yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 12:15:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,363 Commits 88 Branches 205 Tags 69 MiB
ce37e6269e
Commit Graph

1043 Commits

Author SHA1 Message Date
Andres AG
6b171e4aec Fix potential integer overflow parsing DER CRT 
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
 2017-07-28 22:28:04 +01:00
Andres AG
ce49a25033 Fix potential integer overflow parsing DER CRL 
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
 2017-07-28 22:28:04 +01:00
Ron Eldor
a207e75089 Check return code of mbedtls_mpi_fill_random 
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
 2017-07-28 22:27:30 +01:00
Ron Eldor
7faf92a2fe Resource leak fix on windows platform 
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
 2017-07-28 22:27:30 +01:00
Ron Eldor
368d55c549 Wrong preproccessor condition fix 
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
 2017-07-28 22:27:30 +01:00
Ron Eldor
d5a75f44a1 fix for issue 1118: check if iv is zero in gcm. 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
 2017-07-28 22:27:29 +01:00
Janos Follath
c08d9ddd55 Remove mutexes from ECP hardware acceleration 
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
 2017-07-28 22:27:29 +01:00
Simon Butcher
b060cc21b1 Reorder and group sections in the ChangeLog 2017-07-28 01:04:34 +01:00
Simon Butcher
00d3cc61a6 Fix merge errors in ChangeLog 2017-07-27 21:44:34 +01:00
Andres AG
2e3ddfac5f Prevent signed integer overflow in CSR parsing 
Modify the function mbedtls_x509_csr_parse_der() so that it checks the
parsed CSR version integer before it increments the value. This prevents
a potential signed integer overflow, as these have undefined behaviour
in the C standard.
 2017-07-27 21:44:34 +01:00
Andres AG
80164741e1 Fix potential integer overflow parsing DER CRT 
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
 2017-07-27 21:44:34 +01:00
Andres AG
4f753c1186 Fix potential integer overflow parsing DER CRL 
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
 2017-07-27 21:44:34 +01:00
Simon Butcher
256da0f0d8 Added missing credit to Changelog and format fixes 2017-07-27 21:44:34 +01:00
Ron Eldor
80697a0c11 Check return code of mbedtls_mpi_fill_random 
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
 2017-07-27 21:44:34 +01:00
Ron Eldor
b2d6e591f9 Resource leak fix on windows platform 
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
 2017-07-27 21:44:34 +01:00
Ron Eldor
5843db932d Wrong preproccessor condition fix 
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
 2017-07-27 21:44:34 +01:00
Ron Eldor
e13b224d17 fix for issue 1118: check if iv is zero in gcm. 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
 2017-07-27 21:44:34 +01:00
Janos Follath
325294013f Remove mutexes from ECP hardware acceleration 
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
df1486afe4 Remove MBEDTLS_TYPE_UDBL option 2017-07-27 21:44:33 +01:00
Gilles Peskine
b1a977f5a7 MBEDTLS_NO_INT64_DIVISION -> MBEDTLS_NO_UDBL_DIVISION 
Changed the option to disable the use of 64-bit division, to an option
to disable the use of double-width division, whether that's 64 or 128-bit.
 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
aa27dfeecc Enable 64-bit compilation with ARM Compiler 6 
This patch fixes the conditional preprocessor directives in
include/mbedtls/bignum.h to enable 64-bit compilation with ARM
Compiler 6.
 2017-07-27 21:44:33 +01:00
Simon Butcher
9a6748cff1 Correct order of sections in the ChangeLog 2017-07-27 21:44:33 +01:00
Ron Eldor
528c621271 Check return code of mbedtls_mpi_fill_random 
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
 2017-07-27 21:44:33 +01:00
Ron Eldor
5274f274f0 Resource leak fix on windows platform 
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
 2017-07-27 21:44:33 +01:00
Ron Eldor
d551c24ddb Wrong preproccessor condition fix 
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
 2017-07-27 21:44:33 +01:00
Ron Eldor
e56d1ec60a fix for issue 1118: check if iv is zero in gcm. 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
 2017-07-27 21:44:33 +01:00
Janos Follath
3240c55b30 Remove mutexes from ECP hardware acceleration 
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
586d3773ec Fix typo in ChangeLog and update macro name 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
052ac860ae Modify ChangeLog according to API changes 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
63e672b09d Add ChangeLog entry for platform setup and teardown 2017-07-27 21:44:33 +01:00
Simon Butcher
51e8c3ed7e Update Changelog for API/ABI fixes to revert interface 2017-07-27 21:44:33 +01:00
Ron Eldor
7269fee0b6 Check return code of mbedtls_mpi_fill_random 
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
 2017-07-27 21:44:33 +01:00
Ron Eldor
3e19df5c95 Resource leak fix on windows platform 
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
 2017-07-27 21:44:33 +01:00
Ron Eldor
8ab0595538 Wrong preproccessor condition fix 
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
 2017-07-27 21:44:33 +01:00
Ron Eldor
5a21fd62bf fix for issue 1118: check if iv is zero in gcm. 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
 2017-07-27 21:44:33 +01:00
Andres Amaya Garcia
92fcfe2933 Add ChangeLog entry for config-no-entropy.h change 2017-07-27 21:44:32 +01:00
Janos Follath
bfea4a7c02 Remove mutexes from ECP hardware acceleration 
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
 2017-07-27 21:44:32 +01:00
Hanno Becker
01a0e07e9d Correct indentation and labelling in ChangeLog 2017-07-26 11:49:40 +01:00
Janos Follath
745bcf454f Fix typos 2017-07-21 14:04:31 +01:00
Manuel Pégourié-Gonnard
ee98109af5 Add ChangeLog entry for the security issue 2017-07-06 11:58:41 +02:00
Manuel Pégourié-Gonnard
31458a1878 Only return VERIFY_FAILED from a single point 
Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
 2017-07-06 11:58:41 +02:00
Manuel Pégourié-Gonnard
d15795acd5 Improve behaviour on fatal errors 
If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
 2017-07-06 11:58:41 +02:00
Simon Butcher
f2a597fa3d Update the version number to 2.5.1 2017-06-20 23:08:10 +01:00
Janos Follath
5a1c0e7162 Improve Changelog 2017-06-16 12:27:47 +01:00
Manuel Pégourié-Gonnard
4a42f3c405 Merge remote-tracking branch 'restricted/iotssl-1398' into development-restricted 
* restricted/iotssl-1398:
  Add ChangeLog entry
  Ensure application data records are not kept when fully processed
  Add hard assertion to mbedtls_ssl_read_record_layer
  Fix mbedtls_ssl_read
  Simplify retaining of messages for future processing
 2017-06-09 15:02:40 +02:00
Manuel Pégourié-Gonnard
a8e5a4730d Merge near-duplicate ChangeLog entries 
As agreed with Gilles on the PR discussion page
 2017-06-09 14:46:50 +02:00
Hanno Becker
bf4c2e3f79 Add ChangeLog entry 2017-06-09 11:28:45 +01:00
Manuel Pégourié-Gonnard
740665e43b ChangeLog cosmetics 2017-06-08 20:37:30 +02:00
Manuel Pégourié-Gonnard
b86b143030 Merge remote-tracking branch 'restricted/iotssl-1138-rsa-padding-check-restricted' into development-restricted 
* restricted/iotssl-1138-rsa-padding-check-restricted:
  RSA PKCS1v1.5 verification: check padding length
 2017-06-08 20:31:06 +02:00
Manuel Pégourié-Gonnard
a0bf6ecfc3 Merge remote-tracking branch 'restricted/IOTSSL-1366/development-restricted' into development-restricted 
* restricted/IOTSSL-1366/development-restricted:
  More length checks in RSA PKCS1v15 verify
  More length checks in RSA PKCS1v15 verify
 2017-06-08 20:24:29 +02:00