Hanno Becker
e7f2df03a3
Remove key length field from ssl_transform
...
The `ssl_transform` security parameter structure contains opaque
cipher contexts for use by the record encryption/decryption functions
`ssl_decrypt_buf`/`ssl_encrypt_buf`, while the underlying key material
is configured once in `ssl_derive_keys` and is not explicitly dealt with
anymore afterwards. In particular, the key length is not needed
explicitly by the encryption/decryption functions but is nonetheless
stored in an explicit yet superfluous `keylen` field in `ssl_transform`.
This commit removes this field.
2019-04-29 09:32:08 +02:00
Jarno Lamsa
5b871285f5
MBEDTLS_USE_UECC and MBEDTLS_NO_64BIT_MULTIPLICATION conflicting
2019-04-29 10:29:06 +03:00
Jarno Lamsa
55427964b1
Guard tinycrypt files with MBEDTLS_USE_UECC
2019-04-29 10:25:23 +03:00
Jarno Lamsa
9454dfaed4
Add a new flag for the micro-ecc
2019-04-24 16:28:59 +03:00
Jarno Lamsa
79e3b946db
Add CMake support for uecc
2019-04-24 16:17:10 +03:00
Jarno Lamsa
18987a420b
Add micro-ecc based ecc-files to mbedtls
...
The files are from https://github.com/intel/tinycrypt
Using commit 6e0eb53fc8403988f97345e94081b0453f47231d as a base.
2019-04-24 15:40:43 +03:00
Hanno Becker
8d0893d0b0
Add warnings about status of implementation of CID API
2019-04-23 12:01:20 +01:00
Hanno Becker
b9b7e29536
Clarify that mbedtls_ssl_set_cid() applies to all subsequent HSs
2019-04-23 11:38:47 +01:00
Hanno Becker
d928c06d01
Document that the use of CID is disabled by default.
...
(Even if MBEDTLS_SSL_CID is set in config.h)
2019-04-23 11:37:38 +01:00
Hanno Becker
efde5b2e96
Reference CID Draft in Connection ID documentation in config.h
2019-04-23 11:36:56 +01:00
Hanno Becker
29a54c8415
Add dep of MBEDTLS_SSL_CID on MBEDTLS_SSL_PROTO_DTLS to config check
2019-04-09 18:26:59 +01:00
Hanno Becker
6198af33a0
Add API for the use of the DTLS Connection ID extension
2019-04-09 18:26:53 +01:00
Hanno Becker
81bd97149f
Add new configuration option controlling CID extension
2019-04-09 15:12:41 +01:00
Jaeden Amero
186c2c054d
Merge remote-tracking branch 'restricted/pr/553' into mbedtls-2.16
...
* restricted/pr/553:
Fix mbedtls_ecdh_get_params with new ECDH context
Add changelog entry for mbedtls_ecdh_get_params robustness
Fix ecdh_get_params with mismatching group
Add test case for ecdh_get_params with mismatching group
Add test case for ecdh_calc_secret
Fix typo in documentation
2019-03-27 14:54:00 +00:00
Jaeden Amero
9f4f8eec93
Update library version to 2.16.1
2019-03-19 16:20:02 +00:00
Simon Butcher
799cd57c72
Merge remote-tracking branch 'restricted/pr/550' into mbedtls-2.16
...
* restricted/pr/550:
Update query_config.c
Fix failure in SSLv3 per-version suites test
Adjust DES exclude lists in test scripts
Clarify 3DES changes in ChangeLog
Fix documentation for 3DES removal
Exclude 3DES tests in test scripts
Fix wording of ChangeLog and 3DES_REMOVE docs
Reduce priority of 3DES ciphersuites
2019-03-01 13:05:43 +00:00
Andres Amaya Garcia
7c86e9a03e
Fix documentation for 3DES removal
2019-03-01 10:29:49 +01:00
Andres Amaya Garcia
6882ec1521
Fix wording of ChangeLog and 3DES_REMOVE docs
2019-03-01 10:29:49 +01:00
Andres Amaya Garcia
5d8aade01d
Reduce priority of 3DES ciphersuites
2019-03-01 10:29:13 +01:00
Gilles Peskine
4dc50bc06e
Fix typo in documentation
2019-02-21 16:58:20 +01:00
Andres Amaya Garcia
6490034fb2
Improve docs for ASN.1 bitstrings and their usage
2019-02-11 21:25:09 +00:00
Jaeden Amero
5788314d63
Merge remote-tracking branch 'origin/pr/2319' into mbedtls-2.16
2019-01-30 16:09:56 +00:00
Jaeden Amero
f0f8c09178
Merge remote-tracking branch 'origin/pr/1375' into mbedtls-2.16
2019-01-30 16:09:08 +00:00
Jeffrey Martin
541055e197
Backport #1949 into mbedtls-2.16
...
Signed-off-by: Jeffrey Martin <Jeffrey_Martin@rapid7.com>
2019-01-14 18:16:34 -06:00
Simon Butcher
874b60423e
Merge remote-tracking branch 'public/pr/975' into mbedtls-2.16
2019-01-08 16:34:19 +00:00
Darryl Green
b779759745
Move ecp_restartable definitions out of the MBEDTLS_ECP_ALT guards
...
As there are some definitions that are defined regardless of
whether MBEDTLS_ECP_RESTARTABLE is defined or not, these definitions
need to be moved outside the MBEDTLS_ECP_ALT guards. This is a simple
move as MBEDTLS_ECP_ALT and MBEDTLS_ECP_RESTARTABLE are mutually
exclusive options.
2019-01-07 13:12:44 +00:00
GuHaijun
983acb75f0
Fix include file path
2018-12-28 11:11:10 +08:00
Simon Butcher
6c164e754b
Update the version of the library to 2.16.0
2018-12-21 10:51:51 +00:00
Simon Butcher
fed19be501
Merge remote-tracking branch 'public/pr/2126' into development-restricted
2018-12-20 12:35:09 +00:00
Simon Butcher
6df8c53cd4
Merge remote-tracking branch 'public/pr/2134' into development-restricted
2018-12-20 12:34:44 +00:00
Simon Butcher
ad7c2105a2
Merge remote-tracking branch 'public/pr/2274' into development
2018-12-20 12:16:57 +00:00
Simon Butcher
12b4240300
Merge remote-tracking branch 'public/pr/2288' into development
2018-12-20 12:16:46 +00:00
Simon Butcher
c831193c85
Merge remote-tracking branch 'public/pr/2302' into development
2018-12-20 12:16:39 +00:00
Simon Butcher
1efda39f8a
Merge remote-tracking branch 'public/pr/2297' into development
2018-12-20 12:16:29 +00:00
Simon Butcher
5aa7809ac8
Merge remote-tracking branch 'public/pr/2275' into development
2018-12-20 12:15:19 +00:00
Simon Butcher
780cf189b0
Merge remote-tracking branch 'public/pr/2271' into development
2018-12-20 12:15:08 +00:00
Simon Butcher
032c037052
Merge remote-tracking branch 'public/pr/2270' into development
2018-12-20 12:04:13 +00:00
Simon Butcher
a033633bb0
Merge remote-tracking branch 'public/pr/2269' into development
2018-12-20 12:02:56 +00:00
Simon Butcher
70935a4001
Merge remote-tracking branch 'public/pr/2299' into development
2018-12-20 12:02:23 +00:00
Simon Butcher
003c0e032f
Merge remote-tracking branch 'public/pr/2292' into development
2018-12-20 12:02:17 +00:00
Simon Butcher
decf2f5c2c
Merge remote-tracking branch 'public/pr/2291' into development
2018-12-20 12:02:11 +00:00
Simon Butcher
65ce5dc981
Merge remote-tracking branch 'public/pr/2290' into development
2018-12-20 12:02:05 +00:00
Simon Butcher
ad2e0dae32
Merge remote-tracking branch 'public/pr/2283' into development
2018-12-20 12:01:58 +00:00
Simon Butcher
0bbf7f450d
Merge remote-tracking branch 'public/pr/2279' into development
2018-12-20 12:01:49 +00:00
Simon Butcher
962b7b17d5
Merge remote-tracking branch 'public/pr/2273' into development
2018-12-20 12:01:17 +00:00
Simon Butcher
6be67a6518
Merge remote-tracking branch 'public/pr/2281' into development
2018-12-20 12:01:09 +00:00
Simon Butcher
dac513e246
Merge remote-tracking branch 'public/pr/2282' into development
2018-12-20 12:01:04 +00:00
Simon Butcher
ccafd14fee
Merge remote-tracking branch 'public/pr/2276' into development
2018-12-20 12:00:57 +00:00
Simon Butcher
2a8d32c6c1
Merge remote-tracking branch 'public/pr/2287' into development
2018-12-20 12:00:50 +00:00
k-stachowiak
247a782668
Increase strictness of NULL parameter validity in CCM's doxygen
2018-12-19 19:02:39 +01:00
k-stachowiak
6adb0574ea
Improve details of CCM parameter validation and documentation
2018-12-19 19:02:39 +01:00
k-stachowiak
9da5d7cd83
Adjust mbedtls_ccm_free() documentation
2018-12-19 19:02:39 +01:00
k-stachowiak
373a660193
Fix a documentation typo
2018-12-19 19:02:39 +01:00
k-stachowiak
b92f9334e4
Doxygen comments improvement
2018-12-19 19:02:39 +01:00
k-stachowiak
12f0d5c66d
Improve the constraints definition in the doxygen comments in CCM
2018-12-19 19:02:39 +01:00
k-stachowiak
fd42d531ba
Explicitly allow NULL as an argument to mbedtls_ccm_free()
2018-12-19 19:02:39 +01:00
k-stachowiak
438448e45f
Format NULL occurrences in CCM's Doxygen comments
2018-12-19 19:02:39 +01:00
k-stachowiak
26d365eb54
Add parameter validation for CCM
2018-12-19 19:02:39 +01:00
Gilles Peskine
6af45ec53e
PK: document context validity requirements
...
Document when a context must be initialized or not, when it must be
set up or not, and whether it needs a private key or a public key will
do.
The implementation is sometimes more liberal than the documentation,
accepting a non-set-up context as a context that can't perform the
requested information. This preserves backward compatibility.
2018-12-19 18:10:03 +01:00
Gilles Peskine
d54b97503b
pk parse: the password is optional
...
For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
2018-12-19 17:36:14 +01:00
k-stachowiak
e4b8d28ca7
Remove imprecise clause from documenting comment
2018-12-19 17:34:58 +01:00
k-stachowiak
95070a8286
Make some cipher parameter validation unconditional
2018-12-19 17:34:58 +01:00
k-stachowiak
6df25e7930
Increase strictness of NULL parameter validity in Cipher's doxygen
2018-12-19 17:34:58 +01:00
k-stachowiak
90b8d4a11e
Include static cipher functions in the parameter validation scheme
2018-12-19 17:34:13 +01:00
k-stachowiak
d5913bc115
Improve documentation of the parameter validation in the Cipher module
2018-12-19 17:34:13 +01:00
Krzysztof Stachowiak
e0215d7869
Add Cipher module parameter validation
2018-12-19 17:34:13 +01:00
k-stachowiak
6009ece91d
Increase strictness of NULL parameter validity in GCM's doxygen
2018-12-19 17:32:19 +01:00
k-stachowiak
21298a20c4
Improve parameter validation in mbedtls_gcm_free()
2018-12-19 17:32:19 +01:00
k-stachowiak
2ae7ae5301
Doxygen comments improvement
2018-12-19 17:30:38 +01:00
k-stachowiak
8ffc92a1e8
Add parameter validation for the GCM module
2018-12-19 17:30:38 +01:00
Hanno Becker
8ce11a323e
Minor improvements to bignum module
2018-12-19 16:18:52 +00:00
Gilles Peskine
159171b72a
PK parse/write: support keylen=0 correctly
...
A 0-length buffer for the key is a legitimate edge case. Ensure that
it works, even with buf=NULL. Document the key and keylen parameters.
There are already test cases for parsing an empty buffer. A subsequent
commit will add tests for writing to an empty buffer.
2018-12-19 17:03:28 +01:00
Hanno Becker
df4b59696d
Minor Camellia documentation improvements
2018-12-19 15:50:02 +00:00
Hanno Becker
ed54128fdb
Minor Blowfish documentation improvements
2018-12-19 15:48:37 +00:00
Hanno Becker
70ded3602c
Minor improvements to Camellia module and documentation
2018-12-19 13:42:05 +00:00
Hanno Becker
20376d631d
Don't promise that passing NULL input to Blowfish works
...
It seems to work, but we don't test it currently,
so we shouldn't promise it.
2018-12-19 12:52:59 +00:00
Hanno Becker
3d9a3490f8
Improve Blowfish documentation
2018-12-19 12:52:59 +00:00
Hanno Becker
49acc64c69
Minor improvements to Blowfish documentation and tests
2018-12-19 12:52:59 +00:00
Hanno Becker
3b4d6c6925
Document parameter preconditions for Blowfish module
2018-12-19 12:52:59 +00:00
Hanno Becker
938a15e584
Leave behaviour on NULL input unspecified in ARIA
...
We allow a NULL input buffer if the input length is zero,
but we don't test it. As long as that's the case, we shouldn't
promise to support it.
2018-12-19 12:51:00 +00:00
Hanno Becker
2f87504cb7
Minor ARIA documentation improvements
2018-12-19 12:51:00 +00:00
Hanno Becker
02d524c05c
Minor ARIA documentation improvements
2018-12-19 12:51:00 +00:00
Hanno Becker
139d8313d9
Document parameter preconditions for the ARIA module
2018-12-19 12:51:00 +00:00
Hanno Becker
1e2f3ed08f
Remove merge artifact
2018-12-19 12:47:55 +00:00
Hanno Becker
bdb7cd4840
Don't promise that passing NULL input to Camellia works
2018-12-19 12:47:55 +00:00
Hanno Becker
c7579ecb17
Improve Camellia documentation
2018-12-19 12:47:55 +00:00
Hanno Becker
af4b83bb2a
Minor improvements to CAMELLIA documentation
2018-12-19 12:47:55 +00:00
Hanno Becker
e939de7247
Minor fixes to Camellia parameter validation
2018-12-19 12:47:55 +00:00
Hanno Becker
f10905a6a7
Use full sentences in documentation of CAMELLIA preconditions
2018-12-19 12:47:55 +00:00
Hanno Becker
b4b7fb7504
Implement parameter validation for CAMELLIA module
2018-12-19 12:47:55 +00:00
Hanno Becker
7a16aaddba
Document parameter preconditions in CAMELLIA module
2018-12-19 12:47:55 +00:00
Hanno Becker
bb186f89fc
Weaken preconditions for mbedtls[_internal]_sha512_process()
2018-12-19 10:27:24 +00:00
Hanno Becker
fbf67770d8
Improve ECJPAKE documentation
2018-12-19 10:14:43 +00:00
Hanno Becker
185e516309
Minor fixes to ECJPAKE parameter validation
2018-12-19 09:48:50 +00:00
Simon Butcher
54b789aa74
Merge remote-tracking branch 'public/pr/2298' into development
2018-12-19 08:08:14 +00:00
Gilles Peskine
a310b41ebe
Add null-pointer support information to init/free
2018-12-19 00:51:21 +01:00
Hanno Becker
035c6baefe
Fix documentation bug in ECDSA module
2018-12-18 23:35:53 +00:00
Hanno Becker
c81cfece8f
Minor fixes to parameter validation in ECDH module
2018-12-18 23:32:42 +00:00
Hanno Becker
3f1f4ad9bd
Weaken preconditions on mbedtls_[internal_]sha256_process()
2018-12-18 23:19:37 +00:00
Hanno Becker
79b9e39732
Weaken preconditions for mbedtls[_internal]_sha1_process()
2018-12-18 23:17:49 +00:00