TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-01 15:52:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,669 Commits 179 Branches 280 Tags
c34fa81ea975f96996c37a867b4adf60977dfd43
Commit Graph

661 Commits

Author SHA1 Message Date
David Horstmann
f06494dc9e Merge branch 'mbedtls-2.28' into buffer-sharing-merge-2.28 2024-03-11 16:28:50 +00:00
Gilles Peskine
a19f6bfcad Merge pull request #8823 from davidhorstmann-arm/fix-config-bitflag-2.28 
[Backport 2.28] Update `SSL_SERIALIZED_SESSION_CONFIG_BITFLAG` with new flags
 2024-03-05 13:17:43 +00:00
David Horstmann
ec8a5b175e Add ChangeLog entry for ssl serialization bitflags 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:19:00 +00:00
Gilles Peskine
039c903e7b Merge pull request #8818 from forkiee2/mbedtls-2.28 
Backport 2.28: move entropy init prior arguments number recognition
 2024-02-14 13:43:32 +00:00
PiotrBzdrega
c609654665 newline at end of changelog file 
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com>
 2024-02-13 22:12:23 +01:00
PiotrBzdrega
14e4727d0e fill out missing dot in changelog 
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com>
 2024-02-13 17:09:40 +01:00
PiotrBzdrega
7c1cd5ae1c move entropy init prior arguments number recognition 
Signed-off-by: PiotrBzdrega <piotrbzdrega@yandex.com>
 2024-02-13 16:59:05 +01:00
Gilles Peskine
0196f4886a Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes 
Add non-regression tests. Update some test functions to not assume that
byte_length == bit_length / 8.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 17:00:48 +01:00
Kusumit Ghoderao
bfa27e33ff Fix kdf incorrect initial capacity 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2024-02-02 19:56:37 +05:30
Dave Rodgman
8e3a837e1b Remove already-assembled Changelog entries 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-26 10:29:00 +00:00
Janos Follath
86bbb13779 Update Marvin fix Changelog entry 
Upon further consideration we think that a remote attacker close to the
victim might be able to have precise enough timing information to
exploit the side channel as well. Update the Changelog to reflect this.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-16 08:56:42 +00:00
Janos Follath
d50f7a7a17 Add Changelog for the Marvin attack fix 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-08 15:28:38 +00:00
Dave Rodgman
1146161e93 Add Changelog for license 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:06:31 +00:00
Bence Szépkúti
3ccb844117 Merge pull request #8373 from sergio-nsk/sergio-nsk/8372/1 
Backport 2.28: Fix compiling AESNI in Mbed-TLS with clang on Windows
 2023-10-26 15:59:05 +00:00
Pengyu Lv
c5d9d2d67e Reword the changelog entry 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-19 16:52:01 +08:00
Pengyu Lv
f24a85fd5e Add a changelog entry 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-19 16:52:01 +08:00
Sergey Markelov
9902a6b752 Fix #8372 - Error compiling AESNI in Mbed-TLS with clang on Windows 
It can successfully compile w/ or w/o the clang options -maes -mpclmul.

Signed-off-by: Sergey Markelov <sergey@solidstatenetworks.com>
 2023-10-18 20:26:01 -07:00
Bence Szépkúti
01902779a3 Merge pull request #8162 from yanrayw/2.28-save_stack_usage_pkwrite 
Backport 2.28: pkwrite: use heap to save stack usage for writing keys in PEM string
 2023-10-13 14:27:18 +00:00
minosgalanakis
064e732640 Merge pull request #1102 from Mbed-TLS/mbedtls-2.28.5_mergeback 
Mbedtls 2.28.5 mergeback
 2023-10-05 17:33:08 +01:00
Gilles Peskine
66a868b6af CMake: fix build with 3rdparty module enabled through a custom config 
Fixes #8165

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-04 15:11:10 +02:00
Minos Galanakis
7de3eed636 Prepare ChangeLog for 2.28.5 release 
```
./scripts/assemble_changelog.py
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:26:03 +01:00
Minos Galanakis
6d169947e9 Merge branch 'mbedtls-2.28-restricted' into mbedtls-2.28.5rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:22:36 +01:00
Dave Rodgman
da635ab657 Merge pull request #8280 from gilles-peskine-arm/ssl_cache-negative_errors-2.28 
Backport 2.28: ssl_cache: misc improvements
 2023-09-29 17:58:10 +00:00
Gilles Peskine
5856fd32dd Changelog entry for mbedtls_ssl_cache error code fixes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-29 13:42:47 +02:00
JonathanWitthoeft
3ead877b68 Adjust ChangeLog 
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
 2023-09-29 13:31:49 +02:00
JonathanWitthoeft
930679a1d7 Make mbedtls_ecdsa_can_do definition unconditional 
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
 2023-09-29 13:31:48 +02:00
Dave Rodgman
0ea272d110 Update padding const-time fix changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-27 16:31:33 +01:00
Dave Rodgman
e8358d400f Add Changelog for CT fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-25 11:34:35 +01:00
Gilles Peskine
326ba3c0bb mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher 
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-21 18:25:05 +02:00
Dave Rodgman
f4cf4a6e25 Merge pull request #1070 from gilles-peskine-arm/merge-2.28-restricted-20230915 
Merge mbedtls-2.28 into restricted
 2023-09-20 12:07:55 +01:00
Gilles Peskine
9cacae3c7a Merge remote-tracking branch 'upstream-public/mbedtls-2.28' into HEAD 2023-09-15 18:32:36 +02:00
Waleed Elmelegy
d24b546f3d Reduce line size in new pkcs function changelog 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-15 15:35:08 +01:00
Waleed Elmelegy
58ed2318c5 Modify changelog entry to add pkcs12 pbe functions 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-15 15:34:47 +01:00
Yanray Wang
c9d5ea9a9c pkwrite.c: write ChangeLog accurately 
The heap memory is used for both RSA and EC keys. So removing `RSA`
in the ChangeLog.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-06 10:32:44 +08:00
Yanray Wang
79873bcf56 pkwrite: add Changelog entry 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-06 10:32:22 +08:00
Waleed Elmelegy
dffb1e3d66 Improve mbedtls_pkcs5_pbes2_ext changelog description 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:57:23 +01:00
Waleed Elmelegy
7aeb6e7610 Add changelog entry for new mbedtls_pkcs5_pbe2_ext function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-04 17:52:15 +01:00
Paul Elliott
12a2bfc970 Merge pull request #8096 from davidhorstmann-arm/2.28-initialize-struct-get-other-name 
[Backport 2.28] Coverity fix: Set `type_id` in `x509_get_other_name()`
 2023-08-31 14:10:06 +00:00
Gilles Peskine
c10520f45f Merge pull request #8102 from AgathiyanB/backport-iar-warnings-changelog 
Add changelog entry for 2.28 IAR warning fixes
 2023-08-24 18:02:15 +00:00
Agathiyan Bragadeesh
0aab8a878f Add changelog entry for 2.28 IAR warning fixes 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 15:29:02 +01:00
David Horstmann
d81f75bbbf Fixup incorrectly-formatted ChangeLog entry 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-21 17:36:02 +01:00
David Horstmann
869609f228 Add ChangeLog entry for otherName SAN fixes 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 19:51:45 +01:00
Chien Wong
0118a1d712 Fix a few unchecked return values 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-17 22:13:11 +08:00
Chien Wong
12f6f28e15 Improve doc on special use of A in ecp group structure 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-09 22:15:14 +08:00
Gilles Peskine
b438348774 Merge pull request #8010 from marekjansta/fix-x509-ec-algorithm-identifier-2.28 
Backport 2.28: Fixed x509 certificate generation to conform to RFCs when using ECC key
 2023-08-07 19:14:52 +00:00
Dave Rodgman
1484a53429 Merge pull request #8024 from daverodgman/changelog-warning-fixes-2.28 
Backport 2.28: Clarify changelog not needed for compiler warnings
 2023-08-07 10:55:56 +01:00
Dave Rodgman
ccba2b7507 Assemble 2.28.4 changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-02 14:47:25 +01:00
Dave Rodgman
973494d193 Clarify changelog not needed for compiler warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-02 13:52:20 +01:00
Marek Jansta
0a6743b2de Fixed AlgorithmIdentifier parameters when used with ECDSA signature algorithm in x509 certificate 
Signed-off-by: Marek Jansta <jansta@2n.cz>
 2023-07-31 17:33:23 +02:00
Gilles Peskine
e5507d5f20 Fix empty union when TLS is disabled 
When all TLS 1.2 support is disabled, union mbedtls_ssl_premaster_secret was
empty, which is not valid C even if the union is never used. Fixes #6628.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-26 17:22:04 +02:00