Simon Butcher
37b9fd5df6
Merge remote-tracking branch 'restricted/pr/490' into development
2018-07-24 23:40:37 +01:00
Simon Butcher
2c92949e0a
Merge remote-tracking branch 'public/pr/1198' into development
2018-07-24 17:20:17 +01:00
Simon Butcher
c88c627fba
Merge remote-tracking branch 'public/pr/1658' into development
2018-07-24 17:19:10 +01:00
Ron Eldor
9cf0d53adc
Add ChangeLog
...
Add entry in ChangeLog for the Key Wrapping feature.
2018-07-24 16:43:20 +01:00
Simon Butcher
ccb43df37e
Merge remote-tracking branch 'public/pr/927' into development
2018-07-24 13:06:54 +01:00
Simon Butcher
dad05b7fc9
Merge remote-tracking branch 'public/pr/1844' into development
2018-07-24 13:05:09 +01:00
Simon Butcher
05330541ea
Revise ChangeLog entry for empty data records fixes
2018-07-24 12:54:15 +01:00
Simon Butcher
116ac43d00
Merge remote-tracking branch 'public/pr/1852' into development
2018-07-24 12:18:59 +01:00
Simon Butcher
fced1f2fb3
Merge remote-tracking branch 'public/pr/1854' into development
2018-07-24 10:26:46 +01:00
Simon Butcher
ecb635efca
Add ChangeLog entry for #1098 fix.
2018-07-24 10:03:41 +01:00
Brian J Murray
4736e96568
add myself to changelog
2018-07-23 10:34:47 -07:00
Andres Amaya Garcia
81f0633c16
Add ChangeLog entry for empty app data fix
2018-07-20 23:09:29 +01:00
Angus Gratton
1a7a17e548
Check for invalid short Alert messages
...
(Short Change Cipher Spec & Handshake messages are already checked for.)
2018-07-20 23:09:29 +01:00
Angus Gratton
b512bc1d29
CBC mode: Allow zero-length message fragments (100% padding)
...
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
2018-07-20 23:09:29 +01:00
Simon Butcher
922bd1efb2
Merge remote-tracking branch 'public/pr/1752' into development
2018-07-20 14:33:18 +01:00
Simon Butcher
862e703d51
Merge remote-tracking branch 'public/pr/921' into development
2018-07-20 14:30:50 +01:00
Simon Butcher
4f37bcabf9
Fix ChangeLog entry for issue #1663
...
The ChangeLog entry was under the wrong version, and under Changes, not
BugFixes.
2018-07-19 19:52:32 +01:00
Simon Butcher
df15356259
Merge remote-tracking branch 'public/pr/1663' into development
2018-07-19 19:48:10 +01:00
Simon Butcher
a72098b4d6
Merge remote-tracking branch 'public/pr/1778' into development
2018-07-19 16:10:38 +01:00
Manuel Pégourié-Gonnard
830ce11eba
Clarify attack conditions in the ChangeLog.
...
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
2018-07-11 18:27:08 +02:00
Simon Butcher
00af447ba8
Add ChangeLog entry for PR #536
2018-07-10 15:35:43 +01:00
Simon Butcher
32b074720e
Merge remote-tracking branch 'public/pr/1737' into development
2018-07-10 14:57:50 +01:00
Simon Butcher
cdbb2f2168
Merge remote-tracking branch 'public/pr/1563' into development
2018-07-10 12:49:26 +01:00
Simon Butcher
231d7e5669
Add ChangeLog entry for PR #1567 .
...
ChangeLog entry for platform support for the Haiku OS. PR #1567 .
2018-07-10 11:56:19 +01:00
Simon Butcher
6331cb0607
Fix some whitespace issues in ChangeLog and CMakeLists.txt
...
Stray tab in library/CMakeLists.txt and incorrect formatting in ChangeLog.
2018-07-10 11:48:42 +01:00
Manuel Pégourié-Gonnard
7b42030b5d
Add counter-measure to cache-based Lucky 13
...
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.
A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).
Let's make sure they're always read.
2018-07-05 14:44:49 +02:00
Manuel Pégourié-Gonnard
1cc1fb0599
Fix Lucky 13 cache attack on MD/SHA padding
...
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.
Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.
Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
2018-07-05 10:47:00 +02:00
Ron Eldor
382c1db6c0
Minor fixes
...
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
2018-07-04 17:42:47 +03:00
Ron Eldor
5ffc220f16
Documentation error in mbedtls_ssl_get_session
...
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
2018-07-03 16:04:41 +03:00
Simon Butcher
05fa46e6b7
Add ChangeLog entry for #992 fix
2018-07-02 12:08:32 +01:00
Ron Eldor
da2a31237e
Add entry in ChangeLog
...
Add entry in ChangeLog for compilation error fix of #1719
2018-07-01 10:22:53 +03:00
Gilles Peskine
104d85865d
Add ChangeLog entry
2018-06-28 17:36:02 +02:00
Simon Butcher
1ab9b57148
Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse()
2018-06-28 12:13:14 +01:00
Simon Butcher
4b6b08e7d2
Merge remote-tracking branch 'public/pr/1006' into development
2018-06-28 12:08:59 +01:00
Simon Butcher
1d97cab5f5
Merge remote-tracking branch 'public/pr/1645' into development
2018-06-28 12:06:16 +01:00
Simon Butcher
bea00bd89c
Merge remote-tracking branch 'public/pr/1783' into development
2018-06-28 12:04:19 +01:00
Simon Butcher
9e02b973f1
Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1
2018-06-28 11:59:15 +01:00
Simon Butcher
9fa21bffe6
Merge remote-tracking branch 'public/pr/1533' into development
2018-06-27 10:50:58 +01:00
Simon Butcher
95a1c1f8ab
Merge remote-tracking branch 'public/pr/1617' into development
2018-06-27 10:49:59 +01:00
niisato
164b9cd025
update ChangeLog
2018-06-25 20:47:14 +09:00
niisato
b7d39db047
update ChangeLog
2018-06-25 20:45:03 +09:00
niisato
99a3e80721
update change log.
2018-06-25 20:21:43 +09:00
niisato
15550854a3
add ChangeLog to this commit.
2018-06-25 20:07:48 +09:00
Nicholas Wilson
2682edf205
Fix build using -std=c99
...
In each place where POSIX/GNU functions are used, the file must declare
that it wants POSIX functionality before including any system headers.
2018-06-25 12:00:26 +01:00
Nicholas Wilson
512b4ee9c7
Use gmtime_r to fix thread-safety issue, and use mbedtls_time on Windows
2018-06-25 11:59:54 +01:00
Simon Butcher
6c34442c87
Add fix for #1550 and credit to the ChangeLog
2018-06-24 16:20:56 +01:00
Ron Eldor
6332e368cc
Fix typo in ChangeLog
...
Fix typo in ChangeLog discovered in PR review
2018-06-24 16:59:56 +03:00
Ron Eldor
6fd941fe4b
Remove unneeded namesapcing in header files
...
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
2018-06-24 16:56:47 +03:00
Andres Amaya Garcia
a562c26300
Add ChangeLog entry for mbedtls_ssl_write() docs
2018-06-21 19:14:49 +01:00
Manuel Pégourié-Gonnard
1f092b40a6
Add ChangeLog entry for ChachaPoly ciphersuites
...
fixes #346
2018-06-19 13:16:45 +02:00