AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'upstream-public/pr/2777' into development

Browse Source
This commit is contained in:
Gilles Peskine 2019-08-14 15:59:01 +02:00
commit 681edbeaa6
3 changed files with 25 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ChangeLog
View File

@ -32,6 +32,15 @@ Features
MBEDTLS_SSL_DTLS_CONNECTION_ID (disabled by default), and at run-time MBEDTLS_SSL_DTLS_CONNECTION_ID (disabled by default), and at run-time
through the new APIs mbedtls_ssl_conf_cid() and mbedtls_ssl_set_cid(). through the new APIs mbedtls_ssl_conf_cid() and mbedtls_ssl_set_cid().
API Changes
* Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
and the used tls-prf.
* Add public API for tls-prf function, according to requested enum.
* Add DER-encoded test CRTs to library/certs.c, allowing
the example programs ssl_server2 and ssl_client2 to be run
if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
* The HAVEGE state type now uses uint32_t elements instead of int.
Bugfix Bugfix
* Fix private key DER output in the key_app_writer example. File contents * Fix private key DER output in the key_app_writer example. File contents
were shifted by one byte, creating an invalid ASN.1 tag. Fixed by were shifted by one byte, creating an invalid ASN.1 tag. Fixed by
@ -81,15 +90,9 @@ Bugfix
* Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716. * Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716.
* Update test certificates that were about to expire. Reported by * Update test certificates that were about to expire. Reported by
Bernhard M. Wiedemann in #2357. Bernhard M. Wiedemann in #2357.
* Fix the build on ARMv5TE in ARM mode to not use assembly instructions
API Changes that are only available in Thumb mode. Fix contributed by Aurelien Jarno
* Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes, in #2169.
and the used tls-prf.
* Add public API for tls-prf function, according to requested enum.
* Add DER-encoded test CRTs to library/certs.c, allowing
the example programs ssl_server2 and ssl_client2 to be run
if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
* The HAVEGE state type now uses uint32_t elements instead of int.
Changes Changes
* Server's RSA certificate in certs.c was SHA-1 signed. In the default * Server's RSA certificate in certs.c was SHA-1 signed. In the default

3
include/mbedtls/bn_mul.h
View File

@ -642,7 +642,8 @@
"r6", "r7", "r8", "r9", "cc" \ "r6", "r7", "r8", "r9", "cc" \
); );
#elif defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1) #elif (__ARM_ARCH >= 6) && \
defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1)
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( asm(

11
tests/scripts/all.sh
View File

@ -1088,6 +1088,17 @@ component_build_arm_none_eabi_gcc () {
make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
} }
component_build_arm_none_eabi_gcc_arm5vte () {
msg "build: arm-none-eabi-gcc -march=arm5vte, make" # ~ 10s
scripts/config.pl baremetal
# Build for a target platform that's close to what Debian uses
# for its "armel" distribution (https://wiki.debian.org/ArmEabiPort).
# See https://github.com/ARMmbed/mbedtls/pull/2169 and comments.
# It would be better to build with arm-linux-gnueabi-gcc but
# we don't have that on our CI at this time.
make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib
}
component_build_arm_none_eabi_gcc_no_udbl_division () { component_build_arm_none_eabi_gcc_no_udbl_division () {
msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
scripts/config.pl baremetal scripts/config.pl baremetal