AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7,286 Commits 1 Branch 0 Tags 61 MiB
3d183cefb5
Commit Graph

7286 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simon Butcher
19c01efda1 Merge remote-tracking branch 'public/pr/1258' into development 2018-06-28 11:44:59 +01:00
Simon Butcher
fd0c240135 Merge remote-tracking branch 'public/pr/1793' into development 2018-06-28 11:25:16 +01:00
Ron Eldor
58093c8bec Add ECC extensions test in ssl-opts.sh 
Add test to verify if an ecc based extension exists
or not if an ecc based ciphersuite is used or not.
 2018-06-28 13:22:05 +03:00
Andrzej Kurek
05be06cc2d Make the C++ test mandatory by removing the --no-cxx flag from all.sh 
Remove the cmake test
 2018-06-28 05:10:51 -04:00
Andrzej Kurek
45a6719594 Add a CXX build to all.sh to execute the C++ dummy test by default 2018-06-28 05:10:02 -04:00
Andrzej Kurek
037ec4b416 Replace tabs with spaces 2018-06-28 05:07:08 -04:00
Andrzej Kurek
89c048c101 Tests: add a test for cpp linking 
Change the name of header_test to cpp_dumy_build
Update the test description to better reflect its contents
 2018-06-28 05:07:08 -04:00
Andrzej Kurek
0211c32c9a Change the cpp test to be optional 
Remove unnecessary defines from the test.
Test by defining TEST_CPP using makefiles or cmake.
 2018-06-28 05:07:08 -04:00
Andrzej Kurek
40741f8ce5 Add a test with a cpp executable including all mbed TLS headers 
In case of any problems with the 'extern "C"' directives,
building the executable will fail
 2018-06-28 05:05:40 -04:00
Ron Eldor
84e62f88a2 Update ChangeLog 
Update ChangeLog with a less ambigous description.
 2018-06-28 11:09:09 +03:00
Ron Eldor
d56654f987 Update the forum link in the README file 
Update the forum link in the readme file as well.
 2018-06-27 14:36:37 +03:00
Simon Butcher
6665b67ddf Merge remote-tracking branch 'public/pr/1390' into development 2018-06-27 10:51:47 +01:00
Simon Butcher
9fa21bffe6 Merge remote-tracking branch 'public/pr/1533' into development 2018-06-27 10:50:58 +01:00
Simon Butcher
95a1c1f8ab Merge remote-tracking branch 'public/pr/1617' into development 2018-06-27 10:49:59 +01:00
Ron Eldor
bf4709978c Adjust to new RSA infrastructure 
Don't access the rsa cotext parameters directly, but use
the local `mbedtls_mpi` variable that were exported.
 2018-06-27 11:51:46 +03:00
Ron Eldor
a522147f58 Fix compilation errors after updating 
Fix compilation errorsthat happened after new code introduced
by updating the branch. Replaced `exit` label with `cleanup`.
 2018-06-27 09:19:38 +03:00
Ron Eldor
49221234c8 Update the Mbed TLS forum link 
Update the link to the new Mbed TLS forum
 2018-06-26 16:48:46 +03:00
k-stachowiak
7972334090 Enable ARIA self test in the unit testing 2018-06-25 15:29:52 +02:00
niisato
164b9cd025 update ChangeLog 2018-06-25 20:47:14 +09:00
niisato
b7d39db047 update ChangeLog 2018-06-25 20:45:03 +09:00
niisato
99a3e80721 update change log. 2018-06-25 20:21:43 +09:00
niisato
15550854a3 add ChangeLog to this commit. 2018-06-25 20:07:48 +09:00
Nicholas Wilson
2682edf205 Fix build using -std=c99 
In each place where POSIX/GNU functions are used, the file must declare
that it wants POSIX functionality before including any system headers.
 2018-06-25 12:00:26 +01:00
Nicholas Wilson
512b4ee9c7 Use gmtime_r to fix thread-safety issue, and use mbedtls_time on Windows 2018-06-25 11:59:54 +01:00
niisato
8ee2422ef8 about a issue Replace "new" variable #1782 2018-06-25 19:05:48 +09:00
Manuel Pégourié-Gonnard
51d7cfe026 Fix coverity warnings in benchmark.c 
Functions time with TIME_AND_TSC() didn't have their return values checked.
I'm not sure whether Coverity complained about existing uses, but it did about
new ones, since we consistently check their return values everywhere but here,
which it rightfully finds suspicious.

So, let's check return values. This probably adds a few cycles to existing
loop overhead, but on my machine (x86_64) the added overhead is less than the
random-looking variation between various runs, so it's acceptable.

Some calls had their own particular error checking; remove that in favour of
the new general solution.
 2018-06-25 11:19:51 +02:00
Simon Butcher
6c34442c87 Add fix for #1550 and credit to the ChangeLog 2018-06-24 16:20:56 +01:00
Ron Eldor
6332e368cc Fix typo in ChangeLog 
Fix typo in ChangeLog discovered in PR review
 2018-06-24 16:59:56 +03:00
Ron Eldor
6fd941fe4b Remove unneeded namesapcing in header files 
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
 2018-06-24 16:56:47 +03:00
Ron Eldor
7a81426a1a Fix style issue 
Add space before and after paranthesis.
 2018-06-24 16:34:15 +03:00
Ron Eldor
6a9257bc57 Add check for return code of bignumber code 
Add check for return code of `mbedtls_mpi_write_file`
as commented by @sbutcher-arm
 2018-06-24 16:33:09 +03:00
Simon Butcher
5357164c99 Add ebx to the i386 clobber list for MPI assembly 
This fix adds the ebx register to the clobber list for the i386 inline assembly
for the multiply helper function.

ebx was used but not listed, so when the compiler chose to also use it, ebx was
getting corrupted. I'm surprised this wasn't spotted sooner.

Fixes Github issues #1550.
 2018-06-24 13:21:57 +01:00
Andres Amaya Garcia
bf7fe4f3f0 Replace check with APPLE with CMAKE_SYSTEM_NAME 2018-06-21 20:21:38 +01:00
Andres Amaya Garcia
5b92352374 Document ssl_write_real() behaviour in detail 2018-06-21 19:23:21 +01:00
Andres Amaya Garcia
7ee25d770d Allow 0 as a valid ret value for mbedtls_ssl_write 
This patch modifies the documentation for mbedtls_ssl_write() to allow
0 as a valid return value as this is the correct number of bytes that
should be returned when an empty TLS Application record is sent.
 2018-06-21 19:23:21 +01:00
Andres Amaya Garcia
a562c26300 Add ChangeLog entry for mbedtls_ssl_write() docs 2018-06-21 19:14:49 +01:00
Ron Eldor
3f38cf7c7b Add entry in ChangeLog 
Add an entry in the ChangeLog, describing the fix.
 2018-06-21 16:40:24 +03:00
Ron Eldor
755bb6af5f Add ecc extensions only if ecc ciphersuite is used 
Fix compliancy to RFC4492. ECC extensions should be included
only if ec ciphersuites are used. Interoperability issue with
bouncy castle. #1157
 2018-06-21 16:35:26 +03:00
Andres Amaya Garcia
e3402ce44f Enable APPLE_BUILD in makefile if using system ar 2018-06-20 10:43:21 +01:00
Andres Amaya Garcia
7994766581 Fix usage of if_build_succeeded in all.sh zeroize test 2018-06-20 09:34:54 +01:00
Philippe Antoine
21f73b57ed Coding style 
Commit to be squashed
 2018-06-20 08:13:24 +02:00
Andres Amaya Garcia
c51d613eac Ensure crosscompiling with make works in Mac OS X 2018-06-19 17:25:42 +01:00
Manuel Pégourié-Gonnard
e12f0acc4c Adapt buffer size for minimal CCM config 
This is useful for testing interop with GnuTLS, which sends records larger
than 512 bytes.

This change is triggered by the addition of CCM interop testing with GnuTLS a
few commits ago.
 2018-06-19 14:54:11 +02:00
Manuel Pégourié-Gonnard
1f092b40a6 Add ChangeLog entry for ChachaPoly ciphersuites 
fixes #346
 2018-06-19 13:16:45 +02:00
Manuel Pégourié-Gonnard
9fece7ee91 Add ChachaPoly ciphersuites to compat.sh 
This is disabled by default since it requires OpenSSL >= 1.1.0 and the current
default version on the CI is 1.0.2. However, the CI also has 1.1.1-rc which
can be used for this.
 2018-06-19 13:16:30 +02:00
Manuel Pégourié-Gonnard
2e58e8ee34 Implement ChachaPoly mode in TLS 2018-06-19 12:12:47 +02:00
Manuel Pégourié-Gonnard
c36b432108 Add GnuTLS interop for CCM(-8) ciphersuites 
I'm going to touch the GCM/CCM/CCM-8 code in the next commit, and so far we
didn't have any interop testing for CCM/CCM-8.

Our standard development/testing environment currently has GnuTLS 3.4.10, and
fortunately support for CCM/CCM-8 was introduced in GnuTLS 3.4.0

Support in OpenSSL was introduced in 1.1.0 which is not yet the default
version in the CI.
 2018-06-19 12:12:47 +02:00
Manuel Pégourié-Gonnard
ce66d5e8e1 Declare ChaCha-Poly ciphersuites 
Prefer them over AES-GCM as they have better performance and fewer side
channel considerations in software implementations.
 2018-06-19 12:11:38 +02:00
Manuel Pégourié-Gonnard
f57bf8b467 Define specific mode for ChachaPoly 
The TLS layer is checking for mode, such as GCM, CCM, CBC, STREAM. ChachaPoly
needs to have its own mode, even if it's used just one cipher, in order to
allow consistent handling of mode in the TLS layer.
 2018-06-19 11:32:48 +02:00
Manuel Pégourié-Gonnard
a18034a8e2 Adjust to added fields in cipher_base_t 
This is a follow-up to the previous merge commit: two fields were added in the
merged development branch
 2018-06-19 11:32:01 +02:00