yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 03:14:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,252 Commits 88 Branches 205 Tags 69 MiB
9aff65afa4
Commit Graph

3137 Commits

Author SHA1 Message Date
Jaeden Amero
1fc4d33f5f Update version to 2.7.3 2018-04-27 13:15:45 +01:00
Jaeden Amero
07d1d5f270 Merge remote-tracking branch 'upstream-restricted/pr/473' into mbedtls-2.7-restricted-proposed 
Remove trailing whitespace in ChangeLog.
 2018-04-26 09:07:15 +01:00
Jaeden Amero
402256184a Merge branch 'mbedtls-2.7-proposed' into mbedtls-2.7-restricted-proposed 
Resolve conflicts in ChangeLog.
 2018-04-26 09:03:51 +01:00
Andrzej Kurek
6608096544 Change accepted ciphersuite versions when parsing server hello 
Accept only ciphersuites for version chosen by the server
 2018-04-25 05:28:08 -04:00
Andrzej Kurek
149f3a4d73 Change variable bytes_written to header_bytes in record decompression 
The name is changed to better reflect the input, decompression case
 2018-04-24 06:32:44 -04:00
Andrzej Kurek
c3a3e2df0e ssl_tls: Fix invalid buffer sizes during compression / decompression 
Adjust information passed to zlib to include already written data.
 2018-04-23 08:39:13 -04:00
Mohammad Azim Khan
0acbd7df03 Same ciphersuite validation in server and client hello 2018-04-20 19:58:37 +01:00
Manuel Pégourié-Gonnard
8bce3685f5 Merge remote-tracking branch 'restricted/pr/468' into mbedtls-2.7-restricted-proposed 
* restricted/pr/468:
  Improve comments style
  Remove a redundant test
  Add buffer size check before cert_type_len read
  Update change log
  Add a missing buffer size check
  Correct buffer size check
 2018-04-18 12:21:36 +02:00
Krzysztof Stachowiak
affb4f8e90 Improve comments style 2018-04-10 13:43:23 +02:00
Krzysztof Stachowiak
5ca4c5a15d Remove a redundant test 2018-04-10 13:43:17 +02:00
Krzysztof Stachowiak
314f16136f Add buffer size check before cert_type_len read 2018-04-10 13:43:10 +02:00
Krzysztof Stachowiak
071f9a3e47 Add a missing buffer size check 2018-04-04 13:44:04 +02:00
Krzysztof Stachowiak
3d8663b4f9 Correct buffer size check 
Further in the code the next field from the binary buffer is read. The
check contained an off by one error.
 2018-04-04 13:43:00 +02:00
Jaeden Amero
d8e0cec63b Merge remote-tracking branch 'upstream-public/pr/1464' into mbedtls-2.7-proposed 2018-04-03 18:27:54 +01:00
Jaeden Amero
b5f53b1039 Merge remote-tracking branch 'upstream-public/pr/1401' into mbedtls-2.7-proposed 2018-04-03 12:09:45 +01:00
Jaeden Amero
e7dc46240d Merge remote-tracking branch 'upstream-public/pr/1543' into mbedtls-2.7-proposed 2018-04-03 12:03:30 +01:00
mohammad1603
29ed80f79f Fix compatibility problem in the printed message 
Replace %zu with %lu and add cast for the printed value.
 2018-04-02 07:34:26 -07:00
Gilles Peskine
595c84a7b1 Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed 2018-04-01 12:41:29 +02:00
Gilles Peskine
a0e03a81a7 Merge branch 'pr_1538' into mbedtls-2.7-proposed 2018-04-01 12:35:50 +02:00
Gilles Peskine
cc78ac46e7 Update error.c 2018-03-30 18:52:10 +02:00
Gilles Peskine
5114d3e4e1 Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH 
Clarify what MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH and
MBEDTLS_ERR_PK_SIG_LEN_MISMATCH mean. Add comments to highlight that
this indicates that a valid signature is present, unlike other error
codes. See
https://github.com/ARMmbed/mbedtls/pull/1149#discussion_r178130705
 2018-03-30 18:43:16 +02:00
Andy Leiserson
38a29ee5d0 return plaintext data faster on unpadded decryption 2018-03-29 08:39:55 -04:00
Jaeden Amero
38e37bdd56 Merge remote-tracking branch 'upstream-public/pr/1529' into mbedtls-2.7-proposed 2018-03-29 11:00:09 +01:00
mohammad1603
44a6a688c8 Check whether INT_MAX larger than SIZE_MAX scenario 
Check whether INT_MAX larger than SIZE_MAX scenario
 2018-03-28 23:45:33 -07:00
Jaeden Amero
5166a188eb Merge remote-tracking branch 'upstream-public/pr/1468' into mbedtls-2.7-proposed 2018-03-28 15:36:36 +01:00
Jaeden Amero
0d891042d1 Merge remote-tracking branch 'upstream-public/pr/1524' into mbedtls-2.7-proposed 2018-03-28 15:33:45 +01:00
Jaeden Amero
ef59b732c2 Merge remote-tracking branch 'upstream-public/pr/1479' into mbedtls-2.7-proposed 2018-03-28 14:21:19 +01:00
Jethro Beekman
004e37117c Fix parsing of PKCS#8 encoded Elliptic Curve keys. 
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
 2018-03-28 11:29:21 +02:00
Andres Amaya Garcia
24e8283309 Fix coding style in pkcs5.c preprocessor directives 2018-03-27 21:25:53 +01:00
Marcos Del Sol Vives
a1bc0e25b7 Compile PBES2 in PKCS5 only if ASN1 is enabled 2018-03-27 21:25:52 +01:00
Andres Amaya Garcia
2f1595238a Allow overriding ar param prefix in library/Makefile 2018-03-26 00:08:36 +01:00
Andres Amaya Garcia
2679c1c81e Make DLEXT var configurable in library/Makefile 2018-03-26 00:08:33 +01:00
Jaeden Amero
877c6dcf22 Merge remote-tracking branch 'upstream-restricted/pr/456' into mbedtls-2.7 2018-03-23 11:19:43 +00:00
Gilles Peskine
2cfeb887b4 Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted 
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
 2018-03-23 02:12:44 +01:00
mohammad1603
2ea2d686e2 Verify that f_send and f_recv send and receive the expected length 
Verify that f_send and f_recv send and receive the expected length

Conflicts:
	ChangeLog
 2018-03-22 14:56:28 -07:00
Gilles Peskine
d675986506 Merge remote-tracking branch 'upstream-public/pr/1256' into mbedtls-2.7-proposed 2018-03-22 21:52:01 +01:00
Gilles Peskine
8980da5caf Merge remote-tracking branch 'myfork/pr_726' into mbedtls-2.7-proposed 2018-03-22 21:49:43 +01:00
Gergely Budai
8190678c01 Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:13:08 +00:00
Mitsuhiro Nakamura
1e3c00090a Fix dylib linking 2018-03-21 11:18:09 +00:00
Gilles Peskine
21701305ce Robustness fix in mbedtls_ssl_derive_keys 
In mbedtls_ssl_derive_keys, don't call mbedtls_md_hmac_starts in
ciphersuites that don't use HMAC. This doesn't change the behavior of
the code, but avoids relying on an uncaught error when attempting to
start an HMAC operation that hadn't been initialized.
 2018-03-20 18:41:25 +01:00
mohammad1603
b11af86daf Avoid wraparound on in_left 
Avoid wraparound on in_left
 2018-03-19 07:18:13 -07:00
Jaeden Amero
9ae1fba869 Update version to 2.7.2 2018-03-16 16:30:17 +00:00
Jaeden Amero
c9908f010a Merge remote-tracking branch 'upstream-public/pr/1064' into mbedtls-2.7-restricted-proposed 2018-03-15 14:58:24 +00:00
Jaeden Amero
e0b1a73c56 Merge remote-tracking branch 'upstream-restricted/pr/464' into mbedtls-2.7-restricted-proposed 2018-03-15 14:36:47 +00:00
Jaeden Amero
73923e1575 Merge remote-tracking branch 'upstream-restricted/pr/459' into mbedtls-2.7-restricted-proposed 2018-03-15 14:36:22 +00:00
Jaeden Amero
8a032e6051 Merge branch 'mbedtls-2.7-proposed' into mbedtls-2.7-restricted-proposed 2018-03-15 14:35:47 +00:00
Jaeden Amero
32ae73b289 Merge remote-tracking branch 'upstream-public/pr/1448' into mbedtls-2.7-proposed 2018-03-15 14:33:29 +00:00
Jaeden Amero
100273ddfb Merge remote-tracking branch 'upstream-public/pr/1449' into mbedtls-2.7-proposed 2018-03-15 14:32:54 +00:00
Jaeden Amero
e1c916ca5e Merge remote-tracking branch 'upstream-public/pr/1451' into mbedtls-2.7-proposed 2018-03-15 08:34:33 +00:00
Krzysztof Stachowiak
b5609f3ca5 Prevent arithmetic overflow on bould check 2018-03-14 11:41:47 +01:00