yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 15:15:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,484 Commits 88 Branches 205 Tags 69 MiB
a36fe37429
Commit Graph

1408 Commits

Author SHA1 Message Date
Simon Butcher
a36fe37429 Revised and clarified ChangeLog 
Minor changes to fix language, merge mistakes and incorrect classifications of
changes.
 2018-08-31 12:00:58 +01:00
Simon Butcher
242169bdc3 Merge remote-tracking branch 'restricted/pr/498' into mbedtls-2.7-restricted 2018-08-28 15:29:55 +01:00
Simon Butcher
6910201cd1 Merge remote-tracking branch 'restricted/pr/493' into mbedtls-2.7-restricted 2018-08-28 15:23:39 +01:00
Simon Butcher
fbd0ccc0f0 Merge remote-tracking branch 'public/pr/1978' into mbedtls-2.7 2018-08-28 12:32:21 +01:00
Simon Butcher
4102b3d377 Merge remote-tracking branch 'public/pr/1888' into mbedtls-2.7 2018-08-28 12:25:12 +01:00
Simon Butcher
cc4f58d08c Merge remote-tracking branch 'public/pr/1956' into mbedtls-2.7 2018-08-28 12:16:11 +01:00
Simon Butcher
f7be6b029e Merge remote-tracking branch 'public/pr/1960' into mbedtls-2.7 2018-08-28 11:51:56 +01:00
Hanno Becker
20b5d14b28 Adapt ChangeLog 2018-08-23 15:14:51 +01:00
Hanno Becker
f38db01c42 Adapt ChangeLog 2018-08-17 10:12:23 +01:00
Hanno Becker
517e84a0e3 Improve ChangeLog wording for the commmit that Fixes #1954. 2018-08-17 10:04:08 +01:00
Hanno Becker
4a4c04dc9c Adapt ChangeLog 2018-08-16 15:53:02 +01:00
Hanno Becker
8058800d54 Adapt ChangeLog 2018-08-14 15:48:41 +01:00
Jaeden Amero
9eb78b4dab Merge remote-tracking branch 'upstream-public/pr/1900' into mbedtls-2.7 
Add a Changelog entry
 2018-08-10 11:26:15 +01:00
Jaeden Amero
f37a99e3fc Merge remote-tracking branch 'upstream-public/pr/1814' into mbedtls-2.7 2018-08-10 11:01:29 +01:00
Jaeden Amero
3b69174852 Merge remote-tracking branch 'upstream-public/pr/1886' into mbedtls-2.7 2018-08-10 10:50:34 +01:00
Simon Butcher
51a46b9b38 Add ChangeLog entry for bug #1890 2018-07-30 22:15:14 +01:00
Philippe Antoine
84cc74e82b Fix undefined shifts 
- in x509_profile_check_pk_alg
- in x509_profile_check_md_alg
- in x509_profile_check_key

and in ssl_cli.c : unsigned char gets promoted to signed integer
 2018-07-26 22:49:42 +01:00
Simon Butcher
5ef42fd415 Merge remote-tracking branch 'restricted/pr/500' into mbedtls-2.7-restricted 2018-07-26 14:33:14 +01:00
Angus Gratton
cb7a5b0b0c Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails 
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can
happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but
hasn't been asigned to grp->T yet).

Symptom was a memory leak in ECDHE key exchange under low memory conditions.
 2018-07-26 11:08:06 +03:00
Simon Butcher
a64621929f Clarify Changelog entries 
Corrected some style issues, and moved some entries from bugfixes to changes.
 2018-07-25 17:30:20 +01:00
Jaeden Amero
8385110ae8 Update version to 2.7.5 2018-07-25 15:43:21 +01:00
Simon Butcher
7daacda940 Merge remote-tracking branch 'restricted/pr/494' into mbedtls-2.7 2018-07-24 23:40:53 +01:00
Simon Butcher
b47e0a68ab Merge remote-tracking branch 'public/pr/1805' into mbedtls-2.7 2018-07-24 13:16:25 +01:00
Simon Butcher
a8ee41ce80 Revise ChangeLog entry for empty data records fixes 2018-07-24 12:59:21 +01:00
Simon Butcher
d5a3ed36b8 Merge remote-tracking branch 'public/pr/1863' into mbedtls-2.7 2018-07-24 12:57:15 +01:00
Simon Butcher
b65d6ce83f Merge remote-tracking branch 'public/pr/1870' into mbedtls-2.7 2018-07-24 10:30:11 +01:00
Simon Butcher
c6a0fd8e83 Add ChangeLog entry for #1098 fix. 2018-07-24 10:17:36 +01:00
Simon Butcher
48883cd800 Merge remote-tracking branch 'public/pr/1780' into mbedtls-2.7 2018-07-20 14:40:51 +01:00
Simon Butcher
7924d93209 Fix ChangeLog entry for issue #1663 
The ChangeLog entry was under the wrong version, and under Changes, not
Bug Fixes.
 2018-07-19 19:54:18 +01:00
Simon Butcher
bc5ec41c01 Merge remote-tracking branch 'public/pr/1847' into mbedtls-2.7 2018-07-19 19:48:25 +01:00
Simon Butcher
be347c6e21 Merge remote-tracking branch 'public/pr/1849' into mbedtls-2.7 2018-07-19 16:13:07 +01:00
Ron Eldor
8839e31fbc Update ChangeLog 
Remove extra entries added by a bad cherry-pick.
 2018-07-17 14:13:53 +03:00
Andres Amaya Garcia
8e346dc793 Add ChangeLog entry for empty app data fix 2018-07-16 20:14:53 +01:00
Angus Gratton
8946b0dd30 Check for invalid short Alert messages 
(Short Change Cipher Spec & Handshake messages are already checked for.)
 2018-07-16 20:12:56 +01:00
Angus Gratton
1ba8e911ec CBC mode: Allow zero-length message fragments (100% padding) 
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
 2018-07-16 20:12:47 +01:00
k-stachowiak
55bea65ca9 Update change log 2018-07-16 12:30:48 +02:00
Manuel Pégourié-Gonnard
aba8c5bb3d Clarify attack conditions in the ChangeLog. 
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
 2018-07-12 10:18:37 +02:00
Manuel Pégourié-Gonnard
aeeaaf271c Add counter-measure to cache-based Lucky 13 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.

A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).

Let's make sure they're always read.
 2018-07-12 10:18:37 +02:00
Manuel Pégourié-Gonnard
5fcfd0345d Fix Lucky 13 cache attack on MD/SHA padding 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
 2018-07-12 10:18:37 +02:00
Simon Butcher
a063fff51a Fix Changelog entry for #1533 fix as a Change not a bugfix 2018-07-10 15:20:26 +01:00
Simon Butcher
28f68a3d15 Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7 2018-07-10 14:58:51 +01:00
Simon Butcher
a159d64e86 Merge remote-tracking branch 'public/pr/1827' into mbedtls-2.7 2018-07-10 12:50:16 +01:00
Gilles Peskine
b2d88404a3 Add ChangeLog entry 2018-07-10 13:05:11 +02:00
k-stachowiak
6cba569e3f Update change log 2018-07-09 14:45:00 +02:00
Philippe Antoine
33e5c32a5b Fixes different off by ones 2018-07-09 10:39:02 +02:00
Ron Eldor
98848f020c Minor fixes 
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
 2018-07-05 15:01:51 +03:00
Simon Butcher
318cd2cc93 Add ChangeLog entry for #992 fix 2018-07-02 12:14:30 +01:00
Simon Butcher
c6bf5b4953 Add fix for #1550 and credit to the ChangeLog 2018-07-01 17:10:30 +01:00
niisato
2120ef85c7 Add ChangeLog 2018-06-29 11:25:02 +01:00
Ron Eldor
6a5d6e2295 Update ChangeLog 
Update ChangeLog with a less ambigous description.
 2018-06-28 15:50:47 +03:00