Commit Graph

4295 Commits

Author SHA1 Message Date
Simon Butcher
475cf0a98a Merge fix of IOTSSL-496 - Potential heap overflow
Fix for potential overflow in ssl_write_certificate_request()
2015-10-05 11:57:54 +01:00
Manuel Pégourié-Gonnard
5a2e389811 Remove inline workaround when not useful
This header doesn't have nay inline function any more
2015-10-05 11:55:39 +01:00
Manuel Pégourié-Gonnard
0223ab9d38 Fix macroization of inline in C++
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 11:41:36 +01:00
Simon Butcher
fec73a8eec Merge of fix for IOTSSL-481 - Double free
Potential double free in mbedtls_ssl_conf_psk()
2015-10-05 10:40:31 +01:00
Simon Butcher
c48b66bfb6 Changed attribution for Guido Vranken 2015-10-05 10:18:17 +01:00
Simon Butcher
6418ffaadb Merge fix for IOTSSL-480 - base64 overflow issue 2015-10-05 09:54:11 +01:00
Simon Butcher
a45aa1399b Merge of IOTSSL-476 - Random malloc in pem_read() 2015-10-05 00:26:36 +01:00
Simon Butcher
e7f96f22ee Merge fix IOTSSL-475 Potential buffer overflow
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.

Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).

Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-10-04 23:43:05 +01:00
Simon Butcher
d5ba4672b2 Merge fix for IOTSSL-474 PKCS12 Overflow
Fix stack buffer overflow in PKCS12
2015-10-04 22:47:59 +01:00
Simon Butcher
5b8d1d65f7 Fix for IOTSSL-473 Double free error
Fix potential double-free in mbedtls_ssl_set_hs_psk(.)
2015-10-04 22:06:51 +01:00
Robert Cragie
39a60de410 Correct overwritten fixes 2015-10-02 13:57:59 +01:00
Robert Cragie
136884c29b Use MBEDTLS_ECJPAKE_C def. for correct conditional compilation 2015-10-02 13:34:31 +01:00
Robert Cragie
4feb7ae8c2 Added key export API 2015-10-02 13:33:37 +01:00
Robert Cragie
e8377d66b7 Clean up compilation warnings 2015-10-02 13:32:17 +01:00
Robert Cragie
7cdad7708e Add point format handling 2015-10-02 13:31:41 +01:00
Manuel Pégourié-Gonnard
ef388f168d Merge branch 'development' into development-restricted
* development:
  Updated ChangeLog with credit
  Fix a fairly common typo in comments
  Make config check include for configs examples more consistent
2015-10-02 12:44:39 +02:00
Manuel Pégourié-Gonnard
bc1babb387 Fix potential overflow in CertificateRequest 2015-10-02 11:20:28 +02:00
Simon Butcher
54eec9d1dd Merge pull request #301 from Tilka/typo
Fix a fairly common typo in comments
2015-10-01 02:07:24 +01:00
Simon Butcher
e56384c00c Merge branch 'bachp-configs' into development 2015-10-01 02:02:09 +01:00
Simon Butcher
a12e3c00bf Updated ChangeLog with credit 2015-10-01 01:59:33 +01:00
Simon Butcher
13d8762cfe Merge branch 'configs' of bachp configs 2015-10-01 01:52:43 +01:00
Manuel Pégourié-Gonnard
0aa45c209a Fix potential overflow in base64_encode 2015-09-30 16:37:49 +02:00
Manuel Pégourié-Gonnard
50a739f8c3 Add test for base64 output length 2015-09-30 16:31:10 +02:00
Simon Butcher
5624ec824e Reordered TLS extension fields in client
Session ticket placed at end
2015-09-29 01:06:06 +01:00
Simon Butcher
04799a4274 Fixed copy and paste error
Accidental additional assignment in ssl_write_alpn_ext()
2015-09-29 00:31:09 +01:00
Simon Butcher
0fc94e9f83 Revised bounds checking on TLS extensions
Revisions following review feedback
2015-09-28 20:52:04 +01:00
Simon Butcher
9f81231fb8 Revised hostname length check from review 2015-09-28 19:22:33 +01:00
Manuel Pégourié-Gonnard
d02a1daca7 Fix stack buffer overflow in pkcs12 2015-09-28 19:47:50 +02:00
Manuel Pégourié-Gonnard
24417f06fe Fix potential double-free in mbedtls_ssl_conf_psk() 2015-09-28 18:09:45 +02:00
Manuel Pégourié-Gonnard
58fb49531d Fix potential buffer overflow in mpi_read_string()
Found by Guido Vranken.

Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.

Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).

Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-09-28 15:59:54 +02:00
Simon Butcher
ed9976634f Added bounds checking for TLS extensions
IOTSSL-478 - Added checks to prevent buffer overflows.
2015-09-28 02:14:30 +01:00
Simon Butcher
89f77623b8 Added max length checking of hostname 2015-09-27 22:50:49 +01:00
Tillmann Karras
588ad50c5a Fix a fairly common typo in comments 2015-09-25 04:27:22 +02:00
Manuel Pégourié-Gonnard
faee44ded1 Avoid false positives in bounds check
The size of the buffer already accounts for the extra data before the actual
message, so the allowed length is SSL_MAX_CONTENT_LEN starting from _msg
2015-09-24 22:19:58 +02:00
Manuel Pégourié-Gonnard
f592e8eaf6 Update yotta dependency version
We've had a bit of a race between us adapting to changes in 0.3.x and the
sockets author reverting those changes in the 0.3.x line and pushing them to
0.4.0. Let's use the newest and greatest sockets :)
2015-09-22 15:04:07 +02:00
Simon Butcher
8f98842e38 Refined credits in ChangeLog for fuzzing issue
Changed GDS to Gotham Digital Science
2015-09-22 10:10:36 +01:00
Manuel Pégourié-Gonnard
2f056a0aee Try to run yotta update for yotta build test
But accept failures in case we're offline
2015-09-18 14:37:54 +02:00
Manuel Pégourié-Gonnard
ca4fb7154a Fix mbed examples after minar upgrade 2015-09-18 14:36:57 +02:00
Manuel Pégourié-Gonnard
d0d8cb36a4 Cache ClientHello extension
This extension is quite costly to generate, and we don't want to re-do it
again when the server performs a DTLS HelloVerify. So, cache the result the
first time and re-use if/when we build a new ClientHello.

Note: re-send due to timeouts are different, as the whole message is cached
already, so they don't need any special support.
2015-09-17 14:16:30 +02:00
Manuel Pégourié-Gonnard
77c0646ef2 Add cache for EC J-PAKE client extension
Not used yet, just add the variables and cleanup code.
2015-09-17 13:59:49 +02:00
Manuel Pégourié-Gonnard
6657b8da3b Fix curve-dependency test 2015-09-17 13:46:21 +02:00
Manuel Pégourié-Gonnard
8cea8ad8b8 Bump version to 2.1.1 2015-09-17 11:58:45 +02:00
Simon Butcher
22b294132d Merge pull request #294 from ARMmbed/development-restricted
Merge restricted topic branch
2015-09-16 23:59:52 +01:00
Simon Butcher
ac58c53ab1 Merge remote-tracking branch 'origin/development' 2015-09-16 23:25:25 +01:00
Manuel Pégourié-Gonnard
75df902740 Add warning on config options
Note to self: actually disable before merging that branch!
2015-09-16 23:21:01 +02:00
Manuel Pégourié-Gonnard
921f2d02cf Add test cases with DTLS and/or password mismatch 2015-09-16 22:58:30 +02:00
Manuel Pégourié-Gonnard
0f1660ab4f Implement key exchange messages and PMS derivation
This completes the first working version. No interop testing done yet.
2015-09-16 22:58:30 +02:00
Manuel Pégourié-Gonnard
25dbeb002d Skip certificate-related messages with ECJPAKE 2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
0a1324aaa1 Add client-side extension parsing 2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
55c7f99112 Add server writing of the extension 2015-09-16 22:58:29 +02:00