Gilles Peskine
0ca801af76
Merge pull request #732 from gabor-mezei-arm/689_bp216_zeroising_of_plaintext_buffers
...
[Backport 2.16] Zeroising of plaintext buffers in mbedtls_ssl_read()
2020-08-12 18:51:44 +02:00
gabor-mezei-arm
b394b43cf8
Add missing newline
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-07-31 16:00:06 +02:00
gabor-mezei-arm
3eaa10389d
Zeroising of plaintext buffers to erase unused application data from memory
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2020-07-31 15:57:26 +02:00
Manuel Pégourié-Gonnard
8be9d3b833
Add ChangeLog entry for base blinding protection
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-07-24 11:55:29 +02:00
Janos Follath
49e6caf12e
Assemble ChangeLog
...
Executed scripts/assemble_changelog.py.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-26 11:33:34 +01:00
Manuel Pégourié-Gonnard
3a1944a187
Merge pull request #704 from mpg/l13-hw-starts-finish-2.16-restricted
...
[backport 2.16] Use starts/finish around Lucky 13 dummy compressions
2020-06-23 10:43:30 +02:00
Manuel Pégourié-Gonnard
2df5857dbe
Remove SHA-1 as a fallback option
...
- it's 2020, there shouldn't be too many systems out there where SHA-1 is the
only available hash option, so its usefulness is limited
- OTOH testing configurations without SHA-2 reveal bugs that are not easy to
fix in a fully compatible way
So overall, the benefit/cost ratio is not good enough to justify keeping SHA-1
as a fallback option here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-18 12:17:59 +02:00
Manuel Pégourié-Gonnard
20cd85c6e1
Use starts/finish around Lucky 13 dummy compressions
...
Fixes #3246
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-18 11:40:43 +02:00
Manuel Pégourié-Gonnard
2d91c30f4c
Update dependencies documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-17 12:26:54 +02:00
Manuel Pégourié-Gonnard
84fd657240
Add Security ChangeLog entry for lack of blinding
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-16 10:52:36 +02:00
Manuel Pégourié-Gonnard
23983f30de
Add config.h option MBEDTLS_ECP_NO_INTERNAL_RNG
...
No effect so far, except on dependency checking, as the feature it's meant to
disable isn't implemented yet (so the descriptions in config.h and the
ChangeLog entry are anticipation for now).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-06-16 10:51:42 +02:00
Hanno Becker
f8f61aad0f
Uniformize bounds checks using new macro
...
This commit uses the previously defined macro to uniformize
bounds checks in several places. It also adds bounds checks to
the ClientHello writing function that were previously missing.
Also, the functions adding extensions to the ClientHello message
can now fail if the buffer is too small or a different error
condition occurs, and moreover they take an additional buffer
end parameter to free them from the assumption that one is
writing to the default output buffer.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-11 14:21:24 +02:00
Janos Follath
001eb3cec4
Merge pull request #3411 from gilles-peskine-arm/montmul-cmp-branch-2.16
...
Backport 2.16: Remove a secret-dependent branch in Montgomery multiplication
2020-06-09 12:40:30 +01:00
Gilles Peskine
5f5695077d
Add changelog entry: fix #3394
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-09 11:31:30 +02:00
Manuel Pégourié-Gonnard
62b293df5b
Merge pull request #3352 from gilles-peskine-arm/fix-ecp-mul-memory-leak-2.16
...
Backport 2.16: Fix potential memory leak in EC multiplication
2020-06-05 11:44:02 +02:00
Jonas
7c0f1c3067
Add Changelog entry for #3318
...
Signed-off-by: Jonas <jonas.lejeune4420@gmail.com>
2020-06-04 13:38:32 +02:00
Manuel Pégourié-Gonnard
2d727dfe64
Merge pull request #3372 from gilles-peskine-arm/check-files-changelog-2.16
...
Backport 2.16: Check changelog entries on CI
2020-06-02 09:38:44 +02:00
Gilles Peskine
934080e731
Fix an LTS version number in a changelog entry
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-28 18:32:43 +02:00
Gilles Peskine
cd29f862f6
Normalize line endings
...
Convert all text files to Unix line endings unless they're Windows
stuff.
Make sure that all text files have a trailing newline.
Remove whitespace at the end of lines.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-28 18:31:24 +02:00
Gilles Peskine
2dfc9fe293
Fix #3328
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-28 11:59:59 +02:00
Gilles Peskine
8b34fef0a8
Merge pull request #2710 from k-stachowiak/unified-exit-in-examples-2.16
...
Backport 2.16: Unify the example programs' termination
2020-05-12 10:46:36 +02:00
Gilles Peskine
543e6c5a7e
Add changelog entry file
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 22:17:08 +02:00
Gilles Peskine
4796c19516
Merge pull request #3283 from gilles-peskine-arm/changelog-20200421-2.16
...
2.16 only: Add missing changelog entry for PRs since 2.16.6
2020-04-28 13:10:40 +02:00
Manuel Pégourié-Gonnard
899f63805a
Merge pull request #3205 from irwir/fix_vcxproj-2.16
...
[backport 2.16] Finalize fixing bugs in .vcxproj files
2020-04-28 13:03:30 +02:00
Gilles Peskine
08fc4aaec0
Add changelog entry for #3197 : x509_crt max_pathlen int overflow fix
...
Backport of #3192
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-28 12:13:10 +02:00
Gilles Peskine
cff94e33b0
Copy the changelog entry assembling script from development
...
This commit is the combined cherry-pick of the following commits:
dba4de0a12
b695d5e30a
7c3f7cdeae
4d977a4f40
e248e83f9f
eebf24f7a8
6e97c43959
c68c7c8864
ac0f0860f1
42f384c186
98a53aa399
13dc634282
7fa3eb7d44
28af958ea4
8f46bbf46f
27a1facd48
afc9db8bb7
a26079613a
da14e8225e
37d670a1e1
974349d40e
d8b6c77388
2b242495e1
6e91009cfe
566407d6f6
8c4a84c5de
5e39c9e94f
974232f045
40b3f411ec
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-21 18:34:06 +02:00
irwir
3d9b798f60
[backport 2.16] Finalize fixing bugs in .vcxproj files
...
This is the 2.16 backport of #2853
Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-19 17:09:42 +03:00