yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
6373 commits 1 branch 0 tags 94 MiB
Commit graph

6373 commits

This branch
This branch
All branches
Author SHA1 Message Date
Gilles Peskine
039fd12834 Robustness fix in mbedtls_ssl_derive_keys 
In mbedtls_ssl_derive_keys, don't call mbedtls_md_hmac_starts in
ciphersuites that don't use HMAC. This doesn't change the behavior of
the code, but avoids relying on an uncaught error when attempting to
start an HMAC operation that hadn't been initialized.
 2018-03-31 22:53:49 +02:00
Jaeden Amero
4ba87fc958 Merge remote-tracking branch 'upstream-public/pr/758' into development-proposed 2018-03-29 11:01:38 +01:00
Jaeden Amero
2ad47e3bcc Merge remote-tracking branch 'upstream-public/pr/1528' into development-proposed 2018-03-29 11:00:50 +01:00
Jaeden Amero
78a03ec230 Merge remote-tracking branch 'upstream-public/pr/1379' into development-proposed 2018-03-29 10:57:57 +01:00
Jaeden Amero
5031a9a278 Merge remote-tracking branch 'upstream-public/pr/1134' into development-proposed 
Fixes #504 and fixes #1057
 2018-03-29 10:53:42 +01:00
Jaeden Amero
90226be779 Merge remote-tracking branch 'upstream-public/pr/1467' into development-proposed 2018-03-28 15:35:22 +01:00
Jaeden Amero
2843d21d99 Merge remote-tracking branch 'upstream-public/pr/1523' into development-proposed 2018-03-28 15:32:13 +01:00
Jaeden Amero
5ec118352e Merge remote-tracking branch 'upstream-public/pr/1474' into development-proposed 2018-03-28 14:22:29 +01:00
Ivan Krylov
065ecf587f Changelog: use my real name (#758) 2018-03-28 16:19:18 +03:00
Jaeden Amero
552b9cc5ba Merge remote-tracking branch 'upstream-public/pr/1477' into development-proposed 2018-03-28 13:42:32 +01:00
Jaeden Amero
9528658446 Merge remote-tracking branch 'upstream-public/pr/701' into development-proposed 
Fixes #1299, fixes #1475
 2018-03-28 12:50:28 +01:00
Jaeden Amero
8645e90825 Merge remote-tracking branch 'upstream-restricted/pr/363' into development-proposed 2018-03-28 11:54:28 +01:00
Hanno Becker
6a92ce6fd9 Improve documentation of MBEDTLS_AES_FEWER_TABLES in config.h 2018-03-28 11:42:28 +01:00
Manuel Pégourié-Gonnard
18b78435dc Fix a typo in a comment 2018-03-28 11:14:06 +02:00
Manuel Pégourié-Gonnard
fff308e2fa Add a ChangeLog entry for Curve22519 N 2018-03-28 11:13:05 +02:00
Nicholas Wilson
54fc34ea68 Include order of Curve25519 base point in curve data 2018-03-28 11:08:30 +02:00
Azim Khan
71830318d3 Rephrase Changelog entry Bugfix->Changes 2018-03-28 09:48:29 +01:00
Gilles Peskine
f69ad5a898 Add ChangeLog entry 
Fixes #1299. Fixes #1475.
 2018-03-27 23:16:26 +02:00
Andres Amaya Garcia
cb47a79e04 Add ChangeLog entry for PBES2 when ASN1 disabled 2018-03-27 21:19:50 +01:00
Andres Amaya Garcia
576d474704 Fix test dependencies of pkcs5 pbs2 on asn1 parse 2018-03-27 20:53:56 +01:00
Andres Amaya Garcia
af9a486b01 Fix coding style in pkcs5.c preprocessor directives 2018-03-27 20:53:12 +01:00
Marcos Del Sol Vives
8a0dfacb58 Compile PBES2 in PKCS5 only if ASN1 is enabled 2018-03-27 20:15:33 +01:00
Hanno Becker
98a678674b Adapt changes to all.sh to work with --keep-going mode 2018-03-27 17:10:09 +01:00
Hanno Becker
4c1dc3c2a4 Improve documentation of MBEDTLS_AES_ROM_TABLES 2018-03-27 16:52:03 +01:00
Hanno Becker
783cb06e05 Remove duplicate test in all.sh 2018-03-27 16:49:04 +01:00
Jaeden Amero
b604960572 Merge remote-tracking branch 'upstream-public/pr/1435' into development-proposed 2018-03-27 16:45:36 +01:00
Jaeden Amero
fba16f782c Merge remote-tracking branch 'upstream-public/pr/572' into development-proposed 2018-03-27 16:42:20 +01:00
Deomid Ryabkov
de420a47b6 Fix some test deps 
* Cert revocation tests require `MBEDTLS_HAVE_TIME_DATE`.
 * Verison features tests require... well, `MBEDTLS_VERSION_FEATURES`, actually.

Fixes https://github.com/ARMmbed/mbedtls/issues/1475
 2018-03-27 14:39:26 +01:00
Azim Khan
f4659efedc Document config restrictions of psk fields 2018-03-26 22:11:24 +01:00
Gilles Peskine
e4f2736b42 Add ChangeLog entry 2018-03-26 12:29:30 +02:00
Ivan Krylov
5cb1f09ab4 slight rewording requested by reviewer (#758) 2018-03-24 18:48:04 +03:00
Jaeden Amero
f65379bc40 Merge remote-tracking branch 'upstream-restricted/pr/382' into development 2018-03-23 11:14:17 +00:00
Gilles Peskine
51d9394fdf Add changelog entries for improved testing 
Fixes #1040
 2018-03-23 02:16:43 +01:00
Gilles Peskine
1cfa2d0e19 Add missing dependencies in test_suite_x509parse 
Found by depends-hashes.pl and depends-pkgalgs.pl.
 2018-03-23 02:16:43 +01:00
Gilles Peskine
396fac1fe0 all.sh --keep-going: properly handle multiple-builds scripts 
In keep-going mode, if a multiple-builds script fails, record its
status and keep going.
 2018-03-23 02:16:43 +01:00
Gilles Peskine
15ad579895 Merge tag 'mbedtls-2.8.0' into iotssl-1381-x509-verify-refactor-restricted 
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
 2018-03-23 02:16:22 +01:00
Jethro Beekman
d2df936e67 Fix parsing of PKCS#8 encoded Elliptic Curve keys. 
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
 2018-03-22 18:01:18 -07:00
Gilles Peskine
fc458d0b9b Merge remote-tracking branch 'myfork/pr_1073' into development-proposed 2018-03-22 21:53:12 +01:00
Gilles Peskine
a7b34c7810 Merge remote-tracking branch 'upstream-public/pr/1406' into development-proposed 2018-03-22 21:52:48 +01:00
Gilles Peskine
f15a8beacf Merge remote-tracking branch 'upstream-public/pr/1256' into development-proposed 2018-03-22 21:51:53 +01:00
Gilles Peskine
0818540ff7 Merge branch 'pr_726' into development-proposed 2018-03-22 21:50:48 +01:00
Gilles Peskine
88c6df1ce8 Add ChangeLog entry 2018-03-22 21:48:28 +01:00
Gilles Peskine
5bdb671404 Merge branch 'pr_403' into development-proposed 2018-03-22 21:34:15 +01:00
Gilles Peskine
58afc39dd7 Add ChangeLog entry 2018-03-22 21:33:28 +01:00
Gilles Peskine
4b6b247512 Merge remote-tracking branch 'upstream-public/pr/1441' into development-proposed 2018-03-22 21:30:07 +01:00
Gilles Peskine
9b9cc616ca Add ChangeLog entry 2018-03-22 17:03:45 +01:00
Azim Khan
bdfc14e4a3 Add reference to original PR in Changelog 2018-03-22 12:17:36 +00:00
Azim Khan
4d58881f52 Clarify bug scenario in Changlog 2018-03-22 12:04:25 +00:00
Azim Khan
bc30c5fec2 Add change log entry for mbedtls_ssl_config_free() fix 2018-03-22 10:24:06 +00:00
Andres Amaya Garcia
768bbaf0c1 Add ChangeLog entry for redundant mutex initialization optimizations 2018-03-21 17:36:52 +00:00