Simon Butcher
c941b6cb31
Fix for unused variable warning
2015-12-28 01:29:10 +00:00
Simon Butcher
7ebe2781fe
Fix for compiler warnings and style
...
Changes for C90 compliance, and style following review
2015-12-28 00:05:30 +00:00
Simon Butcher
aa4114910a
Merge 'iotssl-558-2.1-md5-tls-sigs-restricted'
2015-12-23 18:52:18 +00:00
Simon Butcher
35ea92dbc6
Merge 'iotssl-566-2.1-double-free-restricted'
...
Merge remote-tracking branch
'restricted/iotssl-566-2.1-double-free-restricted' into mbedtls-2.1
2015-12-23 16:49:46 +00:00
Simon Butcher
e82ac57ef6
Merge remote-tracking branch 'origin/misc-2.1' into mbedtls-2.1
2015-12-22 19:36:17 +00:00
Simon Butcher
e103aa8a53
Added description of change to the Changelog
...
Also clarified some comments following review.
2015-12-16 01:51:01 +00:00
Manuel Pégourié-Gonnard
9055c1a011
Fix wrong length limit in GCM
...
See for example page 8 of
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
The previous constant probably came from a typo as it was 2^26 - 2^5 instead
of 2^36 - 2^5. Clearly the intention was to allow for a constant bigger than
2^32 as the ull suffix and cast to uint64_t show.
fixes #362
2015-12-10 15:08:37 +01:00
Manuel Pégourié-Gonnard
7f890c3e96
Avoid seemingly-possible overflow
...
By looking just at that test, it looks like 2 + dn_size could overflow. In
fact that can't happen as that would mean we've read a CA cert of size is too
big to be represented by a size_t.
However, it's best for code to be more obviously free of overflow without
having to reason about the bigger picture.
2015-12-10 15:07:46 +01:00
Manuel Pégourié-Gonnard
3e60d2a458
Fix potential double free in cert writing code
...
In case an entry with the given OID already exists in the list passed to
mbedtls_asn1_store_named_data() and there is not enough memory to allocate
room for the new value, the existing entry will be freed but the preceding
entry in the list will sill hold a pointer to it. (And the following entries
in the list are no longer reachable.) This results in memory leak or a double
free.
The issue is we want to leave the list in a consistent state on allocation
failure. (We could add a warning that the list is left in inconsistent state
when the function returns NULL, but behaviour changes that require more care
from the user are undesirable, especially in a stable branch.)
The chosen solution is a bit inefficient in that there is a time where both
blocks are allocated, but at least it's safe and this should trump efficiency
here: this code is only used for generating certificates, which is unlikely to
be done on very constrained devices, or to be in the critical loop of
anything. Also, the sizes involved should be fairly small anyway.
fixes #367
2015-12-10 11:24:35 +01:00
Manuel Pégourié-Gonnard
b6043f93b6
Fix levels of some debug messages
...
Messages about returning an error code that will be propagated all the way up
to the user should always be level 1.
2015-12-08 09:57:25 +01:00
Manuel Pégourié-Gonnard
b39528e2e8
Disable MD5 in handshake signatures by default
2015-12-04 15:13:36 +01:00
Manuel Pégourié-Gonnard
013198f30f
DTLS: avoid dropping too many records
...
When the peer retransmits a flight with many record in the same datagram, and
we already saw one of the records in that datagram, we used to drop the whole
datagram, resulting in interoperability failure (spurious handshake timeouts,
due to ignoring record retransmitted by the peer) with some implementations
(issues with Chrome were reported).
So in those cases, we want to only drop the current record, and look at the
following records (if any) in the same datagram. OTOH, this is not something
we always want to do, as sometime the header of the current record is not
reliable enough.
This commit introduces a new return code for ssl_parse_header() that allows to
distinguish if we should drop only the current record or the whole datagram,
and uses it in mbedtls_ssl_read_record()
fixes #345
2015-12-03 19:22:55 +01:00
Manuel Pégourié-Gonnard
5a8396ed55
Fix two more compiler warnings
...
- declaration after statement
- always true comparison due to limited range of operand
2015-12-03 19:09:23 +01:00
Manuel Pégourié-Gonnard
3eab29adc8
Fix potential integer overflow in prev. commit
...
Found by Clang's -Wshift-count-overflow
2015-12-03 19:09:21 +01:00
Simon Butcher
ea303e3ece
Added integer divide by as separate function
...
Added 64bit integer divided by 32bit integer, with remainder
2015-11-26 23:43:34 +00:00
Manuel Pégourié-Gonnard
b030c33e57
Fix bug checking pathlen on first intermediate
...
Remove check on the pathLenConstraint value when looking for a parent to the
EE cert, as the constraint is on the number of intermediate certs below the
parent, and that number is always 0 at that point, so the constraint is always
satisfied.
The check was actually off-by-one, which caused valid chains to be rejected
under the following conditions:
- the parent certificate is not a trusted root, and
- it has pathLenConstraint == 0 (max_pathlen == 1 in our representation)
fixes #280
2015-11-19 11:26:52 +01:00
Simon Butcher
ef43d41f67
Changed version number to 2.1.3
...
Changed for library
2015-11-04 22:08:33 +00:00
Manuel Pégourié-Gonnard
c28240596a
Fix other int casts in bounds checking
...
Not a security issue as here we know the buffer is large enough (unless
something else if badly wrong in the code), and the value cast to int is less
than 2^16 (again, unless issues elsewhere).
Still changing to a more correct check as a matter of principle
2015-11-02 10:43:03 +09:00
Manuel Pégourié-Gonnard
5784dd5ac8
Fix other occurrences of same bounds check issue
...
Security impact is the same: not triggerrable remotely except in very specific
use cases
2015-11-02 10:43:03 +09:00
Manuel Pégourié-Gonnard
0d66bb959f
Fix potential buffer overflow in asn1write
2015-11-02 10:42:44 +09:00
Manuel Pégourié-Gonnard
9dc66f4b2f
Fix potential heap corruption on Windows
...
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
2015-11-02 10:41:13 +09:00
Manuel Pégourié-Gonnard
ffb8180733
Fix potential double-free in ssl_conf_psk()
2015-11-02 10:40:14 +09:00
Jonathan Leroy
00c6b3c35a
Fix boolean values according to DER specs
...
In BER encoding, any boolean with a non-zero value is considered as
TRUE. However, DER encoding require a value of 255 (0xFF) for TRUE.
This commit makes `mbedtls_asn1_write_bool` function uses `255` instead
of `1` for BOOLEAN values.
With this fix, boolean values are now reconized by OS X keychain (tested
on OS X 10.11).
Fixes #318 .
2015-11-02 05:58:43 +09:00
Manuel Pégourié-Gonnard
621f83e5c5
Fix typo in an OID name
...
fixes #314
2015-11-02 05:58:10 +09:00
Manuel Pégourié-Gonnard
fd1f9e735e
Fix whitespace at EOL issues
2015-11-02 05:55:58 +09:00
Janos Follath
860f239eb9
Fixed pathlen contraint enforcement.
2015-11-02 05:55:28 +09:00
Manuel Pégourié-Gonnard
9f44a80ea3
Try to prevent some misuse of RSA functions
...
fixes #331
2015-10-30 10:57:43 +01:00
Manuel Pégourié-Gonnard
93080dfacf
Fix missing check for RSA key length on EE certs
...
- also adapt tests to use lesser requirement for compatibility with old
testing material
2015-10-28 13:22:32 +01:00
Simon Butcher
94c5e3c654
Fixed typo in comment
2015-10-28 13:21:12 +01:00
Manuel Pégourié-Gonnard
a314076486
Fix handling of non-fatal alerts
...
fixes #308
2015-10-28 13:19:55 +01:00
Manuel Pégourié-Gonnard
5baec9050e
Fix warning in some reduced configs
2015-10-28 13:16:56 +01:00
Manuel Pégourié-Gonnard
f9945bc283
Fix #ifdef inconsistency
...
fixes #310
Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.
Conflicts:
ChangeLog
2015-10-28 13:16:33 +01:00
Manuel Pégourié-Gonnard
00992d45c0
Optimize more common cases in ecp_muladd()
2015-10-27 10:30:36 +01:00
Manuel Pégourié-Gonnard
241bf6717a
Optimize some case of mbedtls_ecp_muladd()
...
Those are used by EC-JPAKE
2015-10-27 10:30:03 +01:00
Manuel Pégourié-Gonnard
770f453547
Remove useless code
...
closes #321
2015-10-27 10:29:26 +01:00
Simon Butcher
60d41b5d87
Corrected URL/reference to MPI library
2015-10-27 10:28:11 +01:00
Manuel Pégourié-Gonnard
c4e7d8a381
Bump version to 2.1.2
...
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard
a97ab2c8a6
Merge branch 'development' into development-restricted
...
* development:
Remove inline workaround when not useful
Fix macroization of inline in C++
2015-10-05 15:48:09 +01:00
Simon Butcher
7776fc36d3
Fix for #279 macroisation of 'inline' keyword
2015-10-05 15:44:18 +01:00
Manuel Pégourié-Gonnard
2d7083435d
Fix references to non-standard SIZE_T_MAX
...
Turns out C99 doesn't define SIZE_T_MAX, so let's not use it.
2015-10-05 15:23:11 +01:00
Manuel Pégourié-Gonnard
899ac849d0
Merge branch 'development' into development-restricted
...
* development:
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
2015-10-05 14:47:43 +01:00
Manuel Pégourié-Gonnard
0431735299
Fix compile error in net.c with musl libc
...
fixes #278
2015-10-05 12:17:49 +01:00
Simon Butcher
475cf0a98a
Merge fix of IOTSSL-496 - Potential heap overflow
...
Fix for potential overflow in ssl_write_certificate_request()
2015-10-05 11:57:54 +01:00
Manuel Pégourié-Gonnard
0223ab9d38
Fix macroization of inline in C++
...
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 11:41:36 +01:00
Simon Butcher
fec73a8eec
Merge of fix for IOTSSL-481 - Double free
...
Potential double free in mbedtls_ssl_conf_psk()
2015-10-05 10:40:31 +01:00
Simon Butcher
6418ffaadb
Merge fix for IOTSSL-480 - base64 overflow issue
2015-10-05 09:54:11 +01:00
Simon Butcher
a45aa1399b
Merge of IOTSSL-476 - Random malloc in pem_read()
2015-10-05 00:26:36 +01:00
Simon Butcher
e7f96f22ee
Merge fix IOTSSL-475 Potential buffer overflow
...
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.
Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).
Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-10-04 23:43:05 +01:00
Simon Butcher
d5ba4672b2
Merge fix for IOTSSL-474 PKCS12 Overflow
...
Fix stack buffer overflow in PKCS12
2015-10-04 22:47:59 +01:00
Simon Butcher
5b8d1d65f7
Fix for IOTSSL-473 Double free error
...
Fix potential double-free in mbedtls_ssl_set_hs_psk(.)
2015-10-04 22:06:51 +01:00
Manuel Pégourié-Gonnard
ef388f168d
Merge branch 'development' into development-restricted
...
* development:
Updated ChangeLog with credit
Fix a fairly common typo in comments
Make config check include for configs examples more consistent
2015-10-02 12:44:39 +02:00
Manuel Pégourié-Gonnard
bc1babb387
Fix potential overflow in CertificateRequest
2015-10-02 11:20:28 +02:00
Manuel Pégourié-Gonnard
0aa45c209a
Fix potential overflow in base64_encode
2015-09-30 16:37:49 +02:00
Simon Butcher
5624ec824e
Reordered TLS extension fields in client
...
Session ticket placed at end
2015-09-29 01:06:06 +01:00
Simon Butcher
04799a4274
Fixed copy and paste error
...
Accidental additional assignment in ssl_write_alpn_ext()
2015-09-29 00:31:09 +01:00
Simon Butcher
0fc94e9f83
Revised bounds checking on TLS extensions
...
Revisions following review feedback
2015-09-28 20:52:04 +01:00
Simon Butcher
9f81231fb8
Revised hostname length check from review
2015-09-28 19:22:33 +01:00
Manuel Pégourié-Gonnard
d02a1daca7
Fix stack buffer overflow in pkcs12
2015-09-28 19:47:50 +02:00
Manuel Pégourié-Gonnard
24417f06fe
Fix potential double-free in mbedtls_ssl_conf_psk()
2015-09-28 18:09:45 +02:00
Manuel Pégourié-Gonnard
58fb49531d
Fix potential buffer overflow in mpi_read_string()
...
Found by Guido Vranken.
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.
Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).
Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-09-28 15:59:54 +02:00
Simon Butcher
ed9976634f
Added bounds checking for TLS extensions
...
IOTSSL-478 - Added checks to prevent buffer overflows.
2015-09-28 02:14:30 +01:00
Simon Butcher
89f77623b8
Added max length checking of hostname
2015-09-27 22:50:49 +01:00
Tillmann Karras
588ad50c5a
Fix a fairly common typo in comments
2015-09-25 04:27:22 +02:00
Manuel Pégourié-Gonnard
8cea8ad8b8
Bump version to 2.1.1
2015-09-17 11:58:45 +02:00
Simon Butcher
ac58c53ab1
Merge remote-tracking branch 'origin/development'
2015-09-16 23:25:25 +01:00
Simon Butcher
7dd82f8fd5
Merge branch 'development' with bugfix branch
...
Conflicts:
ChangeLog
2015-09-16 16:21:38 +01:00
Simon Butcher
5793e7ef01
Merge 'development' into iotssl-411-port-reuse
...
Conflicts:
ChangeLog
2015-09-16 15:25:53 +01:00
Manuel Pégourié-Gonnard
f7022d1131
Fix bug in server parsing point formats extension
...
There is only one length byte but for some reason we skipped two, resulting in
reading one byte past the end of the extension. Fortunately, even if that
extension is at the very end of the ClientHello, it can't be at the end of the
buffer since the ClientHello length is at most SSL_MAX_CONTENT_LEN and the
buffer has some more room after that for MAC and so on. So there is no
buffer overread.
Possible consequences are:
- nothing, if the next byte is 0x00, which is a comment first byte for other
extensions, which is why the bug remained unnoticed
- using a point format that was not offered by the peer if next byte is 0x01.
In that case the peer will reject our ServerKeyExchange message and the
handshake will fail.
- thinking that we don't have a common point format even if we do, which will
cause us to immediately abort the handshake.
None of these are a security issue.
The same bug was fixed client-side in fd35af15
2015-09-16 11:32:18 +02:00
Manuel Pégourié-Gonnard
ea5370d4a2
Don't allow reconnect during handshake
...
Especially for resumed handshake, it's entirely possible for an epoch=0
ClientHello to be retransmitted or arrive so late that the server is already
at epoch=1. There is no good way to detect whether it's that or a reconnect.
However:
- a late ClientHello seems more likely that client going down and then up
again in the middle of a handshake
- even if that's the case, we'll time out on that handshake soon enough
- we don't want to break handshake flows that used to work
So the safest option is to not treat that as a reconnect.
2015-09-15 15:17:54 +02:00
Simon Butcher
49641ad799
Merge pull request #275 from embedthis/fix-1
...
FIX: compiler warning with recvfrom on 64-bit
2015-09-14 19:59:28 +01:00
Simon Butcher
d0bf6a3891
Update ssl_tls.c
...
Clarification in comments
2015-09-11 17:34:49 +01:00
Simon Butcher
74ca8d07ad
Update ssl_tls.c
...
Clarification in comments to ssl_handle_possible_reconnect()
2015-09-11 17:22:40 +01:00
Simon Butcher
0789aed39d
Update ssl_tls.c
...
Typo
2015-09-11 17:15:17 +01:00
Embedthis Software
a25cab8bea
FIX: compiler warning with recvfrom on 64-bit
2015-09-09 08:49:48 -07:00
Manuel Pégourié-Gonnard
ddfe5d20d1
Tune dependencies
...
Don't depend on srv.c in config.h, but add explicit checks. This is more
in line with other options that only make sense server-side, and also it
allows to test full config minus srv.c more easily.
2015-09-09 12:46:16 +02:00
Manuel Pégourié-Gonnard
2ed05a049a
Fix typos
2015-09-09 11:52:28 +02:00
Manuel Pégourié-Gonnard
ab05d23b29
Update generated file
2015-09-09 11:50:00 +02:00
Manuel Pégourié-Gonnard
62c74bb78a
Stop wasting resources
...
Use a custom function that minimally parses the message an creates a reply
without the overhead of a full SSL context.
Also fix dependencies: needs DTLS_HELLO_VERIFY for the cookie types, and let's
also depend on SRV_C as is doesn't make sense on client.
2015-09-09 11:22:52 +02:00
Nicholas Wilson
2088e2ebd9
fix const-ness of argument to mbedtls_ssl_conf_cert_profile
...
Otherwise, it's impossible to pass in a pointer to
mbedtls_x509_crt_profile_next!
2015-09-08 16:53:18 +01:00
Simon Butcher
e5a21b4493
Merge pull request #282 from ARMmbed/iotssl-469-rsa-crt-restricted
...
Add counter-measure against RSA-CRT attack
2015-09-08 13:05:51 +01:00
Manuel Pégourié-Gonnard
5f50104c52
Add counter-measure against RSA-CRT attack
...
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
2015-09-08 13:39:29 +02:00
Manuel Pégourié-Gonnard
3f09b6d4c2
Fix API
2015-09-08 11:58:14 +02:00
Manuel Pégourié-Gonnard
be619c1264
Clean up error codes
2015-09-08 11:21:21 +02:00
Manuel Pégourié-Gonnard
11331fc25b
First working dirty version
...
- uses too much resources
- wrong API
2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
9650205df7
Start detecting epoch 0 ClientHellos
2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
7f2f062a5d
Fix possible client crash on API misuse
2015-09-07 12:27:24 +02:00
Manuel Pégourié-Gonnard
aac5502553
Bump version to 2.1.0
2015-09-04 14:33:31 +02:00
Manuel Pégourié-Gonnard
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Simon Butcher
52754594b6
Merging iotssl-457-badtail with development branch
2015-09-03 13:06:01 +01:00
Manuel Pégourié-Gonnard
fdbdd72b8b
Skip to trusted certs early in the chain
...
This helps in the case where an intermediate certificate is directly trusted.
In that case we want to ignore what comes after it in the chain, not only for
performance but also to avoid false negatives (eg an old root being no longer
trusted while the newer intermediate is directly trusted).
closes #220
2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard
4d04cdcd12
Fix RSA mutex fix
...
Once the mutex is acquired, we must goto cleanup rather that return.
Since cleanup adjusts the return value, adjust that in test cases.
Also, at cleanup we don't want to overwrite 'ret', or we'll loose track of
errors.
see #257
2015-08-31 09:31:55 +02:00
Manuel Pégourié-Gonnard
1385a289f4
Fix possible mutex lock/unlock mismatch
...
fixes #257
2015-08-27 11:30:58 +02:00
Manuel Pégourié-Gonnard
e578b1c79a
Relax timing_self_test for windows idiosyncrasies
2015-08-18 20:11:48 +02:00
Manuel Pégourié-Gonnard
c98204e68f
Fix missing break in switch for SSL presets
...
closes #235
2015-08-11 04:21:01 +02:00
Manuel Pégourié-Gonnard
91bbfb6fb7
Make timing selftest less sensitive
...
- allow up to 12.5% security/error margin
- use larger delays
- this avoid the security/error margin being too low
The test used to fail about 1 out of 6 times on some buildbots VMs, but never
failed on the physical machines used for development.
2015-08-10 14:33:12 +02:00
Manuel Pégourié-Gonnard
ed46c436c0
Fix error when loading libmbedtls.so
2015-08-10 10:17:32 +02:00
Manuel Pégourié-Gonnard
111ce9f735
Fix build error with shared libraries for windows
2015-08-07 12:07:16 +02:00
Manuel Pégourié-Gonnard
8018c28600
Add -static-libgcc for Windows dll builds
2015-08-07 11:55:56 +02:00
Manuel Pégourié-Gonnard
620ee19823
Fix return of x509_self_test without SHA-1
...
No being able to run the test is not a failure
2015-08-07 10:57:47 +02:00
Manuel Pégourié-Gonnard
d1004f02e6
Fix printed output of some selftests
2015-08-07 10:57:41 +02:00
Manuel Pégourié-Gonnard
0a8857435c
DTLS: treat bad MAC on Finished as an error
...
This is not required nor recommended by the protocol, and it's a layering
violation, but it's a know flaw in the protocol that you can't detect a PSK
auth error in any other way, so it is probably the right thing to do.
closes #227
2015-08-04 12:11:17 +02:00
Manuel Pégourié-Gonnard
052d10c9d5
Accept a trailing space at end of PEM lines
...
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
closes #226
2015-07-31 11:11:26 +02:00
Manuel Pégourié-Gonnard
6fb8187279
Update date in copyright line
2015-07-28 17:11:58 +02:00
Simon Butcher
10a6f02f83
Merge branch 'development' into IOTSSL-442-hello-noext
...
Conflicts:
ChangeLog
2015-07-27 13:45:40 +01:00
Manuel Pégourié-Gonnard
6f42417ba8
Fix typo in that broke installation in cmake
...
closes #221
2015-07-24 16:55:22 +02:00
Manuel Pégourié-Gonnard
4cc8c63226
Add test for extensionless ClientHello
2015-07-23 12:24:03 +02:00
Manuel Pégourié-Gonnard
a6e5bd5654
Fix bug with extension-less ServerHello
...
https://tls.mbed.org/discussions/bug-report-issues/server-hello-parsing-bug
in_hslen include the length of the handshake header. (We might want to change
that in the future, as it is a bit annoying.)
2015-07-23 12:23:19 +02:00
Manuel Pégourié-Gonnard
cb0d212c97
Fix level of some debug messages
2015-07-22 11:52:11 +02:00
Manuel Pégourié-Gonnard
b076116e14
Fix one debug message
2015-07-22 11:39:23 +02:00
Manuel Pégourié-Gonnard
1bab7d7064
Fix blank line in comments
2015-07-13 09:06:18 +01:00
Paul Bakker
4cb87f409d
Prepare for 2.0.0 release
2015-07-10 14:09:43 +01:00
Manuel Pégourié-Gonnard
fc2ccfe72c
Fix missing comma with ENTROPY_HARDWARE_ALT
2015-07-10 11:15:50 +01:00
Manuel Pégourié-Gonnard
a4f055fe0c
Some windows environments don't have _snprint_s
...
Do an alternative version for them.
That happens for example with our windows buildbot with mingw32-make.
2015-07-08 17:35:37 +02:00
Manuel Pégourié-Gonnard
20af64dc2c
Still need to #define inline for MSVC
...
I only tested with VS2015 earlier, but previous versions apparently still
don't know that standard C99 keyword though it's documented on MSDN...
2015-07-07 23:21:30 +02:00
Manuel Pégourié-Gonnard
e540b49a3f
Add one more debug message
2015-07-07 12:44:38 +02:00
Manuel Pégourié-Gonnard
b4b19f395f
Add a debug message
2015-07-07 11:41:21 +02:00
Manuel Pégourié-Gonnard
001f2b6246
Use xxx_clone() instead of memcpy() in SSL
2015-07-06 16:54:51 +02:00
Manuel Pégourié-Gonnard
c0bf01e8d2
Undo overzealous renaming of internal variables
...
The rename script couldn't know it was a local variable with the same name as
on of the global functions
2015-07-06 16:26:23 +02:00
Manuel Pégourié-Gonnard
052a6c9cfe
Add mbedtls_md_clone()
2015-07-06 16:06:02 +02:00
Manuel Pégourié-Gonnard
16d412f465
Add md/shaXXX_clone() API
...
Will be used in the SSL/TLS modules
2015-07-06 15:48:34 +02:00
Manuel Pégourié-Gonnard
b9d64e5bbe
Fix missing calls to md/shaxxx_free()
2015-07-06 14:18:56 +02:00
Manuel Pégourié-Gonnard
71d296a15d
Add missing calls to _free() in md_wrap
...
We can't just assume xxx_free() will only zeroize, because of alternative
implementations
2015-07-06 11:36:25 +02:00
Manuel Pégourié-Gonnard
5791109707
Make the hardclock test optional
...
Known to fail on VMs (such as the buildbots), see eg
http://blog.badtrace.com/post/rdtsc-x86-instruction-to-detect-vms/
2015-07-01 19:22:12 +02:00
Manuel Pégourié-Gonnard
9bd0afdb22
Add guards for closed socket in net.c
...
This is particularly problematic when calling FD_SET( -1, ... ), but let's
check it in all functions.
This was introduced with the new API and the fact the net_free() now sets the
internal fd to -1 in order to mark it as closed: now using this information.
2015-07-01 19:03:27 +02:00
Manuel Pégourié-Gonnard
2505528be4
Rm obsolete defines for inline wiht MSVC
...
The "inline" keyword is supported since Visual Studio 2005 according to MSDN,
and we require Visual Studio 2010 or higher.
2015-07-01 17:22:36 +02:00
Manuel Pégourié-Gonnard
636741b176
Remove obsolete hacks for uin32_t
...
We now require support for stdint.h from the compiler.
2015-07-01 17:13:05 +02:00
Manuel Pégourié-Gonnard
9de64f5af1
Fix MSVC warnings in library and programs
2015-07-01 16:56:08 +02:00
Manuel Pégourié-Gonnard
acecb653d5
Fix mbedtls_net_usleep() on Windows
...
For some reason select() doesn't seem to work.
2015-07-01 12:00:56 +02:00
Manuel Pégourié-Gonnard
abc729e664
Simplify net_accept() with UDP sockets
...
This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it.
2015-07-01 01:28:24 +02:00
Manuel Pégourié-Gonnard
db2468d7aa
Update old comment
2015-06-30 17:19:48 +02:00
Manuel Pégourié-Gonnard
3d7d00ad23
Rename mbedtls_net_close() to mbedtls_net_free()
...
close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules
2015-06-30 16:50:37 +02:00
Manuel Pégourié-Gonnard
91895853ac
Move from naked int to a structure in net.c
...
Provides more flexibility for future changes/extensions.
2015-06-30 15:56:25 +02:00
Manuel Pégourié-Gonnard
16a17a496c
Fix net_accept() for UDP sockets on Windows
...
On Windows, recvfrom() returns an error code if the destination buffer is too
small to hold the next datagram.
2015-06-30 11:31:10 +02:00
Manuel Pégourié-Gonnard
a16e7c468c
Rename a debug function
2015-06-29 20:14:19 +02:00
Manuel Pégourié-Gonnard
80d627a5ae
Remove now useless function
2015-06-29 20:12:51 +02:00
Manuel Pégourié-Gonnard
b74c245a20
Rework debug to not need dynamic alloc
...
But introduces dependency on variadic macros
2015-06-29 20:08:23 +02:00
Manuel Pégourié-Gonnard
fa67ebaebb
Fix X.509 keysize check with multiple CAs
...
Assume we have two trusted CAs with the same name, the first uses ECDSA 256
bits, the second RSA 2048; cert is signed by the second. If we do the keysize
check before we checked the key types match, we'll raise the badkey flags when
checking the EC-256 CA and it will remain up even when we finally find the
correct CA. So, move the check for the key size after signature verification,
which implicitly checks the key type.
2015-06-27 14:41:38 +02:00
Manuel Pégourié-Gonnard
f659d2cd40
Tune up Windows snprintf() support
...
When we build with Visual Studio in debug mode, the invalid parameter handler
aborts the application (and offers to debug it) when n is 0. We want to
just return -1 instead (as calls with n == 0 are expected and happen in our
tests).
2015-06-26 17:45:00 +02:00
Manuel Pégourié-Gonnard
e1d34d1707
cmake: add shortcut 'lib' for all libraries
...
Name chosen to match the existing make target.
2015-06-25 14:53:13 +02:00
Manuel Pégourié-Gonnard
574ae18088
Fix stupid typo that broke make SHARED=1
2015-06-25 14:30:51 +02:00
Manuel Pégourié-Gonnard
147be4f315
Rm old variable from (c)make files
2015-06-25 11:57:13 +02:00
Manuel Pégourié-Gonnard
752c501126
One soversion per library
2015-06-25 11:56:17 +02:00
Manuel Pégourié-Gonnard
c7781addcb
Split library in CMake
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
ba2c8763b6
cmake: adjust libraries linking
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
216a1831de
Fix whitespace in CMakeLists.txt
...
- all spaces no tabs
- indent with 4 spaces everywhere
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
cde2aba0af
Do no test net_usleep in timing_selftest
...
Timing belongs in libcrypto (due to havege depending on it)
while net.c was put in libtls (only test ssl servers use it)
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
53585eeb17
Remove test DHM params from certs.c
...
certs.c belongs to the X.509 library, while DHM belongs to the crypto lib.
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
0761733c1b
Fix potential NULL dereference
...
We document that either of recv or recv_timeout may be NULL, but for TLS we
always used recv... Thanks Coverity for catching that.
(Not remotely trigerrable: local configuration.)
Also made me notice net_recv_timeout didn't do its job properly.
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
dba460f2f3
Add SSL "assertion" to help static analysis
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
1cf7b30dc8
Rewrite test to make Coverity happier
...
With the default config, it noticed the accept_comp was always 0, so the rest
of the test was dead code.
2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
5c59a4fea5
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
21dcc1e748
fixup
2015-06-25 10:59:56 +02:00
Manuel Pégourié-Gonnard
463e09d64b
Prepare library split
2015-06-24 12:05:33 +02:00
Manuel Pégourié-Gonnard
bae389b4d4
Fix uninitialized access
...
Found using Codenomicon Defensics.
2015-06-24 10:47:33 +02:00
Manuel Pégourié-Gonnard
bcc030849a
Avoid fclose( NULL )
...
Found by Coverity Scan.
2015-06-24 00:09:29 +02:00
Manuel Pégourié-Gonnard
fd474233c8
Change SSL debug API in the library
2015-06-23 18:44:11 +02:00
Manuel Pégourié-Gonnard
79c4e3ee59
Rm obsolete comments
2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard
b86145e6cd
Avoid potential NULL dereference.
...
May happen with a faulty configuration (eg no allowed curve but trying to use
ECDHE key exchange), but not trigger able remotely.
(Found with Clang's scan-build.)
2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard
14bf7063b9
Add SSL "assertions" to help static analyzers
...
scan-build was reporting NULL dereferences
2015-06-23 18:44:10 +02:00
Manuel Pégourié-Gonnard
b9c93d0d0a
Fix earlier incomplete change in RSA PMS reading
...
Probably a bad merge from the 1.3 branch
2015-06-23 18:43:53 +02:00
Manuel Pégourié-Gonnard
19389753c8
Avoid dead stores (makes scan-build happier)
2015-06-23 13:46:44 +02:00
Manuel Pégourié-Gonnard
c0d749418b
Make 'port' a string in NET module
...
- avoids dependency on snprintf
- allows using "smtps" instead of "456" if desired
2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
d23f593737
Avoid static buffer in debug module
...
Caused issues in threading situations
2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
96fb685e31
Some more init calls
2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
496f24e949
Deduplicate SHA-2 wrappers
2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
ab5932192a
Call init functions in MD alloc wrappers
...
When someone defines MBEDTLS_MD5_ALT for example, the init function may need
to do more that just zeroizing the context
2015-06-23 13:09:11 +02:00
Manuel Pégourié-Gonnard
1cd10adc7c
Update prototype of x509write_set_key_usage()
...
Allow for future support of decipherOnly and encipherOnly. Some work will be
required to ensure we still write only one byte when only one is needed.
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
655a964539
Adapt check_key_usage to new weird bits
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
9a702255f4
Add parsing/printing for new X.509 keyUsage flags
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
b80d16d171
Fix return convention of x509_wildcard_verify()
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
07894338a0
Rename M255 to Curve25519
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
7320eb46d4
Remove references to some Montgomery curves
...
After all it looks like those won't become standard.
2015-06-23 13:09:10 +02:00
Manuel Pégourié-Gonnard
9386664543
Move from inttypes.h to stdint.h
...
Some toolchains do not have inttypes.h, and we only need stdint.h which is a
subset of it.
2015-06-22 23:41:26 +02:00
Manuel Pégourié-Gonnard
e7e89844d6
Fix and document corner-cases of time checking
2015-06-22 23:41:24 +02:00
Manuel Pégourié-Gonnard
57e10d71be
Fix potential NULL dereference.
...
Introduced when moving from gmtime_r() to gmtime().
Found with fbinfer.
2015-06-22 23:40:44 +02:00
Manuel Pégourié-Gonnard
f9b85d96a9
Fix potential resource leak in X.509 parse dir
...
Found with fbinfer.
2015-06-22 18:39:57 +02:00
Manuel Pégourié-Gonnard
bcf13bab5d
Fix issue with MemSan and entropy
...
Due to the recent change about entropy sources strength, it is no longer
acceptable to just disable the platform source. So, instead "fix" it so that
it is clear to MemSan that memory is initialized.
I tried __attribute__((no_sanitize_memory)) and MemSan's blacklist file, but
couldn't seem to get them to work.
2015-06-22 18:25:41 +02:00
Manuel Pégourié-Gonnard
cdc26ae099
Add mbedtls_ssl_set_hs_authmode
...
While at it, fix the following:
- on server with RSA_PSK, we don't want to set flags (client auth happens via
the PSK, no cert is expected).
- use safer tests (eg == OPTIONAL vs != REQUIRED)
2015-06-22 14:52:40 +02:00
Manuel Pégourié-Gonnard
9dbaf400ef
Rationalize other snprintf() uses
2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
1685368408
Rationalize snprintf() usage in X.509 modules
2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
6c0c8e0d3d
Include fixed snprintf for Windows in platform.c
...
Use _WIN32 to detect it rather that _MSC_VER as it turns out MSYS2 uses the
broken MS version by default too.
2015-06-22 14:42:04 +02:00
Manuel Pégourié-Gonnard
f9cbd73191
Update generated files
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
7580ba475d
Add a concept of entropy source strength.
...
The main goal is, we want and error if cycle counter is the only source.
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
3f77dfbd52
Add MBEDTLS_ENTROPY_HARDWARE_ALT
...
Makes it easier for an external module to plug its hardware entropy collector.
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
bf82ff0209
Fix entropy thresholds
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
60c793bdc9
Split HAVE_TIME into HAVE_TIME + HAVE_TIME_DATE
...
First one means we have time() but it may not return the actual wall clock
time, second means it does.
2015-06-22 14:40:56 +02:00
Manuel Pégourié-Gonnard
c0696c216b
Rename mbedtls_mpi_msb to mbedtls_mpi_bitlen
2015-06-18 16:49:37 +02:00
Manuel Pégourié-Gonnard
097c7bb05b
Rename relevant global symbols from size to bitlen
...
Just applying rename.pl with this file:
mbedtls_cipher_get_key_size mbedtls_cipher_get_key_bitlen
mbedtls_pk_get_size mbedtls_pk_get_bitlen
MBEDTLS_BLOWFISH_MIN_KEY MBEDTLS_BLOWFISH_MIN_KEY_BITS
MBEDTLS_BLOWFISH_MAX_KEY MBEDTLS_BLOWFISH_MAX_KEY_BITS
2015-06-18 16:43:38 +02:00
Manuel Pégourié-Gonnard
fb317c5221
Rename parameter in a x509 helper
2015-06-18 16:41:13 +02:00
Manuel Pégourié-Gonnard
39a48f4934
Internal renamings in PK
...
+ an unrelated comment in SSL
2015-06-18 16:06:55 +02:00
Manuel Pégourié-Gonnard
12ad798c87
Rename ssl_session.length to id_len
2015-06-18 15:50:37 +02:00
Manuel Pégourié-Gonnard
898e0aa210
Rename key_length in cipher_info
2015-06-18 15:31:10 +02:00
Manuel Pégourié-Gonnard
b8186a5e54
Rename len to bitlen in function parameters
...
Clarify a few comments too.
2015-06-18 14:58:58 +02:00
Manuel Pégourié-Gonnard
b31c5f68b1
Add SSL presets.
...
No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values.
2015-06-17 14:59:27 +02:00
Manuel Pégourié-Gonnard
7bfc122703
Implement sig_hashes
2015-06-17 14:34:48 +02:00
Manuel Pégourié-Gonnard
36a8b575a9
Create API for mbedtls_ssl_conf_sig_hashes().
...
Not implemented yet.
2015-06-17 14:27:39 +02:00
Manuel Pégourié-Gonnard
9d412d872c
Small internal changes in curve checking
...
- switch from is_acceptable to the more usual check
- add NULL check just in case user screwed up config
2015-06-17 14:27:39 +02:00
Manuel Pégourié-Gonnard
a83e4e2bf5
Extra check in verify_with_profile()
...
This could happen if someone doesn't set the SSL configuration properly. In
that case we don't want to segfault...
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
b541da6ef3
Fix define for ssl_conf_curves()
...
This is a security feature, it shouldn't be optional.
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
6e3ee3ad43
Add mbedtls_ssl_conf_cert_profile()
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
cbb1f6e5cb
Implement cert profile checking
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
f8ea856296
Change data structure of profiles to bitfields
...
- allows to express 'none' or 'all' more easily than lists
- more compact and easier to declare statically
- easier to check too
Only drawback: if we ever have more than 32 curves, we'll need an ABI change to
make that field a uint64_t.
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
88db5da117
Add pre-defined profiles for cert verification
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
9505164ef4
Create cert profile API (unimplemented yet)
2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
bd990d6629
Add ssl_conf_dhm_min_bitlen()
2015-06-17 11:37:04 +02:00
Manuel Pégourié-Gonnard
7ee5ddd798
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Fix compile errors with NO_STD_FUNCTIONS
Expand config.pl's notion of "full"
Ack external bugfix in Changelog
FIx misplaced Changelog entry (oops)
Fix compile bug: incompatible declaration of polarssl_exit in platform.c
Fix contributor's name in Changelog
2015-06-03 10:33:55 +01:00
Manuel Pégourié-Gonnard
dccb80b7e5
Fix compile errors with NO_STD_FUNCTIONS
2015-06-03 10:20:33 +01:00
Manuel Pégourié-Gonnard
ba56136b5c
Avoid in-out length in base64
2015-06-02 16:30:35 +01:00
Manuel Pégourié-Gonnard
3335205a21
Avoid in-out length in dhm_calc_secret()
2015-06-02 16:17:08 +01:00
Manuel Pégourié-Gonnard
f79b425226
Avoid in-out length parameter in bignum
2015-06-02 15:41:48 +01:00
ptahpeteh
249bece013
Fix compile bug: incompatible declaration of polarssl_exit in platform.c
...
This causes a compile-time error:
platform.c(157): error: #147 : declaration is incompatible with "void (*polarssl_exit)(int)" (declared at line 179 of "platform.h")
2015-06-02 15:26:09 +02:00
Manuel Pégourié-Gonnard
c730ed3f2d
Rename boolean functions to be clearer
2015-06-02 10:38:50 +01:00
Manuel Pégourié-Gonnard
9d51583772
Fix cipher identifier in des_ede3_info
2015-06-02 10:00:04 +01:00
Manuel Pégourié-Gonnard
0574bb0bdb
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Mark unused constant as such
Update ChangeLog for recent external bugfix
Serious bug fix in entropy.c
Fix memleak with repeated [gc]cm_setkey()
fix minor bug in path_cnt checks
Conflicts:
include/mbedtls/cipher.h
library/ccm.c
library/entropy.c
library/gcm.c
library/x509_crt.c
2015-06-02 09:59:29 +01:00
Manuel Pégourié-Gonnard
468b06dab0
Merge remote-tracking branch 'ptahpeteh/patch-1' into mbedtls-1.3
...
* ptahpeteh/patch-1:
Serious bug fix in entropy.c
2015-06-02 09:03:06 +01:00
ptahpeteh
638fa0bb0f
Serious bug fix in entropy.c
...
Bug: mutex access within entropy_contex after it has been zeroed leads to app crash.
2015-06-01 12:28:29 +02:00
Manuel Pégourié-Gonnard
f78e4de6f4
Fix warnings from -pedantic
2015-05-29 10:52:14 +02:00
Manuel Pégourié-Gonnard
f8b6fdedd9
Remove include that is no longer needed
2015-05-29 10:23:32 +02:00
Manuel Pégourié-Gonnard
864108daab
Move from gmtime_r to gmtime + mutexes
...
* gmtime_r is not standard so -std=c99 warns about it
* Anyway we need global mutexes in the threading layer, so better depend only
on that, rather that global mutexes + some _r functions
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
ba19432d2e
Move from asm to __asm by default
...
- GCC with -std=c99 warns about asm but likes __asm
_ armcc5 has __asm but not asm
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
cb46fd8216
Avoid non-standard strcasecmp()
2015-05-29 10:18:09 +02:00
Manuel Pégourié-Gonnard
2a84dfd747
Make ssl_cookie.c thread-safe
2015-05-28 17:28:39 +02:00
Manuel Pégourié-Gonnard
41b9c2b418
Remove individual mdX_file() and shaX_file()
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
bfffa908a6
Implement md_file in the MD layer
2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
eb0d8706ce
Add option for even smaller SHA-256
2015-05-28 16:45:23 +02:00
Manuel Pégourié-Gonnard
a7a3a5fe37
Make SHA-2 implementation smaller
...
Adjust the size/performance trade-off:
* Reduces size of sha256_process() from 7.4KB to 2KB on ARMv7-M
* Reduces performance by less than 14% on Cortex-M4
* Seems to even improve performance on my Core i7
2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
6a8ca33fa5
Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED
2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
6c967b95ff
Fix typo in memory_buffer_alloc
2015-05-27 20:18:39 +02:00
Manuel Pégourié-Gonnard
944cfe8899
Allow use of global mutexes with threading_alt
2015-05-27 20:12:05 +02:00
Manuel Pégourié-Gonnard
61977614d8
Fix memleak with repeated [gc]cm_setkey()
2015-05-27 17:40:16 +02:00
Manuel Pégourié-Gonnard
43b08574a6
Avoid memory leak with repeated [gc]ccm_setkey()
2015-05-27 17:23:30 +02:00
Manuel Pégourié-Gonnard
3a89559d71
Fix compile errors in pkcs11.c
2015-05-27 17:09:21 +02:00
Manuel Pégourié-Gonnard
1b8de57827
Remove a few redundant memset after calloc.
...
Using the following semantic patch provided by Mansour Moufid:
@@
expression x;
@@
x = mbedtls_calloc(...)
...
- memset(x, 0, ...);
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
b2a18a2a98
Remove references to malloc in strings/names
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
200e73179e
Adapt memory_buffer_alloc to calloc
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
b9ef1182f3
Adapt the platform layer from malloc to calloc
2015-05-27 16:58:55 +02:00
Manuel Pégourié-Gonnard
7551cb9ee9
Replace malloc with calloc
...
- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too
2015-05-26 16:04:06 +02:00
Manuel Pégourié-Gonnard
5e94ddebbc
Create ssl_internal.h and move some functions
2015-05-26 11:57:05 +02:00
Manuel Pégourié-Gonnard
50518f4195
Rename _wrap headers to _internal
...
Makes it clearer that the user is not supposed to include them
2015-05-26 11:06:12 +02:00
Manuel Pégourié-Gonnard
1e9c4db524
Implement key rotation
2015-05-25 19:42:14 +02:00
Manuel Pégourié-Gonnard
887674a33b
Internal changes in preparation for key rotation
...
- two sets of keys
- separate function for key generation/update
2015-05-25 12:19:00 +02:00
Manuel Pégourié-Gonnard
a0adc1bbe4
Make cipher used in ssl tickets configurable
2015-05-25 10:35:16 +02:00
Manuel Pégourié-Gonnard
1041a39338
Use AES-GCM-256 for session ticket protection
2015-05-20 20:19:42 +02:00
Manuel Pégourié-Gonnard
8eff512274
Fix possible signedness issue in time comparison
2015-05-20 11:41:36 +02:00
Manuel Pégourié-Gonnard
0849a0a910
Make ssl ticket functions thread-safe
2015-05-20 11:34:54 +02:00
Manuel Pégourié-Gonnard
e057d3bf6b
Relax some dependencies
...
- DTLS_HELLO_VERIFY no longer depends on SRV_C
- SSL_COOKIE_C no longer depends on DTLS_HELLO_VERIFY
Not that much work for us, and easier on users (esp. since it allows just
disabling SRV_C alone).
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b596abfdc0
Refine cli/srv ifdefs for session tickets
...
- Only the server needs to generate/parse tickets
- Only the client needs to store them
Also adjust prototype of ssl_conf_session_tickets() while at it.
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
cf141ca7e7
Fix #ifdefs on ssl_cli.c or ssl_srv.c
...
Nothing to do with the current branch except I'm going to refine such #ifdefs
for tickets next and I want to start from a clean state
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
0c0f11f4b3
Update dependencies & includes for session tickets
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
d59675d92c
Move to callback for session tickets
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b0394bebdb
Further adapt prototypes of ticket functions
...
Moving everything in ticket_keys structure, that will soon become
ticket_context.
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
69f17280d3
Adapt prototypes of ticket handling functions
...
This is an intermediate step. The ssl_config argument will be replace by a
ticket context next.
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
a4a473516e
Rename & move ticket functions to ticket module
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
fd6d8978f9
Add new submodule ssl_ticket
2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
53ebe138c6
Fix copyright lines still mentioning Brainspark
2015-05-15 12:01:12 +02:00
Manuel Pégourié-Gonnard
0b104b056b
Adapt prototype of net_accept() for explicit size
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
d9e6a3ac10
Rename pk_init_ctx() -> pk_setup()
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
d4f04dba42
net.c now depends on select() unconditionally
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
a63bc94a2d
Remove timing_m_sleep() -> net_usleep()
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
e94bfe6cd6
Improve entropy selftest: check default sources
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
151dc77732
Fix some old names that remained
...
- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
8473f87984
Rename cipher_init_ctx() to cipher_setup()
2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
0de074fbc1
Use rarely used conf function to cover them
2015-05-14 12:58:01 +02:00
Manuel Pégourié-Gonnard
66dc5555f0
mbedtls_ssl_conf_arc4_support() depends on ARC4_C
2015-05-14 12:31:10 +02:00
Manuel Pégourié-Gonnard
6ab9b009cd
Fix warnings from armcc
2015-05-14 11:37:52 +02:00
Manuel Pégourié-Gonnard
545102ef1d
No timer -> to timeout (optional for TLS)
2015-05-13 17:31:48 +02:00
Manuel Pégourié-Gonnard
286a136e63
SSL timer fixes: not DTLS only, start cancelled
2015-05-13 17:18:59 +02:00
Nicholas Wilson
bc07c3a1f0
fix minor bug in path_cnt checks
...
If the top certificate occurs twice in trust_ca (for example) it would
not be good for the second instance to be checked with check_path_cnt
reduced twice!
2015-05-13 10:40:30 +01:00
Manuel Pégourié-Gonnard
e3c41ad8a4
Use the new timer callback API in programs
2015-05-13 10:04:32 +02:00
Manuel Pégourié-Gonnard
2e01291739
Prepare the SSL modules for using timer callbacks
2015-05-13 09:43:39 +02:00
Manuel Pégourié-Gonnard
ca3bdc5632
Add mbedtls_timing_set/get_delay()
2015-05-12 20:45:34 +02:00
Manuel Pégourié-Gonnard
8903fe0fd3
Define timing_selftest() even with TIMING_ALT
2015-05-12 19:30:45 +02:00
Manuel Pégourié-Gonnard
a27b1979dc
Update generated file
2015-05-12 16:09:34 +02:00
Manuel Pégourié-Gonnard
31993f271d
Add per-function override for AES
2015-05-12 15:41:08 +02:00
Manuel Pégourié-Gonnard
70a5010783
Create function-level MBETLS_DES_xxx_ALT
2015-05-12 15:17:15 +02:00
Manuel Pégourié-Gonnard
0fe1f6d97e
Remove debug line from selftest
...
Happened to cause a warning about %x vs uint32_t with arm-none-eabi-gcc 4.9
in addition to being useless
2015-05-12 13:22:02 +02:00
Manuel Pégourié-Gonnard
eecb43cf0b
Manually merge doc fixes from 1.3
2015-05-12 12:56:41 +02:00
Manuel Pégourié-Gonnard
48647b9255
Merge remote-tracking branch 'nw/misc' into mbedtls-1.3
...
* nw/misc:
Typos and doc additions
2015-05-12 12:48:12 +02:00
Manuel Pégourié-Gonnard
0ece0f94f2
Fix checks for nul-termination
2015-05-12 12:43:54 +02:00
Manuel Pégourié-Gonnard
24083d61a0
Fix bug in certs.c
...
Revealed by the recent PEM changes
2015-05-12 12:26:14 +02:00
Manuel Pégourié-Gonnard
ec4b08957f
Fix issue in ssl_free() vs ssl_config_free()
...
Just an overlook from moving things recently
2015-05-12 12:22:36 +02:00
Manuel Pégourié-Gonnard
49f5eb9b41
Better NULL checks in debug
...
In case we exit early, like before ssl_setup() was called
2015-05-12 12:19:09 +02:00
Manuel Pégourié-Gonnard
43b37cbc92
Fix use of pem_read_buffer() in PK, DHM and X509
2015-05-12 11:26:43 +02:00
Manuel Pégourié-Gonnard
2088ba6d30
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Update Changelog for recent contribution
Perf: rewrite of ecp_double_jac
Conflicts:
library/ecp.c
2015-05-12 10:36:26 +02:00
Manuel Pégourié-Gonnard
7010e4688f
Merge remote-tracking branch 'peterdettman/perf-ecp-double-jac' into mbedtls-1.3
...
* peterdettman/perf-ecp-double-jac:
Perf: rewrite of ecp_double_jac
2015-05-11 20:26:47 +02:00
Manuel Pégourié-Gonnard
e6ef16f98c
Change X.509 verify flags to uint32_t
2015-05-11 19:54:43 +02:00
Manuel Pégourié-Gonnard
4cba1a737d
Avoid debug flooding with non-blocking reads
2015-05-11 18:52:25 +02:00
Manuel Pégourié-Gonnard
e3a062ba1f
Rename ecp_use_known_dp -> mbedtls_ecp_group_load()
2015-05-11 18:46:47 +02:00
Manuel Pégourié-Gonnard
56cc88a796
Rm ecp_add() and add ecp_muladd()
2015-05-11 18:40:45 +02:00
Manuel Pégourié-Gonnard
6dde596a03
Remove ecp_sub()
2015-05-11 18:18:32 +02:00
Manuel Pégourié-Gonnard
aff37e5aa1
Remove ecp_group_read_string()
2015-05-11 18:11:57 +02:00
Manuel Pégourié-Gonnard
55fab2de5d
Fix a few more #ifdef's
2015-05-11 17:54:38 +02:00
Manuel Pégourié-Gonnard
8b431fbbec
Fix dependency issues
2015-05-11 14:35:42 +02:00
Manuel Pégourié-Gonnard
ccc302692a
Fix bug introduced when splitting init functions
2015-05-11 14:35:42 +02:00
Manuel Pégourié-Gonnard
06939cebef
Fix order of ssl_conf vs ssl_setup in programs
...
Except ssl_phtread_server that will be done later
2015-05-11 14:35:42 +02:00
Manuel Pégourié-Gonnard
01e5e8c1f8
Change a few ssl_conf return types to void
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
6729e79482
Rename ssl_set_xxx() to ssl_conf_xxx()
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
22bfa4bb53
Add ssl_set_hs_ca_chain()
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1897af9e93
Make conf const inside ssl_context (finally)
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
17a40cd255
Change ssl_own_cert to work on ssl_config
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1af6c8500b
Add ssl_set_hs_own_cert()
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
8f618a8e65
Rework ssl_set_own_cert() internals
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
120fdbdb3d
Change ssl_set_psk() to act on ssl_config
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
4b68296626
Use a specific function in the PSK callback
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
0a4fb09534
Make xxx_drbg_random() thread-safe
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
750e4d7769
Move ssl_set_rng() to act on config
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
5cb3308e5f
Merge contexts for session cache
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
ae31914990
Rename ssl_legacy_renegotiation() to ssl_set_...
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
662c6e8cdd
Disable truncated HMAC by default
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
1028b74cff
Upgrade default DHM params size
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
8836994f6b
Move WANT_READ/WANT_WRITE codes to SSL
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
1b511f93c6
Rename ssl_set_bio_timeout() to set_bio()
...
Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway...
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
97fd52c529
Split ssl_set_read_timeout() out of bio_timeout()
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
bc2b771af4
Move ssl_set_ca_chain() to work on config
2015-05-11 12:33:26 +02:00
Nicholas Wilson
d0fa5ccbb0
Typos and doc additions
2015-05-11 10:44:11 +01:00
Manuel Pégourié-Gonnard
ba26c24769
Change how hostname is stored internally
2015-05-07 10:19:14 +01:00
Manuel Pégourié-Gonnard
2b49445876
Move session ticket keys to conf
...
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
684b0592cb
Move ssl_set_fallback() to work on conf
...
Initially thought it would be per-connection, but since max_version is in conf
too, and you need to lower that for a fallback connection, the fallback flag
should be in the same place
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
6bf89d6ad9
Move ssl_set_max_fragment_len to work on conf
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
17eab2b65c
Move set_cbc_record_splitting() to conf
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
d36e33fc07
Move easy ssl_set_xxx() functions to work on conf
...
mbedtls_ssl_set_alpn_protocols
mbedtls_ssl_set_arc4_support
mbedtls_ssl_set_authmode
mbedtls_ssl_set_ciphersuites
mbedtls_ssl_set_ciphersuites_for_version
mbedtls_ssl_set_curves
mbedtls_ssl_set_dbg
mbedtls_ssl_set_dh_param
mbedtls_ssl_set_dh_param_ctx
mbedtls_ssl_set_dtls_anti_replay
mbedtls_ssl_set_dtls_badmac_limit
mbedtls_ssl_set_dtls_cookies
mbedtls_ssl_set_encrypt_then_mac
mbedtls_ssl_set_endpoint
mbedtls_ssl_set_extended_master_secret
mbedtls_ssl_set_handshake_timeout
mbedtls_ssl_legacy_renegotiation
mbedtls_ssl_set_max_version
mbedtls_ssl_set_min_version
mbedtls_ssl_set_psk_cb
mbedtls_ssl_set_renegotiation
mbedtls_ssl_set_renegotiation_enforced
mbedtls_ssl_set_renegotiation_period
mbedtls_ssl_set_session_cache
mbedtls_ssl_set_session_ticket_lifetime
mbedtls_ssl_set_sni
mbedtls_ssl_set_transport
mbedtls_ssl_set_truncated_hmac
mbedtls_ssl_set_verify
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
419d5ae419
Make endpoint+transport args of config_defaults()
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
def0bbe3ab
Allocate ssl_config out of ssl_setup()
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
cd523e2a5e
Introduce mbedtls_ssl_config_{init,defaults,free}()
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
7ca4e4dc79
Move things to conf substructure
...
A simple series of sed invocations.
This is the first step, purely internal changes. The conf substructure is not
ready to be shared between contexts yet.
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
9f145de4dc
Fix merge issue from 1.3 branch
2015-05-04 15:03:50 +02:00
Manuel Pégourié-Gonnard
e36d56419e
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
fix bug in ssl_mail_client
Adapt compat.sh to GnuTLS 3.4
Fix undefined behaviour in x509
Conflicts:
programs/ssl/ssl_mail_client.c
tests/compat.sh
2015-04-30 13:52:25 +02:00
Manuel Pégourié-Gonnard
159c524df8
Fix undefined behaviour in x509
2015-04-30 11:21:18 +02:00
Manuel Pégourié-Gonnard
da61ed3346
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Include changes from the 1.2 branch
Remove unused headers in o_p_test
Add countermeasure against cache-based lucky 13
Make results of (ext)KeyUsage accessible
Fix missing NULL check in MPI
Fix detection of getrandom()
Fix "make install" handling of symlinks
Fix bugs in programs displaying verify flags
Conflicts:
Makefile
include/polarssl/ssl.h
library/entropy_poll.c
library/ssl_srv.c
library/ssl_tls.c
programs/test/o_p_test.c
programs/test/ssl_cert_test.c
programs/x509/cert_app.c
2015-04-30 10:38:44 +02:00
Manuel Pégourié-Gonnard
7d1e95c991
Add countermeasure against cache-based lucky 13
2015-04-29 17:07:31 +02:00
Manuel Pégourié-Gonnard
e16b62c3a9
Make results of (ext)KeyUsage accessible
2015-04-29 17:07:31 +02:00
Manuel Pégourié-Gonnard
770b5e1e9e
Fix missing NULL check in MPI
2015-04-29 17:02:01 +02:00
Manuel Pégourié-Gonnard
d97828e7af
Fix detection of getrandom()
2015-04-29 14:28:48 +02:00
Manuel Pégourié-Gonnard
8a81e84638
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Add countermeasure against cache-based lucky 13
Conflicts:
library/ssl_tls.c
2015-04-29 02:13:42 +02:00
Manuel Pégourié-Gonnard
1e2eae02cb
Adapt pthread implementation to recent changes
2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard
eab147c4d0
Rename pkcs11_xxx_init() to bind()
2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard
69a69cc5ae
memory_buffer_alloc_init() now returns void
2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard
41d479e7df
Split ssl_init() -> ssl_setup()
2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard
47fede0d6d
Add countermeasure against cache-based lucky 13
2015-04-29 01:35:48 +02:00
Manuel Pégourié-Gonnard
8d128efd48
Split mbedtls_ctr_drbg_init() -> seed()
2015-04-28 22:38:08 +02:00
Manuel Pégourié-Gonnard
f9e9481bc5
Split mbedtls_hmac_drbg_init() -> seed{,_buf}()
2015-04-28 22:07:14 +02:00
Manuel Pégourié-Gonnard
c34e8dd265
Split mbedtls_gcm_init() -> gcm_setkey()
2015-04-28 21:42:17 +02:00
Manuel Pégourié-Gonnard
6963ff0969
Split mbedtls_ccm_init() -> setkey()
2015-04-28 18:02:54 +02:00
Manuel Pégourié-Gonnard
bdd7828ca0
Always check return status of mutex_(un)lock()
2015-04-24 14:43:24 +02:00
Manuel Pégourié-Gonnard
331ba5778a
Fix some additional renaming issues
2015-04-20 12:33:57 +01:00
Manuel Pégourié-Gonnard
e6028c93f5
Fix some X509 macro names
...
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
2015-04-20 12:19:02 +01:00
Manuel Pégourié-Gonnard
e6efa6f54e
manually merge 9f98251
make extKeyUsage accessible
2015-04-20 11:23:24 +01:00
Manuel Pégourié-Gonnard
b5f48ad82f
manually merge 39a183a
add x509_crt_verify_info()
2015-04-20 11:22:57 +01:00
Manuel Pégourié-Gonnard
144bc224e9
Merge branch 'mbedtls-1.3' into development
...
* commit 'a2fce21':
Fix potential NULL dereference on bad usage
Conflicts:
library/ssl_tls.c
2015-04-17 20:39:07 +02:00
Manuel Pégourié-Gonnard
53c76c07de
Merge branch 'mbedtls-1.3' into development
...
* commit 'ce60fbe':
Fix potential timing difference with RSA PMS
Update Changelog for recent merge
Added more constant-time code and removed biases in the prime number generation routines.
Conflicts:
library/bignum.c
library/ssl_srv.c
2015-04-17 20:19:32 +02:00
Manuel Pégourié-Gonnard
de9b363fbd
Merge branch mbedtls-1.3 into development
...
* commit '95f0089':
Update Changelog for DH params
Add test case for dh params with privateValueLength
accept PKCS#3 DH parameters with privateValueLength included
Conflicts:
library/dhm.c
2015-04-17 20:07:22 +02:00
Manuel Pégourié-Gonnard
9f98251e72
Make results of (ext)KeyUsage accessible
2015-04-17 19:57:21 +02:00
Manuel Pégourié-Gonnard
39a183a629
Add x509_crt_verify_info()
2015-04-17 17:24:25 +02:00
Manuel Pégourié-Gonnard
a2fce21ae5
Fix potential NULL dereference on bad usage
2015-04-15 21:04:19 +02:00
Manuel Pégourié-Gonnard
ce60fbeb30
Fix potential timing difference with RSA PMS
2015-04-15 16:56:28 +02:00
Manuel Pégourié-Gonnard
aac657a1d3
Merge remote-tracking branch 'pj/development' into mbedtls-1.3
...
* pj/development:
Added more constant-time code and removed biases in the prime number generation routines.
2015-04-15 14:12:59 +02:00
Daniel Kahn Gillmor
2ed81733a6
accept PKCS#3 DH parameters with privateValueLength included
...
library/dhm.c: accept (and ignore) optional privateValueLength for
PKCS#3 DH parameters.
PKCS#3 defines the ASN.1 encoding of a DH parameter set like this:
----------------
DHParameter ::= SEQUENCE {
prime INTEGER, -- p
base INTEGER, -- g
privateValueLength INTEGER OPTIONAL }
The fields of type DHParameter have the following meanings:
o prime is the prime p.
o base is the base g.
o privateValueLength is the optional private-value
length l.
----------------
See: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc
This optional parameter was added in PKCS#3 version 1.4, released
November 1, 1993.
dhm.c currently doesn't cope well with PKCS#3 files that have this
optional final parameter included. i see errors like:
------------
dhm_parse_dhmfile returned -0x33E6
Last error was: -0x33E6 - DHM - The ASN.1 data is not formatted correctly : ASN1 - Actual length differs from expected lengt
------------
You can generate PKCS#3 files with this final parameter with recent
versions of certtool from GnuTLS:
certtool --generate-dh-params > dh.pem
2015-04-15 13:27:13 +02:00
Manuel Pégourié-Gonnard
862d503c01
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Fix typos in Changelog
Fix macro name from wrong branch
Fix bug in pk_parse_key()
Fixed typos
Updated Travis CI config for mbedtls project
Conflicts:
include/mbedtls/ecp.h
include/polarssl/compat-1.2.h
include/polarssl/openssl.h
include/polarssl/platform.h
library/pkparse.c
programs/pkey/mpi_demo.c
2015-04-15 11:30:46 +02:00
Manuel Pégourié-Gonnard
e6c8366b46
Fix bug in pk_parse_key()
2015-04-15 11:21:24 +02:00
Manuel Pégourié-Gonnard
e1e5871a55
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Fix bug in pk_parse_key()
Update generated file
Conflicts:
library/pkparse.c
library/version_features.c
2015-04-15 10:50:34 +02:00
Manuel Pégourié-Gonnard
924cd100a6
Fix bug in pk_parse_key()
2015-04-14 11:18:04 +02:00
Manuel Pégourié-Gonnard
975d5fa206
Remove option HAVE_LONGLONG
2015-04-10 11:34:22 +02:00
Manuel Pégourié-Gonnard
7b53889f05
Remove support for HAVE_INT8 and HAVE_INT16
2015-04-10 11:34:22 +02:00
Manuel Pégourié-Gonnard
b31424c86a
Make HAVE_IPV6 non-optional
2015-04-09 16:42:38 +02:00
Manuel Pégourié-Gonnard
dbd60f72b1
Update generated file
2015-04-09 16:35:54 +02:00
Manuel Pégourié-Gonnard
8408a94969
Remove MBEDTLS_ from internal macros
2015-04-09 13:52:55 +02:00
Manuel Pégourié-Gonnard
e546ad4afd
Fix comment generated by generate_errors.pl
2015-04-08 20:27:02 +02:00
Manuel Pégourié-Gonnard
2cf5a7c98e
The Great Renaming
...
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard
df791a51f6
Simplify net_htonx()
2015-04-03 18:46:55 +02:00
Manuel Pégourié-Gonnard
932e3934bd
Fix typos & Co
2015-04-03 18:46:55 +02:00
Manuel Pégourié-Gonnard
62edcc8176
Document POLARSSL_CAMELLIA_SMALL_MEMORY
2015-04-03 18:46:55 +02:00
Manuel Pégourié-Gonnard
07ec1ddd10
Fix bug with ssl_set_curves() check on client
2015-04-03 18:17:37 +02:00
Manuel Pégourié-Gonnard
a5cc2aa769
Fix bug in POLARSSL_PLATFORM_STD_EXIT support
2015-04-03 18:17:37 +02:00
Manuel Pégourié-Gonnard
29f777ef54
Fix bug with ssl_set_curves() check on client
2015-04-03 17:57:59 +02:00
Manuel Pégourié-Gonnard
32a7fe3fec
Fix bug in POLARSSL_PLATFORM_STD_EXIT support
2015-04-03 17:56:30 +02:00
Manuel Pégourié-Gonnard
998930ae0d
Replace non-ascii characters in source files
2015-04-03 13:48:06 +02:00
Manuel Pégourié-Gonnard
eadda3f3ad
Add missing #ifdef in ecdsa.c
2015-04-03 13:15:34 +02:00
Manuel Pégourié-Gonnard
2bc16df2f4
Update generated file
2015-04-03 13:04:56 +02:00
Manuel Pégourié-Gonnard
f1d2f7c456
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Fix bug in Via Padlock support
Fix portability issue in Makefile
2015-04-02 12:44:00 +01:00
Manuel Pégourié-Gonnard
cf201201e6
Fix bug in Via Padlock support
2015-04-02 10:53:59 +01:00
Manuel Pégourié-Gonnard
427b672551
Add XXX_PROCESS_ALT mecchanism
2015-03-31 18:32:50 +02:00
Manuel Pégourié-Gonnard
26c9f90cae
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Add missing depends in x509 programs
Simplify ifdef checks in programs/x509
Fix thread safety issue in RSA operations
Add test certificate for bitstring in DN
Add support for X.520 uniqueIdentifier
Accept bitstrings in X.509 names
2015-03-31 17:56:15 +02:00
Manuel Pégourié-Gonnard
8c8be1ebbb
Change default min TLS version to TLS 1.0
2015-03-31 14:22:30 +02:00
Manuel Pégourié-Gonnard
d16df8f60a
Cleanup unused bit in ssl
...
Became unused when removing deprecated ssl_set_own_cert_xxx() functions
2015-03-31 14:04:51 +02:00
Manuel Pégourié-Gonnard
348bcb3694
Make RSA_ALT support optionnal
2015-03-31 14:01:33 +02:00
Manuel Pégourié-Gonnard
8fce937a1a
Simplify ecdsa_context
2015-03-31 13:06:41 +02:00
Manuel Pégourié-Gonnard
49ce6f0973
Fix constness of asn1_write_mpi()
2015-03-31 13:05:39 +02:00
Manuel Pégourié-Gonnard
dfdcac9d51
Merge ecdsa_write_signature{,_det}() together
2015-03-31 11:41:42 +02:00
Manuel Pégourié-Gonnard
63e931902b
Make a helpful constant public
2015-03-31 11:15:48 +02:00
Manuel Pégourié-Gonnard
b8cfe3f0d9
pk_sign() now requires non-NONE md_alg for ECDSA
2015-03-31 11:14:41 +02:00
Manuel Pégourié-Gonnard
fa44f20b9f
Change authmode default to Required on client
2015-03-27 17:52:25 +01:00
Manuel Pégourié-Gonnard
1d0ca1a336
Move key_usage to more that 8 bits
2015-03-27 16:50:00 +01:00
Manuel Pégourié-Gonnard
1022fed36e
Remove redundant sig_oid2 in x509 structures
2015-03-27 16:34:42 +01:00
Manuel Pégourié-Gonnard
a252af760f
Minor source simplification
2015-03-27 16:15:55 +01:00
Manuel Pégourié-Gonnard
88fca3ef0e
Fix thread safety issue in RSA operations
...
The race was due to mpi_exp_mod storing a Montgomery coefficient in the
context (RM, RP, RQ).
The fix was verified with -fsanitize-thread using ssl_pthread_server and two
concurrent clients.
A more fine-grained fix should be possible, locking just enough time to check
if those values are OK and set them if not, rather than locking for the whole
mpi_exp_mod() operation, but it will be for later.
2015-03-27 15:12:05 +01:00
Manuel Pégourié-Gonnard
9409e0cea2
Add support for X.520 uniqueIdentifier
2015-03-27 13:03:54 +01:00
Manuel Pégourié-Gonnard
dd5dbcae90
Accept bitstrings in X.509 names
2015-03-27 13:03:09 +01:00
Manuel Pégourié-Gonnard
957b1ee96e
Fix per-C99 initializer issues
2015-03-27 11:56:40 +01:00
Manuel Pégourié-Gonnard
a958d69a70
Rename test_ca_list to test_cas_pem
2015-03-27 10:29:25 +01:00
Manuel Pégourié-Gonnard
2f165060f0
Start introducing test_cas NULL-terminated list
2015-03-27 10:20:26 +01:00
Manuel Pégourié-Gonnard
75f901006b
Add len constants to certs.c
2015-03-27 09:56:18 +01:00
Manuel Pégourié-Gonnard
e960818735
Check return value of the TLS PRF
2015-03-26 11:47:47 +01:00
Manuel Pégourié-Gonnard
b7fcca33b9
Make tls1_prf and tls12_prf more efficient
...
Repeatedly allocating a context and setting the key was a waste
2015-03-26 11:41:28 +01:00
Manuel Pégourié-Gonnard
6890c6b64e
Factor tls_prf_sha{256,384} together
2015-03-26 11:11:49 +01:00
Manuel Pégourié-Gonnard
147fa097e2
Reintroduce md_init_ctx compatibility wrapper
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
abb674467b
Rename md_init_ctx() to md_setup()
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
a77edade0c
Clean up unneeded things
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
4063ceb281
Make hmac_ctx optional
...
Note from future self: actually md_init_ctx will be re-introduced with the
same signature later, and a new function with the additional argument will be
added.
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
dfb3dc8b53
Make ipad/opad dynamic and more opaque
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
4da88c50c1
Remove specific xxx_hmac functions
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
7da726bb53
Remove calls to xxx_hmac() from SSL modules
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
0a8896ad6f
Remove references to xxx_hmac() from MD layer
2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard
8379a82a76
Implement hmac in the MD layer
2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard
ca878dbaa5
Make md_info_t an opaque structure
...
- more freedom for us to change it in the future
- enforces hygiene
- performance impact of making accessors no longer inline should really be
negligible
2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard
9325b26b42
Fix warning with mingw32
...
Apparently it thinks getsockopt()'s should be a char *, while it's a void *
according to POSIX. Casting to void * avoids the warning.
2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard
9a65e80e4f
Properly mark ssl_set_bio() as deprecated
2015-03-25 18:09:46 +01:00
Manuel Pégourié-Gonnard
e424d0814d
Refresh generated file after merge
2015-03-23 14:31:50 +01:00
Manuel Pégourié-Gonnard
8a80318df2
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Update generated file
Update Changelog for deprecation config flags
Fix tests to work with DEPRECATED_REMOVED
Add POLARSSL_DEPRECATED_{WARNING,REMOVED}
Suppress clang warning we don't want
2015-03-23 14:31:25 +01:00
Manuel Pégourié-Gonnard
bf8f7febd8
Update generated file
2015-03-23 14:24:06 +01:00
Manuel Pégourié-Gonnard
c70581c272
Add POLARSSL_DEPRECATED_{WARNING,REMOVED}
2015-03-23 14:11:11 +01:00
Manuel Pégourié-Gonnard
85b6600ab2
Suppress clang warning we don't want
2015-03-23 12:03:49 +01:00
Manuel Pégourié-Gonnard
849b174e57
Disable RC4 by default in the library
2015-03-20 19:14:19 +00:00
Manuel Pégourié-Gonnard
391af97a71
Re-remove file after merge failure (my fault)
2015-03-20 18:31:01 +00:00
Manuel Pégourié-Gonnard
9395298d12
Fix use of deprecated function in the library
2015-03-20 18:23:52 +00:00
Manuel Pégourié-Gonnard
47723147f5
Remove functions deprecated in 1.3
2015-03-20 18:21:12 +00:00
Manuel Pégourié-Gonnard
9658391073
Fix use of deprecated function in the library
2015-03-20 18:19:32 +00:00
Manuel Pégourié-Gonnard
7c4e60fa7d
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Mark a few additional deprecations
Use proper doxygen markup to mark deprecations
Add -fdata-sections in memory.sh too
2015-03-20 17:30:31 +00:00
Manuel Pégourié-Gonnard
71432849ed
Use proper doxygen markup to mark deprecations
2015-03-20 17:26:50 +00:00
Manuel Pégourié-Gonnard
a78b218042
Fix contness of debug_print_buf()
2015-03-19 17:16:11 +00:00
Manuel Pégourié-Gonnard
6e0643762d
Reverse meaning of OID_CMP
2015-03-19 16:54:56 +00:00
Manuel Pégourié-Gonnard
852a6d3d8f
Rename ssl.renegotiation to ssl.renego_status
2015-03-19 16:15:20 +00:00
Manuel Pégourié-Gonnard
240b092a6c
Drop dummy self_test functions
2015-03-19 15:30:28 +00:00
Manuel Pégourié-Gonnard
8d92cedd11
Fix constness issue in pkcs5_pbes2()
2015-03-19 15:21:13 +00:00
Manuel Pégourié-Gonnard
0db107e4ba
Fix pk_can_do() constness issue
2015-03-19 14:01:57 +00:00
Manuel Pégourié-Gonnard
fa8aebcbcc
Fix a constness issue
2015-03-19 13:38:17 +00:00
Manuel Pégourié-Gonnard
35f1d7f0aa
Update signature of mpi_mul_mpi()
2015-03-19 12:42:40 +00:00
Manuel Pégourié-Gonnard
8ee08a259a
Update generated file
2015-03-13 16:33:40 +00:00
Manuel Pégourié-Gonnard
cc0d084820
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Actually use armcc for the armcc test ^^'
Add more -O level variety in all.sh
Document recent make changes
build: Makefile: cleanup CFLAGS
build: Makefile: cleanup LDFLAGS
build: Makefile: simplify root Makefile
build: Makefile: remove bashism
Conflicts:
programs/Makefile
2015-03-13 16:32:40 +00:00
Alon Bar-Lev
f7a9f30348
build: Makefile: cleanup CFLAGS
...
CFLAGS are reserved for external interaction via make variable, the
following should work:
$ make CFLAGS="-O3"
$ CFLAGS="-O3" make
1. Move internal flags to LOCAL_CFLAGS
2. Respect external CFLAGS
3. CFLAGS should be last compiler flags.
4. Default CFLAGS is -O optimization, remove OFLAGS.
5. Add WARNING_CFLAGS to control warning setting and enable to remove
if compiler does not support flags.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
2015-03-13 13:34:25 +00:00
Alon Bar-Lev
ada4105ba2
build: Makefile: cleanup LDFLAGS
...
LDFLAGS are reserved for external interaction via make variable, the
following should work:
$ make LDFLAGS="-L/xxx"
$ LDFLAGS="-L/xxx" make
1. Move internal flags to LOCAL_LDFLAGS
2. Respect external LDFLAGS
3. LDFLAGS should be last linkage flags.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
2015-03-13 13:34:25 +00:00
Manuel Pégourié-Gonnard
a06d7fe3fe
Avoid possible spurious warning with gcc -Os
...
Outline:
if( condition )
foo = value;
/* stuff that does not change condition */
if( condition )
/* use foo */
else
/* don't use foo */
For some reason, it appears to only kick in with -Os with gcc 4.9.3
2015-03-13 11:14:31 +00:00
Pascal Junod
b99183dfc6
Added more constant-time code and removed biases in the prime number generation routines.
2015-03-11 16:49:45 +01:00
Manuel Pégourié-Gonnard
b6b16bddc3
Drop pbkdf2 module (superseded by pkcs5)
2015-03-11 11:31:51 +00:00
Manuel Pégourié-Gonnard
f9c1387b9d
Drop POLARSSL_ERROR_STRERROR_BC
2015-03-11 10:59:38 +00:00
Manuel Pégourié-Gonnard
57a26da593
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Use link-time garbage collection in memory.sh
scripts/memory.sh only work on Linux
Add missing 'const' on selftest data
Use only headers for doxygen (no doc in C files)
Add missing extern "C" guard in aesni.h
Fix compile error with renego disabled
Remove slow PKCS5 test
Stop checking key-cert match systematically
Make tests/*.sh runnable from anywhere
Update visual C files
2015-03-11 10:30:21 +00:00
Manuel Pégourié-Gonnard
28122e4329
Add missing 'const' on selftest data
2015-03-11 09:13:42 +00:00
Manuel Pégourié-Gonnard
51bccd3889
Fix compile error with renego disabled
2015-03-10 16:09:08 +00:00
Manuel Pégourié-Gonnard
73ed39d4b1
Remove slow PKCS5 test
2015-03-10 15:59:22 +00:00
Manuel Pégourié-Gonnard
f427f8854a
Stop checking key-cert match systematically
2015-03-10 15:35:29 +00:00
Manuel Pégourié-Gonnard
69849f8595
Drop renego state from context if no renego support
2015-03-10 11:54:02 +00:00