espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-06-22 16:38:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
17,112 Commits 33 Branches 163 Tags
Commit Graph

7184 Commits

Author SHA1 Message Date
Gilles Peskine
103cf59e46 Fix NULL+0 in addition 0 + 0 
Fix undefined behavior (typically harmless in practice) of
mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int() when
both operands are 0 and the left operand is represented with 0 limbs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-17 11:03:46 +01:00
Paul Elliott
4637ed2205
Merge pull request #6545 from davidhorstmann-arm/2.28-fix-unusual-macros-0-followup 
Refactor/tidy after fixing unusual macros
 2022-11-10 14:27:14 +00:00
David Horstmann
da2fe26db7 Fix incorrect condition in is_compression_bad() 
The transport is allowed to be MBEDTLS_SSL_TRANSPORT_DATAGRAM when the
compression is MBEDTLS_SSL_COMPRESS_NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-09 15:08:36 +00:00
aditya-deshpande-arm
1d00c3dea6 Add comments after #endif 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-09 15:08:36 +00:00
Gilles Peskine
760d1ffef9
Merge pull request #6554 from daverodgman/development-2.28 
Backport 2.28: Fix outdated reference in debug message
 2022-11-08 17:12:27 +01:00
Gilles Peskine
cb492102bf
Merge pull request #6380 from Kabbah/backport2.28-x509-info-hwmodulename-hex 
[Backport 2.28] `x509_info_subject_alt_name`: Render HardwareModuleName as hex
 2022-11-08 17:11:09 +01:00
Jan Bruckner
a084c93be9 Fix outdated reference in debug message 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-11-08 10:55:44 +00:00
David Horstmann
b410566ba7 Reverse logic for compression in ssl_cli.c 
Change is_compression_ok() to is_compression_bad() for more semantics
that are a better match for what's really going on in the case of no
compression support.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 16:33:57 +00:00
David Horstmann
08a37516ff Minor style fixes to ssl_cli.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 15:55:00 +00:00
David Horstmann
bcc18f2bec Simplify PSA fallback logic in ssl_ticket.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:48:38 +00:00
David Horstmann
9fc2f959b3 Change 0-checks to NULL-checks in ecp.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:48:38 +00:00
David Horstmann
0955f82642 Tidy up compression logic with auxiliary function 
This refactors some logic in ssl_cli.c, removing some previously added
technical debt.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:48:29 +00:00
David Horstmann
0448de58d7 Simplify logic in ssl_cli.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:08:12 +00:00
David Horstmann
dbb6f08c3f Eliminate bad_params variable 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:08:12 +00:00
David Horstmann
79bb19f702 Remove redundant checks for renegotiation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:08:12 +00:00
Gilles Peskine
c4698502d6
Merge pull request #6491 from davidhorstmann-arm/2.28-fix-unusual-macros-0 
[Backport-ish 2.28] Fix unusual macros
 2022-11-03 10:29:06 +01:00
Dave Rodgman
e9e0eeccec
Merge pull request #6525 from daverodgman/fix-duplicate-header-2.28 
Remove duplicate function prototype - 2.28 backport
 2022-11-02 13:06:04 +00:00
Dave Rodgman
490f804555 Improve documentation for psa_crypto_cipher.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-02 09:29:35 +00:00
Dave Rodgman
8e322b1e99 Move declaration of mbedtls_cipher_info_from_psa into psa_crypto_cipher.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-02 09:27:01 +00:00
Dave Rodgman
e222637cfe Remove duplicate function prototype 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:41:48 +00:00
Dave Rodgman
369f495afc Fix zeroization at NULL pointer 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:11:47 +00:00
Dave Rodgman
0bbe75838e
Merge pull request #6191 from daverodgman/invalid-ecdsa-pubkey-backport-2.28 
Improve ECDSA verify validation - 2.28 backport
 2022-10-31 09:37:38 +00:00
David Horstmann
b5b1ed2969 Fix unused warning in ssl_tls.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 13:21:49 +01:00
Aurelien Jarno
edc110d15a Fix a timing leak in ecp_mul_mxz() 
The bit length of m is leaked through through timing in ecp_mul_mxz().
Initially found by Manuel Pégourié-Gonnard on ecp_mul_edxyz(), which has
been inspired from ecp_mul_mxz(), during initial review of the EdDSA PR.
See: https://github.com/Mbed-TLS/mbedtls/pull/3245#discussion_r490827996

Fix that by using grp->nbits + 1 instead, which anyway is very close to
the length of m, which means there is no significant performance impact.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
 2022-10-27 11:58:15 +01:00
David Horstmann
ab6175130b Fix macro-spanning if in x509_crt.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:45:01 +01:00
David Horstmann
04020abfae Fix macro-spanning ifs in ssl_ticket.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:39:03 +01:00
David Horstmann
d4f22083ba Fix macro-spanning ifs in ssl_tls.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:39:03 +01:00
David Horstmann
197b240089 Fix macro-spanning if in ssl_msg.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:39:03 +01:00
David Horstmann
ef661c531f Fix macro-spanning ifs in ecp.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:38:53 +01:00
David Horstmann
74ace59dc6 Fix macro-spanning ifs in ssl_srv.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:38:15 +01:00
Ronald Cron
c527796ecb
Merge pull request #6392 from davidhorstmann-arm/2.28-fix-x509-get-name-cleanup 
[Backport 2.28] Fix `mbedtls_x509_get_name()` cleanup
 2022-10-26 14:28:04 +02:00
David Horstmann
ee0a0e75c8 Fix macro-spanning ifs in ssl_cli.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 17:20:00 +01:00
David Horstmann
e9af9e3e12 Minor improvements to ecp.c changes 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:56 +01:00
David Horstmann
9430330d2f Rename ARIA_SELF_TEST_IF_FAIL 
Change to ARIA_SELF_TEST_ASSERT

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:56 +01:00
David Horstmann
864cc8dba2 Minor changes to asn1write.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:56 +01:00
David Horstmann
d209197f37 Refactor macro-spanning ifs in ecdh.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:56 +01:00
David Horstmann
b95ee00244 Refactor macro-spanning ifs in ecp.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:56 +01:00
David Horstmann
863b17d0cc Refactor macro-spanning if in asn1write.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:56 +01:00
David Horstmann
f3b1eaf95d Refactor macro-spanning if in sha512.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:47:53 +01:00
David Horstmann
5846c9de19 Refactor macro-spanning if in ssl_msg.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:43:05 +01:00
David Horstmann
0bb7243425 Refactor macro-spanning if in ssl_tls12_client.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:39:26 +01:00
David Horstmann
75b1fe7199 Refactor ARIA_SELF_TEST_IF_FAIL macro 
Change the ARIA_SELF_TEST_IF_FAIL macro to be more code-style friendly.
Currently it expands to the body of an if statement, which causes
problems for automatic brace-addition for if statements.

Convert the macro to a function-like macro that takes the condition as
an argument and expands to a full if statement inside a do {} while (0)
idiom.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-25 16:36:03 +01:00
David Horstmann
670a993dcd Fix incorrect return style 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-24 15:30:30 +01:00
David Horstmann
e6917d05d3 Remove unnecessary NULL assignments 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-24 15:30:30 +01:00
David Horstmann
5ad5e1657d Clarify wording on allocation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-24 15:30:30 +01:00
Gilles Peskine
279188f3f3
Merge pull request #6396 from gilles-peskine-arm/platform.h-unconditional-2.28 
Backport 2.28: Include platform.h unconditionally
 2022-10-13 10:19:25 +02:00
Gilles Peskine
36b33ba42f Restore platform.h inclusion in error.c 
This is an automatically generated file. The automatic processing to change
platform.h inclusion made it diverge, so put it back the way it needs to be.
platform.h is getting included once unconditionally from the fixed part of
the template, and once from the automatic enumeration of headers, which is
perfectly fine.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-07 19:49:05 +02:00
Gilles Peskine
7705a4614e Include platform.h unconditionally: gcm 
gcm.c had a slightly different pattern for the conditional inclusion of
platform.h which didn't fit the general replacement. Simplify it manually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-07 15:47:39 +02:00
Przemek Stekiel
169554c68f Adapt macro names: MBEDTLS_SSL_SOME_SUITES_USE_MAC->MBEDTLS_SSL_SOME_MODES_USE_MAC 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-06 10:53:20 +02:00
David Horstmann
8c176b487a Free structs in mbedtls_x509_get_name() on error 
mbedtls_x509_get_name() allocates a linked list of mbedtls_x509_name
structs but does not free these when there is an error, leaving the
caller to free them itself. Change this to cleanup these objects within
the function in case of an error.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-05 12:57:32 +01:00