cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-05 21:25:27 -04:00
Code Issues Packages Projects Releases Wiki Activity
17,243 Commits 7 Branches 115 Tags
Commit Graph

17243 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
b6e93b6441
Merge pull request #6560 from gilles-peskine-arm/bignum-aliasing-6552-2.28 
Backport 2.28: Add comments for some forbidden aliasing in bignum.h interfaces
 2022-11-08 17:15:33 +01:00
Gilles Peskine
760d1ffef9
Merge pull request #6554 from daverodgman/development-2.28 
Backport 2.28: Fix outdated reference in debug message
 2022-11-08 17:12:27 +01:00
Gilles Peskine
cb492102bf
Merge pull request #6380 from Kabbah/backport2.28-x509-info-hwmodulename-hex 
[Backport 2.28] `x509_info_subject_alt_name`: Render HardwareModuleName as hex
 2022-11-08 17:11:09 +01:00
Glenn Strauss
1dccfdb904 Add comments for some forbidden aliasing in bignum 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-11-08 13:55:53 +01:00
Jan Bruckner
a084c93be9 Fix outdated reference in debug message 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-11-08 10:55:44 +00:00
David Horstmann
b410566ba7 Reverse logic for compression in ssl_cli.c 
Change is_compression_ok() to is_compression_bad() for more semantics
that are a better match for what's really going on in the case of no
compression support.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 16:33:57 +00:00
David Horstmann
08a37516ff Minor style fixes to ssl_cli.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 15:55:00 +00:00
David Horstmann
bcc18f2bec Simplify PSA fallback logic in ssl_ticket.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:48:38 +00:00
David Horstmann
9fc2f959b3 Change 0-checks to NULL-checks in ecp.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:48:38 +00:00
David Horstmann
0955f82642 Tidy up compression logic with auxiliary function 
This refactors some logic in ssl_cli.c, removing some previously added
technical debt.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:48:29 +00:00
David Horstmann
0448de58d7 Simplify logic in ssl_cli.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:08:12 +00:00
David Horstmann
dbb6f08c3f Eliminate bad_params variable 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:08:12 +00:00
David Horstmann
79bb19f702 Remove redundant checks for renegotiation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 14:08:12 +00:00
David Horstmann
14bae83ca0 Change test templating syntax to be valid C 
For the benefit of auto-formatting tools, move from the '$placeholder'
templating syntax to a new syntax of the form:

__MBEDTLS_TEST_TEMPLATE__PLACEHOLDER

This change allows the test code template to be almost entirely valid C.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-11-07 09:55:35 +00:00
Gilles Peskine
c4698502d6
Merge pull request #6491 from davidhorstmann-arm/2.28-fix-unusual-macros-0 
[Backport-ish 2.28] Fix unusual macros
 2022-11-03 10:29:06 +01:00
Dave Rodgman
e9e0eeccec
Merge pull request #6525 from daverodgman/fix-duplicate-header-2.28 
Remove duplicate function prototype - 2.28 backport
 2022-11-02 13:06:04 +00:00
Dave Rodgman
e43caca4ab
Merge pull request #6527 from daverodgman/update_pr_template-2.28 
Update pr template - 2.28 backport
 2022-11-02 13:05:03 +00:00
Dave Rodgman
a4f10bec28
Merge pull request #6526 from daverodgman/psalinks-2.28 
Update PSA links in README.md - 2.28 backport
 2022-11-02 10:02:03 +00:00
Dave Rodgman
490f804555 Improve documentation for psa_crypto_cipher.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-02 09:29:35 +00:00
Dave Rodgman
8e322b1e99 Move declaration of mbedtls_cipher_info_from_psa into psa_crypto_cipher.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-02 09:27:01 +00:00
Dave Rodgman
d39cf1e07c Align CONTRIBUTING.md with development 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 20:58:30 +00:00
Dave Rodgman
bc1e670fb7 Improve list formatting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 20:56:49 +00:00
Dave Rodgman
9a1c38a3c1 Reinstate note about all PRs receiving review 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 20:56:45 +00:00
Dave Rodgman
53b65f65ff Update CONTRIBUTING.md, and refer to this from the template 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 20:55:32 +00:00
Dave Rodgman
f1d74acb18 Update PR template 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 20:55:20 +00:00
Dave Rodgman
35e2b2b2bd
Merge pull request #6523 from daverodgman/fix_ssl_zeroize-2.28 
Fix zeroization at NULL pointer - 2.28 backport
 2022-11-01 20:50:33 +00:00
Dave Rodgman
428ef795e6 Update PSA links in README.md 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 20:43:24 +00:00
Dave Rodgman
e222637cfe Remove duplicate function prototype 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:41:48 +00:00
Dave Rodgman
febe14e6e0 Add Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:28:20 +00:00
Dave Rodgman
369f495afc Fix zeroization at NULL pointer 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:11:47 +00:00
Dave Rodgman
a1ea28fc40
Merge pull request #6513 from daverodgman/allsh-redundancies-2.28 
All.sh redundancies 2.28
 2022-10-31 15:03:48 +00:00
Gilles Peskine
83264bed63 Group cpp_dummy_build test into an existing component 
No need to do yet another build just to compile an additional trivial program.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-31 11:45:17 +00:00
Gilles Peskine
e86cdcb7bf Remove redundant build-only driver interface component 
component_build_psa_accel_alg_ecdsa is subsumed by
component_test_psa_crypto_config_accel_ecdsa, which has the same
configuration and additionally runs the unit tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-10-31 11:41:47 +00:00
Dave Rodgman
0bbe75838e
Merge pull request #6191 from daverodgman/invalid-ecdsa-pubkey-backport-2.28 
Improve ECDSA verify validation - 2.28 backport
 2022-10-31 09:37:38 +00:00
Dave Rodgman
6d61d83f29 Build fix - remove line of dead code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-28 09:23:09 +01:00
Dave Rodgman
23b79b6c9c Credit Cryptofuzz in the changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-27 20:36:47 +01:00
Dave Rodgman
a66e7edf09 Improve changelog for ECDSA verify fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-27 20:34:59 +01:00
Dave Rodgman
584200cf4e Update tests/suites/test_suite_ecdsa.function 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-27 20:34:56 +01:00
Gilles Peskine
e0917c0346
Merge pull request #6492 from daverodgman/ecp_mul_mxz-timing-leak-2.28 
Fix a timing leak in ecp_mul_mxz() - 2.28 backport
 2022-10-27 19:46:44 +02:00
David Horstmann
b5b1ed2969 Fix unused warning in ssl_tls.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 13:21:49 +01:00
Andrzej Kurek
31788cd8ae Add missing SHA256 dependencies in test_suite_ssl 
Most of the tests (including those using endpoint_init functions) parse
certificates that require MBEDTLS_SHA256_C to be present.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-27 07:44:13 -04:00
Andrzej Kurek
9821253847 Add missing CBC dependency in test_suite_ssl 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-27 07:44:13 -04:00
Andrzej Kurek
c5acdb9e92 Remove unused perl dependency scripts 
curves.pl, depends-hashes.pl, key-exchanges.pl and depends-pkalgs.pl are now superseded by depends.py.
Update all references to them accordingly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-27 07:44:13 -04:00
Andrzej Kurek
20d8a5f688 Add all.sh components running depends.py without MBEDTLS_USE_PSA_CRYPTO 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-27 07:44:13 -04:00
Andrzej Kurek
2b44a929a4 depends.py: add a config option to unset MBEDTLS_USE_PSA 
This lets us perform any test without MBEDTLS_USE_PSA
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-27 07:44:13 -04:00
Aurelien Jarno
edc110d15a Fix a timing leak in ecp_mul_mxz() 
The bit length of m is leaked through through timing in ecp_mul_mxz().
Initially found by Manuel Pégourié-Gonnard on ecp_mul_edxyz(), which has
been inspired from ecp_mul_mxz(), during initial review of the EdDSA PR.
See: https://github.com/Mbed-TLS/mbedtls/pull/3245#discussion_r490827996

Fix that by using grp->nbits + 1 instead, which anyway is very close to
the length of m, which means there is no significant performance impact.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
 2022-10-27 11:58:15 +01:00
David Horstmann
ab6175130b Fix macro-spanning if in x509_crt.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:45:01 +01:00
David Horstmann
04020abfae Fix macro-spanning ifs in ssl_ticket.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:39:03 +01:00
David Horstmann
d4f22083ba Fix macro-spanning ifs in ssl_tls.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:39:03 +01:00
David Horstmann
197b240089 Fix macro-spanning if in ssl_msg.c 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2022-10-27 11:39:03 +01:00