pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/mbedtls mbedtls: Update to 2.16.3

branches:  trunk
changeset: 340340:f29dee335560
user:      nia <>
date:      Tue Oct 01 17:44:11 2019 +0000

mbedtls: Update to 2.16.3

= mbed TLS 2.16.3 branch released 2019-09-06

   * Fix a missing error detection in ECJPAKE. This could have caused a
     predictable shared secret if a hardware accelerator failed and the other
     side of the key exchange had a similar bug.
   * The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to
     implement blinding. Because of this for the same key and message the same
     blinding value was generated. This reduced the effectiveness of the
     countermeasure and leaked information about the private key through side
     channels. Reported by Jack Lloyd.
   * When writing a private EC key, use a constant size for the private
     value, as specified in RFC 5915. Previously, the value was written
     as an ASN.1 INTEGER, which caused the size of the key to leak
     about 1 bit of information on average and could cause the value to be
     1 byte too large for the output buffer.

API Changes
   * The new function mbedtls_ecdsa_sign_det_ext() is similar to
     mbedtls_ecdsa_sign_det() but allows passing an external RNG for the
     purpose of blinding.

   * Fix to allow building test suites with any warning that detects unused
     functions. Fixes #1628.
   * Fix typo in net_would_block(). Fixes #528 reported by github-monoculture.
   * Remove redundant include file in timing.c. Fixes #2640 reported by irwir.
   * Fix Visual Studio Release x64 build configuration by inheriting
     PlatformToolset from the project configuration. Fixes #1430 reported by
   * Enable Suite B with subset of ECP curves. Make sure the code compiles even
     if some curves are not defined. Fixes #1591 reported by dbedev.
   * Fix misuse of signed arithmetic in the HAVEGE module. #2598
   * Update test certificates that were about to expire. Reported by
     Bernhard M. Wiedemann in #2357.
   * Fix the build on ARMv5TE in ARM mode to not use assembly instructions
     that are only available in Thumb mode. Fix contributed by Aurelien Jarno
     in #2169.
   * Fix undefined memset(NULL) call in test_suite_nist_kw.
   * Make NV seed test support MBEDTLS_ENTROPY_FORCE_SHA256.
   * Fix propagation of restart contexts in restartable EC operations.
     This could previously lead to segmentation faults in builds using an
     address-sanitizer and enabling but not using MBEDTLS_ECP_RESTARTABLE.
   * Fix memory leak in in mpi_miller_rabin(). Contributed by
     Jens Wiklander <> in #2363
   * Improve code clarity in x509_crt module, removing false-positive
     uninitialized variable warnings on some recent toolchains (GCC8, etc).
     Discovered and fixed by Andy Gross (Linaro), #2392.
   * Zero length buffer check for undefined behavior in
     mbedtls_platform_zeroize(). Fixes ARMmbed/mbed-crypto#49.
   * Fix bug in endianness conversion in bignum module. This lead to
     functionally incorrect code on bigendian systems which don't have
     __BYTE_ORDER__ defined. Reported by Brendan Shanks. Fixes #2622.

   * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
     suggests). #2671
   * Make `make clean` clean all programs always. Fixes #1862.

= mbed TLS 2.16.2 branch released 2019-06-11

   * Make mbedtls_ecdh_get_params return an error if the second key
     belongs to a different group from the first. Before, if an application
     passed keys that belonged to different group, the first key's data was
     interpreted according to the second group, which could lead to either
     an error or a meaningless output from mbedtls_ecdh_get_params. In the
     latter case, this could expose at most 5 bits of the private key.

   * Server's RSA certificate in certs.c was SHA-1 signed. In the default
     mbedTLS configuration only SHA-2 signed certificates are accepted.
     This certificate is used in the demo server programs, which lead the
     client programs to fail at the peer's certificate verification
     due to an unacceptable hash signature. The certificate has been
     updated to one that is SHA-256 signed. Fix contributed by
     Illya Gerasymchuk.
   * Fix private key DER output in the key_app_writer example. File contents
     were shifted by one byte, creating an invalid ASN.1 tag. Fixed by
     Christian Walther in #2239.
   * Fix potential memory leak in X.509 self test. Found and fixed by
     Junhwan Park, #2106.
   * Reduce stack usage of hkdf tests. Fixes #2195.
   * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when
     used with negative inputs. Found by Guido Vranken in #2404. Credit to
   * Fix bugs in the AEAD test suite which would be exposed by ciphers which
     either used both encrypt and decrypt key schedules, or which perform padding.
     GCM and CCM were not affected. Fixed by Jack Lloyd.
   * Fix incorrect default port number in ssl_mail_client example's usage.
     Found and fixed by irwir. #2337
   * Add missing parentheses around parameters in the definition of the
     public macro MBEDTLS_X509_ID_FLAG. This could lead to invalid evaluation
     in case operators binding less strongly than subtraction were used
     for the parameter.
   * Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl
     sni entry parameter. Reported by inestlerode in #560.
   * Add DER-encoded test CRTs to library/certs.c, allowing
     the example programs ssl_server2 and ssl_client2 to be run
     if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
   * Fix missing bounds checks in X.509 parsing functions that could
     lead to successful parsing of ill-formed X.509 CRTs. Fixes #2437.
   * Fix multiple X.509 functions previously returning ASN.1 low-level error
     codes to always wrap these codes into X.509 high level error codes before
     returning. Fixes #2431.

   * Return from various debugging routines immediately if the
     provided SSL context is unset.
   * Remove dead code from bignum.c in the default configuration.
     Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309.
   * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to
     Contributed by Peter Kolbus (Garmin).
   * Change wording in the `mbedtls_ssl_conf_max_frag_len()`'s documentation to
     improve clarity. Fixes #2258.
   * Replace multiple uses of MD2 by SHA-256 in X.509 test suite. Fixes #821.

= mbed TLS 2.16.1 branch released 2019-03-19

   * Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites
     from the default list (enabled by default). See

   * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined
     when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242.
   * Run the AD too long test only if MBEDTLS_CCM_ALT is not defined.
     Raised as a comment in #1996.
   * Reduce the stack consumption of mbedtls_mpi_fill_random() which could
     previously lead to a stack overflow on constrained targets.
   * Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions
     in the header files, which missed the precompilation check. #971
   * Fix clobber list in MIPS assembly for large integer multiplication.
     Previously, this could lead to functionally incorrect assembly being
     produced by some optimizing compilers, showing up as failures in
     e.g. RSA or ECC signature operations. Reported in #1722, fix suggested
     by Aurelien Jarno and submitted by Jeffrey Martin.
   * Fix signed-to-unsigned integer conversion warning
     in X.509 module. Fixes #2212.
   * Reduce stack usage of `mpi_write_hlp()` by eliminating recursion.
     Fixes #2190.
   * Remove a duplicate #include in a sample program. Fixed by Masashi Honma #2326.
   * Remove the mbedtls namespacing from the header file, to fix a "file not found"
     build error. Fixed by Haijun Gu #2319.
   * Fix returning the value 1 when mbedtls_ecdsa_genkey failed.
   * Fix false failure in when backup files exist in include/mbedtls
     (e.g. config.h.bak). Fixed by Peter Kolbus (Garmin) #2407.
   * Ensure that unused bits are zero when writing ASN.1 bitstrings when using
   * Fix issue when writing the named bitstrings in KeyUsage and NsCertType
     extensions in CSRs and CRTs that caused these bitstrings to not be encoded
     correctly as trailing zeroes were not accounted for as unused bits in the
     leading content octet. Fixes #1610.

   * Include configuration file in all header files that use configuration,
     instead of relying on other header files that they include.
     Inserted as an enhancement for #1371
   * Add support for alternative CSR headers, as used by Microsoft and defined
     in RFC 7468. Found by Michael Ernst. Fixes #767.
   * Fix configuration queries in ssl-opt.h. #2030
   * Ensure that ssl-opt.h can be run in OS X. #2029
   * Reduce the complexity of the timing tests. They were assuming more than the
     underlying OS actually guarantees.
   * Re-enable certain interoperability tests in which had previously
     been disabled for lack of a sufficiently recent version of GnuTLS on the CI.
   * Ciphersuites based on 3DES now have the lowest priority by default when
     they are enabled.

= mbed TLS 2.16.0 branch released 2018-12-21

   * Add a new config.h option of MBEDTLS_CHECK_PARAMS that enables validation
     of parameters in the API. This allows detection of obvious misuses of the
     API, such as passing NULL pointers. The API of existing functions hasn't
     changed, but requirements on parameters have been made more explicit in
     the documentation. See the corresponding API documentation for each
     function to see for which parameter values it is defined. This feature is
     disabled by default. See its API documentation in config.h for additional
     steps you have to take when enabling it.

API Changes
   * The following functions in the random generator modules have been
     deprecated and replaced as shown below. The new functions change
     the return type from void to int to allow returning error codes when
     using MBEDTLS_<MODULE>_ALT for the underlying AES or message digest
     primitive. Fixes #1798.
     mbedtls_ctr_drbg_update() -> mbedtls_ctr_drbg_update_ret()
     mbedtls_hmac_drbg_update() -> mbedtls_hmac_drbg_update_ret()
   * Extend ECDH interface to enable alternative implementations.
   * Deprecate error codes of the form MBEDTLS_ERR_xxx_INVALID_KEY_LENGTH for
     ARIA, CAMELLIA and Blowfish. These error codes will be replaced by
     the more generic per-module error codes MBEDTLS_ERR_xxx_BAD_INPUT_DATA.
   * Additional parameter validation checks have been added for the following
     modules - AES, ARIA, Blowfish, CAMELLIA, CCM, GCM, DHM, ECP, ECDSA, ECDH,
     ECJPAKE, SHA, Chacha20 and Poly1305, cipher, pk, RSA, and MPI.
     Where modules have had parameter validation added, existing parameter
     checks may have changed. Some modules, such as Chacha20 had existing
     parameter validation whereas other modules had little. This has now been
     changed so that the same level of validation is present in all modules, and
     that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default
     is off. That means that checks which were previously present by default
     will no longer be.

New deprecations
   * Deprecate mbedtls_ctr_drbg_update and mbedtls_hmac_drbg_update
     in favor of functions that can return an error code.

   * Fix for Clang, which was reporting a warning for the bignum.c inline
     assembly for AMD64 targets creating string literals greater than those
     permitted by the ISO C99 standard. Found by Aaron Jones. Fixes #482.
   * Fix runtime error in `mbedtls_platform_entropy_poll()` when run
     through qemu user emulation. Reported and fix suggested by randombit
     in #1212. Fixes #1212.
   * Fix an unsafe bounds check when restoring an SSL session from a ticket.
     This could lead to a buffer overflow, but only in case ticket authentication
     was broken. Reported and fix suggested by Guido Vranken in #659.
   * Add explicit integer to enumeration type casts to example program
     programs/pkey/gen_key which previously led to compilation failure
     on some toolchains. Reported by phoenixmcallister. Fixes #2170.
   * Fix double initialization of ECC hardware that made some accelerators
   * Clarify documentation of mbedtls_ssl_set_own_cert() regarding the absence
     of check for certificate/key matching. Reported by Attila Molnar, #507.


 security/mbedtls/Makefile   |  47 +++++++++++++++++++++++---------------------
 security/mbedtls/PLIST      |   4 +-
 security/mbedtls/distinfo   |  10 ++++----
 security/mbedtls/ |  31 ++++++++++++++---------------
 4 files changed, 47 insertions(+), 45 deletions(-)

diffs (162 lines):

diff -r 6a29e94d6e66 -r f29dee335560 security/mbedtls/Makefile
--- a/security/mbedtls/Makefile Tue Oct 01 16:38:42 2019 +0000
+++ b/security/mbedtls/Makefile Tue Oct 01 17:44:11 2019 +0000
@@ -1,34 +1,37 @@
-# $NetBSD: Makefile,v 1.8 2019/08/11 13:22:47 wiz Exp $
+# $NetBSD: Makefile,v 1.9 2019/10/01 17:44:11 nia Exp $
-DISTNAME=              mbedtls-2.14.1-apache
-PKGNAME=               ${DISTNAME:-apache=}
-PKGREVISION=           2
-CATEGORIES=            security devel
-EXTRACT_SUFX=          .tgz
+DISTNAME=      mbedtls-2.16.3-apache
+PKGNAME=       ${DISTNAME:-apache=}
+CATEGORIES=    security devel
-COMMENT=               Lightweight, modular cryptographic and SSL/TLS library
-LICENSE=               apache-2.0
+COMMENT=       Lightweight, modular cryptographic and SSL/TLS library
+LICENSE=       apache-2.0
-CONFLICTS+=            polarssl-[0-9]*
-SUPERSEDES+=           polarssl-[0-9]*
+CONFLICTS+=    polarssl-[0-9]*
+SUPERSEDES+=   polarssl-[0-9]*
-WRKSRC=                        ${WRKDIR}/${PKGNAME_NOREV}
-USE_CMAKE=             yes
-USE_LANGUAGES=         c
-USE_TOOLS+=            gmake perl pkg-config
+WRKSRC=                ${WRKDIR}/${PKGNAME_NOREV}
+USE_CMAKE=     yes
+USE_TOOLS+=    gmake perl pkg-config
-GCC_REQD+=             4.4
-REPLACE_PERL=          tests/scripts/*.pl
+GCC_REQD+=     4.4
+REPLACE_PERL=  tests/scripts/*.pl
 .include ""
-MAKE_ENV+=             RANLIB=${RANLIB:Q}
+CMAKE_ARGS+=   -Wno-dev
-LDFLAGS.SunOS+=                -lsocket
+LDFLAGS.SunOS+=        -lsocket
+.include "../../lang/python/"
 .include "../../mk/"
 .include "../../mk/"
diff -r 6a29e94d6e66 -r f29dee335560 security/mbedtls/PLIST
--- a/security/mbedtls/PLIST    Tue Oct 01 16:38:42 2019 +0000
+++ b/security/mbedtls/PLIST    Tue Oct 01 17:44:11 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2018/12/21 09:33:14 wiz Exp $
+@comment $NetBSD: PLIST,v 1.4 2019/10/01 17:44:11 nia Exp $
@@ -25,6 +25,7 @@
@@ -32,7 +33,6 @@
diff -r 6a29e94d6e66 -r f29dee335560 security/mbedtls/distinfo
--- a/security/mbedtls/distinfo Tue Oct 01 16:38:42 2019 +0000
+++ b/security/mbedtls/distinfo Tue Oct 01 17:44:11 2019 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.5 2018/12/21 09:43:00 wiz Exp $
+$NetBSD: distinfo,v 1.6 2019/10/01 17:44:11 nia Exp $
-SHA1 (mbedtls-2.14.1-apache.tgz) = ba0be2b8155710ef1da3ea5a05a4823812a50eed
-RMD160 (mbedtls-2.14.1-apache.tgz) = f0598874f9947031190df02393e49bec7fdad644
-SHA512 (mbedtls-2.14.1-apache.tgz) = f8a9371fcdca34f61db3676f14f83ba303194dc097fcf34b8088b2d2b1b88b2818c2ed54eef747d8dff7c799e11aee511eb179bb815ae46934b3426d09926dda
-Size (mbedtls-2.14.1-apache.tgz) = 2468132 bytes
+SHA1 (mbedtls-2.16.3-apache.tgz) = dce8550f8f9465f3aea44cb7d0f9d0ba8140034a
+RMD160 (mbedtls-2.16.3-apache.tgz) = 611635dce5ac99372272dd5c6edcb64d886f6e3b
+SHA512 (mbedtls-2.16.3-apache.tgz) = 62b984d04570334e740ff8b857b4dad73804a4d0aec22b224cb813eb8a6a4b2ec9bff3126c198552e030da94201fd98ed764e8b9f53056e2f94a51dfdbb47cdd
+Size (mbedtls-2.16.3-apache.tgz) = 2553709 bytes
 SHA1 (patch-library_net__sockets.c) = cd8f9cf84947800eb73d004847789626511ceb35
diff -r 6a29e94d6e66 -r f29dee335560 security/mbedtls/
--- a/security/mbedtls/       Tue Oct 01 16:38:42 2019 +0000
+++ b/security/mbedtls/       Tue Oct 01 17:44:11 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD:,v 1.2 2018/12/21 09:33:14 wiz Exp $
+# $NetBSD:,v 1.3 2019/10/01 17:44:11 nia Exp $
 PKG_SUPPORTED_OPTIONS= mbedtls-tools tests zlib
@@ -9,34 +9,33 @@
 .if defined(PKG_OPTIONS.polarssl)
 PKG_LEGACY_OPTIONS+=                   ${PKG_OPTIONS.polarssl}
-PKG_OPTIONS_DEPRECATED_WARNINGS+=      "Deprecated variable PKG_OPTIONS.polarssl used, use "${PKG_OPTIONS_VAR:Q}" instead."
+PKG_OPTIONS_DEPRECATED_WARNINGS+=      "Deprecated variable PKG_OPTIONS.polarssl used, use "${PKG_OPTIONS_VAR}" instead."
 .include "../../mk/"
 .if !empty(PKG_OPTIONS:Mmbedtls-tools)
-CMAKE_ARGS+=           -DENABLE_PROGRAMS=ON           yes
 .if !empty(PKG_OPTIONS:Mtests)
-. if !empty(PKG_OPTIONS:Mmbedtls-tools)
-.  include "../../security/openssl/"
-PLIST.tests=           yes
-. else
+.  if !empty(PKG_OPTIONS:Mmbedtls-tools)
+.    include "../../security/openssl/"
+PLIST.tests=   yes
+.  else
 PKG_FAIL_REASON+=      "option tests needs option mbedtls-tools"
-. endif
-.include "../../lang/python/"
+.  endif
 .if !empty(PKG_OPTIONS:Mzlib)
-.include "../../devel/zlib/"
+.  include "../../devel/zlib/"

Home | Main Index | Thread Index | Old Index