yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 18:01:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
1867 commits 88 branches 205 tags 69 MiB
Commit graph

325 commits

Author SHA1 Message Date
Paul Bakker 5191e92ecc Added missing x509write_crt_set_version() 2013-10-11 10:54:28 +02:00
Paul Bakker b7c13123de threading_set_own() renamed to threading_set_alt() 2013-10-11 10:51:32 +02:00
Paul Bakker 4aa40d4f51 Better support for MSVC 2013-10-11 10:49:24 +02:00
Paul Bakker b799dec4c0 Merged support for Brainpool curves and ciphersuites 2013-10-11 10:05:43 +02:00
Paul Bakker 1677033bc8 TLS compression only allocates working buffer once 2013-10-11 09:59:44 +02:00
Paul Bakker d61cc3b246 Possible naming collision in dhm_context 2013-10-11 09:38:49 +02:00
Paul Bakker fcc172138c Fixed const-correctness issues 2013-10-11 09:38:06 +02:00
Paul Bakker ddba8822d0 Added bugfixes to ChangeLog 2013-10-11 09:22:12 +02:00
Paul Bakker 3a2c0563c9 Added 1.2.10 to ChangeLog 2013-10-07 16:22:05 +02:00
Paul Bakker d93d28e370 Fixed release date for 1.3.0 2013-10-01 10:15:23 +02:00
Paul Bakker 2466d93546 Threading abstraction layer added 2013-09-28 15:00:02 +02:00
Paul Bakker c13aab18dc Added 1.1.8 and 1.2.9 release 2013-09-26 10:12:19 +02:00
Paul Bakker f18084a201 Ready for 1.3.0 release 2013-09-26 10:07:09 +02:00
Paul Bakker 8b817dc47e Merged support for multiple certificate/key pairs in SSL into 
development
 2013-09-25 18:05:16 +02:00
Paul Bakker c27c4e2efb Support faulty X509 v1 certificates with extensions 
(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
 2013-09-23 15:01:36 +02:00
Paul Bakker 5ad403f5b5 Prepared for 1.3.0 RC0 2013-09-18 21:21:30 +02:00
Paul Bakker 45f21c7ad1 PK layer and X509 core refactoring in ChangeLog 2013-09-18 15:34:45 +02:00
Paul Bakker 7fb4a79f50 Added merged functionality to ChangeLog 2013-09-14 08:15:55 +02:00
Paul Bakker 6ec34fb53d Added ChangeLog for blinding 2013-09-10 14:53:46 +02:00
Paul Bakker 003dbad250 Fixed file descriptor leak in x509parse_crtpath() 2013-09-09 17:26:14 +02:00
Paul Bakker a5943858d8 x509_verify() now case insensitive for cn (RFC 6125 6.4) 2013-09-09 17:21:45 +02:00
Paul Bakker aab30c130c RSA blinding added for CRT operations 2013-08-30 11:03:09 +02:00
Paul Bakker 548957dd49 Refactored RSA to have random generator in every RSA operation 
Primarily so that rsa_private() receives an RNG for blinding purposes.
 2013-08-30 10:30:02 +02:00
Paul Bakker ca174fef80 Merged refactored x509write module into development 2013-08-28 16:32:51 +02:00
Paul Bakker c8676784ff Amended ChangeLog for ECDSA-ciphersuites 2013-08-28 12:15:11 +02:00
Paul Bakker 0be444a8b1 Ability to disable server_name extension (RFC 6066) 2013-08-27 21:55:01 +02:00
Paul Bakker d2f068e071 Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually 2013-08-27 21:19:20 +02:00
Paul Bakker 936539ad4b Updated Changelog to reflect addition of session tickets 2013-08-14 14:26:03 +02:00
Paul Bakker da4d1c35d1 Updated Changelog to reflect feature addition 2013-08-14 14:02:48 +02:00
Paul Bakker 1e6a175362 Support for AIX header locations in net.c module 2013-07-26 14:10:22 +02:00
Paul Bakker f85778efb0 Updated Changelog for EC Key / Cert and RFC 6066 extensions 2013-07-19 14:55:25 +02:00
Paul Bakker fa9b10050b Also compiles / runs without time-based functions in OS 
Can now run without need of time() / localtime() and gettimeofday()
 2013-07-03 17:22:32 +02:00
Paul Bakker 6e339b52e8 Memory-allocation abstraction layer and buffer-based allocator added 2013-07-03 17:22:31 +02:00
Paul Bakker abf2f8fcf9 zlib compression/decompression skipped on empty blocks 2013-06-30 14:57:46 +02:00
Paul Bakker 9e36f0475f SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly 
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
 2013-06-30 14:34:05 +02:00
Paul Bakker 63899feca8 Removed redundant bugfix from ChangeLog (Already done in 1.2.8) 2013-06-30 12:20:03 +02:00
Paul Bakker e2ab84f4a1 Renamed error_strerror() to the less conflicting polarssl_strerror() 
Ability to keep old function error_strerror() as well with
POLARSSL_ERROR_STRERROR_BC. Also works with
POLARSSL_ERROR_STRERROR_DUMMY.
 2013-06-29 18:35:41 +02:00
Paul Bakker 2fbefde1d8 Client and server now filter sent and accepted ciphersuites on minimum 
and maximum protocol version
 2013-06-29 18:35:40 +02:00
Paul Bakker b9d3cfa114 Split up GCM into a start/update/finish cycle 2013-06-26 15:08:29 +02:00
Paul Bakker de65623f3e PolarSSL 1.2.6 and PolarSSL 1.2.7 changes added to ChangeLog 2013-06-24 19:09:24 +02:00
Paul Bakker 248fff5369 PolarSSL 1.1.6 and PolarSSL 1.1.7 changed added to ChangeLog 2013-06-24 19:09:24 +02:00
Paul Bakker 73d4431ccd Fixed parse error in ssl_parse_certificate_request() 2013-05-22 13:56:26 +02:00
Paul Bakker b91c2b5782 PSK and DHE-PSK addition to ChangeLog 2013-04-19 20:47:26 +02:00
Paul Bakker 8f4ddaeea9 Ability to specify allowed ciphersuites based on the protocol version. 
The ciphersuites parameter in the ssl_session structure changed from
'int *' to 'int *[4]'.

The new function ssl_set_ciphersuite_for_version() sets specific entries
inside this array. ssl_set_ciphersuite() sets all entries to the same
value.
(cherry picked from commit a62729888b)

Conflicts:
	ChangeLog
	library/ssl_srv.c
	library/ssl_tls.c
 2013-04-16 18:09:45 +02:00
Paul Bakker eff2e6d414 Fixed MPI assembly for ARM when -O2 is used 
GCC with -O2 or higher also needs to now about 'cc' in the clobber list.
 2013-04-11 17:13:22 +02:00
Paul Bakker c70b982056 OID functionality moved to a separate module. 
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).

As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.

All OID definitions have been moved to oid.h
All OID matching code is in the OID module.

The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.

The SSL layer cleanup up as a result and adapted to use the MD layer.

The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.

The X509 writer cleaned up and adapted to use the MD layer.

Apps and tests modified accordingly
 2013-04-07 22:00:46 +02:00
Paul Bakker 41c83d3f67 Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS 
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
 2013-03-20 14:39:14 +01:00
Paul Bakker 68884e3c09 Moved to advanced ciphersuite representation and more dynamic SSL code 2013-03-13 14:48:32 +01:00
Paul Bakker 9b5798dc75 Modified ChangeLog to include explanations of last SSL module changes 2013-03-13 13:53:00 +01:00
Paul Bakker 90f042d4cb Prepared for PolarSSL 1.2.6 release 2013-03-11 11:38:44 +01:00
Paul Bakker fb1cbd3cea Fixed assembly code for ARM (Thumb and regular) for some compilers 2013-03-06 18:14:52 +01:00
Paul Bakker e81beda60f The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain) 
The real peer certificate is copied into a x509_buf in the
ssl_cache_entry and reinstated upon cache retrieval. The information
about the rest of the certificate chain is lost in the process.

As the handshake (and certificate verification) has already been
performed, no issue is foreseen.
 2013-03-06 18:01:03 +01:00
Paul Bakker a35aa54967 Fixed whitespaces in ChangeLog 2013-03-06 18:01:03 +01:00
Paul Bakker 78a8c71993 Re-added support for parsing and handling SSLv2 Client Hello messages 
If the define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is enabled,
the SSL Server module can handle the old SSLv2 Client Hello messages.

It has been updated to deny SSLv2 Client Hello messages during
renegotiation.
 2013-03-06 18:01:03 +01:00
Paul Bakker 37286a573b Fixed net_bind() for specified IP addresses on little endian systems 2013-03-06 18:01:03 +01:00
Paul Bakker 8804f69d46 Removed timing differences due to bad padding from RSA decrypt for 
PKCS#1 v1.5 operations
 2013-03-06 18:01:03 +01:00
Paul Bakker a43231c5a5 Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt() 2013-03-06 18:01:02 +01:00
Paul Bakker b386913f8b Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions 
Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and
rsa_rsaes_pkcs1_v15_encrypt()
Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and
rsa_rsaes_pkcs1_v15_decrypt()
Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and
rsa_rsassa_pkcs1_v15_sign()
Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and
rsa_rsassa_pkcs1_v15_verify()

The original functions exist as generic wrappers to these functions.
 2013-03-06 18:01:02 +01:00
Paul Bakker e3e4a59622 Added bugfix line for previous fixes for MS Visual Studio 2013-03-06 18:01:02 +01:00
Paul Bakker 3d2dc0f8e5 Corrected GCM counter incrementation to use only 32-bits instead of 128-bits 
Using 32-bits has the possibility to overwrite the IV in the first 12
bytes of the Y variable.

Found by Yawning Angel
 2013-02-28 10:55:39 +01:00
Paul Bakker e47b34bdc8 Removed further timing differences during SSL message decryption in ssl_decrypt_buf() 
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.

The additional MAC checks further straighten out the timing differences.
 2013-02-27 14:48:00 +01:00
Paul Bakker c0463502ff Fixed memory leak in ssl_free() and ssl_reset() for active session 2013-02-14 11:19:38 +01:00
Paul Bakker c7a2da437e Updated for PolarSSL 1.2.5 2013-02-02 19:23:57 +01:00
Paul Bakker 40865c8e5d Added sending of alert messages in case of decryption failures as per RFC 
The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder.
 2013-02-02 19:04:13 +01:00
Paul Bakker d66f070d49 Disable debug messages that can introduce a timing side channel. 
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
 2013-02-02 19:04:13 +01:00
Paul Bakker 4582999be6 Fixed timing difference resulting from badly formatted padding. 2013-02-02 19:04:13 +01:00
Paul Bakker 8fe40dcd7d Allow enabling of dummy error_strerror() to support some use-cases 
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.

Disable if you run into name conflicts and want to really remove the
error_strerror()
 2013-02-02 12:43:08 +01:00
Paul Bakker 14c56a3378 Updated for PolarSSL 1.2.4 2013-01-25 17:11:37 +01:00
Paul Bakker 9d2bb658fc Added PolarSSL 1.1.5 ChangeLog from 1.1 branch 2013-01-25 16:07:49 +01:00
Paul Bakker 1961b709d8 Added ssl_handshake_step() to allow single stepping the handshake 
process

Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted.
 2013-01-25 14:49:24 +01:00
Paul Bakker 9c94cddeae Correctly handle CertificateRequest with empty DN list in <= TLS 1.1 2013-01-22 14:21:49 +01:00
Paul Bakker 21dca69ef0 Handle future version properly in ssl_write_certificate_request() 2013-01-03 11:41:08 +01:00
Paul Bakker 40628bad98 Memory leak when using RSA_PKCS_V21 operations fixed 2013-01-03 10:50:31 +01:00
Paul Bakker fb1ba781b3 Updated for release 1.2.3 2012-11-26 16:28:25 +01:00
Paul Bakker df5069cb97 Updated for 1.2.2 release 2012-11-24 12:20:19 +01:00
Paul Bakker 7c90da9e75 Amended ChangeLog for client authentication fix 2012-11-23 14:02:40 +01:00
Paul Bakker e667c98fb1 Added p_hw_data to ssl_context for context specific hardware acceleration data 2012-11-20 13:50:22 +01:00
Paul Bakker 1492633e54 Updated date for release 2012-11-20 10:58:09 +01:00
Manuel Pégourié-Gonnard e44ec108be Fixed segfault in mpi_shift_r() 
Fixed memory leak in test_suite_mpi
Amended ChangeLog
 2012-11-18 23:15:02 +01:00
Paul Bakker 34d8dbcc6d - Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0) 2012-11-14 12:11:38 +00:00
Paul Bakker b815682a48 - Updated Changelog for 1.2.1 2012-11-13 12:52:17 +00:00
Paul Bakker 9daf0d0651 - Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 2012-11-13 12:13:27 +00:00
Paul Bakker f02c5642d0 - Allow R and A to point to same mpi in mpi_div_mpi 2012-11-13 10:25:21 +00:00
Paul Bakker d9374b05d6 - Moved mpi_inv_mod() outside POLARSSL_GENPRIME 2012-11-02 11:02:58 +00:00
Paul Bakker 7a2538ee38 - Fixes for MSVC6 2012-11-02 10:59:36 +00:00
Paul Bakker c9c5df98de - Updated for PolarSSL 1.2.0 2012-10-31 13:55:27 +00:00
Paul Bakker 645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker 4f024b7ba9 - Fixed for SPARC64 2012-10-30 07:29:57 +00:00
Paul Bakker d5834bb394 - Added release text for 1.1.4 to ChangeLog 2012-10-02 14:38:56 +00:00
Paul Bakker 5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker 1d29fb5e33 - Added option to add minimum accepted SSL/TLS protocol version 2012-09-28 13:28:45 +00:00
Paul Bakker 915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker 5701cdcd02 - Added ServerName extension parsing (SNI) at server side 2012-09-27 21:49:42 +00:00
Paul Bakker eb2c658163 - Generalized external private key implementation handling (like PKCS#11) in SSL/TLS 2012-09-27 19:15:01 +00:00
Paul Bakker 0a59707523 - Added simple SSL session cache implementation 
- Revamped session resumption handling
 2012-09-25 21:55:46 +00:00
Paul Bakker b00ca42f2a - Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob 2012-09-25 12:10:00 +00:00
Paul Bakker 29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker 995a215eac - Added credits 2012-09-25 08:19:56 +00:00
Paul Bakker d4c2bd79fe - Added bug 2012-09-16 21:35:30 +00:00
Paul Bakker 48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00