Commit Graph

488 Commits

Author SHA1 Message Date
Paul Bakker
8648f04e47 Potential buffer-overflow for ssl_read_record() 2013-09-11 13:16:28 +02:00
Paul Bakker
3f5b753654 ssl_write_certificate_request() can handle empty ca_chain
(cherry picked from commit 21360ca4d4)

Conflicts:
	library/ssl_srv.c
2013-06-21 15:13:59 +02:00
Paul Bakker
8199a3375f Added Security note (Advisory 2013-03) in ChangeLog
(cherry picked from commit 016ea076e7)

Conflicts:
	ChangeLog
2013-06-19 12:16:23 +02:00
Paul Bakker
68514b09a1 Prepared for PolarSSL release 1.1.7 2013-06-19 12:15:10 +02:00
Paul Bakker
90f242bf2e Fixed values for 2-key Triple DES in cipher layer
(cherry picked from commit 2be71faae4)

Conflicts:
	ChangeLog
2013-06-19 12:13:56 +02:00
Paul Bakker
a465d758aa Added missing free()
(cherry picked from commit ff3a4b010b)
2013-06-19 12:11:20 +02:00
Paul Bakker
03437fc198 Changed x509parse_crt_der() to support adding to chain.
Removed chain functionality from x509parse_crt() as x509parse_crt_der()
now handles that much cleaner.
(cherry picked from commit d6d4109adc)
2013-06-19 12:10:31 +02:00
Paul Bakker
b5df3bf1b4 ssl_parse_certificate() now calls x509parse_crt_der() directly
(cherry picked from commit 1922a4e6aa)

Conflicts:
	library/ssl_tls.c
2013-06-19 12:08:47 +02:00
Paul Bakker
721f06d49d x509parse_crt() now better handles PEM error situations
Because of new pem_read_buffer() handling of when it writes use_len,
x509parse_crt() is able to better handle situations where a PEM blob
results in an error but the other blobs can still be parsed.
(cherry picked from commit 6417186365)

Conflicts:
	ChangeLog
2013-06-19 12:07:42 +02:00
Paul Bakker
03a85bca4c pem_read_buffer() already update use_len after header and footer are read
After header and footer are read, pem_read_buffer() is able to determine
the length of input data used. This allows calling functions to skip
this PEM bit if an error occurs during its parsing.
(cherry picked from commit 9255e8300e)
2013-06-19 12:06:00 +02:00
Paul Bakker
1fd0e055be Disabled the HAVEGE random generator by default
Rationale: The HAVEGE random generator has too many caveats to be a
standard generator that people rely on. The HAVEGE random generator is not
suitable for virtualized environments. In addition the HAVEGE random
generator is dependent on timing and specific processor traits that
cannot be guaranteed by default on compile time.

Our advice: only use HAVEGE as an additional random source for your
entropy pool, never as your primary source.
(cherry picked from commit 08f06cf49f)

Conflicts:
	ChangeLog
2013-06-19 12:05:04 +02:00
Paul Bakker
d3cd5c1129 Prepared for PolarSSL 1.1.6 release 2013-03-11 17:02:58 +01:00
Paul Bakker
f8e407a690 Inserted bump_version.sh in git repository
(cherry picked from commit 34558735d2)
2013-03-11 16:56:36 +01:00
Paul Bakker
b5f272778e Fixed net_bind() for specified IP addresses on little endian systems
(cherry picked from commit 37286a573b)

Conflicts:
	ChangeLog
	library/net.c
2013-03-11 16:53:25 +01:00
Paul Bakker
e73a77f656 Removed timing differences due to bad padding from RSA decrypt for
PKCS#1 v1.5 operations
(cherry picked from commit 8804f69d46)

Conflicts:
	ChangeLog
	library/rsa.c
2013-03-11 16:51:05 +01:00
Paul Bakker
0a971b5dc8 Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.

The additional MAC checks further straighten out the timing differences.
(cherry picked from commit e47b34bdc8)

Conflicts:
	ChangeLog
	library/ssl_tls.c
2013-03-11 16:08:06 +01:00
Paul Bakker
f6bff2a300 Made x509parse.c also work with missing hash header files
(cherry picked from commit 2ca8ad10a1)
2013-03-11 16:05:32 +01:00
Paul Bakker
332166eeda Added comments to indicate dependency from PEM on AES, DES and MD5
(cherry picked from commit 6deb37e03e)

Conflicts:
	include/polarssl/config.h
2013-03-11 16:04:49 +01:00
Paul Bakker
6c04475bfc Fixed typo in base64.h
(cherry picked from commit fbb5cf9f59)
2013-03-11 16:04:04 +01:00
Paul Bakker
9fa6ea7cdf Fixed comment
(cherry picked from commit 86f04f400b)
2013-03-11 16:03:35 +01:00
Paul Bakker
48b7cb8ea2 Disable debug messages that can introduce a timing side channel.
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
(cherry picked from commit d66f070d49)

Conflicts:
	include/polarssl/config.h
	library/ssl_tls.c
2013-03-11 15:59:03 +01:00
Paul Bakker
6a229c1f8c Fixed timing difference resulting from badly formatted padding.
(cherry picked from commit 4582999be6)

Conflicts:
	ChangeLog
	library/ssl_tls.c
2013-03-11 15:56:17 +01:00
Paul Bakker
cb60e7c065 Allow enabling of dummy error_strerror() to support some use-cases
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.

Disable if you run into name conflicts and want to really remove the
error_strerror()
(cherry picked from commit 8fe40dcd7d)

Conflicts:
	ChangeLog
	programs/util/strerror.c
2013-03-11 15:50:35 +01:00
Paul Bakker
66a531b014 Bumped version numbers to 1.1.5 2013-01-16 14:06:28 +01:00
Paul Bakker
9406c12b1b Fixed typo 2013-01-16 14:02:02 +01:00
Paul Bakker
cf45a56631 Fixes for MSVC6
(cherry picked from commit 7a2538ee38)
2013-01-16 13:38:20 +01:00
Paul Bakker
5f5593a30e Handle encryption with private key and decryption with public key as per RFC 2313
(cherry picked from commit e6ee41f932)
2013-01-16 13:26:56 +01:00
Paul Bakker
c048493374 Memory leak when using RSA_PKCS_V21 operations fixed
(cherry picked from commit 40628bad98 and
from commit 02303e8be4)
2013-01-16 13:16:09 +01:00
Paul Bakker
5aef1e10f9 Fixed comments / typos
(cherry picked from commit 096348fa79)
2013-01-16 13:16:09 +01:00
Paul Bakker
089b70d5a6 Fixed doxygen blocks
(cherry picked from commit 77db6ce348)
2013-01-16 13:16:09 +01:00
Paul Bakker
144c3cc8ab Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
(cherry picked from commit 9daf0d0651)
2013-01-16 13:16:00 +01:00
Paul Bakker
0ae1f40299 Allow R and A to point to same mpi in mpi_div_mpi
(cherry picked from commit f02c5642d0 and
from commit 50546921ac)
2013-01-16 13:03:46 +01:00
Manuel Pégourié-Gonnard
f173e0ac74 Fixed segfault in mpi_shift_r(), Fixed memory leak in test_suite_mpi
(cherry picked from commit e44ec108be)
2013-01-16 12:52:17 +01:00
Paul Bakker
d8ee8440a7 mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
(cherry picked from commit f6198c1513)
2013-01-16 12:51:13 +01:00
Paul Bakker
7261cbaa91 Better checking for reading over buffer boundaries
(Partial cherry picked from commit 535e97dbab)
2013-01-16 12:44:01 +01:00
Paul Bakker
087e0379c5 Moved mpi_inv_mod() outside POLARSSL_GENPRIME
(cherry picked from commit d9374b05d6)

Conflicts:
	ChangeLog
2013-01-14 17:57:13 +01:00
Paul Bakker
b3351bd98e Added regression check for latest mpi_add_abs() issue
(cherry picked from commit 17a9790918)
2013-01-14 17:36:54 +01:00
Paul Bakker
bdaf68a492 Added bug to ChangeLog
(cherry picked from commit d4c2bd79fe)

Conflicts:
	ChangeLog
2013-01-14 17:36:53 +01:00
Paul Bakker
ebee076da6 Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover.
(cherry picked from commit 2d319fdfcb)
2013-01-14 17:36:52 +01:00
Paul Bakker
badc9bce1c Fixed test for 'trust extension' change
(cherry picked from commit 1a0f552030)
2013-01-14 17:36:51 +01:00
Paul Bakker
47f626184c Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
(cherry picked from commit b00ca42f2a)

Conflicts:
	ChangeLog (Moved message to 'Branch 1.1')
2013-01-14 17:36:49 +01:00
Paul Bakker
a4ed0c9a76 Fixed for SPARC64
(cherry picked from commit 4f024b7ba9)

Conflicts:
	ChangeLog (Moved to 'Branch 1.1')
2013-01-14 17:36:48 +01:00
Paul Bakker
0ea57e8c7a Fixed potential memory zeroization on miscrafted RSA key
(cherry picked from commit 3c16db9a10)

Conflicts:
	ChangeLog (Moved message to 'Branch 1.1')
2013-01-14 17:36:47 +01:00
Paul Bakker
9a120fd4f7 Added proper gitignores for Linux CMake use
(cherry picked from commit 25338d74ac)
2013-01-14 17:36:45 +01:00
Paul Bakker
ff47dec89d Added proper gitignores for linux compilation
(cherry picked from commit 90f309ffe7)
2013-01-14 17:36:39 +01:00
Paul Bakker
d36da11125 Version 1.1.4 2012-05-31 10:46:28 +00:00
Paul Bakker
8639578f58 - Correctly handle empty packets (Found by James Yonan) 2012-05-30 07:39:36 +00:00
Paul Bakker
ce30bdf624 - Fixed single RSA test that failed on Big Endian systems (Closes ticket #54) 2012-05-30 07:36:21 +00:00
Paul Bakker
7f113205bf - Merged 'Fixed potential heap corruption in x509_name allocation' into 1.1 branch 2012-05-30 07:33:49 +00:00
Paul Bakker
0715668eea 2012-05-30 07:33:30 +00:00