Commit Graph

770 Commits

Author SHA1 Message Date
Paul Bakker
43f9799ce6 RSA blinding on CRT operations to counter timing attacks 2013-09-23 11:23:31 +02:00
Paul Bakker
88a2264def Fixed potential file descriptor leaks 2013-09-11 13:31:55 +02:00
Paul Bakker
f65fbee52b x509_verify() now case insensitive for cn (RFC 6125 6.4)
(cherry picked from commit a5943858d8)

Conflicts:
	ChangeLog
	library/x509parse.c
	tests/suites/test_suite_x509parse.data
2013-09-11 13:31:55 +02:00
Paul Bakker
34b225f0ee Added C++ style extern in x509write header file 2013-09-11 13:31:55 +02:00
Paul Bakker
a565aceea1 Fixed potential memory leak when failing to resume a session 2013-09-11 13:31:53 +02:00
Paul Bakker
78020fe72c Added fixes to ChangeLog 2013-09-11 13:31:06 +02:00
Paul Bakker
a13d744d2e Fixed potential heap buffer overflow on large hostname setting
(cherry picked from commit 75c1a6f97c)

Conflicts:
	library/ssl_tls.c
2013-09-11 11:41:41 +02:00
Paul Bakker
fe7c24caa6 Fixed potential negative value misinterpretation in load_file()
(cherry picked from commit 42c3ccf36e)

Conflicts:
	library/x509parse.c
2013-09-11 11:41:41 +02:00
Paul Bakker
433fad261e Removed errant printf in x509parse_self_test()
(cherry picked from commit dc4baf11ab)
2013-09-11 11:32:46 +02:00
Paul Bakker
21360ca4d4 ssl_write_certificate_request() can handle empty ca_chain 2013-06-21 15:11:10 +02:00
Paul Bakker
016ea076e7 Added Security note (Advisory 2013-03) in ChangeLog 2013-06-19 11:50:30 +02:00
Paul Bakker
1d419500b0 Prepared for PolarSSL release 1.2.8 2013-06-19 11:48:04 +02:00
Paul Bakker
da7fdbd534 Fixed minor comment typo 2013-06-19 11:15:43 +02:00
Paul Bakker
602c31be23 Updated PKCS#12 define dependencies 2013-06-18 16:49:18 +02:00
Paul Bakker
db7ea6f162 Made x509parse PKCS#12 and PKCS#5 tests dependent on defines 2013-06-18 16:47:59 +02:00
Paul Bakker
14a222cef2 Moved PKCS#12 PBE functions to cipher / md layer where possible
The 3-key and 2-key Triple DES PBE functions have been replaced with a
single pkcs12_pbe() function that handles both situations (and more).

In addition this allows for some PASSWORD_MISMATCH checking
2013-06-18 16:35:48 +02:00
Paul Bakker
2be71faae4 Fixed values for 2-key Triple DES in cipher layer 2013-06-18 16:33:27 +02:00
Paul Bakker
b495d3a2c7 x509parse_crt() and x509parse_crt_der() return X509 password related codes
POLARSSL_ERR_X509_PASSWORD_MISMATCH is returned instead of
POLARSSL_ERR_PEM_PASSWORD_MISMATCH and
POLARSSL_ERR_X509_PASSWORD_REQUIRED instead of
POLARSSL_ERR_PEM_PASSWORD_REQUIRED

Rationale: For PKCS#8 encrypted keys the same are returned
2013-06-17 15:58:04 +02:00
Paul Bakker
1fc7dfe2e2 Removed redundant free()s 2013-06-17 15:57:02 +02:00
Paul Bakker
ff3a4b010b Added missing free() 2013-06-17 15:56:12 +02:00
Paul Bakker
6fa5488779 Centralized module option values in config.h
Allow user-defined settings without editing header files by using
POLARSSL_CONFIG_OPTIONS in config.h
2013-06-17 15:44:03 +02:00
Paul Bakker
1fd4321ba2 PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates
The error code POLARSSL_ERR_X509_PASSWORD_MISMATCH is now properly
returned in case of an encryption failure in the padding. The
POLARSSL_ERR_X509_PASSWORD_REQUIRED error code is only returned for PEM
formatted private keys as for DER formatted ones it is impossible to
distinguish if a DER blob is PKCS#8 encrypted or not.
2013-06-17 15:14:42 +02:00
Paul Bakker
19bd297dc8 PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module.
2013-06-14 12:06:45 +02:00
Paul Bakker
52b845be34 Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler 2013-06-14 11:37:37 +02:00
Paul Bakker
67812d396c Fixed location of brackets in pkcs12.c 2013-06-14 11:35:09 +02:00
Paul Bakker
cbfcaa9206 x509parse_crtpath() is now reentrant and uses more portable stat()
Moved from readdir() to readdir_r() and use stat instead of the less
portable d_type from struct dirent.
2013-06-13 09:20:25 +02:00
Paul Bakker
d6d4109adc Changed x509parse_crt_der() to support adding to chain.
Removed chain functionality from x509parse_crt() as x509parse_crt_der()
now handles that much cleaner.
2013-06-13 09:02:09 +02:00
Paul Bakker
4087c47043 Added mechanism to provide alternative cipher / hash implementations
All symmetric cipher algorithms and hash algorithms now include support
for a POLARSSL_XXX_ALT flag that prevents the definition of the
algorithm context structure and all 'core' functions.
2013-06-12 16:57:46 +02:00
Paul Bakker
9691bbe9b3 Make sure polarssl/config.h is included at the start 2013-06-12 16:33:17 +02:00
Paul Bakker
cf6e95d9a8 Parsing of PKCS#8 encrypted private key files added and PKCS#12 basis
PKCS#8 encrypted key file support has been added to x509parse_key() with
support for some PCKS#12 PBE functions (pbeWithSHAAnd128BitRC4,
pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd2-KeyTripleDES-CBC)
2013-06-12 13:18:15 +02:00
Paul Bakker
65a1909dc6 Internally split up x509parse_key()
Split up x509parse_key() into a (PEM) handler function and specific
DER parser functions for the PKCS#1 (x509parse_key_pkcs1_der()) and
unencrypted PKCS#8 (x509parse_key_pkcs8_unencrypted_der()) private
key formats.
2013-06-06 21:17:08 +02:00
Paul Bakker
1922a4e6aa ssl_parse_certificate() now calls x509parse_crt_der() directly 2013-06-06 15:11:16 +02:00
Paul Bakker
6417186365 x509parse_crt() now better handles PEM error situations
Because of new pem_read_buffer() handling of when it writes use_len,
x509parse_crt() is able to better handle situations where a PEM blob
results in an error but the other blobs can still be parsed.
2013-06-06 15:01:18 +02:00
Paul Bakker
9255e8300e pem_read_buffer() already update use_len after header and footer are read
After header and footer are read, pem_read_buffer() is able to determine
the length of input data used. This allows calling functions to skip
this PEM bit if an error occurs during its parsing.
2013-06-06 15:00:55 +02:00
Paul Bakker
ac6168b95e Added error.h inclusion in error.c template 2013-06-06 14:52:23 +02:00
Paul Bakker
08f06cf49f Disabled the HAVEGE random generator by default
Rationale: The HAVEGE random generator has too many caveats to be a
standard generator that people rely on. The HAVEGE random generator is not
suitable for virtualized environments. In addition the HAVEGE random
generator is dependent on timing and specific processor traits that
cannot be guaranteed by default on compile time.

Our advice: only use HAVEGE as an additional random source for your
entropy pool, never as your primary source.
2013-06-06 14:05:26 +02:00
Paul Bakker
e0225e4d7f Fixed const correctness issues in programs and tests 2013-06-06 12:58:12 +02:00
Paul Bakker
eae09db9e5 Fixed const correctness issues that have no impact on the ABI 2013-06-06 12:35:54 +02:00
Paul Bakker
f92263021c Fixed offset for cert_type list in ssl_parse_certificate_request() 2013-06-06 11:24:37 +02:00
Paul Bakker
7c3c3899cf Secure renegotiation extension should only be sent in case client supports secure renegotiation 2013-06-06 11:22:13 +02:00
Paul Bakker
822e958bb2 Prepared for PolarSSL 1.2.7 release 2013-04-13 11:56:17 +02:00
Paul Bakker
f4a84b1154 Added default value comment for ssl_set_ciphersuites*() 2013-04-12 15:33:30 +02:00
Paul Bakker
f42e5cceab Cleanup of the GCM code
Removed unused variable 'v'

orig_len and orig_add_len are now uint64_t to support larger than 2^29
data sizes
(cherry picked from commit 0ecdb23eed)

Conflicts:
	library/gcm.c
2013-04-12 13:21:29 +02:00
Paul Bakker
d68703b17f Split up largest test suite data files into smaller chunks
(cherry picked from commit 286bf3c501)

Conflicts:
	tests/Makefile
2013-04-12 13:20:30 +02:00
Paul Bakker
8a4ec44c7c Blowfish has default of 128-bit keysize in cipher layer
(cherry picked from commit bfe671f2d5)
2013-04-12 13:18:53 +02:00
Paul Bakker
cecfd95aba Minor checks to prevent NULL-pointer exceptions
(cherry picked from commit c295b834a2)
2013-04-12 13:18:07 +02:00
Paul Bakker
93bab7ff8e Made change to error.c for dummy error_strerror() permanent
(cherry picked from commit a0234377fc)
2013-04-12 13:17:02 +02:00
Paul Bakker
a62729888b Ability to specify allowed ciphersuites based on the protocol version.
The ciphersuites parameter in the ssl_session structure changed from
'int *' to 'int **' and is now malloced in ssl_init() and freed in
ssl_free().

The new function ssl_set_ciphersuite_for_version() sets specific entries
inside this array. ssl_set_ciphersuite() sets all entries to the same
value.
2013-04-12 13:13:43 +02:00
Paul Bakker
d4c5944212 Fixed MPI assembly for ARM when -O2 is used
GCC with -O2 or higher also needs to now about 'cc' in the clobber list.
(cherry picked from commit eff2e6d414)

Conflicts:
	ChangeLog
2013-04-12 09:40:38 +02:00
Paul Bakker
90f042d4cb Prepared for PolarSSL 1.2.6 release 2013-03-11 11:38:44 +01:00