yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 16:21:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
7226 commits 88 branches 205 tags 69 MiB
Commit graph

1468 commits

Author SHA1 Message Date
Jaeden Amero 193c86425e Update version to 2.12.0 2018-07-25 15:42:26 +01:00
Simon Butcher 37b9fd5df6 Merge remote-tracking branch 'restricted/pr/490' into development 2018-07-24 23:40:37 +01:00
Simon Butcher 2c92949e0a Merge remote-tracking branch 'public/pr/1198' into development 2018-07-24 17:20:17 +01:00
Simon Butcher c88c627fba Merge remote-tracking branch 'public/pr/1658' into development 2018-07-24 17:19:10 +01:00
Ron Eldor 9cf0d53adc Add ChangeLog 
Add entry in ChangeLog for the Key Wrapping feature.
 2018-07-24 16:43:20 +01:00
Simon Butcher ccb43df37e Merge remote-tracking branch 'public/pr/927' into development 2018-07-24 13:06:54 +01:00
Simon Butcher dad05b7fc9 Merge remote-tracking branch 'public/pr/1844' into development 2018-07-24 13:05:09 +01:00
Simon Butcher 05330541ea Revise ChangeLog entry for empty data records fixes 2018-07-24 12:54:15 +01:00
Simon Butcher 116ac43d00 Merge remote-tracking branch 'public/pr/1852' into development 2018-07-24 12:18:59 +01:00
Simon Butcher fced1f2fb3 Merge remote-tracking branch 'public/pr/1854' into development 2018-07-24 10:26:46 +01:00
Simon Butcher ecb635efca Add ChangeLog entry for #1098 fix. 2018-07-24 10:03:41 +01:00
Brian J Murray 4736e96568 add myself to changelog 2018-07-23 10:34:47 -07:00
Andres Amaya Garcia 81f0633c16 Add ChangeLog entry for empty app data fix 2018-07-20 23:09:29 +01:00
Angus Gratton 1a7a17e548 Check for invalid short Alert messages 
(Short Change Cipher Spec & Handshake messages are already checked for.)
 2018-07-20 23:09:29 +01:00
Angus Gratton b512bc1d29 CBC mode: Allow zero-length message fragments (100% padding) 
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
 2018-07-20 23:09:29 +01:00
Simon Butcher 922bd1efb2 Merge remote-tracking branch 'public/pr/1752' into development 2018-07-20 14:33:18 +01:00
Simon Butcher 862e703d51 Merge remote-tracking branch 'public/pr/921' into development 2018-07-20 14:30:50 +01:00
Simon Butcher 4f37bcabf9 Fix ChangeLog entry for issue #1663 
The ChangeLog entry was under the wrong version, and under Changes, not
BugFixes.
 2018-07-19 19:52:32 +01:00
Simon Butcher df15356259 Merge remote-tracking branch 'public/pr/1663' into development 2018-07-19 19:48:10 +01:00
Simon Butcher a72098b4d6 Merge remote-tracking branch 'public/pr/1778' into development 2018-07-19 16:10:38 +01:00
Manuel Pégourié-Gonnard 830ce11eba Clarify attack conditions in the ChangeLog. 
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
 2018-07-11 18:27:08 +02:00
Simon Butcher 00af447ba8 Add ChangeLog entry for PR #536 2018-07-10 15:35:43 +01:00
Simon Butcher 32b074720e Merge remote-tracking branch 'public/pr/1737' into development 2018-07-10 14:57:50 +01:00
Simon Butcher cdbb2f2168 Merge remote-tracking branch 'public/pr/1563' into development 2018-07-10 12:49:26 +01:00
Simon Butcher 231d7e5669 Add ChangeLog entry for PR #1567. 
ChangeLog entry for platform support for the Haiku OS. PR #1567.
 2018-07-10 11:56:19 +01:00
Simon Butcher 6331cb0607 Fix some whitespace issues in ChangeLog and CMakeLists.txt 
Stray tab in library/CMakeLists.txt and incorrect formatting in ChangeLog.
 2018-07-10 11:48:42 +01:00
Manuel Pégourié-Gonnard 7b42030b5d Add counter-measure to cache-based Lucky 13 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.

A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).

Let's make sure they're always read.
 2018-07-05 14:44:49 +02:00
Manuel Pégourié-Gonnard 1cc1fb0599 Fix Lucky 13 cache attack on MD/SHA padding 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
 2018-07-05 10:47:00 +02:00
Ron Eldor 382c1db6c0 Minor fixes 
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
 2018-07-04 17:42:47 +03:00
Ron Eldor 5ffc220f16 Documentation error in mbedtls_ssl_get_session 
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
 2018-07-03 16:04:41 +03:00
Simon Butcher 05fa46e6b7 Add ChangeLog entry for #992 fix 2018-07-02 12:08:32 +01:00
Ron Eldor da2a31237e Add entry in ChangeLog 
Add entry in ChangeLog for compilation error fix of #1719
 2018-07-01 10:22:53 +03:00
Gilles Peskine 104d85865d Add ChangeLog entry 2018-06-28 17:36:02 +02:00
Simon Butcher 1ab9b57148 Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse() 2018-06-28 12:13:14 +01:00
Simon Butcher 4b6b08e7d2 Merge remote-tracking branch 'public/pr/1006' into development 2018-06-28 12:08:59 +01:00
Simon Butcher 1d97cab5f5 Merge remote-tracking branch 'public/pr/1645' into development 2018-06-28 12:06:16 +01:00
Simon Butcher bea00bd89c Merge remote-tracking branch 'public/pr/1783' into development 2018-06-28 12:04:19 +01:00
Simon Butcher 9e02b973f1 Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1 2018-06-28 11:59:15 +01:00
Simon Butcher 9fa21bffe6 Merge remote-tracking branch 'public/pr/1533' into development 2018-06-27 10:50:58 +01:00
Simon Butcher 95a1c1f8ab Merge remote-tracking branch 'public/pr/1617' into development 2018-06-27 10:49:59 +01:00
niisato 164b9cd025 update ChangeLog 2018-06-25 20:47:14 +09:00
niisato b7d39db047 update ChangeLog 2018-06-25 20:45:03 +09:00
niisato 99a3e80721 update change log. 2018-06-25 20:21:43 +09:00
niisato 15550854a3 add ChangeLog to this commit. 2018-06-25 20:07:48 +09:00
Nicholas Wilson 2682edf205 Fix build using -std=c99 
In each place where POSIX/GNU functions are used, the file must declare
that it wants POSIX functionality before including any system headers.
 2018-06-25 12:00:26 +01:00
Nicholas Wilson 512b4ee9c7 Use gmtime_r to fix thread-safety issue, and use mbedtls_time on Windows 2018-06-25 11:59:54 +01:00
Simon Butcher 6c34442c87 Add fix for #1550 and credit to the ChangeLog 2018-06-24 16:20:56 +01:00
Ron Eldor 6332e368cc Fix typo in ChangeLog 
Fix typo in ChangeLog discovered in PR review
 2018-06-24 16:59:56 +03:00
Ron Eldor 6fd941fe4b Remove unneeded namesapcing in header files 
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
 2018-06-24 16:56:47 +03:00
Andres Amaya Garcia a562c26300 Add ChangeLog entry for mbedtls_ssl_write() docs 2018-06-21 19:14:49 +01:00