yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 13:45:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,560 Commits 88 Branches 205 Tags 69 MiB
3790b4714d
Commit Graph

835 Commits

Author SHA1 Message Date
Gilles Peskine
3790b4714d Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted 2017-12-04 18:01:40 +00:00
Gilles Peskine
4905e6c4e7 Merge branch 'pr_1045' into mbedtls-1.3 2017-12-04 17:29:13 +01:00
Gilles Peskine
046fff12fa Added ChangeLog entry 2017-12-04 17:26:40 +01:00
Gilles Peskine
6e206364d9 Merge remote-tracking branch 'upstream-public/pr/1175' into mbedtls-1.3 2017-12-04 17:21:09 +01:00
Gilles Peskine
258bf599d6 Merge remote-tracking branch 'upstream-restricted/pr/426' into mbedtls-1.3-restricted 2017-12-01 18:03:15 +01:00
Gilles Peskine
af86fb9ded Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted 2017-11-29 21:06:11 +01:00
Gilles Peskine
3a3228cf90 Merge remote-tracking branch 'upstream-public/pr/1155' into mbedtls-1.3 2017-11-29 20:55:11 +01:00
Gilles Peskine
9f423b18cb Merge remote-tracking branch 'upstream-public/pr/917' into mbedtls-1.3 2017-11-29 20:55:03 +01:00
Hanno Becker
ad951d131d Correct dangerous typo in include/polarssl/ssl.h 
The definition of SSL_MAC_ADD depends on the presence of the
configuration option POLARSSL_ARC4_C, which was misspelled as
POLARSSL_RC4_C in ssl.h, leading to a too small buffer and
subsequently to a buffer overflow during record processing.
This commit fixes the typo.
 2017-11-29 18:02:49 +00:00
Gilles Peskine
2cd7c18f59 Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted 2017-11-28 18:43:57 +01:00
Gilles Peskine
8c946113ba Merge branch 'pr_1083' into mbedtls-1.3 
Merge PR #1083 plus ChangeLog entry.
 2017-11-28 18:42:21 +01:00
Gilles Peskine
f15cbdab67 Merge remote-tracking branch 'upstream-public/pr/1109' into mbedtls-1.3 2017-11-28 18:41:31 +01:00
Gilles Peskine
43a6b83419 Merge remote-tracking branch 'upstream-public/pr/1081' into mbedtls-1.3 2017-11-28 18:41:02 +01:00
Gilles Peskine
f945a2245e Merge remote-tracking branch 'upstream-public/pr/944' into mbedtls-1.3 2017-11-28 18:38:17 +01:00
Gilles Peskine
d2e8affa66 Add ChangeLog entry 2017-11-28 18:37:53 +01:00
Gilles Peskine
6f941d6c89 Merge remote-tracking branch 'upstream-restricted/pr/423' into mbedtls-1.3-restricted 
Resolved simple conflicts caused by the independent addition of
calls to polarssl_zeroize with sometimes whitespace or comment
differences.
 2017-11-28 16:23:28 +01:00
Gilles Peskine
b087a88300 Merge remote-tracking branch 'upstream-restricted/pr/405' into mbedtls-1.3-restricted 2017-11-28 16:22:41 +01:00
Gilles Peskine
c5cf89e1cc Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted 2017-11-28 15:32:00 +01:00
Gilles Peskine
8083849575 Add ChangeLog entry 2017-11-28 15:27:48 +01:00
Gilles Peskine
2bd6ca415b Merge remote-tracking branch 'upstream-restricted/pr/402' into mbedtls-1.3-restricted 2017-11-28 14:34:24 +01:00
Gilles Peskine
d3dd8d2197 Merge remote-tracking branch 'upstream-restricted/pr/387' into mbedtls-1.3-restricted 2017-11-28 14:34:16 +01:00
Gilles Peskine
c5926a7049 Merge branch 'iotssl-1419-safermemcmp-volatile_backport-1.3' into mbedtls-1.3-restricted 2017-11-28 13:50:05 +01:00
Gilles Peskine
1caad08610 add changelog entry 2017-11-28 13:35:09 +01:00
Gilles Peskine
3036cbeb8e Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted 2017-11-24 16:07:43 +01:00
Gilles Peskine
e298532394 Merge remote-tracking branch 'upstream-public/pr/1113' into mbedtls-1.3 2017-11-24 15:38:42 +01:00
Gilles Peskine
1dc344373a Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge-1.3' into mbedtls-1.3-restricted 2017-11-23 19:11:58 +01:00
Gilles Peskine
feae81de91 ChangeLog entry for ssl_parse_client_psk_identity fix 2017-11-23 19:10:48 +01:00
Manuel Pégourié-Gonnard
408dfd1f6a Merge remote-tracking branch 'restricted/pr/418' into mbedtls-1.3-restricted 
* restricted/pr/418:
  RSA PSS: remove redundant check; changelog
  RSA PSS: fix first byte check for keys of size 8N+1
  RSA PSS: fix minimum length check for keys of size 8N+1
  RSA: Fix another buffer overflow in PSS signature verification
  RSA: Fix buffer overflow in PSS signature verification
 2017-11-23 12:16:05 +01:00
Darryl Green
fdac76f330 Add checks for private parameter in ecdsa_sign() 2017-11-20 15:53:43 +00:00
Hanno Becker
4d48bb6ca3 Adapt ChangeLog 2017-11-20 10:47:03 +00:00
Hanno Becker
825c3db149 Adapt ChangeLog 2017-10-25 16:11:06 +01:00
Hanno Becker
18710eb102 Adapt ChangeLog 2017-10-25 09:51:30 +01:00
Gilles Peskine
28474f41a0 RSA PSS: remove redundant check; changelog 
Remove a check introduced in the previous buffer overflow fix with keys of
size 8N+1 which the subsequent fix for buffer start calculations made
redundant.

Added a changelog entry for the buffer start calculation fix.
 2017-10-19 17:50:35 +02:00
Gilles Peskine
511bb84c60 RSA: Fix another buffer overflow in PSS signature verification 
Fix buffer overflow in RSA-PSS signature verification when the masking
operation results in an all-zero buffer. This could happen at any key size.
 2017-10-17 19:33:48 +02:00
Gilles Peskine
55db24ca50 RSA: Fix buffer overflow in PSS signature verification 
Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.

Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.
 2017-10-17 19:30:12 +02:00
Andres AG
7c02d13746 Correctly handle leap year in x509_date_is_valid() 
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
 2017-10-12 21:08:46 +01:00
Ron Eldor
4491a791be Parse Signature Algorithm ext when renegotiating 
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
 2017-10-11 14:06:26 +01:00
Andres Amaya Garcia
10345fbe2a Add ChangeLog entry 2017-10-07 22:24:07 +01:00
Hanno Becker
a6cffa5edd Adapt ChangeLog 2017-10-05 08:58:00 +01:00
Simon Butcher
7d661f83e1 Fix changelog for ssl_server2.c usage fix 2017-10-02 19:22:17 +01:00
Hanno Becker
ce2c02cca2 Enhance documentation of ssl_set_hostname 
(1) Add missing error condition
(2) Specify allowance and effect of of NULL hostname parameter
(3) Describe effect of function on failure

Also, adapt ChangeLog.
 2017-10-01 00:00:56 +01:00
Hanno Becker
ea65d0377c Adapt ChangeLog 2017-09-28 16:54:41 +01:00
Hanno Becker
234d503b3a Adapt ChangeLog 2017-09-28 14:45:35 +01:00
Janos Follath
77359c93e4 DHM: Fix dhm_check_range() always returning 0 
Although the variable ret was initialised to an error, the
MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being
0 whenewer the bignum computation was successfull and stayed 0
independently of the actual check.
 2017-09-21 10:39:35 +01:00
Ron Eldor
bc3fa39f0e Backport 1.3:Add configuration file in md.h 
include *`config.h`* in md.h as MACROS in the header file get ignored.Backport to
Backport of #1055 to mbedtls-1.3
 2017-09-07 16:58:41 +03:00
Ron Eldor
27ce0b5ff1 Backport 1.3:Set PEM buffer to zero before freeing it 
Set PEM buffer to zero before freeing it, to avoid private keys
being leaked to memory after releasing it.
 2017-09-07 11:18:51 +03:00
Simon Butcher
a75a459143 Removed duplication in Changelog 2017-08-10 23:38:10 +01:00
Simon Butcher
03bd0229ab Update version to 1.3.21 2017-08-10 11:52:14 +01:00
Simon Butcher
9ee5910f65 Fix language in Changelog for clarity 2017-08-10 10:49:32 +01:00
Hanno Becker
1af21bfa38 Improve documentation of PKCS1 decryption functions 
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- rsa_pkcs1_decrypt
- rsa_rsaes_pkcs1_v15_decrypt
- rsa_rsaes_oaep_decrypt
 2017-08-01 23:05:31 +01:00