Commit graph

909 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 68c96e48ce Fix bignum ASM format for X86-64 2014-07-07 16:01:14 +02:00
Manuel Pégourié-Gonnard ec8f2ffe90 Fix bug in rnd_pseudo_rnd() test helper function
Only the first 4 bytes of the output were set, the rest was untouched.
2014-07-07 16:01:13 +02:00
Paul Bakker d83584e9aa Fixed potential overflow in certificate size in ssl_write_certificate() 2014-07-07 16:01:11 +02:00
Paul Bakker 78e819698b Added missing MPI_CHK() around some statements 2014-07-07 16:01:10 +02:00
Paul Bakker b5296b7f78 Add CHECK flags in CMakeLists.txt 2014-07-07 16:01:09 +02:00
Paul Bakker 2ad45598eb Support for CLANG compiler in CMakeLists.txt 2014-07-07 16:01:08 +02:00
Paul Bakker 40cc914567 Fixed x509_crt_parse_path() bug on Windows platforms 2014-07-07 16:01:08 +02:00
Paul Bakker 238be3a207 Removed dependency on unistd.h for MSVC in apps 2014-07-07 16:01:07 +02:00
Paul Bakker 0748895b68 Explicit conversions to int from size_t for MSVC (64-bit) in apps 2014-07-07 16:01:06 +02:00
Paul Bakker 256a4afb57 Removed making commandline arguments case insensitive 2014-07-07 15:54:04 +02:00
Manuel Pégourié-Gonnard 9975c5d217 Check PKCS 1.5 padding in a more constant-time way
(Avoid branches that depend on secret data.)
2014-07-07 14:38:09 +02:00
Manuel Pégourié-Gonnard d237d261e5 Check OAEP padding in a more constant-time way 2014-07-07 14:37:56 +02:00
Manuel Pégourié-Gonnard 3411464a64 RSA-OAEP decrypt: reorganise code 2014-07-07 14:37:39 +02:00
Paul Bakker a91d41e7a4 Removed Windows auto-spawn client code 2014-07-07 14:37:05 +02:00
Paul Bakker 26e281831e Renamed test_offset to prevent clash with one in ctr_drbg.c 2014-07-07 14:36:30 +02:00
Manuel Pégourié-Gonnard b9f6d507dd crypt_and_hash: check MAC earlier 2014-07-07 14:35:02 +02:00
Manuel Pégourié-Gonnard 7ab2d5daf5 Clarify comments of mpi_mul_int() 2014-07-07 14:34:06 +02:00
Paul Bakker a1caf6e1e8 SSL now gracefully handles missing RNG 2014-07-07 14:20:52 +02:00
Paul Bakker c941adba31 Fixed X.509 hostname comparison (with non-regular characters) 2014-07-07 14:17:24 +02:00
Paul Bakker cf78ba2b89 bump_version script also handled SOVERSION for library/Makefile 2014-07-07 14:14:21 +02:00
Paul Bakker 835481930a Makefile now produces a .so.X with SOVERSION in it 2014-07-07 14:13:54 +02:00
Manuel Pégourié-Gonnard 5c8434cf52 Safer buffer comparisons in the SSL modules 2014-07-07 14:10:07 +02:00
Manuel Pégourié-Gonnard 79f1ff84ed Make all hash checking in programs constant-time 2014-07-07 14:07:23 +02:00
Paul Bakker 2a8c2881f4 Check HMAC in constant-time in crypt_and_hash 2014-07-07 14:06:58 +02:00
Paul Bakker c3ec63df42 Minor change that makes life easier for static analyzers / compilers 2014-07-07 14:06:22 +02:00
Paul Bakker e46b17766c Make get_pkcs_padding() constant-time 2014-07-07 14:04:31 +02:00
Paul Bakker 52cb87beb7 Forced cast to prevent MSVC compiler warning 2014-07-07 13:46:10 +02:00
Paul Bakker 4c9301a7af Convert SOCKET to int to prevent compiler warnings under MSVC.
From kernel objects at msdn:
    Kernel object handles are process specific. That is, a process must either create the object or open an existing object to obtain a kernel object handle. The per-process limit on kernel handles is 2^24.

Windows Internals by Russinovich and Solomon as well says that the high bits are zero.
2014-07-07 13:44:30 +02:00
Paul Bakker 9ccb2116a7 Introduced POLARSSL_HAVE_READDIR_R for systems without it 2014-07-07 13:43:31 +02:00
Paul Bakker ff6e24710a RSA blinding: check highly unlikely cases 2014-07-07 13:34:41 +02:00
Paul Bakker 6b06502c4b Changed RSA blinding to a slower but thread-safe version 2013-10-07 12:06:29 +02:00
Paul Bakker adace27ec9 Prepped for 1.2.10 release 2013-10-04 17:07:26 +02:00
Paul Bakker 2f1481ec73 Additional fixed to rsa.c with regards to blinding 2013-10-04 16:46:21 +02:00
Paul Bakker 178e74454f Fixed MS VC project files 2013-10-04 13:20:40 +02:00
Paul Bakker 495830dd1f Fixed ssl_pkcs11_decrypt() prototype 2013-10-04 11:01:48 +02:00
Paul Bakker 62087eed22 Fixed memory leak in rsa.c introduced in 43f9799 2013-10-04 10:57:12 +02:00
Paul Bakker 60ad84f43f Fixed release date for 1.2.9 2013-10-01 10:13:52 +02:00
Paul Bakker e45574e7de Prepped for 1.2.9 release 2013-09-25 18:42:42 +02:00
Paul Bakker 915ee19887 Do not allow SHA256/SHA384 ciphersuites in < TLS 1.2 2013-09-23 17:30:26 +02:00
Paul Bakker 43f9799ce6 RSA blinding on CRT operations to counter timing attacks 2013-09-23 11:23:31 +02:00
Paul Bakker 88a2264def Fixed potential file descriptor leaks 2013-09-11 13:31:55 +02:00
Paul Bakker f65fbee52b x509_verify() now case insensitive for cn (RFC 6125 6.4)
(cherry picked from commit a5943858d8)

Conflicts:
	ChangeLog
	library/x509parse.c
	tests/suites/test_suite_x509parse.data
2013-09-11 13:31:55 +02:00
Paul Bakker 34b225f0ee Added C++ style extern in x509write header file 2013-09-11 13:31:55 +02:00
Paul Bakker a565aceea1 Fixed potential memory leak when failing to resume a session 2013-09-11 13:31:53 +02:00
Paul Bakker 78020fe72c Added fixes to ChangeLog 2013-09-11 13:31:06 +02:00
Paul Bakker a13d744d2e Fixed potential heap buffer overflow on large hostname setting
(cherry picked from commit 75c1a6f97c)

Conflicts:
	library/ssl_tls.c
2013-09-11 11:41:41 +02:00
Paul Bakker fe7c24caa6 Fixed potential negative value misinterpretation in load_file()
(cherry picked from commit 42c3ccf36e)

Conflicts:
	library/x509parse.c
2013-09-11 11:41:41 +02:00
Paul Bakker 433fad261e Removed errant printf in x509parse_self_test()
(cherry picked from commit dc4baf11ab)
2013-09-11 11:32:46 +02:00
Paul Bakker 21360ca4d4 ssl_write_certificate_request() can handle empty ca_chain 2013-06-21 15:11:10 +02:00
Paul Bakker 016ea076e7 Added Security note (Advisory 2013-03) in ChangeLog 2013-06-19 11:50:30 +02:00