yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:35:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,205 Commits 88 Branches 205 Tags 69 MiB
c73079a78c
Commit Graph

1347 Commits

Author SHA1 Message Date
Paul Bakker
c73079a78c Add debug_set_threshold() and thresholding of messages 2014-04-25 16:58:16 +02:00
Paul Bakker
92478c37a6 Debug module only outputs full lines instead of parts 2014-04-25 16:58:15 +02:00
Paul Bakker
eaebbd5eaa debug_set_log_mode() added to determine raw or full logging 2014-04-25 16:58:14 +02:00
Paul Bakker
61885c7f7f Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites 
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
 2014-04-25 12:59:51 +02:00
Paul Bakker
4ffcd2f9c3 Typo in PKCS#11 module 2014-04-25 11:44:12 +02:00
Paul Bakker
10a9dd35ea Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c 2014-04-25 11:27:16 +02:00
Paul Bakker
0767e67d17 Add support for 'emailAddress' to x509_string_to_names() 2014-04-18 14:11:37 +02:00
Paul Bakker
c70e425a73 Only iterate over actual certificates in ssl_write_certificate_request() 2014-04-18 13:50:19 +02:00
Paul Bakker
f4cf80b86f Restructured pk_parse_key_pkcs8_encrypted_der() to prevent unreachable code 2014-04-17 17:24:29 +02:00
Paul Bakker
4f42c11846 Remove arbitrary maximum length for cipher_list and content length 2014-04-17 15:37:39 +02:00
Paul Bakker
d893aef867 Force default value to curve parameter 2014-04-17 14:45:34 +02:00
Paul Bakker
93389cc620 Remove const indicator 2014-04-17 14:44:38 +02:00
Paul Bakker
874bd64b28 Check setsockopt() return value in net_bind() 2014-04-17 12:43:05 +02:00
Paul Bakker
3d8fb63e11 Added missing MPI_CHK around mpi functions 2014-04-17 12:42:41 +02:00
Paul Bakker
a9c16d2825 Removed unused cur variable in x509_string_to_names() 2014-04-17 12:42:18 +02:00
Paul Bakker
0e4f9115dc Fix iteration counter 2014-04-17 12:39:05 +02:00
Paul Bakker
784b04ff9a Prepared for version 1.3.6 2014-04-11 15:33:59 +02:00
Manuel Pégourié-Gonnard
9655e4597a Reject certificates with times not in UTC 2014-04-11 13:59:36 +02:00
Manuel Pégourié-Gonnard
0776a43788 Use UTC to heck certificate validity 2014-04-11 13:59:31 +02:00
Paul Bakker
52c5af7d2d Merge support for verifying the extendedKeyUsage extension in X.509 2014-04-11 13:58:57 +02:00
Manuel Pégourié-Gonnard
78848375c0 Declare EC constants as 'const' 2014-04-11 13:58:41 +02:00
Paul Bakker
1630058dde Potential buffer overwrite in pem_write_buffer() fixed 
Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.
 2014-04-11 13:58:05 +02:00
Manuel Pégourié-Gonnard
0408fd1fbb Add extendedKeyUsage checking in SSL modules 2014-04-11 11:09:09 +02:00
Manuel Pégourié-Gonnard
7afb8a0dca Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
Paul Bakker
d6ad8e949b Make ssl_check_cert_usage() dependent on POLARSSL_X509_CRT_PARSE_C 2014-04-09 17:24:14 +02:00
Paul Bakker
a77de8c841 Prevent warnings in ssl_check_cert_usage() if keyUsage checks are off 2014-04-09 16:39:35 +02:00
Paul Bakker
043a2e26d0 Merge verification of the keyUsage extension in X.509 certificates 2014-04-09 15:55:08 +02:00
Manuel Pégourié-Gonnard
a9db85df73 Add tests for keyUsage with client auth 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
490047cc44 Code cosmetics 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
312010e6e9 Factor common parent checking code 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
f93a3c4335 Check the CA bit on trusted CAs too 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
99d4f19111 Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
3fed0b3264 Factor some common code in x509_verify{,_child} 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
7f2a07d7b2 Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
603116c570 Add x509_crt_check_key_usage() 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
2abed84225 Specific return code for PK sig length mismatch 2014-04-09 15:50:00 +02:00
Manuel Pégourié-Gonnard
35e95ddca4 Add special return code for ecdsa length mismatch 2014-04-09 15:49:59 +02:00
Paul Bakker
ddd427a8fc Fixed spacing in entropy_gather() 2014-04-09 15:49:57 +02:00
Paul Bakker
75342a65e4 Fixed typos in code 2014-04-09 15:49:57 +02:00
Manuel Pégourié-Gonnard
0f79babd4b Disable timing_selftest() for now 2014-04-09 15:49:51 +02:00
Paul Bakker
17b85cbd69 Merged additional tests and improved code coverage 
Conflicts:
	ChangeLog
 2014-04-08 14:38:48 +02:00
Paul Bakker
0763a401a7 Merged support for the ALPN extension 2014-04-08 14:37:12 +02:00
Paul Bakker
4224bc0a4f Prevent potential NULL pointer dereference in ssl_read_record() 2014-04-08 14:36:50 +02:00
Manuel Pégourié-Gonnard
8c045ef8e4 Fix embarrassing X.509 bug introduced in 9533765 2014-04-08 11:55:03 +02:00
Manuel Pégourié-Gonnard
f6521de17b Add ALPN tests to ssl-opt.sh 
Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)
 2014-04-07 12:42:04 +02:00
Manuel Pégourié-Gonnard
89e35798ae Implement ALPN server-side 2014-04-07 12:26:35 +02:00
Manuel Pégourié-Gonnard
0b874dc580 Implement ALPN client-side 2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard
0148875cfc Add tests and fix bugs for RSA-alt contexts 2014-04-04 17:46:46 +02:00
Manuel Pégourié-Gonnard
7e250d4812 Add ALPN interface 2014-04-04 17:10:40 +02:00
Manuel Pégourié-Gonnard
79e58421be Also test net_usleep in timing_selttest() 2014-04-04 16:42:44 +02:00