Commit Graph

5167 Commits

Author SHA1 Message Date
Hanno Becker
a359f2764c Add dependency of pkwrite test suite on pkparse module 2018-10-16 13:58:12 +01:00
Hanno Becker
c2eba85d70 Add dependency of key_app_writer example program on PK parse module 2018-10-16 13:58:05 +01:00
Hanno Becker
9928807a62 Duplicate mbedtls_asn1_find_named_data in asn1write.c to avoid dep.
This commit duplicates the public function mbedtls_asn1_find_named_data()
defined in library/asn1parse.c within library/asn1write.c in order to
avoid a dependency of the ASN.1 writing module on the ASN.1 parsing module.

The duplication is unproblematic from a semantic and an efficiency
perspective becasue it is just a short list traversal that doesn't
actually do any ASN.1 parsing.
2018-10-16 13:58:01 +01:00
Hanno Becker
5e0f4a5e48 Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C
Previously, mbedtls_pkcs5_pbes2() was unconditionally declared
in `pkcs5.h` but defined as a stub returning
`MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE` in case
MBEDTLS_ASN1_PARSE_C was not defined.

In line with the previous commits, this commit removes declaration
and definition from both `pkcs5.h` and `pkcs5.c` in case
MBEDTLS_ASN1_PARSE_C is not defined.
2018-10-16 13:57:57 +01:00
Hanno Becker
027c1f2470 Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:57:53 +01:00
Hanno Becker
bc9ae7a7ae Guard PK-parse module by ASN.1-parse module in check_config.h 2018-10-16 13:57:30 +01:00
Simon Butcher
5bcbd4e7f4 Add ChangeLog entry for PR #1811 2018-09-26 23:03:56 +01:00
Simon Butcher
6a5ced41f2 Merge remote-tracking branch 'public/pr/1811' into mbedtls-2.1 2018-09-26 23:02:07 +01:00
Simon Butcher
86d32e690c Merge remote-tracking branch 'public/pr/1973' into mbedtls-2.1 2018-09-26 22:40:09 +01:00
Simon Butcher
0624b76361 Merge remote-tracking branch 'public/pr/1898' into mbedtls-2.1 2018-09-26 22:01:33 +01:00
Simon Butcher
96e0d8ebfc Clarified ChangeLog entry
ChangeLog entry for backport of #1890 was misleading, so corrected it.
2018-09-13 12:05:40 +01:00
Simon Butcher
c4a33d54cf
Merge pull request #507 from sbutcher-arm/mbedtls-version-2.1.15
Update library version number to 2.1.15
2018-08-31 17:29:47 +01:00
Simon Butcher
d3a5393a38 Update library version number to 2.1.15 2018-08-31 16:10:48 +01:00
Simon Butcher
cb9f70e23d Fix misclassification of bug in Changelog 2018-08-31 12:01:43 +01:00
Andrzej Kurek
10108318e8 ssl-opt.sh: change expected output for large srv packet test with SSLv3
This test also exercises a protection against BEAST
and should expect message splitting.
2018-08-29 06:46:50 -04:00
Andrzej Kurek
9b89e3664f Remove trailing whitespace 2018-08-29 06:46:27 -04:00
Andrzej Kurek
85e411f813 ssl_server2: add buffer overhead for a termination character
Switch to mbedtls style of memory allocation
2018-08-29 06:46:27 -04:00
Andrzej Kurek
4115a8cf47 Add missing large and small packet tests for ssl_server2 2018-08-29 06:46:27 -04:00
Andrzej Kurek
f4f59c0429 Added buffer_size and response_size options for ssl-server2.
Added appropriate tests.
2018-08-29 06:46:27 -04:00
Simon Butcher
8d408fac1d Merge remote-tracking branch 'restricted/pr/438' into mbedtls-2.1-restricted 2018-08-28 15:35:41 +01:00
Simon Butcher
9add36bbcb Merge remote-tracking branch 'restricted/pr/497' into mbedtls-2.1-restricted 2018-08-28 15:31:41 +01:00
Simon Butcher
d22de0aaa7 Merge remote-tracking branch 'restricted/pr/492' into mbedtls-2.1-restricted 2018-08-28 15:23:56 +01:00
Simon Butcher
7a47cbca16 Merge remote-tracking branch 'public/pr/1137' into mbedtls-2.1 2018-08-28 12:33:27 +01:00
Simon Butcher
85e5bfd00c Merge remote-tracking branch 'public/pr/1889' into mbedtls-2.1 2018-08-28 12:26:33 +01:00
Simon Butcher
263ca7282e Merge remote-tracking branch 'public/pr/1957' into mbedtls-2.1 2018-08-28 12:17:38 +01:00
Simon Butcher
d288ac0e83 Merge remote-tracking branch 'public/pr/1959' into mbedtls-2.1 2018-08-28 11:53:47 +01:00
Simon Butcher
1c5e4c2258 Merge remote-tracking branch 'public/pr/1980' into mbedtls-2.1 2018-08-28 10:18:48 +01:00
Hanno Becker
badbe80c7f pk_encrypt: Uniformize debugging output 2018-08-23 15:56:55 +01:00
Hanno Becker
6b1b598c2f Fix typos in programs/x509/cert_write.c
Fixes #1922.
2018-08-23 15:26:55 +01:00
Hanno Becker
b31e9dad60 Minor formatting improvements in pk_encrypt and pk_decrypt examples 2018-08-23 15:13:12 +01:00
Hanno Becker
47a34ff29e Adapt ChangeLog 2018-08-23 15:12:24 +01:00
Hanno Becker
7cee15e967 Correct memory leak in pk_decrypt example program 2018-08-23 15:12:23 +01:00
Hanno Becker
34cbd7e536 Correct memory-leak in pk_encrypt example program 2018-08-23 15:12:22 +01:00
Hanno Becker
1a60330e08 Adapt ChangeLog 2018-08-22 15:05:36 +01:00
Hanno Becker
d636dd0cbb Fix bug in SSL ticket implementation removing keys of age < 1s
Fixes #1968.
2018-08-22 15:05:07 +01:00
Hanno Becker
16fe2fd15a ssl-opt.sh: Add DTLS session resumption tests
Fixes #1969.
2018-08-22 15:05:07 +01:00
Jaeden Amero
6b7b35b127 Merge remote-tracking branch 'upstream-public/pr/1952' into mbedtls-2.1 2018-08-17 15:31:51 +01:00
Hanno Becker
42d267bbe4 Compute record expansion in steps to ease readability 2018-08-17 15:29:48 +01:00
Jaeden Amero
b4d3c5ad11 Merge remote-tracking branch 'upstream-public/pr/1945' into mbedtls-2.1 2018-08-17 14:27:02 +01:00
Hanno Becker
d3475498e5 Adapt ChangeLog 2018-08-17 10:11:31 +01:00
Hanno Becker
07eb7ca17c Fix mbedtls_ssl_get_record_expansion() for CBC modes
`mbedtls_ssl_get_record_expansion()` is supposed to return the maximum
difference between the size of a protected record and the size of the
encapsulated plaintext.

Previously, it did not correctly estimate the maximum record expansion
in case of CBC ciphersuites in (D)TLS versions 1.1 and higher, in which
case the ciphertext is prefixed by an explicit IV.

This commit fixes this bug. Fixes #1914.
2018-08-17 10:11:28 +01:00
Hanno Becker
10652b10d9 Improve ChangeLog wording for the commmit that Fixes #1954. 2018-08-17 10:03:48 +01:00
Hanno Becker
a24ed19a5d Add tests for empty CA list in CertificateRequest, TLS 1.0 & 1.1 2018-08-17 10:03:48 +01:00
Hanno Becker
10195ab853 Adapt ChangeLog 2018-08-16 15:53:17 +01:00
Hanno Becker
9e2237ac47 Fix overly strict bounds check in ssl_parse_certificate_request() 2018-08-16 15:53:17 +01:00
Mohammad Azim Khan
4c01904819 Fix Wformat-overflow warning in ssl_mail_client.c
sprintf( (char *) buf, "%s\r\n", base );
 Above code generates Wformat-overflow warning since both buf and base
are of same size. buf should be sizeof( base ) + characters added in
the format. In this case format 2 bytes for "\r\n".
2018-08-16 14:33:03 +01:00
Hanno Becker
048dba33cf Adapt ChangeLog 2018-08-14 15:50:07 +01:00
Hanno Becker
3328d8cf88 Reset session_in/out pointers in ssl_session_reset_int()
Fixes #1941.
2018-08-14 15:50:02 +01:00
Jaeden Amero
942cfea65f Merge remote-tracking branch 'upstream-public/pr/1815' into mbedtls-2.1 2018-08-10 11:00:40 +01:00
Jaeden Amero
e3bcd9a432 Merge remote-tracking branch 'upstream-public/pr/1887' into mbedtls-2.1 2018-08-10 10:50:03 +01:00