Gilles Peskine
43c19648db
Wipe stack buffers in block_cipher_df
...
This is a partial backport of
1b36499062d9aa84dc0d
2018-11-27 16:41:09 +01:00
Gilles Peskine
73e34facb4
Add ChangeLog entry for wiping sensitive buffers
2018-09-13 22:40:22 +02:00
Gilles Peskine
51de2d25a3
HMAC_DRBG: clean stack buffers
...
Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
2018-09-13 22:39:42 +02:00
Gilles Peskine
17b2ac2a7c
CTR_DRBG: clean stack buffers
...
Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
2018-09-13 22:39:30 +02:00
Simon Butcher
96e0d8ebfc
Clarified ChangeLog entry
...
ChangeLog entry for backport of #1890 was misleading, so corrected it.
2018-09-13 12:05:40 +01:00
Simon Butcher
c4a33d54cf
Merge pull request #507 from sbutcher-arm/mbedtls-version-2.1.15
...
Update library version number to 2.1.15
2018-08-31 17:29:47 +01:00
Simon Butcher
d3a5393a38
Update library version number to 2.1.15
2018-08-31 16:10:48 +01:00
Simon Butcher
cb9f70e23d
Fix misclassification of bug in Changelog
2018-08-31 12:01:43 +01:00
Simon Butcher
8d408fac1d
Merge remote-tracking branch 'restricted/pr/438' into mbedtls-2.1-restricted
2018-08-28 15:35:41 +01:00
Simon Butcher
9add36bbcb
Merge remote-tracking branch 'restricted/pr/497' into mbedtls-2.1-restricted
2018-08-28 15:31:41 +01:00
Simon Butcher
d22de0aaa7
Merge remote-tracking branch 'restricted/pr/492' into mbedtls-2.1-restricted
2018-08-28 15:23:56 +01:00
Simon Butcher
7a47cbca16
Merge remote-tracking branch 'public/pr/1137' into mbedtls-2.1
2018-08-28 12:33:27 +01:00
Simon Butcher
85e5bfd00c
Merge remote-tracking branch 'public/pr/1889' into mbedtls-2.1
2018-08-28 12:26:33 +01:00
Simon Butcher
263ca7282e
Merge remote-tracking branch 'public/pr/1957' into mbedtls-2.1
2018-08-28 12:17:38 +01:00
Simon Butcher
d288ac0e83
Merge remote-tracking branch 'public/pr/1959' into mbedtls-2.1
2018-08-28 11:53:47 +01:00
Simon Butcher
1c5e4c2258
Merge remote-tracking branch 'public/pr/1980' into mbedtls-2.1
2018-08-28 10:18:48 +01:00
Hanno Becker
badbe80c7f
pk_encrypt: Uniformize debugging output
2018-08-23 15:56:55 +01:00
Hanno Becker
6b1b598c2f
Fix typos in programs/x509/cert_write.c
...
Fixes #1922 .
2018-08-23 15:26:55 +01:00
Hanno Becker
b31e9dad60
Minor formatting improvements in pk_encrypt and pk_decrypt examples
2018-08-23 15:13:12 +01:00
Hanno Becker
47a34ff29e
Adapt ChangeLog
2018-08-23 15:12:24 +01:00
Hanno Becker
7cee15e967
Correct memory leak in pk_decrypt example program
2018-08-23 15:12:23 +01:00
Hanno Becker
34cbd7e536
Correct memory-leak in pk_encrypt example program
2018-08-23 15:12:22 +01:00
Jaeden Amero
6b7b35b127
Merge remote-tracking branch 'upstream-public/pr/1952' into mbedtls-2.1
2018-08-17 15:31:51 +01:00
Hanno Becker
42d267bbe4
Compute record expansion in steps to ease readability
2018-08-17 15:29:48 +01:00
Jaeden Amero
b4d3c5ad11
Merge remote-tracking branch 'upstream-public/pr/1945' into mbedtls-2.1
2018-08-17 14:27:02 +01:00
Hanno Becker
d3475498e5
Adapt ChangeLog
2018-08-17 10:11:31 +01:00
Hanno Becker
07eb7ca17c
Fix mbedtls_ssl_get_record_expansion() for CBC modes
...
`mbedtls_ssl_get_record_expansion()` is supposed to return the maximum
difference between the size of a protected record and the size of the
encapsulated plaintext.
Previously, it did not correctly estimate the maximum record expansion
in case of CBC ciphersuites in (D)TLS versions 1.1 and higher, in which
case the ciphertext is prefixed by an explicit IV.
This commit fixes this bug. Fixes #1914 .
2018-08-17 10:11:28 +01:00
Hanno Becker
10652b10d9
Improve ChangeLog wording for the commmit that Fixes #1954 .
2018-08-17 10:03:48 +01:00
Hanno Becker
a24ed19a5d
Add tests for empty CA list in CertificateRequest, TLS 1.0 & 1.1
2018-08-17 10:03:48 +01:00
Hanno Becker
10195ab853
Adapt ChangeLog
2018-08-16 15:53:17 +01:00
Hanno Becker
9e2237ac47
Fix overly strict bounds check in ssl_parse_certificate_request()
2018-08-16 15:53:17 +01:00
Mohammad Azim Khan
4c01904819
Fix Wformat-overflow warning in ssl_mail_client.c
...
sprintf( (char *) buf, "%s\r\n", base );
Above code generates Wformat-overflow warning since both buf and base
are of same size. buf should be sizeof( base ) + characters added in
the format. In this case format 2 bytes for "\r\n".
2018-08-16 14:33:03 +01:00
Hanno Becker
048dba33cf
Adapt ChangeLog
2018-08-14 15:50:07 +01:00
Hanno Becker
3328d8cf88
Reset session_in/out pointers in ssl_session_reset_int()
...
Fixes #1941 .
2018-08-14 15:50:02 +01:00
Jaeden Amero
942cfea65f
Merge remote-tracking branch 'upstream-public/pr/1815' into mbedtls-2.1
2018-08-10 11:00:40 +01:00
Jaeden Amero
e3bcd9a432
Merge remote-tracking branch 'upstream-public/pr/1887' into mbedtls-2.1
2018-08-10 10:50:03 +01:00
k-stachowiak
83f9fba987
Revert change of a return variable name
2018-07-31 17:13:26 +02:00
Simon Butcher
92b04d9c55
Add ChangeLog entry for bug #1890
2018-07-30 22:15:36 +01:00
Simon Butcher
45ec65a49e
Merge remote-tracking branch 'public/pr/1894' into mbedtls-2.1
2018-07-30 22:13:09 +01:00
Simon Butcher
ada856fab4
Change test dependencies to RC4 from DES
...
Some tests were dependent on DES yet actually used RC4. Likely a copy and paste
error. This change fixes them.
2018-07-27 17:33:54 +01:00
Philippe Antoine
795eea6e1c
Fix undefined shifts
...
- in x509_profile_check_pk_alg
- in x509_profile_check_md_alg
- in x509_profile_check_key
and in ssl_cli.c : unsigned char gets promoted to signed integer
2018-07-26 22:51:18 +01:00
Simon Butcher
2f7f2b1f11
Merge remote-tracking branch 'restricted/pr/502' into mbedtls-2.1-restricted
2018-07-26 14:37:12 +01:00
Angus Gratton
ba25ffef87
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
...
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can
happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but
hasn't been asigned to grp->T yet).
Symptom was a memory leak in ECDHE key exchange under low memory conditions.
2018-07-26 11:09:37 +03:00
Simon Butcher
d908494fe5
Clarify Changelog entries
...
Corrected some style issues, and moved some entries from bugfixes to changes.
2018-07-25 17:33:29 +01:00
Jaeden Amero
dcec5bb527
Update version to 2.1.14
2018-07-25 15:42:55 +01:00
Simon Butcher
3339fe9a02
Merge remote-tracking branch 'restricted/pr/495' into mbedtls-2.1
2018-07-24 23:42:13 +01:00
Andres AG
63cc716575
Fix all.sh check_tools function to handle paths
2018-07-24 13:40:25 +01:00
Simon Butcher
48776350b2
Merge remote-tracking branch 'public/pr/1799' into mbedtls-2.1
2018-07-24 13:31:12 +01:00
Simon Butcher
3661642a49
Merge remote-tracking branch 'public/pr/1804' into mbedtls-2.1
2018-07-24 13:17:26 +01:00
Simon Butcher
be9c2dce5b
Revise ChangeLog entry for empty data records fixes
2018-07-24 13:01:59 +01:00
