Gilles Peskine
a0af95f052
Timing: fix mbedtls_set_alarm(0) on Unix/POSIX
...
The POSIX/Unix implementation of mbedtls_set_alarm did not set the
mbedtls_timing_alarmed flag when called with 0, which was inconsistent
with what the documentation implied and with the Windows behavior.
2017-12-20 18:50:03 +01:00
Manuel Pégourié-Gonnard
4813f15ce5
Merge branch 'development' into development-restricted
...
* development:
Address PR review comments
Fix crash when calling `mbedtls_ssl_cache_free` twice
2017-12-19 11:39:35 +01:00
Manuel Pégourié-Gonnard
705c52f5ec
Merge remote-tracking branch 'public/pr/1145' into development
...
* public/pr/1145:
Address PR review comments
Fix crash when calling `mbedtls_ssl_cache_free` twice
2017-12-19 11:37:36 +01:00
Manuel Pégourié-Gonnard
d04c623ed6
Merge remote-tracking branch 'restricted/pr/403' into development-restricted
...
* restricted/pr/403:
Correct record header size in case of TLS
Don't allocate space for DTLS header if DTLS is disabled
Improve debugging output
Adapt ChangeLog
Add run-time check for handshake message size in ssl_write_record
Add run-time check for record content size in ssl_encrypt_buf
Add compile-time checks for size of record content and payload
2017-12-19 11:31:20 +01:00
Manuel Pégourié-Gonnard
1827368b01
Merge branch 'development' into development-restricted
...
* development:
Don't split error code description across multiple lines
Register new error code in error.h
Move deprecation to separate section in ChangeLog
Extend scope of ERR_RSA_UNSUPPORTED_OPERATION error code
Adapt RSA test suite
Adapt ChangeLog
Deprecate usage of RSA primitives with wrong key type
2017-12-19 11:28:36 +01:00
Manuel Pégourié-Gonnard
4712119687
Merge remote-tracking branch 'restricted/pr/397' into development
...
* restricted/pr/397:
Don't split error code description across multiple lines
Register new error code in error.h
Move deprecation to separate section in ChangeLog
Extend scope of ERR_RSA_UNSUPPORTED_OPERATION error code
Adapt RSA test suite
Adapt ChangeLog
Deprecate usage of RSA primitives with wrong key type
2017-12-19 11:27:22 +01:00
Gilles Peskine
880c6e74a1
Merge branch 'development' into development-restricted
2017-12-04 18:00:26 +00:00
Gilles Peskine
d629411212
Merge branch 'pr_920' into development
2017-12-01 23:46:58 +01:00
Gilles Peskine
8acce85175
Added ChangeLog entry
2017-12-01 23:46:40 +01:00
Gilles Peskine
ff01e009e6
Merge branch 'pr_1043' into development
2017-12-01 23:42:17 +01:00
Gilles Peskine
b592f32291
Added ChangeLog entry
2017-12-01 23:40:28 +01:00
Gilles Peskine
e3783da0b2
Merge remote-tracking branch 'upstream-public/pr/1172' into development
2017-12-01 22:36:21 +01:00
Gilles Peskine
02e28fe0fd
Merge remote-tracking branch 'upstream-restricted/pr/425' into development-restricted
2017-12-01 17:58:12 +01:00
Gilles Peskine
0960f0663e
Merge branch 'development' into development-restricted
2017-11-29 21:07:55 +01:00
Gilles Peskine
0884f4811b
Merge remote-tracking branch 'upstream-public/pr/1141' into development
2017-11-29 20:50:59 +01:00
Gilles Peskine
183de312f9
Merge remote-tracking branch 'upstream-public/pr/895' into development
2017-11-29 20:49:21 +01:00
Gilles Peskine
7fb29b17c7
Merge branch 'development' into development-restricted
2017-11-28 18:46:09 +01:00
Gilles Peskine
4daffe236a
Merge branch 'pr_1025' into development
...
Merge PR #1025 + ChangeLog entry
2017-11-28 18:23:53 +01:00
Gilles Peskine
d742b74838
Add ChangeLog entry
2017-11-28 17:40:56 +01:00
Gilles Peskine
ea8d697fa2
Merge remote-tracking branch 'upstream-public/pr/1089' into development
...
Resolve trivial conflict due to additions in the same place in
tests/data_files/Makefile; minor comment/whitespace presentation
improvements.
2017-11-28 17:32:32 +01:00
Gilles Peskine
4b117d9c92
Merge remote-tracking branch 'upstream-public/pr/1055' into development
2017-11-28 17:23:37 +01:00
Gilles Peskine
f2421210a5
Merge remote-tracking branch 'upstream-public/pr/828' into development
2017-11-28 17:22:37 +01:00
Gilles Peskine
9c3573a962
Merge remote-tracking branch 'upstream-public/pr/988' into development
2017-11-28 17:08:03 +01:00
Gilles Peskine
41e974178f
Merge remote-tracking branch 'upstream-restricted/pr/419' into development-restricted
...
Resolved simple conflicts caused by the independent addition of
calls to mbedtls_zeroize with sometimes whitespace or comment
differences.
2017-11-28 16:16:27 +01:00
Gilles Peskine
9c8ac0ce2c
Merge remote-tracking branch 'upstream-restricted/pr/404' into development-restricted
2017-11-28 15:50:02 +01:00
Gilles Peskine
7ca6d1fdd4
Merge remote-tracking branch 'upstream-restricted/pr/399' into development-restricted
2017-11-28 14:17:53 +01:00
Gilles Peskine
c753f5daf4
Merge remote-tracking branch 'upstream-restricted/pr/369' into development-restricted
2017-11-28 14:16:47 +01:00
Gilles Peskine
80441c666f
Merge branch 'iotssl-1419-safermemcmp-volatile' into development-restricted
2017-11-28 13:52:33 +01:00
Gilles Peskine
d4755deafa
add changelog entry
2017-11-28 13:31:12 +01:00
Gilles Peskine
2507267cd4
Merge branch 'development' into development-restricted
2017-11-24 16:05:49 +01:00
Gilles Peskine
e7707228b4
Merge remote-tracking branch 'upstream-public/pr/1062' into development
2017-11-24 15:35:50 +01:00
Gilles Peskine
7635cde35c
Merge branch 'development' into development-restricted
2017-11-23 20:06:04 +01:00
Gilles Peskine
68306ed31f
Merge remote-tracking branch 'upstream-public/pr/1094' into development
2017-11-23 20:02:46 +01:00
Gilles Peskine
1a2640c025
Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge' into development-restricted
2017-11-23 18:58:30 +01:00
Gilles Peskine
dab611a7b1
ChangeLog entry for ssl_parse_client_psk_identity fix
2017-11-23 18:53:55 +01:00
Manuel Pégourié-Gonnard
bfa8df4c7e
Merge remote-tracking branch 'restricted/pr/416' into development-restricted
...
* restricted/pr/416:
RSA PSS: remove redundant check; changelog
RSA PSS: fix first byte check for keys of size 8N+1
RSA PSS: fix minimum length check for keys of size 8N+1
RSA: Fix another buffer overflow in PSS signature verification
RSA: Fix buffer overflow in PSS signature verification
2017-11-23 12:10:01 +01:00
Darryl Green
36ba8b683a
Add changelog for mbedtls_ecdsa_sign fix
2017-11-21 09:55:33 +00:00
Hanno Becker
7dc832bb53
Adapt ChangeLog
2017-11-20 08:52:25 +00:00
Gilles Peskine
91048a3aac
RSA PSS: remove redundant check; changelog
...
Remove a check introduced in the previous buffer overflow fix with keys of
size 8N+1 which the subsequent fix for buffer start calculations made
redundant.
Added a changelog entry for the buffer start calculation fix.
2017-10-19 17:46:14 +02:00
Hanno Becker
509fef7de3
Add ChangeLog message for EC private exponent information leak
2017-10-19 10:10:18 +01:00
Hanno Becker
a21e2a015b
Adapt ChangeLog
2017-10-19 09:15:17 +01:00
Gilles Peskine
6a54b0240d
RSA: Fix another buffer overflow in PSS signature verification
...
Fix buffer overflow in RSA-PSS signature verification when the masking
operation results in an all-zero buffer. This could happen at any key size.
2017-10-17 19:12:36 +02:00
Gilles Peskine
28a0c72795
RSA: Fix buffer overflow in PSS signature verification
...
Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.
Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.
2017-10-17 19:01:38 +02:00
Ron Eldor
e1a9a4a826
Fix crash when calling mbedtls_ssl_cache_free
twice
...
Set `cache` to zero at the end of `mbedtls_ssl_cache_free` #1104
2017-10-17 18:15:41 +03:00
Hanno Becker
479e8e24e6
Adapt ChangeLog
2017-10-17 11:03:50 +01:00
Hanno Becker
e2a73c13cf
Enhancement of ChangeLog entry
2017-10-17 10:34:04 +01:00
Hanno Becker
0cd5b94dba
Adapt ChangeLog
2017-10-13 17:17:28 +01:00
Simon Butcher
6f63db7ed5
Fix changelog for ssl_server2.c usage fix
2017-10-12 23:22:17 +01:00
Gilles Peskine
085c10afdb
Allow comments in test data files
2017-10-12 23:22:17 +01:00
Andres Amaya Garcia
735b37eeef
Correctly handle leap year in x509_date_is_valid()
...
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 23:21:37 +01:00
Ron Eldor
73a381772b
Parse Signature Algorithm ext when renegotiating
...
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
2017-10-12 23:21:37 +01:00
Gilles Peskine
4552bf7558
Allow comments in test data files
2017-10-12 23:20:56 +01:00
Andres Amaya Garcia
106637fc2d
Correctly handle leap year in x509_date_is_valid()
...
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 19:54:46 +01:00
Hanno Becker
854244abbf
Adapt ChangeLog
2017-10-12 16:26:37 +01:00
Ron Eldor
8dd73e62d2
Parse Signature Algorithm ext when renegotiating
...
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
2017-10-11 12:49:00 +01:00
Ron Eldor
a84c1cb355
Address PR cpomments reviews
...
1) move the change into Features from Changes, in the changLog
2) Change the feature alternative configuration MBEDTLS_ECDH_ALT
definition to function alternative defintions
MBEDTLS_ECDH_COMPUTE_SHARED_ALT and MBEDTLS_ECDH_GEN_PUBLIC_ALT
2017-10-10 19:04:27 +03:00
Ron Eldor
314adb6baa
Address PR review comments
...
1) update ChangLog to have new feature in Features instead of Changes
2) Change MBEDTLS_ECDSA_ALT to function specific alternative definitions:
MBEDTLS_ECDSA_SIGN_ALT, MBEDTLS_ECDSA_VERIFY_ALT and MBEDTLS_ECDSA_GENKEY_ALT
2017-10-10 18:49:02 +03:00
Simon Butcher
16373a5933
Fix changelog for ssl_server2.c usage fix
2017-10-06 11:59:13 +01:00
Simon Butcher
2c4f9460ea
Update ChangeLog for fix to #836
2017-10-06 11:59:13 +01:00
Hanno Becker
1a9a51c7cf
Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
...
Add a reference to the relevant RFC, adapt ChangeLog.
2017-10-06 11:58:50 +01:00
Gilles Peskine
b04e2c3d81
Allow comments in test data files
2017-10-06 11:58:50 +01:00
Hanno Becker
7e304fcac9
Move deprecation to separate section in ChangeLog
2017-10-05 11:50:24 +01:00
Hanno Becker
1613715f6f
Adapt ChangeLog
2017-10-05 10:30:11 +01:00
Hanno Becker
86e5230e54
Adapt ChangeLog
2017-10-05 09:08:53 +01:00
Simon Butcher
967a60502e
Fix changelog for ssl_server2.c usage fix
2017-10-02 19:14:58 +01:00
Simon Butcher
83ce8201dc
Update ChangeLog for fix to #836
2017-09-30 23:39:46 +01:00
Hanno Becker
2f38a43d3a
Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
...
Add a reference to the relevant RFC, adapt ChangeLog.
2017-09-30 23:35:21 +01:00
Gilles Peskine
26182edd0c
Allow comments in test data files
2017-09-29 15:45:12 +02:00
Hanno Becker
041a6b030f
Adapt ChangeLog
2017-09-28 14:52:26 +01:00
Ron Eldor
8b766218a8
Update ChangeLog
...
Update ChangeLog according to Andres seggestion
2017-09-24 15:44:56 +03:00
Ron Eldor
2981a0a740
Address Andres PR comments
...
Address Andres' comments in the PR
2017-09-24 15:41:09 +03:00
Jaeden Amero
1526330931
Allow alternate implementation of GCM
...
Provide the ability to use an alternative implementation of GCM in place
of the library-provided implementation.
2017-09-22 17:42:44 +01:00
Janos Follath
b174c84a3b
Refine dhm_check_range() fix Changelog entry
2017-09-21 12:05:14 +01:00
Janos Follath
aa325d7b7f
DHM: Fix dhm_check_range() always returning 0
...
Although the variable ret was initialised to an error, the
MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being
0 whenewer the bignum computation was successfull and stayed 0
independently of the actual check.
2017-09-21 12:04:41 +01:00
Hanno Becker
930025da6d
Adapt ChangeLog
2017-09-18 16:12:28 +01:00
Hanno Becker
81e96dd54a
Adapt ChangeLog
2017-09-18 11:07:25 +01:00
Andres Amaya Garcia
f569f701c2
Fix ChangeLog entry
2017-09-14 20:20:21 +01:00
Andres Amaya Garcia
06fc6650f4
Add ChangeLog entry
2017-09-14 20:20:15 +01:00
Ron Eldor
31162e4423
Set PEM buffer to zero before freeing it
...
Set PEM buffer to zero before freeing it, to avoid private keys
being leaked to memory after releasing it.
2017-09-05 15:34:35 +03:00
Hanno Becker
f28dc2f900
Adapt ChangeLog
2017-09-04 13:07:52 +01:00
Ron Eldor
f231eaae28
Add configuration file in md.h
...
include `*config.h*` in md.h as MACROS in the header file get ignored.
Fix for #1001 .
2017-08-22 14:50:14 +03:00
Simon Butcher
72ea31b026
Update version number to 2.6.0
2017-08-10 11:51:16 +01:00
Simon Butcher
01971d094e
Fix language in Changelog for clarity
2017-08-10 10:48:01 +01:00
Ron Eldor
433f39c437
ECDH alternative implementation support
...
Add alternative implementation support for ECDH at the higher layer
2017-08-08 18:43:56 +03:00
Ron Eldor
b68733bf62
ECDSA alternative support
...
Support for alternative implementation of ECDSA, at the higher layer
2017-08-07 18:00:22 +03:00
Hanno Becker
85b602e5d0
Improve documentation of PKCS1 decryption functions
...
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- mbedtls_rsa_pkcs1_decrypt,
- mbedtls_rsa_rsaes_pkcs1_v15_decrypt
- mbedtls_rsa_rsaes_oaep_decrypt
2017-08-01 22:48:41 +01:00
Simon Butcher
3f2557e6f1
Fix style and missing item in ChangeLog
2017-08-01 18:06:12 +01:00
Simon Butcher
a418e82a35
Add credit to Changelog to fix for #666
2017-07-28 23:52:10 +01:00
Simon Butcher
9fae22269b
Fix ChangeLog for duplication after merge
2017-07-28 22:32:23 +01:00
Hanno Becker
61937d4a83
Rename time and index parameter to avoid name conflict.
...
As noted in #557 , several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.
This commit renames the arguments accordingly.
2017-07-28 22:28:08 +01:00
Hanno Becker
7ec83df47f
Adapt ChangeLog
2017-07-28 22:28:08 +01:00
Andres AG
6b171e4aec
Fix potential integer overflow parsing DER CRT
...
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-28 22:28:04 +01:00
Andres AG
ce49a25033
Fix potential integer overflow parsing DER CRL
...
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-28 22:28:04 +01:00
Ron Eldor
a207e75089
Check return code of mbedtls_mpi_fill_random
...
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
2017-07-28 22:27:30 +01:00
Ron Eldor
7faf92a2fe
Resource leak fix on windows platform
...
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-28 22:27:30 +01:00
Ron Eldor
368d55c549
Wrong preproccessor condition fix
...
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-28 22:27:30 +01:00
Ron Eldor
d5a75f44a1
fix for issue 1118: check if iv is zero in gcm.
...
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-28 22:27:29 +01:00
Janos Follath
c08d9ddd55
Remove mutexes from ECP hardware acceleration
...
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.
Fixes #863
2017-07-28 22:27:29 +01:00
Simon Butcher
b060cc21b1
Reorder and group sections in the ChangeLog
2017-07-28 01:04:34 +01:00
Simon Butcher
00d3cc61a6
Fix merge errors in ChangeLog
2017-07-27 21:44:34 +01:00