Commit Graph

1311 Commits

Author SHA1 Message Date
Gilles Peskine
595c84a7b1 Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed 2018-04-01 12:41:29 +02:00
Gilles Peskine
27d88212c9 Merge remote-tracking branch 'upstream-public/pr/1541' into mbedtls-2.7-proposed 2018-04-01 12:40:51 +02:00
Gilles Peskine
a0e03a81a7 Merge branch 'pr_1538' into mbedtls-2.7-proposed 2018-04-01 12:35:50 +02:00
Gilles Peskine
ab50464f42 Minor changelog improvement 2018-04-01 12:32:37 +02:00
Darryl Green
28448b267f Improve documentation of mbedtls_ssl_write() 2018-03-29 16:51:16 +01:00
Andrzej Kurek
a6f0957a42 Move changelog entry to bugfix from changes 2018-03-29 08:45:57 -04:00
Andrzej Kurek
a24adde168 Add tests for "return plaintext data faster on unpadded decryption" 2018-03-29 08:43:30 -04:00
Jaeden Amero
0c692cda8b Merge remote-tracking branch 'upstream-public/pr/758' into mbedtls-2.7-proposed 2018-03-29 11:02:52 +01:00
Jaeden Amero
38e37bdd56 Merge remote-tracking branch 'upstream-public/pr/1529' into mbedtls-2.7-proposed 2018-03-29 11:00:09 +01:00
Jaeden Amero
5166a188eb Merge remote-tracking branch 'upstream-public/pr/1468' into mbedtls-2.7-proposed 2018-03-28 15:36:36 +01:00
Jaeden Amero
0d891042d1 Merge remote-tracking branch 'upstream-public/pr/1524' into mbedtls-2.7-proposed 2018-03-28 15:33:45 +01:00
Jaeden Amero
ef59b732c2 Merge remote-tracking branch 'upstream-public/pr/1479' into mbedtls-2.7-proposed 2018-03-28 14:21:19 +01:00
Ivan Krylov
065ecf587f Changelog: use my real name (#758) 2018-03-28 16:19:18 +03:00
Jethro Beekman
004e37117c Fix parsing of PKCS#8 encoded Elliptic Curve keys.
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
2018-03-28 11:29:21 +02:00
Gilles Peskine
1dc8e81f47 Add ChangeLog entry
Fixes #1299. Fixes #1475.
2018-03-27 23:18:52 +02:00
Andres Amaya Garcia
3b4d5c2f7f Add ChangeLog entry for PBES2 when ASN1 disabled 2018-03-27 21:25:57 +01:00
Andres Amaya Garcia
8ee215632c Improve ChangeLog for DLEXT and AR_DASH changes 2018-03-27 20:04:17 +01:00
Jaeden Amero
5f97be6369 Merge remote-tracking branch 'upstream-public/pr/1495' into mbedtls-2.7-proposed 2018-03-27 16:47:24 +01:00
Gilles Peskine
9ff0f052b3 Add ChangeLog entry.
Fixes #1353
2018-03-26 18:29:52 +01:00
Gilles Peskine
e4f2736b42 Add ChangeLog entry 2018-03-26 12:29:30 +02:00
Andres Amaya Garcia
89320a489b Add ChangeLog entry for library/makefile changes 2018-03-26 00:08:40 +01:00
Jaeden Amero
877c6dcf22 Merge remote-tracking branch 'upstream-restricted/pr/456' into mbedtls-2.7 2018-03-23 11:19:43 +00:00
Gilles Peskine
d4dc1a0266 Add changelog entries for improved testing
Fixes #1040
2018-03-23 02:19:49 +01:00
Gilles Peskine
2cfeb887b4 Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
2018-03-23 02:12:44 +01:00
Gilles Peskine
69d1b293fc Merge remote-tracking branch 'myfork/pr_1073' into mbedtls-2.7-proposed 2018-03-22 21:53:22 +01:00
Gilles Peskine
8980da5caf Merge remote-tracking branch 'myfork/pr_726' into mbedtls-2.7-proposed 2018-03-22 21:49:43 +01:00
Gilles Peskine
88c6df1ce8 Add ChangeLog entry 2018-03-22 21:48:28 +01:00
Gilles Peskine
9b9cc616ca Add ChangeLog entry 2018-03-22 17:03:45 +01:00
Andres Amaya Garcia
56c72480ca Add ChangeLog entry for redundant mutex initialization optimizations 2018-03-21 17:39:14 +00:00
Andres Amaya Garcia
d90d0dcaf1 Add ChangeLog entry for dylib builds using Makefile 2018-03-21 11:19:47 +00:00
Jaeden Amero
9ae1fba869 Update version to 2.7.2 2018-03-16 16:30:17 +00:00
Jaeden Amero
c9908f010a Merge remote-tracking branch 'upstream-public/pr/1064' into mbedtls-2.7-restricted-proposed 2018-03-15 14:58:24 +00:00
Jaeden Amero
e0b1a73c56 Merge remote-tracking branch 'upstream-restricted/pr/464' into mbedtls-2.7-restricted-proposed 2018-03-15 14:36:47 +00:00
Jaeden Amero
73923e1575 Merge remote-tracking branch 'upstream-restricted/pr/459' into mbedtls-2.7-restricted-proposed 2018-03-15 14:36:22 +00:00
Jaeden Amero
8a032e6051 Merge branch 'mbedtls-2.7-proposed' into mbedtls-2.7-restricted-proposed 2018-03-15 14:35:47 +00:00
Jaeden Amero
32ae73b289 Merge remote-tracking branch 'upstream-public/pr/1448' into mbedtls-2.7-proposed 2018-03-15 14:33:29 +00:00
Jaeden Amero
100273ddfb Merge remote-tracking branch 'upstream-public/pr/1449' into mbedtls-2.7-proposed 2018-03-15 14:32:54 +00:00
Jaeden Amero
e1c916ca5e Merge remote-tracking branch 'upstream-public/pr/1451' into mbedtls-2.7-proposed 2018-03-15 08:34:33 +00:00
Krzysztof Stachowiak
4e0141fc00 Update change log 2018-03-14 11:43:00 +01:00
Krzysztof Stachowiak
bcb8149510 Update change log 2018-03-14 11:23:34 +01:00
Manuel Pégourié-Gonnard
5a9f46e57c x509: CRL: reject unsupported critical extensions 2018-03-14 09:24:12 +01:00
Gilles Peskine
6013004fa9 Note in the changelog that this fixes an interoperability issue.
Fixes #1339
2018-03-13 17:27:53 +00:00
Gilles Peskine
64540d9577 Merge remote-tracking branch 'upstream-restricted/pr/458' into mbedtls-2.7-restricted-proposed 2018-03-13 17:24:46 +01:00
Gilles Peskine
955d70459d Merge remote-tracking branch 'upstream-restricted/pr/460' into mbedtls-2.7-restricted-proposed 2018-03-13 17:24:33 +01:00
Gilles Peskine
427ff4836c Merge remote-tracking branch 'upstream-public/pr/1219' into mbedtls-2.7-proposed 2018-03-12 23:52:24 +01:00
Gilles Peskine
c5671bdcf4 Merge remote-tracking branch 'upstream-public/pr/778' into mbedtls-2.7-proposed 2018-03-12 23:44:56 +01:00
Gilles Peskine
8eda5ec8b4 Merge branch 'pr_1408' into mbedtls-2.7-proposed 2018-03-11 00:48:18 +01:00
Gilles Peskine
dd7f5b9a37 Merge remote-tracking branch 'upstream-public/pr/1079' into mbedtls-2.7-proposed 2018-03-11 00:48:17 +01:00
Gilles Peskine
158fc33368 Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD 2018-03-11 00:47:54 +01:00
Gilles Peskine
3f1b89d251 This fixes #664 2018-03-11 00:35:39 +01:00