Commit Graph

4462 Commits

Author SHA1 Message Date
Ron Eldor
070c809c79 Adress Hannos's comments
Remove zeroizing buffer, as it was done already in PR #369
Check that buffer is not null by `!= NULL` statement
2017-09-07 11:09:06 +03:00
Ron Eldor
82a4b8186d update after Andres comments
Update after Andres coments:
1. zeroize the buffer in `mbedtls_pem_read_buffer()` before freeing it
2. use `mbedtls_zeroize()` instead of `memset()`
2017-09-07 11:08:54 +03:00
Ron Eldor
4dc8af77a9 Backport 2.1:Set PEM buffer to zero before freeing
Set PEM buffer to zero before freeing it, to avoid private keys
being leaked to memory after releasing it.
2017-09-07 11:08:00 +03:00
Simon Butcher
1fe5e8ab44 Update version number to 2.1.9 2017-08-10 11:51:47 +01:00
Simon Butcher
a30508309e Fix language in Changelog for clarity 2017-08-10 10:48:33 +01:00
Simon Butcher
ea27c997c0 Improve documentation of PKCS1 decryption functions
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
 - mbedtls_rsa_pkcs1_decrypt,
 - mbedtls_rsa_rsaes_pkcs1_v15_decrypt
 - mbedtls_rsa_rsaes_oaep_decrypt
2017-08-01 23:00:34 +01:00
Hanno Becker
223f88dd2e Adapt ChangeLog 2017-07-28 22:15:31 +01:00
Hanno Becker
6ad82d714f Rename time and index parameter to avoid name conflict.
As noted in #557, several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.

This commit renames the arguments accordingly.
2017-07-28 22:14:55 +01:00
Hanno Becker
093620173b Correct comment and remove empty line 2017-07-28 21:43:19 +01:00
Hanno Becker
3948a101b6 Adapt ChangeLog 2017-07-28 21:42:50 +01:00
Hanno Becker
66daa68c19 Reliably zeroize sensitive data in AES sample application
The AES sample application programs/aes/aescrypt2 could miss zeroizing
the stack-based key buffer in case of an error during operation. This
commit fixes this and also clears another temporary buffer as well as
all command line arguments (one of which might be the key) before exit.
2017-07-28 21:41:11 +01:00
Hanno Becker
e0c35a6997 Reliably zeroize sensitive data in Crypt-and-Hash sample application
The AES sample application programs/aes/crypt_and_hash could miss
zeroizing the stack-based key buffer in case of an error during
operation. This commit fixes this and also clears all command line
arguments (one of which might be the key) before exit.
2017-07-28 21:40:52 +01:00
Simon Butcher
246bf6932d Fix duplication in Changelog introduced by merge 2017-07-28 13:08:07 +01:00
Simon Butcher
266f3446b7 Remove the check in ssl-opt.sh for MAX_INTERMEDIATE_CA
The check uses grep, not config.pl, on the x509 headers - not where it should
be configured - config.h. grep syntax isn't very portable. Without config.pl
it's quite hard to do this check properly so removing this check.
2017-07-28 13:02:33 +01:00
Simon Butcher
d4d70c4985 Fix threshold checks for MBEDTLS_X509_MAX_INTERMEDIATE_CA 2017-07-28 12:27:54 +01:00
Ron Eldor
b5851193eb Backport 2.1: check if iv is zero in gcm.
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-28 12:21:38 +01:00
Hanno Becker
eeb1350073 Fix typo 2017-07-28 12:20:48 +01:00
Hanno Becker
88c6f726c5 Check threshold for MBEDTLS_X509_MAX_INTERMEDIATE_CA in X509 tests
The X509 test suite assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA is below the
hardcoded threshold 20 used in the long certificate chain generating script
tests/data_files/dir-max/long.sh. This commit adds a compile-time check for
that.
2017-07-28 12:20:48 +01:00
Hanno Becker
323a2227ee Improve Readme for long test certificate chains 2017-07-28 12:20:48 +01:00
Hanno Becker
81cc8f668b Check value of MBEDTLS_X509_MAX_INTERMEDIATE_CA in ssl-opt.sh
Some tests in ssl-opt.sh assumes the value 8 for the maximal number
MBEDTLS_X509_MAX_INTERMEDIATE_CA of intermediate CA's. This commit adds a check
before conducting the respective tests.
2017-07-28 12:20:48 +01:00
Hanno Becker
58897fbd7d Correct indentation and labelling in ChangeLog 2017-07-28 12:20:48 +01:00
Janos Follath
4721831ffb Fix typos 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
f2269b0579 Update doc of return value of verify() 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
71103cbcbb Make test script more portable
seq isn't POSIX and isn't present by default on BSDs
2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
cdb4dc9393 Improve comments 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
83765655dd Add ChangeLog entry for the security issue 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
591035d0b4 Add SSL tests for long cert chains 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
c386317298 Only return VERIFY_FAILED from a single point
Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard
489939f829 Improve behaviour on fatal errors
If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
2017-07-28 12:20:47 +01:00
Manuel Pégourié-Gonnard
4770dbc913 Add test for limit on intermediate certificates
Inspired by test code provided by Nicholas Wilson in PR #351.

The test will fail if someone sets MAX_INTERMEDIATE_CA to a value larger than
18 (default is 8), which is hopefully unlikely and can easily be fixed by
running long.sh again with a larger value if it ever happens.

Current behaviour is suboptimal as flags are not set, but currently the goal
is only to document/test existing behaviour.
2017-07-28 12:19:49 +01:00
Andres AG
ad6cf99d6d Add CRT DER tests with incorrect version 2017-07-26 18:01:54 +01:00
Andres AG
9674a628e5 Add CRL DER tests with incorrect version 2017-07-26 18:01:43 +01:00
Andres AG
7ebf632b3e Add CSR DER tests with incorrect version 2017-07-26 18:01:32 +01:00
Andres AG
b322be507b Prevent signed integer overflow in CSR parsing
Modify the function mbedtls_x509_csr_parse_der() so that it checks the
parsed CSR version integer before it increments the value. This prevents
a potential signed integer overflow, as these have undefined behaviour
in the C standard.
2017-07-26 17:59:20 +01:00
Andres AG
1f06d9bac7 Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-26 17:57:43 +01:00
Andres AG
0ff660e0a6 Fix potential integer overflow parsing DER CRL
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-26 17:56:42 +01:00
Ron Eldor
a886ce3c88 Backport 2.1: Check rc of mbedtls_mpi_fill_random
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
2017-07-20 01:25:53 +02:00
Ron Eldor
0fb3e0afb9 Backport: Resource leak fix on windows platform
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-20 01:05:47 +02:00
Ron Eldor
ee709f4d13 Backport 2.1: Wrong preproccessor condition fix
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-20 00:47:20 +02:00
Ron Eldor
5ff277ee1e Backport 2.1: check if iv is zero in gcm.
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-20 00:30:44 +02:00
Ron Eldor
a905bdc999 Minor: Fix typo in program comments
Fix a typos in some reference program applications
2017-07-19 23:39:59 +02:00
Hanno Becker
cea8b53680 Improve documentation of PKCS1 decryption functions
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- mbedtls_rsa_pkcs1_decrypt,
- mbedtls_rsa_rsaes_pkcs1_v15_decrypt
- mbedtls_rsa_rsaes_oaep_decrypt
2017-07-19 01:49:45 +01:00
Simon Butcher
fbb9837ad5 Update the version number to 2.1.8 2017-06-20 23:31:06 +01:00
Hanno Becker
499391a02d Undo API change
The previous commit b3e6872c93 changed
to public functions from ssl_ciphersuite.h to static inline. This
commit reverts this change.
2017-06-20 19:33:51 +01:00
Janos Follath
3fb1cc37a6 Improve Changelog 2017-06-16 14:15:08 +01:00
Manuel Pégourié-Gonnard
bff031608f Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted
* mbedtls-2.1:
  Remove %zu format string from ssl_client2 and ssl_server2
2017-06-09 17:41:34 +02:00
Manuel Pégourié-Gonnard
d690189977 Merge remote-tracking branch 'hanno/remove_format_qualifier_backport-2.1' into mbedtls-2.1
* hanno/remove_format_qualifier_backport-2.1:
  Remove %zu format string from ssl_client2 and ssl_server2
2017-06-09 17:39:14 +02:00
Hanno Becker
46a1629c5f Remove %zu format string from ssl_client2 and ssl_server2 2017-06-09 16:14:49 +01:00
Manuel Pégourié-Gonnard
89930b354c Merge remote-tracking branch 'restricted/iotssl-1398_backport-2.1' into mbedtls-2.1-restricted
* restricted/iotssl-1398_backport-2.1:
  Add ChangeLog entry
  Ensure application data records are not kept when fully processed
  Add hard assertion to mbedtls_ssl_read_record_layer
  Fix mbedtls_ssl_read
  Simplify retaining of messages for future processing
2017-06-09 15:06:31 +02:00
Manuel Pégourié-Gonnard
43df7e6bb7 Merge near-duplicate ChangeLog entries
As agreed with Gilles on the PR discussion page
2017-06-09 14:47:42 +02:00