TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-27 22:51:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
32,421 Commits 177 Branches 276 Tags
0bc29f6441561e21cda4aa2ffc3772691dc1166e
Commit Graph

1671 Commits

Author SHA1 Message Date
David Horstmann
419f302dcd Merge pull request #10526 from gilles-peskine-arm/include-common-first-202510-3.6 
Backport 3.6: Include common header first
 2025-12-09 16:50:12 +00:00
Gilles Peskine
e45e036b91 Fix Mbed-TLS/TF-PSA-Crypto#548 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-12-03 20:09:47 +01:00
Manuel Pégourié-Gonnard
30c2fa00af Add ChangeLog for RSA private performance regression 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-03 11:32:45 +01:00
Valerio Setti
14ada7f73c Merge pull request #10473 from valeriosetti/issue488-3.6 
[3.6] psa_load_builtin_key_into_slot: prevent accessing the PSA storage if key ID is in volatile range
 2025-11-11 12:31:15 +00:00
Valerio Setti
667e56a0a7 Merge pull request #10478 from Cube707/backport/iar-compiler-warning 
[backport] add cast to fix IAR compiler errors
 2025-10-31 12:33:11 +00:00
Jan Spannberger
73d5398f02 add cast to fix IAR compiler errors 
IAR throws a warning "mixed ENUM with other type"

backport of a5384bdf09

Signed-off-by: Jan Spannberger <jan.spannberger@siemens.com>
 2025-10-28 15:14:30 +01:00
Valerio Setti
2a9a272bdb changelog: prevent loading peristent keys if the key ID is in the volatile range 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-10-27 11:16:36 +01:00
Schrijvers Luc
9644a688f3 Update ChangeLog.d/gnuinstalldirs_include.txt 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Schrijvers Luc <begasus@gmail.com>
 2025-10-24 10:59:27 +02:00
Luc Schrijvers
08d88fcf72 add changelog change 
Signed-off-by: Luc Schrijvers <begasus@gmail.com>
 2025-10-24 09:32:02 +02:00
Gilles Peskine
6dacfdc59e Merge pull request #10447 from valeriosetti/static-key-store-fix-size 
[3.6] psa: improve buffer size computation for static key slots
 2025-10-20 13:42:04 +00:00
Valerio Setti
a8ff9f76e9 changelog: add note about MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE improvements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-10-16 16:47:01 +02:00
Minos Galanakis
5a3d0214b3 Merge tag 'mbedtls-3.6.5' into mbedtls-3.6.5_mergeback 
Mbed TLS 3.6.5

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-15 18:41:13 +01:00
Minos Galanakis
369ea7a041 Assemble ChangeLog 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-10 18:04:55 +01:00
Gilles Peskine
42ae2ac6ec Merge pull request #10318 from keith-packard/gcc-14-3-array-bounds 
Avoid invalid gcc 14.3 warning about array bounds in mbedtls_xor
 2025-10-08 19:00:48 +00:00
Keith Packard
292b96c0a6 Avoid invalid gcc 14.3 warning about array bounds in mbedtls_xor 
The combination of the multi-byte loop with the single byte loop
confuses GCC 14.3's array bounds checker. When the loop size is
constant, check to see if it is a multiple of the multi-byte size and
bail early. As this will be evaluated at compile time, there should be
no run-time cost.

This change uses the __builtin_constant_p compile-time operation. To
check if that is supported, the change uses the existing
MBEDTLS_HAS_BUILTIN macro. That macro was defined later in
library/common.h than is needed for this change, so it was moved up to
join some other macros that looked similar.

Signed-off-by: Keith Packard <keithp@keithp.com>
 2025-10-02 11:09:29 -07:00
Minos Galanakis
bafcf5bddf Merge remote-tracking branch 'restricted/mbedtls-3.6-restricted' into mbedtls-3.6.5rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-02 15:37:04 +01:00
Ben Taylor
6e73b2f2fd Backport time_t type conversions 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-29 15:35:28 +01:00
Gilles Peskine
70135847cd Merge pull request #1425 from gilles-peskine-arm/restricted-3.6-merge-public-20250916 
3.6: : merge public into restricted 2025-09-16
 2025-09-17 21:05:31 +02:00
Gilles Peskine
334dfa8799 Merge remote-tracking branch '3.6' into restricted-3.6-merge-public-20250916 
Conflicts:

* `framework`: update submodule to the merge of `main` and `main-restricted`.
 2025-09-16 16:16:53 +02:00
Gilles Peskine
d1244932f1 We have a CVE ID 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-16 10:39:29 +02:00
Gilles Peskine
447134b704 Announce psa_can_do_cipher() 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-12 11:27:08 +02:00
Gilles Peskine
2d666646ba Changelog entry for PSA CBC-PKCS7 padding oracle fix 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-08 12:22:39 +02:00
Gilles Peskine
9d7d0e63ae Merge pull request #1407 from gilles-peskine-arm/mbedtls_cipher_finish_padded-3.6 
Backport 3.6: Introduce mbedtls_cipher_finish_padded
 2025-09-08 12:18:50 +02:00
Manuel Pégourié-Gonnard
07cbb33e76 Add ChangeLog entry for SSBleed and M-Step 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-09-02 10:41:50 +02:00
Manuel Pégourié-Gonnard
381d4ba03b Make mbedtls_mpi_gcd() more consistent 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-08-13 09:01:45 +02:00
Gilles Peskine
7db50d0700 Changelog entry for mbedtls_cipher_finish_padded() 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-08-08 15:15:07 +02:00
Gilles Peskine
8d524e8841 Merge pull request #10312 from ronald-cron-arm/dependency-on-generated-files 
Backport 3.6: cmake: library: Fix potential concurrent file generation
 2025-07-30 11:44:53 +00:00
Ronald Cron
5491fe3ee0 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-07-21 09:45:14 +02:00
Minos Galanakis
c52f68fd21 Assemble ChangeLog 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-25 14:07:55 +01:00
Minos Galanakis
f36277558a Merge remote-tracking branch 'restricted/mbedtls-3.6-restricted' into mbedtls-3.6.4rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-23 18:52:17 +01:00
David Horstmann
54ceaf7a53 Merge pull request #10200 from aslze/mbedtls-3.6 
[3.6] Fix build C++ apps with MSVC
 2025-06-19 14:25:50 +00:00
David Horstmann
a84be59757 Merge pull request #1366 from gilles-peskine-arm/base64-decode-clean-3.6 
Backport 3.6: mbedtls_base64_decode: fix sloppiness
 2025-06-17 14:55:39 +01:00
Gilles Peskine
3c9ad42719 Merge pull request #1367 from gilles-peskine-arm/aesni_has_support-volatile-3.6 
Backport 3.6: Fix race condition in mbedtls_aesni_has_support
 2025-06-13 23:20:28 +02:00
Felix Conway
b8d14734fd Simplify changelog 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-06-13 09:33:24 +01:00
Felix Conway
80ca13f07d Add changelog 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-06-12 13:28:26 +01:00
Gilles Peskine
f5db3e9436 Note that GCM is also impacted 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-11 10:45:41 +02:00
Gilles Peskine
a79525239f Merge pull request #1359 from Mbed-TLS/bugfix_1351_1352_1353_lms_drivers_3.6bp 
[3.6 Backport]Bugfix: lms/lmots driver hardening.
 2025-06-10 19:08:15 +02:00
Manuel Pégourié-Gonnard
7ed3653c57 Merge pull request #1363 from gilles-peskine-arm/3.6-restricted-merge-20250606 
Merge mbedtls-3.6 into mbedtls-3.6-restricted
 2025-06-10 11:01:11 +02:00
Manuel Pégourié-Gonnard
cae443405e Merge pull request #1347 from mpg/fix-asn1-store-named-data-null-deref-3.6 
Backport 3.6: Fix asn1 store named data null deref
 2025-06-10 09:50:34 +02:00
Gilles Peskine
8c67ac0f7f Fix race condition in mbedtls_aesni_has_support 
Fix a race condition in `mbedtls_aes_ni_has_support()` with some compilers.
A compiler could hoist the assignment `done = 1` above the assignment to `c`,
in which case if two threads call `mbedtls_aes_ni_has_support()` at almost
the same time, they could be interleaved as follows:

    Initially: done = 0, c = 0

    thread A                thread B
    if (!done)
      done = 1;                                     # hoisted
                            if (!done)
                                return c & what;    # wrong!
      c = cpuid();
    return c & what

This would lead to thread B using software AES even though AESNI was
available. This is a very minor performance bug. But also, given a very
powerful adversary who can block thread A indefinitely (which may be
possible when attacking an SGX enclave), thread B could use software AES for
a long time, opening the way to a timing side channel attack.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-09 23:48:34 +02:00
Gilles Peskine
2b3d6a8f28 mbedtls_base64_decode: insist on correct padding 
Correct base64 input (excluding ignored characters such as spaces) consists
of exactly 4*k, 4*k-1 or 4*k-2 digits, followed by 0, 1 or 2 equal signs
respectively.

Previously, any number of trailing equal signs up to 2 was accepted, but if
there fewer than 4*k digits-or-equals, the last partial block was counted in
`*olen` in buffer-too-small mode, but was not output despite returning 0.

Now `mbedtls_base64_decode()` insists on correct padding. This is
backward-compatible since the only plausible useful inputs that used to be
accepted were inputs with 4*k-1 or 4*k-2 digits and no trailing equal signs,
and those led to invalid (truncated) output. Furthermore the function now
always reports the exact output size in buffer-too-small mode.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-09 23:01:21 +02:00
Minos Galanakis
255c492dab Added CVE's to ChangeLogs 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-08 23:10:58 +01:00
Gilles Peskine
7df273bb34 Merge remote-tracking branch 'mbedtls-3.6' into mbedtls-3.6-restricted 2025-06-06 10:46:03 +02:00
Gilles Peskine
84999d1a7b Fix mbedtls_base64_decode() accepting invalid inputs with 4n+1 digits 
The last digit was ignored.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-05 16:15:41 +02:00
Minos Galanakis
f84bc3f592 Added changelog for check return of merkle leaf 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-05 09:23:59 +01:00
Minos Galanakis
3444757ac4 Added changelog for lms enum casting 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-05 09:23:59 +01:00
Minos Galanakis
3b392af70d Added changelog for lms overread 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-05 09:23:59 +01:00
Alvaro Segura
41422e1fc0 Fix change log entry 
Signed-off-by: Alvaro Segura <alvaro.segura@gmail.com>
 2025-06-05 09:10:54 +02:00
David Horstmann
3f82706cb7 Merge pull request #1349 from felixc-arm/pem-integer-underflow-3.6 
[3.6] Fix Integer Underflow when Decoding PEM Keys
 2025-06-04 14:36:35 +01:00
Felix Conway
42323eacc9 Add changelog 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-06-04 10:06:26 +01:00