AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
18,860 Commits 1 Branch 0 Tags 61 MiB
15364ffb03
Commit Graph

699 Commits

Author SHA1 Message Date
Gilles Peskine
15364ffb03
Merge pull request #5579 from SiliconLabs/erase_secret_before_free 
Erase secrets in allocated memory before freeing said memory
 2022-03-07 17:04:04 +01:00
Gilles Peskine
d929dbbb25
Merge pull request #5368 from mfil/feature/additional_md_getters 
Add function to get message digest info from context
 2022-03-02 16:44:26 +01:00
Gilles Peskine
5459a15863
Merge pull request #5365 from Tachi107/msvc-utf-8 
build(msvc): always assume source files are in UTF-8
 2022-03-02 16:42:33 +01:00
Steven Cooreman
4b94f10b93 Add changelog entry for zeroizing key buffers before freeing 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2022-02-25 16:53:11 +01:00
Andrzej Kurek
a0237f86d3 Add missing key destruction calls in ssl_write_client_key_exchange 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-25 04:36:40 -05:00
Andrea Pappacoda
9202909d07
build(msvc): always assume source files are in UTF-8 
Fixes https://github.com/ARMmbed/mbedtls/issues/4205

Signed-off-by: Andrea Pappacoda <andrea@pappacoda.it>
 2022-02-23 23:13:09 +01:00
Gilles Peskine
9cb08822a1 Minor clarification 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:02 +01:00
Gilles Peskine
80dae04f24 Make user_data fields private 
Add accessor functions.

Add unit tests for the accessor functions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
c63a1e0e15 Fix mbedtls_ssl_get_version() for TLSv1.3 
Test it in ssl-opt.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
e1a0c25f71 New function to access the TLS version from a context as an enum 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
915896f03c Add accessor function from mbedtls_ssl_context to the configuration 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
69477b5706 Add a field for application data to TLS structures 
In structure types that are passed to user callbacks, add a field that the
library won't ever care about. The application can use this field to either
identify an instance of the structure with a handle, or store a pointer to
extra data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Manuel Pégourié-Gonnard
4fa604cc3b
Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 
feat: Update test_suite_psa_its to NOT use UID=0
 2022-02-17 11:49:33 +01:00
Manuel Pégourié-Gonnard
3d1f8b9c00
Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto 
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
 2022-02-16 17:33:47 +01:00
Manuel Pégourié-Gonnard
e14b644f4d
Merge pull request #5456 from mpg/cleanup-ecdh-psa 
Cleanup PSA-based ECDHE in TLS 1.2
 2022-02-15 09:09:07 +01:00
Ronald Cron
fb84e98fb4 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 16:10:44 +01:00
Gilles Peskine
bebeae9428
Merge pull request #5504 from gstrauss/mbedtls_pem_get_der 
Add accessor to get der from mbedtls_pem_context
 2022-02-10 23:56:57 +01:00
Glenn Strauss
a950938ff0 Add mbedtls_ssl_ticket_rotate for ticket rotation. 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-09 14:33:15 -05:00
Glenn Strauss
72bd4e4d6a Add accessor to get buf from mbedtls_pem_context 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-08 14:53:46 -05:00
pespacek
d62e906b1c TEST: added psa_its_set expected failure test 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-02-08 15:19:26 +01:00
Manuel Pégourié-Gonnard
141be6cc7f Fix missing check on server-chosen curve 
We had this check in the non-PSA case, but it was missing in the PSA
case.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard
1ab2d6966c
Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs 
Resolve problems with reduced configs using USE_PSA_CRYPTO
 2022-02-02 10:20:26 +01:00
Paul Elliott
a9f32fbb21
Merge pull request #5382 from lhuang04/tls13_f_export_keys 
Swap the client and server random for TLS 1.3 f_export_keys
 2022-01-28 12:09:19 +00:00
lhuang04
a3890a3427 Swap the client and server random for TLS 1.3 
Summary:

Test Plan:

Reviewers:

Subscribers:

Tasks:

Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
 2022-01-27 06:00:43 -08:00
Andrzej Kurek
76c185b0a3 Add a changelog entry regarding bugfixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-24 10:09:38 -05:00
Manuel Pégourié-Gonnard
fcca7cfa97
Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite 
Add accessors for ciphersuite info
 2022-01-24 11:13:31 +01:00
Dave Rodgman
b032685543
Merge pull request #5309 from gilles-peskine-arm/pkparse-pkcs8-unencrypted-no-alloc 
mbedtls_pk_parse_key: don't allocate if not needed
 2022-01-24 10:03:48 +00:00
Gilles Peskine
fe271b9c92
Merge pull request #5253 from AndrzejKurek/chacha-iv-len-16-fixes 
Return an error from `mbedtls_cipher_set_iv` for an invalid IV length with ChaCha20 and ChaCha20+Poly
 2022-01-21 21:46:08 +01:00
Andrzej Kurek
ad40bb7f3f Add a changelog entry for forced MBEDTLS_PK_WRITE_C 
Describe why and when it is enabled automatically.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-19 12:34:48 -05:00
Andrzej Kurek
f2d4e275a8 Add a changelog entry for the ChaCha20 default behavior change 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-14 16:31:54 +01:00
Manuel Pégourié-Gonnard
73839e02a7
Merge pull request #5353 from gstrauss/mbedtls_ssl_config_defaults-repeat 
Reset dhm_P and dhm_G if config call repeated; avoid memory leak
 2022-01-14 10:41:06 +01:00
Glenn Strauss
8f52690956 Add accessors for ciphersuite info 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-01-13 00:05:48 -05:00
Bence Szépkúti
08f34656cb Return the same error in multipart and single shot AEAD 
psa_aead_encrypt_setup() and psa_aead_decrypt_setup() were returning
PSA_ERROR_INVALID_ARGUMENT, while the same failed checks were producing
PSA_ERROR_NOT_SUPPORTED if they happened in psa_aead_encrypt() or
psa_aead_decrypt().

The PSA Crypto API 1.1 spec will specify PSA_ERROR_INVALID_ARGUMENT
in the case that the supplied algorithm is not an AEAD one.

Also move these shared checks to a helper function, to reduce code
duplication and ensure that the functions remain in sync.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2022-01-07 19:36:07 +01:00
Max Fillinger
8737ec2407 Add ChangeLog entry for md_info getter 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2021-12-28 16:53:40 +01:00
Glenn Strauss
cee11296aa Reset dhm_P and dhm_G if config call repeated 
Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated
to avoid leaking memory.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2021-12-20 20:24:56 -05:00
Archana
4a9e02632a
Review comments addressed 
* Updated the default argument to create less noise with argument
  passing.
* Reworded ChangeLog to match MbedTLS documentation/ announcement
  requirements

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-12-19 13:37:37 +05:30
Archana
21b20c72d3
Add Changelog and update documentation 
Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-12-19 10:35:15 +05:30
Ronald Cron
831cf48abf Assemble change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 09:02:38 +01:00
Ronald Cron
acf0df81f2 Add change log for #4842 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 09:02:02 +01:00
Ronald Cron
be252a0da9 Add change log for #4859 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 08:43:53 +01:00
Ronald Cron
7e1cb129e8 Add change log for #4514 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-15 08:41:32 +01:00
Ronald Cron
2a4344d1fa Add change log for #4883 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-14 18:11:45 +01:00
Dave Rodgman
a53779dba4 Add missing changelog for ARIA (#4959) 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-12-14 18:11:45 +01:00
Manuel Pégourié-Gonnard
28e3bcf6e1 Fix misleading ChangeLog entry formatting. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-12-14 18:11:45 +01:00
Manuel Pégourié-Gonnard
4e511ede90 Double-free goes under security, not bugfix. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-12-14 18:11:45 +01:00
Ronald Cron
8188d19b0e Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr 2021-12-14 10:58:18 +01:00
Gilles Peskine
32d2a58cc2
Merge pull request #5325 from gilles-peskine-arm/zeroize-tag-3.1 
Zeroize expected MAC/tag intermediate variables
 2021-12-13 19:09:30 +01:00
Gilles Peskine
a5c18512b9
Merge pull request #5155 from paul-elliott-arm/pcks12_fix 
Fixes for pkcs12 with NULL and/or zero length password
 2021-12-13 14:52:36 +01:00
Gilles Peskine
36d33f37b6 Generalize MAC zeroization changelog entry 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:43:11 +01:00
Dave Rodgman
050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac 
Check HMAC return values
 2021-12-13 10:51:27 +00:00