Darryl Green
fdda7de048
Use function-like macro for Windows renaming
2019-04-11 12:54:02 +01:00
Gilles Peskine
f1349e4bfe
Clarify comment mangled by an earlier refactoring
2019-04-10 18:41:53 +02:00
Gilles Peskine
7832c9fc3d
Add an "out-of-box" component
...
Just run `make` and `make test`. And `selftest` for good measure.
2019-04-10 18:41:53 +02:00
Gilles Peskine
4b317616eb
Run ssl-opt.sh on 32-bit runtime
...
Run ssl-opt.sh on x86_32 with ASan. This may detect bugs that only
show up on 32-bit platforms, for example due to size_t overflow.
For this component, turn off some memory management features that are
not useful, potentially slow, and may reduce ASan's effectiveness at
catching buffer overflows.
2019-04-10 18:41:53 +02:00
Darryl Green
b467934fb7
Use Windows-specific renaming function
...
On Windows, rename() fails if the new filename already exists.
Use the Windows specific function MoveFileExA with the
MOVEFILE_REPLACE_EXISTING flag set instead to do renames.
2019-04-10 15:37:06 +01:00
Hanno Becker
4c8c7aa95e
Don't use debug level 1 for informational messages
2019-04-10 09:26:53 +01:00
Ron Eldor
df48efa77a
Skip uncritical unsupported extensions
...
Skip extensions that have support in the `oid` layer`, but
no parser found in the x509 layer, in case these are not critical.
2019-04-10 11:06:53 +03:00
Jaeden Amero
d037ad6471
Give credit to OSS-Fuzz for #2404
...
Add "Credit to OSS-Fuzz", in addition to Guido Vranken, for identifying
bug #2404 .
2019-04-08 11:23:50 +01:00
Andrzej Kurek
4a8d2dfdd6
all.sh: remove component_test_new_ecdh_context
...
Remove the ecdh_context component to have it only in the crypto repository
2019-04-08 06:20:00 -04:00
Andrzej Kurek
cd9286f1ca
Remove crypto-only related components from all.sh
2019-04-08 05:49:08 -04:00
Ron Eldor
21cb3c34a3
Remove ssl_cert_test sample app
...
Remove the ssl_cert_test sample application, as it uses
hardcoded certificates that moved, and is redundant with the x509
tests and applications. Fixes #1905 .
2019-04-07 16:49:18 +03:00
Janos Follath
4031b314ed
Make CRT callback tests more robust
2019-04-05 16:50:39 +01:00
Janos Follath
ae13beb1d9
Rename constant in client2.c
2019-04-05 16:50:39 +01:00
Janos Follath
846ae7a70d
Document and test flags in x509_verify
2019-04-05 16:45:01 +01:00
Janos Follath
d7ecbd6914
Fix style issues and a typo
2019-04-05 16:44:42 +01:00
Jaeden Amero
aa3402018e
Merge remote-tracking branch 'origin/pr/2535' into development
...
* origin/pr/2535:
Add Wisun Fan device extended key usage
2019-04-05 14:36:08 +01:00
Jaeden Amero
bc5de0f12f
Merge remote-tracking branch 'origin/pr/2368' into development
...
Move ChangeLog entry to BugFix section.
* origin/pr/2368:
Fix default port number information
2019-04-05 14:23:48 +01:00
Jaeden Amero
7c1e6193af
Merge remote-tracking branch 'origin/pr/2464' into development
...
* origin/pr/2464:
Allow main() to lack a docstring.
Silence pylint
check-files.py: readability improvement in permission check
check-files.py: use class fields for class-wide constants
check-files.py: clean up class structure
abi_check.py: Document more methods
check-files.py: document some classes and methods
Fix pylint errors going uncaught
Call pylint3, not pylint
New, documented pylint configuration
2019-04-05 14:19:09 +01:00
Jaeden Amero
d192ba4ef1
Merge remote-tracking branch 'origin/pr/2463' into development
...
* origin/pr/2463:
Fix a rebase error
Wrap lines at 80 columns
Add NIST keywrap as a cipher mode
Fix errors in AEAD test function
2019-04-05 14:15:40 +01:00
Jaeden Amero
62ab1f9961
Merge remote-tracking branch 'origin/pr/2405' into development
...
* origin/pr/2405:
Fix ChangeLog entry ordering
Fix typo
Add non-regression test for buffer overflow
Improve documentation of mbedtls_mpi_write_string()
Adapt ChangeLog
Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
2019-04-05 14:08:49 +01:00
Jaeden Amero
c7acf56504
Merge remote-tracking branch 'origin/pr/2366' into development
...
* origin/pr/2366:
Change Perl to Python in test builds
2019-04-05 13:53:56 +01:00
Jaeden Amero
3d8144731f
Merge remote-tracking branch 'origin/pr/2192' into development
...
* origin/pr/2192:
Increase okm_hex buffer to contain null character
Minor modifications to hkdf test
Add explanation for okm_string size
Update ChangeLog
Reduce buffer size of okm
Reduce Stack usage of hkdf test function
2019-04-05 13:53:14 +01:00
Jaeden Amero
6fc099d550
Merge remote-tracking branch 'origin/pr/2189' into development
...
* origin/pr/2189:
Remove Circle CI script
2019-04-05 13:51:17 +01:00
Jaeden Amero
1b86e4c881
Merge remote-tracking branch 'origin/pr/2106' into development
...
* origin/pr/2106:
x509.c: Fix potential memory leak in X.509 self test
2019-04-05 13:47:06 +01:00
Jack Lloyd
274024f3d5
Fix a rebase error
2019-04-04 07:59:41 -07:00
Janos Follath
924270f769
Fix typo
2019-04-04 12:49:44 +01:00
Janos Follath
ee11be6572
Add test for configuration specific CRT callback
2019-04-04 12:03:30 +01:00
Hanno Becker
f345bafd30
Fix doxygen documentation of mbedtls_ssl_set_verify()
2019-04-03 13:43:15 +01:00
Hanno Becker
efb440afec
Add test exercising context-specific CRT callback to ssl-opt.sh
2019-04-03 13:11:20 +01:00
Hanno Becker
bb425dbb1b
Add cmd to use context-specific CRT callback in ssl_client2
2019-04-03 13:11:15 +01:00
Hanno Becker
8927c83312
Implement context-specific verification callbacks
2019-04-03 12:53:28 +01:00
Hanno Becker
726c97a825
Add context-specific CRT verification callbacks
2019-04-03 12:52:35 +01:00
Hanno Becker
7b58fb1d1c
Improve documentation of mbedtls_ssl_conf_verify()
2019-04-03 12:52:21 +01:00
Ron Eldor
b6dc105456
Add Wisun Fan device extended key usage
...
Add the Wisun extended key usage oid and tests.
2019-04-03 13:48:50 +03:00
Jack Lloyd
5f28999433
Wrap lines at 80 columns
2019-04-02 10:07:28 -07:00
Jack Lloyd
ffdf28851d
Add NIST keywrap as a cipher mode
...
Closes #2003 see also #1658
2019-04-02 10:02:55 -07:00
Jack Lloyd
1dbc5a257f
Fix errors in AEAD test function
...
It was failing to set the key in the ENCRYPT direction before encrypting.
This just happened to work for GCM and CCM.
After re-encrypting, compare the length to the expected ciphertext
length not the plaintext length. Again this just happens to work for
GCM and CCM since they do not perform any kind of padding.
2019-04-02 10:02:55 -07:00
Jarno Lamsa
9822c0d2f1
Fix name to function call
2019-04-01 16:59:48 +03:00
Jarno Lamsa
dfd22c4dbd
Address comments for x509 tests
2019-04-01 15:18:53 +03:00
Jarno Lamsa
f7a7f9ee43
Address review comments regarding ssl_client2 and ssl tests
2019-04-01 15:11:54 +03:00
Jarno Lamsa
2ee67a66f4
Remove mbedtls_ from the static function name
2019-04-01 14:59:33 +03:00
Jarno Lamsa
f49fedc345
Change docs according to review comments
2019-04-01 14:58:30 +03:00
Jarno Lamsa
31d9db6195
Change the verify function naming
...
Change the naming to reflect that the function uses a new ca callback
feature to distinguish different callbacks.
2019-04-01 14:33:49 +03:00
Hanno Becker
d6d100beb7
Fix ssl_client2 and ssl_server2 if !PLATFORM_C
...
The CA callback changes introduce mbedtls_calloc() and
mbedtls_free() to ssl_client2 and ssl_server2, which
wasn't defined unless MBEDTLS_PLATFORM_C was set.
2019-03-30 06:27:43 +00:00
Hanno Becker
1bac87c5dc
Correct placement of usage macro in ssl_client2
2019-03-29 12:02:26 +00:00
Hanno Becker
fed5d9d1e9
Update version_features.c
2019-03-28 17:07:12 +00:00
Hanno Becker
3f932bbc5d
Remove trailing whitespace in test_suite_x509parse.function
2019-03-28 17:06:47 +00:00
Hanno Becker
fa738d148d
Update query_config.c
2019-03-28 17:06:04 +00:00
Hanno Becker
746aaf3f38
Add ssl-opt.sh tests for trusted CA callbacks
2019-03-28 16:13:44 +00:00
Hanno Becker
0350d56286
Only run X.509 CRT verification tests with CA callback tests if !CRL
2019-03-28 16:13:44 +00:00