Janos Follath
c7bea3158a
Added test case for pathlen constrains in intermediate certificates
2015-11-02 05:55:02 +09:00
Jonathan Leroy
1f8c20ac9a
Fix help message for cert_req/cert_write programs
...
In cert_req and cert_write programs, "key_certificate_sign" is not an
allowed velue for "key_usage" parameter. The correct value is
"key_cert_sign".
See https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_req.c#L208
and https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_write.c#L323 .
2015-10-30 16:56:44 +01:00
Manuel Pégourié-Gonnard
d13585f1b3
Small improvement to test script
2015-10-30 16:56:30 +01:00
Manuel Pégourié-Gonnard
9f44a80ea3
Try to prevent some misuse of RSA functions
...
fixes #331
2015-10-30 10:57:43 +01:00
Manuel Pégourié-Gonnard
8f115968da
Pick up ChangeLog fixes from development
2015-10-28 13:55:28 +01:00
Manuel Pégourié-Gonnard
a7f0a42101
Mention new test script in Readme
2015-10-28 13:42:14 +01:00
Manuel Pégourié-Gonnard
93080dfacf
Fix missing check for RSA key length on EE certs
...
- also adapt tests to use lesser requirement for compatibility with old
testing material
2015-10-28 13:22:32 +01:00
Simon Butcher
94c5e3c654
Fixed typo in comment
2015-10-28 13:21:12 +01:00
Manuel Pégourié-Gonnard
722da74cfc
Fix attribution in ChangeLog
2015-10-28 13:20:16 +01:00
Manuel Pégourié-Gonnard
a314076486
Fix handling of non-fatal alerts
...
fixes #308
2015-10-28 13:19:55 +01:00
Manuel Pégourié-Gonnard
134ca18fbc
Add key-exchanges.pl to test list
2015-10-28 13:17:18 +01:00
Manuel Pégourié-Gonnard
fe3affdad2
Add -Werror to reduced configs test scripts
2015-10-28 13:17:08 +01:00
Manuel Pégourié-Gonnard
5baec9050e
Fix warning in some reduced configs
2015-10-28 13:16:56 +01:00
Manuel Pégourié-Gonnard
f9945bc283
Fix #ifdef inconsistency
...
fixes #310
Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.
Conflicts:
ChangeLog
2015-10-28 13:16:33 +01:00
Manuel Pégourié-Gonnard
4b56e755af
Add script to test configs with single key exchanges
2015-10-28 13:15:23 +01:00
Manuel Pégourié-Gonnard
1cb668cf0f
ECHDE-PSK does not use a certificate
...
fixes #270
2015-10-28 13:15:12 +01:00
Manuel Pégourié-Gonnard
d113b8e89d
Move all KEY_EXCHANGE__ definitions in one place
2015-10-28 13:15:01 +01:00
Manuel Pégourié-Gonnard
5ce77da2b3
Mention performance fix in ChangeLog
2015-10-27 10:35:02 +01:00
Manuel Pégourié-Gonnard
00992d45c0
Optimize more common cases in ecp_muladd()
2015-10-27 10:30:36 +01:00
Manuel Pégourié-Gonnard
241bf6717a
Optimize some case of mbedtls_ecp_muladd()
...
Those are used by EC-JPAKE
2015-10-27 10:30:03 +01:00
Manuel Pégourié-Gonnard
770f453547
Remove useless code
...
closes #321
2015-10-27 10:29:26 +01:00
Manuel Pégourié-Gonnard
c4cbc94d44
Small fix to 'make test' script
...
When the tests fail they don't display the number of skipped and run test
2015-10-27 10:29:26 +01:00
Manuel Pégourié-Gonnard
a6925c502d
Fix typo in documentation
2015-10-27 10:28:49 +01:00
Simon Butcher
759b6d9df6
Corrected misleading fn description in ssl_cache.h
...
Mistake in comments spotted by Andris Mednis
2015-10-27 10:28:24 +01:00
Simon Butcher
60d41b5d87
Corrected URL/reference to MPI library
2015-10-27 10:28:11 +01:00
James Cowgill
6bfa1d826e
Fix minor spelling mistake in programs/pkey/gen_key.c
2015-10-27 10:27:51 +01:00
Manuel Pégourié-Gonnard
c4e7d8a381
Bump version to 2.1.2
...
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard
ca056c7748
Fix CVE number in ChangeLog
2015-10-05 18:21:34 +01:00
Manuel Pégourié-Gonnard
c80a74f734
Merge branch 'development' into development-restricted
...
* development:
Add 'inline' workaround where needed
2015-10-05 16:30:53 +01:00
Manuel Pégourié-Gonnard
2ac9c60838
Add 'inline' workaround where needed
...
Was previously using the workaround from md.h
2015-10-05 16:18:23 +01:00
Manuel Pégourié-Gonnard
a97ab2c8a6
Merge branch 'development' into development-restricted
...
* development:
Remove inline workaround when not useful
Fix macroization of inline in C++
2015-10-05 15:48:09 +01:00
Simon Butcher
9c6762621d
Merge branch 'development' of ssh://github.com/ARMmbed/mbedtls into development
2015-10-05 15:45:53 +01:00
Simon Butcher
7776fc36d3
Fix for #279 macroisation of 'inline' keyword
2015-10-05 15:44:18 +01:00
Manuel Pégourié-Gonnard
2d7083435d
Fix references to non-standard SIZE_T_MAX
...
Turns out C99 doesn't define SIZE_T_MAX, so let's not use it.
2015-10-05 15:23:11 +01:00
Manuel Pégourié-Gonnard
86ff4874a4
Merge remote-tracking branch 'origin/development' into development-restricted
...
* origin/development:
Fix yotta version dependencies again
2015-10-05 14:59:40 +01:00
Manuel Pégourié-Gonnard
0ccd4537bd
Fix yotta version dependencies again
2015-10-05 14:50:41 +01:00
Manuel Pégourié-Gonnard
899ac849d0
Merge branch 'development' into development-restricted
...
* development:
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
2015-10-05 14:47:43 +01:00
Manuel Pégourié-Gonnard
2347bdd7b5
Upgrade yotta dependency versions
2015-10-05 14:39:01 +01:00
Simon Butcher
5ae7984dc2
Merge pull request #306 from ARMmbed/gh-288-missing-warning
...
Add missing warning in doc
2015-10-05 13:51:10 +01:00
Simon Butcher
281bd6d98e
Merge pull request #307 from ARMmbed/gh-278-musl-socklen
...
Fix compile error in net.c with musl libc
2015-10-05 13:49:26 +01:00
Manuel Pégourié-Gonnard
0431735299
Fix compile error in net.c with musl libc
...
fixes #278
2015-10-05 12:17:49 +01:00
Manuel Pégourié-Gonnard
cb6af00e2a
Add missing warning in doc
...
Found by Nicholas Wilson
fixes #288
2015-10-05 12:12:39 +01:00
Simon Butcher
475cf0a98a
Merge fix of IOTSSL-496 - Potential heap overflow
...
Fix for potential overflow in ssl_write_certificate_request()
2015-10-05 11:57:54 +01:00
Manuel Pégourié-Gonnard
5a2e389811
Remove inline workaround when not useful
...
This header doesn't have nay inline function any more
2015-10-05 11:55:39 +01:00
Manuel Pégourié-Gonnard
0223ab9d38
Fix macroization of inline in C++
...
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 11:41:36 +01:00
Simon Butcher
fec73a8eec
Merge of fix for IOTSSL-481 - Double free
...
Potential double free in mbedtls_ssl_conf_psk()
2015-10-05 10:40:31 +01:00
Simon Butcher
c48b66bfb6
Changed attribution for Guido Vranken
2015-10-05 10:18:17 +01:00
Simon Butcher
6418ffaadb
Merge fix for IOTSSL-480 - base64 overflow issue
2015-10-05 09:54:11 +01:00
Simon Butcher
a45aa1399b
Merge of IOTSSL-476 - Random malloc in pem_read()
2015-10-05 00:26:36 +01:00
Simon Butcher
e7f96f22ee
Merge fix IOTSSL-475 Potential buffer overflow
...
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.
Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).
Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-10-04 23:43:05 +01:00