Commit Graph

549 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
fd35af1579 Fix off-by-one error in point format parsing 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
acbcbba860 Fix asm format of bn_mul.h for more portability
Found by Barry K. Nathan.

Quoting from http://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html:

"You can put multiple assembler instructions together in a single asm
template, separated by the characters normally used in assembly code for the
system. A combination that works in most places is a newline to break the
line, plus a tab character to move to the instruction field (written as
‘\n\t’). Sometimes semicolons can be used, if the assembler allows semicolons
as a line-breaking character. Note that some assembler dialects use semicolons
to start a comment."
2014-06-25 11:26:13 +02:00
Barry K. Nathan
35e7cb9aa6 Fix preprocessor checks for bn_mul PPC asm
On OS X, neither __powerpc__ nor __ppc__ is defined on PPC64, so the
asm code was only being used on PPC32.
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
d249b7ab9a Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
c4eff16516 Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
08485cca81 Fix SSL_BUFFER_LEN 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
eaa76f7e20 Fix computation of minlen for encrypted packets 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
0bcc4e1df7 Fix length checking for AEAD ciphersuites 2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard
3579522d31 Update Changelog for example configs changes 2014-06-24 17:33:54 +02:00
Manuel Pégourié-Gonnard
398c57b0b3 Blowfish accepts variable key len in cipher layer 2014-06-24 11:01:33 +02:00
Paul Bakker
3c38f29a61 Fix DER output of gen_key app (found by Gergely Budai) 2014-06-14 16:46:43 +02:00
Paul Bakker
3461772559 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-06-14 16:46:03 +02:00
Paul Bakker
c2ff2083ee Merge parsing and verification of RSASSA-PSS in X.509 modules 2014-06-12 22:02:47 +02:00
Paul Bakker
f51183a262 Revert deleted PolarSSL 1.3.4 release line in ChangeLog 2014-06-12 21:53:40 +02:00
Paul Bakker
863989bc81 Add LINK_WITH_PTHREAD to ChangeLog 2014-06-12 21:49:01 +02:00
Paul Bakker
49033ba0ac Update ChangeLog for external fixes 2014-06-12 21:46:13 +02:00
Manuel Pégourié-Gonnard
b479871956 Update Changelog for RSASSA-PSS in X.509 2014-06-07 11:21:52 +02:00
Manuel Pégourié-Gonnard
bf696d030b Make sig_opts non-optional in X509 structures
This simplifies the code.
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
cf975a3857 Factor out some common code 2014-06-02 16:12:46 +02:00
Paul Bakker
1ebc0c592c Fix typos 2014-05-22 15:47:58 +02:00
Paul Bakker
c6ece49890 Updated ChangeLog for CCM 2014-05-22 15:45:03 +02:00
Paul Bakker
0f651c7422 Stricter check on SSL ClientHello internal sizes compared to actual packet size 2014-05-22 15:12:19 +02:00
Paul Bakker
dff3139cc8 Updated ChangeLog 2014-05-22 15:06:41 +02:00
Paul Bakker
5593f7caae Fix typo in debug_print_msg() 2014-05-06 10:29:28 +02:00
Paul Bakker
47431b6d31 Updated ChangeLog for 1.3.7 to 2014-05-02 2014-05-02 13:27:13 +02:00
Paul Bakker
da13016d84 Prepped for 1.3.7 release 2014-05-01 14:27:19 +02:00
Barry K. Nathan
cf975f5988 Fix build with cc from Apple LLVM
On Xcode 4.x and above (I tested Xcode 4.6.3 on 10.7.5 and Xcode 5.5.1 on 10.9.2), cmake (2.8.12.2, whether from MacPorts or from clang.org, FWIW) is detecting /usr/bin/cc as Clang, but CMAKE_COMPILER_IS_CLANG is not getting set, so the tests aren't being built. (There may have been other build problems as well, but the fact that the tests weren't being built was by far the most obvious problem.)

Checking the compiler ID detected by cmake, rather than the name of the command used to invoke the compiler, fixes this.
2014-04-30 16:53:34 +02:00
Markus Pfeiffer
a26a005acf Make compilation on DragonFly work 2014-04-30 16:52:28 +02:00
Paul Bakker
2a024ac86a Merge dependency fixes 2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard
c16f4e1f78 Move RC4 ciphersuites down the list 2014-04-30 16:27:06 +02:00
Paul Bakker
8eab8d368b Merge more portable AES-NI 2014-04-30 16:21:08 +02:00
Paul Bakker
33dc46b080 Fix bug with mpi_fill_random() on big-endian 2014-04-30 16:20:39 +02:00
Paul Bakker
f96f7b607a On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-04-30 16:02:38 +02:00
Paul Bakker
6384440b13 Better support for the different Attribute Types from IETF PKIX (RFC 5280) 2014-04-30 15:34:12 +02:00
Paul Bakker
24f37ccaed rsa_check_pubkey() now allows an E up to N 2014-04-30 13:43:51 +02:00
Paul Bakker
0f90d7d2b5 version_check_feature() added to check for compile-time options at run-time 2014-04-30 11:49:44 +02:00
Paul Bakker
a70366317d Improve interop by not writing ext_len in ClientHello / ServerHello when 0
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard
3a306b9067 Fix misplaced #endif in ssl_tls.c 2014-04-29 15:11:17 +02:00
Manuel Pégourié-Gonnard
edc81ff8c2 Fix some more curve depends in X.509 tests 2014-04-29 15:10:40 +02:00
Manuel Pégourié-Gonnard
63a5bfe903 Update Changelog for AES-NI 2014-04-26 17:21:07 +02:00
Paul Bakker
c73079a78c Add debug_set_threshold() and thresholding of messages 2014-04-25 16:58:16 +02:00
Paul Bakker
92478c37a6 Debug module only outputs full lines instead of parts 2014-04-25 16:58:15 +02:00
Paul Bakker
eaebbd5eaa debug_set_log_mode() added to determine raw or full logging 2014-04-25 16:58:14 +02:00
Paul Bakker
61885c7f7f Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
2014-04-25 12:59:51 +02:00
Paul Bakker
fdba46885b cert_write app should use subject of issuer certificate as issuer of cert 2014-04-25 11:48:35 +02:00
Paul Bakker
4ffcd2f9c3 Typo in PKCS#11 module 2014-04-25 11:44:12 +02:00
Paul Bakker
10a9dd35ea Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c 2014-04-25 11:27:16 +02:00
Paul Bakker
088c5c5f18 POLARSSL_CONFIG_OPTIONS has been removed. Values are set individually
For the Platform module this requires the introduction of
POLARSSL_PLATFORM_NO_STD_FUNCTIONS to allow not performing the default
assignments.
2014-04-25 11:11:10 +02:00
Paul Bakker
e92f73d73b Updated ChangeLog 2014-04-18 14:08:26 +02:00
Paul Bakker
784b04ff9a Prepared for version 1.3.6 2014-04-11 15:33:59 +02:00
Manuel Pégourié-Gonnard
9655e4597a Reject certificates with times not in UTC 2014-04-11 13:59:36 +02:00
Manuel Pégourié-Gonnard
0776a43788 Use UTC to heck certificate validity 2014-04-11 13:59:31 +02:00
Paul Bakker
52c5af7d2d Merge support for verifying the extendedKeyUsage extension in X.509 2014-04-11 13:58:57 +02:00
Manuel Pégourié-Gonnard
78848375c0 Declare EC constants as 'const' 2014-04-11 13:58:41 +02:00
Paul Bakker
1630058dde Potential buffer overwrite in pem_write_buffer() fixed
Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.
2014-04-11 13:58:05 +02:00
Manuel Pégourié-Gonnard
b7fff0f9c6 Update Changelog for extendedKeyUsage 2014-04-11 11:32:39 +02:00
Paul Bakker
59366213cb Updated ChangeLog for keyUsage merge 2014-04-09 15:55:20 +02:00
Manuel Pégourié-Gonnard
2abed84225 Specific return code for PK sig length mismatch 2014-04-09 15:50:00 +02:00
Paul Bakker
1cfc45835f Add option 'use_dev_random' to gen_key application 2014-04-09 15:49:58 +02:00
Paul Bakker
17b85cbd69 Merged additional tests and improved code coverage
Conflicts:
	ChangeLog
2014-04-08 14:38:48 +02:00
Paul Bakker
0763a401a7 Merged support for the ALPN extension 2014-04-08 14:37:12 +02:00
Paul Bakker
4224bc0a4f Prevent potential NULL pointer dereference in ssl_read_record() 2014-04-08 14:36:50 +02:00
Paul Bakker
27e36d342c Support for the ALPN SSL extension (re-enabled in config.h) 2014-04-08 12:33:37 +02:00
Manuel Pégourié-Gonnard
8c045ef8e4 Fix embarrassing X.509 bug introduced in 9533765 2014-04-08 11:55:03 +02:00
Shuo Chen
95a0d118a9 Fix compile error when POLARSSL_ERROR_STRERROR_BC is undefined. 2014-04-08 10:53:51 +02:00
Manuel Pégourié-Gonnard
0148875cfc Add tests and fix bugs for RSA-alt contexts 2014-04-04 17:46:46 +02:00
Manuel Pégourié-Gonnard
3fec220a33 Add test for dhm_parse_dhmfile 2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard
7afdb88216 Test and fix x509_oid functions 2014-04-04 16:34:30 +02:00
Paul Bakker
4984d3c0b8 Updated ChangeLog for x509_crt_info() change 2014-04-04 15:39:37 +02:00
Manuel Pégourié-Gonnard
887aa5b381 Fix include path in ecdsa.h 2014-04-04 13:57:20 +02:00
Manuel Pégourié-Gonnard
e442111e29 Fix typo which broke ENTROPY_FORCE_SHA256 2014-04-02 13:50:05 +02:00
Manuel Pégourié-Gonnard
74bc68ac62 Fix default #define for malloc/free 2014-04-02 13:20:00 +02:00
Paul Bakker
75a2860f26 Potential memory leak in mpi_exp_mod() when error occurs during
calculation of RR.
2014-03-31 12:08:17 +02:00
Manuel Pégourié-Gonnard
dd75c3183b Remove potential timing leak in ecdsa_sign() 2014-03-31 11:55:42 +02:00
Manuel Pégourié-Gonnard
6b0d268bc9 Add ssl_close_notify() to servers that missed it 2014-03-31 11:28:11 +02:00
Manuel Pégourié-Gonnard
969ccc6289 Fix length checking of various ClientKeyExchange's 2014-03-27 21:10:56 +01:00
Paul Bakker
96d5265315 Made ready for release 1.3.5 2014-03-26 16:55:50 +01:00
Paul Bakker
5fff23b92a x509_get_current_time() uses localtime_r() to prevent thread issues 2014-03-26 15:34:54 +01:00
Paul Bakker
77f4f39ea6 Make sure no random pointer occur during failed malloc()'s 2014-03-26 15:30:20 +01:00
Paul Bakker
91c61bc4fd Further tightened the padlen check to prevent underflow / overflow 2014-03-26 15:14:20 +01:00
Paul Bakker
674e0b015a Improvements to tests/Makefile when using shared library 2014-03-26 13:26:52 +01:00
Manuel Pégourié-Gonnard
7a2aba8d81 Deprecate some non-PK compatibility functions
(Should have been deprecated in 1.3.0 already.)
2014-03-26 12:58:52 +01:00
Manuel Pégourié-Gonnard
b2bf5a1bbb Fix possible buffer overflow with PSK 2014-03-26 12:58:50 +01:00
Manuel Pégourié-Gonnard
fdddac90a6 Fix stupid bug in rsa_copy() 2014-03-26 12:58:49 +01:00
Paul Bakker
66ff70dd48 Support for seed file writing and reading in Entropy 2014-03-26 11:58:07 +01:00
Manuel Pégourié-Gonnard
86b400f0e0 Update Changelog 2014-03-19 16:55:29 +01:00
Paul Bakker
6a8e7f82b3 Added ChangeLog lines for new SSL tests 2014-03-17 13:45:06 +01:00
Paul Bakker
b0695ced31 Fixed spaces in ChangeLog 2014-03-17 13:42:23 +01:00
Paul Bakker
3d6504a935 ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr 2014-03-17 13:41:51 +01:00
Paul Bakker
a4b0343edf Merged massive SSL Testing improvements 2014-03-14 16:30:36 +01:00
Manuel Pégourié-Gonnard
bb8661e006 Work around a compiler bug on OS X. 2014-03-14 09:21:20 +01:00
Manuel Pégourié-Gonnard
d701c9aec9 Fix memory leak in server with expired tickets 2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
84c30c7e83 Fix memory leak in ssl_cache 2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
145dfcbfc2 Fix bug with NewSessionTicket and non-blocking I/O 2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
dfbf9c711d Fix bug in m_sleep() 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
274a12e17c Fix bug with ssl_cache and max_entries=0 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
14ed1a2934 Update changelog for cmake changes 2014-03-13 19:25:06 +01:00
Alex Wilson
7349142ce7 Don't try to use MIPS32 asm macros on MIPS64
The MIPS32 bn_mul asm code causes segfaults on MIPS64 and failing
tests. Until someone has time to fix this up, MIPS64 platforms should
fall back to the C implementation (which works fine).
2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
844a4c0aef Fix RSASSA-PSS example programs 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
83cdffc437 Forbid sequence number wrapping 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
9533765b25 Reject certs and CRLs from the future 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
29dcc0b93c Fix depend issues in test suites for cipher modes 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
796c6f3aff Countermeasure against "triple handshake" attack 2014-03-13 19:25:06 +01:00
Paul Bakker
3d52ab76f6 Fixed CMake symlinking on out-of-source builds 2014-03-07 10:33:55 +01:00
Manuel Pégourié-Gonnard
47fc5ae400 Fxi typo 2014-02-20 15:56:43 +01:00
Manuel Pégourié-Gonnard
6b1e207081 Fix verion-major intolerance 2014-02-12 10:14:54 +01:00
Manuel Pégourié-Gonnard
c9093085ed Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
2014-02-12 09:39:59 +01:00
Manuel Pégourié-Gonnard
6df09578bb Revert "Mutex call in x509_crt.c depended on PTHREAD specific instead of generic"
This reverts commit 9eae7aae80.
2014-02-12 09:29:05 +01:00
Paul Bakker
2ceda57989 Ability to force the Entropy module to use SHA-256 as its basis
By default the SHA-512 module is used if both are available. On some
systems, SHA-256 is the better choice.

Contributed by: Gergely Budai
2014-02-06 15:55:25 +01:00
Paul Bakker
cd6d69a414 Fixed testing with out-of-source builds using cmake 2014-02-06 15:44:11 +01:00
Paul Bakker
f2561b3f69 Ability to provide alternate timing implementation 2014-02-06 15:32:26 +01:00
Paul Bakker
47703a0a80 More entropy functions made thread-safe (add_source, update_manual, gather) 2014-02-06 15:01:20 +01:00
Paul Bakker
9eae7aae80 Mutex call in x509_crt.c depended on PTHREAD specific instead of generic
threading
2014-02-06 14:51:53 +01:00
Paul Bakker
6a28e722c9 Merged platform compatibility layer 2014-02-06 13:44:19 +01:00
Paul Bakker
ab50d8d30c Merged RSA-PSS support in Certificate, CSR and CRL 2014-02-06 13:14:56 +01:00
Paul Bakker
e31b1d992a Added Curve preference order to ChangeLog 2014-02-06 13:08:02 +01:00
Manuel Pégourié-Gonnard
fbf0915404 Fix bug in RSA PKCS#1 v1.5 "reversed" operations 2014-02-05 17:01:24 +01:00
Paul Bakker
5fb8efe71e Merged HMAC-DRBG code 2014-02-05 15:55:18 +01:00
Manuel Pégourié-Gonnard
6e8e34d61e Fix ecp_gen_keypair()
Too few tries caused failures for some curves (esp. secp224k1)
2014-02-05 15:53:45 +01:00
Paul Bakker
2cb1a0c400 Fixed indication for TrustInSoft fix 2014-01-27 13:36:23 +01:00
Paul Bakker
b84582b7a6 Fixed up ChangeLog with missing bug fixes 2014-01-27 12:23:43 +01:00
Paul Bakker
2aca241425 Ready for release 1.3.4 2014-01-27 11:59:30 +01:00
Paul Bakker
e6c2ddb0b8 Updated ChangeLog with deterministic ECDSA 2014-01-27 11:59:29 +01:00
Paul Bakker
42099c3155 Revert "Add pk_rsa_set_padding() and rsa_set_padding()"
This reverts commit b4fae579e8.

Conflicts:
	library/pk.c
	tests/suites/test_suite_pk.data
	tests/suites/test_suite_pk.function
2014-01-27 11:59:29 +01:00
Manuel Pégourié-Gonnard
5cac583482 Factor out some common code 2014-01-25 12:48:58 +01:00
Paul Bakker
d75ba40cc3 SMTP lines are officially terminated with CRLF, ssl_mail_client fixed 2014-01-24 16:12:18 +01:00
Paul Bakker
556efba51c Added AES CFB8 mode 2014-01-24 15:38:12 +01:00
Paul Bakker
5862eee4ca Merged RIPEMD-160 support 2014-01-22 14:18:34 +01:00
Paul Bakker
0ac99ca7bc Merged support for secp224k1, secp192k1 and secp25k1 2014-01-22 13:10:48 +01:00
Paul Bakker
3eb9673e19 Updated ChangeLog with recent changes 2014-01-22 13:08:19 +01:00
Paul Bakker
a8fd3e31ed Removed POLARSSL_THREADING_DUMMY option 2013-12-31 11:54:08 +01:00
Paul Bakker
6992eb762c Fixed potential overflow in certificate size in ssl_write_certificate() 2013-12-31 11:38:33 +01:00
Paul Bakker
6ea1a95ce8 Added missing MPI_CHK() around some statements 2013-12-31 11:17:14 +01:00
Paul Bakker
5bc07a3d30 Prepped for 1.3.3 2013-12-31 10:57:44 +01:00
Paul Bakker
c73879139e Merged ECP memory usage optimizations 2013-12-31 10:33:47 +01:00
Paul Bakker
956c9e063d Reduced the input / output overhead with 200+ bytes and covered corner
case

The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.

Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.

We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
2013-12-30 15:00:51 +01:00
Paul Bakker
f9c4953e39 Added version of the SSL pthread server example 2013-12-30 14:55:54 +01:00
Paul Bakker
23116fdb53 Merged AES-NI support for AES, AES-GCM and AES key scheduling 2013-12-30 14:10:35 +01:00
Paul Bakker
1a56fc96a3 Fixed x509_crt_parse_path() bug on Windows platforms 2013-12-19 13:52:33 +01:00
Paul Bakker
5a607d26b7 Merged IPv6 support in the NET module 2013-12-17 14:34:19 +01:00
Paul Bakker
5ab68ba679 Merged storing curves fully in ROM 2013-12-17 13:11:18 +01:00
Paul Bakker
fdf946928d Merged support for ECDH-RSA / ECDH-ECDSA key exchanges and ciphersuites 2013-12-17 13:10:27 +01:00
Paul Bakker
f70fe81a6e Fixed memory leak in benchmark application 2013-12-17 13:09:12 +01:00
Paul Bakker
6f0636a09f Potential memory leak in ssl_ticket_keys_init() 2013-12-17 13:09:12 +01:00
Paul Bakker
48d78a5e60 Merged support for Curve25519 2013-12-05 16:12:40 +01:00
Manuel Pégourié-Gonnard
9a4a5ac4de Fix bug in mpi_set_bit 2013-12-05 15:58:38 +01:00
Paul Bakker
b14817d10a Updated ChangeLog for splitting off curves from ecp.c 2013-12-02 22:03:23 +01:00
Paul Bakker
9dc53a9967 Merged client ciphersuite order preference option 2013-12-02 14:56:27 +01:00
Paul Bakker
014f143c2a Merged EC key generation support 2013-12-02 14:55:09 +01:00
Paul Bakker
4040d7e95c Merged more constant-time checking in RSA 2013-12-02 14:53:23 +01:00