yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 00:54:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,311 Commits 88 Branches 205 Tags 69 MiB
441c55d5df
Commit Graph

1253 Commits

Author SHA1 Message Date
Simon Butcher
0624b76361 Merge remote-tracking branch 'public/pr/1898' into mbedtls-2.1 2018-09-26 22:01:33 +01:00
Gilles Peskine
73e34facb4 Add ChangeLog entry for wiping sensitive buffers 2018-09-13 22:40:22 +02:00
Simon Butcher
96e0d8ebfc Clarified ChangeLog entry 
ChangeLog entry for backport of #1890 was misleading, so corrected it.
 2018-09-13 12:05:40 +01:00
Gilles Peskine
3ccce199a2 Document the behavior change of make apidoc 2018-09-10 12:21:04 +02:00
Manuel Pégourié-Gonnard
85c379d6d1 Revert changes done to 'make apidoc' target 
This partially reverts 1989caf71c (only the changes to Makefile and
CMakeLists, the addition to scripts/config.pl is kept).

Modifying config.h in the apidoc target creates a race condition with

    make -j4 all apidoc

where some parts of the library, tests or programs could be built with the
wrong config.h, resulting in all kinds of (semi-random) errors. Recent
versions of CMake mitigate this by adding a .NOTPARALLEL target to the
generated Makefile, but people would still get errors with older CMake
versions that are still in use (eg in RHEL 5), and with plain make.

An additional issue is that, by failing to use cp -p, the apidoc target was
updating the timestamp on config.h, which seems to cause further build issues.

Let's get back to the previous, safe, situation. The improved apidoc building
will be resurrected in a script in the next commit.

fixes #390
fixes #391
 2018-09-10 12:16:47 +02:00
Simon Butcher
d3a5393a38 Update library version number to 2.1.15 2018-08-31 16:10:48 +01:00
Simon Butcher
cb9f70e23d Fix misclassification of bug in Changelog 2018-08-31 12:01:43 +01:00
Simon Butcher
9add36bbcb Merge remote-tracking branch 'restricted/pr/497' into mbedtls-2.1-restricted 2018-08-28 15:31:41 +01:00
Simon Butcher
d22de0aaa7 Merge remote-tracking branch 'restricted/pr/492' into mbedtls-2.1-restricted 2018-08-28 15:23:56 +01:00
Simon Butcher
7a47cbca16 Merge remote-tracking branch 'public/pr/1137' into mbedtls-2.1 2018-08-28 12:33:27 +01:00
Simon Butcher
85e5bfd00c Merge remote-tracking branch 'public/pr/1889' into mbedtls-2.1 2018-08-28 12:26:33 +01:00
Simon Butcher
263ca7282e Merge remote-tracking branch 'public/pr/1957' into mbedtls-2.1 2018-08-28 12:17:38 +01:00
Simon Butcher
d288ac0e83 Merge remote-tracking branch 'public/pr/1959' into mbedtls-2.1 2018-08-28 11:53:47 +01:00
Hanno Becker
47a34ff29e Adapt ChangeLog 2018-08-23 15:12:24 +01:00
Hanno Becker
1a60330e08 Adapt ChangeLog 2018-08-22 15:05:36 +01:00
Hanno Becker
d3475498e5 Adapt ChangeLog 2018-08-17 10:11:31 +01:00
Hanno Becker
10652b10d9 Improve ChangeLog wording for the commmit that Fixes #1954. 2018-08-17 10:03:48 +01:00
Hanno Becker
10195ab853 Adapt ChangeLog 2018-08-16 15:53:17 +01:00
Hanno Becker
048dba33cf Adapt ChangeLog 2018-08-14 15:50:07 +01:00
Jaeden Amero
942cfea65f Merge remote-tracking branch 'upstream-public/pr/1815' into mbedtls-2.1 2018-08-10 11:00:40 +01:00
Jaeden Amero
e3bcd9a432 Merge remote-tracking branch 'upstream-public/pr/1887' into mbedtls-2.1 2018-08-10 10:50:03 +01:00
Ron Eldor
a4d836b403 Style fix 
Add space in the ChangeLog.
 2018-08-01 14:35:11 +03:00
Simon Butcher
92b04d9c55 Add ChangeLog entry for bug #1890 2018-07-30 22:15:36 +01:00
Ron Eldor
7b93b6af2f Fix typo 
Fix typo in ChangeLog entry.
 2018-07-30 11:08:57 +03:00
Ron Eldor
78e4cb967d Fix hmac_drbg failure in benchmark, with threading 
Remove redunadnat calls to `hmac_drbg_free()` between seeding operations,
which make the mutex invalid. Fixes #1095
 2018-07-30 11:01:37 +03:00
Philippe Antoine
795eea6e1c Fix undefined shifts 
- in x509_profile_check_pk_alg
- in x509_profile_check_md_alg
- in x509_profile_check_key

and in ssl_cli.c : unsigned char gets promoted to signed integer
 2018-07-26 22:51:18 +01:00
Simon Butcher
2f7f2b1f11 Merge remote-tracking branch 'restricted/pr/502' into mbedtls-2.1-restricted 2018-07-26 14:37:12 +01:00
Angus Gratton
ba25ffef87 Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails 
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can
happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but
hasn't been asigned to grp->T yet).

Symptom was a memory leak in ECDHE key exchange under low memory conditions.
 2018-07-26 11:09:37 +03:00
Simon Butcher
d908494fe5 Clarify Changelog entries 
Corrected some style issues, and moved some entries from bugfixes to changes.
 2018-07-25 17:33:29 +01:00
Jaeden Amero
dcec5bb527 Update version to 2.1.14 2018-07-25 15:42:55 +01:00
Simon Butcher
3339fe9a02 Merge remote-tracking branch 'restricted/pr/495' into mbedtls-2.1 2018-07-24 23:42:13 +01:00
Simon Butcher
3661642a49 Merge remote-tracking branch 'public/pr/1804' into mbedtls-2.1 2018-07-24 13:17:26 +01:00
Simon Butcher
be9c2dce5b Revise ChangeLog entry for empty data records fixes 2018-07-24 13:01:59 +01:00
Simon Butcher
642ddb555e Merge remote-tracking branch 'public/pr/1864' into mbedtls-2.1 2018-07-24 13:01:02 +01:00
Simon Butcher
c098ec3af6 Merge remote-tracking branch 'public/pr/1779' into mbedtls-2.1 2018-07-20 14:47:37 +01:00
Simon Butcher
ff5bd6220b Fix ChangeLog entry for issue #1663 
The ChangeLog entry was under the wrong version, and under Changes, not
Bug Fixes.
 2018-07-19 19:59:02 +01:00
Simon Butcher
eebee76f93 Merge remote-tracking branch 'public/pr/1846' into mbedtls-2.1 2018-07-19 19:48:40 +01:00
Simon Butcher
f11daf6ff6 Merge remote-tracking branch 'public/pr/1850' into mbedtls-2.1 2018-07-19 16:14:44 +01:00
Ron Eldor
41273200a2 Update ChangeLog 
Remove extra entries added by a bad cherry-pick.
 2018-07-17 14:16:12 +03:00
Andres Amaya Garcia
01daf2a5ef Add ChangeLog entry for empty app data fix 2018-07-16 20:22:28 +01:00
Angus Gratton
fd1c5e8453 Check for invalid short Alert messages 
(Short Change Cipher Spec & Handshake messages are already checked for.)
 2018-07-16 20:20:51 +01:00
Angus Gratton
1226dd7715 CBC mode: Allow zero-length message fragments (100% padding) 
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
 2018-07-16 20:20:44 +01:00
k-stachowiak
b435e99693 Update change log 2018-07-16 12:27:34 +02:00
Manuel Pégourié-Gonnard
534fea790e Clarify attack conditions in the ChangeLog. 
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
 2018-07-12 10:20:33 +02:00
Manuel Pégourié-Gonnard
99b6a711c8 Add counter-measure to cache-based Lucky 13 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.

A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).

Let's make sure they're always read.
 2018-07-12 10:20:33 +02:00
Manuel Pégourié-Gonnard
69675d056a Fix Lucky 13 cache attack on MD/SHA padding 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
 2018-07-12 10:20:33 +02:00
Simon Butcher
54cf322c05 Add fix for #1550 and credit to the ChangeLog 2018-07-10 23:02:15 +01:00
Simon Butcher
57e9fe2df4 Merge remote-tracking branch 'public/pr/1808' into mbedtls-2.1 2018-07-10 14:59:56 +01:00
Simon Butcher
ec971d7434 Merge remote-tracking branch 'public/pr/1828' into mbedtls-2.1 2018-07-10 12:51:03 +01:00
Gilles Peskine
2347d4eb3b Add ChangeLog entry 2018-07-10 13:03:54 +02:00
k-stachowiak
9e070019ad Update change log 2018-07-09 14:44:26 +02:00
Philippe Antoine
bbc7918b6b Fixes different off by ones 2018-07-09 10:33:08 +02:00
Ron Eldor
5c8e588444 Minor fixes 
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
 2018-07-05 14:59:23 +03:00
Simon Butcher
4b57a1f182 Add ChangeLog entry for #992 fix 2018-07-02 12:18:35 +01:00
niisato
000e48af07 Add ChangeLog 2018-06-29 11:31:52 +01:00
Ron Eldor
f27f8aeb19 Update ChangeLog 
Update ChangeLog with a less ambigous description.
 2018-06-28 16:08:09 +03:00
Ron Eldor
5c141d28ca Add entry in ChangeLog 
Add an entry in the ChangeLog, describing the fix.
 2018-06-28 16:08:01 +03:00
Simon Butcher
b461ba5630 Adds referene in ChangeLog for issue #1623 2018-06-28 12:14:07 +01:00
Simon Butcher
03c79a1973 Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1 2018-06-28 12:00:55 +01:00
Simon Butcher
e5828ce06c Merge remote-tracking branch 'public/pr/1771' into mbedtls-2.1 2018-06-28 11:38:18 +01:00
Ron Eldor
d7593a5b73 Add entry in ChangeLog 
Add entry in ChangeLog for compilation error fix of #1719
 2018-06-28 08:51:37 +03:00
Ron Eldor
254530f2e0 Documentation error in mbedtls_ssl_get_session 
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
 2018-06-27 17:51:56 +03:00
Ron Eldor
e6c2f4d168 Fix typo in ChangeLog 
Fix typo in ChangeLog discovered in PR review
 2018-06-24 17:21:08 +03:00
Ron Eldor
2c8a7ec0dd Remove unneeded namesapcing in header files 
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
 2018-06-24 17:20:40 +03:00
Simon Butcher
ba3e5e60f2 Merge remote-tracking branch 'public/pr/1558' into mbedtls-2.1 2018-06-22 15:07:52 +01:00
Simon Butcher
b1c796ec48 Merge remote-tracking branch 'public/pr/1769' into mbedtls-2.1 2018-06-22 15:05:34 +01:00
Simon Butcher
584fad2ce6 Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse() 2018-06-22 12:19:56 +01:00
Simon Butcher
ad761c45b9 Fix multiple quality issues in the source 
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
 2018-06-22 11:22:44 +01:00
Andres Amaya Garcia
45bc7db600 Add ChangeLog entry for mbedtls_ssl_write() docs 2018-06-21 19:35:46 +01:00
Ron Eldor
0bd06a3de0 Add tests for mbedtls_cipher_crypt API 
1. Add tests for 'mbedtls_cipher_crypt()' API
2. Resolves #1091, by ignoring IV when the cipher mode is MBEDTLS_MODE_ECB
 2018-06-21 13:59:01 +03:00
Simon Butcher
6fc9ceece3 Change the library version to 2.1.13 2018-06-18 14:49:02 +01:00
Simon Butcher
494fb8f968 Add ChangeLog entry for clang version fix. Issue #1072 2018-06-18 11:56:46 +01:00
Simon Butcher
0a715b1587 Merge remote-tracking branch 'public/pr/1656' into mbedtls-2.1 2018-06-17 18:02:57 +01:00
Simon Butcher
7505ef255b Merge remote-tracking branch 'public/pr/1712' into mbedtls-2.1 2018-06-17 18:01:54 +01:00
Simon Butcher
db3fe7cbe4 Add ChangeLog entry for Microblaze fix 2018-06-15 09:39:19 +01:00
Simon Butcher
577d39b930 Compilation warning fixes on 32b platfrom with IAR 
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683

This is based on work by Ron Eldor in PR #750.
 2018-06-14 09:10:23 +01:00
Simon Butcher
a5fb40d9f9 Merge remote-tracking branch 'public/pr/1465' into mbedtls-2.1 2018-06-11 11:49:28 +01:00
Simon Butcher
0c362f68b3 Add ChangeLog entry for _WIN32_WINNT override fix 2018-06-08 16:27:04 +01:00
Simon Butcher
fcc7a62bb1 Merge remote-tracking branch 'public/pr/1403' into mbedtls-2.1 2018-06-01 19:43:55 +01:00
Moran Peker
6981df59e7 Remove double declaration of mbedtls_ssl_list_ciphersuites 
Raised by TrinityTonic. #1359
 2018-05-23 18:42:36 +01:00
Simon Butcher
a8002f8f39 Merge remote-tracking branch 'public/pr/1611' into mbedtls-2.1 2018-05-23 17:58:10 +01:00
Simon Butcher
7350ab18df Fix ChangeLog for PR #1582 following merge 2018-05-23 17:55:02 +01:00
Simon Butcher
e64bf3968e Merge remote-tracking branch 'public/pr/1582' into mbedtls-2.1 2018-05-23 17:53:23 +01:00
Simon Butcher
13188782a0 Fix up ChangeLog following rebase to mbedtls-2.1.12 2018-05-11 16:41:07 +01:00
Andres AG
879e62697e Allow the entry_name size to be set in config.h 
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
 2018-05-11 16:38:38 +01:00
Jaeden Amero
3263f46a0e Merge remote-tracking branch 'upstream-restricted/pr/480' into mbedtls-2.1-restricted 2018-04-30 17:38:15 +01:00
Simon Butcher
50d802172f Fix the ChangeLog for clarity, english and credit 2018-04-30 17:23:10 +01:00
Jaeden Amero
6c0fba4350 Update version to 2.1.12 2018-04-27 13:13:54 +01:00
Jaeden Amero
4faad41346 Merge remote-tracking branch 'upstream-restricted/pr/472' into mbedtls-2.1-restricted-proposed 
Remove trailing whitespace from ChangeLog.
 2018-04-26 11:09:15 +01:00
Jaeden Amero
7db991d56a Merge branch 'mbedtls-2.1-proposed' into mbedtls-2.1-restricted-proposed 
Resolve conflicts in ChangeLog
 2018-04-26 09:03:14 +01:00
Andrzej Kurek
128bcbea1a Changelog entry 2018-04-25 05:29:47 -04:00
Andrzej Kurek
bb6661479f ssl_tls: Fix invalid buffer sizes during compression / decompression 
Adjust information passed to zlib to include already written data.
 2018-04-23 08:29:36 -04:00
Mohammad Azim Khan
3f1d5cb324 Same ciphersuite validation in server and client hello 2018-04-20 19:52:49 +01:00
Manuel Pégourié-Gonnard
1e2f4da801 Merge remote-tracking branch 'restricted/pr/469' into mbedtls-2.1-restricted-proposed 
* restricted/pr/469:
  Improve comments style
  Remove a redundant test
  Add buffer size check before cert_type_len read
  Update change log
  Adjust 2.1 specific code to match the buffer verification tests
  Add a missing buffer size check
  Correct buffer size check
 2018-04-18 12:22:24 +02:00
Darryl Green
ce52b58da0 Fix braces in mbedtls_memory_buffer_alloc_status() 2018-04-17 16:46:41 +02:00
Krzysztof Stachowiak
8fc134fcb1 Update change log 2018-04-05 08:51:35 +02:00
fbrosson
0620206db3 Backport 2.1: Use "#!/usr/bin/env perl" as shebang line. 2018-04-04 22:29:59 +00:00
Gilles Peskine
24f4584473 Align ChangeLog entry for PR #1396 with development 2018-04-04 10:18:37 +02:00
Jaeden Amero
23d979bee0 Merge remote-tracking branch 'upstream-public/pr/1554' into mbedtls-2.1-proposed 2018-04-03 19:15:28 +01:00
AndrzejKurek
0de430678e pk_sign: fix overriding and ignoring return values 2018-04-03 19:38:45 +02:00