Commit graph

828 commits

Author SHA1 Message Date
Simon Butcher 8e9cccb652 Merge branch 'mbedtls-2.1' 2016-03-30 01:49:22 +01:00
Simon Butcher e6c8499c6c Merge branch 'mbedtls-2.1' 2016-03-30 00:59:09 +01:00
Simon Butcher 9ff2d96fe2 Fix Changelog for backport of IOTSSL-621 2016-03-17 11:09:45 +00:00
Simon Butcher 67c1ea7abd Merge 'iotssl-621-potential-integer-overflow'
Backport of fix for IOTSSL-621
2016-03-17 10:21:18 +00:00
Simon Butcher fe0e8d2331 Fix ChangeLog after merging fix for IOTSSL-628 2016-03-16 23:08:18 +00:00
Janos Follath 4d9bbc4e36 Extended ChangeLog entry 2016-03-16 23:05:58 +00:00
Janos Follath 3cbdbf918f Add Changelog entry for current branch 2016-03-16 23:05:25 +00:00
Janos Follath 16734f011b x509: trailing bytes in DER: fix bug
Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer after DER certificates to be included in the raw representation. #377
2016-03-15 23:47:36 +00:00
Janos Follath 3415cc2f35 Add Changelog entry for current branch 2016-03-15 09:52:56 +00:00
Janos Follath d936b04429 Add Changelog entry for current branch 2016-03-01 22:09:20 +00:00
Manuel Pégourié-Gonnard 7715e669f1 Avoid build errors with -O0 due to assembly 2016-01-08 14:52:55 +01:00
Manuel Pégourié-Gonnard bb81b4a009 Make ar invocation more portable
armar doesn't understand the syntax without dash. OTOH, the syntax with dash
is the only one specified by POSIX, and it's accepted by GNU ar, BSD ar (as
bundled with OS X) and armar, so it looks like the most portable syntax.

fixes #386
2016-01-08 14:52:14 +01:00
Manuel Pégourié-Gonnard 96ec00dd3a Update ChangeLog for latest PR merged
fixes #309
2016-01-08 14:51:51 +01:00
Manuel Pégourié-Gonnard ddf118961a Update reference to attack in ChangeLog
We couldn't do that before the attack was public
2016-01-08 14:46:44 +01:00
Simon Butcher 543e4366bc Change version number to 2.1.4
Changed version for library files and yotta module
2016-01-04 22:41:11 +00:00
Manuel Pégourié-Gonnard ff0a22bd9b Tune description of a change/bugfix in ChangeLog 2016-01-04 17:39:38 +01:00
Simon Butcher 28b35c02f7 Merge branch 'mbedtls-2.1'
Merge of fix for memory leak in RSA-SSA signing - #372
2016-01-01 23:37:07 +00:00
Simon Butcher 318daf0c7e Fix for memory leak in RSA-SSA signing
Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
2016-01-01 23:15:10 +00:00
Simon Butcher 976794a212 Merge remote-tracking branch 'origin/mbedtls-2.1' into HEAD 2015-12-31 23:42:54 +00:00
Simon Butcher 8360433788 Merge branch 'iotssl-541-2.1-pathlen-bugfix' 2015-12-31 23:21:52 +00:00
Simon Butcher 59d2218f63 Clarification in ChangeLog 2015-12-23 18:53:21 +00:00
Simon Butcher aa4114910a Merge 'iotssl-558-2.1-md5-tls-sigs-restricted' 2015-12-23 18:52:18 +00:00
Simon Butcher 35ea92dbc6 Merge 'iotssl-566-2.1-double-free-restricted'
Merge remote-tracking branch
'restricted/iotssl-566-2.1-double-free-restricted' into mbedtls-2.1
2015-12-23 16:49:46 +00:00
Simon Butcher 2bc3897a53 Typo in ChangeLog 2015-12-22 19:38:55 +00:00
Simon Butcher e82ac57ef6 Merge remote-tracking branch 'origin/misc-2.1' into mbedtls-2.1 2015-12-22 19:36:17 +00:00
Simon Butcher e103aa8a53 Added description of change to the Changelog
Also clarified some comments following review.
2015-12-16 01:51:01 +00:00
Manuel Pégourié-Gonnard 9055c1a011 Fix wrong length limit in GCM
See for example page 8 of
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf

The previous constant probably came from a typo as it was 2^26 - 2^5 instead
of 2^36 - 2^5. Clearly the intention was to allow for a constant bigger than
2^32 as the ull suffix and cast to uint64_t show.

fixes #362
2015-12-10 15:08:37 +01:00
Manuel Pégourié-Gonnard 3e60d2a458 Fix potential double free in cert writing code
In case an entry with the given OID already exists in the list passed to
mbedtls_asn1_store_named_data() and there is not enough memory to allocate
room for the new value, the existing entry will be freed but the preceding
entry in the list will sill hold a pointer to it. (And the following entries
in the list are no longer reachable.) This results in memory leak or a double
free.

The issue is we want to leave the list in a consistent state on allocation
failure. (We could add a warning that the list is left in inconsistent state
when the function returns NULL, but behaviour changes that require more care
from the user are undesirable, especially in a stable branch.)

The chosen solution is a bit inefficient in that there is a time where both
blocks are allocated, but at least it's safe and this should trump efficiency
here: this code is only used for generating certificates, which is unlikely to
be done on very constrained devices, or to be in the critical loop of
anything. Also, the sizes involved should be fairly small anyway.

fixes #367
2015-12-10 11:24:35 +01:00
Manuel Pégourié-Gonnard 2bbfee3cbc Add credits to ChangeLog 2015-12-08 16:14:30 +01:00
Manuel Pégourié-Gonnard b39528e2e8 Disable MD5 in handshake signatures by default 2015-12-04 15:13:36 +01:00
Manuel Pégourié-Gonnard d847f1f46a Fix ChangeLog 2015-11-19 12:17:17 +01:00
Manuel Pégourié-Gonnard b030c33e57 Fix bug checking pathlen on first intermediate
Remove check on the pathLenConstraint value when looking for a parent to the
EE cert, as the constraint is on the number of intermediate certs below the
parent, and that number is always 0 at that point, so the constraint is always
satisfied.

The check was actually off-by-one, which caused valid chains to be rejected
under the following conditions:
- the parent certificate is not a trusted root, and
- it has pathLenConstraint == 0 (max_pathlen == 1 in our representation)

fixes #280
2015-11-19 11:26:52 +01:00
Simon Butcher ef43d41f67 Changed version number to 2.1.3
Changed for library
2015-11-04 22:08:33 +00:00
Simon Butcher b2d2fec5a4 Corrected typo in ChangeLog 2015-11-03 23:12:36 +00:00
Manuel Pégourié-Gonnard 0d66bb959f Fix potential buffer overflow in asn1write 2015-11-02 10:42:44 +09:00
Manuel Pégourié-Gonnard 9dc66f4b2f Fix potential heap corruption on Windows
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
2015-11-02 10:41:13 +09:00
Manuel Pégourié-Gonnard ffb8180733 Fix potential double-free in ssl_conf_psk() 2015-11-02 10:40:14 +09:00
Manuel Pégourié-Gonnard 1cf8851a77 Add ChangeLog entry for ASN.1 DER boolean fix 2015-11-02 06:00:38 +09:00
Manuel Pégourié-Gonnard 621f83e5c5 Fix typo in an OID name
fixes #314
2015-11-02 05:58:10 +09:00
Manuel Pégourié-Gonnard 7a40dc686f Disable reportedly broken assembly of Sparc(64)
fixes #292
2015-11-02 05:57:49 +09:00
Manuel Pégourié-Gonnard e55448a50f Add Changelog entries for max_pathlen fixes 2015-11-02 05:56:57 +09:00
Manuel Pégourié-Gonnard 8f115968da Pick up ChangeLog fixes from development 2015-10-28 13:55:28 +01:00
Manuel Pégourié-Gonnard 93080dfacf Fix missing check for RSA key length on EE certs
- also adapt tests to use lesser requirement for compatibility with old
  testing material
2015-10-28 13:22:32 +01:00
Manuel Pégourié-Gonnard 722da74cfc Fix attribution in ChangeLog 2015-10-28 13:20:16 +01:00
Manuel Pégourié-Gonnard a314076486 Fix handling of non-fatal alerts
fixes #308
2015-10-28 13:19:55 +01:00
Manuel Pégourié-Gonnard f9945bc283 Fix #ifdef inconsistency
fixes #310

Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.

Conflicts:
	ChangeLog
2015-10-28 13:16:33 +01:00
Manuel Pégourié-Gonnard 1cb668cf0f ECHDE-PSK does not use a certificate
fixes #270
2015-10-28 13:15:12 +01:00
Manuel Pégourié-Gonnard 5ce77da2b3 Mention performance fix in ChangeLog 2015-10-27 10:35:02 +01:00
Manuel Pégourié-Gonnard c4e7d8a381 Bump version to 2.1.2
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard ca056c7748 Fix CVE number in ChangeLog 2015-10-05 18:21:34 +01:00