yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 23:35:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,154 Commits 88 Branches 205 Tags 69 MiB
6eb066ed56
Commit Graph

2311 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
11331fc25b First working dirty version 
- uses too much resources
- wrong API
 2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
9650205df7 Start detecting epoch 0 ClientHellos 2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
7f2f062a5d Fix possible client crash on API misuse 2015-09-07 12:27:24 +02:00
Manuel Pégourié-Gonnard
aac5502553 Bump version to 2.1.0 2015-09-04 14:33:31 +02:00
Manuel Pégourié-Gonnard
37ff14062e Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Simon Butcher
52754594b6 Merging iotssl-457-badtail with development branch 2015-09-03 13:06:01 +01:00
Manuel Pégourié-Gonnard
fdbdd72b8b Skip to trusted certs early in the chain 
This helps in the case where an intermediate certificate is directly trusted.
In that case we want to ignore what comes after it in the chain, not only for
performance but also to avoid false negatives (eg an old root being no longer
trusted while the newer intermediate is directly trusted).

closes #220
 2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard
4d04cdcd12 Fix RSA mutex fix 
Once the mutex is acquired, we must goto cleanup rather that return.
Since cleanup adjusts the return value, adjust that in test cases.

Also, at cleanup we don't want to overwrite 'ret', or we'll loose track of
errors.

see #257
 2015-08-31 09:31:55 +02:00
Manuel Pégourié-Gonnard
1385a289f4 Fix possible mutex lock/unlock mismatch 
fixes #257
 2015-08-27 11:30:58 +02:00
Manuel Pégourié-Gonnard
e578b1c79a Relax timing_self_test for windows idiosyncrasies 2015-08-18 20:11:48 +02:00
Manuel Pégourié-Gonnard
c98204e68f Fix missing break in switch for SSL presets 
closes #235
 2015-08-11 04:21:01 +02:00
Manuel Pégourié-Gonnard
91bbfb6fb7 Make timing selftest less sensitive 
- allow up to 12.5% security/error margin
- use larger delays
- this avoid the security/error margin being too low

The test used to fail about 1 out of 6 times on some buildbots VMs, but never
failed on the physical machines used for development.
 2015-08-10 14:33:12 +02:00
Manuel Pégourié-Gonnard
ed46c436c0 Fix error when loading libmbedtls.so 2015-08-10 10:17:32 +02:00
Manuel Pégourié-Gonnard
111ce9f735 Fix build error with shared libraries for windows 2015-08-07 12:07:16 +02:00
Manuel Pégourié-Gonnard
8018c28600 Add -static-libgcc for Windows dll builds 2015-08-07 11:55:56 +02:00
Manuel Pégourié-Gonnard
620ee19823 Fix return of x509_self_test without SHA-1 
No being able to run the test is not a failure
 2015-08-07 10:57:47 +02:00
Manuel Pégourié-Gonnard
d1004f02e6 Fix printed output of some selftests 2015-08-07 10:57:41 +02:00
Manuel Pégourié-Gonnard
0a8857435c DTLS: treat bad MAC on Finished as an error 
This is not required nor recommended by the protocol, and it's a layering
violation, but it's a know flaw in the protocol that you can't detect a PSK
auth error in any other way, so it is probably the right thing to do.

closes #227
 2015-08-04 12:11:17 +02:00
Manuel Pégourié-Gonnard
052d10c9d5 Accept a trailing space at end of PEM lines 
With certs being copy-pasted from webmails and all, this will probably become
more and more common.

closes #226
 2015-07-31 11:11:26 +02:00
Manuel Pégourié-Gonnard
6fb8187279 Update date in copyright line 2015-07-28 17:11:58 +02:00
Simon Butcher
10a6f02f83 Merge branch 'development' into IOTSSL-442-hello-noext 
Conflicts:
	ChangeLog
 2015-07-27 13:45:40 +01:00
Manuel Pégourié-Gonnard
6f42417ba8 Fix typo in that broke installation in cmake 
closes #221
 2015-07-24 16:55:22 +02:00
Manuel Pégourié-Gonnard
4cc8c63226 Add test for extensionless ClientHello 2015-07-23 12:24:03 +02:00
Manuel Pégourié-Gonnard
a6e5bd5654 Fix bug with extension-less ServerHello 
https://tls.mbed.org/discussions/bug-report-issues/server-hello-parsing-bug

in_hslen include the length of the handshake header. (We might want to change
that in the future, as it is a bit annoying.)
 2015-07-23 12:23:19 +02:00
Manuel Pégourié-Gonnard
cb0d212c97 Fix level of some debug messages 2015-07-22 11:52:11 +02:00
Manuel Pégourié-Gonnard
b076116e14 Fix one debug message 2015-07-22 11:39:23 +02:00
Manuel Pégourié-Gonnard
1bab7d7064 Fix blank line in comments 2015-07-13 09:06:18 +01:00
Paul Bakker
4cb87f409d Prepare for 2.0.0 release 2015-07-10 14:09:43 +01:00
Manuel Pégourié-Gonnard
fc2ccfe72c Fix missing comma with ENTROPY_HARDWARE_ALT 2015-07-10 11:15:50 +01:00
Manuel Pégourié-Gonnard
a4f055fe0c Some windows environments don't have _snprint_s 
Do an alternative version for them.
That happens for example with our windows buildbot with mingw32-make.
 2015-07-08 17:35:37 +02:00
Manuel Pégourié-Gonnard
20af64dc2c Still need to #define inline for MSVC 
I only tested with VS2015 earlier, but previous versions apparently still
don't know that standard C99 keyword though it's documented on MSDN...
 2015-07-07 23:21:30 +02:00
Manuel Pégourié-Gonnard
e540b49a3f Add one more debug message 2015-07-07 12:44:38 +02:00
Manuel Pégourié-Gonnard
b4b19f395f Add a debug message 2015-07-07 11:41:21 +02:00
Manuel Pégourié-Gonnard
001f2b6246 Use xxx_clone() instead of memcpy() in SSL 2015-07-06 16:54:51 +02:00
Manuel Pégourié-Gonnard
c0bf01e8d2 Undo overzealous renaming of internal variables 
The rename script couldn't know it was a local variable with the same name as
on of the global functions
 2015-07-06 16:26:23 +02:00
Manuel Pégourié-Gonnard
052a6c9cfe Add mbedtls_md_clone() 2015-07-06 16:06:02 +02:00
Manuel Pégourié-Gonnard
16d412f465 Add md/shaXXX_clone() API 
Will be used in the SSL/TLS modules
 2015-07-06 15:48:34 +02:00
Manuel Pégourié-Gonnard
b9d64e5bbe Fix missing calls to md/shaxxx_free() 2015-07-06 14:18:56 +02:00
Manuel Pégourié-Gonnard
71d296a15d Add missing calls to _free() in md_wrap 
We can't just assume xxx_free() will only zeroize, because of alternative
implementations
 2015-07-06 11:36:25 +02:00
Manuel Pégourié-Gonnard
5791109707 Make the hardclock test optional 
Known to fail on VMs (such as the buildbots), see eg
http://blog.badtrace.com/post/rdtsc-x86-instruction-to-detect-vms/
 2015-07-01 19:22:12 +02:00
Manuel Pégourié-Gonnard
9bd0afdb22 Add guards for closed socket in net.c 
This is particularly problematic when calling FD_SET( -1, ... ), but let's
check it in all functions.

This was introduced with the new API and the fact the net_free() now sets the
internal fd to -1 in order to mark it as closed: now using this information.
 2015-07-01 19:03:27 +02:00
Manuel Pégourié-Gonnard
2505528be4 Rm obsolete defines for inline wiht MSVC 
The "inline" keyword is supported since Visual Studio 2005 according to MSDN,
and we require Visual Studio 2010 or higher.
 2015-07-01 17:22:36 +02:00
Manuel Pégourié-Gonnard
636741b176 Remove obsolete hacks for uin32_t 
We now require support for stdint.h from the compiler.
 2015-07-01 17:13:05 +02:00
Manuel Pégourié-Gonnard
9de64f5af1 Fix MSVC warnings in library and programs 2015-07-01 16:56:08 +02:00
Manuel Pégourié-Gonnard
acecb653d5 Fix mbedtls_net_usleep() on Windows 
For some reason select() doesn't seem to work.
 2015-07-01 12:00:56 +02:00
Manuel Pégourié-Gonnard
abc729e664 Simplify net_accept() with UDP sockets 
This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it.
 2015-07-01 01:28:24 +02:00
Manuel Pégourié-Gonnard
db2468d7aa Update old comment 2015-06-30 17:19:48 +02:00
Manuel Pégourié-Gonnard
3d7d00ad23 Rename mbedtls_net_close() to mbedtls_net_free() 
close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules
 2015-06-30 16:50:37 +02:00
Manuel Pégourié-Gonnard
91895853ac Move from naked int to a structure in net.c 
Provides more flexibility for future changes/extensions.
 2015-06-30 15:56:25 +02:00
Manuel Pégourié-Gonnard
16a17a496c Fix net_accept() for UDP sockets on Windows 
On Windows, recvfrom() returns an error code if the destination buffer is too
small to hold the next datagram.
 2015-06-30 11:31:10 +02:00
Manuel Pégourié-Gonnard
a16e7c468c Rename a debug function 2015-06-29 20:14:19 +02:00
Manuel Pégourié-Gonnard
80d627a5ae Remove now useless function 2015-06-29 20:12:51 +02:00
Manuel Pégourié-Gonnard
b74c245a20 Rework debug to not need dynamic alloc 
But introduces dependency on variadic macros
 2015-06-29 20:08:23 +02:00
Manuel Pégourié-Gonnard
fa67ebaebb Fix X.509 keysize check with multiple CAs 
Assume we have two trusted CAs with the same name, the first uses ECDSA 256
bits, the second RSA 2048; cert is signed by the second. If we do the keysize
check before we checked the key types match, we'll raise the badkey flags when
checking the EC-256 CA and it will remain up even when we finally find the
correct CA. So, move the check for the key size after signature verification,
which implicitly checks the key type.
 2015-06-27 14:41:38 +02:00
Manuel Pégourié-Gonnard
f659d2cd40 Tune up Windows snprintf() support 
When we build with Visual Studio in debug mode, the invalid parameter handler
aborts the application (and offers to debug it) when n is 0. We want to
just return -1 instead (as calls with n == 0 are expected and happen in our
tests).
 2015-06-26 17:45:00 +02:00
Manuel Pégourié-Gonnard
e1d34d1707 cmake: add shortcut 'lib' for all libraries 
Name chosen to match the existing make target.
 2015-06-25 14:53:13 +02:00
Manuel Pégourié-Gonnard
574ae18088 Fix stupid typo that broke make SHARED=1 2015-06-25 14:30:51 +02:00
Manuel Pégourié-Gonnard
147be4f315 Rm old variable from (c)make files 2015-06-25 11:57:13 +02:00
Manuel Pégourié-Gonnard
752c501126 One soversion per library 2015-06-25 11:56:17 +02:00
Manuel Pégourié-Gonnard
c7781addcb Split library in CMake 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
ba2c8763b6 cmake: adjust libraries linking 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
216a1831de Fix whitespace in CMakeLists.txt 
- all spaces no tabs
- indent with 4 spaces everywhere
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
cde2aba0af Do no test net_usleep in timing_selftest 
Timing belongs in libcrypto (due to havege depending on it)
while net.c was put in libtls (only test ssl servers use it)
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
53585eeb17 Remove test DHM params from certs.c 
certs.c belongs to the X.509 library, while DHM belongs to the crypto lib.
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
0761733c1b Fix potential NULL dereference 
We document that either of recv or recv_timeout may be NULL, but for TLS we
always used recv... Thanks Coverity for catching that.
(Not remotely trigerrable: local configuration.)

Also made me notice net_recv_timeout didn't do its job properly.
 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
dba460f2f3 Add SSL "assertion" to help static analysis 2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
1cf7b30dc8 Rewrite test to make Coverity happier 
With the default config, it noticed the accept_comp was always 0, so the rest
of the test was dead code.
 2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
5c59a4fea5 Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
21dcc1e748 fixup 2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
463e09d64b Prepare library split 2015-06-24 12:05:33 +02:00
Manuel Pégourié-Gonnard
bae389b4d4 Fix uninitialized access 
Found using Codenomicon Defensics.
 2015-06-24 10:47:33 +02:00
Manuel Pégourié-Gonnard
bcc030849a Avoid fclose( NULL ) 
Found by Coverity Scan.
 2015-06-24 00:09:29 +02:00
Manuel Pégourié-Gonnard
fd474233c8 Change SSL debug API in the library 2015-06-23 18:44:11 +02:00
Manuel Pégourié-Gonnard
79c4e3ee59 Rm obsolete comments 2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard
b86145e6cd Avoid potential NULL dereference. 
May happen with a faulty configuration (eg no allowed curve but trying to use
ECDHE key exchange), but not trigger able remotely.

(Found with Clang's scan-build.)
 2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard
14bf7063b9 Add SSL "assertions" to help static analyzers 
scan-build was reporting NULL dereferences
 2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard
b9c93d0d0a Fix earlier incomplete change in RSA PMS reading 
Probably a bad merge from the 1.3 branch
 2015-06-23 18:43:53 +02:00
Manuel Pégourié-Gonnard
19389753c8 Avoid dead stores (makes scan-build happier) 2015-06-23 13:46:44 +02:00
Manuel Pégourié-Gonnard
c0d749418b Make 'port' a string in NET module 
- avoids dependency on snprintf
- allows using "smtps" instead of "456" if desired
 2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
d23f593737 Avoid static buffer in debug module 
Caused issues in threading situations
 2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
96fb685e31 Some more init calls 2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
496f24e949 Deduplicate SHA-2 wrappers 2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
ab5932192a Call init functions in MD alloc wrappers 
When someone defines MBEDTLS_MD5_ALT for example, the init function may need
to do more that just zeroizing the context
 2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
1cd10adc7c Update prototype of x509write_set_key_usage() 
Allow for future support of decipherOnly and encipherOnly. Some work will be
required to ensure we still write only one byte when only one is needed.
 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
655a964539 Adapt check_key_usage to new weird bits 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
9a702255f4 Add parsing/printing for new X.509 keyUsage flags 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
b80d16d171 Fix return convention of x509_wildcard_verify() 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
07894338a0 Rename M255 to Curve25519 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
7320eb46d4 Remove references to some Montgomery curves 
After all it looks like those won't become standard.
 2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
9386664543 Move from inttypes.h to stdint.h 
Some toolchains do not have inttypes.h, and we only need stdint.h which is a
subset of it.
 2015-06-22 23:41:26 +02:00
Manuel Pégourié-Gonnard
e7e89844d6 Fix and document corner-cases of time checking 2015-06-22 23:41:24 +02:00
Manuel Pégourié-Gonnard
57e10d71be Fix potential NULL dereference. 
Introduced when moving from gmtime_r() to gmtime().
Found with fbinfer.
 2015-06-22 23:40:44 +02:00
Manuel Pégourié-Gonnard
f9b85d96a9 Fix potential resource leak in X.509 parse dir 
Found with fbinfer.
 2015-06-22 18:39:57 +02:00
Manuel Pégourié-Gonnard
bcf13bab5d Fix issue with MemSan and entropy 
Due to the recent change about entropy sources strength, it is no longer
acceptable to just disable the platform source. So, instead "fix" it so that
it is clear to MemSan that memory is initialized.

I tried __attribute__((no_sanitize_memory)) and MemSan's blacklist file, but
couldn't seem to get them to work.
 2015-06-22 18:25:41 +02:00
Manuel Pégourié-Gonnard
cdc26ae099 Add mbedtls_ssl_set_hs_authmode 
While at it, fix the following:
- on server with RSA_PSK, we don't want to set flags (client auth happens via
  the PSK, no cert is expected).
- use safer tests (eg == OPTIONAL vs != REQUIRED)
 2015-06-22 14:52:40 +02:00
Manuel Pégourié-Gonnard
9dbaf400ef Rationalize other snprintf() uses 2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
1685368408 Rationalize snprintf() usage in X.509 modules 2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
6c0c8e0d3d Include fixed snprintf for Windows in platform.c 
Use _WIN32 to detect it rather that _MSC_VER as it turns out MSYS2 uses the
broken MS version by default too.
 2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
f9cbd73191 Update generated files 2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
7580ba475d Add a concept of entropy source strength. 
The main goal is, we want and error if cycle counter is the only source.
 2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
3f77dfbd52 Add MBEDTLS_ENTROPY_HARDWARE_ALT 
Makes it easier for an external module to plug its hardware entropy collector.
 2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
bf82ff0209 Fix entropy thresholds 2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
60c793bdc9 Split HAVE_TIME into HAVE_TIME + HAVE_TIME_DATE 
First one means we have time() but it may not return the actual wall clock
time, second means it does.
 2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
c0696c216b Rename mbedtls_mpi_msb to mbedtls_mpi_bitlen 2015-06-18 16:49:37 +02:00
Manuel Pégourié-Gonnard
097c7bb05b Rename relevant global symbols from size to bitlen 
Just applying rename.pl with this file:

mbedtls_cipher_get_key_size mbedtls_cipher_get_key_bitlen
mbedtls_pk_get_size mbedtls_pk_get_bitlen
MBEDTLS_BLOWFISH_MIN_KEY MBEDTLS_BLOWFISH_MIN_KEY_BITS
MBEDTLS_BLOWFISH_MAX_KEY MBEDTLS_BLOWFISH_MAX_KEY_BITS
 2015-06-18 16:43:38 +02:00
Manuel Pégourié-Gonnard
fb317c5221 Rename parameter in a x509 helper 2015-06-18 16:41:13 +02:00
Manuel Pégourié-Gonnard
39a48f4934 Internal renamings in PK 
+ an unrelated comment in SSL
 2015-06-18 16:06:55 +02:00
Manuel Pégourié-Gonnard
12ad798c87 Rename ssl_session.length to id_len 2015-06-18 15:50:37 +02:00
Manuel Pégourié-Gonnard
898e0aa210 Rename key_length in cipher_info 2015-06-18 15:31:10 +02:00
Manuel Pégourié-Gonnard
b8186a5e54 Rename len to bitlen in function parameters 
Clarify a few comments too.
 2015-06-18 14:58:58 +02:00
Manuel Pégourié-Gonnard
b31c5f68b1 Add SSL presets. 
No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values.
 2015-06-17 14:59:27 +02:00
Manuel Pégourié-Gonnard
7bfc122703 Implement sig_hashes 2015-06-17 14:34:48 +02:00
Manuel Pégourié-Gonnard
36a8b575a9 Create API for mbedtls_ssl_conf_sig_hashes(). 
Not implemented yet.
 2015-06-17 14:27:39 +02:00
Manuel Pégourié-Gonnard
9d412d872c Small internal changes in curve checking 
- switch from is_acceptable to the more usual check
- add NULL check just in case user screwed up config
 2015-06-17 14:27:39 +02:00
Manuel Pégourié-Gonnard
a83e4e2bf5 Extra check in verify_with_profile() 
This could happen if someone doesn't set the SSL configuration properly. In
that case we don't want to segfault...
 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
b541da6ef3 Fix define for ssl_conf_curves() 
This is a security feature, it shouldn't be optional.
 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
6e3ee3ad43 Add mbedtls_ssl_conf_cert_profile() 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
cbb1f6e5cb Implement cert profile checking 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
f8ea856296 Change data structure of profiles to bitfields 
- allows to express 'none' or 'all' more easily than lists
- more compact and easier to declare statically
- easier to check too

Only drawback: if we ever have more than 32 curves, we'll need an ABI change to
make that field a uint64_t.
 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
88db5da117 Add pre-defined profiles for cert verification 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
9505164ef4 Create cert profile API (unimplemented yet) 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
bd990d6629 Add ssl_conf_dhm_min_bitlen() 2015-06-17 11:37:04 +02:00
Manuel Pégourié-Gonnard
7ee5ddd798 Merge branch 'mbedtls-1.3' into development 
* mbedtls-1.3:
  Fix compile errors with NO_STD_FUNCTIONS
  Expand config.pl's notion of "full"
  Ack external bugfix in Changelog
  FIx misplaced Changelog entry (oops)
  Fix compile bug: incompatible declaration of polarssl_exit in platform.c
  Fix contributor's name in Changelog
 2015-06-03 10:33:55 +01:00
Manuel Pégourié-Gonnard
dccb80b7e5 Fix compile errors with NO_STD_FUNCTIONS 2015-06-03 10:20:33 +01:00
Manuel Pégourié-Gonnard
ba56136b5c Avoid in-out length in base64 2015-06-02 16:30:35 +01:00
Manuel Pégourié-Gonnard
3335205a21 Avoid in-out length in dhm_calc_secret() 2015-06-02 16:17:08 +01:00
Manuel Pégourié-Gonnard
f79b425226 Avoid in-out length parameter in bignum 2015-06-02 15:41:48 +01:00
ptahpeteh
249bece013 Fix compile bug: incompatible declaration of polarssl_exit in platform.c 
This causes a compile-time error: 

platform.c(157): error:  #147: declaration is incompatible with "void (*polarssl_exit)(int)" (declared at line 179 of "platform.h")
 2015-06-02 15:26:09 +02:00
Manuel Pégourié-Gonnard
c730ed3f2d Rename boolean functions to be clearer 2015-06-02 10:38:50 +01:00
Manuel Pégourié-Gonnard
9d51583772 Fix cipher identifier in des_ede3_info 2015-06-02 10:00:04 +01:00
Manuel Pégourié-Gonnard
0574bb0bdb Merge branch 'mbedtls-1.3' into development 
* mbedtls-1.3:
  Mark unused constant as such
  Update ChangeLog for recent external bugfix
  Serious bug fix in entropy.c
  Fix memleak with repeated [gc]cm_setkey()
  fix minor bug in path_cnt checks

Conflicts:
	include/mbedtls/cipher.h
	library/ccm.c
	library/entropy.c
	library/gcm.c
	library/x509_crt.c
 2015-06-02 09:59:29 +01:00
Manuel Pégourié-Gonnard
468b06dab0 Merge remote-tracking branch 'ptahpeteh/patch-1' into mbedtls-1.3 
* ptahpeteh/patch-1:
  Serious bug fix in entropy.c
 2015-06-02 09:03:06 +01:00
ptahpeteh
638fa0bb0f Serious bug fix in entropy.c 
Bug: mutex access within entropy_contex after it has been zeroed leads to app crash.
 2015-06-01 12:28:29 +02:00
Manuel Pégourié-Gonnard
f78e4de6f4 Fix warnings from -pedantic 2015-05-29 10:52:14 +02:00
Manuel Pégourié-Gonnard
f8b6fdedd9 Remove include that is no longer needed 2015-05-29 10:23:32 +02:00
Manuel Pégourié-Gonnard
864108daab Move from gmtime_r to gmtime + mutexes 
* gmtime_r is not standard so -std=c99 warns about it
* Anyway we need global mutexes in the threading layer, so better depend only
  on that, rather that global mutexes + some _r functions
 2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
ba19432d2e Move from asm to __asm by default 
- GCC with -std=c99 warns about asm but likes __asm
_ armcc5 has __asm but not asm
 2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
cb46fd8216 Avoid non-standard strcasecmp() 2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
2a84dfd747 Make ssl_cookie.c thread-safe 2015-05-28 17:28:39 +02:00
Manuel Pégourié-Gonnard
41b9c2b418 Remove individual mdX_file() and shaX_file() 2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
bfffa908a6 Implement md_file in the MD layer 2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
eb0d8706ce Add option for even smaller SHA-256 2015-05-28 16:45:23 +02:00
Manuel Pégourié-Gonnard
a7a3a5fe37 Make SHA-2 implementation smaller 
Adjust the size/performance trade-off:
* Reduces size of sha256_process() from 7.4KB to 2KB on ARMv7-M
* Reduces performance by less than 14% on Cortex-M4
* Seems to even improve performance on my Core i7
 2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
6a8ca33fa5 Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED 2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
6c967b95ff Fix typo in memory_buffer_alloc 2015-05-27 20:18:39 +02:00
Manuel Pégourié-Gonnard
944cfe8899 Allow use of global mutexes with threading_alt 2015-05-27 20:12:05 +02:00
Manuel Pégourié-Gonnard
61977614d8 Fix memleak with repeated [gc]cm_setkey() 2015-05-27 17:40:16 +02:00
Manuel Pégourié-Gonnard
43b08574a6 Avoid memory leak with repeated [gc]ccm_setkey() 2015-05-27 17:23:30 +02:00
Manuel Pégourié-Gonnard
3a89559d71 Fix compile errors in pkcs11.c 2015-05-27 17:09:21 +02:00
Manuel Pégourié-Gonnard
1b8de57827 Remove a few redundant memset after calloc. 
Using the following semantic patch provided by Mansour Moufid:

@@
expression x;
@@
  x = mbedtls_calloc(...)
  ...
- memset(x, 0, ...);
 2015-05-27 16:58:55 +02:00