TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-30 17:12:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,496 Commits 177 Branches 276 Tags
adc8a0bceff7bb2fb9d8b4dc0cdcc956e5d74a0d
Commit Graph

579 Commits

Author SHA1 Message Date
Paul Elliott
fc820d96e0 Fix IAR warnings 
IAR was warning that conditional execution could bypass initialisation of
variables, although those same variables were not used uninitialised. Fix
this along with some other IAR warnings.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-13 15:07:44 +00:00
Gilles Peskine
a4c10abaf9 Merge pull request #7063 from AndrzejKurek/2.28_x508_san_parsing_testing 
[2.28 Backport] X.509: Fix bug in SAN parsing and enhance negative testin
 2023-02-10 15:05:30 +01:00
Gilles Peskine
b5e9cd37a0 Announce coding style change in the changelog 
It doesn't affect users, but it affects some other external consumers of the
library.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-08 19:45:41 +01:00
Hanno Becker
3818fd9d58 Add a ChangeLog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-08 09:19:09 -05:00
Gilles Peskine
d6bb16a5b8 Merge pull request #6976 from davidhorstmann-arm/2.28-c-build-helper-improvements 
[Backport 2.28] Minor improvements to `c_build_helper.py`
 2023-02-07 10:26:03 +01:00
Dave Rodgman
b028531a3b Merge pull request #7013 from gilles-peskine-arm/build-without-certs-2.28.2 
2.28 only: Fix the build without MBEDTLS_CERTS_C
 2023-02-06 11:39:01 +00:00
Aditya Deshpande
e87ed421be Amend changelog entry 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-02-02 12:07:07 +00:00
Aditya Deshpande
a7d879185e Add changelog entry 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-02-02 12:07:06 +00:00
Gilles Peskine
4d483a1814 Fix misplaced #endif in test program 
This broke the build when MBEDTLS_CERTS_C is undefined. Fixes #6243.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-01 18:19:23 +01:00
David Horstmann
5e29196561 Fix near-tautological repetition in ChangeLog 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-02-01 13:41:34 +00:00
Aaron M. Ucko
78b823ab0e mbedtls_mpi_sub_abs: Skip memcpy when redundant (#6701). 
In some contexts, the output pointer may equal the first input
pointer, in which case copying is not only superfluous but results in
"Source and destination overlap in memcpy" errors from Valgrind (as I
observed in the context of ecp_double_jac) and a diagnostic message
from TrustInSoft Analyzer (as Pascal Cuoq reported in the context of
other ECP functions called by cert-app with a suitable certificate).

Signed-off-by: Aaron M. Ucko <ucko@ncbi.nlm.nih.gov>
 2023-01-31 15:45:44 -05:00
Manuel Pégourié-Gonnard
4b7cb8c737 Merge pull request #6919 from valeriosetti/issue6843-backport 
Backport: Improve X.509 cert writing serial number management
 2023-01-30 13:09:09 +01:00
David Horstmann
41fbc3ad3a Add ChangeLog for c_build_helper improvements 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-01-27 19:56:49 +00:00
Gilles Peskine
f57f3db920 Merge pull request #6931 from AndrzejKurek/timeless-selftest-waz-bad 
[2.28] Enable the timing.c selftest with MBEDTLS_TIMING_ALT
 2023-01-26 21:55:44 +01:00
Andrzej Kurek
26d383998d Be consistent with self-test naming 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-26 04:38:37 -05:00
Dave Rodgman
6b8d42444d Add Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 11:43:01 +00:00
Andrzej Kurek
4136a9ec5a Shorten lines of changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-17 06:09:37 -05:00
Andrzej Kurek
b36fa910e9 Add a changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-01-17 05:28:25 -05:00
Valerio Setti
8cf549d047 changelog: document the enforced check on x509 serial setting 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-13 08:41:15 +01:00
Gilles Peskine
0aba751326 Merge pull request #6894 from tom-daubney-arm/modify_generate_errors_script_2-28 
Backport 2.28: Make generate_errors.pl handle directory names containing spaces when opening files
 2023-01-10 22:09:44 +01:00
Dave Rodgman
b3aefa3983 Add Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-10 10:08:53 +00:00
Thomas Daubney
b462005958 Add ChangeLog entry 
Add ChangeLog entry documenting bugfix.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-01-10 09:37:43 +00:00
Dave Rodgman
e5c5b1d3ea Add Changelog entry 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-12-20 13:21:19 +00:00
Dave Rodgman
4547eae341 Merge pull request #984 from Mbed-TLS/mbedtls-2.28.2-merge-back 
Mbedtls 2.28.2 merge back
 2022-12-14 17:51:58 +00:00
Manuel Pégourié-Gonnard
08f7f0d1f6 Merge pull request #6744 from gilles-peskine-arm/windows-different-drives-build-error-2.28 
Backport 2.28: Copy files instead of hard-linking on Windows
 2022-12-12 11:59:06 +01:00
Aditya Deshpande
a26938aec6 Assemble ChangeLog 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2022-12-08 11:04:16 +00:00
Aditya Deshpande
dbefba7b5c Merge branch 'mbedtls-2.28-restricted' into mbedtls-2.28.2rc0-pr 2022-12-08 10:57:08 +00:00
Dominik Gschwind
b0423a260c Copy files instead of hard-linking on Windows 
Fixes an issue on Windows where when source and build directory are on different drives hard-linking
to files or directory fails as it doesn't work across filesystem boundaries. Note that symlinking is also
not possible because it requires administrator privileges on Windows.

The solution copies the files using the built-in cmake `configure_file(src dest COPYONLY)` command.
As this command only operates on files, if a directory is specified the files will be globbed recursively
and through symlinks.

Signed-off-by: Dominik Gschwind <dominik.gschwind99@gmail.com>
 2022-12-07 19:34:52 +01:00
Gilles Peskine
a3e8dd4054 Improve wording, punctuation, etc. 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-06 10:52:32 +01:00
Dave Rodgman
f0090d85e5 Merge remote-tracking branch 'origin/mbedtls-2.28' into merge-2.28 2022-12-05 11:04:05 +00:00
Gilles Peskine
01bf631159 Fix NULL+0 undefined behavior in ECB encryption and decryption 
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-23 17:23:44 +01:00
Manuel Pégourié-Gonnard
99ac73d963 Merge pull request #969 from yanesca/issue-946-backport 
[2.28 Backport] Fix RSA side channel
 2022-11-23 10:30:40 +01:00
Janos Follath
c772869713 Changelog: expand conference acronym for clarity 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-22 10:51:25 +00:00
Gilles Peskine
b358e46c8e Merge pull request #6618 from gilles-peskine-arm/mpi_sint-min-ub-2.28 
Backport 2.28: Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
 2022-11-21 19:52:03 +01:00
Janos Follath
82e8133edc Add paper title to Changelog 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-21 16:22:35 +00:00
Ronald Cron
7345073aaf Add ChangeLog 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-17 15:21:07 +01:00
Gilles Peskine
de1629aff9 Fix undefined behavior with the most negative mbedtls_mpi_sint 
When x is the most negative value of a two's complement type,
`(unsigned_type)(-x)` has undefined behavior, whereas `-(unsigned_type)x`
has well-defined behavior and does what was intended.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-17 11:03:46 +01:00
Gilles Peskine
103cf59e46 Fix NULL+0 in addition 0 + 0 
Fix undefined behavior (typically harmless in practice) of
mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int() when
both operands are 0 and the left operand is represented with 0 limbs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-17 11:03:46 +01:00
Janos Follath
e530b5b4c4 Merge pull request #6579 from gilles-peskine-arm/negative-zero-from-add-2.28 
Backport 2.28: Fix negative zero from bignum add/subtract
 2022-11-16 14:06:04 +00:00
Aditya Deshpande
f22f73ef4e Fix issue in dh_genprime.c where the error code returned by mbedtls_mpi_write_file() is incorrectly reported on failure 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2022-11-10 15:33:11 +00:00
Gilles Peskine
195e1c8107 Changelog entry for the negative zero from add/sub 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-10 15:15:25 +01:00
Gilles Peskine
cb492102bf Merge pull request #6380 from Kabbah/backport2.28-x509-info-hwmodulename-hex 
[Backport 2.28] `x509_info_subject_alt_name`: Render HardwareModuleName as hex
 2022-11-08 17:11:09 +01:00
Janos Follath
9e4ea3a8a8 Add ChangeLog entry 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-11-08 09:09:14 +00:00
Dave Rodgman
febe14e6e0 Add Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:28:20 +00:00
Dave Rodgman
0bbe75838e Merge pull request #6191 from daverodgman/invalid-ecdsa-pubkey-backport-2.28 
Improve ECDSA verify validation - 2.28 backport
 2022-10-31 09:37:38 +00:00
Dave Rodgman
23b79b6c9c Credit Cryptofuzz in the changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-27 20:36:47 +01:00
Dave Rodgman
a66e7edf09 Improve changelog for ECDSA verify fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-27 20:34:59 +01:00
Ronald Cron
2e0a11556e Merge pull request #6483 from gilles-peskine-arm/psa-pkparse-pkwrite-2.28 
Backport 2.28: PSA with RSA requires PK_WRITE and PK_PARSE
 2022-10-26 14:57:41 +02:00
Ronald Cron
c527796ecb Merge pull request #6392 from davidhorstmann-arm/2.28-fix-x509-get-name-cleanup 
[Backport 2.28] Fix `mbedtls_x509_get_name()` cleanup
 2022-10-26 14:28:04 +02:00
Gilles Peskine
8fb928f642 Fix PSA+RSA dependencies on PK 
The PSA code needs pk_parse as well as pk_write for RSA keys. Fix #6409.
This is independent of PKCS#1v1.5 support. Fix #6408.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-25 20:32:02 +02:00