Andres AG
3616f6f261
Rename net.{c,h} to net_sockets.{c,h}
...
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Paul Bakker
2d6599284f
Do not add empty cert / key in cert_app
2016-10-13 13:46:04 +01:00
Paul Bakker
e9bdaa251f
Actually apply debug_level settings in cert_app
2016-10-13 13:46:04 +01:00
Janos Follath
9fe6f92561
Add SHA1 guards in dh_client.c and dh_server.c
...
The build breaked for configurations not having MBEDTLS_SHA1_C.
2016-10-07 14:17:56 +01:00
Simon Butcher
604d399a5c
Add extra compilation conditions to gen_key.c #559
...
The sample application programs/pkey/gen_key.c uses the library function
mbedtls_pk_write_key_pem() which is dependent on the configuration option
MBEDTLS_PEM_WRITE_C. If the option isn't defined the build breaks.
This change adds the compilation condition MBEDTLS_PEM_WRITE_C to the gen_key.c
sample application.
2016-10-07 08:48:47 +01:00
Andres AG
a592dcc1c6
Clean up of formatting, and potential integer overflow fix
2016-10-06 15:23:39 +01:00
Simon Butcher
b981b16379
Minor fixes to formatting and compilation conditions
2016-10-06 12:51:24 +01:00
Simon Butcher
549dc3d75e
Add CMAC functions to the benchmark sample application
2016-10-05 14:19:18 +01:00
Brian Murray
8b4111c516
Fix build failure for thread config
2016-10-05 14:19:17 +01:00
Brian Murray
57863ad7ed
selftest supports cmac if only MBEDTLS_DES_C is defined
...
Other minor typo fixes
2016-10-05 14:19:16 +01:00
Robert Cragie
dc5c7b98ac
Add support for AES-128-CMAC and AES-CMAC-PRF-128
2016-10-05 14:19:13 +01:00
Andres AG
788aa4a812
Rename net.{c,h} to net_sockets.{c,h}
...
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-09-26 23:23:52 +01:00
Paul Bakker
5e8c62f53d
Do not add empty cert / key in cert_app
2016-09-26 20:30:13 +01:00
Paul Bakker
f2b92bb25b
Actually apply debug_level settings in cert_app
2016-09-26 20:30:13 +01:00
Paul Bakker
243f48e1e2
Fix for #441 - crypt and hash gcm ( #546 )
...
* Fix crypt_and_hash to support decrypting GCM encrypted files
* Fix documentation in crypt_and_hash for the generic case
* Remove unused lastn from crypt_and_hash
lastn is not used with the cipher layer as it already provides padding
and understanding of length of the original data.
2016-09-02 23:44:09 +03:00
Andres AG
e7723ec284
Make entropy bias self test poll multiple times
...
Instead of polling the hardware entropy source a single time and
comparing the output with itself, the source is polled at least twice
and make sure that the separate outputs are different.
2016-08-30 16:50:48 +01:00
Andres AG
b34e42e69e
Add a new self test to entropy module
...
The self test is a quick way to check at startup whether the entropy
sources are functioning correctly. The self test only polls 8 bytes
from the default entropy source and performs the following checks:
- The bytes are not all 0x00 or 0xFF.
- The hardware does not return an error when polled.
- The entropy does not provide data in a patter. Only check pattern
at byte, word and long word sizes.
2016-08-30 16:50:48 +01:00
Simon Butcher
0e7d38739f
Fix warning on implicit casting in aescrypt.c ( #584 )
2016-08-30 14:25:24 +01:00
Paul Bakker
70940caeeb
Allow compilation without MBEDTLS_SELF_TEST enabled
2016-08-25 15:42:28 +01:00
Simon Butcher
4982e527c6
Adds stdlib.h header to dh_genprime sample app
...
Use of the atoi() function requires stdlib.h to be included when
MBEDTLS_PLATFORM_C is not defined.
2016-08-24 20:24:21 +03:00
Simon Butcher
cdb3ad03ed
Remove redundant definitions of exit codes
...
In the ssl/mini_client.c sample application the exit codes were redundantly
being redefined, causing compiler warnings.
2016-08-24 20:24:20 +03:00
Simon Butcher
b5b6af2663
Puts platform time abstraction into its own header
...
Separates platform time abstraction into it's own header from the
general platform abstraction as both depend on different build options.
(MBEDTLS_PLATFORM_C vs MBEDTLS_HAVE_TIME)
2016-07-13 14:46:18 +01:00
Simon Butcher
ab069c6b46
Merge branch 'development' into development-restricted
2016-06-23 21:42:26 +01:00
Simon Butcher
b6a73c9b76
Add provision to create the entropy seedfile for selftest sample
...
In the selftest sample application, if no seedfile is present, one will be
created so the test can execute.
2016-06-23 11:46:41 +01:00
Janos Follath
15ab7ed0f3
Merge branch 'development' into development-restricted
...
Conflicts:
programs/pkey/rsa_decrypt.c
programs/pkey/rsa_encrypt.c
programs/test/selftest.c
2016-06-14 09:20:46 +01:00
Janos Follath
352dbe2334
Make error messages in crypt_and_hash better.
2016-06-09 13:41:28 +01:00
Janos Follath
98e28a74e3
Address user reported coverity issues.
2016-06-09 13:41:28 +01:00
Janos Follath
8eb64132da
Address issues find by manual coverity scan.
2016-06-09 13:41:28 +01:00
Janos Follath
04b591ee79
Merge branch 'development' for weekly test report.
2016-05-31 10:18:41 +01:00
-~- redtangent ~-~
9fa2e86d93
Add missing mbedtls_time_t definitions ( #493 )
...
Add missing mbedtls_time_t definitions to sample applications and the error.c
generation script.
Fixes #490 .
2016-05-26 10:07:49 +01:00
Paul Bakker
440ce420bd
Put clang analyzer fix inside __clang_analyzer__ guard
2016-05-23 14:29:31 +01:00
Nicholas Wilson
e735303026
Shut up a few clang-analyze warnings about use of uninitialized variables
...
The functions are all safe, Clang just isn't clever enough to realise
it.
2016-05-23 14:29:28 +01:00
Simon Butcher
94bafdf834
Merge branch 'development'
2016-05-18 18:40:46 +01:00
Simon Butcher
db0feca55c
Fixes platform time_t abstraction
...
Fixes platform abstraction in error.c and the file that it's generated
from as well as DTLS samples.
2016-05-17 00:03:14 +01:00
Simon Butcher
c21bec8af4
Merge branch 'development'
2016-05-16 16:15:20 +01:00
Paul Bakker
d1fe7aabc9
Put clang analyzer fix inside __clang_analyzer__ guard
2016-05-12 12:46:02 +01:00
Paul Bakker
f4743a6f5e
Merge pull request #457 from NWilson/clang-analyze-fixes
...
Clang analyze fixes
2016-05-11 20:20:42 +02:00
Janos Follath
98c2b0ea7d
Improves and makes pretty the ssl_fork_server output
2016-05-03 15:43:42 +01:00
Janos Follath
e609a08c2f
Fix issue #429 in ssl_fork_server.c
2016-05-03 15:43:31 +01:00
Janos Follath
582a461a49
Improves and makes pretty the ssl_fork_server output
2016-04-29 00:12:35 +01:00
Janos Follath
fe049db8ef
Fix issue #429 in ssl_fork_server.c
2016-04-29 00:12:19 +01:00
Simon Butcher
e4a46f696f
Merge branch 'development'
2016-04-27 18:44:37 +01:00
Simon Butcher
b2d5dd105d
Fixes X509 sample app and SSL test suite
...
Fixes the X.509 cert_app and the SSL test suite for the non-default
configs which don't build with if MBEDTLS_PLATFORM_C isn't defined.
2016-04-27 13:35:37 +01:00
Simon Butcher
d3138c35c6
Fixes SSL sample apps for non-default configs
...
Fixes the SSL sample applications to build for the non-default configs
which don't build if MBEDTLS_PLATFORM_C isn't defined.
2016-04-27 01:26:50 +01:00
SimonB
d5800b7761
Abstracts away time()/stdlib.h into platform
...
Substitutes time() into a configurable platform interface to allow it to be
easily substituted.
2016-04-26 14:49:59 +01:00
Janos Follath
0c539447c1
Fixes no return value warning in selftest.c
2016-04-18 09:59:16 +01:00
Simon Butcher
1ef918ddca
Add missing stdlib.h header to rsa sample programs
2016-04-13 11:56:27 +01:00
Nicholas Wilson
409401c044
Shut up a few clang-analyze warnings about use of uninitialized variables
...
The functions are all safe, Clang just isn't clever enough to realise
it.
2016-04-13 11:56:22 +01:00
Simon Butcher
6b46c62d77
Fixes error and exit paths in rsa sample programs
2016-04-12 13:25:08 +01:00
Janos Follath
f713b0a6ce
Fix memory leaks in example programs.
2016-04-11 23:32:39 +01:00
Simon Butcher
cd0ee5e499
Fixes following review of 'iotssl-682-selftest-ci-break'
2016-03-21 22:54:37 +00:00
Janos Follath
2e3aca2c9e
Fix test break in 'test-ref-configs.pl'
2016-03-18 16:25:52 +00:00
Simon Butcher
f1547632dc
Fixes to style following review
...
Made code spacing consistent with guidelines, and corrected the misnamed test
steps in basic-build-test.sh
2016-03-14 23:12:32 +00:00
SimonB
5a8afb848a
Fix exit code and add a count of the test suites
...
Now counts and displays the number of test suites executed, which can vary
depending on build configurations.
All tests are now executed as this is a sample and test program, rather than
exit on first failure.
Exit code now restricted to SUCCESS or FAILURE.
2016-03-14 23:12:29 +00:00
Manuel Pégourié-Gonnard
90ab4a45b5
Fix Unix detection in mini_client
...
fixes #398
2016-03-09 19:32:08 +00:00
Manuel Pégourié-Gonnard
644c2e0fdb
Add new program to gitignore
2015-11-02 06:34:29 +09:00
Manuel Pégourié-Gonnard
1c6f19aa47
Merge pull request #317 from Inikup/fix-issue-315
...
cert_write : fix "Destination buffer is too small" error
2015-11-02 05:52:26 +09:00
Manuel Pégourié-Gonnard
54eeecfff3
Merge pull request #316 from Inikup/help-key_cert_sign-fix
...
Fix help message for cert_req/cert_write programs
2015-10-30 14:50:42 +01:00
Simon Butcher
204606238c
Merge branch 'development' into misc
2015-10-27 16:57:34 +00:00
Manuel Pégourié-Gonnard
fadacb9d0b
Merge branch 'development' into iotssl-461-ecjpake-finalization
...
* development: (73 commits)
Bump yotta dependencies version
Fix typo in documentation
Corrected misleading fn description in ssl_cache.h
Corrected URL/reference to MPI library
Fix yotta dependencies
Fix minor spelling mistake in programs/pkey/gen_key.c
Bump version to 2.1.2
Fix CVE number in ChangeLog
Add 'inline' workaround where needed
Fix references to non-standard SIZE_T_MAX
Fix yotta version dependencies again
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
Remove inline workaround when not useful
Fix macroization of inline in C++
Changed attribution for Guido Vranken
Merge of IOTSSL-476 - Random malloc in pem_read()
Fix for IOTSSL-473 Double free error
Fix potential overflow in CertificateRequest
...
Conflicts:
include/mbedtls/ssl_internal.h
library/ssl_cli.c
2015-10-20 15:00:29 +02:00
Jonathan Leroy
bbc75d9791
cert_write : fix "Destination buffer is too small" error
...
This commit fixes the `Destination buffer is too small` error returned
by `mbedtls_cert_write` command when the values of `subject_name` or
`issuer_name` parameters exceed 128 characters.
I have increased the size of these varaibles from 128 to 256 characters,
but I don't know if it's the best way to solve this issue...
Fixes #315 .
2015-10-10 21:58:07 +02:00
Jonathan Leroy
81962c36e3
Fix help message for cert_req/cert_write programs
...
In cert_req and cert_write programs, "key_certificate_sign" is not an
allowed velue for "key_usage" parameter. The correct value is
"key_cert_sign".
See https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_req.c#L208
and https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_write.c#L323 .
2015-10-10 21:42:29 +02:00
Manuel Pégourié-Gonnard
3eb8c34e6a
Add example program for Curve25519
...
Getting a lot of questions about how to use it. This will hopefully get people
started.
2015-10-09 12:13:29 +01:00
Manuel Pégourié-Gonnard
262c137d8c
Merge pull request #311 from jcowgill/spelling-fix
...
Fix minor spelling mistake in programs/pkey/gen_key.c
2015-10-09 09:38:52 +01:00
James Cowgill
07a92d720a
Fix minor spelling mistake in programs/pkey/gen_key.c
2015-10-09 00:28:14 +01:00
Manuel Pégourié-Gonnard
70905a7855
Add ecjpake_pw option to ssl_client2/server2
2015-09-16 22:58:29 +02:00
Manuel Pégourié-Gonnard
2ed05a049a
Fix typos
2015-09-09 11:52:28 +02:00
Manuel Pégourié-Gonnard
22311ae62e
Improve help message of ssl_*2.c
2015-09-09 11:22:58 +02:00
Manuel Pégourié-Gonnard
3f09b6d4c2
Fix API
2015-09-08 11:58:14 +02:00
Manuel Pégourié-Gonnard
dbd23079d0
Add option reconnect_hard to ssl_client2
...
- interrupt the connection abruptly (no close_notify)
- reconnect from the same port while server sill has an active connection from
this port.
Some real-world clients do that, see section 4.2.8 of RFC 6347.
2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
4d8685b4ff
Add skeleton for EC J-PAKE module
2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Simon Butcher
ed51594337
Merge pull request #265 from ARMmbed/iotssl-460-bugfixes
...
Iotssl 460 bugfixes
2015-09-02 23:36:36 +01:00
Manuel Pégourié-Gonnard
a2cda6bfaf
Add mbedtls_ssl_get_max_frag_len()
...
This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing.
2015-08-31 20:47:04 +02:00
Manuel Pégourié-Gonnard
cf9ab63863
Fix error reporting in pkey/pk_* programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
ce7a08ba49
Fix more comments/outputs in verify programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
102a620c9a
Fix hash buffer size in pkey programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
d224ff1f63
Change default RSA key size in rsa_genkey
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
1d8f2da7df
Fix comments about filenames in some programs
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
d74c697035
Fix memory corruption in rsa sign/verify programs
...
We have no guarantee there is enough room in the argv strings.
Fixes #210
2015-08-31 10:34:27 +02:00
Manuel Pégourié-Gonnard
ea35666f50
Fix -Wshadow warnings
...
Checked that it is supported by gcc 4.2.1 (FreeBSD 9).
fixes #240
2015-08-31 10:34:26 +02:00
Manuel Pégourié-Gonnard
fa1304a51d
Use Unix line endings in wince_main.c too
...
The compiler needs to accept Unix line endings anyway, as this is what we use
everywhere, and it makes things more consistent.
2015-08-06 19:03:31 +02:00
Manuel Pégourié-Gonnard
d73896581b
Fix typos (found by Francesco Pompò)
...
Manually merging as the pull requests are based on an old branch.
closes #215
closes #216
2015-08-06 18:22:26 +02:00
Manuel Pégourié-Gonnard
6fb8187279
Update date in copyright line
2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard
4f3368e31e
Fix bug in benchmark.c with DHM params
2015-07-19 15:01:28 +02:00
Manuel Pégourié-Gonnard
78ec2b049c
Cosmetics in Makefiles
2015-07-08 22:12:06 +01:00
Manuel Pégourié-Gonnard
a6dbddce0c
Fix benchmark.c for removal of small DH params
2015-07-06 11:20:33 +02:00
Manuel Pégourié-Gonnard
77c656217b
Update dh_genprime program
...
- default size 2048 bits
- make size a command-line argument
- remove warning about using own params
2015-07-03 16:57:52 +02:00
Manuel Pégourié-Gonnard
6755717f18
Fix stupid typo in ssl_server2.c
2015-07-02 11:15:48 +02:00
Manuel Pégourié-Gonnard
046589e424
Rm obsolete defines for snprintf in programs
...
Now centralized in the platform layer
2015-07-01 17:26:20 +02:00
Manuel Pégourié-Gonnard
9de64f5af1
Fix MSVC warnings in library and programs
2015-07-01 16:56:08 +02:00
Manuel Pégourié-Gonnard
052f28853b
Cosmetics in debug in ssl_{client,server}2.c
...
Print only the basename from the file, and print level too.
2015-07-01 12:01:13 +02:00
Manuel Pégourié-Gonnard
abc729e664
Simplify net_accept() with UDP sockets
...
This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it.
2015-07-01 01:28:24 +02:00
Manuel Pégourié-Gonnard
3d7d00ad23
Rename mbedtls_net_close() to mbedtls_net_free()
...
close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules
2015-06-30 16:50:37 +02:00
Manuel Pégourié-Gonnard
5db64328ab
Adapt programs to the new NET API
2015-06-30 16:48:17 +02:00
Manuel Pégourié-Gonnard
a7c8903ca6
Add missing programs to Makefile
2015-06-29 19:14:04 +02:00
Manuel Pégourié-Gonnard
1c5b9fc19f
Avoid truncating peer cert info in ssl_server2
2015-06-27 14:38:51 +02:00
Manuel Pégourié-Gonnard
fc36708697
Use $(MAKE), not make
...
For the sake of systems where we want gmake.
2015-06-26 16:50:24 +02:00
Manuel Pégourié-Gonnard
633c6b6485
Run timing selftest on all platforms
...
Used to fail on our FreeBSD and Windows buildbots. Seems to be working at
least on my Darwin physical machine and on my Windows VM with MSYS2 now.
2015-06-26 16:17:30 +02:00
Manuel Pégourié-Gonnard
4b00f08e20
Fix snprintf test
...
Our Windows implementation based on vsnprintf_s( ..., _TRUNCATE ) sometimes
writes *two* terminating NULLs. Allow for that, but obviously bytes past the
end of the buffer mustn't be touched.
2015-06-26 14:10:13 +02:00