yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 13:05:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,051 Commits 88 Branches 205 Tags 69 MiB
841192ba88
Commit Graph

6051 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hanno Becker
b5beaa8995 Check that 1 < D, E < N in mbedtls_rsa_validate_params 2017-10-02 13:20:20 +01:00
Hanno Becker
c6fc878eda Remove mbedtls_rsa_check_crt 
This is no longer needed after the decision to not exhaustively validate private key material.
 2017-10-02 13:20:15 +01:00
Hanno Becker
98838b04af Minor improvements 2017-10-02 13:17:01 +01:00
Hanno Becker
3f3ae85e11 Correct memory leak in RSA test suite 
The test for `mbedtls_rsa_import_raw` didn't include freeing the allocate buffers.
 2017-10-02 13:17:01 +01:00
Hanno Becker
7471631dde Make input arguments to mbedtls_rsa_import_raw constant 
Original intention was to be allowed to perform in-place operations like changing the byte-order before importing
parameters into an HSM. Now a copy is needed in this case, but there's no more danger of a user expecting the arguments
to be left untouched.
 2017-10-02 13:17:01 +01:00
Hanno Becker
43a08d029e Clarify guarantees made by rsa_check_privkey and rsa_complete 
Document explicitly that `mbedtls_rsa_check_privkey` and `mbedtls_rsa_complete` succeeding does not guarantee the
consistency of the underlying RSA private key but only that enough information is present to perform a private key
operation.
 2017-10-02 13:17:01 +01:00
Hanno Becker
1b831fe1c5 Clarify guarantees made by rsa_deduce_moduli/private/crt 2017-10-02 13:06:47 +01:00
Hanno Becker
bdefff1dde Change signature of mbedtls_rsa_deduce_private 
Make input arguments constant and adapt the implementation to use a temporary instead of in-place operations.
 2017-10-02 09:59:48 +01:00
Hanno Becker
ba5b755f1a Change signature and semantics of mbedtls_rsa_deduce_moduli 
Input arguments are marked as constant. Further, no double-checking is performed when a factorization of the modulus has
been found.
 2017-10-02 09:55:49 +01:00
Simon Butcher
83ce8201dc Update ChangeLog for fix to #836 2017-09-30 23:39:46 +01:00
Hanno Becker
2f38a43d3a Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog. 
Add a reference to the relevant RFC, adapt ChangeLog.
 2017-09-30 23:35:21 +01:00
Hanno Becker
f5f9d11acc Enhance documentation of mbedtls_ssl_set_hostname 
(1) Add missing error condition
(2) Specify allowance and effect of of NULL hostname parameter
(3) Describe effect of function on failure
 2017-09-30 23:35:12 +01:00
Hanno Becker
39f5d359f5 Make mbedtls_ssl_set_hostname safe to be called multiple times 
Zeroize and free previously set hostnames before overwriting
them. Also, allow clearance of hostname by providing NULL parameter.
 2017-09-30 23:35:02 +01:00
Hanno Becker
713fe7f66c Add test case calling ssl_set_hostname twice 
Add a test case calling ssl_set_hostname twice to test_suite_ssl.
When run in CMake build mode ASan, this catches the current leak,
but will hopefully be fine with the new version.
 2017-09-30 23:34:52 +01:00
Ron Eldor
376f7f5fe1 Fix typo in configs/README.txt file 
Fix typo in Readme file: ajust->adjust
 2017-09-30 21:37:59 +01:00
Xinyu Chen
00afe1c046 Correct the printf message of the DTLS handshake. 
Make it consistent with dtls_server.c
 2017-09-30 09:52:38 +01:00
Hanno Becker
08a36dde80 Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
Hanno Becker
b4274210a4 Improve documentation in pkparse.c 
State explicitly that `pk_parse_pkcs8_undencrypted_der` and `pk_parse_key_pkcs8_encrypted_der` are not responsible for
zeroizing and freeing the provided key buffer.
 2017-09-29 19:18:51 +01:00
Hanno Becker
f04111f5c5 Fix typo 2017-09-29 19:18:42 +01:00
Gilles Peskine
5b7ee07ff6 Cleaned up get_line for test data files 
Look, ma, a use for do...while!

Also removed 1-3 calls to strlen.
 2017-09-29 18:00:25 +02:00
Hanno Becker
56bae95e1d Improve style and documentation, fix typo 2017-09-29 15:43:49 +01:00
Gilles Peskine
26182edd0c Allow comments in test data files 2017-09-29 15:45:12 +02:00
Hanno Becker
4b2f691691 Doxygen: Use typewriter font for variables in rsa.h documentation 2017-09-29 13:36:54 +01:00
Hanno Becker
ed20361321 Increase readability of Doxygen output 
Multiple lists were not properly recognized as such.
 2017-09-29 13:34:25 +01:00
Hanno Becker
91c194dabb Add and document an RSA-specific error code for unsupported exports 
E.g., a private key on an external chip might not be exportable to RAM.
 2017-09-29 12:50:12 +01:00
Hanno Becker
bead71752e Correct typo in rsa.c 2017-09-29 12:41:06 +01:00
Hanno Becker
e1582a832b Add expectation when testing RSA key import/export 
This commit adds a flag to the RSA import/export tests indicating whether it is
expected that a full RSA keypair can be set up from the provided parameters.

Further, the tests of `mbedtls_rsa_import` and `mbedtls_rsa_import_raw` are
expanded to perform key checks and an example encryption-decryption.
 2017-09-29 11:54:05 +01:00
Hanno Becker
4d6e83406c Improve readability of test for mbedtls_rsa_import 2017-09-29 11:54:05 +01:00
Hanno Becker
5063cd2cca Deprecate direct manipulation of structure fields in RSA context 2017-09-29 11:54:05 +01:00
Hanno Becker
ba1ba11a98 Check that length is properly set in mbedtls_rsa_check_pubkey 2017-09-29 11:54:05 +01:00
Hanno Becker
2f8f06aa25 Don't always recompute context length in mbedtls_rsa_get_len 
This commit changes the implementation of `mbedtls_rsa_get_len` to return
`ctx->len` instead of always re-computing the modulus' byte-size via
`mbedtls_mpi_size`.
 2017-09-29 11:54:05 +01:00
Hanno Becker
54cfc585cd Add test cases for mbedtls_rsa_import[_raw] where N is missing 2017-09-29 11:54:05 +01:00
Hanno Becker
2cca6f3290 Always deduce N from P, Q in mbedtls_rsa_complete 
Previously, a parameter set of (-, P, Q, -, E) was completed, but (-, P, Q, D,
E) wasn't - this is odd.
 2017-09-29 11:54:05 +01:00
Hanno Becker
041a6b030f Adapt ChangeLog 2017-09-28 14:52:26 +01:00
Hanno Becker
a2f6b72cbb Add warnings regarding the use of DHM in general 2017-09-28 11:06:31 +01:00
Hanno Becker
e764324d96 Improve documentation in dhm.h 2017-09-28 11:06:31 +01:00
Hanno Becker
e71ad12cd5 Minor code-improvements in dhm.c 2017-09-28 11:06:31 +01:00
Hanno Becker
13be990114 Correct expectation in DHM test in ssl-opt.sh 
The previous test expected a DHM group generator of size 2048 bits, while with
the change to RFC 7919, the base is 2, so has bit-size 2.
 2017-09-28 11:06:31 +01:00
Hanno Becker
4c72b000cb Add const-qualifiers to prime constants 2017-09-27 16:06:37 +01:00
Hanno Becker
b1d4d1fa6e Add description of how the primes from RFC 3526/7919 were generated 2017-09-27 12:43:57 +01:00
Hanno Becker
8c8b0ab877 Change default Diffie-Hellman parameters from RFC 5114 to RFC 7919 
The origin of the primes in RFC 5114 is undocumented and their use therefore
constitutes a security risk.
 2017-09-27 12:43:57 +01:00
Hanno Becker
b2bad800e4 Introduce Diffie-Hellman parameters from RFC 7919 2017-09-27 12:43:55 +01:00
Hanno Becker
0e6dc84f3e Deprecate Diffie-Hellman groups from RFC 5114 
Also, change the way the standardized Diffie-Hellman groups are provided from
macro-based string-literals to global variables.
 2017-09-27 11:48:02 +01:00
Hanno Becker
cc56628117 Don't use all_final as a target in tests/data_files/Makefile 
The `neat` target in that Makefile assumes all_final to be a concatenation of
file names.
 2017-09-26 16:21:19 +01:00
Ron Eldor
8b766218a8 Update ChangeLog 
Update ChangeLog according to Andres seggestion
 2017-09-24 15:44:56 +03:00
Ron Eldor
2981a0a740 Address Andres PR comments 
Address Andres' comments in the PR
 2017-09-24 15:41:09 +03:00
Jaeden Amero
1526330931 Allow alternate implementation of GCM 
Provide the ability to use an alternative implementation of GCM in place
of the library-provided implementation.
 2017-09-22 17:42:44 +01:00
Hanno Becker
6428f8d78e Let ssl-opt.sh gracefully fail is SSL_MAX_CONTENT_LEN is not 16384 
Some tests in ssl-opt.sh require MBEDTLS_SSL_MAX_CONTENT_LEN to be set to its
default value of 16384 to succeed. While ideally such a dependency should not
exist, as a short-term remedy this commit adds a small check that will at least
lead to graceful exit if that assumption is violated.
 2017-09-22 16:58:50 +01:00
Hanno Becker
d8a6f7cfbe Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
Hanno Becker
a20e33ad59 Use X509 CRT version macros for version checks in x509write_crt_der 2017-09-22 15:40:01 +01:00