yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-10 11:35:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
4915 commits 88 branches 205 tags 69 MiB
Commit graph

2596 commits

Author SHA1 Message Date
Krzysztof Stachowiak 99fb6e9461 Remove a redundant test 2018-04-10 13:36:00 +02:00
Krzysztof Stachowiak 57e1a9fdfc Add buffer size check before cert_type_len read 2018-04-10 13:35:09 +02:00
Krzysztof Stachowiak 0ac812f5ce Adjust 2.1 specific code to match the buffer verification tests 2018-04-05 08:50:20 +02:00
Krzysztof Stachowiak 444678ea8b Add a missing buffer size check 2018-04-04 15:41:07 +02:00
Krzysztof Stachowiak f8ba5cf8e9 Correct buffer size check 
Further in the code the next field from the binary buffer is read. The
check contained an off by one error.
 2018-04-04 14:36:20 +02:00
Gilles Peskine 225684015d Merge remote-tracking branch 'upstream-public/pr/1501' into mbedtls-2.1-proposed 2018-04-01 12:41:33 +02:00
Andrzej Kurek 944adb9f4f return plaintext data faster on unpadded decryption 2018-03-30 04:58:13 -04:00
Jaeden Amero 82e288adb6 Merge remote-tracking branch 'upstream-public/pr/1494' into mbedtls-2.1-proposed 2018-03-29 10:59:43 +01:00
Jaeden Amero 616485854e Merge remote-tracking branch 'upstream-public/pr/1469' into mbedtls-2.1-proposed 2018-03-28 15:36:01 +01:00
Jaeden Amero 478baecc06 Merge remote-tracking branch 'upstream-public/pr/1525' into mbedtls-2.1-proposed 2018-03-28 15:34:25 +01:00
Jaeden Amero 8b4cd26eaf Merge remote-tracking branch 'upstream-public/pr/1481' into mbedtls-2.1-proposed 2018-03-28 13:44:28 +01:00
Andres Amaya Garcia 624b557e56 Fix coding style in pkcs5.c preprocessor directives 2018-03-27 21:33:05 +01:00
Marcos Del Sol Vives a3ee13d199 Compile PBES2 in PKCS5 only if ASN1 is enabled 2018-03-27 21:33:02 +01:00
Andres Amaya Garcia b3ac0ff722 Allow overriding ar param prefix in library/Makefile 2018-03-26 00:12:55 +01:00
Andres Amaya Garcia 23e520143d Make DLEXT var configurable in library/Makefile 2018-03-26 00:12:53 +01:00
Gilles Peskine 2a74061198 Merge tag 'mbedtls-2.1.11' into iotssl-1381-x509-verify-refactor-2.1-restricted 
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
 2018-03-23 02:28:33 +01:00
Jethro Beekman 1a886ff45f Fix parsing of PKCS#8 encoded Elliptic Curve keys. 
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
 2018-03-22 18:03:30 -07:00
Gergely Budai 0a91973e4b Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:32:47 +00:00
Mitsuhiro Nakamura e00964d9a7 Fix dylib linking 2018-03-21 11:21:59 +00:00
Jaeden Amero 1c986a9859 Update version to 2.1.11 2018-03-16 16:29:30 +00:00
Jaeden Amero 7f44963f45 Merge remote-tracking branch 'upstream-public/pr/1455' into mbedtls-2.1-restricted-proposed 2018-03-15 15:24:47 +00:00
Ron Eldor 329e4d572b Addres review comments 
Resolves comments raised in the review
 2018-03-15 15:09:28 +00:00
Ron Eldor f71ce5229e Add log and fix stle issues 
Address Andres comments of PR
 2018-03-15 15:09:28 +00:00
Ron Eldor 82712a9c97 Write correct number of ciphersuites in log 
Change location of log, to fit the correct number of used ciphersuites
 2018-03-15 15:09:28 +00:00
Jaeden Amero 23f503f12d Merge remote-tracking branch 'upstream-restricted/pr/465' into mbedtls-2.1-restricted-proposed 2018-03-14 18:32:21 +00:00
Jaeden Amero 5e50ff8f44 Merge remote-tracking branch 'upstream-restricted/pr/395' into mbedtls-2.1-restricted-proposed 2018-03-14 18:16:29 +00:00
Jaeden Amero 10a1a60966 Merge branch 'mbedtls-2.1-proposed' into mbedtls-2.1-restricted-proposed 2018-03-14 18:03:41 +00:00
Jaeden Amero 0980d9a3ae Merge remote-tracking branch 'upstream-public/pr/1450' into mbedtls-2.1-proposed 2018-03-14 17:53:27 +00:00
Jaeden Amero 4e3629590f Merge remote-tracking branch 'upstream-public/pr/1452' into mbedtls-2.1-proposed 2018-03-14 17:38:21 +00:00
Krzysztof Stachowiak c86b880411 Prevent arithmetic overflow on bounds check 2018-03-14 14:39:01 +01:00
Krzysztof Stachowiak ce0d3ca128 Add bounds check before signature length read 2018-03-14 14:39:01 +01:00
Krzysztof Stachowiak 0e0afacbc5 Prevent arithmetic overflow on bounds check 2018-03-14 14:35:12 +01:00
Krzysztof Stachowiak 7040553a02 Add bounds check before length read 2018-03-14 14:35:12 +01:00
Manuel Pégourié-Gonnard b0661769ab x509: CRL: reject unsupported critical extensions 2018-03-14 09:28:24 +01:00
Gilles Peskine df6f3dd9b0 Merge remote-tracking branch 'upstream-restricted/pr/430' into mbedtls-2.1-restricted-proposed 2018-03-13 17:28:42 +01:00
Gilles Peskine 8c1217984b Merge remote-tracking branch 'upstream-restricted/pr/360' into mbedtls-2.1-restricted-proposed 
Conflicts:
* scripts/config.pl: reconciled parallel edits in a comment.
 2018-03-13 17:26:49 +01:00
Manuel Pégourié-Gonnard 503047f824 Fix 2.1-specific remaining MD/PK depend issues 
For library/certs.c the issue is resolved by aligning it with the version in
the 2.7 branch (which is currently the same as the version in the development
branch)
 2018-03-13 11:53:48 +01:00
Hanno Becker b81fcd00e6 Correct memory leak in RSA self test 
The RSA self test didn't free the RSA context on failure.
 2018-03-13 10:31:02 +00:00
Gilles Peskine 5e533f43ee Merge remote-tracking branch 'upstream-public/pr/1373' into mbedtls-2.1-proposed 2018-03-12 23:51:50 +01:00
Gilles Peskine 889de8eedb Merge branch 'pr_1276' into mbedtls-2.1-proposed 2018-03-12 23:51:01 +01:00
Gilles Peskine 8da4f864a5 Merge remote-tracking branch 'upstream-public/pr/1009' into mbedtls-2.1-proposed 2018-03-12 23:44:48 +01:00
Gilles Peskine d38464698e Merge remote-tracking branch 'upstream-public/pr/1295' into mbedtls-2.1-proposed 2018-03-11 00:52:35 +01:00
Gilles Peskine 0aacc9a96d Merge remote-tracking branch 'upstream-public/pr/1297' into mbedtls-2.1-proposed 2018-03-11 00:52:35 +01:00
Gilles Peskine 9a00ef3cf1 Merge branch 'pr_953' into HEAD 2018-03-11 00:52:24 +01:00
Manuel Pégourié-Gonnard ac54cea7f9 x509: fix remaining unchecked call to mbedtls_md() 
The other two calls have been fixed already, fix that one too for consistency.
 2018-03-07 09:44:31 +01:00
Manuel Pégourié-Gonnard 19d77b6aa6 Clarify mutual references in comments 2018-03-07 09:44:28 +01:00
Manuel Pégourié-Gonnard b6d3e6d102 Fix some issues in comments 2018-03-06 10:35:15 +01:00
Hanno Becker dc8751d31e Fix bug in X.509 CRT verification code 2018-03-05 13:46:10 +01:00
Manuel Pégourié-Gonnard 78df7fcc8c Fix some comment typos 2018-03-05 13:46:08 +01:00
Manuel Pégourié-Gonnard afbbcf849c Add comments on chain verification cases 
This is the beginning of a series of commits refactoring the chain
building/verification functions in order to:
- make it simpler to understand and work with
- prepare integration of restartable ECC
 2018-03-05 13:44:22 +01:00