Commit Graph

4394 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
fb84d38b45 Try to prevent some misuse of RSA functions
fixes #331
2015-10-30 10:56:25 +01:00
Manuel Pégourié-Gonnard
2b624e9b39 Add Changelog entries for this branch 2015-10-30 09:45:34 +01:00
Manuel Pégourié-Gonnard
45777c384d Fix a style issue 2015-10-30 09:24:28 +01:00
Manuel Pégourié-Gonnard
e670f90e48 Fix whitespace at EOL issues 2015-10-30 09:23:19 +01:00
Manuel Pégourié-Gonnard
03dde85c3b Use symbolic constants in test data 2015-10-30 09:18:06 +01:00
Manuel Pégourié-Gonnard
f7a4688257 Mention new test script in Readme 2015-10-28 13:43:43 +01:00
Manuel Pégourié-Gonnard
8de8a327f4 Bump yotta version to 2.2.0-rc.1 2015-10-27 18:09:39 +01:00
Simon Butcher
6edd78bd8b Merge branch 'misc' into development 2015-10-27 16:58:01 +00:00
Simon Butcher
204606238c Merge branch 'development' into misc 2015-10-27 16:57:34 +00:00
Simon Butcher
459a950f31 Fixed typo in comment 2015-10-27 16:09:03 +00:00
Simon Butcher
b48ace74c4 Merge branch 'iotssl-513-alerts' into development 2015-10-27 16:06:10 +00:00
Simon Butcher
62aab15085 Merge branch 'development' into iotssl-513-alerts 2015-10-27 16:05:34 +00:00
Simon Butcher
c87747b675 Removed debug code accidentally left in test code
Removed debug code accidentally left in test_suite_x509parse.function.
2015-10-27 15:16:51 +00:00
Simon Butcher
fa8094ea40 Merge branch 'iotssl-521-keylen-check' into development 2015-10-27 15:15:40 +00:00
Simon Butcher
5f7c34b8b0 Merge branch iotssl-521-keylen-check 2015-10-27 15:14:55 +00:00
Manuel Pégourié-Gonnard
e0b2feae34 Mention performance fix in ChangeLog 2015-10-27 10:24:54 +01:00
Simon Butcher
e357a64355 Merge pull request #328 from ARMmbed/iotssl-461-ecjpake-finalization
Iotssl 461 ecjpake finalization
2015-10-27 00:08:31 +00:00
Manuel Pégourié-Gonnard
231a065909 yotta Readme: edited by Irit 2015-10-26 17:50:04 +01:00
Janos Follath
3fc644f246 Removed recursion from fix #309. 2015-10-25 14:24:10 +01:00
Janos Follath
8483e28e21 Merge remote-tracking branch 'upstream/development' into iss309 2015-10-25 12:36:03 +01:00
Janos Follath
6cbacec3b3 Improved on the fix of #309 and extended the test to cover subroutines. 2015-10-25 12:31:27 +01:00
Janos Follath
044a86bde8 Tests and fix added for #309 (inplace mpi doubling). 2015-10-25 10:58:03 +01:00
Manuel Pégourié-Gonnard
65eefc8707 Fix missing check for RSA key length on EE certs
- also adapt tests to use lesser requirement for compatibility with old
  testing material
2015-10-23 16:19:53 +02:00
Manuel Pégourié-Gonnard
ac8673cb3f Add quick script to estimate ROM footprint 2015-10-23 15:51:02 +02:00
Manuel Pégourié-Gonnard
de9f953b9f Optimize more common cases in ecp_muladd() 2015-10-23 15:50:37 +02:00
Manuel Pégourié-Gonnard
d21eb2ae81 Fix attribution in ChangeLog 2015-10-23 15:35:02 +02:00
Manuel Pégourié-Gonnard
fbdf06c1a4 Fix handling of non-fatal alerts
fixes #308
2015-10-23 13:11:31 +02:00
Manuel Pégourié-Gonnard
503a5efef1 Add key-exchanges.pl to test list 2015-10-23 09:04:45 +02:00
Manuel Pégourié-Gonnard
50bd2607b8 Add -Werror to reduced configs test scripts 2015-10-23 08:53:34 +02:00
Manuel Pégourié-Gonnard
5c2a7ca989 Fix warning in some reduced configs 2015-10-23 08:48:41 +02:00
Manuel Pégourié-Gonnard
e5f3072aed Fix #ifdef inconsistency
fixes #310

Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.
2015-10-23 08:40:23 +02:00
Manuel Pégourié-Gonnard
5df9216c9e Add script to test configs with single key exchanges 2015-10-22 16:11:39 +02:00
Manuel Pégourié-Gonnard
7980096899 Further update Redmes regarding the two editions 2015-10-22 10:48:47 +02:00
Manuel Pégourié-Gonnard
87173fa6d5 yotta Readme: mention all examples 2015-10-21 18:38:02 +02:00
Manuel Pégourié-Gonnard
ac121731eb yotta Readme: expand configuration example 2015-10-21 18:33:07 +02:00
Manuel Pégourié-Gonnard
f13139ab63 yotta readme: mention supported platforms 2015-10-21 18:32:34 +02:00
Manuel Pégourié-Gonnard
71956c9db9 Fix warnings about locations of header files 2015-10-21 17:59:05 +02:00
Manuel Pégourié-Gonnard
f45fd73d65 Remove TLS Client example, see mbed-tls-sockets 2015-10-21 17:54:11 +02:00
Manuel Pégourié-Gonnard
66fc07362e Fix typo in an OID name
fixes #314
2015-10-21 16:40:29 +02:00
Manuel Pégourié-Gonnard
7c5fcdc17a Disable reportedly broken assembly of Sparc(64)
fixes #292
2015-10-21 14:52:24 +02:00
Manuel Pégourié-Gonnard
bc5e508855 Fix other int casts in bounds checking
Not a security issue as here we know the buffer is large enough (unless
something else if badly wrong in the code), and the value cast to int is less
than 2^16 (again, unless issues elsewhere).

Still changing to a more correct check as a matter of principle
2015-10-21 12:51:16 +02:00
Manuel Pégourié-Gonnard
4dc9b394d3 Fix other occurrences of same bounds check issue
Security impact is the same: not triggerrable remotely except in very specific
use cases
2015-10-21 12:50:45 +02:00
Manuel Pégourié-Gonnard
22c3b7b9da Fix potential buffer overflow in asn1write 2015-10-21 12:13:05 +02:00
Manuel Pégourié-Gonnard
261faed725 Fix potential heap corruption on Windows
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
2015-10-21 10:25:22 +02:00
Manuel Pégourié-Gonnard
cdea97c1c3 Remove useless code
closes #321
2015-10-20 20:06:36 +02:00
Manuel Pégourié-Gonnard
173c790722 Fix potential double-free in ssl_conf_psk() 2015-10-20 19:56:45 +02:00
Manuel Pégourié-Gonnard
c8cd2c6577 Small fix to 'make test' script
When the tests fail they don't display the number of skipped and run test
2015-10-20 17:01:10 +02:00
Manuel Pégourié-Gonnard
8a7a189220 Fix curves.pl for ECJPAKE disabled by default 2015-10-20 16:56:12 +02:00
Manuel Pégourié-Gonnard
4b20c0ee53 Fix potential stack buffer overflow in ecjpake
Two causes:
- the buffer is too short (missing 4 bytes for encoding id_len)
- the test was wrong

Would only happen when MBEDTLS_ECP_MAX_BITS == the bitsize of the curve
actually used (does not happen in the default config).

Could not be triggered remotely.
2015-10-20 16:20:56 +02:00
Manuel Pégourié-Gonnard
12ca6f5b9c Update ssl-opt.sh for EC J-PAKE disabled by default 2015-10-20 15:24:51 +02:00