yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-24 01:31:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
5095 commits 88 branches 205 tags 69 MiB
Commit graph

1170 commits

Author SHA1 Message Date
Simon Butcher e64bf3968e Merge remote-tracking branch 'public/pr/1582' into mbedtls-2.1 2018-05-23 17:53:23 +01:00
Simon Butcher 13188782a0 Fix up ChangeLog following rebase to mbedtls-2.1.12 2018-05-11 16:41:07 +01:00
Andres AG 879e62697e Allow the entry_name size to be set in config.h 
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
 2018-05-11 16:38:38 +01:00
Jaeden Amero 3263f46a0e Merge remote-tracking branch 'upstream-restricted/pr/480' into mbedtls-2.1-restricted 2018-04-30 17:38:15 +01:00
Simon Butcher 50d802172f Fix the ChangeLog for clarity, english and credit 2018-04-30 17:23:10 +01:00
Jaeden Amero 6c0fba4350 Update version to 2.1.12 2018-04-27 13:13:54 +01:00
Jaeden Amero 4faad41346 Merge remote-tracking branch 'upstream-restricted/pr/472' into mbedtls-2.1-restricted-proposed 
Remove trailing whitespace from ChangeLog.
 2018-04-26 11:09:15 +01:00
Jaeden Amero 7db991d56a Merge branch 'mbedtls-2.1-proposed' into mbedtls-2.1-restricted-proposed 
Resolve conflicts in ChangeLog
 2018-04-26 09:03:14 +01:00
Andrzej Kurek 128bcbea1a Changelog entry 2018-04-25 05:29:47 -04:00
Andrzej Kurek bb6661479f ssl_tls: Fix invalid buffer sizes during compression / decompression 
Adjust information passed to zlib to include already written data.
 2018-04-23 08:29:36 -04:00
Mohammad Azim Khan 3f1d5cb324 Same ciphersuite validation in server and client hello 2018-04-20 19:52:49 +01:00
Manuel Pégourié-Gonnard 1e2f4da801 Merge remote-tracking branch 'restricted/pr/469' into mbedtls-2.1-restricted-proposed 
* restricted/pr/469:
  Improve comments style
  Remove a redundant test
  Add buffer size check before cert_type_len read
  Update change log
  Adjust 2.1 specific code to match the buffer verification tests
  Add a missing buffer size check
  Correct buffer size check
 2018-04-18 12:22:24 +02:00
Darryl Green ce52b58da0 Fix braces in mbedtls_memory_buffer_alloc_status() 2018-04-17 16:46:41 +02:00
Krzysztof Stachowiak 8fc134fcb1 Update change log 2018-04-05 08:51:35 +02:00
fbrosson 0620206db3 Backport 2.1: Use "#!/usr/bin/env perl" as shebang line. 2018-04-04 22:29:59 +00:00
Gilles Peskine 24f4584473 Align ChangeLog entry for PR #1396 with development 2018-04-04 10:18:37 +02:00
Jaeden Amero 23d979bee0 Merge remote-tracking branch 'upstream-public/pr/1554' into mbedtls-2.1-proposed 2018-04-03 19:15:28 +01:00
AndrzejKurek 0de430678e pk_sign: fix overriding and ignoring return values 2018-04-03 19:38:45 +02:00
Jaeden Amero ac9939c096 Merge remote-tracking branch 'upstream-public/pr/1461' into mbedtls-2.1-proposed 2018-04-03 18:27:18 +01:00
Jaeden Amero ee6c822076 Merge remote-tracking branch 'upstream-public/pr/1396' into mbedtls-2.1-proposed 2018-04-03 12:07:19 +01:00
Gilles Peskine 225684015d Merge remote-tracking branch 'upstream-public/pr/1501' into mbedtls-2.1-proposed 2018-04-01 12:41:33 +02:00
Gilles Peskine 8b1cddcf26 Merge remote-tracking branch 'upstream-public/pr/1542' into mbedtls-2.1-proposed 2018-04-01 12:41:00 +02:00
Gilles Peskine 419e670702 Minor changelog improvement 2018-04-01 12:33:35 +02:00
Gilles Peskine 04450488ec Add ChangeLog entry to credit independent contribution 
Also: fixes #1437
 2018-03-31 23:06:09 +02:00
Andrzej Kurek a1149a70ae Add tests for "return plaintext data faster on unpadded decryption" 2018-03-30 05:00:19 -04:00
Darryl Green 093c170377 Improve documentation of mbedtls_ssl_write() 2018-03-29 16:56:09 +01:00
Jaeden Amero cbe731c653 Merge remote-tracking branch 'upstream-public/pr/1532' into mbedtls-2.1-proposed 2018-03-29 11:03:17 +01:00
Jaeden Amero 82e288adb6 Merge remote-tracking branch 'upstream-public/pr/1494' into mbedtls-2.1-proposed 2018-03-29 10:59:43 +01:00
Jaeden Amero 616485854e Merge remote-tracking branch 'upstream-public/pr/1469' into mbedtls-2.1-proposed 2018-03-28 15:36:01 +01:00
Jaeden Amero 478baecc06 Merge remote-tracking branch 'upstream-public/pr/1525' into mbedtls-2.1-proposed 2018-03-28 15:34:25 +01:00
Ivan Krylov 1110a6fa63 Add ChangeLog entry 2018-03-28 17:25:12 +03:00
Jaeden Amero 8b4cd26eaf Merge remote-tracking branch 'upstream-public/pr/1481' into mbedtls-2.1-proposed 2018-03-28 13:44:28 +01:00
Gilles Peskine f362b97415 Add ChangeLog entry 
Fixes #1299. Fixes #1475.
 2018-03-27 23:22:37 +02:00
Andres Amaya Garcia 47569d7384 Add ChangeLog entry for PBES2 when ASN1 disabled 2018-03-27 21:34:15 +01:00
Andres Amaya Garcia bc00667a90 Improve ChangeLog for DLEXT and AR_DASH changes 2018-03-27 20:07:52 +01:00
Andres Amaya Garcia 83bffd353e Add ChangeLog entry for library/makefile changes 2018-03-26 00:15:21 +01:00
Gilles Peskine eea857dc0d Add ChangeLog entry 2018-03-23 14:38:14 +01:00
Gilles Peskine d888bd2c65 Add changelog entries for improved testing 
Fixes #1040
 2018-03-23 02:29:49 +01:00
Gilles Peskine 2a74061198 Merge tag 'mbedtls-2.1.11' into iotssl-1381-x509-verify-refactor-2.1-restricted 
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
 2018-03-23 02:28:33 +01:00
Jethro Beekman 1a886ff45f Fix parsing of PKCS#8 encoded Elliptic Curve keys. 
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
 2018-03-22 18:03:30 -07:00
mohammad1603 cee0890b19 Verify that f_send and f_recv send and receive the expected length 
Verify that f_send and f_recv send and receive the expected length

Conflicts:
	ChangeLog
 2018-03-22 15:01:02 -07:00
Andres Amaya Garcia 2a0aee3163 Add ChangeLog entry for redundant mutex initialization optimizations 2018-03-21 17:40:48 +00:00
Andres Amaya Garcia 09d787f2fc Add ChangeLog entry for dylib builds using Makefile 2018-03-21 11:24:32 +00:00
Jaeden Amero 1c986a9859 Update version to 2.1.11 2018-03-16 16:29:30 +00:00
Jaeden Amero 7f44963f45 Merge remote-tracking branch 'upstream-public/pr/1455' into mbedtls-2.1-restricted-proposed 2018-03-15 15:24:47 +00:00
Ron Eldor 82712a9c97 Write correct number of ciphersuites in log 
Change location of log, to fit the correct number of used ciphersuites
 2018-03-15 15:09:28 +00:00
Jaeden Amero 23f503f12d Merge remote-tracking branch 'upstream-restricted/pr/465' into mbedtls-2.1-restricted-proposed 2018-03-14 18:32:21 +00:00
Jaeden Amero 5e50ff8f44 Merge remote-tracking branch 'upstream-restricted/pr/395' into mbedtls-2.1-restricted-proposed 2018-03-14 18:16:29 +00:00
Jaeden Amero 10a1a60966 Merge branch 'mbedtls-2.1-proposed' into mbedtls-2.1-restricted-proposed 2018-03-14 18:03:41 +00:00
Jaeden Amero 0980d9a3ae Merge remote-tracking branch 'upstream-public/pr/1450' into mbedtls-2.1-proposed 2018-03-14 17:53:27 +00:00
Jaeden Amero 4e3629590f Merge remote-tracking branch 'upstream-public/pr/1452' into mbedtls-2.1-proposed 2018-03-14 17:38:21 +00:00
Krzysztof Stachowiak d3cec99377 Update change log 2018-03-14 14:39:01 +01:00
Krzysztof Stachowiak a7a8332402 Update change log 2018-03-14 14:35:12 +01:00
Manuel Pégourié-Gonnard b0661769ab x509: CRL: reject unsupported critical extensions 2018-03-14 09:28:24 +01:00
Gilles Peskine df6f3dd9b0 Merge remote-tracking branch 'upstream-restricted/pr/430' into mbedtls-2.1-restricted-proposed 2018-03-13 17:28:42 +01:00
Gilles Peskine 8c1217984b Merge remote-tracking branch 'upstream-restricted/pr/360' into mbedtls-2.1-restricted-proposed 
Conflicts:
* scripts/config.pl: reconciled parallel edits in a comment.
 2018-03-13 17:26:49 +01:00
Hanno Becker 41b6189ef7 Adapt ChangeLog 
Add note about fix of memory leak in RSA self test.
 2018-03-13 10:42:43 +00:00
Gilles Peskine 5e533f43ee Merge remote-tracking branch 'upstream-public/pr/1373' into mbedtls-2.1-proposed 2018-03-12 23:51:50 +01:00
Gilles Peskine 889de8eedb Merge branch 'pr_1276' into mbedtls-2.1-proposed 2018-03-12 23:51:01 +01:00
Gilles Peskine 681f5aacfe Align ChangeLog entry with 2.7 2018-03-12 23:50:18 +01:00
Gilles Peskine 8da4f864a5 Merge remote-tracking branch 'upstream-public/pr/1009' into mbedtls-2.1-proposed 2018-03-12 23:44:48 +01:00
Gilles Peskine adee19582e Merge branch 'pr_1409' into mbedtls-2.1-proposed 2018-03-11 00:52:36 +01:00
Gilles Peskine d38464698e Merge remote-tracking branch 'upstream-public/pr/1295' into mbedtls-2.1-proposed 2018-03-11 00:52:35 +01:00
Gilles Peskine 9a00ef3cf1 Merge branch 'pr_953' into HEAD 2018-03-11 00:52:24 +01:00
Gilles Peskine b1e6efd55d This fixes #664 2018-03-11 00:51:02 +01:00
Gilles Peskine 15967a8501 Fix grammar in ChangeLog entry 2018-03-11 00:15:56 +01:00
Gilles Peskine af18faca22 Merge remote-tracking branch 'upstream-public/pr/937' into mbedtls-2.1-proposed 2018-03-10 23:52:22 +01:00
Manuel Pégourié-Gonnard f1985570a9 Fix order of sections in ChangeLog 2018-03-06 10:34:56 +01:00
Hanno Becker 89e7422a27 Add ChangeLog entry for previous security fix 
Fixes #825
 2018-03-05 13:46:10 +01:00
itayzafrir cabc098a0f Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig. 
Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig.
 2018-03-05 09:50:58 +02:00
Gilles Peskine 7fded85f43 Add attribution for #1351 report 2018-02-27 08:41:56 +01:00
Gilles Peskine 25ec9cc9b3 Merge branch 'prr_428' into mbedtls-2.1-proposed 2018-02-22 16:24:13 +01:00
Gilles Peskine e9256c5f46 Note incompatibility of truncated HMAC extension in ChangeLog 
The change in the truncated HMAC extension aligns Mbed TLS with the
standard, but breaks interoperability with previous versions. Indicate
this in the ChangeLog, as well as how to restore the old behavior.
 2018-02-22 16:17:52 +01:00
mohammad1603 2b1eea7202 Remove extra new lines 
Remove extra new lines
 2018-02-22 05:13:34 -08:00
mohammad1603 f65add4f60 Backport 2.1:Add guard to out_left to avoid negative values 
return error when f_send return a value greater than out_left
 2018-02-22 05:07:15 -08:00
Jaeden Amero c07ef140ff Add ChangeLog entry for PR #1384 2018-02-22 08:33:52 +00:00
Gilles Peskine ac33180219 Merge branch 'pr_1354' into mbedtls-2.1 2018-02-20 16:37:17 +01:00
Gilles Peskine 37e1adb7cd Mention in ChangeLog that this fixes #1351 2018-02-20 16:35:32 +01:00
Gilles Peskine 2e50efad44 Merge remote-tracking branch 'upstream-public/pr/1334' into mbedtls-2.1-proposed 2018-02-14 15:13:37 +01:00
Gilles Peskine c0577f3931 Note in the changelog that this fixes an interoperability issue. 
Fixes #1339
 2018-02-14 11:33:30 +01:00
Antonio Quartulli b9e3c6d9c6 pkcs5v2: add support for additional hmacSHA algorithms 
Currently only SHA1 is supported as PRF algorithm for PBKDF2
(PKCS#5 v2.0).
This means that keys encrypted and authenticated using
another algorithm of the SHA family cannot be decrypted.

This deficiency has become particularly incumbent now that
PKIs created with OpenSSL1.1 are encrypting keys using
hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default
and even if v2 was forced, it would still use hmacSHA1).

Enable support for all the digest algorithms of the SHA
family for PKCS#5 v2.0.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
 2018-02-14 11:12:58 +01:00
Ron Eldor 5a2525c2fd Rephrase Changelog 
Rephrase Changelog to be more coherent to users
 2018-02-07 12:09:58 +02:00
Ron Eldor 3a3b654027 Fix handshake failure in suite B 
Fix handshake failure where PK key is translated as `MBEDTLS_ECKEY`
instead of `MBEDTLS_ECDSA`
 2018-02-07 12:09:46 +02:00
Simon Butcher bdf548e5d8 Update ChangeLog with language and technical corrections 
To clarify and correct the ChangeLog.
 2018-02-05 08:43:38 +00:00
Jaeden Amero 4913826aff Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted 2018-01-30 17:33:25 +00:00
Hanno Becker 235854503b Adapt ChangeLog 2018-01-30 11:58:16 +00:00
Gilles Peskine 36dde9e67a Added ChangeLog entry for 64-bit ILP32 fix 2018-01-29 21:59:12 +01:00
Andres Amaya Garcia 65915438b8 Add ChangeLog entry for 64-bit ILP32 fixes 2018-01-29 21:59:12 +01:00
Jaeden Amero 035f6ea288 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted 2018-01-29 12:53:07 +00:00
Manuel Pégourié-Gonnard 3e6222dacb Fix alarm(0) failure on mingw32 
A new test for mbedtls_timing_alarm(0) was introduced in PR 1136, which also
fixed it on Unix. Apparently test results on MinGW were not checked at that
point, so we missed that this new test was also failing on this platform.
 2018-01-29 13:23:40 +01:00
Jaeden Amero bfafd12789 Merge remote-tracking branch 'upstream-restricted/pr/414' into mbedtls-2.1-restricted 2018-01-26 18:09:14 +00:00
Jaeden Amero e5b443e2d6 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted 2018-01-24 15:24:42 +00:00
Andres AG 8ad5acd6da Fix corner case uses of memory_buffer_alloc.c 
The corner cases fixed include:
    * Allocating a buffer of size 0. With this change, the allocator now
      returns a NULL pointer in this case. Note that changes in pem.c and
      x509_crl.c were required to fix tests that did not work under this
      assumption.
    * Initialising the allocator with less memory than required for headers.
    * Fix header chain checks for uninitialised allocator.
 2018-01-23 21:03:49 +00:00
Gilles Peskine a2ef78d50c Merge remote-tracking branch 'upstream-restricted/pr/442' into mbedtls-2.1-restricted 2018-01-23 00:47:43 +01:00
Ron Eldor 1ac9aa7085 Set correct minimal versions in default conf 
Set `MBEDTLS_SSL_MIN_MAJOR_VERSION` and `MBEDTLS_SSL_MIN_MINOR_VERSION`
instead of `MBEDTLS_SSL_MAJOR_VERSION_3` and `MBEDTLS_SSL_MINOR_VERSION_1`
 2018-01-22 22:03:12 +01:00
Ron Eldor 998a4de3fa Fix Changelog notation 
Remove backticks, since ChangeLog is not in MarkDown
 2018-01-22 19:14:11 +02:00
Ron Eldor a1413e05e9 Fix compilation error with Mingw32 
Fix compilation error on Mingw32 when `_TRUNCATE` is defined. Use
`_TRUNCATE` only if `__MINGW32__` not defined. Fix suggested by
Thomas Glanzmann and Nick Wilson on issue #355
 2018-01-22 19:06:57 +02:00
Gilles Peskine f700ef38fa Add ChangeLog entry 2018-01-22 14:38:53 +01:00
Hanno Becker 4ecd34f86c Adapt ChangeLog 2018-01-17 17:47:58 +00:00
Jaeden Amero 1010760d91 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted 2018-01-10 13:16:26 +00:00