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif # Zlib shared library extensions: From e0de27729e6afc076f5560c7a408af797465c392 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 6 May 2021 11:34:07 +0200 Subject: [PATCH 02/14] Changelog entry for no longer explicitly invoking python2 Signed-off-by: Gilles Peskine --- ChangeLog.d/make-generate-tests-python.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/make-generate-tests-python.txt diff --git a/ChangeLog.d/make-generate-tests-python.txt b/ChangeLog.d/make-generate-tests-python.txt new file mode 100644 index 0000000000..4b9009d6f8 --- /dev/null +++ b/ChangeLog.d/make-generate-tests-python.txt @@ -0,0 +1,3 @@ +Changes + * When building the test suites with GNU make, invoke python3 or python, not + python2, which is no longer supported upstream. From 99cce1dd4fe7b18b8c219a52ba49f51e6e48acb6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 6 May 2021 11:36:50 +0200 Subject: [PATCH 03/14] Remove copy-pasted definition of PYTHON that wasn't used Signed-off-by: Gilles Peskine --- programs/fuzz/Makefile | 2 -- 1 file changed, 2 deletions(-) diff --git a/programs/fuzz/Makefile b/programs/fuzz/Makefile index fa17918fad..084fc241ec 100644 --- a/programs/fuzz/Makefile +++ b/programs/fuzz/Makefile @@ -20,8 +20,6 @@ endif DLEXT ?= so EXEXT= SHARED_SUFFIX= -# python2 for POSIX since FreeBSD has only python2 as default. -PYTHON ?= python2 # Zlib shared library extensions: ifdef ZLIB From 102c89ed65c2ada2b43fb40cd2b6f08b86cc89b7 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 12 May 2021 13:28:59 +0200 Subject: [PATCH 04/14] Remove the MBEDTLS_SSL_RECORD_CHECKING option Signed-off-by: TRodziewicz --- ChangeLog.d/issue4361.txt | 2 ++ include/mbedtls/config.h | 14 -------------- include/mbedtls/ssl.h | 2 -- library/ssl_msg.c | 2 -- library/version_features.c | 3 --- programs/ssl/ssl_test_common_source.c | 6 ------ programs/test/query_config.c | 8 -------- 7 files changed, 2 insertions(+), 35 deletions(-) create mode 100644 ChangeLog.d/issue4361.txt diff --git a/ChangeLog.d/issue4361.txt b/ChangeLog.d/issue4361.txt new file mode 100644 index 0000000000..670c8a6580 --- /dev/null +++ b/ChangeLog.d/issue4361.txt @@ -0,0 +1,2 @@ +Removals + * Remove the MBEDTLS_SSL_RECORD_CHECKING option. Fixes #4361. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 603d985ae0..aa69848c78 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1467,20 +1467,6 @@ */ #define MBEDTLS_SSL_ALL_ALERT_MESSAGES -/** - * \def MBEDTLS_SSL_RECORD_CHECKING - * - * Enable the function mbedtls_ssl_check_record() which can be used to check - * the validity and authenticity of an incoming record, to verify that it has - * not been seen before. These checks are performed without modifying the - * externally visible state of the SSL context. - * - * See mbedtls_ssl_check_record() for more information. - * - * Uncomment to enable support for record checking. - */ -#define MBEDTLS_SSL_RECORD_CHECKING - /** * \def MBEDTLS_SSL_DTLS_CONNECTION_ID * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 40814e660d..a47631c94f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1795,7 +1795,6 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, */ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); -#if defined(MBEDTLS_SSL_RECORD_CHECKING) /** * \brief Check whether a buffer contains a valid and authentic record * that has not been seen before. (DTLS only). @@ -1843,7 +1842,6 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, unsigned char *buf, size_t buflen ); -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ /** * \brief Set the timer callbacks (Mandatory for DTLS.) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 3956a67d27..c2fcdcbfd2 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -86,7 +86,6 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) return( 0 ); } -#if defined(MBEDTLS_SSL_RECORD_CHECKING) static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, unsigned char *buf, size_t len, @@ -150,7 +149,6 @@ exit: MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) ); return( ret ); } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ #define SSL_DONT_FORCE_FLUSH 0 #define SSL_FORCE_FLUSH 1 diff --git a/library/version_features.c b/library/version_features.c index d2de8957d2..b42fb29aa1 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -468,9 +468,6 @@ static const char * const features[] = { #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) "MBEDTLS_SSL_ALL_ALERT_MESSAGES", #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) - "MBEDTLS_SSL_RECORD_CHECKING", -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) "MBEDTLS_SSL_DTLS_CONNECTION_ID", #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 73457a1390..fd7eacf6d8 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -159,7 +159,6 @@ int dtls_srtp_key_derivation( void *p_expkey, #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) int ssl_check_record( mbedtls_ssl_context const *ssl, unsigned char const *buf, size_t len ) { @@ -220,7 +219,6 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, return( 0 ); } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ int recv_cb( void *ctx, unsigned char *buf, size_t len ) { @@ -241,10 +239,8 @@ int recv_cb( void *ctx, unsigned char *buf, size_t len ) /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) return( -1 ); -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ } return( (int) recv_len ); @@ -267,10 +263,8 @@ int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len, /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) return( -1 ); -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ } return( (int) recv_len ); diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 450e2fbbf0..cf7b3032f6 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1299,14 +1299,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( strcmp( "MBEDTLS_SSL_RECORD_CHECKING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RECORD_CHECKING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 ) { From e02e02f203e3f71e04b53e95fcd7c535940b48aa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 May 2021 00:22:35 +0200 Subject: [PATCH 05/14] Change sha512 output type from an array to a pointer The output parameter of mbedtls_sha512_finish_ret and mbedtls_sha512_ret now has a pointer type rather than array type. This removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer. Signed-off-by: Gilles Peskine --- ChangeLog.d/sha512-output-type.txt | 5 +++++ docs/3.0-migration-guide.d/sha512-output-type.md | 8 ++++++++ include/mbedtls/sha512.h | 10 ++++++---- library/sha512.c | 4 ++-- 4 files changed, 21 insertions(+), 6 deletions(-) create mode 100644 ChangeLog.d/sha512-output-type.txt create mode 100644 docs/3.0-migration-guide.d/sha512-output-type.md diff --git a/ChangeLog.d/sha512-output-type.txt b/ChangeLog.d/sha512-output-type.txt new file mode 100644 index 0000000000..e29557c9d5 --- /dev/null +++ b/ChangeLog.d/sha512-output-type.txt @@ -0,0 +1,5 @@ +API changes + * The output parameter of mbedtls_sha512_finish_ret and mbedtls_sha512_ret + now has a pointer type rather than array type. This removes spurious + warnings in some compilers when outputting a SHA-384 hash into a + 48-byte buffer. diff --git a/docs/3.0-migration-guide.d/sha512-output-type.md b/docs/3.0-migration-guide.d/sha512-output-type.md new file mode 100644 index 0000000000..5a7d2053c4 --- /dev/null +++ b/docs/3.0-migration-guide.d/sha512-output-type.md @@ -0,0 +1,8 @@ +SHA-512 output type change +-------------------------- + +The output parameter of `mbedtls_sha512_finish_ret()` and `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer. + +This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. + +Alternative implementations of the SHA512 module must adjust their functions' prototype accordingly. diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 56cefe1bd0..2852273140 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -134,13 +134,14 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * \param ctx The SHA-512 context. This must be initialized * and have a hash operation started. * \param output The SHA-384 or SHA-512 checksum result. - * This must be a writable buffer of length \c 64 Bytes. + * This must be a writable buffer of length \c 64 bytes + * for SHA-512, 48 bytes for SHA-384. * * \return \c 0 on success. * \return A negative error code on failure. */ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ); + unsigned char *output ); /** * \brief This function processes a single data block within @@ -171,7 +172,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * a readable buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. - * This must be a writable buffer of length \c 64 Bytes. + * This must be a writable buffer of length \c 64 bytes + * for SHA-512, 48 bytes for SHA-384. * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * @@ -184,7 +186,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, */ int mbedtls_sha512_ret( const unsigned char *input, size_t ilen, - unsigned char output[64], + unsigned char *output, int is384 ); #if defined(MBEDTLS_SELF_TEST) diff --git a/library/sha512.c b/library/sha512.c index 75306298fd..7d53731d08 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -380,7 +380,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * SHA-512 final digest */ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ) + unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; @@ -453,7 +453,7 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, */ int mbedtls_sha512_ret( const unsigned char *input, size_t ilen, - unsigned char output[64], + unsigned char *output, int is384 ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 3e3a6789d12571000df91f4e5ef3549a6cd5733c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 May 2021 00:26:17 +0200 Subject: [PATCH 06/14] Remove a kludge for the output size of mbedtls_sha512_finish_ret Remove a kludge to avoid a warning in GCC 11 when calling mbedtls_sha512_finish_ret with a 48-byte output buffer. This is correct since we're calculating SHA-384. When mbedtls_sha512_finish_ret's output parameter was declared as a 64-byte array, GCC 11 -Wstringop-overflow emitted a well-meaning, but inaccurate buffer overflow warning, which we tried to work around (successfully with beta releases but unsuccessfully with GCC 11.1.0 as released). Now that the output parameter is declared as a pointer, no workaround is necessary. Signed-off-by: Gilles Peskine --- library/ssl_tls.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc2f269a9c..bae9ed70ca 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2897,8 +2897,6 @@ static void ssl_calc_finished_tls_sha256( #if defined(MBEDTLS_SHA512_C) -typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*); - static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *ssl, unsigned char *buf, int from ) { @@ -2957,13 +2955,7 @@ static void ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) sha512.state, sizeof( sha512.state ) ); #endif - /* - * For SHA-384, we can save 16 bytes by keeping padbuf 48 bytes long. - * However, to avoid stringop-overflow warning in gcc, we have to cast - * mbedtls_sha512_finish_ret(). - */ - finish_sha384_t finish = (finish_sha384_t)mbedtls_sha512_finish_ret; - finish( &sha512, padbuf ); + mbedtls_sha512_finish_ret( &sha512, padbuf ); mbedtls_sha512_free( &sha512 ); #endif From d7b3d9247602fe5d5015a759d4f3867f28ac22a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 May 2021 00:45:25 +0200 Subject: [PATCH 07/14] Change sha256 output type from an array to a pointer The output parameter of mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type rather than array type. This removes spurious warnings in some compilers when outputting a SHA-224 hash into a 28-byte buffer. Signed-off-by: Gilles Peskine --- ChangeLog.d/sha512-output-type.txt | 9 +++++---- docs/3.0-migration-guide.d/sha512-output-type.md | 6 +++--- include/mbedtls/sha256.h | 12 +++++++----- library/sha256.c | 4 ++-- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/ChangeLog.d/sha512-output-type.txt b/ChangeLog.d/sha512-output-type.txt index e29557c9d5..eabc67df70 100644 --- a/ChangeLog.d/sha512-output-type.txt +++ b/ChangeLog.d/sha512-output-type.txt @@ -1,5 +1,6 @@ API changes - * The output parameter of mbedtls_sha512_finish_ret and mbedtls_sha512_ret - now has a pointer type rather than array type. This removes spurious - warnings in some compilers when outputting a SHA-384 hash into a - 48-byte buffer. + * The output parameter of mbedtls_sha512_finish_ret, mbedtls_sha512_ret, + mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type + rather than array type. This removes spurious warnings in some compilers + when outputting a SHA-384 or SHA-224 hash into a buffer of exactly + the hash size. diff --git a/docs/3.0-migration-guide.d/sha512-output-type.md b/docs/3.0-migration-guide.d/sha512-output-type.md index 5a7d2053c4..c62a881598 100644 --- a/docs/3.0-migration-guide.d/sha512-output-type.md +++ b/docs/3.0-migration-guide.d/sha512-output-type.md @@ -1,8 +1,8 @@ -SHA-512 output type change +SHA-512 and SHA-256 output type change -------------------------- -The output parameter of `mbedtls_sha512_finish_ret()` and `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer. +The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. -Alternative implementations of the SHA512 module must adjust their functions' prototype accordingly. +Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 9b8d91d1ca..1100869520 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -127,13 +127,14 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * \param ctx The SHA-256 context. This must be initialized * and have a hash operation started. * \param output The SHA-224 or SHA-256 checksum result. - * This must be a writable buffer of length \c 32 Bytes. + * This must be a writable buffer of length \c 32 bytes + * for SHA-256, 28 bytes for SHA-224. * * \return \c 0 on success. * \return A negative error code on failure. */ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ); + unsigned char *output ); /** * \brief This function processes a single data block within @@ -163,14 +164,15 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param input The buffer holding the data. This must be a readable * buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. - * \param output The SHA-224 or SHA-256 checksum result. This must - * be a writable buffer of length \c 32 Bytes. + * \param output The SHA-224 or SHA-256 checksum result. + * This must be a writable buffer of length \c 32 bytes + * for SHA-256, 28 bytes for SHA-224. * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ int mbedtls_sha256_ret( const unsigned char *input, size_t ilen, - unsigned char output[32], + unsigned char *output, int is224 ); #if defined(MBEDTLS_SELF_TEST) diff --git a/library/sha256.c b/library/sha256.c index a94f325e8b..36ab0c1aa8 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -332,7 +332,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * SHA-256 final digest */ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ) + unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; @@ -401,7 +401,7 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, */ int mbedtls_sha256_ret( const unsigned char *input, size_t ilen, - unsigned char output[32], + unsigned char *output, int is224 ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 95f8f22c2701218c1d24ef568c8e1632f19dcd41 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 14 May 2021 14:07:51 +0200 Subject: [PATCH 08/14] Migration guide added and ChangeLog clarified Signed-off-by: TRodziewicz --- ChangeLog.d/issue4361.txt | 3 ++- .../remove_ssl_record_checking.md | 13 +++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 docs/3.0-migration-guide.d/remove_ssl_record_checking.md diff --git a/ChangeLog.d/issue4361.txt b/ChangeLog.d/issue4361.txt index 670c8a6580..f1dbb3f195 100644 --- a/ChangeLog.d/issue4361.txt +++ b/ChangeLog.d/issue4361.txt @@ -1,2 +1,3 @@ Removals - * Remove the MBEDTLS_SSL_RECORD_CHECKING option. Fixes #4361. + * Remove the MBEDTLS_SSL_RECORD_CHECKING option and enable by default its + previous action. Fixes #4361. diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md new file mode 100644 index 0000000000..a1b8a5757b --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -0,0 +1,13 @@ +Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default +-------------------------------------------------------------------------- + +This change does not affects users who use the default config.h, as the +option MBEDTLS_SSL_RECORD_CHECKING was already on by default. + +This option was added only to controls compilation of one function +(mbedtls_ssl_check_record()) used in DTLS to check a buffer's validity and +authenticity. Switching it off poses a security risk. + +For users who changed the default setting of the option there is no real path +of migration. + From 1cf33bf94d173343da7e94a4ee56eb08c6e8f936 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 14 May 2021 14:35:26 +0200 Subject: [PATCH 09/14] Corrections o the migration guide Signed-off-by: TRodziewicz --- docs/3.0-migration-guide.d/remove_ssl_record_checking.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index a1b8a5757b..91f6f7e88b 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -1,10 +1,10 @@ Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default -------------------------------------------------------------------------- -This change does not affects users who use the default config.h, as the +This change does not affect users who use the default config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. -This option was added only to controls compilation of one function +This option was added only to control compilation of one function (mbedtls_ssl_check_record()) used in DTLS to check a buffer's validity and authenticity. Switching it off poses a security risk. From 57d7ab72fb9952a86bf88c5730ac8ef0534a2e4f Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 17 May 2021 10:43:41 +0200 Subject: [PATCH 10/14] Correction to migration guide entry wording Signed-off-by: TRodziewicz --- .../remove_ssl_record_checking.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index 91f6f7e88b..203e740240 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -4,10 +4,10 @@ Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default This change does not affect users who use the default config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. -This option was added only to control compilation of one function -(mbedtls_ssl_check_record()) used in DTLS to check a buffer's validity and -authenticity. Switching it off poses a security risk. - -For users who changed the default setting of the option there is no real path -of migration. +This option was added only to control compilation of one function, +mbedtls_ssl_check_record(), which is only useful in some specific cases, so it +was made optional to allow users who don't need it to save some code space. +However, the same effect can be achieve by using link-time garbage collection. +Users who changed the default setting of the option need to change the config/ +build system to remove that change. \ No newline at end of file From e13a23b4394454943605ddeaeea892c420178290 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 17 May 2021 11:16:52 +0200 Subject: [PATCH 11/14] New line added at the end of the migration guide entry Signed-off-by: TRodziewicz --- docs/3.0-migration-guide.d/remove_ssl_record_checking.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index 203e740240..7550f7b5a5 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -10,4 +10,4 @@ was made optional to allow users who don't need it to save some code space. However, the same effect can be achieve by using link-time garbage collection. Users who changed the default setting of the option need to change the config/ -build system to remove that change. \ No newline at end of file +build system to remove that change. From 3eac6126505ad5a62a189961bdbb8fa4f3146c3f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 May 2021 22:16:26 +0200 Subject: [PATCH 12/14] Add changelog entry for #4510 Signed-off-by: Gilles Peskine --- ChangeLog.d/psa_sign_message.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/psa_sign_message.txt diff --git a/ChangeLog.d/psa_sign_message.txt b/ChangeLog.d/psa_sign_message.txt new file mode 100644 index 0000000000..2d77ec054e --- /dev/null +++ b/ChangeLog.d/psa_sign_message.txt @@ -0,0 +1,2 @@ +Features + * Implement psa_sign_message() and psa_verify_message(). From c1ae30a05e124569ce59c2dde60e71b3a8a3ce95 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 18 May 2021 18:59:37 +0100 Subject: [PATCH 13/14] Fix docs for mbedtls_padlock_has_support Fix a slight inaccuracy in the docs for the return value of mbedtls_padlock_has_support. Signed-off-by: Dave Rodgman --- library/padlock.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/padlock.h b/library/padlock.h index 78dbeb60d2..4f4e400346 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -71,7 +71,7 @@ extern "C" { * * \param feature The feature to detect * - * \return 1 if CPU has support for the feature, 0 otherwise + * \return non-zero if CPU has support for the feature, 0 otherwise */ int mbedtls_padlock_has_support( int feature ); From 96d6e087175e650c90e93a2d686fbca1e4ec1194 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 20:06:04 +0200 Subject: [PATCH 14/14] Make the formatting of numbers consistent Signed-off-by: Gilles Peskine --- include/mbedtls/sha256.h | 4 ++-- include/mbedtls/sha512.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 1100869520..22c2c7d7eb 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -128,7 +128,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * and have a hash operation started. * \param output The SHA-224 or SHA-256 checksum result. * This must be a writable buffer of length \c 32 bytes - * for SHA-256, 28 bytes for SHA-224. + * for SHA-256, \c 28 bytes for SHA-224. * * \return \c 0 on success. * \return A negative error code on failure. @@ -166,7 +166,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param ilen The length of the input data in Bytes. * \param output The SHA-224 or SHA-256 checksum result. * This must be a writable buffer of length \c 32 bytes - * for SHA-256, 28 bytes for SHA-224. + * for SHA-256, \c 28 bytes for SHA-224. * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 2852273140..ef1fa22231 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -135,7 +135,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * and have a hash operation started. * \param output The SHA-384 or SHA-512 checksum result. * This must be a writable buffer of length \c 64 bytes - * for SHA-512, 48 bytes for SHA-384. + * for SHA-512, \c 48 bytes for SHA-384. * * \return \c 0 on success. * \return A negative error code on failure. @@ -173,7 +173,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. * This must be a writable buffer of length \c 64 bytes - * for SHA-512, 48 bytes for SHA-384. + * for SHA-512, \c 48 bytes for SHA-384. * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. *