Commit graph

1113 commits

Author SHA1 Message Date
Gilles Peskine 9c8ac0ce2c Merge remote-tracking branch 'upstream-restricted/pr/404' into development-restricted 2017-11-28 15:50:02 +01:00
Gilles Peskine 7ca6d1fdd4 Merge remote-tracking branch 'upstream-restricted/pr/399' into development-restricted 2017-11-28 14:17:53 +01:00
Gilles Peskine c753f5daf4 Merge remote-tracking branch 'upstream-restricted/pr/369' into development-restricted 2017-11-28 14:16:47 +01:00
Gilles Peskine 80441c666f Merge branch 'iotssl-1419-safermemcmp-volatile' into development-restricted 2017-11-28 13:52:33 +01:00
Gilles Peskine d4755deafa add changelog entry 2017-11-28 13:31:12 +01:00
Gilles Peskine 2507267cd4 Merge branch 'development' into development-restricted 2017-11-24 16:05:49 +01:00
Gilles Peskine e7707228b4 Merge remote-tracking branch 'upstream-public/pr/1062' into development 2017-11-24 15:35:50 +01:00
Gilles Peskine 7635cde35c Merge branch 'development' into development-restricted 2017-11-23 20:06:04 +01:00
Gilles Peskine 68306ed31f Merge remote-tracking branch 'upstream-public/pr/1094' into development 2017-11-23 20:02:46 +01:00
Gilles Peskine 1a2640c025 Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge' into development-restricted 2017-11-23 18:58:30 +01:00
Gilles Peskine dab611a7b1 ChangeLog entry for ssl_parse_client_psk_identity fix 2017-11-23 18:53:55 +01:00
Manuel Pégourié-Gonnard bfa8df4c7e Merge remote-tracking branch 'restricted/pr/416' into development-restricted
* restricted/pr/416:
  RSA PSS: remove redundant check; changelog
  RSA PSS: fix first byte check for keys of size 8N+1
  RSA PSS: fix minimum length check for keys of size 8N+1
  RSA: Fix another buffer overflow in PSS signature verification
  RSA: Fix buffer overflow in PSS signature verification
2017-11-23 12:10:01 +01:00
Gilles Peskine 91048a3aac RSA PSS: remove redundant check; changelog
Remove a check introduced in the previous buffer overflow fix with keys of
size 8N+1 which the subsequent fix for buffer start calculations made
redundant.

Added a changelog entry for the buffer start calculation fix.
2017-10-19 17:46:14 +02:00
Gilles Peskine 6a54b0240d RSA: Fix another buffer overflow in PSS signature verification
Fix buffer overflow in RSA-PSS signature verification when the masking
operation results in an all-zero buffer. This could happen at any key size.
2017-10-17 19:12:36 +02:00
Gilles Peskine 28a0c72795 RSA: Fix buffer overflow in PSS signature verification
Fix buffer overflow in RSA-PSS signature verification when the hash is
too large for the key size. Found by Seth Terashima, Qualcomm.

Added a non-regression test and a positive test with the smallest
permitted key size for a SHA-512 hash.
2017-10-17 19:01:38 +02:00
Simon Butcher 6f63db7ed5 Fix changelog for ssl_server2.c usage fix 2017-10-12 23:22:17 +01:00
Gilles Peskine 085c10afdb Allow comments in test data files 2017-10-12 23:22:17 +01:00
Andres Amaya Garcia 735b37eeef Correctly handle leap year in x509_date_is_valid()
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 23:21:37 +01:00
Ron Eldor 73a381772b Parse Signature Algorithm ext when renegotiating
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
2017-10-12 23:21:37 +01:00
Gilles Peskine 4552bf7558 Allow comments in test data files 2017-10-12 23:20:56 +01:00
Simon Butcher 16373a5933 Fix changelog for ssl_server2.c usage fix 2017-10-06 11:59:13 +01:00
Simon Butcher 2c4f9460ea Update ChangeLog for fix to #836 2017-10-06 11:59:13 +01:00
Hanno Becker 1a9a51c7cf Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
Add a reference to the relevant RFC, adapt ChangeLog.
2017-10-06 11:58:50 +01:00
Gilles Peskine b04e2c3d81 Allow comments in test data files 2017-10-06 11:58:50 +01:00
Janos Follath b174c84a3b Refine dhm_check_range() fix Changelog entry 2017-09-21 12:05:14 +01:00
Janos Follath aa325d7b7f DHM: Fix dhm_check_range() always returning 0
Although the variable ret was initialised to an error, the
MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being
0 whenewer the bignum computation was successfull and stayed 0
independently of the actual check.
2017-09-21 12:04:41 +01:00
Hanno Becker 930025da6d Adapt ChangeLog 2017-09-18 16:12:28 +01:00
Andres Amaya Garcia f569f701c2 Fix ChangeLog entry 2017-09-14 20:20:21 +01:00
Andres Amaya Garcia 06fc6650f4 Add ChangeLog entry 2017-09-14 20:20:15 +01:00
Ron Eldor 31162e4423 Set PEM buffer to zero before freeing it
Set PEM buffer to zero before freeing it, to avoid private keys
being leaked to memory after releasing it.
2017-09-05 15:34:35 +03:00
Hanno Becker f28dc2f900 Adapt ChangeLog 2017-09-04 13:07:52 +01:00
Simon Butcher 72ea31b026 Update version number to 2.6.0 2017-08-10 11:51:16 +01:00
Simon Butcher 01971d094e Fix language in Changelog for clarity 2017-08-10 10:48:01 +01:00
Hanno Becker 85b602e5d0 Improve documentation of PKCS1 decryption functions
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- mbedtls_rsa_pkcs1_decrypt,
- mbedtls_rsa_rsaes_pkcs1_v15_decrypt
- mbedtls_rsa_rsaes_oaep_decrypt
2017-08-01 22:48:41 +01:00
Simon Butcher 3f2557e6f1 Fix style and missing item in ChangeLog 2017-08-01 18:06:12 +01:00
Simon Butcher a418e82a35 Add credit to Changelog to fix for #666 2017-07-28 23:52:10 +01:00
Simon Butcher 9fae22269b Fix ChangeLog for duplication after merge 2017-07-28 22:32:23 +01:00
Hanno Becker 61937d4a83 Rename time and index parameter to avoid name conflict.
As noted in #557, several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.

This commit renames the arguments accordingly.
2017-07-28 22:28:08 +01:00
Hanno Becker 7ec83df47f Adapt ChangeLog 2017-07-28 22:28:08 +01:00
Andres AG 6b171e4aec Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-28 22:28:04 +01:00
Andres AG ce49a25033 Fix potential integer overflow parsing DER CRL
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-28 22:28:04 +01:00
Ron Eldor a207e75089 Check return code of mbedtls_mpi_fill_random
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
2017-07-28 22:27:30 +01:00
Ron Eldor 7faf92a2fe Resource leak fix on windows platform
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-28 22:27:30 +01:00
Ron Eldor 368d55c549 Wrong preproccessor condition fix
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-28 22:27:30 +01:00
Ron Eldor d5a75f44a1 fix for issue 1118: check if iv is zero in gcm.
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-28 22:27:29 +01:00
Janos Follath c08d9ddd55 Remove mutexes from ECP hardware acceleration
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.

Fixes #863
2017-07-28 22:27:29 +01:00
Simon Butcher b060cc21b1 Reorder and group sections in the ChangeLog 2017-07-28 01:04:34 +01:00
Simon Butcher 00d3cc61a6 Fix merge errors in ChangeLog 2017-07-27 21:44:34 +01:00
Andres AG 2e3ddfac5f Prevent signed integer overflow in CSR parsing
Modify the function mbedtls_x509_csr_parse_der() so that it checks the
parsed CSR version integer before it increments the value. This prevents
a potential signed integer overflow, as these have undefined behaviour
in the C standard.
2017-07-27 21:44:34 +01:00
Andres AG 80164741e1 Fix potential integer overflow parsing DER CRT
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-27 21:44:34 +01:00