Commit graph

6674 commits

Author SHA1 Message Date
Ron Eldor 612a600186 Fix typo in ChangeLog
Fix typo in ChangeLog discovered in PR review
2018-06-24 17:23:29 +03:00
Ron Eldor df9b93e768 Remove unneeded namesapcing in header files
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
2018-06-24 17:23:16 +03:00
Simon Butcher 9a08e44972 Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse() 2018-06-22 12:02:59 +01:00
Philippe Antoine 0f91c0f441 Coding style
Commit to be squashed
2018-06-22 11:45:38 +01:00
Philippe Antoine dc58e59280 Simplify code in mbedtls_x509_csr_parse 2018-06-22 11:44:48 +01:00
Philippe Antoine 78657e52d8 Fix memory leak in mbedtls_x509_csr_parse 2018-06-22 11:44:38 +01:00
Andres Amaya Garcia 0fc4e0878e Document ssl_write_real() behaviour in detail 2018-06-21 19:29:49 +01:00
Andres Amaya Garcia dbd17b75f3 Allow 0 as a valid ret value for mbedtls_ssl_write
This patch modifies the documentation for mbedtls_ssl_write() to allow
0 as a valid return value as this is the correct number of bytes that
should be returned when an empty TLS Application record is sent.
2018-06-21 19:29:37 +01:00
Andres Amaya Garcia 294331a315 Add ChangeLog entry for mbedtls_ssl_write() docs 2018-06-21 19:27:44 +01:00
Ron Eldor de881c0173 Resolve PR review comments
Address review comments:
1. add `mbedtls_cipher_init()` after freeing context, in test code
2. style comments
3. set `ctx->iv_size = 0` in case `IV == NULL && iv_len == 0`
2018-06-21 14:03:37 +03:00
Ron Eldor cf330e8910 Fix CI failure
Test IV special cases only if `MBEDTLS_CIPHER_MODE_CBC` is defined
2018-06-21 14:03:24 +03:00
Ron Eldor efba4b077b Fix after PR comments
1. Don't set IV onECB
2. Fix style issues
3. reduce number of tests
2018-06-21 14:03:14 +03:00
Ron Eldor cf2305e513 Add tests for mbedtls_cipher_crypt API
1. Add tests for 'mbedtls_cipher_crypt()' API
2. Resolves #1091, by ignoring IV when the cipher mode is MBEDTLS_MODE_ECB
2018-06-21 14:02:23 +03:00
Jaeden Amero 88e414f4b7 Merge remote-tracking branch 'upstream-restricted/pr/488' into mbedtls-2.7 2018-06-18 15:41:22 +01:00
Simon Butcher 662ae9eaae Change the library version to 2.7.4 2018-06-18 14:42:14 +01:00
Simon Butcher 02582b2804 Add ChangeLog entry for clang version fix. Issue #1072 2018-06-18 11:56:13 +01:00
Simon Butcher aabfe6da7b Merge remote-tracking branch 'public/pr/1647' into mbedtls-2.7 2018-06-15 13:03:50 +01:00
Simon Butcher 0623cce53e Merge remote-tracking branch 'public/pr/1664' into mbedtls-2.7 2018-06-15 13:03:22 +01:00
Simon Butcher 112dfd5bc5 Merge remote-tracking branch 'public/pr/1728' into mbedtls-2.7 2018-06-15 13:02:40 +01:00
Simon Butcher 83c7ecbf5b Merge remote-tracking branch 'public/pr/1732' into mbedtls-2.7 2018-06-15 13:00:30 +01:00
Simon Butcher d8ea8d41a3 Add ChangeLog entry for Microblaze fix 2018-06-15 09:30:34 +01:00
Zach van Rijn df484d6b11 Fix MicroBlaze register typo. 2018-06-15 07:39:57 +01:00
Simon Butcher 47212c8e2c Merge remote-tracking branch 'public/pr/1581' into mbedtls-2.7 2018-06-14 11:02:43 +01:00
Simon Butcher da46a40855 Merge remote-tracking branch 'public/pr/1711' into mbedtls-2.7 2018-06-14 11:01:14 +01:00
Simon Butcher 49de6b89c1 Compilation warning fixes on 32b platfrom with IAR
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683

This is based on work by Ron Eldor in PR #750, some of which was independently
fixed by Azim Khan and already merged in PR #1655.
2018-06-14 09:05:55 +01:00
Simon Butcher a96b9d46f7 Add entry for PR #1646, for IAR Compiler Warnings fix
PR #1655 is a change to the behaviour of the CMake files therefore should be
recorded in the Changelog.
2018-06-12 17:42:02 +01:00
Simon Butcher fb6da8815c Merge remote-tracking branch 'public/pr/1655' into mbedtls-2.7 2018-06-12 17:40:08 +01:00
Simon Butcher c26080e23f Merge remote-tracking branch 'public/pr/1670' into mbedtls-2.7 2018-06-12 17:27:19 +01:00
Simon Butcher 8c83673eb2 Merge remote-tracking branch 'public/pr/1708' into mbedtls-2.7 2018-06-12 17:26:55 +01:00
Simon Butcher 856870952a Merge remote-tracking branch 'public/pr/1709' into mbedtls-2.7 2018-06-12 17:25:19 +01:00
Darryl Green 9e867214c3 Change symlink to hardlink to avoid permission issues 2018-06-11 11:31:40 +01:00
Darryl Green 215a40631f Fix out-of-tree testing symlinks on Windows 2018-06-11 11:31:31 +01:00
Simon Butcher ee3a3d4a72 Merge remote-tracking branch 'public/pr/1470' into mbedtls-2.7 2018-06-11 11:30:33 +01:00
Simon Butcher 4e5edf3184 Add ChangeLog entry for _WIN32_WINNT override fix 2018-06-08 16:23:17 +01:00
Fabio Alessandrelli ec4ce37709 Only redefine _WIN32_WINNT macro when < 0x0501 2018-06-08 12:28:47 +01:00
Simon Butcher bb5e1c3973 Fix multiple quality issues in the source
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
2018-06-08 11:14:43 +01:00
Gilles Peskine db37cb4752 mbedtls_gcm_crypt_and_tag: clarify what each mode does and doesn't do 2018-06-07 15:06:02 +02:00
Gilles Peskine bb07ca0bfb Fix Lucky13 attack protection when using HMAC-SHA-384
As a protection against the Lucky Thirteen attack, the TLS code for
CBC decryption in encrypt-then-MAC mode performs extra MAC
calculations to compensate for variations in message size due to
padding. The amount of extra MAC calculation to perform was based on
the assumption that the bulk of the time is spent in processing
64-byte blocks, which was correct for most supported hashes but not for
SHA-384. Adapt the formula to 128-byte blocks for SHA-384.
2018-06-06 17:23:31 +02:00
Gilles Peskine 282bd24a44 Correct and clarify the documentation of GCM whole-message functions
Clarify the roles of the buffer parameter and their sizes.

Remove a statement about input size restrictions that only applies to
mbedtls_gcm_update, not to the whole-message functions.

Document the possible error codes.

Warn that mbedtls_gcm_crypt_and_tag in decrypt mode does not
authenticate the data and recommend using mbedtls_gcm_auth_decrypt
instead.
2018-06-06 16:57:03 +02:00
Darryl Green 36f6fc542c Add check-files.py to travis.yml 2018-06-05 11:57:35 +01:00
Darryl Green 38e4c68a9e Add check-files.py to pre-push.sh 2018-06-05 11:57:21 +01:00
Darryl Green bd38c3b89f Add check-files.py to all.sh 2018-06-05 11:57:12 +01:00
Darryl Green da02eb310c Add script for source integrity checking 2018-06-05 11:57:01 +01:00
Simon Butcher ad11e65448 Merge remote-tracking branch 'public/pr/1404' into mbedtls-2.7 2018-06-01 19:35:16 +01:00
Simon Butcher e83b1ae201 Merge remote-tracking branch 'public/pr/1606' into mbedtls-2.7 2018-06-01 19:34:44 +01:00
Andres Amaya Garcia f9519bfa60 Add more SNI/DTLS tests
Run the normal SNI/TLS tests over DTLS in ssl-opt.sh for greater
coverage.
2018-05-30 08:21:26 +01:00
Andres Amaya Garcia 914eea44e7 Rename SNI/DTLS tests in ssl-opt.sh script 2018-05-30 08:21:25 +01:00
Andres AG e8b0774392 Add SNI with DTLS tests to ssl-opt.sh script 2018-05-30 08:21:22 +01:00
Azim Khan 826cdab010 Treat warnings as errors for IAR
Fix IAR compiler warnings

Two warnings have been fixed:
1. code 'if( len <= 0xFFFFFFFF )' gave warning 'pointless integer comparison'.
   This was fixed by wraping the condition in '#if SIZE_MAX > 0xFFFFFFFF'.
2. code 'diff |= A[i] ^ B[i];' gave warning 'the order of volatile accesses is undefined in'.
   This was fixed by read the volatile data in temporary variables before the computation.

Explain IAR warning on volatile access

Consistent use of CMAKE_C_COMPILER_ID
2018-05-25 14:58:33 +01:00
Ron Eldor c5333c29da Change the value of fno-sanitize-recover
Change the value of `-fno-sanitize-recover` from `undefined,integer` to `all`
2018-05-24 10:24:11 +03:00