Hanno Becker
921b76d056
Replace 'thread safe' by 'thread-safe' in the documentation
2018-09-05 16:21:36 +01:00
Hanno Becker
acef292eac
ChangeLog: Add missing renamings gmtime -> gmtime_r
2018-09-05 16:19:07 +01:00
Hanno Becker
cfeb70c6b9
gmtime: Remove special treatment for IAR
...
Previous commits attempted to use `gmtime_s()` for IAR systems; however,
this attempt depends on the use of C11 extensions which lead to incompatibility
with other pieces of the library, such as the use of `memset()` which is
being deprecated in favor of `memset_s()` in C11.
2018-09-05 13:52:46 +01:00
Andres Amaya Garcia
45e30201a4
Document that IAR gmtime_s() is auto selected
2018-09-05 12:05:59 +01:00
Andres Amaya Garcia
c29c34c1b4
Improve wording of gmtime feature in ChangeLog
2018-09-05 11:54:40 +01:00
Andres Amaya Garcia
8c9a620fb6
Fix missing word in ChangeLog entry for gmtime()
2018-09-05 11:30:28 +01:00
Andres Amaya Garcia
a7b9f15f27
Add ChangeLog entry for configurable gmtime() in platform
2018-08-16 21:46:35 +01:00
Andres Amaya Garcia
824dfb34b4
Add ChangeLog entry for use of gmtime
2018-08-07 20:29:57 +01:00
Simon Butcher
b363382ba4
Add ChangeLog entry for bug #1890
2018-07-30 22:10:48 +01:00
Simon Butcher
6c34268e20
Merge remote-tracking branch 'restricted/pr/501' into development-restricted
2018-07-26 14:24:56 +01:00
Simon Butcher
f11a7cda73
Clarify Changelog entries
...
Corrected the Changelog to move an entry in the wrong place after a merge, some
entries which were Changes not bugfixes, and corrected style issues.
2018-07-25 17:29:59 +01:00
Jaeden Amero
193c86425e
Update version to 2.12.0
2018-07-25 15:42:26 +01:00
Simon Butcher
37b9fd5df6
Merge remote-tracking branch 'restricted/pr/490' into development
2018-07-24 23:40:37 +01:00
Simon Butcher
2c92949e0a
Merge remote-tracking branch 'public/pr/1198' into development
2018-07-24 17:20:17 +01:00
Simon Butcher
c88c627fba
Merge remote-tracking branch 'public/pr/1658' into development
2018-07-24 17:19:10 +01:00
Ron Eldor
9cf0d53adc
Add ChangeLog
...
Add entry in ChangeLog for the Key Wrapping feature.
2018-07-24 16:43:20 +01:00
Simon Butcher
ccb43df37e
Merge remote-tracking branch 'public/pr/927' into development
2018-07-24 13:06:54 +01:00
Simon Butcher
dad05b7fc9
Merge remote-tracking branch 'public/pr/1844' into development
2018-07-24 13:05:09 +01:00
Simon Butcher
05330541ea
Revise ChangeLog entry for empty data records fixes
2018-07-24 12:54:15 +01:00
Simon Butcher
116ac43d00
Merge remote-tracking branch 'public/pr/1852' into development
2018-07-24 12:18:59 +01:00
Simon Butcher
fced1f2fb3
Merge remote-tracking branch 'public/pr/1854' into development
2018-07-24 10:26:46 +01:00
Simon Butcher
ecb635efca
Add ChangeLog entry for #1098 fix.
2018-07-24 10:03:41 +01:00
Brian J Murray
4736e96568
add myself to changelog
2018-07-23 10:34:47 -07:00
Andres Amaya Garcia
81f0633c16
Add ChangeLog entry for empty app data fix
2018-07-20 23:09:29 +01:00
Angus Gratton
1a7a17e548
Check for invalid short Alert messages
...
(Short Change Cipher Spec & Handshake messages are already checked for.)
2018-07-20 23:09:29 +01:00
Angus Gratton
b512bc1d29
CBC mode: Allow zero-length message fragments (100% padding)
...
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
2018-07-20 23:09:29 +01:00
Simon Butcher
922bd1efb2
Merge remote-tracking branch 'public/pr/1752' into development
2018-07-20 14:33:18 +01:00
Simon Butcher
862e703d51
Merge remote-tracking branch 'public/pr/921' into development
2018-07-20 14:30:50 +01:00
Simon Butcher
4f37bcabf9
Fix ChangeLog entry for issue #1663
...
The ChangeLog entry was under the wrong version, and under Changes, not
BugFixes.
2018-07-19 19:52:32 +01:00
Simon Butcher
df15356259
Merge remote-tracking branch 'public/pr/1663' into development
2018-07-19 19:48:10 +01:00
Simon Butcher
a72098b4d6
Merge remote-tracking branch 'public/pr/1778' into development
2018-07-19 16:10:38 +01:00
Manuel Pégourié-Gonnard
830ce11eba
Clarify attack conditions in the ChangeLog.
...
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
2018-07-11 18:27:08 +02:00
Simon Butcher
00af447ba8
Add ChangeLog entry for PR #536
2018-07-10 15:35:43 +01:00
Simon Butcher
32b074720e
Merge remote-tracking branch 'public/pr/1737' into development
2018-07-10 14:57:50 +01:00
Simon Butcher
cdbb2f2168
Merge remote-tracking branch 'public/pr/1563' into development
2018-07-10 12:49:26 +01:00
Simon Butcher
231d7e5669
Add ChangeLog entry for PR #1567 .
...
ChangeLog entry for platform support for the Haiku OS. PR #1567 .
2018-07-10 11:56:19 +01:00
Simon Butcher
6331cb0607
Fix some whitespace issues in ChangeLog and CMakeLists.txt
...
Stray tab in library/CMakeLists.txt and incorrect formatting in ChangeLog.
2018-07-10 11:48:42 +01:00
Manuel Pégourié-Gonnard
7b42030b5d
Add counter-measure to cache-based Lucky 13
...
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.
A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).
Let's make sure they're always read.
2018-07-05 14:44:49 +02:00
Manuel Pégourié-Gonnard
1cc1fb0599
Fix Lucky 13 cache attack on MD/SHA padding
...
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.
Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.
Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
2018-07-05 10:47:00 +02:00
Ron Eldor
382c1db6c0
Minor fixes
...
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
2018-07-04 17:42:47 +03:00
Ron Eldor
5ffc220f16
Documentation error in mbedtls_ssl_get_session
...
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
2018-07-03 16:04:41 +03:00
Simon Butcher
05fa46e6b7
Add ChangeLog entry for #992 fix
2018-07-02 12:08:32 +01:00
Ron Eldor
da2a31237e
Add entry in ChangeLog
...
Add entry in ChangeLog for compilation error fix of #1719
2018-07-01 10:22:53 +03:00
Gilles Peskine
104d85865d
Add ChangeLog entry
2018-06-28 17:36:02 +02:00
Simon Butcher
1ab9b57148
Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse()
2018-06-28 12:13:14 +01:00
Simon Butcher
4b6b08e7d2
Merge remote-tracking branch 'public/pr/1006' into development
2018-06-28 12:08:59 +01:00
Simon Butcher
1d97cab5f5
Merge remote-tracking branch 'public/pr/1645' into development
2018-06-28 12:06:16 +01:00
Simon Butcher
bea00bd89c
Merge remote-tracking branch 'public/pr/1783' into development
2018-06-28 12:04:19 +01:00
Simon Butcher
9e02b973f1
Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1
2018-06-28 11:59:15 +01:00
Simon Butcher
9fa21bffe6
Merge remote-tracking branch 'public/pr/1533' into development
2018-06-27 10:50:58 +01:00