-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Comparing changes
Open a pull request
base repository: Mbed-TLS/mbedtls
base: 06c466d869094390e1d48cb05649ea118b273f61
head repository: Mbed-TLS/mbedtls
compare: da635ab65760bf1d6fe4abf0121aab2b6d2a5bad
Commits on Mar 6, 2023
-
Fix llvm error: variable 'default_iv_length' may be used uninitialized
Backport of #7210 Signed-off-by: Sergey <sergio_nsk@yahoo.de>
Configuration menu - View commit details
-
Copy full SHA for 04eb7c0 - Browse repository at this point
Copy the full SHA 04eb7c0View commit details
Commits on Aug 22, 2023
-
Remove comments that duplicate the 'msg' call just below
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2d04ce2 - Browse repository at this point
Copy the full SHA 2d04ce2View commit details -
Fix inconsistencies in no-chachapoly test
The original goal (#5072) was to run a test with ChaChaPoly disabled in PSA. It was actually implemented with GCM also partially disabled (legacy GCM enabled but PSA GCM disabled), which distracted from the objective. It's actually useful to test both with and without GCM, so test both. Don't test inconsistencies between legacy and PSA support because that's not a common case and not one we have particular reasons to test. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d4c85af - Browse repository at this point
Copy the full SHA d4c85afView commit details -
Make malloc-0-null a user config file
Having a wrapper made it harder to use: incompatible with setting MBEDTLS_CONFIG_FILE, harder to combine with other settings. It was also surprising since it was the only test config that was structured in that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2e70f1c - Browse repository at this point
Copy the full SHA 2e70f1cView commit details -
Correct some msg messages in full config
When MBEDTLS_USE_PSA_CRYPTO is disabled on a base of full, mention it. Don't explicitly mention MBEDTLS_PSA_CRYPTO_CONFIG when also mentioning PSA_WANT_xxx, since PSA_WANT symbols are only meaningful when MBEDTLS_PSA_CRYPTO_CONFIG is enabled. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 168be01 - Browse repository at this point
Copy the full SHA 168be01View commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 56081de - Browse repository at this point
Copy the full SHA 56081deView commit details
Commits on Aug 23, 2023
-
PSA_CRYPTO_DRIVER_TEST_ALL is incompatible with MBEDTLS_PSA_CRYPTO_CO…
…NFIG Explain how PSA_CRYPTO_DRIVER_TEST_ALL works and why we have it. Note that it is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG. MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is in the full config, so there's no need to add it explicitly. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8d77ec2 - Browse repository at this point
Copy the full SHA 8d77ec2View commit details
Commits on Sep 7, 2023
-
Fix boolean options in the wrong section
Boolean options that modify the behavior of a module are supposed to be in the "feature support" section, not in the "configuration options" support: that section is documented to contain commented-out definitions with a value, for which the comment contains the default version. In particular, merely uncommenting a definition in the "configuration options" section is not supposed to change anything. Move the offending boolean options to the proper section. This causes those options to be enabled by `config.py full` unless explicitly excluded. For the moved options: * Everest is already explicitly excluded. * The ALT options need to link against a custom function, so exclude them. * `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is ok for testing, and is currently never tested in `all.sh`. With this commit, we will now test the library with it enabled in configurations based on `full`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 937b91e - Browse repository at this point
Copy the full SHA 937b91eView commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e008890 - Browse repository at this point
Copy the full SHA e008890View commit details
Commits on Sep 8, 2023
-
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3a11771 - Browse repository at this point
Copy the full SHA 3a11771View commit details
Commits on Sep 11, 2023
-
Merge pull request #8173 from gilles-peskine-arm/config-boolean-optio…
…ns-wrong-section-202309-2.28 Backport 2.28: Fix boolean options in the wrong section
Configuration menu - View commit details
-
Copy full SHA for 198fbc2 - Browse repository at this point
Copy the full SHA 198fbc2View commit details
Commits on Sep 12, 2023
-
PSA config: Add comment about HKDF.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for fa9392a - Browse repository at this point
Copy the full SHA fa9392aView commit details -
Allow "Mbed TLS" as the project name in Doxygen
Previously the code only recognized the old spelling "mbed TLS", so it missed doxygen/input/doc_mainpage.h. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for bd44d93 - Browse repository at this point
Copy the full SHA bd44d93View commit details -
Update spelling "mbed TLS" to "Mbed TLS"
The official spelling of the trade mark changed from all-lowercase "mbed" to normal proper noun capitalization "Mbed" a few years ago. We've been using the new spelling in new text but still have the old spelling in a lot of text. This commit updates most occurrences of "mbed TLS": ``` sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*') ``` Justification for the omissions: * `ChangeLog`: historical text. * `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many occurrences are significant names in certificates and such. Changing the spelling would invalidate many signatures and tests. * `configs/tfm*`: this is an imported file. We'll follow the upstream updates. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f08ca83 - Browse repository at this point
Copy the full SHA f08ca83View commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for bd26a8d - Browse repository at this point
Copy the full SHA bd26a8dView commit details
Commits on Sep 13, 2023
-
Merge pull request #8194 from gilles-peskine-arm/bump_version-doc_mai…
…npage-2.28 Backport 2.28: Update capitalization of "Mbed" and fix bump_version.sh
Configuration menu - View commit details
-
Copy full SHA for fcbcf57 - Browse repository at this point
Copy the full SHA fcbcf57View commit details -
aesni: define MBEDTLS_HAVE_X86
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5a09159 - Browse repository at this point
Copy the full SHA 5a09159View commit details -
aesni: make AESNI only operate on X86 and X86_64
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Configuration menu - View commit details
-
Copy full SHA for dc5a88b - Browse repository at this point
Copy the full SHA dc5a88bView commit details -
aesni: refine the condition of MBEDTLS_HAVE_X86_64
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e707dc1 - Browse repository at this point
Copy the full SHA e707dc1View commit details -
Merge pull request #8172 from ronald-cron-arm/psa-config-add-comment
Backport 2.28: Add comment about HKDF in config_psa.h
Configuration menu - View commit details
-
Copy full SHA for 3d9978e - Browse repository at this point
Copy the full SHA 3d9978eView commit details -
Merge pull request #7211 from sergio-nsk/patch-3
mbedtls-2.28: Fix llvm error: variable 'default_iv_length' may be used uninitialized
Configuration menu - View commit details
-
Copy full SHA for 5161645 - Browse repository at this point
Copy the full SHA 5161645View commit details
Commits on Sep 14, 2023
-
padlock: introduce MBEDTLS_VIA_PADLOCK_HAVE_CODE
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 7fb6fc6 - Browse repository at this point
Copy the full SHA 7fb6fc6View commit details
Commits on Sep 15, 2023
-
Remove unneeded setting of ret from ssl programs
Remove a coverity warning on unused values. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2391649 - Browse repository at this point
Copy the full SHA 2391649View commit details
Commits on Sep 18, 2023
-
Merge pull request #8218 from paul-elliott-arm/remove_unused_values_p…
…rograms_2_28 Backport 2.28: Remove unneeded setting of ret from ssl programs
Configuration menu - View commit details
-
Copy full SHA for 433aa1c - Browse repository at this point
Copy the full SHA 433aa1cView commit details -
Merge pull request #8103 from gilles-peskine-arm/7961-2.28
Backport 2.28: parts of #7961
Configuration menu - View commit details
-
Copy full SHA for 3591cc6 - Browse repository at this point
Copy the full SHA 3591cc6View commit details
Commits on Sep 21, 2023
-
Fix the comments of some guards
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 20384f4 - Browse repository at this point
Copy the full SHA 20384f4View commit details
Commits on Sep 22, 2023
-
Remove all travis builds except for coverity_scan
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 471425d - Browse repository at this point
Copy the full SHA 471425dView commit details
Commits on Sep 24, 2023
-
Merge pull request #8245 from paul-elliott-arm/remove_travis_ci_2.28
[Backport 2.28] Remove all travis builds except for coverity_scan
Configuration menu - View commit details
-
Copy full SHA for b53e630 - Browse repository at this point
Copy the full SHA b53e630View commit details
Commits on Sep 26, 2023
-
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8068b08 - Browse repository at this point
Copy the full SHA 8068b08View commit details -
Re-add python install of requirements to Travis CI.
Also correct 'distro to 'dist' and update ubuntu to jammy and python to 3.10 to hopefully fend off future issues. Too much got removed when disabling travis and the Coverity scan build was failing on 'make generated-files', due to lack of installed python dependencies Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 13481f0 - Browse repository at this point
Copy the full SHA 13481f0View commit details -
Merge pull request #8209 from lpy4105/issue/8168/2.28_fix-aesni-selec…
…tion 2.28: Fix AESNI selection
Configuration menu - View commit details
-
Copy full SHA for 7a8ec0f - Browse repository at this point
Copy the full SHA 7a8ec0fView commit details -
Merge pull request #8254 from paul-elliott-arm/fix_travis_coverity_bu…
…ild_2_28 [Backport 2.28] Re-add python install of requirements to Travis CI.
Configuration menu - View commit details
-
Copy full SHA for dce82cd - Browse repository at this point
Copy the full SHA dce82cdView commit details
Commits on Sep 29, 2023
-
Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT
When ECDSA_SIGN_ALT but not ECDSA_VERIFY_ALT, mbedtls_ecdsa_can_do was not being defined causing mbedtls_ecdsa_verify_restartable to always fail Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
Configuration menu - View commit details
-
Copy full SHA for bfb0b39 - Browse repository at this point
Copy the full SHA bfb0b39View commit details -
Make mbedtls_ecdsa_can_do definition unconditional
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
Configuration menu - View commit details
-
Copy full SHA for 930679a - Browse repository at this point
Copy the full SHA 930679aView commit details -
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
Loading Loading status checks…Configuration menu - View commit details
-
Copy full SHA for 3ead877 - Browse repository at this point
Copy the full SHA 3ead877View commit details -
Add new error code for SSL cache entry not found
There was no good error to return in this case. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 917dd8b - Browse repository at this point
Copy the full SHA 917dd8bView commit details -
ssl_cache: return error codes on error
mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() returned 1 on many error conditions. Change this to returning a negative MBEDTLS_ERR_xxx error code. Completeness: after this commit, there are no longer any occurrences of `return 1` or `ret = 1`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for fe4d93a - Browse repository at this point
Copy the full SHA fe4d93aView commit details -
Changelog entry for mbedtls_ssl_cache error code fixes
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5856fd3 - Browse repository at this point
Copy the full SHA 5856fd3View commit details -
Merge pull request #8279 from gilles-peskine-arm/mbedtls_ecdsa_can_do
Backport 2.28: Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT
Configuration menu - View commit details
-
Copy full SHA for 8c28032 - Browse repository at this point
Copy the full SHA 8c28032View commit details -
Merge pull request #8280 from gilles-peskine-arm/ssl_cache-negative_e…
…rrors-2.28 Backport 2.28: ssl_cache: misc improvements
Configuration menu - View commit details
-
Copy full SHA for da635ab - Browse repository at this point
Copy the full SHA da635abView commit details
There are no files selected for viewing