Commit Graph

5943 Commits

Author SHA1 Message Date
Hanno Becker
ba5b755f1a Change signature and semantics of mbedtls_rsa_deduce_moduli
Input arguments are marked as constant. Further, no double-checking is performed when a factorization of the modulus has
been found.
2017-10-02 09:55:49 +01:00
Simon Butcher
83ce8201dc Update ChangeLog for fix to #836 2017-09-30 23:39:46 +01:00
Hanno Becker
2f38a43d3a Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
Add a reference to the relevant RFC, adapt ChangeLog.
2017-09-30 23:35:21 +01:00
Hanno Becker
f5f9d11acc Enhance documentation of mbedtls_ssl_set_hostname
(1) Add missing error condition
(2) Specify allowance and effect of of NULL hostname parameter
(3) Describe effect of function on failure
2017-09-30 23:35:12 +01:00
Hanno Becker
39f5d359f5 Make mbedtls_ssl_set_hostname safe to be called multiple times
Zeroize and free previously set hostnames before overwriting
them. Also, allow clearance of hostname by providing NULL parameter.
2017-09-30 23:35:02 +01:00
Hanno Becker
713fe7f66c Add test case calling ssl_set_hostname twice
Add a test case calling ssl_set_hostname twice to test_suite_ssl.
When run in CMake build mode ASan, this catches the current leak,
but will hopefully be fine with the new version.
2017-09-30 23:34:52 +01:00
Ron Eldor
376f7f5fe1 Fix typo in configs/README.txt file
Fix typo in Readme file: ajust->adjust
2017-09-30 21:37:59 +01:00
Xinyu Chen
00afe1c046 Correct the printf message of the DTLS handshake.
Make it consistent with dtls_server.c
2017-09-30 09:52:38 +01:00
Hanno Becker
08a36dde80 Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
Hanno Becker
b4274210a4 Improve documentation in pkparse.c
State explicitly that `pk_parse_pkcs8_undencrypted_der` and `pk_parse_key_pkcs8_encrypted_der` are not responsible for
zeroizing and freeing the provided key buffer.
2017-09-29 19:18:51 +01:00
Hanno Becker
f04111f5c5 Fix typo 2017-09-29 19:18:42 +01:00
Gilles Peskine
5b7ee07ff6 Cleaned up get_line for test data files
Look, ma, a use for do...while!

Also removed 1-3 calls to strlen.
2017-09-29 18:00:25 +02:00
Hanno Becker
56bae95e1d Improve style and documentation, fix typo 2017-09-29 15:43:49 +01:00
Gilles Peskine
26182edd0c Allow comments in test data files 2017-09-29 15:45:12 +02:00
Hanno Becker
4b2f691691 Doxygen: Use typewriter font for variables in rsa.h documentation 2017-09-29 13:36:54 +01:00
Hanno Becker
ed20361321 Increase readability of Doxygen output
Multiple lists were not properly recognized as such.
2017-09-29 13:34:25 +01:00
Hanno Becker
91c194dabb Add and document an RSA-specific error code for unsupported exports
E.g., a private key on an external chip might not be exportable to RAM.
2017-09-29 12:50:12 +01:00
Hanno Becker
bead71752e Correct typo in rsa.c 2017-09-29 12:41:06 +01:00
Hanno Becker
e1582a832b Add expectation when testing RSA key import/export
This commit adds a flag to the RSA import/export tests indicating whether it is
expected that a full RSA keypair can be set up from the provided parameters.

Further, the tests of `mbedtls_rsa_import` and `mbedtls_rsa_import_raw` are
expanded to perform key checks and an example encryption-decryption.
2017-09-29 11:54:05 +01:00
Hanno Becker
4d6e83406c Improve readability of test for mbedtls_rsa_import 2017-09-29 11:54:05 +01:00
Hanno Becker
5063cd2cca Deprecate direct manipulation of structure fields in RSA context 2017-09-29 11:54:05 +01:00
Hanno Becker
ba1ba11a98 Check that length is properly set in mbedtls_rsa_check_pubkey 2017-09-29 11:54:05 +01:00
Hanno Becker
2f8f06aa25 Don't always recompute context length in mbedtls_rsa_get_len
This commit changes the implementation of `mbedtls_rsa_get_len` to return
`ctx->len` instead of always re-computing the modulus' byte-size via
`mbedtls_mpi_size`.
2017-09-29 11:54:05 +01:00
Hanno Becker
54cfc585cd Add test cases for mbedtls_rsa_import[_raw] where N is missing 2017-09-29 11:54:05 +01:00
Hanno Becker
2cca6f3290 Always deduce N from P, Q in mbedtls_rsa_complete
Previously, a parameter set of (-, P, Q, -, E) was completed, but (-, P, Q, D,
E) wasn't - this is odd.
2017-09-29 11:54:05 +01:00
Hanno Becker
041a6b030f Adapt ChangeLog 2017-09-28 14:52:26 +01:00
Hanno Becker
a2f6b72cbb Add warnings regarding the use of DHM in general 2017-09-28 11:06:31 +01:00
Hanno Becker
e764324d96 Improve documentation in dhm.h 2017-09-28 11:06:31 +01:00
Hanno Becker
e71ad12cd5 Minor code-improvements in dhm.c 2017-09-28 11:06:31 +01:00
Hanno Becker
13be990114 Correct expectation in DHM test in ssl-opt.sh
The previous test expected a DHM group generator of size 2048 bits, while with
the change to RFC 7919, the base is 2, so has bit-size 2.
2017-09-28 11:06:31 +01:00
Hanno Becker
4c72b000cb Add const-qualifiers to prime constants 2017-09-27 16:06:37 +01:00
Hanno Becker
b1d4d1fa6e Add description of how the primes from RFC 3526/7919 were generated 2017-09-27 12:43:57 +01:00
Hanno Becker
8c8b0ab877 Change default Diffie-Hellman parameters from RFC 5114 to RFC 7919
The origin of the primes in RFC 5114 is undocumented and their use therefore
constitutes a security risk.
2017-09-27 12:43:57 +01:00
Hanno Becker
b2bad800e4 Introduce Diffie-Hellman parameters from RFC 7919 2017-09-27 12:43:55 +01:00
Hanno Becker
0e6dc84f3e Deprecate Diffie-Hellman groups from RFC 5114
Also, change the way the standardized Diffie-Hellman groups are provided from
macro-based string-literals to global variables.
2017-09-27 11:48:02 +01:00
Hanno Becker
cc56628117 Don't use all_final as a target in tests/data_files/Makefile
The `neat` target in that Makefile assumes all_final to be a concatenation of
file names.
2017-09-26 16:21:19 +01:00
Ron Eldor
8b766218a8 Update ChangeLog
Update ChangeLog according to Andres seggestion
2017-09-24 15:44:56 +03:00
Ron Eldor
2981a0a740 Address Andres PR comments
Address Andres' comments in the PR
2017-09-24 15:41:09 +03:00
Jaeden Amero
1526330931 Allow alternate implementation of GCM
Provide the ability to use an alternative implementation of GCM in place
of the library-provided implementation.
2017-09-22 17:42:44 +01:00
Hanno Becker
6428f8d78e Let ssl-opt.sh gracefully fail is SSL_MAX_CONTENT_LEN is not 16384
Some tests in ssl-opt.sh require MBEDTLS_SSL_MAX_CONTENT_LEN to be set to its
default value of 16384 to succeed. While ideally such a dependency should not
exist, as a short-term remedy this commit adds a small check that will at least
lead to graceful exit if that assumption is violated.
2017-09-22 16:58:50 +01:00
Hanno Becker
d8a6f7cfbe Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
Hanno Becker
a20e33ad59 Use X509 CRT version macros for version checks in x509write_crt_der 2017-09-22 15:40:01 +01:00
Hanno Becker
7f3652ddf1 Fix error code printing in cert_write
Error codes can consume up to two bytes, but only one was printed so far.
2017-09-22 15:39:02 +01:00
Hanno Becker
38eff43791 Use X509 CRT version macros in cert_write program 2017-09-22 15:38:20 +01:00
Hanno Becker
e1b1d0af8e Fix senseless comment 2017-09-22 15:35:16 +01:00
Janos Follath
1ad1c6d4e1 Fix typo 2017-09-21 12:05:30 +01:00
Janos Follath
b174c84a3b Refine dhm_check_range() fix Changelog entry 2017-09-21 12:05:14 +01:00
Janos Follath
aa325d7b7f DHM: Fix dhm_check_range() always returning 0
Although the variable ret was initialised to an error, the
MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being
0 whenewer the bignum computation was successfull and stayed 0
independently of the actual check.
2017-09-21 12:04:41 +01:00
Janos Follath
4b151fabb7 DHM: Add negative tests for parameter checking
A bug in the dhm_check_range() function makes it pass even when the
parameters are not in the range. This commit adds tests for signalling
this problem as well as a couple of other negative tests.
2017-09-21 12:03:06 +01:00
Hanno Becker
930025da6d Adapt ChangeLog 2017-09-18 16:12:28 +01:00