Skip to content

mbedtls: Update Mbed TLS to 2.15.1 #8926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 4, 2018
Merged

mbedtls: Update Mbed TLS to 2.15.1 #8926

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions features/mbedtls/VERSION.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
mbedtls-2.15.0
mbedcrypto-0.1.0b
mbedtls-2.15.1
mbedcrypto-0.1.0b2
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This has me a bit worried, but fine for now.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's worrying?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why worried? That's like half a comment - it's wrong but you're not saying how. :)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fair feedback.

mbedcrypto-0.1.0b2

This gives mes the impression that another TLS update will be needed before the feature release is complete. Is that correct?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the second beta of Mbed Crypto 0.1.0, hence the version. This version scheme doesn't imply there will be more, but there could be should we need. ;)

2 changes: 1 addition & 1 deletion features/mbedtls/importer/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
#

# Set the mbed TLS release to import (this can/should be edited before import)
MBED_TLS_RELEASE ?= mbedtls-2.15.0
MBED_TLS_RELEASE ?= mbedtls-2.15.1

# Translate between mbed TLS namespace and mbed namespace
TARGET_PREFIX:=../
Expand Down
16 changes: 13 additions & 3 deletions features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3146,7 +3146,7 @@ static void psa_aead_abort( aead_operation_t *operation )
mbedtls_ccm_free( &operation->ctx.ccm );
break;
#endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_CCM_C)
#if defined(MBEDTLS_GCM_C)
case PSA_ALG_GCM:
mbedtls_gcm_free( &operation->ctx.gcm );
break;
Expand Down Expand Up @@ -3259,6 +3259,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
}
tag = ciphertext + plaintext_length;

#if defined(MBEDTLS_GCM_C)
if( operation.core_alg == PSA_ALG_GCM )
{
status = mbedtls_to_psa_error(
Expand All @@ -3270,7 +3271,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
plaintext, ciphertext,
operation.tag_length, tag ) );
}
else if( operation.core_alg == PSA_ALG_CCM )
else
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C)
if( operation.core_alg == PSA_ALG_CCM )
{
status = mbedtls_to_psa_error(
mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
Expand All @@ -3282,6 +3286,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
tag, operation.tag_length ) );
}
else
#endif /* MBEDTLS_CCM_C */
{
return( PSA_ERROR_NOT_SUPPORTED );
}
Expand Down Expand Up @@ -3339,6 +3344,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
if( status != PSA_SUCCESS )
return( status );

#if defined(MBEDTLS_GCM_C)
if( operation.core_alg == PSA_ALG_GCM )
{
status = psa_aead_unpadded_locate_tag( operation.tag_length,
Expand All @@ -3356,7 +3362,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
tag, operation.tag_length,
ciphertext, plaintext ) );
}
else if( operation.core_alg == PSA_ALG_CCM )
else
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C)
if( operation.core_alg == PSA_ALG_CCM )
{
status = psa_aead_unpadded_locate_tag( operation.tag_length,
ciphertext, ciphertext_length,
Expand All @@ -3374,6 +3383,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
tag, operation.tag_length ) );
}
else
#endif /* MBEDTLS_CCM_C */
{
return( PSA_ERROR_NOT_SUPPORTED );
}
Expand Down