Commit Graph

1910 Commits

Author SHA1 Message Date
Hanno Becker
5ed0355bc8 Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C
Previously, mbedtls_pkcs5_pbes2() was unconditionally declared
in `pkcs5.h` but defined as a stub returning
`MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE` in case
MBEDTLS_ASN1_PARSE_C was not defined.

In line with the previous commits, this commit removes declaration
and definition from both `pkcs5.h` and `pkcs5.c` in case
MBEDTLS_ASN1_PARSE_C is not defined.
2018-10-16 13:53:58 +01:00
Hanno Becker
d30cd34dc2 Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:50 +01:00
Hanno Becker
30617b080a Guard PK-parse module by ASN.1-parse module in check_config.h 2018-10-16 13:52:50 +01:00
Simon Butcher
34997fd291 Update library version number to 2.7.6 2018-08-31 16:07:23 +01:00
Jaeden Amero
8385110ae8 Update version to 2.7.5 2018-07-25 15:43:21 +01:00
Simon Butcher
b47e0a68ab Merge remote-tracking branch 'public/pr/1805' into mbedtls-2.7 2018-07-24 13:16:25 +01:00
Simon Butcher
e08754762d Correct logic to exclude i386 inline assenbly when -O0
The i386 MPI inline assembly code was being incorrectly included when
all compiler optimisation was disabled.
2018-07-23 13:41:33 +01:00
Simon Butcher
48883cd800 Merge remote-tracking branch 'public/pr/1780' into mbedtls-2.7 2018-07-20 14:40:51 +01:00
Simon Butcher
be347c6e21 Merge remote-tracking branch 'public/pr/1849' into mbedtls-2.7 2018-07-19 16:13:07 +01:00
Ron Eldor
a9779f1aff Repharse comments
Rephrase comments to clarify them.
2018-07-17 13:32:31 +03:00
Simon Butcher
d064b5c87b Disable use of the i386 assembly for option -O0
We don't compile in the assembly code if compiler optimisations are disabled as
the number of registers used in the assembly code doesn't work with the -O0
option. Also anyone select -O0 probably doesn't want to compile in the assembly
code anyway.
2018-07-10 23:20:01 +01:00
Simon Butcher
28f68a3d15 Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7 2018-07-10 14:58:51 +01:00
Ron Eldor
98848f020c Minor fixes
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
2018-07-05 15:01:51 +03:00
Simon Butcher
83868a0e45 Add ebx to the i386 clobber list for MPI assembly
This fix adds the ebx register to the clobber list for the i386 inline assembly
for the multiply helper function.

ebx was used but not listed, so when the compiler chose to also use it, ebx was
getting corrupted. I'm surprised this wasn't spotted sooner.

Fixes Github issues #1550.
2018-07-01 17:06:18 +01:00
Ron Eldor
0557b8f888 Move definition to cipher.h
Define `MBEDTLS_CIPHER_MODE_STREAM` for `MBEDTLS_CIPHER_NULL_CIPHER`
as well, in cipher.h. Remove redundant definition in `cipher_internal.h`
2018-06-28 08:46:23 +03:00
Ron Eldor
8c02dd1709 Move definition of MBEDTLS_CIPHER_MODE_STREAM
Move definition of `MBEDTLS_CIPHER_MODE_STREAM` to header file
(`mbedtls_cipher_internal.h`), because it is used by more than
one file. Raised by TrinityTonic in #1719
2018-06-28 08:44:47 +03:00
Ron Eldor
4624030dc4 Documentation error in mbedtls_ssl_get_session
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
2018-06-27 17:49:23 +03:00
Ron Eldor
df9b93e768 Remove unneeded namesapcing in header files
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
2018-06-24 17:23:16 +03:00
Andres Amaya Garcia
dbd17b75f3 Allow 0 as a valid ret value for mbedtls_ssl_write
This patch modifies the documentation for mbedtls_ssl_write() to allow
0 as a valid return value as this is the correct number of bytes that
should be returned when an empty TLS Application record is sent.
2018-06-21 19:29:37 +01:00
Simon Butcher
662ae9eaae Change the library version to 2.7.4 2018-06-18 14:42:14 +01:00
Zach van Rijn
df484d6b11 Fix MicroBlaze register typo. 2018-06-15 07:39:57 +01:00
Simon Butcher
fb6da8815c Merge remote-tracking branch 'public/pr/1655' into mbedtls-2.7 2018-06-12 17:40:08 +01:00
Simon Butcher
c26080e23f Merge remote-tracking branch 'public/pr/1670' into mbedtls-2.7 2018-06-12 17:27:19 +01:00
Simon Butcher
856870952a Merge remote-tracking branch 'public/pr/1709' into mbedtls-2.7 2018-06-12 17:25:19 +01:00
Simon Butcher
ee3a3d4a72 Merge remote-tracking branch 'public/pr/1470' into mbedtls-2.7 2018-06-11 11:30:33 +01:00
Simon Butcher
bb5e1c3973 Fix multiple quality issues in the source
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
2018-06-08 11:14:43 +01:00
Gilles Peskine
db37cb4752 mbedtls_gcm_crypt_and_tag: clarify what each mode does and doesn't do 2018-06-07 15:06:02 +02:00
Gilles Peskine
282bd24a44 Correct and clarify the documentation of GCM whole-message functions
Clarify the roles of the buffer parameter and their sizes.

Remove a statement about input size restrictions that only applies to
mbedtls_gcm_update, not to the whole-message functions.

Document the possible error codes.

Warn that mbedtls_gcm_crypt_and_tag in decrypt mode does not
authenticate the data and recommend using mbedtls_gcm_auth_decrypt
instead.
2018-06-06 16:57:03 +02:00
Azim Khan
826cdab010 Treat warnings as errors for IAR
Fix IAR compiler warnings

Two warnings have been fixed:
1. code 'if( len <= 0xFFFFFFFF )' gave warning 'pointless integer comparison'.
   This was fixed by wraping the condition in '#if SIZE_MAX > 0xFFFFFFFF'.
2. code 'diff |= A[i] ^ B[i];' gave warning 'the order of volatile accesses is undefined in'.
   This was fixed by read the volatile data in temporary variables before the computation.

Explain IAR warning on volatile access

Consistent use of CMAKE_C_COMPILER_ID
2018-05-25 14:58:33 +01:00
Moran Peker
9259b3be03 Remove double declaration of mbedtls_ssl_list_ciphersuites
Raised by TrinityTonic. #1359
2018-05-23 18:22:29 +01:00
Jaeden Amero
6856c2ebb5 Merge remote-tracking branch 'upstream-public/pr/1586' into mbedtls-2.7-proposed 2018-05-04 11:09:42 +01:00
Jaeden Amero
1fc4d33f5f Update version to 2.7.3 2018-04-27 13:15:45 +01:00
Azim Khan
26838608f8 Use correct version of snprintf on Windows
platform.h defines MBEDTLS_PLATFORM_STD_SNPRINTF based on _WIN32. But while defining macro mbedtls_snprintf it sets it to STD C snprintf that is deprecated on Windows.
2018-04-17 23:35:04 +01:00
Jaeden Amero
15cdc5ec7b Merge remote-tracking branch 'upstream-public/pr/1458' into mbedtls-2.7-proposed 2018-04-03 18:28:46 +01:00
Jaeden Amero
e7dc46240d Merge remote-tracking branch 'upstream-public/pr/1543' into mbedtls-2.7-proposed 2018-04-03 12:03:30 +01:00
Gilles Peskine
5114d3e4e1 Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
Clarify what MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH and
MBEDTLS_ERR_PK_SIG_LEN_MISMATCH mean. Add comments to highlight that
this indicates that a valid signature is present, unlike other error
codes. See
https://github.com/ARMmbed/mbedtls/pull/1149#discussion_r178130705
2018-03-30 18:43:16 +02:00
Darryl Green
28448b267f Improve documentation of mbedtls_ssl_write() 2018-03-29 16:51:16 +01:00
Jaeden Amero
0c692cda8b Merge remote-tracking branch 'upstream-public/pr/758' into mbedtls-2.7-proposed 2018-03-29 11:02:52 +01:00
Jaeden Amero
ef59b732c2 Merge remote-tracking branch 'upstream-public/pr/1479' into mbedtls-2.7-proposed 2018-03-28 14:21:19 +01:00
Ivan Krylov
5cb1f09ab4 slight rewording requested by reviewer (#758) 2018-03-24 18:48:04 +03:00
Gilles Peskine
be038366ea Fix some comments regarding what files are symlinked 2018-03-23 14:39:52 +01:00
Jaeden Amero
877c6dcf22 Merge remote-tracking branch 'upstream-restricted/pr/456' into mbedtls-2.7 2018-03-23 11:19:43 +00:00
Gilles Peskine
2cfeb887b4 Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
2018-03-23 02:12:44 +01:00
Gilles Peskine
48115740da Merge remote-tracking branch 'upstream-public/pr/1442' into mbedtls-2.7-proposed 2018-03-22 21:30:19 +01:00
Gergely Budai
8190678c01 Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:13:08 +00:00
Gilles Peskine
8405257035 Support out-of-tree testing with CMake
Create extra symbolic links with CMake so that SSL testing (ssl-opt.sh
and compat.sh) works in out-of-tree builds.
2018-03-21 12:28:59 +01:00
Jaeden Amero
9ae1fba869 Update version to 2.7.2 2018-03-16 16:30:17 +00:00
Simon Butcher
001427b6c3 Add clarity to use of the rsa_internal.h interface
Added additional clarification to the use of the rsa_internal.h interface and as
and when it can be used by whom. Policy hasn't changed, but it needed to be
clearer who can and can't use it and it's level of support.
2018-03-16 15:46:29 +00:00
Gilles Peskine
64540d9577 Merge remote-tracking branch 'upstream-restricted/pr/458' into mbedtls-2.7-restricted-proposed 2018-03-13 17:24:46 +01:00
Gilles Peskine
955d70459d Merge remote-tracking branch 'upstream-restricted/pr/460' into mbedtls-2.7-restricted-proposed 2018-03-13 17:24:33 +01:00