Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only for CI - Don't review #27

Draft
wants to merge 95 commits into
base: main
Choose a base branch
from
+1,165 −7,150
Draft

Only for CI - Don't review #27

Changes from 1 commit
Commits
Show all changes
95 commits
Select commit Hold shift + click to select a range
f6d3c44
[nrf noup] Undef PSA crypto client in crypto_types
frkv Nov 29, 2021
92a84d6
[nrf noup] Remove redefinition ECC_MAX_CURVE_BITS
Vge0rge Dec 13, 2021
d3eb208
[nrf noup] Check if ECP_MAX_BITS is set in ecp.h
Vge0rge Jan 20, 2022
8ffbcc1
[nrf noup] Check if GCM_C is defined in gcm.h
Vge0rge Jan 20, 2022
f1f21d2
[nrf noup] Add driver_wrapper call for derivation
Vge0rge Jan 30, 2022
ca1e6b2
[nrf noup] Enable use of SNI without x509.
plskeggs Feb 5, 2022
dbbe35f
[nrf noup] Enable auto-generation of additional TLS/DTLS docs
plskeggs Feb 14, 2022
a9d5a5a
[nrf toup] pk_wrap: Add missing MD description for ECDSA verify
frkv Mar 10, 2022
3da802b
[nrf noup] Disable reporting ecjpake kkpp extension for PSK
frkv Apr 5, 2022
24c4ec1
[nrf noup] Fix PSA MAC for CMAC key types
frkv Apr 5, 2022
f6ff46f
[nrf_noup] Add opaque oberon context for hash
Vge0rge Apr 10, 2022
2863179
[nrf noup] Fix unset key bits for nrf_cc3xx v0.9.14
frkv May 12, 2022
c56a2ae
[nrf noup] Zeroize the Mbedtls entropy mutex
Vge0rge Sep 13, 2022
7322ffa
[nrf noup] Constant size for psa_core_key_attributes_t struct
mswarowsky Sep 30, 2022
45374c0
[nrf toup] Fix RSA dependency on PK write when enabling PSA crypto
joerchan Feb 17, 2023
a58396e
[nrf fromlist] library: psa_crypto: Fix compilation error in psa_key_…
joerchan Feb 17, 2023
829e3ed
[nrf fromlist] psa_crypto: Fix psa_key_derivation_output_key ECC with…
joerchan Mar 1, 2023
b573773
[nrf_noup] mbedtls: Circumvent ECJPAKE API inconsistency for OpenThread
maciejbaczmanski Sep 15, 2023
2d81092
[nrf noup] Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
frkv Oct 16, 2023
4a204f2
[nrf noup] Fix buffer overflow in TLS 1.3 ECDH public key parsing
frkv Oct 16, 2023
acea48f
[nrf noup] Fix buffer overread with stream cipher
frkv Oct 17, 2023
8498c9f
Revert "[nrf noup] Fix buffer overread with stream cipher"
mswarowsky Jan 12, 2024
6e08692
Revert "[nrf noup] Fix buffer overflow in TLS 1.3 ECDH public key par…
mswarowsky Jan 12, 2024
64abfc0
Revert "[nrf noup] Fix buffer overflow in TLS 1.2 ClientKeyExchange p…
mswarowsky Jan 12, 2024
94bc3d7
Revert "[nrf_noup] mbedtls: Circumvent ECJPAKE API inconsistency for …
mswarowsky Jan 12, 2024
f020b43
Revert "[nrf fromlist] psa_crypto: Fix psa_key_derivation_output_key …
mswarowsky Jan 12, 2024
2b48fe9
Revert "[nrf fromlist] library: psa_crypto: Fix compilation error in …
mswarowsky Jan 12, 2024
ae1ae38
Revert "[nrf toup] Fix RSA dependency on PK write when enabling PSA c…
mswarowsky Jan 12, 2024
60bc532
Revert "[nrf noup] Constant size for psa_core_key_attributes_t struct"
mswarowsky Jan 12, 2024
6e88908
Revert "[nrf noup] Zeroize the Mbedtls entropy mutex"
mswarowsky Jan 12, 2024
e1661e0
Revert "[nrf noup] Fix unset key bits for nrf_cc3xx v0.9.14"
mswarowsky Jan 12, 2024
43f777c
Revert "[nrf_noup] Add opaque oberon context for hash"
mswarowsky Jan 12, 2024
dac43ce
Revert "[nrf noup] Fix PSA MAC for CMAC key types"
mswarowsky Jan 12, 2024
f8d188b
Revert "[nrf noup] Disable reporting ecjpake kkpp extension for PSK"
mswarowsky Jan 12, 2024
f2baa28
Revert "[nrf toup] pk_wrap: Add missing MD description for ECDSA verify"
mswarowsky Jan 12, 2024
c61fab1
Revert "[nrf noup] Enable auto-generation of additional TLS/DTLS docs"
mswarowsky Jan 12, 2024
3abceed
Revert "[nrf noup] Enable use of SNI without x509."
mswarowsky Jan 12, 2024
8e9eb2c
Revert "[nrf noup] Add driver_wrapper call for derivation"
mswarowsky Jan 12, 2024
3416f60
Revert "[nrf noup] Check if GCM_C is defined in gcm.h"
mswarowsky Jan 12, 2024
03ba4c5
Revert "[nrf noup] Check if ECP_MAX_BITS is set in ecp.h"
mswarowsky Jan 12, 2024
5cf3577
Revert "[nrf noup] Remove redefinition ECC_MAX_CURVE_BITS"
mswarowsky Jan 12, 2024
39c6149
Revert "[nrf noup] Undef PSA crypto client in crypto_types"
mswarowsky Jan 12, 2024
dfffe95
[nrf merge] Merge tag mbed TLS 3.5.0
mswarowsky Jan 17, 2024
4ff237c
[nrf noup] Remove redefinition ECC_MAX_CURVE_BITS
Vge0rge Dec 13, 2021
e6a448e
[nrf noup] Check if ECP_MAX_BITS is set in ecp.h
Vge0rge Jan 20, 2022
06ac954
[nrf noup] Check if GCM_C is defined in gcm.h
Vge0rge Jan 20, 2022
9afc312
[nrf noup] Enable use of SNI without x509.
plskeggs Feb 5, 2022
39f9908
[nrf noup] Enable auto-generation of additional TLS/DTLS docs
plskeggs Feb 14, 2022
978da1c
[nrf noup] Disable reporting ecjpake kkpp extension for PSK
frkv Apr 5, 2022
7906442
[nrf noup] Fix unset key bits for nrf_cc3xx v0.9.14
frkv May 12, 2022
0a3cb16
[nrf noup] Zeroize the Mbedtls entropy mutex
Vge0rge Sep 13, 2022
0f7b3cb
[nrf noup] Constant size for psa_core_key_attributes_t struct
mswarowsky Sep 30, 2022
784de74
[nrf fromtree] Header updates
daverodgman Nov 3, 2023
5454754
[nrf fromtree] Fix some non-standard headers
daverodgman Nov 3, 2023
229789b
[nrf fromtree] Update documentation
daverodgman Nov 2, 2023
6d627b5
[nrf fromtree] Add Changelog for license
daverodgman Nov 2, 2023
0ad7499
[nrf fromtree] Update license for p256-m
daverodgman Nov 3, 2023
e27d559
[nrf fromtree] README improvements to 3rdparty section
daverodgman Nov 3, 2023
37f90c1
[nrf fromtree] assemble Changelog
daverodgman Nov 3, 2023
4f0acc9
[nrf fromtree] Fix 3rdparty target names for custom config
davidhorstmann-arm Oct 6, 2023
63fafdc
[nrf fromtree] Fix typos in changelog
daverodgman Nov 3, 2023
79abf8f
[nrf fromtree] Bump version
daverodgman Nov 3, 2023
7987246
[nrf fromtree] Update BRANCHES
daverodgman Nov 6, 2023
22737a1
[nrf fromtree] Update Changelog with bugfix entry
daverodgman Nov 7, 2023
7f6821f
[nrf fromtree] Add docs re Everest license
daverodgman Nov 8, 2023
1cc2c06
[nrf fromtree] Add tests for Issue #8687
jwinzig-at-hilscher Jan 9, 2024
72aaa38
[nrf fromtree] Fix Issue #8687
jwinzig-at-hilscher Jan 9, 2024
bb7c897
[nrf fromtree] Update fix to be more platform-independent
jwinzig-at-hilscher Jan 9, 2024
5766e46
[nrf fromtree] Add missing newline at the end of test_suite_x509write…
jwinzig-at-hilscher Jan 9, 2024
f7522b5
[nrf fromtree] Update test-data to use SIZE_MAX
jwinzig-at-hilscher Jan 9, 2024
21fe075
[nrf fromtree] Remove unneeded testcase
jwinzig-at-hilscher Jan 9, 2024
2acac90
[nrf fromtree] Add required dependency to the testcase
jwinzig-at-hilscher Jan 9, 2024
3b9790a
[nrf fromtree] Add Changelog for #8687
paul-elliott-arm Jan 16, 2024
5dc1873
[nrf fromtree] Make RSA unblinding constant flow
yanesca Nov 21, 2023
91e3e12
[nrf fromtree] Extend blinding to RSA result check
yanesca Nov 21, 2023
1f48d32
[nrf fromtree] Add Changelog for the Marvin attack fix
yanesca Nov 21, 2023
1277547
[nrf fromtree] Make local function static
yanesca Nov 21, 2023
5c48f0d
[nrf fromtree] Fix style
yanesca Nov 21, 2023
0743b86
[nrf fromtree] RSA: document Montgomery trick in unblind
yanesca Dec 27, 2023
4ce0182
[nrf fromtree] RSA: remove unneeded temporaries
yanesca Dec 27, 2023
8a3e748
[nrf fromtree] RSA: improve readability
yanesca Dec 27, 2023
7ddd0a3
[nrf fromtree] Fix typo
yanesca Dec 27, 2023
cc5e0b5
[nrf fromtree] Add warning for PKCS 1.5 decryption
yanesca Dec 29, 2023
1d0b027
[nrf fromtree] Update Marvin fix Changelog entry
yanesca Jan 11, 2024
34d9c01
[nrf fromtree] Assemble Changelog
daverodgman Jan 22, 2024
447df7e
[nrf fromtree] Bump version
daverodgman Jan 22, 2024
1df682a
[nrf fromtree] Update BRANCHES.md
daverodgman Jan 24, 2024
46194ab
[nrf fromtree] Bug Fix: mbedtls_ecdsa_verify_restartable fails with E…
JonathanWitthoeft Apr 26, 2023
e9437e6
[nrf noup] Use psa_crypto_core.h from Oberon PSA
Vge0rge Jan 31, 2024
b1eb50a
[nrf noup] Add the driver wrappers from Oberon
Vge0rge Feb 1, 2024
e0bec90
[nrf noup] Replace MBEDTLS_ACCEL->PSA_WANT in md.h
Vge0rge Feb 7, 2024
1e7c847
[nrf noup] Make the md contexts fixed size
Vge0rge Feb 7, 2024
19c482f
fixup! [nrf noup] Make the md contexts fixed size
Vge0rge Feb 9, 2024
7cfbbb4
Revert "[nrf noup] Add the driver wrappers from Oberon"
Vge0rge Feb 12, 2024
c8d07f2
Move headers
Vge0rge Feb 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
[nrf fromtree] Add Changelog for #8687 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
(cherry picked from commit 968a928)
Signed-off-by: Markus Swarowsky <markus.swarowsky@nordicsemi.no>
  • Loading branch information
@paul-elliott-arm @mswarowsky
paul-elliott-arm authored and mswarowsky committed Jan 29, 2024
commit 3b9790a537386b6d2069aa9fdcbb11f91518a42d
8 changes: 8 additions & 0 deletions ChangeLog.d/fix_int_overflow_x509_extension
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
Security
* Fix a failure to validate input when writing x509 extensions lengths which
could result in an integer overflow, causing a zero-length buffer to be
allocated to hold the extension. The extension would then be copied into
the buffer, causing a heap buffer overflow.