mbedtls

mirror of https://github.com/espressif/mbedtls.git synced 2025-06-20 22:05:44 +08:00

Author	SHA1	Message	Date
Tom Cosgrove	c1b9842da5	Don't change typos in debug messages used by ssl-opt.sh Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-05 08:29:36 +00:00
Tom Cosgrove	49f99bc3db	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 16:44:21 +00:00
Dave Rodgman	ed179db976	Merge pull request #6657 from gilles-peskine-arm/psa-ecb-null-0-2.28 Backport 2.28: Fix NULL+0 undefined behavior in PSA crypto ECB	2022-11-25 17:07:36 +00:00
Gilles Peskine	ff97f336e3	Explain why p + n isn't good enough Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 13:35:51 +01:00
Gilles Peskine	d551413027	Remove now-redundant definitions of inline Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 13:27:34 +01:00
Dave Rodgman	b400fb0b76	Merge pull request #6452 from AndrzejKurek/depends-py-reloaded-2-28 [Backport 2.28] Unified tests/scripts/depends.py - reloaded	2022-11-24 10:59:31 +00:00
Gilles Peskine	8fe23a065a	Fix MSVC 12 (Visual Studio 2013) choking on inline Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-23 17:24:37 +01:00
Gilles Peskine	01bf631159	Fix NULL+0 undefined behavior in ECB encryption and decryption psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to a null pointer when the cipher does not use an IV. This is undefined behavior, although it works as naively expected on most platforms. This can cause a crash with modern Clang+ASan (depending on compiler optimizations). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-23 17:23:44 +01:00
Gilles Peskine	b358e46c8e	Merge pull request #6618 from gilles-peskine-arm/mpi_sint-min-ub-2.28 Backport 2.28: Fix undefined behavior in bignum: NULL+0 and -most-negative-sint	2022-11-21 19:52:03 +01:00
Gilles Peskine	ae7cbd7576	Express abs(z) in a way that satisfies GCC and MSVC Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-17 11:03:46 +01:00
Gilles Peskine	de1629aff9	Fix undefined behavior with the most negative mbedtls_mpi_sint When x is the most negative value of a two's complement type, `(unsigned_type)(-x)` has undefined behavior, whereas `-(unsigned_type)x` has well-defined behavior and does what was intended. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-17 11:03:46 +01:00
Gilles Peskine	103cf59e46	Fix NULL+0 in addition 0 + 0 Fix undefined behavior (typically harmless in practice) of mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int() when both operands are 0 and the left operand is represented with 0 limbs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-17 11:03:46 +01:00
Janos Follath	e530b5b4c4	Merge pull request #6579 from gilles-peskine-arm/negative-zero-from-add-2.28 Backport 2.28: Fix negative zero from bignum add/subtract	2022-11-16 14:06:04 +00:00
Paul Elliott	4637ed2205	Merge pull request #6545 from davidhorstmann-arm/2.28-fix-unusual-macros-0-followup Refactor/tidy after fixing unusual macros	2022-11-10 14:27:14 +00:00
Gilles Peskine	581c460161	Fix negative zero created by (-A) + (+A) or (-A) - (-A) In mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi(), and by extention mbedtls_mpi_add_int() and mbedtls_mpi_sub_int(), when the resulting value was zero, the sign bit of the result was incorrectly set to -1 when the left-hand operand was negative. This is not a valid mbedtls_mpi representation. Fix this: always set the sign to +1 when the result is 0. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-10 15:15:25 +01:00
Gilles Peskine	4e47bdc2fa	Unify mbedtls_mpi_add_mpi and mbedtls_mpi_sub_mpi mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi() have the same logic, just with one bit to flip in the sign calculation. Move the shared logic to a new auxiliary function. This slightly reduces the code size (if the compiler doesn't inline) and reduces the maintenance burden. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-10 15:15:25 +01:00
David Horstmann	da2fe26db7	Fix incorrect condition in is_compression_bad() The transport is allowed to be MBEDTLS_SSL_TRANSPORT_DATAGRAM when the compression is MBEDTLS_SSL_COMPRESS_NULL. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-09 15:08:36 +00:00
aditya-deshpande-arm	1d00c3dea6	Add comments after #endif Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-09 15:08:36 +00:00
Gilles Peskine	760d1ffef9	Merge pull request #6554 from daverodgman/development-2.28 Backport 2.28: Fix outdated reference in debug message	2022-11-08 17:12:27 +01:00
Gilles Peskine	cb492102bf	Merge pull request #6380 from Kabbah/backport2.28-x509-info-hwmodulename-hex [Backport 2.28] `x509_info_subject_alt_name`: Render HardwareModuleName as hex	2022-11-08 17:11:09 +01:00
Jan Bruckner	a084c93be9	Fix outdated reference in debug message Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2022-11-08 10:55:44 +00:00
David Horstmann	b410566ba7	Reverse logic for compression in ssl_cli.c Change is_compression_ok() to is_compression_bad() for more semantics that are a better match for what's really going on in the case of no compression support. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 16:33:57 +00:00
David Horstmann	08a37516ff	Minor style fixes to ssl_cli.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 15:55:00 +00:00
David Horstmann	bcc18f2bec	Simplify PSA fallback logic in ssl_ticket.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 14:48:38 +00:00
David Horstmann	9fc2f959b3	Change 0-checks to NULL-checks in ecp.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 14:48:38 +00:00
David Horstmann	0955f82642	Tidy up compression logic with auxiliary function This refactors some logic in ssl_cli.c, removing some previously added technical debt. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 14:48:29 +00:00
David Horstmann	0448de58d7	Simplify logic in ssl_cli.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 14:08:12 +00:00
David Horstmann	dbb6f08c3f	Eliminate bad_params variable Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 14:08:12 +00:00
David Horstmann	79bb19f702	Remove redundant checks for renegotiation Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-11-07 14:08:12 +00:00
Gilles Peskine	c4698502d6	Merge pull request #6491 from davidhorstmann-arm/2.28-fix-unusual-macros-0 [Backport-ish 2.28] Fix unusual macros	2022-11-03 10:29:06 +01:00
Dave Rodgman	e9e0eeccec	Merge pull request #6525 from daverodgman/fix-duplicate-header-2.28 Remove duplicate function prototype - 2.28 backport	2022-11-02 13:06:04 +00:00
Dave Rodgman	490f804555	Improve documentation for psa_crypto_cipher.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-02 09:29:35 +00:00
Dave Rodgman	8e322b1e99	Move declaration of mbedtls_cipher_info_from_psa into psa_crypto_cipher.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-02 09:27:01 +00:00
Dave Rodgman	e222637cfe	Remove duplicate function prototype Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-01 16:41:48 +00:00
Dave Rodgman	369f495afc	Fix zeroization at NULL pointer Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-01 16:11:47 +00:00
Dave Rodgman	0bbe75838e	Merge pull request #6191 from daverodgman/invalid-ecdsa-pubkey-backport-2.28 Improve ECDSA verify validation - 2.28 backport	2022-10-31 09:37:38 +00:00
David Horstmann	b5b1ed2969	Fix unused warning in ssl_tls.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 13:21:49 +01:00
Aurelien Jarno	edc110d15a	Fix a timing leak in ecp_mul_mxz() The bit length of m is leaked through through timing in ecp_mul_mxz(). Initially found by Manuel Pégourié-Gonnard on ecp_mul_edxyz(), which has been inspired from ecp_mul_mxz(), during initial review of the EdDSA PR. See: https://github.com/Mbed-TLS/mbedtls/pull/3245#discussion_r490827996 Fix that by using grp->nbits + 1 instead, which anyway is very close to the length of m, which means there is no significant performance impact. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>	2022-10-27 11:58:15 +01:00
David Horstmann	ab6175130b	Fix macro-spanning if in x509_crt.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 11:45:01 +01:00
David Horstmann	04020abfae	Fix macro-spanning ifs in ssl_ticket.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 11:39:03 +01:00
David Horstmann	d4f22083ba	Fix macro-spanning ifs in ssl_tls.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 11:39:03 +01:00
David Horstmann	197b240089	Fix macro-spanning if in ssl_msg.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 11:39:03 +01:00
David Horstmann	ef661c531f	Fix macro-spanning ifs in ecp.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 11:38:53 +01:00
David Horstmann	74ace59dc6	Fix macro-spanning ifs in ssl_srv.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-27 11:38:15 +01:00
Ronald Cron	c527796ecb	Merge pull request #6392 from davidhorstmann-arm/2.28-fix-x509-get-name-cleanup [Backport 2.28] Fix `mbedtls_x509_get_name()` cleanup	2022-10-26 14:28:04 +02:00
David Horstmann	ee0a0e75c8	Fix macro-spanning ifs in ssl_cli.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 17:20:00 +01:00
David Horstmann	e9af9e3e12	Minor improvements to ecp.c changes Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 16:47:56 +01:00
David Horstmann	9430330d2f	Rename ARIA_SELF_TEST_IF_FAIL Change to ARIA_SELF_TEST_ASSERT Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 16:47:56 +01:00
David Horstmann	864cc8dba2	Minor changes to asn1write.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 16:47:56 +01:00
David Horstmann	d209197f37	Refactor macro-spanning ifs in ecdh.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 16:47:56 +01:00

1 2 3 4 5 ...

7205 Commits