yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 03:15:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,019 Commits 88 Branches 205 Tags 69 MiB
492519a7b4
Commit Graph

374 Commits

Author SHA1 Message Date
Simon Butcher
e5049f46d4 Fix for memory leak in RSA-SSA signing 
Fix in rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
 2016-01-02 01:24:15 +00:00
Manuel Pégourié-Gonnard
7929229a32 Fix bug checking pathlen on first intermediate 
Remove check on the pathLenConstraint value when looking for a parent to the
EE cert, as the constraint is on the number of intermediate certs below the
parent, and that number is always 0 at that point, so the constraint is always
satisfied.

The check was actually off-by-one, which caused valid chains to be rejected
under the following conditions:
- the parent certificate is not a trusted root, and
- it has pathLenConstraint == 0 (max_pathlen == 1 in our representation)

fixes #280
 2015-12-03 09:53:20 +01:00
Simon Butcher
0d1cf0fec1 Change version number to 1.2.18 
Changed for library version
 2015-11-06 10:51:16 +00:00
Simon Butcher
06f8b91777 Corrected typo in ChangeLog 2015-11-03 23:15:00 +00:00
Manuel Pégourié-Gonnard
1afde77a3f Merge branch 'polarssl-1.2' into polarssl-1.2-restricted 
* polarssl-1.2:
  Use own implementation of strsep()
  Add Changelog entries for this branch
  Use symbolic constants in test data
  Fixed pathlen contraint enforcement.
  Additional corner cases for testing pathlen constrains
  Added test case for pathlen constrains in intermediate certificates
 2015-11-02 06:58:09 +09:00
Manuel Pégourié-Gonnard
018063477b Add Changelog entries for this branch 2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard
f2256ebd43 Merge branch 'polarssl-1.2' into polarssl-1.2-restricted 
* polarssl-1.2:
  Disable reportedly broken assembly of Sparc(64)
 2015-10-30 10:18:25 +01:00
Manuel Pégourié-Gonnard
31e095ef00 Disable reportedly broken assembly of Sparc(64) 
fixes #292
 2015-10-27 15:14:35 +01:00
Manuel Pégourié-Gonnard
5388eea449 Fix potential buffer overflow in asn1write 
Ref: IOTSSL-519
 2015-10-27 11:39:32 +01:00
Manuel Pégourié-Gonnard
80e6cffcad Fix potential heap corruption on Windows 
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.

Ref: IOTSSL-518

backport of 261faed725
 2015-10-27 11:30:31 +01:00
Manuel Pégourié-Gonnard
305722fa12 Bump version to 1.2.17 2015-10-05 19:14:51 +01:00
Simon Butcher
697b37a365 Merge branch 'polarssl-1.2-restricted' of ssh://github.com/ARMmbed/mbedtls-restricted into polarssl-1.2-restricted 2015-10-05 17:34:36 +01:00
Simon Butcher
8b846b8804 Added CVE code to ChangeLog 2015-10-05 17:34:19 +01:00
Manuel Pégourié-Gonnard
01978bfe63 Merge branch 'polarssl-1.2' into polarssl-1.2-restricted 
* polarssl-1.2:
  Fix spurious #endif from previous cherry-pick
  Fix macroization of inline in C++
  Add missing warning in doc
  Fix compile error in net.c with musl libc
 2015-10-05 17:31:05 +01:00
Simon Butcher
ac4461f783 Changed attribution for Guido Vranken 2015-10-05 17:26:53 +01:00
Simon Butcher
c047c74b95 Merge of multiple security fixes 2015-10-05 17:18:59 +01:00
Manuel Pégourié-Gonnard
0123405f32 Fix macroization of inline in C++ 
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
 2015-10-05 14:37:00 +01:00
Manuel Pégourié-Gonnard
27840e0d43 Fix compile error in net.c with musl libc 
fixes #278
 2015-10-05 14:32:43 +01:00
Manuel Pégourié-Gonnard
d64f1ad98b Fix potential overflow in CertificateRequest 2015-10-02 12:36:02 +02:00
Manuel Pégourié-Gonnard
65d6a97e65 Add ChangeLog entry 2015-10-02 10:09:53 +02:00
Manuel Pégourié-Gonnard
9a656a0aaa Fix typos in ChangeLog 2015-10-01 18:19:14 +02:00
Manuel Pégourié-Gonnard
e4e4be77be Fix potential overflow in base64_encode 2015-10-01 18:10:17 +02:00
Manuel Pégourié-Gonnard
b73ce45b3f Fix potential random malloc in pem_read() 2015-10-01 17:00:22 +02:00
Manuel Pégourié-Gonnard
9b75305d6a Fix potential buffer overflow in mpi_read_string() 
Found by Guido Vranken.

Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.

Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).

Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
 2015-10-01 16:59:55 +02:00
Manuel Pégourié-Gonnard
73011bba95 Fix stack buffer overflow in pkcs12 2015-10-01 16:57:47 +02:00
Simon Butcher
2cf9696785 Refined credits in ChangeLog for fuzzing issue 
Changed GDS to Gotham Digital Science
 2015-09-22 10:26:12 +01:00
Manuel Pégourié-Gonnard
9405e462d0 Bump version to 1.2.15 2015-09-17 11:55:25 +02:00
Manuel Pégourié-Gonnard
2bc4505f5d Add counter-measure against RSA-CRT attack 
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/

backport of a1cdcd2
 2015-09-09 12:36:49 +02:00
Manuel Pégourié-Gonnard
fa566e3545 Fix possible client crash on API misuse 2015-09-03 11:01:37 +02:00
Manuel Pégourié-Gonnard
aa4e55bd23 Fix warning with MD/SHA ALT implementation 
backport of e217cee

see #239
 2015-08-31 12:23:30 +02:00
Manuel Pégourié-Gonnard
faf44abf2a Accept a trailing space at end of PEM lines 
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
 2015-08-10 16:43:28 +02:00
Manuel Pégourié-Gonnard
ebb9cf9cc6 Fix compile error with armcc5 --gnu 2015-08-10 16:41:50 +02:00
Manuel Pégourié-Gonnard
af39e3e597 Fix missing -static-libgcc for dlls 2015-08-10 16:41:14 +02:00
Manuel Pégourié-Gonnard
7f61053371 Fix bug with cmake and old version of GCC 2015-08-10 16:40:02 +02:00
Paul Bakker
7fc4e3e225 Prepare for 1.2.15 release 2015-08-10 15:06:34 +01:00
Manuel Pégourié-Gonnard
3517c20df7 Up default server DH params to 2048 bits 2015-07-03 17:43:06 +02:00
Manuel Pégourié-Gonnard
26d88cf154 Fix thread-safety issue in debug.c 2015-06-29 18:54:28 +02:00
Manuel Pégourié-Gonnard
5324d411da Up min size of DHM params to 1024 bits 2015-06-29 18:54:28 +02:00
Paul Bakker
7b209579c6 Prepare for 1.2.14 release 2015-06-26 15:35:30 +01:00
Manuel Pégourié-Gonnard
70f0df9e46 Add countermeasure against cache-based lucky 13 2015-04-29 09:45:58 +02:00
Manuel Pégourié-Gonnard
0c2fa144bc Fix invalid memory read in x509_get_sig() 2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard
cd7d24d464 Fix bug in Via Padlock support 
Backport of cf201201 from the 1.3 branch
 2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard
7e82884811 Fix hardclock with some versions of mingw64 
Backport of 383433535 from the 1.3 branch
 2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard
a9553a8c49 Fix warnings from mingw64 in timing.c 
Backport from dda52139 from the 1.3 branch
 2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard
64f65e84bc Fix potential unintended sign extension 
Backport of 6fdc4cae from the 1.3 branch
 2015-04-23 10:55:04 +02:00
Manuel Pégourié-Gonnard
82f1a88a92 Update Changelog for the last two commits 2015-04-23 10:55:04 +02:00
Paul Bakker
9fdc58fd9e Ready for release 1.2.13 2015-02-16 15:17:32 +01:00
Manuel Pégourié-Gonnard
f097400abc Fix small bug in base64_encode() 2015-02-05 11:48:58 +00:00
James Cowgill
b82f59162c Fix mips64 bignum implementation 
- Use correct mips64 define (__mips64, not __mips64__).
- Added mips64 to the list of arches supporting 64-bit ints.
 2015-02-05 11:41:03 +00:00
Manuel Pégourié-Gonnard
2dc15c8e7d Fix unchecked error on windows 2015-02-05 11:34:49 +00:00