Gilles Peskine
7660549187
check-files.py: document some classes and methods
...
Document all classes and longer methods.
Declare a static method as such. Pointed out by pylint.
2019-02-25 21:42:32 +01:00
Gilles Peskine
7b9fcdc2d5
Fix pylint errors going uncaught
...
Make check-python-files.sh run pylint on all *.py files (in
directories where they are known to be present), rather than list
files explicitly.
Fix a bug whereby the return status of check-python-files.sh was only
based on the last file passing, i.e. errors in other files were
effectively ignored.
Make check-python-files.sh run pylint unconditionally. Since pylint3
is not critical, make all.sh to skip running check-python-files.sh if
pylint3 is not available.
2019-02-25 21:42:32 +01:00
Gilles Peskine
e70c6dcee0
Call pylint3, not pylint
...
We use Python 3, so call Pylint for Python 3, not for Python 2.
2019-02-25 21:42:32 +01:00
Gilles Peskine
5612a9372b
New, documented pylint configuration
...
The pylint configuration in .pylint was a modified version of the
output of `pylint --generate-rcfile` from an unknown version of
pylint. Replace it with a file that only contains settings that are
modified from the default, with an explanation of why each setting is
modified.
The new .pylintrc was written from scratch, based on the output of
pylint on the current version of the files and on a judgement of what
to silence generically, what to silence on a case-by-case basis and
what to fix.
2019-02-25 21:42:32 +01:00
Jaeden Amero
2c1d492ccc
Merge remote-tracking branch 'origin/pr/2428' into mbedtls-2.16
2019-02-22 12:53:27 +00:00
Gilles Peskine
05fcf4f3c5
Fix mbedtls_ecdh_get_params with new ECDH context
...
The new check for matching groups in mbedtls_ecdh_get_params only worked
with legacy ECDH contexts. Make it work with the new context format.
2019-02-22 12:51:51 +01:00
Gilles Peskine
661610c8e0
Add changelog entry for mbedtls_ecdh_get_params robustness
2019-02-22 10:24:31 +01:00
Gilles Peskine
b47045a18e
Fix ecdh_get_params with mismatching group
...
If mbedtls_ecdh_get_params is called with keys belonging to
different groups, make it return an error the second time, rather than
silently interpret the first key as being on the second curve.
This makes the non-regression test added by the previous commit pass.
2019-02-22 10:24:31 +01:00
Gilles Peskine
62a73511f1
Add test case for ecdh_get_params with mismatching group
...
Add a test case for doing an ECDH calculation by calling
mbedtls_ecdh_get_params on both keys, with keys belonging to
different groups. This should fail, but currently passes.
2019-02-22 10:24:31 +01:00
Gilles Peskine
6d9b762ee0
Add test case for ecdh_calc_secret
...
Add a test case for doing an ECDH calculation by calling
mbedtls_ecdh_get_params on both keys, then mbedtls_ecdh_calc_secret.
2019-02-22 10:24:14 +01:00
Gilles Peskine
4dc50bc06e
Fix typo in documentation
2019-02-21 16:58:20 +01:00
Jaeden Amero
c5b57ef9e0
Merge remote-tracking branch 'origin/pr/2412' into mbedtls-2.16
2019-02-21 12:01:50 +00:00
Jaeden Amero
0981db57e1
Merge remote-tracking branch 'origin/pr/2385' into mbedtls-2.16
2019-02-21 11:58:58 +00:00
Jaeden Amero
fe50335a1f
Merge remote-tracking branch 'origin/pr/2389' into mbedtls-2.16
2019-02-21 11:53:51 +00:00
k-stachowiak
b4595d2527
Reword changelog entry
2019-02-19 12:41:30 +01:00
k-stachowiak
abb843e8ae
Reenable GnuTLS next based tests
2019-02-18 16:14:03 +01:00
Ron Eldor
e900969cb5
Use certificates from data_files and refer them
...
Use the server certificate from `data_files` folder, for formality,
and refer to the source, for easier reproduction.
2019-02-12 17:10:29 +02:00
Ron Eldor
b76e765f2e
Specify server certificate to use in SHA-1 test
...
Specify the SHA-1 server certificate to use in the SHA-1 test,
because now the default certificates use SHA256 certificates.
2019-02-12 17:10:28 +02:00
ILUXONCHIK
a51f4c737b
refactor CA and SRV certificates into separate blocks
2019-02-12 17:10:28 +02:00
ILUXONCHIK
ecc6c13655
refactor SHA-1 certificate defintions and assignment
...
As per refactoring suggestion that I made in #1520 .
2019-02-12 17:10:28 +02:00
ILUXONCHIK
5f97b32b63
refactor server SHA-1 certificate definition into a new block
2019-02-12 17:10:28 +02:00
ILUXONCHIK
c3d1f546c3
define TEST_SRV_CRT_RSA_SOME in similar logic to TEST_CA_CRT_RSA_SOME
2019-02-12 17:10:28 +02:00
ILUXONCHIK
761f37616e
server SHA-256 certificate now follows the same logic as CA SHA-256 certificate
2019-02-12 17:10:28 +02:00
ILUXONCHIK
57d7a16f00
add entry to ChangeLog
2019-02-12 17:10:21 +02:00
Andres Amaya Garcia
b5eb21a0a3
Add ChangeLog entry for unused bits in bitstrings
2019-02-11 21:26:03 +00:00
Andres Amaya Garcia
6490034fb2
Improve docs for ASN.1 bitstrings and their usage
2019-02-11 21:25:09 +00:00
Andres Amaya Garcia
2c0f6f0b10
Add tests for (named) bitstring to suite_asn1write
2019-02-11 21:23:49 +00:00
Andres Amaya Garcia
d60e378016
Fix ASN1 bitstring writing
...
Refactor the function mbedtls_asn1_write_bitstring() that removes
trailing 0s at the end of DER encoded bitstrings. The function is
implemented according to Hanno Becker's suggestions.
This commit also changes the functions x509write_crt_set_ns_cert_type
and crt_set_key_usage to call the new function as the use named
bitstrings instead of the regular bitstrings.
2019-02-11 21:13:33 +00:00
Andrzej Kurek
ed68b31090
Move a restartable ecp context to a conditional compilation block
...
This was an unused variable when compiling with parameter validation
but without ecp_restartable
2019-02-11 07:28:04 -05:00
k-stachowiak
dc5893d553
Update change log
2019-02-11 09:56:23 +01:00
Andres Amaya Garcia
4c47e18cfa
Fix check-generated-files.sh failure with query_config
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
9da4674060
Suppress visual studio preprocessor warnings on query_config.c
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
c6753cd4cd
Use \r instead of 0xD in generate_visualc_files.pl
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
fe52d2af51
Update query_config.c with new macros
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
4eb040af4a
Exclude macros from query_config.c generation
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
c500ad8cc0
Fix query_config macro expansion for windows
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
c46ea38f90
Fix query_config macro expansion for windows
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
024694e7d5
Fix missing include in vs proj files for query programs
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
cb6b6dcdc5
Improve cmake inclusion of query_config.c when building apps
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
5547a405b2
Improve comments in query_config.fmt
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
d2689e3876
Fix GCC 0-length printf format string error
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
289c64ab30
Fix multiple stdio.h inclusion in query_config.c
2019-02-07 10:32:31 +00:00
Andres AG
bf83f1d296
Fix aligment in programs/test/query_compile_time_config.c
2019-02-07 10:32:31 +00:00
Andres AG
ce52886051
Create programs/test/query_compile_time_config app
2019-02-07 10:32:31 +00:00
Andres AG
b6ff184f5c
Ensure query_config.c includes stdio only when needed
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
e8b11dd98b
Fix typo in quenerate_query_config.pl comment
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
aaa6007958
Update programs/ssl/CMakeLists.txt with query_config.c dep
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
d4d55965bc
Add ChangeLog entries
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
e144b4130c
Add gen_query_config.pl to check-gen-files and bump_version
2019-02-07 10:32:31 +00:00
Andres Amaya Garcia
f1a5b26233
Script generation of query_config.c file
2019-02-07 10:32:31 +00:00