Commit Graph

1842 Commits

Author SHA1 Message Date
Janos Follath
7bbd7ea7ad Improve wording in Changelog
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 16:39:36 +00:00
Janos Follath
f3493024f6 Finalize ChangeLog
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 01:35:14 +00:00
Janos Follath
a4b98a970f Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 00:31:29 +00:00
Janos Follath
627aeef6ae Update ChangeLog header
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-08-26 15:34:41 +01:00
Janos Follath
4ac5a7be5a Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-08-26 14:49:52 +01:00
Janos Follath
6c48d09c2f Update ChangeLog header
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-26 12:42:11 +01:00
Janos Follath
49e6caf12e Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-26 11:33:34 +01:00
Manuel Pégourié-Gonnard
dab3fd64ab Merge branch 'mbedtls-2.16-restricted' into prepare-rc-2.16.6-updated
* mbedtls-2.16-restricted:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 12:27:20 +02:00
Manuel Pégourié-Gonnard
ef98d49997 Merge remote-tracking branch 'restricted/pr/670' into mbedtls-2.16-restricted
* restricted/pr/670:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 11:56:09 +02:00
Janos Follath
85ce08d0ca Add missing ChangeLog entry
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-09 09:37:12 +01:00
Janos Follath
c04703c58c Bump version to Mbed TLS 2.16.6
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 17:17:27 +01:00
Manuel Pégourié-Gonnard
f60041688c Fix leakage of projective coordinates in ECC
See the comments in the code for how an attack would go, and the ChangeLog
entry for an impact assessment. (For ECDSA, leaking a few bits of the scalar
over several signatures translates to full private key recovery using a
lattice attack.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-01 11:02:18 +02:00
Andres Amaya Garcia
52dbda62a0 Fix compilation issue when DTLS and SSL_HW_RECORD_ACCEL are on
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-26 10:13:27 +01:00
Janos Follath
04039a5893 Add release info to ChangeLog 2020-02-19 12:12:38 +00:00
Manuel Pégourié-Gonnard
6444d1557d Add ChangeLog entries for pk_parse_key() fixes 2020-02-19 09:31:38 +01:00
Janos Follath
cabf0eed66 Revert "Merge pull request #3012 from Patater/dev/jp-bennett/development-2.16"
This reverts commit 7550e857bf, reversing
changes made to d0c2575324.

stat() will never return S_IFLNK as the file type, as stat()
explicitly follows symlinks.

Fixes #3005.
2020-02-04 14:42:15 +00:00
Gilles Peskine
4cc20f6f3d Fix duplicated Bugfix section in the changelog 2020-01-31 12:20:10 +01:00
Gilles Peskine
216c44d6eb Add changelog entry 2020-01-31 12:06:43 +01:00
Janos Follath
bac9f1bfb0 Merge pull request #3001 from from gilles-peskine-arm/coverity-20200115-2.16 into mbedtls-2.16 2020-01-29 14:49:23 +00:00
Manuel Pégourié-Gonnard
58c27790de Fix previous ChangeLog merging error 2020-01-29 11:32:09 +01:00
Manuel Pégourié-Gonnard
cc41e6cd75 Fix contributor names in ChangeLog 2020-01-29 10:47:34 +01:00
Jaeden Amero
68a24eba00 Add ChangeLog entry
Add a ChangeLog entry for Jonathan Bennett's contribution which allows
loading symlinked certificates.
2020-01-28 11:29:16 +00:00
Manuel Pégourié-Gonnard
42b8194b53 Fix incrementing pointer instead of value
This was introduced by a hasty search-and-replace that didn't account for C's
operator precedence when changing those variables to pointer types.
2020-01-24 12:35:47 +01:00
Gilles Peskine
42e4f6b706 Add changelog entry for the unchecked mbedtls_md call 2020-01-22 19:04:19 +01:00
Jaeden Amero
39e2c0eeb6 Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
* origin/mbedtls-2.16:
  Fix some pylint warnings
  Enable more test cases without MBEDTLS_MEMORY_DEBUG
  More accurate test case description
  Clarify that the "FATAL" message is expected
  Note that mbedtls_ctr_drbg_seed() must not be called twice
  Fix CTR_DRBG benchmark
  Changelog entry for xxx_drbg_set_entropy_len before xxx_drbg_seed
  CTR_DRBG: support set_entropy_len() before seed()
  CTR_DRBG: Don't use functions before they're defined
  HMAC_DRBG: support set_entropy_len() before seed()
2020-01-15 16:59:41 +00:00
Gilles Peskine
86dd9501ba Catch AES failure in mbedtls_ctr_drbg_random
The functions mbedtls_ctr_drbg_random() and
mbedtls_ctr_drbg_random_with_add() could return 0 if an AES function
failed. This could only happen with alternative AES
implementations (the built-in implementation of the AES functions
involved never fail), typically due to a failure in a hardware
accelerator.

Bug reported and fix proposed by Johan Uppman Bruce and Christoffer
Lauri, Sectra.
2019-11-28 09:57:44 +01:00
Gilles Peskine
afbcf97c20 Parse HelloVerifyRequest buffer overread: add changelog entry 2019-11-21 14:11:52 +01:00
Jaeden Amero
f0486052b7 Merge remote-tracking branch 'restricted/pr/667' into mbedtls-2.16-restricted
* restricted/pr/667: (24 commits)
  Add ChangeLog entry
  mpi_lt_mpi_ct: fix condition handling
  mpi_lt_mpi_ct: Add further tests
  mpi_lt_mpi_ct: Fix test numbering
  mpi_lt_mpi_ct perform tests for both limb size
  ct_lt_mpi_uint: cast the return value explicitely
  mbedtls_mpi_lt_mpi_ct: add tests for 32 bit limbs
  mbedtls_mpi_lt_mpi_ct: simplify condition
  Rename variable for better readability
  mbedtls_mpi_lt_mpi_ct: Improve documentation
  Make mbedtls_mpi_lt_mpi_ct more portable
  Bignum: Document assumptions about the sign field
  Add more tests for mbedtls_mpi_lt_mpi_ct
  mpi_lt_mpi_ct test: hardcode base 16
  Document ct_lt_mpi_uint
  mpi_lt_mpi_ct: make use of unsigned consistent
  ct_lt_mpi_uint: make use of biL
  Change mbedtls_mpi_cmp_mpi_ct to check less than
  mbedtls_mpi_cmp_mpi_ct: remove multiplications
  Remove excess vertical space
  ...
2019-11-12 10:48:21 +00:00
Jaeden Amero
baf23000e1 Merge remote-tracking branch 'restricted/pr/669' into mbedtls-2.16-restricted
* restricted/pr/669:
  Zeroize local AES variables before exiting the function
2019-11-12 10:43:57 +00:00
Andrzej Kurek
f18de50b49 Zeroize local AES variables before exiting the function
This issue has been reported by Tuba Yavuz, Farhaan Fowze, Ken (Yihang) Bai,
Grant Hernandez, and Kevin Butler (University of Florida) and
Dave Tian (Purdue University).

In AES encrypt and decrypt some variables were left on the stack. The value
of these variables can be used to recover the last round key. To follow best
practice and to limit the impact of buffer overread vulnerabilities (like
Heartbleed) we need to zeroize them before exiting the function.
2019-11-12 03:34:03 -05:00
Janos Follath
d71f31bfb7 Add ChangeLog entry 2019-11-11 14:15:00 +00:00
Janos Follath
1baed82774 Add ChangeLog entry 2019-10-25 11:21:30 +01:00
Gilles Peskine
0e59c473cd Changelog entry for xxx_drbg_set_entropy_len before xxx_drbg_seed 2019-10-23 18:00:03 +02:00
Jaeden Amero
069fb0e09a Merge remote-tracking branch 'origin/pr/2860' into mbedtls-2.16
* origin/pr/2860: (26 commits)
  config.pl full: exclude MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
  mbedtls_hmac_drbg_set_entropy_len() only matters when reseeding
  mbedtls_ctr_drbg_set_entropy_len() only matters when reseeding
  mbedtls_ctr_drbg_seed: correct maximum for len
  Add a note about CTR_DRBG security strength to config.h
  Move MBEDTLS_CTR_DRBG_USE_128_BIT_KEY to the correct section
  CTR_DRBG: more consistent formatting and wording
  CTR_DRBG documentation: further wording improvements
  CTR_DRBG: Improve the explanation of security strength
  CTR_DRBG: make it easier to understand the security strength
  HMAC_DRBG: note that the initial seeding grabs entropy for the nonce
  Use standard terminology to describe the personalization string
  Do note that xxx_drbg_random functions reseed with PR enabled
  Consistently use \c NULL and \c 0
  Also mention HMAC_DRBG in the changelog entry
  HMAC_DRBG: improve the documentation of the entropy length
  HMAC_DRBG documentation improvements clarifications
  More CTR_DRBG documentation improvements and clarifications
  Fix wording
  Remove warning that the previous expanded discussion has obsoleted
  ...
2019-10-18 14:22:42 +01:00
Jaeden Amero
da5930654e Merge remote-tracking branch 'origin/pr/2578' into mbedtls-2.16
* origin/pr/2578:
  Remove a redundant function call
2019-10-02 17:59:28 +01:00
Jaeden Amero
b0328ba8a3 Merge remote-tracking branch 'origin/pr/2323' into mbedtls-2.16
* origin/pr/2323:
  Add missing dependencies in test_suite_cipher.gcm
  Adapt ChangeLog
  Add NIST AES GCM test vectors to single-step cipher API test suite
2019-10-02 17:57:37 +01:00
Gilles Peskine
6735363f80 Also mention HMAC_DRBG in the changelog entry
There were no tricky compliance issues for HMAC_DBRG, unlike CTR_DRBG,
but mention it anyway. For CTR_DRBG, summarize the salient issue.
2019-09-30 15:27:33 +02:00
Gilles Peskine
3c3bf4dfdb CTR_DRBG documentation: add changelog entry
This is a documentation-only change, but one that users who care about
NIST compliance may be interested in, to review if they're using the
module in a compliant way.
2019-09-25 20:07:04 +02:00
Jaeden Amero
fcb8711f6f Bump version to Mbed TLS 2.16.3 2019-09-06 13:27:00 +01:00
Jaeden Amero
89408672eb Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
* origin/mbedtls-2.16:
  Changelog entry
  Check for zero length and NULL buffer pointer
  ssl-opt.sh: wait for proxy to start before running the script further
  Adapt ChangeLog
  Fix mpi_bigendian_to_host() on bigendian systems
2019-09-05 18:14:55 +01:00
Jaeden Amero
c3bfb20a41 Merge remote-tracking branch 'origin/pr/2645' into mbedtls-2.16
* origin/pr/2645:
  Adapt ChangeLog
  Fix mpi_bigendian_to_host() on bigendian systems
2019-09-05 17:37:13 +01:00
Jaeden Amero
71db1de226 Merge remote-tracking branch 'origin/pr/2793' into mbedtls-2.16
* origin/pr/2793:
  Changelog entry
  Check for zero length and NULL buffer pointer
2019-09-05 15:57:34 +01:00
Vikas Katariya
cc9135f42e Changelog entry 2019-09-04 12:46:02 +01:00
Jaeden Amero
e7e55158f8 Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
* origin/mbedtls-2.16:
  Fix uninitialized variable in x509_crt
  Fix the license header of hkdf
  Add ChangeLog entry
  fix memory leak in mpi_miller_rabin()
2019-09-03 19:43:13 +01:00
Jaeden Amero
fe1d66d3e2 Merge remote-tracking branch 'origin/pr/2813' into mbedtls-2.16
* origin/pr/2813:
  Fix uninitialized variable in x509_crt
2019-09-03 16:34:23 +01:00
Jaeden Amero
adb4fa5921 Merge remote-tracking branch 'origin/pr/2398' into mbedtls-2.16
* origin/pr/2398:
  Add ChangeLog entry
  fix memory leak in mpi_miller_rabin()
2019-09-03 16:32:54 +01:00
Andy Gross
3fc6f9d16d Fix uninitialized variable in x509_crt
This patch fixes an issue we encountered with more stringent compiler
warnings.  The signature_is_good variable has a possibility of being
used uninitialized.  This patch moves the use of the variable to a
place where it cannot be used while uninitialized.

Signed-off-by: Andy Gross <andy.gross@linaro.org>
2019-08-30 14:46:03 +03:00
Gilles Peskine
6d079baba8 Merge remote-tracking branch 'upstream-restricted/mbedtls-2.16-proposed' into mbedtls-2.16-restricted 2019-08-14 16:39:36 +02:00
Gilles Peskine
4d7c74811b Merge remote-tracking branch 'upstream-restricted/pr/503' into mbedtls-2.16-restricted 2019-08-14 16:39:24 +02:00
Gilles Peskine
33f66ba6fd Merge remote-tracking branch 'upstream-restricted/pr/556' into mbedtls-2.16-restricted 2019-08-14 16:38:26 +02:00