Gilles Peskine
2bd6ca415b
Merge remote-tracking branch 'upstream-restricted/pr/402' into mbedtls-1.3-restricted
2017-11-28 14:34:24 +01:00
Gilles Peskine
d3dd8d2197
Merge remote-tracking branch 'upstream-restricted/pr/387' into mbedtls-1.3-restricted
2017-11-28 14:34:16 +01:00
Gilles Peskine
c5926a7049
Merge branch 'iotssl-1419-safermemcmp-volatile_backport-1.3' into mbedtls-1.3-restricted
2017-11-28 13:50:05 +01:00
Gilles Peskine
1caad08610
add changelog entry
2017-11-28 13:35:09 +01:00
Gilles Peskine
3036cbeb8e
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-11-24 16:07:43 +01:00
Gilles Peskine
e298532394
Merge remote-tracking branch 'upstream-public/pr/1113' into mbedtls-1.3
2017-11-24 15:38:42 +01:00
Gilles Peskine
1dc344373a
Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge-1.3' into mbedtls-1.3-restricted
2017-11-23 19:11:58 +01:00
Gilles Peskine
feae81de91
ChangeLog entry for ssl_parse_client_psk_identity fix
2017-11-23 19:10:48 +01:00
Manuel Pégourié-Gonnard
408dfd1f6a
Merge remote-tracking branch 'restricted/pr/418' into mbedtls-1.3-restricted
...
* restricted/pr/418:
RSA PSS: remove redundant check; changelog
RSA PSS: fix first byte check for keys of size 8N+1
RSA PSS: fix minimum length check for keys of size 8N+1
RSA: Fix another buffer overflow in PSS signature verification
RSA: Fix buffer overflow in PSS signature verification
2017-11-23 12:16:05 +01:00
Gilles Peskine
28474f41a0
RSA PSS: remove redundant check; changelog
...
Remove a check introduced in the previous buffer overflow fix with keys of
size 8N+1 which the subsequent fix for buffer start calculations made
redundant.
Added a changelog entry for the buffer start calculation fix.
2017-10-19 17:50:35 +02:00
Gilles Peskine
511bb84c60
RSA: Fix another buffer overflow in PSS signature verification
...
Fix buffer overflow in RSA-PSS signature verification when the masking
operation results in an all-zero buffer. This could happen at any key size.
2017-10-17 19:33:48 +02:00
Gilles Peskine
55db24ca50
RSA: Fix buffer overflow in PSS signature verification
...
Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.
Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.
2017-10-17 19:30:12 +02:00
Andres AG
7c02d13746
Correctly handle leap year in x509_date_is_valid()
...
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 21:08:46 +01:00
Ron Eldor
4491a791be
Parse Signature Algorithm ext when renegotiating
...
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
2017-10-11 14:06:26 +01:00
Andres Amaya Garcia
10345fbe2a
Add ChangeLog entry
2017-10-07 22:24:07 +01:00
Simon Butcher
7d661f83e1
Fix changelog for ssl_server2.c usage fix
2017-10-02 19:22:17 +01:00
Hanno Becker
ce2c02cca2
Enhance documentation of ssl_set_hostname
...
(1) Add missing error condition
(2) Specify allowance and effect of of NULL hostname parameter
(3) Describe effect of function on failure
Also, adapt ChangeLog.
2017-10-01 00:00:56 +01:00
Hanno Becker
ea65d0377c
Adapt ChangeLog
2017-09-28 16:54:41 +01:00
Ron Eldor
27ce0b5ff1
Backport 1.3:Set PEM buffer to zero before freeing it
...
Set PEM buffer to zero before freeing it, to avoid private keys
being leaked to memory after releasing it.
2017-09-07 11:18:51 +03:00
Simon Butcher
a75a459143
Removed duplication in Changelog
2017-08-10 23:38:10 +01:00
Simon Butcher
03bd0229ab
Update version to 1.3.21
2017-08-10 11:52:14 +01:00
Simon Butcher
9ee5910f65
Fix language in Changelog for clarity
2017-08-10 10:49:32 +01:00
Hanno Becker
1af21bfa38
Improve documentation of PKCS1 decryption functions
...
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- rsa_pkcs1_decrypt
- rsa_rsaes_pkcs1_v15_decrypt
- rsa_rsaes_oaep_decrypt
2017-08-01 23:05:31 +01:00
Hanno Becker
e7f5abc111
Adapt ChangeLog
2017-07-28 22:08:29 +01:00
Hanno Becker
56fa40f4f5
Adapt ChangeLog
2017-07-28 22:02:58 +01:00
Ron Eldor
b34be244e6
Backport 1.3: check if iv is zero in gcm.
...
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-28 13:16:50 +01:00
Hanno Becker
2625f4aa93
Correct indentation and labelling in ChangeLog
2017-07-28 13:15:57 +01:00
Janos Follath
1fbc5fb027
Fix typos
2017-07-28 13:15:57 +01:00
Manuel Pégourié-Gonnard
df745670e1
Add ChangeLog entry for the security issue
2017-07-28 13:15:57 +01:00
Manuel Pégourié-Gonnard
d0e755716f
Only return VERIFY_FAILED from a single point
...
Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
2017-07-28 13:15:57 +01:00
Manuel Pégourié-Gonnard
8af7bfa982
Improve behaviour on fatal errors
...
If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
2017-07-28 13:15:57 +01:00
Andres AG
3df4e4e1d0
Prevent signed integer overflow in CSR parsing
...
Modify the function x509_csr_parse_der() so that it checks the parsed
CSR version integer before it increments the value. This prevents a
potential signed integer overflow, as these have undefined behaviour in
the C standard.
2017-07-27 11:50:58 +01:00
Andres AG
47f3059780
Fix potential integer overflow parsing DER CRT
...
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-27 11:50:04 +01:00
Andres AG
26124be17a
Fix potential integer overflow parsing DER CRL
...
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-27 11:49:08 +01:00
Ron Eldor
57501ef056
Backport 1.3: Check rc of mbedtls_mpi_fill_random
...
Add MPI_CHK to check for error value of mpi_fill_random.
Backport from Report and fix suggestion by guidovranken in #740
2017-07-20 01:26:53 +02:00
Ron Eldor
454da1fa6f
Backport 1.3: Resource leak fix on windows
...
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-20 01:08:17 +02:00
Ron Eldor
7771824235
Backport 1.3: Wrong preproccessor condition fix
...
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-20 00:49:43 +02:00
Ron Eldor
4f1e64ed4b
Backport 1.3: check if iv is zero in gcm.
...
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-20 00:33:27 +02:00
Andres Amaya Garcia
af134da17e
Add ChangeLog entry for buf zeroize
2017-07-12 11:04:28 +01:00
Simon Butcher
8a2855ee3c
Update the version number to 1.3.20
2017-06-20 23:46:46 +01:00
Janos Follath
3aab1a8796
Improve Changelog
2017-06-16 14:28:37 +01:00
Manuel Pégourié-Gonnard
b870179c3c
Merge remote-tracking branch 'restricted/iotssl-1398_backport-1.3' into mbedtls-1.3-restricted
...
* restricted/iotssl-1398_backport-1.3:
Add ChangeLog entry
Ensure application data records are not kept when fully processed
Add hard assertion to ssl_read_record
Fix mbedtls_ssl_read
Simplify retaining of messages for future processing
2017-06-09 17:06:43 +02:00
Manuel Pégourié-Gonnard
249c30c7c5
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Add entry to ChangeLog
Don't parse or write extensions in SSLv3
2017-06-09 16:52:44 +02:00
Hanno Becker
cc608e86b5
Add entry to ChangeLog
2017-06-09 15:40:48 +01:00
Manuel Pégourié-Gonnard
6d61e9751b
Improve ChangeLog description of X509 MD5 changes
2017-06-09 14:52:09 +02:00
Manuel Pégourié-Gonnard
7d810939b5
Merge remote-tracking branch 'restricted/1205' into mbedtls-1.3-restricted
...
* restricted/1205:
Fix name, documentation & location of config flag
Restrict MD5 in x509 certificates
2017-06-09 14:49:04 +02:00
Manuel Pégourié-Gonnard
67df3e62e7
Merge near-duplicate ChangeLog entries
...
As agreed with Gilles on the PR discussion page
2017-06-09 14:48:03 +02:00
Hanno Becker
b9c09af596
Add ChangeLog entry
2017-06-09 11:31:43 +01:00
Manuel Pégourié-Gonnard
89306daef5
Fix location of ChangeLog entry
...
This one was meant to be in the security section, must have been moved while
resolving a merge conflict.
2017-06-08 20:42:33 +02:00
Manuel Pégourié-Gonnard
e0cb1cd68b
ChangeLog cosmetics
2017-06-08 20:35:13 +02:00