yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
2646 commits 1 branch 0 tags 94 MiB
Commit graph

1565 commits

Author SHA1 Message Date
Peter Vaskovic
a676acf66b Fix missing curly braces. 2014-08-21 17:56:25 +02:00
Manuel Pégourié-Gonnard
a13500fdf7 Fix bug with ssl_close_notify and non-blocking I/O 2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard
44ade654c5 Implement (partial) renego delay on client 2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard
f07f421759 Fix server-initiated renego with non-blocking I/O 2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard
6591962f06 Allow delay on renego on client 
Currently unbounded: will be fixed later
 2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard
f26a1e8602 ssl_read() stops returning non-application data 2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard
55e4ff2ace Tune comments 2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard
462906f955 Do no test net_usleep() when not defined 2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
192253aaa9 Fix buffer size in pk_write_*_pem() 2014-08-14 11:34:35 +02:00
Alfred Klomp
b308dd72d9 timing.c: avoid referencing garbage value 
Found with Clang's `scan-build` tool.

When get_timer() is called with `reset` set to 1, the value of
t->start.tv_sec is used as a rvalue without being initialized first.
This is relatively harmless because the result of get_timer() is not
used by the callers when called in "reset mode". However, scan-build
prints a warning.

Silence the warning by only calculating the delta on non-reset runs,
returning zero otherwise.
 2014-08-14 11:34:35 +02:00
Alfred Klomp
7ee55624fb gcm.c: remove dead store 
Found with Clang's `scan-build` tool.

The value written to `hi` is never used, resulting in a warning. Remove
the dead store to get rid of the warning.
 2014-08-14 11:34:35 +02:00
Alfred Klomp
1b4eda3af9 pkcs5.c: fix dead store: return proper exit status 
Found with Clang's `scan-build` tool.

The error value assigned to `ret` is not returned, meaning that the
selftest always succeeds. Ensure the error value is propagated back to
the caller.
 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d77eeeaf6 Fix integer suffix rejected by some MSVC versions 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
9a6b442cee Fix non-blocking sockets in net_accept() 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
a04fa4fa04 RSA-PSK key exchange requires TLS 1.x 
It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.
 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d4ad07706 SHA-2 ciphersuites now require TLS 1.x 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
2fbf311391 Fix dependency issue in memory_buffer_alloc 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
97884a31cb Fix printf format warnings in memory_buffer_alloc 2014-08-14 11:34:33 +02:00
Manuel Pégourié-Gonnard
86bbc7fc30 Fix typo causing compile error with NULL cipher 2014-08-14 11:34:33 +02:00
Paul Bakker
8dcb2d7d7e Support escaping of commas in x509_string_to_names() 2014-08-11 11:59:52 +02:00
Paul Bakker
21e081b068 Prevent (incorrect) compiler warning 2014-07-24 10:38:01 +02:00
Paul Bakker
6c343d7d9a Fix mpi_write_string() to write "00" as hex output for empty MPI 2014-07-10 15:27:10 +02:00
Paul Bakker
5b11d026cd Fix dependencies and includes without FS_IO and PLATFORM_C 2014-07-10 15:27:10 +02:00
Manuel Pégourié-Gonnard
b196fc23b1 Fix dhm_selftest() return value 2014-07-09 16:53:29 +02:00
Paul Bakker
968afaa06f ssl_key_cert not available in all configurations 2014-07-09 11:34:48 +02:00
Paul Bakker
ec3a617d40 Make ready for release of 1.3.8 and soversion 7 2014-07-09 10:21:28 +02:00
Paul Bakker
84bbeb58df Adapt cipher and MD layer with _init() and _free() 2014-07-09 10:19:24 +02:00
Paul Bakker
accaffe2c3 Restructure ssl_handshake_init() and small fixes 2014-07-09 10:19:24 +02:00
Paul Bakker
a317a98221 Adapt programs / test suites 2014-07-09 10:19:24 +02:00
Paul Bakker
8f870b047c Add dhm_init() 2014-07-09 10:19:23 +02:00
Paul Bakker
fff0366bba Add ctr_drbg_free() 2014-07-09 10:19:23 +02:00
Paul Bakker
5b4af39a36 Add _init() and _free() for hash modules 2014-07-09 10:19:23 +02:00
Paul Bakker
c7ea99af4f Add _init() and _free() for cipher modules 2014-07-09 10:19:22 +02:00
Manuel Pégourié-Gonnard
d27680bd5e Clarify code using PSK callback 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
0698f7c21a Rm duplicate entry in oid_md_alg 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
14beb08542 Fix missing const 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
ba782bbc4b Save some space in ECP curve tables 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
67dbe1ef44 Better length checking in ecp_point_read_binary() 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
08e81e0c8f Change selection of hash algorithm for TLS 1.2 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
bd77254b18 md_list() starting with strongest hash 2014-07-08 13:03:02 +02:00
Paul Bakker
8fb99abaac Merge changes for leaner memory footprint 2014-07-04 15:02:19 +02:00
Paul Bakker
b9e08b086b Merge server-side enforced renegotiation requests 2014-07-04 15:01:37 +02:00
Paul Bakker
d598318661 Fix base64_decode() to return and check length correctly 2014-07-04 15:01:00 +02:00
Manuel Pégourié-Gonnard
481fcfde93 Make PSK_LEN configurable and adjust PMS size 2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard
dfc7df0bec Add SSL_CIPHERSUITES config option 2014-07-04 14:59:02 +02:00
Manuel Pégourié-Gonnard
a9964dbcd5 Add ssl_set_renegotiation_enforced() 2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard
791684c058 Save RAM when only a few ciphersuites are defined 2014-06-30 19:07:01 +02:00
Manuel Pégourié-Gonnard
31855456f9 Fix clang's check mode again 2014-06-25 15:59:50 +02:00
Manuel Pégourié-Gonnard
bee8ded03a Fix warning depending on configuration 2014-06-25 12:22:59 +02:00
Manuel Pégourié-Gonnard
01edb1044c Add POLARSSL_REMOVE_RC4_CIPHERSUITES 2014-06-25 11:27:59 +02:00
Paul Bakker
2a45d1c8bb Merge changes to config examples and configuration issues 2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard
dd0c0f33c0 Better usage of dhm_calc_secret in SSL 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
8df68632e8 Fix bug in DHE-PSK PMS computation 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
5c1f032653 Abort handshake if no point format in common 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
fd35af1579 Fix off-by-one error in point format parsing 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
87a8ffeaba Padlock asm using \n\t too 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
0534fd4c1a Change asm format to \n\t in aesni.c too 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
03576887c2 Remove misplaced debugging message 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
42b5374523 Switch CCM and GCM in default suite order 
The upcoming BCP document recommends GCM as the default.
 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
d249b7ab9a Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
c4eff16516 Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
eaa76f7e20 Fix computation of minlen for encrypted packets 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
e800cd81d7 Re-arrange some code in ssl_derive_keys() 2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
b46e6adb9c Check input lengths in GCM 2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
0bcc4e1df7 Fix length checking for AEAD ciphersuites 2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard
66e20c6318 Fix warning and typo->error. 2014-06-24 17:47:40 +02:00
Manuel Pégourié-Gonnard
ac2ccf897c Fix CCM ciphersuites definition: PSK <-> DHE-PSK! 2014-06-24 15:48:01 +02:00
Manuel Pégourié-Gonnard
8f625632bb Fix dependencies: GCM != AEAD != CCM 2014-06-24 15:26:28 +02:00
Manuel Pégourié-Gonnard
5bfd968e01 Fix warning with TLS 1.2 without RSA or ECDSA 2014-06-24 15:18:11 +02:00
Paul Bakker
1c98ff96b5 Merge more test improvements and tests 
Conflicts:
	tests/suites/test_suite_cipher.blowfish.data
 2014-06-24 11:12:00 +02:00
Paul Bakker
91c301abbe Zeroize values in PKCS#12 operations 2014-06-24 11:09:39 +02:00
Manuel Pégourié-Gonnard
398c57b0b3 Blowfish accepts variable key len in cipher layer 2014-06-24 11:01:33 +02:00
Manuel Pégourié-Gonnard
f3b47243df Split x509_csr_parse_der() out of x509_csr_parse() 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
4d2a8eb6ff SSL modules now using x509_crt_parse_der() 
Avoid uselessly trying to decode PEM.
 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
b912616081 Rm unused functions in cipher_wrap 
You can't initialise a context with DES_CFB or DES_CTR.
 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
1c082f34f3 Update description and references for X.509 files 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
edc3ab20e2 Small cleanup: less side-effects 
pkcs5_parse_pbkdf2_params() used to modify params.p, which does not look
clean, even if the function is static and params.p isn't use afterwards.
 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
90dac90f53 Small code simplification in pkcs5_pbes2() 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
66aca931bc Add tests for pkcs5_pbes2 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
2a8afa98e2 pkcs5_self_test depends on SHA1 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
f3e5c22f4d Refactor x509_string_to_names(): data in a table 2014-06-23 11:52:58 +02:00
Manuel Pégourié-Gonnard
81754a0c35 Create a 'flags' field in cipher_info 2014-06-23 11:33:18 +02:00
Paul Bakker
66d5d076f7 Fix formatting in various code to match spacing from coding style 2014-06-17 17:06:47 +02:00
Paul Bakker
db20c10423 Add #endif comments for #endif more than 10 lines from #if / #else 2014-06-17 14:34:44 +02:00
Paul Bakker
d8bb82665e Fix code styling for return statements 2014-06-17 14:06:49 +02:00
Paul Bakker
3461772559 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-06-14 16:46:03 +02:00
Paul Bakker
14877e6250 Remove unused 'ret' variable 2014-06-12 23:01:18 +02:00
Paul Bakker
c2ff2083ee Merge parsing and verification of RSASSA-PSS in X.509 modules 2014-06-12 22:02:47 +02:00
Paul Bakker
508e573231 Merge tests for asn1write, XTEA and Entropy modules 2014-06-12 21:26:33 +02:00
Manuel Pégourié-Gonnard
3ac6a2b9a7 Same as previous commit with Camellia 2014-06-12 21:16:02 +02:00
Manuel Pégourié-Gonnard
afd5a08e33 Minor tune-up in aes code 
un-duplicate a check, and remove useless default case, mainly so that these
lines don't appear as uncovered
 2014-06-12 21:15:55 +02:00
Manuel Pégourié-Gonnard
e1ac0f8c5d Add back timing selftest with new hardclock test 2014-06-12 21:15:50 +02:00
Manuel Pégourié-Gonnard
7792198a46 Normalize some error messages 2014-06-12 21:15:44 +02:00
Manuel Pégourié-Gonnard
4dd73925ab Add entropy_self_test() 2014-06-10 15:38:43 +02:00
Paul Bakker
d6917f0eb3 Add LINK_WITH_PTHREAD to CMakeList for explicitly adding pthread linking 2014-06-09 23:46:41 +02:00
Manuel Pégourié-Gonnard
d1539b1e88 Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT 2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard
88aa6e0b58 Fix potential memory leak in RSASSA-PSS verify 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
0eaa8beb36 Fix signedness warning 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
53882023e7 Also verify CRLs signed with RSASSA-PSS 2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard
46db4b070c Use pk_verify_ext() in x509_crt.c 2014-06-05 17:08:46 +02:00