yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 23:31:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
3520 commits 88 branches 205 tags 69 MiB
Commit graph

2017 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 9d7821d774 Fix warning in reduced config 2014-11-06 01:19:52 +01:00
Manuel Pégourié-Gonnard fedba98ede Merge branch 'fb-scsv' into dtls 
* fb-scsv:
  Update Changelog for FALLBACK_SCSV
  Implement FALLBACK_SCSV server-side
  Implement FALLBACK_SCSV client-side
 2014-11-05 16:12:09 +01:00
Manuel Pégourié-Gonnard 1a03473576 Keep EtM state across renegotiations 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard b575b54cb9 Forbid extended master secret with SSLv3 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 169dd6a514 Adjust minimum length for EtM 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 78e745fc0a Don't send back EtM extension if not using CBC 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 08558e5b46 Fix for the RFC erratum 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 313d796e80 Implement EtM 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 0098e7dc70 Preparation for EtM 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 699cafaea2 Implement initial negotiation of EtM 
Not implemented yet:
- actually using EtM
- conditions on renegotiation
 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard 01b2699198 Implement FALLBACK_SCSV server-side 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard ada3030485 Implement extended master secret 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard 1cbd39dbeb Implement FALLBACK_SCSV client-side 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard 367381fddd Add negotiation of Extended Master Secret 
(But not the actual thing yet.)
 2014-11-05 16:00:49 +01:00
Paul Bakker f2a459df05 Preparation for PolarSSL 1.4.0 2014-10-21 16:40:54 +02:00
Manuel Pégourié-Gonnard 6b875fc7e5 Fix potential memory leak (from clang-analyzer) 2014-10-21 16:33:00 +02:00
Manuel Pégourié-Gonnard df3acd82e2 Limit HelloRequest retransmission if not enforced 2014-10-21 16:32:58 +02:00
Manuel Pégourié-Gonnard 26a4cf63ec Add retransmission of HelloRequest 2014-10-21 16:32:57 +02:00
Manuel Pégourié-Gonnard 74a1378175 Avoid false positive in ssl-opt.sh with memcheck 2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard 8e704f0f74 DTLS depends on TIMING_C for now 2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard b0643d152d Add ssl_set_dtls_badmac_limit() 2014-10-21 16:32:55 +02:00
Manuel Pégourié-Gonnard 9b35f18f66 Add ssl_get_record_expansion() 2014-10-21 16:32:55 +02:00
Manuel Pégourié-Gonnard 37e08e1689 Fix max_fragment_length with DTLS 2014-10-21 16:32:53 +02:00
Manuel Pégourié-Gonnard 23cad339c4 Fail cleanly on unhandled case 2014-10-21 16:32:52 +02:00
Manuel Pégourié-Gonnard fc572dd4f6 Retransmit only on last message from prev flight 
Be a good network citizen, try to avoid causing congestion by causing a
retransmission explosion.
 2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard 8a7cf2543a Add a few #ifdefs 2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard ba958b8bdc Add test for server-initiated renego 
Just assuming the HelloRequest isn't lost for now
 2014-10-21 16:32:50 +02:00
Manuel Pégourié-Gonnard 46fb942046 Fix warning about function that should be static 2014-10-21 16:32:49 +02:00
Manuel Pégourié-Gonnard f1e9b09a0c Fix missing #ifdef's 2014-10-21 16:32:48 +02:00
Manuel Pégourié-Gonnard 4e2f245752 Fix timer issues 
- timer not firing when constantly receiving bad messages
- timer not reset on failed reads
- timer incorrectly restarted on resend during read
 2014-10-21 16:32:47 +02:00
Manuel Pégourié-Gonnard df9a0a8460 Drop unexpected ApplicationData 
This is likely to happen on resumption if client speaks first at the
application level.
 2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard 6b65141718 Implement ssl_read() timeout (DTLS only for now) 2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard 2707430a4d Fix types and comments about read_timeout 2014-10-21 16:32:45 +02:00
Manuel Pégourié-Gonnard 6c1fa3a184 Fix misplaced initialisation of timeout 2014-10-21 16:32:45 +02:00
Manuel Pégourié-Gonnard c8d8e97cbd Move to milliseconds in recv_timeout() 2014-10-21 16:32:44 +02:00
Manuel Pégourié-Gonnard 905dd2425c Add ssl_set_handshake_timeout() 2014-10-21 16:32:43 +02:00
Manuel Pégourié-Gonnard 0ac247fd88 Implement timeout back-off (fixed range for now) 2014-10-21 16:32:43 +02:00
Manuel Pégourié-Gonnard 579950c2bb Fix bug with non-blocking I/O and cookies 2014-10-21 16:32:42 +02:00
Manuel Pégourié-Gonnard 7de3c9eecb Count timeout per flight, not per message 2014-10-21 16:32:41 +02:00
Manuel Pégourié-Gonnard db2858ce96 Preparation for timers 
Currently directly using timing.c, plan to use callbacks later to loosen
coupling, but first just get things working.
 2014-10-21 16:32:41 +02:00
Manuel Pégourié-Gonnard 08a1d4bce1 Fix bug with client auth with DTLS 2014-10-21 16:32:39 +02:00
Manuel Pégourié-Gonnard 23b7b703aa Fix issue with renego & resend 2014-10-21 16:32:38 +02:00
Manuel Pégourié-Gonnard f03c7aa469 Add replay detection in parse_client_hello() 2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard 2739313cea Make anti-replay a runtime option 2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard 8464a46b6b Make DTLS_ANTI_REPLAY depends on PROTO_DTLS 2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard 246c13a05f Fix epoch checking 2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard b47368a00a Add replay detection 2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard 4956fd7437 Test and fix anti-replay functions 2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard 7a7e140d4e Add functions for replay protection 2014-10-21 16:32:33 +02:00
Manuel Pégourié-Gonnard ea22ce577e Rm unneeded counter increment with DTLS 2014-10-21 16:32:33 +02:00
Manuel Pégourié-Gonnard abf16240dd Add ability to resend last flight 2014-10-21 16:32:31 +02:00
Manuel Pégourié-Gonnard cd32a50d67 Fix NewSesssionTicket vs ChangeCipherSpec bug 
Since we were cheating on state, ssl_read_record() wasn't able to drop
out-of-sequence ChangeCipherSpec messages. Cheat a bit less.
 2014-10-21 16:32:31 +02:00
Manuel Pégourié-Gonnard 767c69561b Drop out-of-sequence ChangeCipherSpec messages 2014-10-21 16:32:29 +02:00
Manuel Pégourié-Gonnard 93017de47e Minor optim: don't resend on duplicated HVR 2014-10-21 16:32:29 +02:00
Manuel Pégourié-Gonnard c715aed744 Fix epoch swapping 2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard 6a2bdfaf73 Actually resend flights 2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard 5d8ba53ace Expand and fix resend infrastructure 2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard ffa67be698 Infrastructure for buffering & resending flights 2014-10-21 16:32:27 +02:00
Manuel Pégourié-Gonnard 9d9b003a9a Add net_recv_timeout() 2014-10-21 16:32:26 +02:00
Manuel Pégourié-Gonnard 8fa6dfd560 Introduce f_recv_timeout callback 2014-10-21 16:32:26 +02:00
Manuel Pégourié-Gonnard e6bdc4497c Merge I/O contexts into one 2014-10-21 16:32:25 +02:00
Manuel Pégourié-Gonnard f4acfe1808 Document previous API changes in this branch 2014-10-21 16:32:23 +02:00
Manuel Pégourié-Gonnard d92d6a1b5b ssl_parse_server_key_exchange() cleanups 2014-10-21 16:30:32 +02:00
Manuel Pégourié-Gonnard 5ee96546de Add length checks in parse_certificate_verify() 2014-10-21 16:30:32 +02:00
Manuel Pégourié-Gonnard 72226214b1 Merge checks in ssl_parse_certificate_verify() 2014-10-21 16:30:32 +02:00
Manuel Pégourié-Gonnard ca6440b246 Small cleanups in parse_finished() 2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard 624bcb5260 No memmove: done, rm temporary things 2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard 000d5aec13 No memmove: parse_new_session_ticket() 2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard 0b3400dafa No memmove: ssl_parse_server_hello() 2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard 069eb79043 No memmove: ssl_parse_hello_verify_request() 2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard 04c1b4ece1 No memmove: certificate_request + server_hello_done 2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard f4830b5092 No memmove: ssl_parse_server_key_exchange() 2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard 4528f3f5c0 No memmove: parse_certificate_verify() 2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard 2114d724dc No memmove: ssl_parse_client_key_exchange() 2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard f49a7daa1a No memmove: ssl_parse_certificate() 2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard 4abc32734e No memmove: ssl_parse_finished() 2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard f899583f94 Prepare moving away from memmove() on incoming HS 2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard 4a1753657c Fix missing return in error check 2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard 19d438f4ff Get rid of memmove for DTLS in parse_client_hello() 2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard 63eca930d7 Drop invalid records with DTLS 2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard 167a37632d Split two functions out of ssl_read_record() 2014-10-21 16:30:27 +02:00
Manuel Pégourié-Gonnard 990f9e428a Handle late handshake messages gracefully 2014-10-21 16:30:26 +02:00
Manuel Pégourié-Gonnard 60ca5afaec Drop records from wrong epoch 2014-10-21 16:30:25 +02:00
Manuel Pégourié-Gonnard 1aa586e41d Check handshake message_seq field 2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard 9d1d7196e4 Check length before reading handshake header 2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard d9ba0d96b6 Prepare for checking incoming handshake seqnum 2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard ac03052f22 Fix segfault with some very short fragments 2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard 64dffc5d14 Make handshake reassembly work with openssl 2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard 502bf30fb5 Handle reassembly of handshake messages 
Works only with GnuTLS for now, OpenSSL packs other records in the same
datagram after the last fragmented one, which we don't handle yet.

Also, ssl-opt.sh fails the tests with valgrind for now: we're so slow with
valgrind that gnutls-serv retransmits some messages, and we don't handle
duplicated messages yet.
 2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard ed79a4bb14 Prepare for DTLS handshake reassembly 2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard edcbe549fd Reorder checks in ssl_read_record 2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard 0557bd5fa4 Fix message_seq with server-initiated renego 2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard c392b240c4 Fix server-initiated renegotiation with DTLS 2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard 30d16eb429 Fix client-initiated renegotiation with DTLS 2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard b35fe5638a Fix HelloVerifyRequest version handling 2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard 562eb787ec Add and use POLARSSL_ERR_SSL_BUFFER_TOO_SMALL 2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard bef8f09899 Make cookie timeout configurable 2014-10-21 16:30:19 +02:00
Manuel Pégourié-Gonnard e90308178f Add timestamp/serial to cookies, with timeout 2014-10-21 16:30:19 +02:00
Manuel Pégourié-Gonnard 445a1ec6cd Change internal names 2014-10-21 16:30:19 +02:00
Manuel Pégourié-Gonnard 29ad7e8fc0 Add check for missing ssl_set_client_transport_id() 2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard a64acd4f84 Add separate SSL_COOKIE_C define 2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard 7d38d215b1 Allow disabling HelloVerifyRequest 2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard e4de06145a Fix cookie context usage 2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard 232edd46be Move cookie callbacks implementation to own module 2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard d485d194f9 Move to a callback interface for DTLS cookies 2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard d7f9bc5091 Refactor cookie to prepare for external callbacks 
Also adds flexibility to the verification process.
 2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard 82202f0a9c Make DTLS_HELLO_VERIFY a compile option 2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard 98545f128a Generate random key for HelloVerifyRequest 2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard dd3cdb0fbc Start using client IP in HelloVerifyRequest 
Dummy fixed key for now.
 2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard 43c021874d Add ssl_set_client_transport_id() 2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard fb2d22371f Reuse random when responding to a verify request 2014-10-21 16:30:14 +02:00
Manuel Pégourié-Gonnard b760f001d7 Extract generate client random to a function 2014-10-21 16:30:14 +02:00
Manuel Pégourié-Gonnard 2c9ee81f6e Start adding srv support for hello verify request 
Dummy fixed content for now.

Also, seems to be a race condition in the way the socket is closed and
reopened, leading to a few "random" failures in compat.sh. A fix is planned
for later.
 2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard a0e1632b79 Do not use compression with DTLS 2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard 5d53cbef3a Fix length check in ssl_write_ticket() 2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard 879a4f9623 Abort on DTLS epoch wrap 2014-10-21 16:30:12 +02:00
Manuel Pégourié-Gonnard 805e2300af Fix error message and return code 2014-10-21 16:30:12 +02:00
Manuel Pégourié-Gonnard 67427c07b2 Fix checksum computation with HelloVerifyRequest 2014-10-21 16:30:11 +02:00
Manuel Pégourié-Gonnard 74848811b4 Implement HelloVerifyRequest on client 2014-10-21 16:30:11 +02:00
Manuel Pégourié-Gonnard b2f3be8757 Support multiple records in one datagram 2014-10-21 16:30:10 +02:00
Manuel Pégourié-Gonnard 34c1011b3d Fix a few warnings in reduced configs 2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard fe98aceb70 Adapt ssl_fetch_input() for UDP 2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard f5a1312eaa Add UDP support to the NET module 2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard d6b721c7ee More ssl_parse_client_hello() adjustments 2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard 4128aa71ee Add the 'cookie' field of DTLS ClientHello 2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard 8933a65d5c Rework ssl_parse_client_hello() a bit 
- make it more linear
- check lengths better
- prepare for optional "cookie" field
 2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard e89bcf05da Write new DTLS handshake fields correctly 2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard ce441b3442 Add space for new DTLS fields in handshake 2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard a59543af30 Minor refactoring in ssl_read_record() 2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard f302fb52e1 Fix hmac computation for DTLS 2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard 5afb167e2c Implement DTLS epochs 2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard 0619348288 Add explicit counter in DTLS record header 2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard 507e1e410a Prep: allow {in,out}_len != {in,out}_hdr + 3 2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard 7ee6f0e6e5 Preparation: allow {in,out}_ctr != {in,out}_buf 2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard abc7e3b4ba Handle DTLS version encoding and fix some checks 2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard 864a81fdc0 More ssl_set_XXX() functions can return BAD_INPUT 2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard b21ca2a69f Adapt version-handling functions to DTLS 2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard d66645130c Add a ciphersuite NODTLS flag 2014-10-21 16:30:03 +02:00
Manuel Pégourié-Gonnard 0b1ff29328 Add basic flags for DTLS 2014-10-21 16:30:03 +02:00
Paul Bakker 82788fb63b Fix minor style issues 2014-10-20 13:59:19 +02:00
Paul Bakker 9eac4f7c4e Prepare for release 1.3.9 2014-10-20 13:56:15 +02:00
Manuel Pégourié-Gonnard f7cdbc0e87 Fix potential bad read of length 2014-10-17 17:02:10 +02:00
Manuel Pégourié-Gonnard ef9a6aec51 Allow comparing name with mismatched encodings 2014-10-17 12:42:31 +02:00
Manuel Pégourié-Gonnard 88421246d8 Rename a function 2014-10-17 12:42:30 +02:00
Manuel Pégourié-Gonnard 43c3b28ca6 Fix memory leak with crafted ClientHello 2014-10-17 12:42:11 +02:00
Manuel Pégourié-Gonnard 5d8618539f Fix memory leak while parsing some X.509 certs 2014-10-17 12:41:41 +02:00
Manuel Pégourié-Gonnard 64938c63f0 Accept spaces at end of line/buffer in base64 2014-10-15 23:53:33 +02:00
Manuel Pégourié-Gonnard 7f4ed67a97 Fix compile error with armcc in mpi_is_prime() 2014-10-15 22:06:46 +02:00
Paul Bakker 5a5fa92bfe x509_crt_parse() did not increase total_failed on PEM error 
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
 2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard 480905d563 Fix selection of hash from sig_alg ClientHello ext. 2014-08-30 14:19:59 +02:00
Sander Niemeijer ef5087d150 Added explicit casts to prevent compiler warnings when trying to build for iOS 2014-08-21 23:48:14 +02:00
Manuel Pégourié-Gonnard 8ef7088bb9 Use polarssl_zeroize() in asn1parse too 2014-08-21 18:15:09 +02:00
Peter Vaskovic a676acf66b Fix missing curly braces. 2014-08-21 17:56:25 +02:00
Manuel Pégourié-Gonnard a13500fdf7 Fix bug with ssl_close_notify and non-blocking I/O 2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard 44ade654c5 Implement (partial) renego delay on client 2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard f07f421759 Fix server-initiated renego with non-blocking I/O 2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard 6591962f06 Allow delay on renego on client 
Currently unbounded: will be fixed later
 2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard f26a1e8602 ssl_read() stops returning non-application data 2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard 55e4ff2ace Tune comments 2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard 462906f955 Do no test net_usleep() when not defined 2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard 192253aaa9 Fix buffer size in pk_write_*_pem() 2014-08-14 11:34:35 +02:00
Alfred Klomp b308dd72d9 timing.c: avoid referencing garbage value 
Found with Clang's `scan-build` tool.

When get_timer() is called with `reset` set to 1, the value of
t->start.tv_sec is used as a rvalue without being initialized first.
This is relatively harmless because the result of get_timer() is not
used by the callers when called in "reset mode". However, scan-build
prints a warning.

Silence the warning by only calculating the delta on non-reset runs,
returning zero otherwise.
 2014-08-14 11:34:35 +02:00
Alfred Klomp 7ee55624fb gcm.c: remove dead store 
Found with Clang's `scan-build` tool.

The value written to `hi` is never used, resulting in a warning. Remove
the dead store to get rid of the warning.
 2014-08-14 11:34:35 +02:00
Alfred Klomp 1b4eda3af9 pkcs5.c: fix dead store: return proper exit status 
Found with Clang's `scan-build` tool.

The error value assigned to `ret` is not returned, meaning that the
selftest always succeeds. Ensure the error value is propagated back to
the caller.
 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard 8d77eeeaf6 Fix integer suffix rejected by some MSVC versions 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard 9a6b442cee Fix non-blocking sockets in net_accept() 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard a04fa4fa04 RSA-PSK key exchange requires TLS 1.x 
It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.
 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard 8d4ad07706 SHA-2 ciphersuites now require TLS 1.x 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard 2fbf311391 Fix dependency issue in memory_buffer_alloc 2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard 97884a31cb Fix printf format warnings in memory_buffer_alloc 2014-08-14 11:34:33 +02:00
Manuel Pégourié-Gonnard 86bbc7fc30 Fix typo causing compile error with NULL cipher 2014-08-14 11:34:33 +02:00
Paul Bakker 8dcb2d7d7e Support escaping of commas in x509_string_to_names() 2014-08-11 11:59:52 +02:00
Paul Bakker 21e081b068 Prevent (incorrect) compiler warning 2014-07-24 10:38:01 +02:00
Paul Bakker 6c343d7d9a Fix mpi_write_string() to write "00" as hex output for empty MPI 2014-07-10 15:27:10 +02:00
Paul Bakker 5b11d026cd Fix dependencies and includes without FS_IO and PLATFORM_C 2014-07-10 15:27:10 +02:00
Manuel Pégourié-Gonnard b196fc23b1 Fix dhm_selftest() return value 2014-07-09 16:53:29 +02:00
Paul Bakker 968afaa06f ssl_key_cert not available in all configurations 2014-07-09 11:34:48 +02:00
Paul Bakker ec3a617d40 Make ready for release of 1.3.8 and soversion 7 2014-07-09 10:21:28 +02:00
Paul Bakker 84bbeb58df Adapt cipher and MD layer with _init() and _free() 2014-07-09 10:19:24 +02:00
Paul Bakker accaffe2c3 Restructure ssl_handshake_init() and small fixes 2014-07-09 10:19:24 +02:00
Paul Bakker a317a98221 Adapt programs / test suites 2014-07-09 10:19:24 +02:00
Paul Bakker 8f870b047c Add dhm_init() 2014-07-09 10:19:23 +02:00
Paul Bakker fff0366bba Add ctr_drbg_free() 2014-07-09 10:19:23 +02:00
Paul Bakker 5b4af39a36 Add _init() and _free() for hash modules 2014-07-09 10:19:23 +02:00
Paul Bakker c7ea99af4f Add _init() and _free() for cipher modules 2014-07-09 10:19:22 +02:00
Manuel Pégourié-Gonnard d27680bd5e Clarify code using PSK callback 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard 0698f7c21a Rm duplicate entry in oid_md_alg 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard 14beb08542 Fix missing const 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard ba782bbc4b Save some space in ECP curve tables 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard 67dbe1ef44 Better length checking in ecp_point_read_binary() 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard 08e81e0c8f Change selection of hash algorithm for TLS 1.2 2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard bd77254b18 md_list() starting with strongest hash 2014-07-08 13:03:02 +02:00
Paul Bakker 8fb99abaac Merge changes for leaner memory footprint 2014-07-04 15:02:19 +02:00
Paul Bakker b9e08b086b Merge server-side enforced renegotiation requests 2014-07-04 15:01:37 +02:00
Paul Bakker d598318661 Fix base64_decode() to return and check length correctly 2014-07-04 15:01:00 +02:00
Manuel Pégourié-Gonnard 481fcfde93 Make PSK_LEN configurable and adjust PMS size 2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard dfc7df0bec Add SSL_CIPHERSUITES config option 2014-07-04 14:59:02 +02:00
Manuel Pégourié-Gonnard a9964dbcd5 Add ssl_set_renegotiation_enforced() 2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard 791684c058 Save RAM when only a few ciphersuites are defined 2014-06-30 19:07:01 +02:00
Manuel Pégourié-Gonnard 31855456f9 Fix clang's check mode again 2014-06-25 15:59:50 +02:00
Manuel Pégourié-Gonnard bee8ded03a Fix warning depending on configuration 2014-06-25 12:22:59 +02:00
Manuel Pégourié-Gonnard 01edb1044c Add POLARSSL_REMOVE_RC4_CIPHERSUITES 2014-06-25 11:27:59 +02:00
Paul Bakker 2a45d1c8bb Merge changes to config examples and configuration issues 2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard dd0c0f33c0 Better usage of dhm_calc_secret in SSL 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard 8df68632e8 Fix bug in DHE-PSK PMS computation 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard 5c1f032653 Abort handshake if no point format in common 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard fd35af1579 Fix off-by-one error in point format parsing 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard 87a8ffeaba Padlock asm using \n\t too 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard 0534fd4c1a Change asm format to \n\t in aesni.c too 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard 03576887c2 Remove misplaced debugging message 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard 42b5374523 Switch CCM and GCM in default suite order 
The upcoming BCP document recommends GCM as the default.
 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard d249b7ab9a Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard c4eff16516 Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard eaa76f7e20 Fix computation of minlen for encrypted packets 2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard e800cd81d7 Re-arrange some code in ssl_derive_keys() 2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard b46e6adb9c Check input lengths in GCM 2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard 0bcc4e1df7 Fix length checking for AEAD ciphersuites 2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard 66e20c6318 Fix warning and typo->error. 2014-06-24 17:47:40 +02:00
Manuel Pégourié-Gonnard ac2ccf897c Fix CCM ciphersuites definition: PSK <-> DHE-PSK! 2014-06-24 15:48:01 +02:00
Manuel Pégourié-Gonnard 8f625632bb Fix dependencies: GCM != AEAD != CCM 2014-06-24 15:26:28 +02:00
Manuel Pégourié-Gonnard 5bfd968e01 Fix warning with TLS 1.2 without RSA or ECDSA 2014-06-24 15:18:11 +02:00
Paul Bakker 1c98ff96b5 Merge more test improvements and tests 
Conflicts:
	tests/suites/test_suite_cipher.blowfish.data
 2014-06-24 11:12:00 +02:00
Paul Bakker 91c301abbe Zeroize values in PKCS#12 operations 2014-06-24 11:09:39 +02:00
Manuel Pégourié-Gonnard 398c57b0b3 Blowfish accepts variable key len in cipher layer 2014-06-24 11:01:33 +02:00
Manuel Pégourié-Gonnard f3b47243df Split x509_csr_parse_der() out of x509_csr_parse() 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard 4d2a8eb6ff SSL modules now using x509_crt_parse_der() 
Avoid uselessly trying to decode PEM.
 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard b912616081 Rm unused functions in cipher_wrap 
You can't initialise a context with DES_CFB or DES_CTR.
 2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard 1c082f34f3 Update description and references for X.509 files 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard edc3ab20e2 Small cleanup: less side-effects 
pkcs5_parse_pbkdf2_params() used to modify params.p, which does not look
clean, even if the function is static and params.p isn't use afterwards.
 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard 90dac90f53 Small code simplification in pkcs5_pbes2() 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard 66aca931bc Add tests for pkcs5_pbes2 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard 2a8afa98e2 pkcs5_self_test depends on SHA1 2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard f3e5c22f4d Refactor x509_string_to_names(): data in a table 2014-06-23 11:52:58 +02:00
Manuel Pégourié-Gonnard 81754a0c35 Create a 'flags' field in cipher_info 2014-06-23 11:33:18 +02:00
Paul Bakker 66d5d076f7 Fix formatting in various code to match spacing from coding style 2014-06-17 17:06:47 +02:00
Paul Bakker db20c10423 Add #endif comments for #endif more than 10 lines from #if / #else 2014-06-17 14:34:44 +02:00
Paul Bakker d8bb82665e Fix code styling for return statements 2014-06-17 14:06:49 +02:00
Paul Bakker 3461772559 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-06-14 16:46:03 +02:00
Paul Bakker 14877e6250 Remove unused 'ret' variable 2014-06-12 23:01:18 +02:00
Paul Bakker c2ff2083ee Merge parsing and verification of RSASSA-PSS in X.509 modules 2014-06-12 22:02:47 +02:00
Paul Bakker 508e573231 Merge tests for asn1write, XTEA and Entropy modules 2014-06-12 21:26:33 +02:00
Manuel Pégourié-Gonnard 3ac6a2b9a7 Same as previous commit with Camellia 2014-06-12 21:16:02 +02:00
Manuel Pégourié-Gonnard afd5a08e33 Minor tune-up in aes code 
un-duplicate a check, and remove useless default case, mainly so that these
lines don't appear as uncovered
 2014-06-12 21:15:55 +02:00
Manuel Pégourié-Gonnard e1ac0f8c5d Add back timing selftest with new hardclock test 2014-06-12 21:15:50 +02:00
Manuel Pégourié-Gonnard 7792198a46 Normalize some error messages 2014-06-12 21:15:44 +02:00
Manuel Pégourié-Gonnard 4dd73925ab Add entropy_self_test() 2014-06-10 15:38:43 +02:00
Paul Bakker d6917f0eb3 Add LINK_WITH_PTHREAD to CMakeList for explicitly adding pthread linking 2014-06-09 23:46:41 +02:00
Manuel Pégourié-Gonnard d1539b1e88 Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT 2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard 88aa6e0b58 Fix potential memory leak in RSASSA-PSS verify 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard 0eaa8beb36 Fix signedness warning 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard 53882023e7 Also verify CRLs signed with RSASSA-PSS 2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard 46db4b070c Use pk_verify_ext() in x509_crt.c 2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard bf696d030b Make sig_opts non-optional in X509 structures 
This simplifies the code.
 2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard dddbb1d1eb Rm sig_params from various X509 structures 2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard 9113603b6b Use sig_opts in x509_sig_alg_gets() 2014-06-05 15:41:39 +02:00
Manuel Pégourié-Gonnard f75f2f7c46 Add sig_opts member to X509 structures 2014-06-05 15:14:59 +02:00
Manuel Pégourié-Gonnard 20422e9a3a Add pk_verify_ext() 2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard 5ec628a2b9 Add rsa_rsassa_pss_verify_ext() 2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard 920e1cd5e2 Add basic PSS cert verification 
Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here
 2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard e6d1d82b66 Relax checks on RSA mode for public key operations 2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard 78117d57b0 Consider trailerField a constant 2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard cac31eed9e Factor common code for printing sig_alg 2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard cf975a3857 Factor out some common code 2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard 39868ee301 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
Manuel Pégourié-Gonnard 8e42ff6bde Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard 9df5c96214 Fix dependencies 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard 9c9cf5b51e More checks for length match in rsassa-pss params 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard e76b750b69 Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard f346bab139 Start parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard 59a75d5b9d Basic parsing of certs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
Peter Vaskovic 7015de7e67 Fix WSAStartup return value check. 
SOCKET_ERROR was not a valid return value.
WSAStartup returns 0 on success, so check that instead.
 2014-05-28 11:40:51 +02:00
Paul Bakker 14b16c62e9 Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker) 
Move strlen out of for loop.
Remove redundant null checks before free.
 2014-05-28 11:34:33 +02:00
Peter Vaskovic 8ebfe084ab Fix minor format string inconsistency. 2014-05-28 11:12:51 +02:00
Peter Vaskovic c2bbac968b Fix misplaced parenthesis. 2014-05-28 11:06:31 +02:00
Peter Vaskovic 541529e770 Remove unused arrays. 2014-05-28 11:04:48 +02:00
Paul Bakker b5212b436f Merge CCM cipher mode and ciphersuites 
Conflicts:
	library/ssl_tls.c
 2014-05-22 15:30:31 +02:00
Paul Bakker 0f651c7422 Stricter check on SSL ClientHello internal sizes compared to actual packet size 2014-05-22 15:12:19 +02:00
Brian White 12895d15f8 Fix less-than-zero checks on unsigned numbers 2014-05-22 13:52:53 +02:00
Manuel Pégourié-Gonnard 82a5de7bf7 Enforce alignment even if buffer is not aligned 2014-05-22 13:52:49 +02:00
Manuel Pégourié-Gonnard fe671f4aeb Add markers around generated code in error.c 2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard 8ff17c544c Add missing DEBUG_RET on cipher failures 2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard 61edffef28 Normalize "should never happen" messages/errors 2014-05-22 13:52:47 +02:00
Manuel Pégourié-Gonnard 2e5ee32033 Implement CCM and CCM_8 ciphersuites 2014-05-20 16:29:34 +02:00
Manuel Pégourié-Gonnard 5efd772ef0 Small readability improvement 2014-05-14 14:10:37 +02:00
Manuel Pégourié-Gonnard 6768da9438 Register CCM ciphersuites (not implemented yet) 2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard 41936957b3 Add AES-CCM and CAMELLIA-CCM to the cipher layer 2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard de7bb44004 Use cipher_auth_{en,de}crypt() in ssl_tls.c 2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard 4562ffe2e6 Add cipher_auth_{en,de}crypt() 2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard 8764d271fa Use cipher_crypt() in ssl_tls.c 2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard 3c1d150b3d Add cipher_crypt() 2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard 0f6b66dba1 CCM operations allow input == output 2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard aed6065793 CCM source cosmetics/tune-ups 
- source a bit shorter
- generated code slightly smaller
- preserving performance
 2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard ce77d55023 Implement ccm_auth_decrypt() 2014-05-07 12:13:13 +02:00
Manuel Pégourié-Gonnard 002323340a Refactor to prepare for CCM decryption 2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard 637eb3d31d Add ccm_encrypt_and_tag() 2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard 9fe0d13e8d Add ccm_init/free() 2014-05-06 12:12:45 +02:00
Manuel Pégourié-Gonnard a6916fada8 Add (placeholder) CCM module 2014-05-06 11:28:09 +02:00
Paul Bakker 5593f7caae Fix typo in debug_print_msg() 2014-05-06 10:29:28 +02:00
Paul Bakker da13016d84 Prepped for 1.3.7 release 2014-05-01 14:27:19 +02:00
Paul Bakker c37b0ac4b2 Fix typo in bignum.c 2014-05-01 14:19:23 +02:00
Paul Bakker b9e4e2c97a Fix formatting: fix some 'easy' > 80 length lines 2014-05-01 14:18:25 +02:00
Paul Bakker 9af723cee7 Fix formatting: remove trailing spaces, #endif with comments (> 10 lines) 2014-05-01 13:03:14 +02:00
Paul Bakker c3f89aa26c Removed word 'warning' from PKCS#5 selftest (buildbot warning as a result) 2014-05-01 10:56:03 +02:00
Paul Bakker 9bb04b6389 Removed redundant code in mpi_fill_random() 2014-05-01 09:47:02 +02:00
Paul Bakker 2ca1dc8958 Updated error.c and version_features.c based on changes 2014-05-01 09:46:38 +02:00
Markus Pfeiffer a26a005acf Make compilation on DragonFly work 2014-04-30 16:52:28 +02:00
Paul Bakker 2a024ac86a Merge dependency fixes 2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard cef4ad2509 Adapt sources to configurable config.h name 2014-04-30 16:40:20 +02:00
Manuel Pégourié-Gonnard c16f4e1f78 Move RC4 ciphersuites down the list 2014-04-30 16:27:06 +02:00
Paul Bakker 8eab8d368b Merge more portable AES-NI 2014-04-30 16:21:08 +02:00
Paul Bakker 33dc46b080 Fix bug with mpi_fill_random() on big-endian 2014-04-30 16:20:39 +02:00
Paul Bakker f96f7b607a On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-04-30 16:02:38 +02:00
Paul Bakker 6384440b13 Better support for the different Attribute Types from IETF PKIX (RFC 5280) 2014-04-30 15:34:12 +02:00
Paul Bakker 1a1fbba1ae Sanity length checks in ssl_read_record() and ssl_fetch_input() 
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
 2014-04-30 14:48:51 +02:00
Paul Bakker 24f37ccaed rsa_check_pubkey() now allows an E up to N 2014-04-30 13:43:51 +02:00
Paul Bakker 0f90d7d2b5 version_check_feature() added to check for compile-time options at run-time 2014-04-30 11:49:44 +02:00
Paul Bakker a70366317d Improve interop by not writing ext_len in ClientHello / ServerHello when 0 
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
 2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard 3d41370645 Fix hash dependencies in X.509 tests 2014-04-29 15:29:41 +02:00
Manuel Pégourié-Gonnard 3a306b9067 Fix misplaced #endif in ssl_tls.c 2014-04-29 15:11:17 +02:00
Manuel Pégourié-Gonnard b1fd397be6 Adapt AES-NI code to "old" binutil versions 2014-04-26 17:17:31 +02:00
Paul Bakker c73079a78c Add debug_set_threshold() and thresholding of messages 2014-04-25 16:58:16 +02:00
Paul Bakker 92478c37a6 Debug module only outputs full lines instead of parts 2014-04-25 16:58:15 +02:00
Paul Bakker eaebbd5eaa debug_set_log_mode() added to determine raw or full logging 2014-04-25 16:58:14 +02:00
Paul Bakker 61885c7f7f Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites 
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
 2014-04-25 12:59:51 +02:00
Paul Bakker 4ffcd2f9c3 Typo in PKCS#11 module 2014-04-25 11:44:12 +02:00
Paul Bakker 10a9dd35ea Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c 2014-04-25 11:27:16 +02:00
Paul Bakker 0767e67d17 Add support for 'emailAddress' to x509_string_to_names() 2014-04-18 14:11:37 +02:00
Paul Bakker c70e425a73 Only iterate over actual certificates in ssl_write_certificate_request() 2014-04-18 13:50:19 +02:00
Paul Bakker f4cf80b86f Restructured pk_parse_key_pkcs8_encrypted_der() to prevent unreachable code 2014-04-17 17:24:29 +02:00
Paul Bakker 4f42c11846 Remove arbitrary maximum length for cipher_list and content length 2014-04-17 15:37:39 +02:00
Paul Bakker d893aef867 Force default value to curve parameter 2014-04-17 14:45:34 +02:00
Paul Bakker 93389cc620 Remove const indicator 2014-04-17 14:44:38 +02:00
Paul Bakker 874bd64b28 Check setsockopt() return value in net_bind() 2014-04-17 12:43:05 +02:00
Paul Bakker 3d8fb63e11 Added missing MPI_CHK around mpi functions 2014-04-17 12:42:41 +02:00
Paul Bakker a9c16d2825 Removed unused cur variable in x509_string_to_names() 2014-04-17 12:42:18 +02:00
Paul Bakker 0e4f9115dc Fix iteration counter 2014-04-17 12:39:05 +02:00
Paul Bakker 784b04ff9a Prepared for version 1.3.6 2014-04-11 15:33:59 +02:00
Manuel Pégourié-Gonnard 9655e4597a Reject certificates with times not in UTC 2014-04-11 13:59:36 +02:00
Manuel Pégourié-Gonnard 0776a43788 Use UTC to heck certificate validity 2014-04-11 13:59:31 +02:00
Paul Bakker 52c5af7d2d Merge support for verifying the extendedKeyUsage extension in X.509 2014-04-11 13:58:57 +02:00
Manuel Pégourié-Gonnard 78848375c0 Declare EC constants as 'const' 2014-04-11 13:58:41 +02:00
Paul Bakker 1630058dde Potential buffer overwrite in pem_write_buffer() fixed 
Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.
 2014-04-11 13:58:05 +02:00
Manuel Pégourié-Gonnard 0408fd1fbb Add extendedKeyUsage checking in SSL modules 2014-04-11 11:09:09 +02:00
Manuel Pégourié-Gonnard 7afb8a0dca Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
Paul Bakker d6ad8e949b Make ssl_check_cert_usage() dependent on POLARSSL_X509_CRT_PARSE_C 2014-04-09 17:24:14 +02:00
Paul Bakker a77de8c841 Prevent warnings in ssl_check_cert_usage() if keyUsage checks are off 2014-04-09 16:39:35 +02:00
Paul Bakker 043a2e26d0 Merge verification of the keyUsage extension in X.509 certificates 2014-04-09 15:55:08 +02:00
Manuel Pégourié-Gonnard a9db85df73 Add tests for keyUsage with client auth 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 490047cc44 Code cosmetics 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 312010e6e9 Factor common parent checking code 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard f93a3c4335 Check the CA bit on trusted CAs too 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 99d4f19111 Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard 3fed0b3264 Factor some common code in x509_verify{,_child} 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard 7f2a07d7b2 Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard 603116c570 Add x509_crt_check_key_usage() 2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard 2abed84225 Specific return code for PK sig length mismatch 2014-04-09 15:50:00 +02:00
Manuel Pégourié-Gonnard 35e95ddca4 Add special return code for ecdsa length mismatch 2014-04-09 15:49:59 +02:00
Paul Bakker ddd427a8fc Fixed spacing in entropy_gather() 2014-04-09 15:49:57 +02:00
Paul Bakker 75342a65e4 Fixed typos in code 2014-04-09 15:49:57 +02:00
Manuel Pégourié-Gonnard 0f79babd4b Disable timing_selftest() for now 2014-04-09 15:49:51 +02:00
Paul Bakker 17b85cbd69 Merged additional tests and improved code coverage 
Conflicts:
	ChangeLog
 2014-04-08 14:38:48 +02:00
Paul Bakker 0763a401a7 Merged support for the ALPN extension 2014-04-08 14:37:12 +02:00
Paul Bakker 4224bc0a4f Prevent potential NULL pointer dereference in ssl_read_record() 2014-04-08 14:36:50 +02:00
Manuel Pégourié-Gonnard 8c045ef8e4 Fix embarrassing X.509 bug introduced in 9533765 2014-04-08 11:55:03 +02:00
Manuel Pégourié-Gonnard f6521de17b Add ALPN tests to ssl-opt.sh 
Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)
 2014-04-07 12:42:04 +02:00
Manuel Pégourié-Gonnard 89e35798ae Implement ALPN server-side 2014-04-07 12:26:35 +02:00
Manuel Pégourié-Gonnard 0b874dc580 Implement ALPN client-side 2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard 0148875cfc Add tests and fix bugs for RSA-alt contexts 2014-04-04 17:46:46 +02:00
Manuel Pégourié-Gonnard 7e250d4812 Add ALPN interface 2014-04-04 17:10:40 +02:00
Manuel Pégourié-Gonnard 79e58421be Also test net_usleep in timing_selttest() 2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard 3fec220a33 Add test for dhm_parse_dhmfile 2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard 7afdb88216 Test and fix x509_oid functions 2014-04-04 16:34:30 +02:00
Manuel Pégourié-Gonnard d6aebe108a Add 'volatile' to hardclock()'s asm 
Prevents calls from being optimised away in timing_self_test().
(Should no be a problem for calls from other files.)
 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard 13a1ef8600 Misc selftest adjustements 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard 470fc935b5 Add timing_self_test() with consistency tests 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard 487588d0bf Whitespace fixes 2014-04-04 16:33:01 +02:00
Paul Bakker e4205dc50a Merged printing of X509 extensions 2014-04-04 15:36:10 +02:00
Paul Bakker 5ff3f9134b Small fix for EFI build under Windows in x509_crt.c 2014-04-04 15:08:20 +02:00
Manuel Pégourié-Gonnard 0db29b05b5 More compact code using macros 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 7b30cfc5b0 x509_crt_info() list output cosmectics 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard f6f4ab40d3 Print extended key usage in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 65c2ddc318 Print key_usage in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard bce2b30855 Print subject alt name in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 919f8f5829 Print NS Cert Type in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard b28487db1f Start printing extensions in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 74bc68ac62 Fix default #define for malloc/free 2014-04-02 13:20:00 +02:00
Paul Bakker 75a2860f26 Potential memory leak in mpi_exp_mod() when error occurs during 
calculation of RR.
 2014-03-31 12:08:17 +02:00
Manuel Pégourié-Gonnard dd75c3183b Remove potential timing leak in ecdsa_sign() 2014-03-31 11:55:42 +02:00
Manuel Pégourié-Gonnard 5b8c409f53 Fix a warning (theoretical uninitialised variable) 2014-03-27 21:10:56 +01:00
Manuel Pégourié-Gonnard 969ccc6289 Fix length checking of various ClientKeyExchange's 2014-03-27 21:10:56 +01:00
Paul Bakker 96d5265315 Made ready for release 1.3.5 2014-03-26 16:55:50 +01:00
Paul Bakker 5fff23b92a x509_get_current_time() uses localtime_r() to prevent thread issues 2014-03-26 15:34:54 +01:00
Paul Bakker 4c284c9141 Removed LCOV directives from code 2014-03-26 15:33:05 +01:00
Paul Bakker 77f4f39ea6 Make sure no random pointer occur during failed malloc()'s 2014-03-26 15:30:20 +01:00
Paul Bakker db1f05985e Add a check for buffer overflow to pkcs11_sign() 
pkcs11_sign() reuses *sig to store the header and hash, but those might
be larger than the actual sig, causing a buffer overflow.

An overflow can occur when using raw sigs with hashlen > siglen, or when
the RSA key is less than 664 bits long (or less when using hashes
shorter than SHA512)

As siglen is always within the 'low realm' < 32k, an overflow of asnlen
+ hashlen is not possible.
 2014-03-26 15:14:21 +01:00
Paul Bakker 91c61bc4fd Further tightened the padlen check to prevent underflow / overflow 2014-03-26 15:14:20 +01:00
Manuel Pégourié-Gonnard c042cf0013 Fix broken tests due to changed error code 
Introduced in 5246ee5c59
 2014-03-26 14:12:20 +01:00
Manuel Pégourié-Gonnard b2bf5a1bbb Fix possible buffer overflow with PSK 2014-03-26 12:58:50 +01:00
Manuel Pégourié-Gonnard fdddac90a6 Fix stupid bug in rsa_copy() 2014-03-26 12:58:49 +01:00
Manuel Pégourié-Gonnard f84f799bcf Tune debug_print_ret format 2014-03-26 12:58:46 +01:00