yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-07 06:15:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
494 commits 88 branches 205 tags 69 MiB
Commit graph

170 commits

Author SHA1 Message Date
Paul Bakker 62dfcf0a55 Prepped for 1.1.8 release 2013-09-25 18:17:36 +02:00
Paul Bakker 68514b09a1 Prepared for PolarSSL release 1.1.7 2013-06-19 12:15:10 +02:00
Paul Bakker b5df3bf1b4 ssl_parse_certificate() now calls x509parse_crt_der() directly 
(cherry picked from commit 1922a4e6aa)

Conflicts:
	library/ssl_tls.c
 2013-06-19 12:08:47 +02:00
Paul Bakker 03a85bca4c pem_read_buffer() already update use_len after header and footer are read 
After header and footer are read, pem_read_buffer() is able to determine
the length of input data used. This allows calling functions to skip
this PEM bit if an error occurs during its parsing.
(cherry picked from commit 9255e8300e)
 2013-06-19 12:06:00 +02:00
Paul Bakker 1fd0e055be Disabled the HAVEGE random generator by default 
Rationale: The HAVEGE random generator has too many caveats to be a
standard generator that people rely on. The HAVEGE random generator is not
suitable for virtualized environments. In addition the HAVEGE random
generator is dependent on timing and specific processor traits that
cannot be guaranteed by default on compile time.

Our advice: only use HAVEGE as an additional random source for your
entropy pool, never as your primary source.
(cherry picked from commit 08f06cf49f)

Conflicts:
	ChangeLog
 2013-06-19 12:05:04 +02:00
Paul Bakker d3cd5c1129 Prepared for PolarSSL 1.1.6 release 2013-03-11 17:02:58 +01:00
Paul Bakker 0a971b5dc8 Removed further timing differences during SSL message decryption in ssl_decrypt_buf() 
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.

The additional MAC checks further straighten out the timing differences.
(cherry picked from commit e47b34bdc8)

Conflicts:
	ChangeLog
	library/ssl_tls.c
 2013-03-11 16:08:06 +01:00
Paul Bakker 332166eeda Added comments to indicate dependency from PEM on AES, DES and MD5 
(cherry picked from commit 6deb37e03e)

Conflicts:
	include/polarssl/config.h
 2013-03-11 16:04:49 +01:00
Paul Bakker 6c04475bfc Fixed typo in base64.h 
(cherry picked from commit fbb5cf9f59)
 2013-03-11 16:04:04 +01:00
Paul Bakker 48b7cb8ea2 Disable debug messages that can introduce a timing side channel. 
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
(cherry picked from commit d66f070d49)

Conflicts:
	include/polarssl/config.h
	library/ssl_tls.c
 2013-03-11 15:59:03 +01:00
Paul Bakker cb60e7c065 Allow enabling of dummy error_strerror() to support some use-cases 
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.

Disable if you run into name conflicts and want to really remove the
error_strerror()
(cherry picked from commit 8fe40dcd7d)

Conflicts:
	ChangeLog
	programs/util/strerror.c
 2013-03-11 15:50:35 +01:00
Paul Bakker 66a531b014 Bumped version numbers to 1.1.5 2013-01-16 14:06:28 +01:00
Paul Bakker 5aef1e10f9 Fixed comments / typos 
(cherry picked from commit 096348fa79)
 2013-01-16 13:16:09 +01:00
Paul Bakker 089b70d5a6 Fixed doxygen blocks 
(cherry picked from commit 77db6ce348)
 2013-01-16 13:16:09 +01:00
Paul Bakker d8ee8440a7 mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 
(cherry picked from commit f6198c1513)
 2013-01-16 12:51:13 +01:00
Paul Bakker a4ed0c9a76 Fixed for SPARC64 
(cherry picked from commit 4f024b7ba9)

Conflicts:
	ChangeLog (Moved to 'Branch 1.1')
 2013-01-14 17:36:48 +01:00
Paul Bakker 9a120fd4f7 Added proper gitignores for Linux CMake use 
(cherry picked from commit 25338d74ac)
 2013-01-14 17:36:45 +01:00
Paul Bakker d36da11125 Version 1.1.4 2012-05-31 10:46:28 +00:00
Paul Bakker a63c9e9fba - Added 1.1.3 changes to 1.1 branch 2012-04-29 20:29:53 +00:00
Paul Bakker e893b669de - Updated polarssl-1.1 branch with merged trunk patches 2012-04-26 19:30:20 +00:00
Paul Bakker 145e68119b - Ready for release 1.1.2 2012-04-20 13:58:28 +00:00
Paul Bakker e2e36d31bd - Merged changes from trunk to PolarSSL 1.1 branch 2012-01-23 09:56:51 +00:00
Paul Bakker d567aa2b6e - Merged Trunk changes for 1.1 into branch 2011-12-22 10:06:27 +00:00
Paul Bakker 732e1a893c - Merged trunk into 1.1 branch 2011-12-11 16:35:09 +00:00
Paul Bakker c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker fc754a9178 - Addedd writing and updating of seedfiles as functions to CTR_DRBG 2011-12-05 13:23:51 +00:00
Paul Bakker 4f5ae803fa - Fixed MS Visual C++ name clash with int64 in sha4.h 2011-12-04 22:10:28 +00:00
Paul Bakker 6c0ceb3f9a - Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error 2011-12-04 12:24:18 +00:00
Paul Bakker 6083fd252d - Added a generic entropy accumulator that provides support for adding custom entropy sources and added some generic and platform dependent entropy sources 2011-12-03 21:45:14 +00:00
Paul Bakker 1bc9efc00a - Fixed const correctness 
- Added ctr_drbg_update for non-fixed data lengths
 - Fixed void pointer arithmetic
 2011-12-03 11:29:32 +00:00
Paul Bakker cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker 2bc7cf16fe - Cleaned up and further documented CTR_DRBG code 2011-11-29 10:50:51 +00:00
Paul Bakker a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00
Paul Bakker 0e04d0e9a3 - Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator 2011-11-27 14:46:59 +00:00
Paul Bakker 4463740fe4 - Improved build support for s390x and sparc64 in bignum.h 2011-11-26 09:23:07 +00:00
Paul Bakker fe3256e54b - Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44) 2011-11-25 12:11:43 +00:00
Paul Bakker b6d5f08051 - Added POLARSSL_MPI_WINDOW_SIZE definition to allow easier time to memory trade-off 2011-11-25 11:52:11 +00:00
Paul Bakker cce9d77745 - Lots of minimal changes to better support WINCE as a build target 2011-11-18 14:26:47 +00:00
Paul Bakker a2713a327c - Made switch for ARM thumb assembly. Still has to be added! 2011-11-18 12:47:23 +00:00
Paul Bakker 5e18aed436 - Changed the defined key-length of DES ciphers in cipher.h to include the parity bits, to prevent mistakes in copying data. (Closes ticket #33) 2011-11-15 15:38:45 +00:00
Paul Bakker f7e5bb5904 - Added cipher_get_cipher_mode() and cipher_get_cipher_operation() introspection functions (Closes ticket #40) 2011-11-11 10:53:37 +00:00
Paul Bakker 2028156556 - Fixed typos in copied text (Fixed ticket #39) 2011-11-11 10:34:04 +00:00
Paul Bakker efc302964c - Extracted ASN.1 parsing code from the X.509 parsing code. Added new module. 2011-11-10 14:43:23 +00:00
Paul Bakker fa1c592860 - Fixed faulty HMAC-MD2 implementation (Fixes ticket #37) 2011-10-06 14:18:49 +00:00
Paul Bakker ca6f3e24a4 - Clarified use of AES and Camellia in CFB and CTR modes 2011-10-06 13:11:08 +00:00
Paul Bakker 490ecc8c3e - Added ssl_set_max_version() to set the client's maximum sent version number 2011-10-06 13:04:09 +00:00
Paul Bakker 7eb013face - Added ssl_session_reset() to allow re-use of already set non-connection specific context information 2011-10-06 12:37:39 +00:00
Paul Bakker 4793cc4620 - Fixed typo in doxygen info 2011-08-17 09:40:55 +00:00
Paul Bakker 314052fbfc - Removed extraneous "polarssl/" in front on include directives in header files 2011-08-15 09:07:52 +00:00
Paul Bakker 4d8ca70833 - Fixed order of comments to match function rsa_pkcs1_decrypt 2011-08-09 10:31:05 +00:00