Commit graph

5380 commits

Author SHA1 Message Date
Hanno Becker 64a8c0acd6 Verify PKCS1 v1.5 signature without parsing
This commit modifies the PKCS1 v1.5 signature verification function `mbedtls_rsa_rsassa_pkcs1_v15_verify` to prepare the
expected PKCS1-v1.5-encoded hash using the function also used by the signing routine `mbedtls_rsa_rsassa_pkcs1_v15_sign`
and comparing it to the provided byte-string afterwards. This comes at the benefits of (1) avoiding any error-prone
parsing, (2) removing the dependency of the RSA module on the ASN.1 parsing module, and (3) reducing code size.
2017-10-03 07:58:00 +01:00
Hanno Becker fdf38030de Outsource code for generating PKCS1 v1.5 encoding
This commit moves the code preparing PKCS1 v1.5 encoded hashes from `mbedtls_rsa_rsassa_pkcs1_v15_sign` to a separate
non-public function `rsa_rsassa_pkcs1_v15_encode`. This code-path will then be re-used by the signature verification function
`mbetls_rsa_rsassa_pkcs1_v15_verify` in a later commit.
2017-10-03 07:58:00 +01:00
Hanno Becker 171a8f1c95 Move constant time memcmp for signature verification
This commit replaces the ad-hoc code for constant-time double-checking the PKCS1 v1.5 RSA signature by an invocation of
`mbedtls_safer_memcmp`.
2017-10-03 07:58:00 +01:00
Hanno Becker 558477d073 Add tests for non-reduced length encoding in PKCS1 v15 signatures
This commit adds some tests to the RSA test suite verifying that RSA PKCS-v15 signatures with non-reduced length
encodings are refuted. Details are provided via comments in the test suite data file.
2017-10-03 07:57:16 +01:00
Xinyu Chen 00afe1c046 Correct the printf message of the DTLS handshake.
Make it consistent with dtls_server.c
2017-09-30 09:52:38 +01:00
Gilles Peskine 5b7ee07ff6 Cleaned up get_line for test data files
Look, ma, a use for do...while!

Also removed 1-3 calls to strlen.
2017-09-29 18:00:25 +02:00
Gilles Peskine 26182edd0c Allow comments in test data files 2017-09-29 15:45:12 +02:00
Simon Butcher 72ea31b026 Update version number to 2.6.0 2017-08-10 11:51:16 +01:00
Simon Butcher 01971d094e Fix language in Changelog for clarity 2017-08-10 10:48:01 +01:00
Hanno Becker 85b602e5d0 Improve documentation of PKCS1 decryption functions
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- mbedtls_rsa_pkcs1_decrypt,
- mbedtls_rsa_rsaes_pkcs1_v15_decrypt
- mbedtls_rsa_rsaes_oaep_decrypt
2017-08-01 22:48:41 +01:00
Simon Butcher 3f2557e6f1 Fix style and missing item in ChangeLog 2017-08-01 18:06:12 +01:00
Simon Butcher a418e82a35 Add credit to Changelog to fix for #666 2017-07-28 23:52:10 +01:00
Simon Butcher a55e084bce Fix naked call to time() with platform call
In ssl_cache.c a call to time() was being made instead of it's platform
equivalent.
2017-07-28 23:46:43 +01:00
Simon Butcher 9fae22269b Fix ChangeLog for duplication after merge 2017-07-28 22:32:23 +01:00
Hanno Becker 61937d4a83 Rename time and index parameter to avoid name conflict.
As noted in #557, several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.

This commit renames the arguments accordingly.
2017-07-28 22:28:08 +01:00
Hanno Becker 840bace417 Correct comment 2017-07-28 22:28:08 +01:00
Hanno Becker 7ec83df47f Adapt ChangeLog 2017-07-28 22:28:08 +01:00
Hanno Becker ce37e6269e Reliably zeroize sensitive data in AES sample application
The AES sample application programs/aes/aescrypt2 could miss zeroizing
the stack-based key buffer in case of an error during operation. This
commit fixes this and also clears another temporary buffer as well as
all command line arguments (one of which might be the key) before exit.
2017-07-28 22:28:08 +01:00
Hanno Becker f601ec5f34 Reliably zeroize sensitive data in Crypt-and-Hash sample application
The AES sample application programs/aes/crypt_and_hash could miss
zeroizing the stack-based key buffer in case of an error during
operation. This commit fixes this and also clears all command line
arguments (one of which might be the key) before exit.
2017-07-28 22:28:08 +01:00
Andres AG 6b171e4aec Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-28 22:28:04 +01:00
Andres AG ce49a25033 Fix potential integer overflow parsing DER CRL
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-28 22:28:04 +01:00
Ron Eldor 2dfb02151d Move the git scripts to correct path
The git scripts were accidently put in `test` folder instead of `tests`.
Moved them to `tests` folder
2017-07-28 22:28:04 +01:00
Ron Eldor cf61d7d992 Update after @sbutcher-arm comments
1. Move the scripts to test/git-scripts folder
2. Support the script to run independant, not only with git
3. modify Readme accordingly
2017-07-28 22:28:04 +01:00
Ron Eldor 13067fca9d Fix slash direction for linux path
Update direction of the slash, for linux path, after @hanno-arm comments
2017-07-28 22:28:04 +01:00
Ron Eldor e9b3f7ea3f Add note for the git_hoos README file
Add a note to the git_hooks README.md file, to state that currently
they only work on GNU platforms
2017-07-28 22:28:04 +01:00
Ron Eldor f16ce1cfb7 Pre push hook script
Add git_hook folder, and pre-push script,
to be soft linked from .git/hooks/pre-push
2017-07-28 22:28:04 +01:00
Ron Eldor a207e75089 Check return code of mbedtls_mpi_fill_random
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
2017-07-28 22:27:30 +01:00
Ron Eldor 7faf92a2fe Resource leak fix on windows platform
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-28 22:27:30 +01:00
Ron Eldor 368d55c549 Wrong preproccessor condition fix
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-28 22:27:30 +01:00
Ron Eldor d5a75f44a1 fix for issue 1118: check if iv is zero in gcm.
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-28 22:27:29 +01:00
Janos Follath c08d9ddd55 Remove mutexes from ECP hardware acceleration
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
2017-07-28 22:27:29 +01:00
Hanno Becker c6f346b60c Fix get option in config.pl script 2017-07-28 16:45:55 +01:00
Simon Butcher bcfa6f42e3 Fix the check for max CA intermediates in ssl-opt.sh
The tests only work for a specific number for MBEDTLS_X509_MAX_INTERMEDIATE_CA
so the check has been changed to confirm the default value, and to show an error
otherwise.
2017-07-28 16:43:33 +01:00
Simon Butcher efdfeeba6a Fix threshold checks for MBEDTLS_X509_MAX_INTERMEDIATE_CA 2017-07-28 12:15:13 +01:00
Simon Butcher 85097c7c38 Merge branch 'development' 2017-07-28 01:12:38 +01:00
Simon Butcher b060cc21b1 Reorder and group sections in the ChangeLog 2017-07-28 01:04:34 +01:00
Simon Butcher 06b786372c Change a ssl-opt.sh script sanity checks
Change the check in ssl-opt.sh for MBEDTLS_X509_MAX_INTERMEDIATE_CA to
check config.h instead of the x509 headers.
2017-07-28 01:00:17 +01:00
Simon Butcher 00d3cc61a6 Fix merge errors in ChangeLog 2017-07-27 21:44:34 +01:00
Andres AG 2e3ddfac5f Prevent signed integer overflow in CSR parsing
Modify the function mbedtls_x509_csr_parse_der() so that it checks the
parsed CSR version integer before it increments the value. This prevents
a potential signed integer overflow, as these have undefined behaviour
in the C standard.
2017-07-27 21:44:34 +01:00
Andres AG 80164741e1 Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-27 21:44:34 +01:00
Andres AG 7d6ec7bacc Add CRT DER tests with incorrect version 2017-07-27 21:44:34 +01:00
Andres AG c124061681 Add CRL DER tests with incorrect version 2017-07-27 21:44:34 +01:00
Andres AG 6fb6d79a37 Add CSR DER tests with incorrect version 2017-07-27 21:44:34 +01:00
Andres AG 4f753c1186 Fix potential integer overflow parsing DER CRL
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-27 21:44:34 +01:00
Ron Eldor d922c78aa4 Move the git scripts to correct path
The git scripts were accidently put in `test` folder instead of `tests`.
Moved them to `tests` folder
2017-07-27 21:44:34 +01:00
Ron Eldor d731eb8f55 Update after @sbutcher-arm comments
1. Move the scripts to test/git-scripts folder
2. Support the script to run independant, not only with git
3. modify Readme accordingly
2017-07-27 21:44:34 +01:00
Ron Eldor 50bdf74b5c Fix slash direction for linux path
Update direction of the slash, for linux path, after @hanno-arm comments
2017-07-27 21:44:34 +01:00
Ron Eldor 3f9cc28f02 Add note for the git_hoos README file
Add a note to the git_hooks README.md file, to state that currently
they only work on GNU platforms
2017-07-27 21:44:34 +01:00
Ron Eldor bf007d297d Pre push hook script
Add git_hook folder, and pre-push script,
to be soft linked from .git/hooks/pre-push
2017-07-27 21:44:34 +01:00
Simon Butcher 6f262c4e3e Minor typo fixes in the github template files 2017-07-27 21:44:34 +01:00