mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Gilles Peskine	96f5baecec	Fix SSL tests scripts with recent OpenSSL server with Diffie-Hellman Our interoperability tests fail with a recent OpenSSL server. The reason is that they force 1024-bit Diffie-Hellman parameters, which recent OpenSSL (e.g. 1.1.1f on Ubuntu 20.04) reject: ``` 140072814650688:error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small:../ssl/s3_lib.c:3782: ``` We've been passing custom DH parameters since `6195767554` because OpenSSL <=1.0.2a requires it. This is only concerns the version we use as OPENSSL_LEGACY. So only use custom DH parameters for that version. In compat.sh, use it based on the observed version of $OPENSSL_CMD. This way, ssl-opt.sh and compat.sh work (barring other issues) for all our reference versions of OpenSSL as well as for a modern system OpenSSL. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-04-27 11:54:53 +02:00
Dave Rodgman	12f93f4fc2	Merge pull request #4407 from ARMmbed/dev3_signoffs Merge development_3.0 into development	2021-04-26 19:48:16 +01:00
Dave Rodgman	dca8509bb6	Update future Mbed TLS version in Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-04-26 16:23:22 +01:00
Dave Rodgman	10ba553c2e	Update Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-04-26 16:23:22 +01:00
Dave Rodgman	ddb8ea6847	Fix Changelog entry Rename a Changelog.d file, so that it gets picked up as expected by scripts/assemble_changelog.py. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-04-26 16:23:21 +01:00
Dave Rodgman	a00e8502c9	Documentation updates for Mbed TLS 3.0 Update documentation to reflect the branch changes. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-04-26 16:23:21 +01:00
Dave Rodgman	5ec6906964	Add sign-off for some older commits which are missing it. This sign-off applies to: `c258a0fa65` `7bdbc45275` `bfa03e3bc9` Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-04-23 15:12:56 +01:00
Ronald Cron	b5939e814e	Merge pull request #4160 from stevew817/feature/driver_builtin_keys Add implementation for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS Merging as it has been ready for four days now and I prefer not having to go through other rebases especially given the coming change of scope of development (3.0 rather than 2.2x).	2021-04-23 09:40:31 +02:00
Manuel Pégourié-Gonnard	c102164a54	Merge pull request #4339 from TRodziewicz/remove_depr_error_codes Remove deprecated error codes.	2021-04-22 22:28:00 +02:00
Ronald Cron	2bbb5bc6bf	Merge pull request #4380 from paul-elliott-arm/bignum_unchecked_return Fix unchecked return value in bignum	2021-04-22 13:08:57 +02:00
Tomasz Rodziewicz	9a97a13d3e	Merge branch 'development_3.0' into remove_depr_error_codes	2021-04-22 12:53:15 +02:00
Manuel Pégourié-Gonnard	f6b677ea98	Merge pull request #4349 from mpg/apply-4334-3.0 Apply 4334 to development-3.0	2021-04-22 12:42:40 +02:00
Manuel Pégourié-Gonnard	e8e450a394	Merge pull request #4254 from mstarzyk-mobica/remove_libpkcs11-helper Remove PKCS#11 library wrapper.	2021-04-22 12:39:54 +02:00
Manuel Pégourié-Gonnard	1216233949	Merge pull request #4391 from gilles-peskine-arm/error-on-removed-options-20210421 Error on removed options	2021-04-22 08:55:53 +02:00
Gilles Peskine	cc26e3bf25	Remove extraneous word Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-04-21 19:01:59 +02:00
Gilles Peskine	fa4e4b8645	Error out if attempting to use a removed feature If the compile-time configuration enables an option that was removed in Mbed TLS 3.0, and the effect of removing the option would likely not be detected at build time, #error out in check_config.h. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-04-21 18:48:09 +02:00
Gilles Peskine	b683776181	Per-line opt-out of check-names typo check Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-04-21 18:45:08 +02:00
Tomasz Rodziewicz	bfa03e3bc9	Update psa_util.h Remove the conditional include after the code review	2021-04-21 17:14:31 +02:00
Tomasz Rodziewicz	7bdbc45275	Update issue4283.txt Corrections in the ChangeLog file after a review.	2021-04-21 16:50:15 +02:00
TRodziewicz	3408d60225	revert the error.h file include in psa_util.c Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>	2021-04-21 13:25:25 +02:00
TRodziewicz	e022938ec7	error.c re-generated once more Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>	2021-04-21 13:14:04 +02:00
Tomasz Rodziewicz	d6c246f5bf	Merge branch 'development_3.0' into remove_depr_error_codes	2021-04-21 12:31:43 +02:00
TRodziewicz	1fbdb25d60	error.c re-generated Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>	2021-04-21 12:24:59 +02:00
TRodziewicz	33946bbf16	Two platform error codes moved to error.h to fix _without_platform test Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>	2021-04-21 12:06:23 +02:00
Mateusz Starzyk	f9c7b3eb11	Remove PKCS#11 library wrapper. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-04-21 11:05:00 +02:00
Paul Elliott	70c68dac45	Remove unnecessary changelog Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-04-20 21:47:42 +01:00
Paul Elliott	986b55af03	Style Fix Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-04-20 21:46:29 +01:00
Paul Elliott	7725a63c24	Fix unchecked return in bignum Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-04-20 19:01:46 +01:00
Ronald Cron	218da3fcf9	Merge pull request #4370 from tniessen/docs-typo Fix typo in architecture docs Typo fix thus merging with only one approval.	2021-04-20 08:38:50 +02:00
Tobias Nießen	835beffcf4	Fix typo in architecture docs Signed-off-by: Tobias Nießen <tniessen@tnie.de>	2021-04-19 23:56:25 +02:00
Manuel Pégourié-Gonnard	1cc91e7475	Merge pull request #4366 from gilles-peskine-arm/development_3.0-merge_2.x-20210419 Merge development 2.x into 3.0 (Apr 19)	2021-04-19 13:08:48 +02:00
Manuel Pégourié-Gonnard	16529bd439	Merge pull request #4344 from TRodziewicz/remove_deprecated_things_in_crypto_compat_h Remove deprecated things from crypto_compat.h and dependent tests.	2021-04-19 10:55:21 +02:00
Gilles Peskine	ee259130e4	Merge branch 'development' into development_3.0 Conflicts: * visualc/VS2010/mbedTLS.vcxproj: resolved by re-generating the file with scripts/generate_visualc_files.pl.	2021-04-19 10:51:59 +02:00
Manuel Pégourié-Gonnard	0bbb38c67e	Merge pull request #4199 from TRodziewicz/mul_shortcut_fix Fix ECDSA failing when the hash is all-bits-zero	2021-04-19 09:54:12 +02:00
Gilles Peskine	5192e00a4d	Merge pull request #4266 from mstarzyk-mobica/remove_allow_sha1_in_certificates Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES	2021-04-16 20:55:41 +02:00
Mateusz Starzyk	bf4c4f9cd5	Reword changelog entry for removal of SHA-1 from the default TLS configuration. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-04-16 18:39:10 +02:00
Mateusz Starzyk	a58625f90d	Remove optional SHA-1 in the default TLS configuration. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-04-16 18:39:10 +02:00
TRodziewicz	2333e6302d	Revert 2 files conflicting after previous push in the Github. Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>	2021-04-16 14:32:22 +02:00
Manuel Pégourié-Gonnard	13af41f88c	Merge pull request #4156 from mstarzyk-mobica/drop_old_tls_options Drop support for obsolete SSL/TLS features	2021-04-16 12:49:31 +02:00
Steven Cooreman	31e27af0cc	Reword the builtin key language on persistency declaration Specifically allow the driver to override the persistency level of a builtin key in cases where the driver is persistency-aware. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-16 11:25:18 +02:00
Steven Cooreman	966db26779	Minor code flow improvements * group setting of attributes before calling get_builtin_key * return early instead of going to exit when no resources are allocated yet Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-16 11:22:17 +02:00
Steven Cooreman	2cca9b8f13	Rename test driver source files to avoid file name conflicts MSVC doesn't like multiple compilation units with the same name. (conflict between cipher.c in the library and in the test driver folder) Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-16 11:22:14 +02:00
Steven Cooreman	16141ed2fb	Add test driver sources to VC build Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-16 11:20:03 +02:00
Mateusz Starzyk	a17fb8eac8	Fix line lenghts in changelog entry for removal of old TLS features. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-04-16 10:32:17 +02:00
Steven Cooreman	ce48702448	Get a builtin key's attributes in order to correctly get its size Leverage the fact that the get_builtin_key entrypoint returns a key's attributes, such that a proper size for the builtin key's buffer can be calculated through the driver's get_key_buffer_size hook. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-15 15:06:53 +02:00
Steven Cooreman	7ddee7f7c5	Use remove_key_data_from_memory instead of wipe_key_slot Since the loading attempt of a builtin key might be followed by trying to load a persistent key, we can only wipe the allocated key data, not the associated metadata. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-15 15:06:53 +02:00
Steven Cooreman	7609b1ff6c	leverage psa_allocate_buffer_to_slot from slot management It makes the implementation of psa_load_builtin_key_into_slot a lot cleaner. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-15 15:06:53 +02:00
Steven Cooreman	0bb653600f	If no storage backend is available, don't even attempt key loading Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-15 15:06:53 +02:00
Steven Cooreman	054bf7f2a0	Reduce indentation need by checking negative case first Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-15 15:06:53 +02:00
Steven Cooreman	43e4a406d9	Give builtin key export test functions the same dependencies Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-04-15 15:06:53 +02:00

1 2 3 4 5 ...

15403 commits