9e8f3a6b71
Merge pull request #5308 from minosgalanakis/development_2.x
...
Backport 2.x: Document platform architecture portability constraints
2021-12-10 21:13:09 +01:00
5e41e0e934
Update generated file
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-10 20:19:30 +01:00
47569e097e
fix help message issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
d351ed3a6a
fix msvc build faile
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
969c01a234
Beauty source code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
cf080ce821
fix ci fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
bbfa1d8c19
Replace configs_enabled check with query_compile_time_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
4f2dff429a
Add list_config into query_comile_time_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
0abd677ed7
Add list_config generation
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-10 20:19:05 +01:00
7412eb4bc2
Better fix for empty password / salt
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-10 17:48:12 +00:00
a59cc3dbc7
Further documentation improvements
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-10 17:48:12 +00:00
f294ff5d87
Make changelog more specific
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-10 17:48:12 +00:00
fe724fe618
Fix for pkcs12 with NULL or zero length password
...
Previously passing a NULL or zero length password into either
mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate
loop, and it was also possible to pass a NULL password, with a non-zero
length, which would cause memory corruption.
I have fixed these errors, and improved the documentation to reflect the
changes and further explain what is expected of the inputs.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-10 17:48:12 +00:00
18a59b7d4c
Merge pull request #5306 from gilles-peskine-arm/test-missing-ret-check-202112-2.x
...
Backport 2.x: Missing error checks + test bug on unlikely failure
2021-12-10 17:41:49 +01:00
5c93a9f214
Update changelog & readme
...
This patch adds explicit wording to state
that Two's complement is the official
supported signed integer representation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2021-12-10 15:57:54 +00:00
3fc0d30447
Don't fail until everything is initialized
...
Can't call mbedtls_cipher_free(&invalid_ctx) in cleanup if
mbedtls_cipher_init(&invalid_ctx) hasn't been called.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-10 14:45:41 +01:00
3d28378734
Check return values in more places
...
Selective replacement of
```
^\( *\)\(mbedtls_\(md\|cipher\)_[A-Z_a-z0-9]+\)\((.*)\);
```
by
```
\1if( \2\4 != 0 )
\1{
\1 mbedtls_fprintf( stderr, "\2() returned error\\n" );
\1 goto exit;
\1}
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-10 14:45:41 +01:00
362d6efbde
Merge pull request #5301 from paul-elliott-arm/test_suite_cipher_returns_2.x
...
Backport 2.x : Add checked return to cipher setup in Cipher tests
2021-12-10 10:40:01 +01:00
4a5396ec25
Merge pull request #5299 from paul-elliott-arm/crypt_and_hash_prog_2.x
...
Backport 2.x: Add checks for return values to md functions in crypt and hash
2021-12-09 23:32:52 +01:00
51377d8a73
Merge pull request #5280 from davidhorstmann-arm/2.x-improve-cmac-docs
...
Backport 2.x: Reword documentation of CMAC operations
2021-12-09 23:28:39 +01:00
c2c1c22dda
Merge pull request #5298 from paul-elliott-arm/ssl_context_info_prog_2.x
...
Backport 2.x: Two fixes for SSL context info sample program
2021-12-09 23:22:54 +01:00
68b64cd64c
Add checked return to cipher setup
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-09 21:37:23 +00:00
d068876181
Add checks for return values to md functions
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-09 18:51:56 +00:00
8f20bab14d
Fix printf format specifier
...
Also mark function as printf variant so compiler will pickup any future
issues.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-09 18:35:13 +00:00
110afd0e4d
Prevent resource leak
...
If -f was used as an argument twice to the program, then it would leak
the file resource, due to overwriting it on the second pass
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2021-12-09 18:33:22 +00:00
620cbb9bf5
Merge pull request #5262 from xffbai/code-align-backport2.x
...
Backport 2.x: Fix (d)tls1_2 into (d)tls12 in version options
2021-12-09 16:26:24 +01:00
c3319e73db
Merge pull request #5189 from gilles-peskine-arm/struct_reordering_2.x
...
Backport 2.x: Reorder structure fields to maximize usage of immediate offset access
2021-12-09 12:54:13 +01:00
218abe081c
Merge pull request #5284 from gabor-mezei-arm/4926_bp2x_base64_move_constant-time_functions
...
[Backport 2.x] Move base64 constant-time functions to the new module
2021-12-09 12:40:24 +01:00
00e08a3a21
Update generated files
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-09 10:05:48 +01:00
9ac32eb123
Merge pull request #863 from davidhorstmann-arm/2.x-fix-session-copy-bug
...
Backport 2.x: [session] fix a session copy bug
2021-12-09 09:21:33 +01:00
3a755f511f
Add documentation for the functions
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:24:22 +01:00
46ca2f76c4
Unify function parameters
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:22:45 +01:00
df29332d4b
Make mbedtls_ct_uchar_mask_of_range function static
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:20:39 +01:00
f554ce21b8
Delete base64_invasive.h due to functions are moved to the constant-time module
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:20:27 +01:00
3d4dba84b7
Move mbedtls_ct_base64_dec_value function to the constant-time module
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:20:16 +01:00
200708d30a
Move mbedtls_ct_base64_enc_char function to the constant-time module
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:20:04 +01:00
46f79c388d
Move mbedtls_ct_uchar_mask_of_range function to the constant-time module
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:19:41 +01:00
7464f37e7b
Rename functions to have suitable name
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2021-12-08 16:19:23 +01:00
0add7f96ac
Add changelog entry for session copy bugfix
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2021-12-08 13:29:55 +00:00
9a4a9c66a4
Merge pull request #860 from ronald-cron-arm/fix-cipher-iv_2.x
...
Backport 2.x: Avoid using encryption output buffer to pass generated IV to PSA driver
2021-12-08 13:30:11 +01:00
0f6c6bc0dc
[session] fix a session copy bug
...
fix a possible double reference on 'ticket'
when peer_cert/peer_cert_digest calloc failed.
Signed-off-by: 吴敬辉 <11137405@vivo.com >
2021-12-07 17:27:31 +00:00
b56f38f57b
Reword documentation of CMAC operations
...
Change the wording of the documentation for some CMAC functions,
as the existing wording, while technically correct, can be
easy to misunderstand. The reworded docs explain the flow of
a CMAC computation a little more fully.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2021-12-07 12:16:33 +00:00
582f2398d4
Merge pull request #5167 from tom-cosgrove-arm/fix-builds-with-only-mbedtls_bignum_c-defined
...
Backport 2.x: Fix builds when config.h only defines MBEDTLS_BIGNUM_C
2021-12-07 12:38:04 +01:00
e7a5e985ae
Add change log
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-12-07 09:23:27 +01:00
ad47e6d160
Add changelog entry for build error fixes
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-06 20:58:51 +01:00
1e313165f3
Merge pull request #5258 from gilles-peskine-arm/pip-requirements-2.x
...
Backport 2.x: In-tree Python package requirements
2021-12-03 17:25:56 +01:00
5d6de4ebc4
Merge pull request #5254 from adeaarm/development_2.x
...
Backport 2.x: Align function parameter names for mbedtls_set_key_owner_id
2021-12-03 17:24:49 +01:00
4b71e9b96a
Correct default requirements file name in help
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-03 13:32:10 +01:00
f40545d919
Fix (d)tls1_2 into (d)tls12 in version options
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com >
2021-12-03 08:13:30 +00:00
f3564bfe99
Add Cryptodome to maintainer requirements
...
See e.g. https://github.com/ARMmbed/mbedtls/pull/5218
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-02 13:19:19 +01:00
