Commit graph

4072 commits

Author SHA1 Message Date
Janos Follath 36f1234d96 Additional corner cases for testing pathlen constrains. Just in case. 2015-11-02 05:55:15 +09:00
Janos Follath c7bea3158a Added test case for pathlen constrains in intermediate certificates 2015-11-02 05:55:02 +09:00
Jonathan Leroy 1f8c20ac9a Fix help message for cert_req/cert_write programs
In cert_req and cert_write programs, "key_certificate_sign" is not an
allowed velue for "key_usage" parameter. The correct value is
"key_cert_sign".

See https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_req.c#L208
and https://github.com/ARMmbed/mbedtls/blob/development/programs/x509/cert_write.c#L323.
2015-10-30 16:56:44 +01:00
Manuel Pégourié-Gonnard d13585f1b3 Small improvement to test script 2015-10-30 16:56:30 +01:00
Manuel Pégourié-Gonnard 9f44a80ea3 Try to prevent some misuse of RSA functions
fixes #331
2015-10-30 10:57:43 +01:00
Manuel Pégourié-Gonnard 8f115968da Pick up ChangeLog fixes from development 2015-10-28 13:55:28 +01:00
Manuel Pégourié-Gonnard a7f0a42101 Mention new test script in Readme 2015-10-28 13:42:14 +01:00
Manuel Pégourié-Gonnard 93080dfacf Fix missing check for RSA key length on EE certs
- also adapt tests to use lesser requirement for compatibility with old
  testing material
2015-10-28 13:22:32 +01:00
Simon Butcher 94c5e3c654 Fixed typo in comment 2015-10-28 13:21:12 +01:00
Manuel Pégourié-Gonnard 722da74cfc Fix attribution in ChangeLog 2015-10-28 13:20:16 +01:00
Manuel Pégourié-Gonnard a314076486 Fix handling of non-fatal alerts
fixes #308
2015-10-28 13:19:55 +01:00
Manuel Pégourié-Gonnard 134ca18fbc Add key-exchanges.pl to test list 2015-10-28 13:17:18 +01:00
Manuel Pégourié-Gonnard fe3affdad2 Add -Werror to reduced configs test scripts 2015-10-28 13:17:08 +01:00
Manuel Pégourié-Gonnard 5baec9050e Fix warning in some reduced configs 2015-10-28 13:16:56 +01:00
Manuel Pégourié-Gonnard f9945bc283 Fix #ifdef inconsistency
fixes #310

Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.

Conflicts:
	ChangeLog
2015-10-28 13:16:33 +01:00
Manuel Pégourié-Gonnard 4b56e755af Add script to test configs with single key exchanges 2015-10-28 13:15:23 +01:00
Manuel Pégourié-Gonnard 1cb668cf0f ECHDE-PSK does not use a certificate
fixes #270
2015-10-28 13:15:12 +01:00
Manuel Pégourié-Gonnard d113b8e89d Move all KEY_EXCHANGE__ definitions in one place 2015-10-28 13:15:01 +01:00
Manuel Pégourié-Gonnard 5ce77da2b3 Mention performance fix in ChangeLog 2015-10-27 10:35:02 +01:00
Manuel Pégourié-Gonnard 00992d45c0 Optimize more common cases in ecp_muladd() 2015-10-27 10:30:36 +01:00
Manuel Pégourié-Gonnard 241bf6717a Optimize some case of mbedtls_ecp_muladd()
Those are used by EC-JPAKE
2015-10-27 10:30:03 +01:00
Manuel Pégourié-Gonnard 770f453547 Remove useless code
closes #321
2015-10-27 10:29:26 +01:00
Manuel Pégourié-Gonnard c4cbc94d44 Small fix to 'make test' script
When the tests fail they don't display the number of skipped and run test
2015-10-27 10:29:26 +01:00
Manuel Pégourié-Gonnard a6925c502d Fix typo in documentation 2015-10-27 10:28:49 +01:00
Simon Butcher 759b6d9df6 Corrected misleading fn description in ssl_cache.h
Mistake in comments spotted by Andris Mednis
2015-10-27 10:28:24 +01:00
Simon Butcher 60d41b5d87 Corrected URL/reference to MPI library 2015-10-27 10:28:11 +01:00
James Cowgill 6bfa1d826e Fix minor spelling mistake in programs/pkey/gen_key.c 2015-10-27 10:27:51 +01:00
Manuel Pégourié-Gonnard c4e7d8a381 Bump version to 2.1.2
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard ca056c7748 Fix CVE number in ChangeLog 2015-10-05 18:21:34 +01:00
Manuel Pégourié-Gonnard c80a74f734 Merge branch 'development' into development-restricted
* development:
  Add 'inline' workaround where needed
2015-10-05 16:30:53 +01:00
Manuel Pégourié-Gonnard 2ac9c60838 Add 'inline' workaround where needed
Was previously using the workaround from md.h
2015-10-05 16:18:23 +01:00
Manuel Pégourié-Gonnard a97ab2c8a6 Merge branch 'development' into development-restricted
* development:
  Remove inline workaround when not useful
  Fix macroization of inline in C++
2015-10-05 15:48:09 +01:00
Simon Butcher 9c6762621d Merge branch 'development' of ssh://github.com/ARMmbed/mbedtls into development 2015-10-05 15:45:53 +01:00
Simon Butcher 7776fc36d3 Fix for #279 macroisation of 'inline' keyword 2015-10-05 15:44:18 +01:00
Manuel Pégourié-Gonnard 2d7083435d Fix references to non-standard SIZE_T_MAX
Turns out C99 doesn't define SIZE_T_MAX, so let's not use it.
2015-10-05 15:23:11 +01:00
Manuel Pégourié-Gonnard 86ff4874a4 Merge remote-tracking branch 'origin/development' into development-restricted
* origin/development:
  Fix yotta version dependencies again
2015-10-05 14:59:40 +01:00
Manuel Pégourié-Gonnard 0ccd4537bd Fix yotta version dependencies again 2015-10-05 14:50:41 +01:00
Manuel Pégourié-Gonnard 899ac849d0 Merge branch 'development' into development-restricted
* development:
  Upgrade yotta dependency versions
  Fix compile error in net.c with musl libc
  Add missing warning in doc
2015-10-05 14:47:43 +01:00
Manuel Pégourié-Gonnard 2347bdd7b5 Upgrade yotta dependency versions 2015-10-05 14:39:01 +01:00
Simon Butcher 5ae7984dc2 Merge pull request #306 from ARMmbed/gh-288-missing-warning
Add missing warning in doc
2015-10-05 13:51:10 +01:00
Simon Butcher 281bd6d98e Merge pull request #307 from ARMmbed/gh-278-musl-socklen
Fix compile error in net.c with musl libc
2015-10-05 13:49:26 +01:00
Manuel Pégourié-Gonnard 0431735299 Fix compile error in net.c with musl libc
fixes #278
2015-10-05 12:17:49 +01:00
Manuel Pégourié-Gonnard cb6af00e2a Add missing warning in doc
Found by Nicholas Wilson

fixes #288
2015-10-05 12:12:39 +01:00
Simon Butcher 475cf0a98a Merge fix of IOTSSL-496 - Potential heap overflow
Fix for potential overflow in ssl_write_certificate_request()
2015-10-05 11:57:54 +01:00
Manuel Pégourié-Gonnard 5a2e389811 Remove inline workaround when not useful
This header doesn't have nay inline function any more
2015-10-05 11:55:39 +01:00
Manuel Pégourié-Gonnard 0223ab9d38 Fix macroization of inline in C++
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 11:41:36 +01:00
Simon Butcher fec73a8eec Merge of fix for IOTSSL-481 - Double free
Potential double free in mbedtls_ssl_conf_psk()
2015-10-05 10:40:31 +01:00
Simon Butcher c48b66bfb6 Changed attribution for Guido Vranken 2015-10-05 10:18:17 +01:00
Simon Butcher 6418ffaadb Merge fix for IOTSSL-480 - base64 overflow issue 2015-10-05 09:54:11 +01:00
Simon Butcher a45aa1399b Merge of IOTSSL-476 - Random malloc in pem_read() 2015-10-05 00:26:36 +01:00