Commit Graph

1699 Commits

Author SHA1 Message Date
Hanno Becker
170e2d89da Merge branch 'iotssl-165-dtls-hs-fragmentation-new' into datagram_packing 2018-08-22 09:44:54 +01:00
Hanno Becker
5e863e02ac Adapt ChangeLog 2018-08-21 17:52:45 +01:00
Hanno Becker
903ee3d363 Merge branch 'datagram_packing' into message_reordering 2018-08-21 17:24:17 +01:00
Nir Sonnenschein
04354b0796 add ChangeLog entry 2018-08-21 17:53:38 +03:00
Manuel Pégourié-Gonnard
f2f1d40d6d Improve wording in ChangeLog and documentation 2018-08-21 09:53:22 +02:00
Hanno Becker
6aeaa05a95 Merge branch 'iotssl-165-dtls-hs-fragmentation-new' into datagram_packing 2018-08-20 12:53:37 +01:00
Manuel Pégourié-Gonnard
6e7aaca146 Move MTU setting to SSL context, not config
This setting belongs to the individual connection, not to a configuration
shared by many connections. (If a default value is desired, that can be handled
by the application code that calls mbedtls_ssl_set_mtu().)

There are at least two ways in which this matters:
- per-connection settings can be adjusted if MTU estimates become available
  during the lifetime of the connection
- it is at least conceivable that a server might recognize restricted clients
  based on range of IPs and immediately set a lower MTU for them. This is much
easier to do with a per-connection setting than by maintaining multiple
near-duplicated ssl_config objects that differ only by the MTU setting.
2018-08-20 10:37:23 +02:00
Ron Eldor
34b03ef78f Remove redundant else statement
Remove `else` statement, as it is redundant. resolves #1776
2018-08-20 10:39:27 +03:00
Hanno Becker
f103542c3d Adapt ChangeLog 2018-08-17 16:52:08 +01:00
Hanno Becker
d87a59cc36 Adapt ChangeLog 2018-08-17 15:51:24 +01:00
Jaeden Amero
141e767fa9 Merge remote-tracking branch 'upstream-public/pr/1942' into development
Resolve conflicts in ChangeLog
2018-08-17 14:26:51 +01:00
Manuel Pégourié-Gonnard
3879fdfece Merge remote-tracking branch 'public/pr/1955' into iotssl-165-dtls-hs-fragmentation-new
* public/pr/1955:
  Adapt ChangeLog
  Fix overly strict bounds check in ssl_parse_certificate_request()
2018-08-17 10:49:47 +02:00
Hanno Becker
eb2b15accd Improve ChangeLog wording for the commmit that Fixes #1954. 2018-08-17 09:47:22 +01:00
Andres Amaya Garcia
a7b9f15f27 Add ChangeLog entry for configurable gmtime() in platform 2018-08-16 21:46:35 +01:00
Hanno Becker
ad0fe92fb6 Adapt ChangeLog 2018-08-16 15:52:22 +01:00
Manuel Pégourié-Gonnard
637e234d9f Merge remote-tracking branch 'public/pr/1915' into iotssl-165-dtls-hs-fragmentation-new
* public/pr/1915:
  Adapt ChangeLog
  Fix mbedtls_ssl_get_record_expansion() for ChaChaPoly and CBC
2018-08-16 10:01:21 +02:00
Manuel Pégourié-Gonnard
0b1d9b2c75 Declare ssl_conf_mtu() 2018-08-16 10:01:10 +02:00
Manuel Pégourié-Gonnard
01ec4af023 Add ChangeLog entry 2018-08-16 10:01:10 +02:00
Janos Follath
08a4aebc46 HKDF: Add warning to partial functions
The standard HKDF security guarantees only hold if `mbedtls_hkdf()` is
used or if `mbedtls_hkdf_extract()` and `mbedtls_hkdf_expand()` are
called in succession carefully and an equivalent way.

Making `mbedtls_hkdf_extract()` and `mbedtls_hkdf_expand()` static would
prevent any misuse, but doing so would require the TLS 1.3 stack to
break abstraction and bypass the module API.

To reduce the risk of misuse we add warnings to the function
descriptions.
2018-08-14 16:08:38 +01:00
Hanno Becker
9dc3be7601 Improve wording in ChangeLog 2018-08-14 15:22:05 +01:00
Hanno Becker
361f254eab Adapt ChangeLog 2018-08-13 16:36:58 +01:00
Ron Eldor
d1a4762adb Use mbedtls_printf instead of printf
Replace usages of `printf()` with `mbedtls_printf()` in `aria.c`
which were accidently merged. Fixes #1908
2018-08-13 13:49:52 +03:00
Jaeden Amero
d8f41698d2 Merge remote-tracking branch 'upstream-public/pr/1598' into development
Add a Changelog entry
2018-08-10 11:23:15 +01:00
Jaeden Amero
03bd4847b3 Merge remote-tracking branch 'upstream-public/pr/1861' into development
Add Changelog entry
2018-08-10 11:17:14 +01:00
Jaeden Amero
cac0c1a250 Merge remote-tracking branch 'upstream-public/pr/1378' into development 2018-08-10 10:59:53 +01:00
Jaeden Amero
372b50b252 Add a ChangeLog entry for #1816 2018-08-10 10:56:31 +01:00
Jaeden Amero
f48163a960 Merge remote-tracking branch 'upstream-public/pr/1834' into development 2018-08-10 10:49:10 +01:00
Andres Amaya Garcia
824dfb34b4 Add ChangeLog entry for use of gmtime 2018-08-07 20:29:57 +01:00
Hanno Becker
448146407f Adapt ChangeLog 2018-08-03 10:07:39 +01:00
Simon Butcher
b363382ba4 Add ChangeLog entry for bug #1890 2018-07-30 22:10:48 +01:00
Angus Gratton
608a487b9c Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can
happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but
hasn't been asigned to grp->T yet).

Symptom was a memory leak in ECDHE key exchange under low memory conditions.
2018-07-27 09:15:34 +10:00
Simon Butcher
6c34268e20 Merge remote-tracking branch 'restricted/pr/501' into development-restricted 2018-07-26 14:24:56 +01:00
Simon Butcher
f11a7cda73 Clarify Changelog entries
Corrected the Changelog to move an entry in the wrong place after a merge, some
entries which were Changes not bugfixes, and corrected style issues.
2018-07-25 17:29:59 +01:00
Jaeden Amero
193c86425e Update version to 2.12.0 2018-07-25 15:42:26 +01:00
Simon Butcher
37b9fd5df6 Merge remote-tracking branch 'restricted/pr/490' into development 2018-07-24 23:40:37 +01:00
Simon Butcher
2c92949e0a Merge remote-tracking branch 'public/pr/1198' into development 2018-07-24 17:20:17 +01:00
Simon Butcher
c88c627fba Merge remote-tracking branch 'public/pr/1658' into development 2018-07-24 17:19:10 +01:00
Ron Eldor
9cf0d53adc Add ChangeLog
Add entry in ChangeLog for the Key Wrapping feature.
2018-07-24 16:43:20 +01:00
Simon Butcher
ccb43df37e Merge remote-tracking branch 'public/pr/927' into development 2018-07-24 13:06:54 +01:00
Simon Butcher
dad05b7fc9 Merge remote-tracking branch 'public/pr/1844' into development 2018-07-24 13:05:09 +01:00
Simon Butcher
05330541ea Revise ChangeLog entry for empty data records fixes 2018-07-24 12:54:15 +01:00
Simon Butcher
116ac43d00 Merge remote-tracking branch 'public/pr/1852' into development 2018-07-24 12:18:59 +01:00
Simon Butcher
fced1f2fb3 Merge remote-tracking branch 'public/pr/1854' into development 2018-07-24 10:26:46 +01:00
Simon Butcher
ecb635efca Add ChangeLog entry for #1098 fix. 2018-07-24 10:03:41 +01:00
Brian J Murray
4736e96568 add myself to changelog 2018-07-23 10:34:47 -07:00
Ron Eldor
4e64e0b922 Fix after PR comments
1. Don't set IV onECB
2. Fix style issues
3. reduce number of tests
2018-07-23 18:18:32 +01:00
Ron Eldor
7b01244b99 Add tests for mbedtls_cipher_crypt API
1. Add tests for 'mbedtls_cipher_crypt()' API
2. Resolves #1091, by ignoring IV when the cipher mode is MBEDTLS_MODE_ECB
2018-07-23 18:02:09 +01:00
Andres Amaya Garcia
81f0633c16 Add ChangeLog entry for empty app data fix 2018-07-20 23:09:29 +01:00
Angus Gratton
1a7a17e548 Check for invalid short Alert messages
(Short Change Cipher Spec & Handshake messages are already checked for.)
2018-07-20 23:09:29 +01:00
Angus Gratton
b512bc1d29 CBC mode: Allow zero-length message fragments (100% padding)
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
2018-07-20 23:09:29 +01:00
Simon Butcher
922bd1efb2 Merge remote-tracking branch 'public/pr/1752' into development 2018-07-20 14:33:18 +01:00
Simon Butcher
862e703d51 Merge remote-tracking branch 'public/pr/921' into development 2018-07-20 14:30:50 +01:00
Simon Butcher
4f37bcabf9 Fix ChangeLog entry for issue #1663
The ChangeLog entry was under the wrong version, and under Changes, not
BugFixes.
2018-07-19 19:52:32 +01:00
Simon Butcher
df15356259 Merge remote-tracking branch 'public/pr/1663' into development 2018-07-19 19:48:10 +01:00
Simon Butcher
a72098b4d6 Merge remote-tracking branch 'public/pr/1778' into development 2018-07-19 16:10:38 +01:00
k-stachowiak
6ca436a457 Update change log 2018-07-16 12:20:10 +02:00
Manuel Pégourié-Gonnard
830ce11eba Clarify attack conditions in the ChangeLog.
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
2018-07-11 18:27:08 +02:00
k-stachowiak
21feae58cb Update change log 2018-07-11 17:34:55 +02:00
Gilles Peskine
604ccc6608 Add ChangeLog entry 2018-07-10 16:50:33 +02:00
Simon Butcher
00af447ba8 Add ChangeLog entry for PR #536 2018-07-10 15:35:43 +01:00
Simon Butcher
32b074720e Merge remote-tracking branch 'public/pr/1737' into development 2018-07-10 14:57:50 +01:00
Simon Butcher
cdbb2f2168 Merge remote-tracking branch 'public/pr/1563' into development 2018-07-10 12:49:26 +01:00
Simon Butcher
231d7e5669 Add ChangeLog entry for PR #1567.
ChangeLog entry for platform support for the Haiku OS. PR #1567.
2018-07-10 11:56:19 +01:00
Simon Butcher
6331cb0607 Fix some whitespace issues in ChangeLog and CMakeLists.txt
Stray tab in library/CMakeLists.txt and incorrect formatting in ChangeLog.
2018-07-10 11:48:42 +01:00
Manuel Pégourié-Gonnard
7b42030b5d Add counter-measure to cache-based Lucky 13
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.

A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).

Let's make sure they're always read.
2018-07-05 14:44:49 +02:00
Ron Eldor
636179a277 Fix typo
Fix typo in ChangeLog entry.
2018-07-05 14:33:54 +03:00
Ron Eldor
278af4536c Fix hmac_drbg failure in benchmark, with threading
Remove redunadnat calls to `hmac_drbg_free()` between seeding operations,
which make the mutex invalid. Fixes #1095
2018-07-05 14:33:22 +03:00
Manuel Pégourié-Gonnard
1cc1fb0599 Fix Lucky 13 cache attack on MD/SHA padding
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
2018-07-05 10:47:00 +02:00
Ron Eldor
382c1db6c0 Minor fixes
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
2018-07-04 17:42:47 +03:00
Ron Eldor
5ffc220f16 Documentation error in mbedtls_ssl_get_session
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
2018-07-03 16:04:41 +03:00
Simon Butcher
05fa46e6b7 Add ChangeLog entry for #992 fix 2018-07-02 12:08:32 +01:00
Manuel Pégourié-Gonnard
823c915e59 Fix mis-merged ChangeLog 2018-07-02 12:05:49 +02:00
Ron Eldor
da2a31237e Add entry in ChangeLog
Add entry in ChangeLog for compilation error fix of #1719
2018-07-01 10:22:53 +03:00
Gilles Peskine
104d85865d Add ChangeLog entry 2018-06-28 17:36:02 +02:00
Simon Butcher
1ab9b57148 Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse() 2018-06-28 12:13:14 +01:00
Simon Butcher
4b6b08e7d2 Merge remote-tracking branch 'public/pr/1006' into development 2018-06-28 12:08:59 +01:00
Simon Butcher
1d97cab5f5 Merge remote-tracking branch 'public/pr/1645' into development 2018-06-28 12:06:16 +01:00
Simon Butcher
bea00bd89c Merge remote-tracking branch 'public/pr/1783' into development 2018-06-28 12:04:19 +01:00
Simon Butcher
9e02b973f1 Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1 2018-06-28 11:59:15 +01:00
Ron Eldor
84e62f88a2 Update ChangeLog
Update ChangeLog with a less ambigous description.
2018-06-28 11:09:09 +03:00
Simon Butcher
9fa21bffe6 Merge remote-tracking branch 'public/pr/1533' into development 2018-06-27 10:50:58 +01:00
Simon Butcher
95a1c1f8ab Merge remote-tracking branch 'public/pr/1617' into development 2018-06-27 10:49:59 +01:00
niisato
164b9cd025 update ChangeLog 2018-06-25 20:47:14 +09:00
niisato
b7d39db047 update ChangeLog 2018-06-25 20:45:03 +09:00
niisato
99a3e80721 update change log. 2018-06-25 20:21:43 +09:00
niisato
15550854a3 add ChangeLog to this commit. 2018-06-25 20:07:48 +09:00
Nicholas Wilson
2682edf205 Fix build using -std=c99
In each place where POSIX/GNU functions are used, the file must declare
that it wants POSIX functionality before including any system headers.
2018-06-25 12:00:26 +01:00
Nicholas Wilson
512b4ee9c7 Use gmtime_r to fix thread-safety issue, and use mbedtls_time on Windows 2018-06-25 11:59:54 +01:00
Simon Butcher
6c34442c87 Add fix for #1550 and credit to the ChangeLog 2018-06-24 16:20:56 +01:00
Ron Eldor
6332e368cc Fix typo in ChangeLog
Fix typo in ChangeLog discovered in PR review
2018-06-24 16:59:56 +03:00
Ron Eldor
6fd941fe4b Remove unneeded namesapcing in header files
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
2018-06-24 16:56:47 +03:00
Andres Amaya Garcia
a562c26300 Add ChangeLog entry for mbedtls_ssl_write() docs 2018-06-21 19:14:49 +01:00
Ron Eldor
3f38cf7c7b Add entry in ChangeLog
Add an entry in the ChangeLog, describing the fix.
2018-06-21 16:40:24 +03:00
Manuel Pégourié-Gonnard
79d9b50421 Merge branch 'development' into iotssl-1260-non-blocking-ecc-restricted
* development: (180 commits)
  Change the library version to 2.11.0
  Fix version in ChangeLog for fix for #552
  Add ChangeLog entry for clang version fix. Issue #1072
  Compilation warning fixes on 32b platfrom with IAR
  Revert "Turn on MBEDTLS_SSL_ASYNC_PRIVATE by default"
  Fix for missing len var when XTS config'd and CTR not
  ssl_server2: handle mbedtls_x509_dn_gets failure
  Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms
  SSL async tests: add a few test cases for error in decrypt
  Fix memory leak in ssl_server2 with SNI + async callback
  SNI + SSL async callback: make all keys async
  ssl_async_resume: free the operation context on error
  ssl_server2: get op_name from context in ssl_async_resume as well
  Clarify "as directed here" in SSL async callback documentation
  SSL async callbacks documentation: clarify resource cleanup
  Async callback: use mbedtls_pk_check_pair to compare keys
  Rename mbedtls_ssl_async_{get,set}_data for clarity
  Fix copypasta in the async callback documentation
  SSL async callback: cert is not always from mbedtls_ssl_conf_own_cert
  ssl_async_set_key: detect if ctx->slots overflows
  ...
2018-06-20 09:46:17 +02:00
Manuel Pégourié-Gonnard
1f092b40a6 Add ChangeLog entry for ChachaPoly ciphersuites
fixes #346
2018-06-19 13:16:45 +02:00
Manuel Pégourié-Gonnard
0dadba2b58 Merge branch 'development' into iotssl-2257-chacha-poly-primitives
* development: (182 commits)
  Change the library version to 2.11.0
  Fix version in ChangeLog for fix for #552
  Add ChangeLog entry for clang version fix. Issue #1072
  Compilation warning fixes on 32b platfrom with IAR
  Revert "Turn on MBEDTLS_SSL_ASYNC_PRIVATE by default"
  Fix for missing len var when XTS config'd and CTR not
  ssl_server2: handle mbedtls_x509_dn_gets failure
  Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms
  SSL async tests: add a few test cases for error in decrypt
  Fix memory leak in ssl_server2 with SNI + async callback
  SNI + SSL async callback: make all keys async
  ssl_async_resume: free the operation context on error
  ssl_server2: get op_name from context in ssl_async_resume as well
  Clarify "as directed here" in SSL async callback documentation
  SSL async callbacks documentation: clarify resource cleanup
  Async callback: use mbedtls_pk_check_pair to compare keys
  Rename mbedtls_ssl_async_{get,set}_data for clarity
  Fix copypasta in the async callback documentation
  SSL async callback: cert is not always from mbedtls_ssl_conf_own_cert
  ssl_async_set_key: detect if ctx->slots overflows
  ...
2018-06-19 11:13:50 +02:00
Simon Butcher
2fcd3e4441 Change the library version to 2.11.0
* Change the Mbed TLS library version to 2.11.0
 * Increase the soversion of libmbedcrypto
 * Increase the soversion of libmbedtls
2018-06-18 14:39:06 +01:00
Simon Butcher
925568a595 Fix version in ChangeLog for fix for #552 2018-06-18 11:54:44 +01:00
Simon Butcher
b6a5bffc4b Add ChangeLog entry for clang version fix. Issue #1072 2018-06-18 11:51:36 +01:00
Simon Butcher
600c5e6d20 Compilation warning fixes on 32b platfrom with IAR
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683

This is based on work by Ron Eldor in PR #750, some of which was independently
fixed by Azim Khan and already merged in PR #1646.
2018-06-17 17:24:56 +01:00
Simon Butcher
5f57f1e3cc Merge remote-tracking branch 'public/pr/1270' into development 2018-06-15 14:17:31 +01:00
Simon Butcher
675590519a Merge remote-tracking branch 'public/pr/1602' into development 2018-06-15 14:13:14 +01:00
Simon Butcher
6ac1cf6f5f Merge remote-tracking branch 'public/pr/1182' into development 2018-06-14 10:33:29 +01:00
Simon Butcher
e5cd86874e Add ChangeLog entry for PR #1555
Adds ChangeLog entry for PR #1555, 'Only redefine _WIN32_WINNT macro when <
0x0501'
2018-06-14 10:30:19 +01:00
Jaeden Amero
f4474e79ef ChangeLog: Add an entry for AES-XTS 2018-06-13 12:14:41 +01:00
Manuel Pégourié-Gonnard
da19f4c79f Merge branch 'development' into iotssl-1260-non-blocking-ecc-restricted
Summary of merge conflicts:

include/mbedtls/ecdh.h -> documentation style
include/mbedtls/ecdsa.h -> documentation style
include/mbedtls/ecp.h -> alt style, new error codes, documentation style
include/mbedtls/error.h -> new error codes
library/error.c -> new error codes (generated anyway)
library/ecp.c:
    - code of an extracted function was changed
library/ssl_cli.c:
    - code addition on one side near code change on the other side
      (ciphersuite validation)
library/x509_crt.c -> various things
    - top fo file: helper structure added near old zeroize removed
    - documentation of find_parent_in()'s signature: improved on one side,
      added arguments on the other side
    - documentation of find_parent()'s signature: same as above
    - verify_chain(): variables initialised later to give compiler an
      opportunity to warn us if not initialised on a code path
    - find_parent(): funcion structure completely changed, for some reason git
      tried to insert a paragraph of the old structure...
    - merge_flags_with_cb(): data structure changed, one line was fixed with a
      cast to keep MSVC happy, this cast is already in the new version
    - in verify_restratable(): adjacent independent changes (function
      signature on one line, variable type on the next)
programs/ssl/ssl_client2.c:
    - testing for IN_PROGRESS return code near idle() (event-driven):
      don't wait for data in the the socket if ECP_IN_PROGRESS
tests/data_files/Makefile: adjacent independent additions
tests/suites/test_suite_ecdsa.data: adjacent independent additions
tests/suites/test_suite_x509parse.data: adjacent independent additions

* development: (1059 commits)
  Change symlink to hardlink to avoid permission issues
  Fix out-of-tree testing symlinks on Windows
  Updated version number to 2.10.0 for release
  Add a disabled CMAC define in the no-entropy configuration
  Adapt the ARIA test cases for new ECB function
  Fix file permissions for ssl.h
  Add ChangeLog entry for PR#1651
  Fix MicroBlaze register typo.
  Fix typo in doc and copy missing warning
  Fix edit mistake in cipher_wrap.c
  Update CTR doc for the 64-bit block cipher
  Update CTR doc for other 128-bit block ciphers
  Slightly tune ARIA CTR documentation
  Remove double declaration of mbedtls_ssl_list_ciphersuites
  Update CTR documentation
  Use zeroize function from new platform_util
  Move to new header style for ALT implementations
  Add ifdef for selftest in header file
  Fix typo in comments
  Use more appropriate type for local variable
  ...
2018-06-13 09:52:54 +02:00
Simon Butcher
4ed3880a10 Fix ChangeLog whitespace errors and add entry for PR #1646
PR #1646 is a change to the behaviour of the CMake files therefore should be
recorded in the Changelog.
2018-06-12 17:35:06 +01:00
Simon Butcher
f3987b3b24 Add ChangeLog entry for CCM*
CCM* in PR #1667 is a feature and a functional enhancement and was missing a
ChangeLog entry.
2018-06-12 17:07:43 +01:00
Simon Butcher
601144e199 Add entry to ChangeLog for PR #795
PR #795 fixes issue #777, 'check matching issuer crt and key for all algs' and
needs a ChangeLog entry
2018-06-12 17:04:58 +01:00
Darryl Green
b11de306c4 Fix braces in mbedtls_memory_buffer_alloc_status() 2018-06-12 16:56:04 +01:00
Simon Butcher
c7638fab29 Fix ChangeLog entry after merge of HKDF
Fix Changelog entry for the next version of Mbed TLS after merge of HKDF PR,
2018-06-12 16:54:02 +01:00
Simon Butcher
e47d6fd97e Merge remote-tracking branch 'public/pr/1497' into development 2018-06-12 16:53:04 +01:00
Simon Butcher
ebe23ed738 Fix up the ChangeLog for the new version
Fix the ChangeLog for the next version of Mbed TLS following merge of PR #1593.
2018-06-12 16:46:45 +01:00
Simon Butcher
8c0fd1e881 Add cipher abstraction and test cases for OFB block mode
Adds OFB as additional block mode in the cipher abstraction, and additional
test cases for that block mode.
2018-06-11 14:03:22 +01:00
Jaeden Amero
798363e4dc Add ChangeLog entry for HKDF 2018-06-11 13:10:14 +01:00
Manuel Pégourié-Gonnard
39b1904b9f Merge branch 'development' into iotssl-2257-chacha-poly-primitives
* development: (97 commits)
  Updated version number to 2.10.0 for release
  Add a disabled CMAC define in the no-entropy configuration
  Adapt the ARIA test cases for new ECB function
  Fix file permissions for ssl.h
  Add ChangeLog entry for PR#1651
  Fix MicroBlaze register typo.
  Fix typo in doc and copy missing warning
  Fix edit mistake in cipher_wrap.c
  Update CTR doc for the 64-bit block cipher
  Update CTR doc for other 128-bit block ciphers
  Slightly tune ARIA CTR documentation
  Remove double declaration of mbedtls_ssl_list_ciphersuites
  Update CTR documentation
  Use zeroize function from new platform_util
  Move to new header style for ALT implementations
  Add ifdef for selftest in header file
  Fix typo in comments
  Use more appropriate type for local variable
  Remove useless parameter from function
  Wipe sensitive info from the stack
  ...
2018-06-07 12:02:55 +02:00
Simon Butcher
d5a09f1e68 Updated version number to 2.10.0 for release 2018-06-06 14:52:00 +01:00
Philippe Antoine
b5b254300e Fix undefined shifts
- in x509_profile_check_pk_alg
- in x509_profile_check_md_alg
- in x509_profile_check_key

and in ssl_cli.c : unsigned char gets promoted to signed integer
2018-06-06 14:27:12 +02:00
Philippe Antoine
747fd53938 Fixes different off by ones 2018-06-05 16:13:10 +02:00
Simon Butcher
2041a31ca8 Merge remote-tracking branch 'public/pr/1402' into development 2018-06-01 19:27:23 +01:00
Simon Butcher
246cb05a92 Merge remote-tracking branch 'public/pr/1410' into development 2018-06-01 19:25:56 +01:00
Simon Butcher
b02f7893f6 Merge remote-tracking branch 'public/pr/1470' into development 2018-06-01 19:20:25 +01:00
Simon Butcher
d72700a8ed Add ChangeLog entry for PR#1651 2018-06-01 19:11:55 +01:00
Manuel Pégourié-Gonnard
ce8314f5f0 Add ChangeLog entry for new features.
Fixes #346
2018-05-24 13:37:31 +02:00
Moran Peker
a64fba41fb Remove double declaration of mbedtls_ssl_list_ciphersuites
Raised by TrinityTonic. #1359
2018-05-23 18:13:05 +01:00
Andres Amaya Garcia
8c754218c5 Add no symbols warning fix to ChangeLog 2018-05-23 09:26:08 +01:00
Manuel Pégourié-Gonnard
a3712beb9b Merge branch 'development' into iotssl-1941-aria-ciphersuites
* development: (504 commits)
  Fix minor code style issues
  Add the uodate to the soversion to the ChangeLog
  Fix the ChangeLog for clarity, english and credit
  Update version to 2.9.0
  ecp: Fix binary compatibility with group ID
  Changelog entry
  Change accepted ciphersuite versions when parsing server hello
  Remove preprocessor directives around platform_util.h include
  Fix style for mbedtls_mpi_zeroize()
  Improve mbedtls_platform_zeroize() docs
  mbedtls_zeroize -> mbedtls_platform_zeroize in docs
  Reword config.h docs for MBEDTLS_PLATFORM_ZEROIZE_ALT
  Organize CMakeLists targets in alphabetical order
  Organize output objs in alfabetical order in Makefile
  Regenerate errors after ecp.h updates
  Update ecp.h
  Change variable bytes_written to header_bytes in record decompression
  Update ecp.h
  Update ecp.h
  Update ecp.h
  ...
2018-05-22 15:58:50 +02:00
Ron Eldor
fa8f635ead Add MBEDTLS_SELF_TEST check in header files
Add the `MBEDTLS_SELF_TEST` precompilation surrounding the self test functions,
which were missing this check in the header files. ( most of the header files were missing this check).
Addresses issue #971
2018-05-21 18:40:10 +03:00
Darryl Green
11999bb72e Fix minor code style issues 2018-05-15 09:21:57 +01:00
Simon Butcher
3efa8889b7 Update ChangeLog with dtls sample IPv6 change 2018-05-12 20:28:56 +01:00
Jaeden Amero
a331e0f0af Merge remote-tracking branch 'upstream-restricted/pr/421' into development-proposed 2018-05-04 14:39:24 +01:00
Simon Butcher
e6a2a1aa97 Add the uodate to the soversion to the ChangeLog 2018-05-01 14:02:24 +01:00
Jaeden Amero
78d2f7d5df Merge remote-tracking branch 'upstream-restricted/pr/478' into development-restricted 2018-04-30 17:37:42 +01:00
Simon Butcher
b03120ad41 Fix the ChangeLog for clarity, english and credit 2018-04-30 17:13:42 +01:00
Jaeden Amero
7d7bad6b1f Update version to 2.9.0
Bump SOVERSION for parity with 2.7.2 and 2.7.3.
2018-04-30 09:58:33 +01:00
Jaeden Amero
c64a300027 Merge remote-tracking branch 'upstream-restricted/pr/471' into development-restricted-proposed
Remove trailing whitespace in ChangeLog.
2018-04-26 09:06:33 +01:00
Jaeden Amero
bd05dfd49f Merge branch 'development-proposed' into development-restricted-proposed
Resolve conflicts in ChangeLog
2018-04-26 09:03:03 +01:00
Gilles Peskine
b44692f126 Merge branch 'mbedtls_ssl_get_key_exchange_md_ssl_tls-return_hashlen' into tls_async_server-2.9
Conflict resolution:
* ChangeLog: put the new entry from my branch in the proper place.
* include/mbedtls/error.h: counted high-level module error codes again.
* include/mbedtls/ssl.h: picked different numeric codes for the
  concurrently added errors; made the new error a full sentence per
  current standards.
* library/error.c: ran scripts/generate_errors.pl.
* library/ssl_srv.c:
    * ssl_prepare_server_key_exchange "DHE key exchanges": the conflict
      was due to style corrections in development
      (4cb1f4d49c) which I merged with
      my refactoring.
    * ssl_prepare_server_key_exchange "For key exchanges involving the
      server signing", first case, variable declarations: merged line
      by line:
        * dig_signed_len: added in async
        * signature_len: removed in async
        * hashlen: type changed to size_t in development
        * hash: size changed to MBEDTLS_MD_MAX_SIZE in async
        * ret: added in async
    * ssl_prepare_server_key_exchange "For key exchanges involving the
      server signing", first cae comment: the conflict was due to style
      corrections in development (4cb1f4d49c)
      which I merged with my comment changes made as part of refactoring
      the function.
    * ssl_prepare_server_key_exchange "Compute the hash to be signed" if
      `md_alg != MBEDTLS_MD_NONE`: conflict between
      ebd652fe2d
      "ssl_write_server_key_exchange: calculate hashlen explicitly" and
      46f5a3e9b4 "Check return codes from
      MD in ssl code". I took the code from commit
      ca1d742904 made on top of development
      which makes mbedtls_ssl_get_key_exchange_md_ssl_tls return the
      hash length.
* programs/ssl/ssl_server2.c: multiple conflicts between the introduction
  of MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS and new auxiliary functions and
  definitions for async support, and the introduction of idle().
    * definitions before main: concurrent additions, kept both.
    * main, just after `handshake:`: in the loop around
      mbedtls_ssl_handshake(), merge the addition of support for
      MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS and SSL_ASYNC_INJECT_ERROR_CANCEL
      with the addition of the idle() call.
    * main, if `opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM`: take the
      code from development and add a check for
      MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS.
    * main, loop around mbedtls_ssl_read() in the datagram case:
      take the code from development and add a check for
      MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; revert to a do...while loop.
    * main, loop around mbedtls_ssl_write() in the datagram case:
      take the code from development and add a check for
      MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; revert to a do...while loop.
2018-04-26 10:00:27 +02:00
Jaeden Amero
84a1107818 Merge remote-tracking branch 'upstream-public/pr/1592' into development-proposed 2018-04-25 14:22:12 +01:00
Jaeden Amero
38c42d5afa Merge remote-tracking branch 'upstream-public/pr/1570' into development-proposed
Resolve merge conflict in ChangeLog.
2018-04-25 14:20:08 +01:00
Andrzej Kurek
b7a18c0498 Changelog entry 2018-04-25 05:25:30 -04:00
Gilles Peskine
0329d72ad4 SSL asynchronous decryption (server side): update ChangeLog 2018-04-24 09:36:37 +02:00
Gilles Peskine
e630aed5ae SSL asynchronous signature: ChangeLog entry 2018-04-24 09:36:36 +02:00
Mohammad Azim Khan
1d3b508b82 Same ciphersuite validation in server and client hello 2018-04-20 18:54:18 +01:00
Andrzej Kurek
5462e02874 ssl_tls: Fix invalid buffer sizes during compression / decompression
Adjust information passed to zlib to include already written data.
2018-04-20 07:58:53 -04:00
Gilles Peskine
5450d1f597 Merge branch 'crypto_alt_revision' into development-restricted-proposed 2018-04-19 21:02:40 +02:00
Gilles Peskine
81021ca2da Improve ChangeLog entry 2018-04-19 20:59:06 +02:00
Gilles Peskine
f2b76cd45c Merge remote-tracking branch 'upstream-restricted/pr/461' into development-restricted-proposed 2018-04-19 17:41:39 +02:00
Andres Amaya Garcia
1962405be1 Justify moving zeroize() to utils in ChangeLog 2018-04-17 09:21:49 -05:00
Andres Amaya Garcia
9a65b1de2a Add utils.h ChangeLog entry 2018-04-17 09:17:38 -05:00
Andrzej Kurek
aca09c7026 Changelog entry
Describing platform teardown and setup calls in test suites
2018-04-13 05:18:08 -04:00
Jethro Beekman
cb122373f0 Update ChangeLog for #1380 2018-04-11 08:40:38 -07:00
Ron Eldor
bf027e736a Minor modifications after PR review
1. Move ChangLog entry to correct location
2. Move point formats outside the ECP_ALT check, as it's part of the RFC
2018-04-09 15:51:19 +03:00
fbrosson
533407a266 Use "#!/usr/bin/env perl" as shebang line. 2018-04-04 21:44:29 +00:00
Gilles Peskine
80aa3b8d65 Merge branch 'pr_946' into development-proposed 2018-04-04 10:33:45 +02:00
Gilles Peskine
e4d3b7f860 Fix merge glitch in ChangeLog 2018-04-04 09:28:48 +02:00
Gilles Peskine
b9e8696d56 Merge remote-tracking branch 'upstream-public/pr/1142' into development-proposed 2018-04-04 09:20:59 +02:00
Gilles Peskine
73db8380ca Merge remote-tracking branch 'upstream-public/pr/1547' into development-proposed 2018-04-04 09:19:12 +02:00
Gilles Peskine
be2371c3d9 Merge branch 'pr_348' into development-proposed 2018-04-04 09:18:27 +02:00
Gilles Peskine
557e77d9a3 Add ChangeLog entry 2018-04-04 09:18:11 +02:00
Gilles Peskine
a09453f495 Merge branch 'pr_1395' into development-proposed 2018-04-04 09:14:12 +02:00
Gilles Peskine
d6953b58d7 Improve changelog entry 2018-04-04 09:09:29 +02:00
Kevin Luty
0cbe816bfc
ChangeLog updated and returning proper value 2018-04-02 10:01:16 -05:00
Ron Eldor
810e650c70 Adjust more modules to new design
Add `ecp.h` anf `timing.h` to new XXX_alt design
2018-04-01 15:59:58 +03:00
Ron Eldor
1c9f9be9a2 update ChangeLog
Update ChangeLog with suggested rephrasing
2018-04-01 15:14:07 +03:00
Ron Eldor
b2aacec417 Take Cryptographic API outside the XXX_ALT check
The cryptographic API should not be related to whether or not
there is alternative implementation. The API should be same for regular
implementation, and for alternative implementation, so it is defined
outside of the XXX_ALT precompilation check in the cryptographic API header
2018-04-01 15:12:46 +03:00
Gilles Peskine
90a8b5219f Merge branch 'pr_1480' into development-proposed 2018-04-01 12:44:06 +02:00
Gilles Peskine
092bf3dd38 Add original PR reference 2018-04-01 12:43:48 +02:00
Gilles Peskine
0ed632f445 Merge remote-tracking branch 'upstream-public/pr/1499' into development-proposed 2018-04-01 12:41:22 +02:00
Gilles Peskine
5e4464e392 Merge remote-tracking branch 'upstream-public/pr/1539' into development-proposed 2018-04-01 12:40:37 +02:00
Gilles Peskine
695d557dcf Merge branch 'pr_1180' into development-proposed 2018-04-01 12:26:36 +02:00
Gilles Peskine
4045c74421 Minor changelog improvement 2018-04-01 12:25:48 +02:00
Gilles Peskine
c96ccf4b3f Add ChangeLog entry to credit independent contribution
Also: fixes #1437
2018-03-31 22:57:03 +02:00
Darryl Green
eea1c4ee5a Improve documentation of mbedtls_ssl_write() 2018-03-29 16:41:09 +01:00
Andrzej Kurek
a357f1a6ca Move changelog entry to bugfix from changes 2018-03-29 08:17:15 -04:00
Jaeden Amero
4ba87fc958 Merge remote-tracking branch 'upstream-public/pr/758' into development-proposed 2018-03-29 11:01:38 +01:00
Jaeden Amero
2ad47e3bcc Merge remote-tracking branch 'upstream-public/pr/1528' into development-proposed 2018-03-29 11:00:50 +01:00
Jaeden Amero
78a03ec230 Merge remote-tracking branch 'upstream-public/pr/1379' into development-proposed 2018-03-29 10:57:57 +01:00
Jaeden Amero
90226be779 Merge remote-tracking branch 'upstream-public/pr/1467' into development-proposed 2018-03-28 15:35:22 +01:00
Jaeden Amero
2843d21d99 Merge remote-tracking branch 'upstream-public/pr/1523' into development-proposed 2018-03-28 15:32:13 +01:00
Hanno Becker
2bd57578af Merge branch 'development' into iotssl-1204 2018-03-28 14:52:35 +01:00
Jaeden Amero
5ec118352e Merge remote-tracking branch 'upstream-public/pr/1474' into development-proposed 2018-03-28 14:22:29 +01:00
Ivan Krylov
065ecf587f Changelog: use my real name (#758) 2018-03-28 16:19:18 +03:00
Jaeden Amero
552b9cc5ba Merge remote-tracking branch 'upstream-public/pr/1477' into development-proposed 2018-03-28 13:42:32 +01:00
Jaeden Amero
9528658446 Merge remote-tracking branch 'upstream-public/pr/701' into development-proposed
Fixes #1299, fixes #1475
2018-03-28 12:50:28 +01:00
Jaeden Amero
8645e90825 Merge remote-tracking branch 'upstream-restricted/pr/363' into development-proposed 2018-03-28 11:54:28 +01:00
Manuel Pégourié-Gonnard
fff308e2fa Add a ChangeLog entry for Curve22519 N 2018-03-28 11:13:05 +02:00
Azim Khan
71830318d3 Rephrase Changelog entry Bugfix->Changes 2018-03-28 09:48:29 +01:00
Jethro Beekman
6c563fa7cd Add tests for "return plaintext data faster on unpadded decryption" 2018-03-27 19:25:35 -07:00
Gilles Peskine
f69ad5a898 Add ChangeLog entry
Fixes #1299. Fixes #1475.
2018-03-27 23:16:26 +02:00
Andres Amaya Garcia
cb47a79e04 Add ChangeLog entry for PBES2 when ASN1 disabled 2018-03-27 21:19:50 +01:00
Andres Amaya Garcia
d1b1788b40 Improve ChangeLog for DLEXT and AR_DASH changes 2018-03-27 19:14:24 +01:00
Jaeden Amero
b604960572 Merge remote-tracking branch 'upstream-public/pr/1435' into development-proposed 2018-03-27 16:45:36 +01:00
Gilles Peskine
e4f2736b42 Add ChangeLog entry 2018-03-26 12:29:30 +02:00
Andres Amaya Garcia
ea5a8a418b Add ChangeLog entry for library/makefile changes 2018-03-25 23:57:09 +01:00
Gilles Peskine
b2f09c3265 Support out-of-tree testing with CMake: add ChangeLog entry.
Fixes #1193
2018-03-23 14:39:52 +01:00
Jaeden Amero
f65379bc40 Merge remote-tracking branch 'upstream-restricted/pr/382' into development 2018-03-23 11:14:17 +00:00
Gilles Peskine
51d9394fdf Add changelog entries for improved testing
Fixes #1040
2018-03-23 02:16:43 +01:00
Gilles Peskine
15ad579895 Merge tag 'mbedtls-2.8.0' into iotssl-1381-x509-verify-refactor-restricted
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
2018-03-23 02:16:22 +01:00
Jethro Beekman
d2df936e67 Fix parsing of PKCS#8 encoded Elliptic Curve keys.
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
2018-03-22 18:01:18 -07:00