Steven Cooreman
5be864f645
Add changelog for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:52 +02:00
Manuel Pégourié-Gonnard
247745ffc4
Revert "Changelog added"
...
This reverts commit 0961e3db49
.
This was merged by mistake in development instead of development_3.0.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-04-15 12:27:04 +02:00
Manuel Pégourié-Gonnard
c039514559
Merge pull request #4334 from TRodziewicz/origin/remove_old_func_from_hashing
...
Remove deprecated things from hashing modules
2021-04-15 10:13:32 +02:00
TRodziewicz
0961e3db49
Changelog added
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-12 17:19:43 +02:00
Gilles Peskine
8f28c24b4a
Explain the problem in more concrete terms
...
Don't try to make the reader guess what a “negative zero” might mean.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-09 20:20:26 +02:00
Gilles Peskine
fd4fab0b24
mbedtls_mpi_read_string("-0") no longer produces a "negative zero"
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-09 17:13:15 +02:00
Gilles Peskine
7bc6a3749c
Merge pull request #3183 from meuter/development
...
RSA PSS signature generation with the option to specify the salt length
2021-04-06 21:36:06 +02:00
Gilles Peskine
889828d0b4
Merge pull request #4279 from ronald-cron-arm/fix-invalid-id-error-code
...
Fix error code when creating/registering a key with invalid id
2021-04-06 18:46:30 +02:00
Ronald Cron
602f986511
Add change log
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-01 14:55:04 +02:00
Ronald Cron
2af9641a7d
Merge pull request #4198 from maulik-arm/maulik-arm/fix-4162
...
PSA Update return code for non-existing key in various key operations
2021-04-01 13:27:31 +02:00
Maulik Patel
f41be14269
Add Change log entry for bug fix.
...
Signed-off-by: Maulik Patel <Maulik.Patel@arm.com>
2021-04-01 10:01:32 +01:00
Gilles Peskine
bf792e0a82
Merge pull request #3616 from militant-daos/bug_3175
...
Fix premature fopen() call in mbedtls_entropy_write_seed_file
2021-03-30 17:33:08 +02:00
Ryan LaPointe
59244e87e1
Actually use the READ_TIMEOUT_MS in the sample DTLS client and server
...
Signed-off-by: Ryan LaPointe <ryan@ryanlapointe.org>
2021-03-15 16:43:08 -04:00
Dave Rodgman
e483a77c85
Merge pull request #816 from ARMmbed/development
...
Merge recent commits from development into 2.26.0-rc
2021-03-12 16:55:26 +00:00
Paul Elliott
9907e2c334
Improve wording of ChangeLog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:14:10 +00:00
Paul Elliott
3949065aef
Fix incorrect case in changelog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
6f21e11265
Add Changelog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
paul-elliott-arm
0135516d55
Merge pull request #4203 from paul-elliott-arm/memsan_fix_build
...
Fix memsan build with Clang 11
2021-03-09 16:31:31 +00:00
Dave Rodgman
74755e484c
Update Changelog for 2.26.0
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:35:44 +00:00
Dave Rodgman
b4fe1053e4
Add missing changelog entry
...
Add missing changelog entry for 3698: Mark basic constraints critical
as appropriate.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:34:24 +00:00
Dave Rodgman
2d83ac100d
Add a missing changelog entry
...
Add a missing changelog entry for #3996 : Allow loading external wrapped
keys.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-08 18:34:16 +00:00
Dave Rodgman
5cce6a24d0
Merge branch 'development-restricted' into mbedtls-2.26.0-rc
2021-03-08 17:01:24 +00:00
Gilles Peskine
e252868be4
Merge pull request #4067 from stevew817/feature/allow_multilength_aead
...
Add support for key policies (MAC & AEAD)
2021-03-08 15:04:17 +01:00
Paul Elliott
fb91a48616
Fix memsan build with clang 11
...
Memsan build was reporting a false positive use of uninitialised memory
in x509_crt.c on a struct filled by an _stat function call. According to
the man pages, the element reported has to be filled in by the call, so
to be safe, and keep memsan happy, zero the struct first.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-05 14:24:03 +00:00
Paul Elliott
a5dce14291
Fixup changelog formatting
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-04 14:24:57 +00:00
Steven Cooreman
7de9e2db1f
Language / verbiage fixes
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:03:39 +01:00
Steven Cooreman
5d81481a1c
Rename AEAD WITH_MINIMUM_LENGTH to AT_LEAST_THIS_LENGTH
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
# Conflicts:
# include/psa/crypto_values.h
# tests/suites/test_suite_psa_crypto.data
2021-03-01 16:00:31 +01:00
Steven Cooreman
caad49316b
rename MAC_WITH_MINIMUM_LENGTH_TAG to AT_LEAST_THIS_LENGTH_MAC
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:00:31 +01:00
Steven Cooreman
ee18b1f5a4
Style and language updates after review
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-01 16:00:31 +01:00
Steven Cooreman
b3ce8156ce
Add support for minimum-tag-length AEAD and MAC policies
...
Includes tests.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
# Conflicts:
# include/psa/crypto_values.h
# tests/suites/test_suite_psa_crypto.function
2021-03-01 16:00:31 +01:00
Gilles Peskine
ddf4374879
Fix stack buffer overflow in net functions with large file descriptor
...
Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout() when given a file descriptor that is beyond
FD_SETSIZE. The bug was due to not checking that the file descriptor
is within the range of an fd_set object.
Fix #4169
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-25 15:56:48 +01:00
Paul Elliott
b4e4bfdd00
Add Changelog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-02-25 10:47:56 +00:00
Gilles Peskine
b15832160b
Make entropy double-free work
...
Although the library documentation does not guarantee that calling
mbedtls_entropy_free() twice works, it's a plausible assumption and it's
natural to write code that frees an object twice. While this is uncommon for
an entropy context, which is usually a global variable, it came up in our
own unit tests (random_twice tests in test_suite_random).
Announce this in the same changelog entry as for RSA because it's the same
bug in the two modules.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-23 11:27:03 +01:00
Gilles Peskine
4337a9cb18
Document mutex usage for RSA
...
The mutex is now initialized iff ver != 0.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-22 19:24:03 +01:00
Gilles Peskine
1226ecef01
Changelog entry for RSA mutex usage fix
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-22 19:24:03 +01:00
Gilles Peskine
71edf749e1
Changelog entry for DRBG mutex usage fix
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-22 19:24:03 +01:00
Dave Rodgman
d6ee36ed04
Merge pull request #4110 from gilles-peskine-arm/psa-external-random-in-mbedtls
...
Expose the PSA RNG in mbedtls
2021-02-22 14:47:29 +00:00
Gilles Peskine
d548d964db
Clarify where mbedtls_psa_get_random might be useful
...
Also fix some typos.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-16 15:46:06 +01:00
Gilles Peskine
e3ed802138
Expose mbedtls_psa_get_random()
...
Expose whatever RNG the PSA subsystem uses to applications using the
mbedtls_xxx API.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-02-16 15:39:48 +01:00
Gilles Peskine
bb86d0c61c
Merge pull request #3995 from stevew817/feature/psa_configurable_static_ram_usage
...
Allow tweaking PSA_KEY_SLOT_COUNT
2021-02-16 12:52:24 +01:00
Manuel Pégourié-Gonnard
495ef98b24
Merge pull request #3976 from devnexen/fbsd_dfly_upd
...
Implements getrandom's wrapper for handful of BSD.
2021-02-16 09:41:55 +01:00
Steven Cooreman
863470a5f9
Rename PSA_KEY_SLOT_COUNT to MBEDTLS_PSA_KEY_SLOT_COUNT
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-02-15 14:26:44 +01:00
David Carlier
4971c3fce7
Changelog entry.
...
Signed-off-by: David Carlier <devnexen@gmail.com>
2021-02-15 13:13:13 +00:00
Steven Cooreman
7976574f82
Allow tweaking PSA_KEY_SLOT_COUNT
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-02-15 13:58:27 +01:00
Gilles Peskine
59ad77032f
Merge pull request #4131 from paul-elliott-arm/fix_crypto_leak
...
Fix memory leak in error case in psa_crypto
2021-02-15 11:38:13 +01:00
Ronald Cron
5cd00d28bf
Merge pull request #4092 from ronald-cron-arm/psa-crypto-client
...
Psa crypto client
2021-02-15 10:46:35 +01:00
Paul Elliott
d17062e6bf
Correct english in changelog.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-02-12 14:48:16 +00:00
Bence Szépkúti
a63b20d28b
Rename AEAD tag length macros
...
This brings them in line with PSA Crypto API 1.0.0
PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH -> PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG
PSA_ALG_AEAD_WITH_TAG_LENGTH -> PSA_ALG_AEAD_WITH_SHORTENED_TAG
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-02-11 11:39:31 +01:00
Paul Elliott
da3e7db495
Fix memory leak in error case in psa_crypto
...
In psa_generate_derived_key_internal() an error case was returning
directly rather than jumping to the exit label, which meant that an
allocated buffer would not be free'd.
Found via coverity.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-02-09 19:03:47 +00:00
Ronald Cron
07907ae84e
Add change log entry
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-09 15:36:14 +01:00