yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 15:44:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
919 Commits 88 Branches 205 Tags 69 MiB
d730aa517a
Commit Graph

496 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
d730aa517a Use blinding for RSA even without CRT 2014-11-12 16:29:12 +01:00
Paul Bakker
fc3697ce2b Prepared for PolarSSL-1.2.12 2014-10-24 10:42:52 +02:00
Manuel Pégourié-Gonnard
0b12d5e332 Accept spaces at EOL/buffer in base64_decode() 2014-10-23 17:00:26 +02:00
Alfred Klomp
d6d5ef2f0d timing.c: avoid referencing garbage value 
Found with Clang's `scan-build` tool.

When get_timer() is called with `reset` set to 1, the value of
t->start.tv_sec is used as a rvalue without being initialized first.
This is relatively harmless because the result of get_timer() is not
used by the callers when called in "reset mode". However, scan-build
prints a warning.

Silence the warning by only calculating the delta on non-reset runs,
returning zero otherwise.
 2014-10-23 15:36:33 +02:00
Alfred Klomp
ec99373df6 pkcs5.c: fix dead store: return proper exit status 
Found with Clang's `scan-build` tool.

The error value assigned to `ret` is not returned, meaning that the
selftest always succeeds. Ensure the error value is propagated back to
the caller.
 2014-10-23 15:34:02 +02:00
Manuel Pégourié-Gonnard
9711920304 Fix ssl_read wrt non-Application Data 2014-10-23 15:29:55 +02:00
Manuel Pégourié-Gonnard
3fdfcedebb Fix net_accept() regarding non-blocking sockets 2014-10-23 15:23:48 +02:00
Manuel Pégourié-Gonnard
0b0b522932 Fix compiler warnings on iOS 2014-10-23 15:17:27 +02:00
Manuel Pégourié-Gonnard
7d75ea4787 x509_crt_parse() did not increase total_failed on PEM error 2014-10-23 15:13:39 +02:00
Manuel Pégourié-Gonnard
86792a6cf3 Fix ssl_close_notify() with non-blocking I/O 2014-10-23 15:02:45 +02:00
Manuel Pégourié-Gonnard
066c1f60bb Fix potential bad read in parsing ServerHello 2014-10-23 14:58:09 +02:00
Manuel Pégourié-Gonnard
6b44038913 Fix memory leak parsing some X.509 certs 2014-10-23 14:53:46 +02:00
Paul Bakker
308a586477 Better placement of memset() to prevent compiler warning under MSVC 2014-07-11 11:40:35 +02:00
Paul Bakker
695266cb51 Updated to version 1.2.11 2014-07-11 11:26:03 +02:00
Manuel Pégourié-Gonnard
0cdde2d107 Fix minlen for GCM suites 2014-07-09 18:03:10 +02:00
Paul Bakker
a16e7f24f0 Proper initialization and checks for rare cases 2014-07-09 14:58:11 +02:00
Paul Bakker
1d073c59ad Add static and casts to prevent compiler warnings 2014-07-08 20:17:07 +02:00
Paul Bakker
f73b718f17 Latest CBC padding check 2014-07-08 18:30:44 +02:00
Paul Bakker
bbc843f0b8 Fix base64_decode() to return and check length correctly 2014-07-08 18:29:06 +02:00
Manuel Pégourié-Gonnard
877a0944ad Padlock asm using \n\t too 2014-07-08 18:29:00 +02:00
Manuel Pégourié-Gonnard
4467fb7507 Check input lengths in GCM 2014-07-08 18:28:56 +02:00
Paul Bakker
5bad6afd8c Fix length checking for AEAD ciphersuites 2014-07-08 18:28:54 +02:00
Paul Bakker
312da33ef1 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-07-08 18:28:52 +02:00
Peter Vaskovic
1b08bd9525 Fix WSAStartup return value check. 
SOCKET_ERROR was not a valid return value.
WSAStartup returns 0 on success, so check that instead.
 2014-07-08 18:28:51 +02:00
Peter Vaskovic
02388c918d Fix minor format string inconsistency. 2014-07-08 18:28:48 +02:00
Paul Bakker
75ee01097f Stricter check on SSL ClientHello internal sizes compared to actual packet size 2014-07-08 18:28:47 +02:00
Markus Pfeiffer
55bdbc1834 Make compilation on DragonFly work 2014-07-08 18:28:44 +02:00
Paul Bakker
358d325017 Fix bug with mpi_fill_random() on big-endian 2014-07-08 18:28:42 +02:00
Paul Bakker
95a11f8c16 On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-07-08 18:28:40 +02:00
Paul Bakker
ccebf6ef8a Sanity length checks in ssl_read_record() and ssl_fetch_input() 
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
 2014-07-08 18:28:38 +02:00
Paul Bakker
b0af56334c rsa_check_pubkey() now allows an E up to N 2014-07-08 18:28:36 +02:00
Paul Bakker
838ed3c74d Improve interop by not writing ext_len in ClientHello when 0 
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
 2014-07-08 18:28:33 +02:00
Paul Bakker
676093e253 Check setsockopt() return value in net_bind() 2014-07-08 18:28:29 +02:00
Paul Bakker
7890e62a1f Added missing MPI_CHK around mpi functions 2014-07-08 18:28:29 +02:00
Paul Bakker
243d61894c Reject certificates with times not in UTC 2014-07-08 14:40:58 +02:00
Paul Bakker
f48de9579f Use UTC to heck certificate validity 2014-07-08 14:39:41 +02:00
Paul Bakker
dedce0c35c Prevent potential NULL pointer dereference in ssl_read_record() 2014-07-08 14:36:12 +02:00
Paul Bakker
6995efe8be Potential memory leak in mpi_exp_mod() when error occurs during 
calculation of RR.
 2014-07-08 14:32:35 +02:00
Paul Bakker
358a841b34 x509_get_current_time() uses localtime_r() to prevent thread issues 2014-07-08 12:14:37 +02:00
Paul Bakker
24aaf44120 Make sure no random pointer occur during failed malloc()'s 2014-07-08 11:39:19 +02:00
Manuel Pégourié-Gonnard
c2262b58f6 Tune debug_print_ret format 2014-07-08 11:26:20 +02:00
Paul Bakker
ef3cf7088f Provide no info from entropy_func() on future entropy 2014-07-08 11:25:51 +02:00
Paul Bakker
1e9423704a Support for seed file writing and reading in Entropy 2014-07-08 11:20:25 +02:00
Paul Bakker
22a0ce0cef Fix warning on MinGW and MSVC12 2014-07-08 11:17:50 +02:00
Paul Bakker
8cb73200e1 MinGW32 static build should link to windows libs and libz 2014-07-08 11:15:55 +02:00
Paul Bakker
b000f82d76 ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr 2014-07-08 11:15:18 +02:00
Manuel Pégourié-Gonnard
a9f86e03ed Make the compiler work-around more specific 2014-07-08 11:13:59 +02:00
Manuel Pégourié-Gonnard
57291a7019 Work around a compiler bug on OS X. 2014-07-08 11:13:42 +02:00
hasufell
97a11c107e CMake: allow to build both shared and static at once 
This allows for more fine-grained control. Possible combinations:
  * static off, shared on
  * static on, shared off
  * static on, shared on

The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.

Default is: only build static lib.
 2014-07-08 11:10:09 +02:00
Manuel Pégourié-Gonnard
be04673c49 Forbid sequence number wrapping 2014-07-08 11:04:19 +02:00