Commit graph

1267 commits

Author SHA1 Message Date
Gilles Peskine
a31d8206b1 Merge remote-tracking branch 'upstream-public/pr/778' into development-proposed 2018-03-12 23:45:08 +01:00
Gilles Peskine
469b882947 Merge branch 'pr_1407' into development-proposed 2018-03-11 00:45:10 +01:00
Gilles Peskine
19c3862d0c Merge remote-tracking branch 'upstream-public/pr/1079' into development-proposed 2018-03-11 00:45:10 +01:00
Gilles Peskine
b4c571e603 Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD 2018-03-11 00:44:14 +01:00
Gilles Peskine
3f1b89d251 This fixes #664 2018-03-11 00:35:39 +01:00
Gilles Peskine
08af538ec9 Fix grammar in ChangeLog entry 2018-03-11 00:20:08 +01:00
Gilles Peskine
29d7d4da2f Merge remote-tracking branch 'upstream-public/pr/936' into development-proposed 2018-03-10 23:51:58 +01:00
Gilles Peskine
9c4f4038dd Add changelog entry 2018-03-10 23:36:30 +01:00
itayzafrir
693a1d9ca7 Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig.
Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig.
2018-02-28 15:59:40 +02:00
Gilles Peskine
1bf6123fca Add attribution for #1351 report 2018-02-27 08:37:52 +01:00
Gilles Peskine
b7f6086ba3 Merge branch 'prr_424' into development-proposed 2018-02-22 16:15:01 +01:00
Gilles Peskine
04f9bd028f Note incompatibility of truncated HMAC extension in ChangeLog
The change in the truncated HMAC extension aligns Mbed TLS with the
standard, but breaks interoperability with previous versions. Indicate
this in the ChangeLog, as well as how to restore the old behavior.
2018-02-22 15:41:26 +01:00
Gilles Peskine
9d56251260 Merge remote-tracking branch 'upstream-public/pr/1384' into development-proposed 2018-02-22 14:49:16 +01:00
Gilles Peskine
bb2565cf12 Add ChangeLog entry for PR #1382 2018-02-22 10:24:59 +00:00
Jaeden Amero
c5d08f8ea5 Add ChangeLog entry for PR #1384 2018-02-21 13:34:04 +00:00
Gilles Peskine
d76d8bc9a5 Merge branch 'pr_1352' into development-proposed 2018-02-20 16:42:08 +01:00
Gilles Peskine
200b24fdf8 Mention in ChangeLog that this fixes #1351 2018-02-20 16:40:11 +01:00
Gilles Peskine
e6844ccf2b Merge branch 'pr_1135' into development-proposed 2018-02-14 17:20:42 +01:00
Gilles Peskine
3dabd6a145 Add issue number to ChangeLog
Resolves #1122
2018-02-14 17:19:41 +01:00
Gilles Peskine
42a97ac693 Merge branch 'pr_1219' into development-proposed 2018-02-14 16:17:21 +01:00
Gilles Peskine
1d80a67869 Note in the changelog that this fixes an interoperability issue.
Fixes #1339
2018-02-14 16:16:08 +01:00
Gilles Peskine
df29868bb6 Merge branch 'pr_1280' into development-proposed
Conflict: configs/config-picocoin.h was both edited and removed.
Resolution: removed, since this is the whole point of PR #1280 and the
changes in development are no longer relevant.
2018-02-14 15:49:54 +01:00
Gilles Peskine
2235bd677a Style fix in ChangeLog 2018-02-14 15:47:46 +01:00
Gilles Peskine
1e3fd69777 Merge remote-tracking branch 'upstream-public/pr/1333' into development-proposed 2018-02-14 15:12:49 +01:00
Gilles Peskine
49ac5d06ed Merge branch 'pr_1365' into development-proposed 2018-02-14 14:36:44 +01:00
Gilles Peskine
27b0754501 Add ChangeLog entries for PR #1168 and #1362 2018-02-14 14:36:33 +01:00
Gilles Peskine
5daa76537a Add ChangeLog entry for PR #1165 2018-02-14 14:10:24 +01:00
Antonio Quartulli
12ccef2761
pkcs5v2: add support for additional hmacSHA algorithms
Currently only SHA1 is supported as PRF algorithm for PBKDF2
(PKCS#5 v2.0).
This means that keys encrypted and authenticated using
another algorithm of the SHA family cannot be decrypted.

This deficiency has become particularly incumbent now that
PKIs created with OpenSSL1.1 are encrypting keys using
hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default
and even if v2 was forced, it would still use hmacSHA1).

Enable support for all the digest algorithms of the SHA
family for PKCS#5 v2.0.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2018-02-08 17:18:15 +08:00
Ron Eldor
1072e5c7e5 Update ChangeLog style
Add dot at end of change in ChangeLog
2018-02-07 18:43:02 +02:00
Ron Eldor
099e61df52 Rephrase Changelog
Rephrase Changelog to be more coherent to users
2018-02-06 17:34:27 +02:00
Ron Eldor
85e1dcff6a Fix handshake failure in suite B
Fix handshake failure where PK key is translated as `MBEDTLS_ECKEY`
instead of `MBEDTLS_ECDSA`
2018-02-06 15:59:38 +02:00
Simon Butcher
55fc4e0c5a Update ChangeLog with language and technical corrections
To clarify and correct the ChangeLog.
2018-02-05 08:41:14 +00:00
Jaeden Amero
98b9373849 Merge branch 'development' into development-restricted 2018-01-30 17:32:12 +00:00
Hanno Becker
2a03794d62 Adapt ChangeLog 2018-01-30 14:40:10 +00:00
Gilles Peskine
0edda4236d Added ChangeLog entry for 64-bit ILP32 fix
Fixes #849
2018-01-29 21:31:16 +01:00
Jaeden Amero
26342e54f5 Merge branch 'development' into development-restricted 2018-01-29 12:49:52 +00:00
Jaeden Amero
3b8fbaab87 Merge remote-tracking branch 'upstream-public/pr/1328' into development 2018-01-29 12:49:46 +00:00
Manuel Pégourié-Gonnard
5405962954 Fix alarm(0) failure on mingw32
A new test for mbedtls_timing_alarm(0) was introduced in PR 1136, which also
fixed it on Unix. Apparently test results on MinGW were not checked at that
point, so we missed that this new test was also failing on this platform.
2018-01-29 10:24:50 +01:00
Jaeden Amero
2acbf17b97 Merge branch 'development' into development-restricted 2018-01-26 20:57:38 +00:00
Jaeden Amero
751aa510c0 Merge remote-tracking branch 'upstream-public/pr/1303' into development 2018-01-26 20:48:55 +00:00
Jaeden Amero
784de59ccd Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted
- Resolve ChangeLog conflicts
- Update Doxygen warning block in dhm.h to render correctly
- Prefix the exported identifier deprecated_constant_t with mbedtls_
2018-01-26 18:43:04 +00:00
Gilles Peskine
7ecab3df4c Error codes for hardware accelerator failures
Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography
modules where the software implementation can be replaced by a hardware
implementation.

This does not include the individual message digest modules since they
currently have no way to return error codes.

This does include the higher-level md, cipher and pk modules since
alternative implementations and even algorithms can be plugged in at
runtime.
2018-01-26 17:56:38 +01:00
Jaeden Amero
a03587b848 Merge branch 'development' into development-restricted 2018-01-26 12:48:04 +00:00
Jaeden Amero
791e08ad8b Add a ChangeLog entry 2018-01-26 12:04:12 +00:00
Jaeden Amero
66954e1c1f Merge branch 'development' into development-restricted 2018-01-25 17:28:31 +00:00
Jaeden Amero
005239e3ed Merge remote-tracking branch 'upstream-public/pr/1294' into development 2018-01-25 14:47:39 +00:00
Jaeden Amero
65ba60a975 Merge branch 'development' into development-restricted 2018-01-25 10:09:03 +00:00
Jaeden Amero
cef0c5a2c8 Merge remote-tracking branch 'upstream-public/pr/1304' into development 2018-01-25 10:07:39 +00:00
Hanno Becker
087d5ad593 Minor improvement in ChangeLog 2018-01-24 16:06:25 +00:00
Jaeden Amero
3c082ce293 Merge branch 'development' into development-restricted 2018-01-24 15:17:15 +00:00