yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-22 03:21:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
1018 commits 88 branches 205 tags 69 MiB
Commit graph

220 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard d7d0b0118c Add test case for root with max_pathlen=0 
This was already working but not tested so far

(Test case from previous commit still failing.)

Test certificates generated with:

programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert91.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert92.key

programs/x509/cert_write serial=91 output_file=cert91.crt is_ca=1 \
    issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
    selfsign=1 max_pathlen=0
programs/x509/cert_write serial=92 output_file=cert92.crt \
    issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
    subject_key=cert92.key subject_name="CN=EE 92,O=mbed TLS,C=UK"
 2015-12-03 09:49:57 +01:00
Manuel Pégourié-Gonnard cec3289659 Add test case for first intermediate max_pathlen=0 
!!! This test case is currently failing !!!
(See fix in next-next commit.)

Test certificates generated with the following script:
(using mbed TLS 2.2 as 1.2 does not hove those programs)

programs/pkey/gen_key type=rsa filename=cert81.key
programs/pkey/gen_key type=rsa filename=cert82.key
programs/pkey/gen_key type=rsa filename=cert83.key

programs/x509/cert_write serial=81 output_file=cert81.crt is_ca=1 \
    issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
    selfsign=1
programs/x509/cert_write serial=82 output_file=cert82.crt is_ca=1 \
    issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
    subject_key=cert82.key subject_name="CN=Int 82,O=mbed TLS,C=UK" \
    max_pathlen=0
programs/x509/cert_write serial=83 output_file=cert83.crt \
    issuer_key=cert82.key issuer_name="CN=Int 82,O=mbed TLS,C=UK" \
    subject_key=cert83.key subject_name="CN=EE 83,O=mbed TLS,C=UK"
 2015-12-02 12:04:49 +01:00
Simon Butcher 0d1cf0fec1 Change version number to 1.2.18 
Changed for library version
 2015-11-06 10:51:16 +00:00
Manuel Pégourié-Gonnard 4dd43ae647 Use own implementation of strsep() 2015-11-02 06:52:52 +09:00
Manuel Pégourié-Gonnard 7a4d9a5b92 Use symbolic constants in test data 2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard ab003740b4 Additional corner cases for testing pathlen constrains 
backport of 3d98a7e
 2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard 03ae1bc3f2 Added test case for pathlen constrains in intermediate certificates 2015-11-02 06:09:57 +09:00
Manuel Pégourié-Gonnard 305722fa12 Bump version to 1.2.17 2015-10-05 19:14:51 +01:00
Manuel Pégourié-Gonnard 9405e462d0 Bump version to 1.2.15 2015-09-17 11:55:25 +02:00
Manuel Pégourié-Gonnard 121f7c9475 Disable -Wunused-result in programs and tests 2015-08-11 03:42:34 +02:00
Manuel Pégourié-Gonnard a1e6ba6477 Fix compiler warning in test 2015-08-10 17:15:43 +02:00
Manuel Pégourié-Gonnard 59e7c73329 Silence compiler warning in test 
Happens with some, but not all, versions of GCC/Glibc.
 2015-08-10 16:52:50 +02:00
Manuel Pégourié-Gonnard 027b79fd36 Make tests/compat.sh executable 2015-08-10 16:37:09 +02:00
Paul Bakker 7fc4e3e225 Prepare for 1.2.15 release 2015-08-10 15:06:34 +01:00
Manuel Pégourié-Gonnard 5324d411da Up min size of DHM params to 1024 bits 2015-06-29 18:54:28 +02:00
Paul Bakker 7b209579c6 Prepare for 1.2.14 release 2015-06-26 15:35:30 +01:00
Paul Bakker 9fdc58fd9e Ready for release 1.2.13 2015-02-16 15:17:32 +01:00
Manuel Pégourié-Gonnard d8a1ea72b1 Fix potential buffer overread of size 1 2014-11-17 12:27:49 +01:00
Manuel Pégourié-Gonnard 309c798b2b Fix memory leak in PKCS#5 test suite 2014-11-17 11:56:08 +01:00
Manuel Pégourié-Gonnard 3c17460a1f Fix warning in RSA test suite 2014-11-17 11:52:51 +01:00
Manuel Pégourié-Gonnard 6c28491a15 Backport build modes from 1.3 2014-11-17 11:15:13 +01:00
Manuel Pégourié-Gonnard aec1385551 compat.sh exits non-zero on failure 2014-11-17 11:12:33 +01:00
Manuel Pégourié-Gonnard 017bf57daa Forbid repeated X.509 extensions 2014-11-17 11:01:09 +01:00
Manuel Pégourié-Gonnard fdec957e55 Fix memory leak with crafted X.509 certs 2014-11-17 11:01:08 +01:00
Manuel Pégourié-Gonnard d3ae430241 Fix uninitialised pointer dereference 2014-11-17 11:01:08 +01:00
Paul Bakker fc3697ce2b Prepared for PolarSSL-1.2.12 2014-10-24 10:42:52 +02:00
Manuel Pégourié-Gonnard 6b44038913 Fix memory leak parsing some X.509 certs 2014-10-23 14:53:46 +02:00
Paul Bakker 695266cb51 Updated to version 1.2.11 2014-07-11 11:26:03 +02:00
Paul Bakker 1d073c59ad Add static and casts to prevent compiler warnings 2014-07-08 20:17:07 +02:00
Andre Heinecke dcbd74f699 Fix symlink command for cross compiling 
Check for the host system to determine which command should be used
to create a symlink. Otherwise symlinking will fail when cross
compiling polarssl on a unix host for windows.
 2014-07-08 18:28:49 +02:00
Markus Pfeiffer 55bdbc1834 Make compilation on DragonFly work 2014-07-08 18:28:44 +02:00
Paul Bakker 95a11f8c16 On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-07-08 18:28:40 +02:00
Paul Bakker b0af56334c rsa_check_pubkey() now allows an E up to N 2014-07-08 18:28:36 +02:00
Paul Bakker bc8984931c Improvements to tests/Makefile when using shared library 2014-07-08 11:32:12 +02:00
Paul Bakker 0d844dd650 Add x509parse_time_future() 2014-07-07 17:46:36 +02:00
Paul Bakker 57ca5702fd Fixed CMake symlinking on out-of-source builds 2014-07-07 17:46:32 +02:00
Paul Bakker e96bfbc6bd Fixed testing with out-of-source builds using cmake 2014-07-07 17:46:30 +02:00
Manuel Pégourié-Gonnard c675e4bde5 Fix bug in RSA PKCS#1 v1.5 "reversed" operations 2014-07-07 17:46:29 +02:00
Manuel Pégourié-Gonnard 3cb407107d Fix "check" mode warnings 2014-07-07 16:05:06 +02:00
Manuel Pégourié-Gonnard 91b05ac5ed Replace expired test certificate 2014-07-07 16:01:36 +02:00
Manuel Pégourié-Gonnard ec8f2ffe90 Fix bug in rnd_pseudo_rnd() test helper function 
Only the first 4 bytes of the output were set, the rest was untouched.
 2014-07-07 16:01:13 +02:00
Paul Bakker 26e281831e Renamed test_offset to prevent clash with one in ctr_drbg.c 2014-07-07 14:36:30 +02:00
Paul Bakker adace27ec9 Prepped for 1.2.10 release 2013-10-04 17:07:26 +02:00
Paul Bakker e45574e7de Prepped for 1.2.9 release 2013-09-25 18:42:42 +02:00
Paul Bakker 43f9799ce6 RSA blinding on CRT operations to counter timing attacks 2013-09-23 11:23:31 +02:00
Paul Bakker f65fbee52b x509_verify() now case insensitive for cn (RFC 6125 6.4) 
(cherry picked from commit a5943858d8)

Conflicts:
	ChangeLog
	library/x509parse.c
	tests/suites/test_suite_x509parse.data
 2013-09-11 13:31:55 +02:00
Paul Bakker 1d419500b0 Prepared for PolarSSL release 1.2.8 2013-06-19 11:48:04 +02:00
Paul Bakker db7ea6f162 Made x509parse PKCS#12 and PKCS#5 tests dependent on defines 2013-06-18 16:47:59 +02:00
Paul Bakker 14a222cef2 Moved PKCS#12 PBE functions to cipher / md layer where possible 
The 3-key and 2-key Triple DES PBE functions have been replaced with a
single pkcs12_pbe() function that handles both situations (and more).

In addition this allows for some PASSWORD_MISMATCH checking
 2013-06-18 16:35:48 +02:00
Paul Bakker b495d3a2c7 x509parse_crt() and x509parse_crt_der() return X509 password related codes 
POLARSSL_ERR_X509_PASSWORD_MISMATCH is returned instead of
POLARSSL_ERR_PEM_PASSWORD_MISMATCH and
POLARSSL_ERR_X509_PASSWORD_REQUIRED instead of
POLARSSL_ERR_PEM_PASSWORD_REQUIRED

Rationale: For PKCS#8 encrypted keys the same are returned
 2013-06-17 15:58:04 +02:00