Commit graph

1588 commits

Author SHA1 Message Date
Janos Follath 6badb015eb Update ChangeLog header
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-08-26 15:36:15 +01:00
Janos Follath 681a74dd5e Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-08-26 14:50:38 +01:00
Janos Follath 6d5a109d15 Update ChangeLog header
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-26 12:55:02 +01:00
Janos Follath 994f7c0343 Assemble ChangeLog
Executed scripts/assemble_changelog.py.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-26 11:34:34 +01:00
Manuel Pégourié-Gonnard 0a997082fe Merge branch 'mbedtls-2.7-restricted' into prepare-rc-2.7.15-update
* mbedtls-2.7-restricted:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 12:31:52 +02:00
Manuel Pégourié-Gonnard 6e0806b338 Merge remote-tracking branch 'restricted/pr/671' into mbedtls-2.7-restricted
* restricted/pr/671:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 11:57:18 +02:00
Janos Follath f1bd55fd16 Add missing ChangeLog entry
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-09 09:36:33 +01:00
Janos Follath b4b458fe01 Bump version to Mbed TLS 2.7.15
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 17:22:51 +01:00
Janos Follath e170ee7e18 Merge branch 'mbedtls-2.7-restricted' into mbedtls-2.7.15r0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 15:17:55 +01:00
Manuel Pégourié-Gonnard 54587fcf9b Fix leakage of projective coordinates in ECC
See the comments in the code for how an attack would go, and the ChangeLog
entry for an impact assessment. (For ECDSA, leaking a few bits of the scalar
over several signatures translates to full private key recovery using a
lattice attack.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-01 11:28:08 +02:00
Manuel Pégourié-Gonnard 6062b49d29 Fix bug in handling of DTLS client hard reconnect
We keep track of the current epoch and record sequence number in out_ctr,
which was overwritten when writing the record containing the
HelloVerifyRequest starting from out_buf. We can avoid that by only using the
rest of the buffer.

Using MBEDTLS_SSL_MAX_CONTENT_LEN as the buffer size is still correct, as it
was a pretty conservative value when starting from out_buf.

Note: this bug was also fixed unknowingly in 2.13 by introducing a new buffer
that holds the current value of the sequence number (including epoch), while
working on datagram packing: 198594709b

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-31 13:04:19 +02:00
Andres Amaya Garcia 8758053e80 Fix compilation issue when DTLS and SSL_HW_RECORD_ACCEL are on
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-02-26 10:26:02 +01:00
Janos Follath 46337abf41 Add release info to ChangeLog 2020-02-19 12:09:36 +00:00
Manuel Pégourié-Gonnard 08f06eb049 Add ChangeLog entries for pk_parse_key() fixes 2020-02-19 09:33:33 +01:00
Janos Follath b40d60f096 Revert "Merge pull request #3011 from Patater/dev/jp-bennett/development-2.7"
This reverts commit 130e136439, reversing
changes made to 071b3e170e.

stat() will never return S_IFLNK as the file type, as stat() explicitly
follows symlinks.

Fixes #3005.
2020-02-04 14:47:45 +00:00
Gilles Peskine f664c4d878 Add changelog entry 2020-01-31 12:16:24 +01:00
Janos Follath a67508e066 Merge pull request #3002 from gilles-peskine-arm/coverity-20200115-2.7 into mbedtls-2.7 2020-01-29 14:53:48 +00:00
Jaeden Amero 7e6931d681 Add ChangeLog entry
Add a ChangeLog entry for Jonathan Bennett's contribution which allows
loading symlinked certificates.
2020-01-28 11:27:39 +00:00
Gilles Peskine f4dd8a9a19 Add changelog entry for the unchecked mbedtls_md call 2020-01-22 19:07:13 +01:00
Jaeden Amero d8180f8d84 Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  Enable more test cases without MBEDTLS_MEMORY_DEBUG
  More accurate test case description
  Clarify that the "FATAL" message is expected
  Note that mbedtls_ctr_drbg_seed() must not be called twice
  Fix CTR_DRBG benchmark
  Changelog entry for xxx_drbg_set_entropy_len before xxx_drbg_seed
  CTR_DRBG: support set_entropy_len() before seed()
  CTR_DRBG: Don't use functions before they're defined
  HMAC_DRBG: support set_entropy_len() before seed()
2020-01-15 16:59:10 +00:00
Gilles Peskine b2be1fca2c Catch AES failure in mbedtls_ctr_drbg_random
The functions mbedtls_ctr_drbg_random() and
mbedtls_ctr_drbg_random_with_add() could return 0 if an AES function
failed. This could only happen with alternative AES
implementations (the built-in implementation of the AES functions
involved never fail), typically due to a failure in a hardware
accelerator.

Bug reported and fix proposed by Johan Uppman Bruce and Christoffer
Lauri, Sectra.
2019-11-28 09:55:25 +01:00
Gilles Peskine 99258ff315 Parse HelloVerifyRequest buffer overread: add changelog entry 2019-11-21 14:18:56 +01:00
Jaeden Amero c5a016dde1 Merge remote-tracking branch 'restricted/pr/666' into mbedtls-2.7-restricted
* restricted/pr/666: (24 commits)
  Add ChangeLog entry
  mpi_lt_mpi_ct: fix condition handling
  mpi_lt_mpi_ct: Add further tests
  mpi_lt_mpi_ct: Fix test numbering
  mpi_lt_mpi_ct perform tests for both limb size
  ct_lt_mpi_uint: cast the return value explicitely
  mbedtls_mpi_lt_mpi_ct: add tests for 32 bit limbs
  mbedtls_mpi_lt_mpi_ct: simplify condition
  Rename variable for better readability
  mbedtls_mpi_lt_mpi_ct: Improve documentation
  Make mbedtls_mpi_lt_mpi_ct more portable
  Bignum: Document assumptions about the sign field
  Add more tests for mbedtls_mpi_lt_mpi_ct
  mpi_lt_mpi_ct test: hardcode base 16
  Document ct_lt_mpi_uint
  mpi_lt_mpi_ct: make use of unsigned consistent
  ct_lt_mpi_uint: make use of biL
  Change mbedtls_mpi_cmp_mpi_ct to check less than
  mbedtls_mpi_cmp_mpi_ct: remove multiplications
  Remove excess vertical space
  ...
2019-11-12 10:47:55 +00:00
Jaeden Amero e70059df85 Merge remote-tracking branch 'restricted/pr/668' into mbedtls-2.7-restricted
* restricted/pr/668:
  Zeroize local AES variables before exiting the function
2019-11-12 10:42:45 +00:00
Andrzej Kurek 07597365cd Zeroize local AES variables before exiting the function
This issue has been reported by Tuba Yavuz, Farhaan Fowze, Ken (Yihang) Bai,
Grant Hernandez, and Kevin Butler (University of Florida) and
Dave Tian (Purdue University).

In AES encrypt and decrypt some variables were left on the stack. The value
of these variables can be used to recover the last round key. To follow best
practice and to limit the impact of buffer overread vulnerabilities (like
Heartbleed) we need to zeroize them before exiting the function.
2019-11-12 03:23:51 -05:00
Janos Follath dfa4d71873 Add ChangeLog entry 2019-11-11 14:18:18 +00:00
Janos Follath 5cf41f80a4 Add ChangeLog entry 2019-10-25 11:26:13 +01:00
Gilles Peskine 093aa517c4 Changelog entry for xxx_drbg_set_entropy_len before xxx_drbg_seed 2019-10-23 18:01:25 +02:00
Jaeden Amero 395d8c1222 Merge remote-tracking branch 'origin/pr/2878' into mbedtls-2.7
* origin/pr/2878:
  mbedtls_hmac_drbg_set_entropy_len() only matters when reseeding
  mbedtls_ctr_drbg_set_entropy_len() only matters when reseeding
  mbedtls_ctr_drbg_seed: correct maximum for len
  Add a note about CTR_DRBG security strength to config.h
  CTR_DRBG: more consistent formatting and wording
  DRBG documentation: Relate f_entropy arguments to the entropy module
  Add ChangeLog entry for the DRBG documentation improvements
  HMAC_DRBG documentation improvements
  CTR_DRBG: explain the security strength and the entropy input length
  CTR_DRBG documentation improvements
2019-10-18 14:21:49 +01:00
Gilles Peskine 97edf5e1e2 Add ChangeLog entry for the DRBG documentation improvements 2019-10-02 19:00:29 +02:00
Jaeden Amero 2fc6cf5da7 Merge remote-tracking branch 'origin/pr/2704' into mbedtls-2.7
* origin/pr/2704:
  Adapt auth_crypt_tv usage to 2.7
  Add missing dependencies in test_suite_cipher.gcm
  Adapt ChangeLog
  Add NIST AES GCM test vectors to single-step cipher API test suite
2019-10-02 17:56:38 +01:00
Jaeden Amero d7bd10dc89 Bump version to Mbed TLS 2.7.12 2019-09-06 13:28:28 +01:00
Jaeden Amero 20b77ecb4a Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
* origin/mbedtls-2.7:
  Add ChangeLog entry
  fix memory leak in mpi_miller_rabin()
2019-09-03 19:42:50 +01:00
Jaeden Amero 68cfefee34 Merge remote-tracking branch 'origin/pr/2399' into mbedtls-2.7
* origin/pr/2399:
  Add ChangeLog entry
  fix memory leak in mpi_miller_rabin()
2019-09-03 16:32:06 +01:00
Gilles Peskine ad72522fad Merge remote-tracking branch 'upstream-restricted/mbedtls-2.7-proposed' into mbedtls-2.7-restricted 2019-08-14 16:30:13 +02:00
Gilles Peskine 3b8cf47004 Merge remote-tracking branch 'upstream-restricted/pr/508' into mbedtls-2.7-restricted 2019-08-14 16:25:10 +02:00
Gilles Peskine 298a43a77e Merge remote-tracking branch 'upstream-restricted/pr/549' into mbedtls-2.7-restricted 2019-08-14 16:24:51 +02:00
Gilles Peskine ab327dfec7 Merge remote-tracking branch 'upstream-restricted/pr/614' into mbedtls-2.7-restricted 2019-08-14 16:24:08 +02:00
Gilles Peskine c7ad7ed185 Merge remote-tracking branch 'upstream-public/pr/2755' into mbedtls-2.7 2019-08-14 15:59:21 +02:00
Gilles Peskine cabbd2e954 Changelog entry for test certificates update 2019-08-03 14:11:14 +02:00
Gilles Peskine 29c317b604 Add ChangeLog entry for entropy_nv_seed test case fix 2019-07-19 17:42:21 +02:00
k-stachowiak 589de374d7 Add a change log entry 2019-07-10 11:43:23 +02:00
Gilles Peskine 990ea3da50 Changelog entry for HAVEGE fix 2019-07-05 11:44:12 +02:00
Jaeden Amero 0b2035794f Merge remote-tracking branch 'origin/pr/2713' into mbedtls-2.7
* origin/pr/2713:
  programs: Make `make clean` clean all programs always
  ssl_tls: Enable Suite B with subset of ECP curves
  windows: Fix Release x64 configuration
  timing: Remove redundant include file
  net_sockets: Fix typo in net_would_block()
2019-06-21 15:58:02 +01:00
Jaeden Amero 0cf1776a2d Merge remote-tracking branch 'origin/pr/2451' into mbedtls-2.7
* origin/pr/2451:
  Fix #2370, minor typos and spelling mistakes
2019-06-21 15:55:21 +01:00
Jaeden Amero dd11fbccd2 Merge remote-tracking branch 'origin/pr/2320' into mbedtls-2.7
* origin/pr/2320:
  Clarify ChangeLog entry for fix to #1628
  Add Changelog entry for clang test-ref-configs.pl fix
  Enable more compiler warnings in tests/Makefile
  Change file scoping of test helpers.function
2019-06-21 15:55:21 +01:00
Jaeden Amero a1ab6fed91 programs: Make make clean clean all programs always
If `make TEST_CPP:=1` is run, and then `make clean` (as opposed to `make
TEST_CPP:=1 clean`), the cpp_dummy_build will be left behind after the
clean. Make `make clean more convenient to use by removing programs that
could be generated from any configuration, not just the active one.

Fixes #1862
2019-06-20 16:30:36 +01:00
Jaeden Amero ba59f6b38e ssl_tls: Enable Suite B with subset of ECP curves
Make sure the code compiles even if some curves are not defined.

Fixes #1591
2019-06-20 16:30:36 +01:00
Jaeden Amero a33bb945eb windows: Fix Release x64 configuration
Inherit PlatformToolset from the project configuration. This allow the
project to configure PlatformToolset, and aligns the Release x64 build
with other build types.

Fixes #1430
2019-06-20 16:30:35 +01:00
Jaeden Amero 548ba2e190 timing: Remove redundant include file
There is no need to include winbase.h, as it will be pulled in by
windows.h as needed.

Fixes #2640
2019-06-20 16:28:10 +01:00