Commit graph

1880 commits

Author SHA1 Message Date
Simon Butcher bb5e1c3973 Fix multiple quality issues in the source
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
2018-06-08 11:14:43 +01:00
Moran Peker 9259b3be03 Remove double declaration of mbedtls_ssl_list_ciphersuites
Raised by TrinityTonic. #1359
2018-05-23 18:22:29 +01:00
Jaeden Amero 6856c2ebb5 Merge remote-tracking branch 'upstream-public/pr/1586' into mbedtls-2.7-proposed 2018-05-04 11:09:42 +01:00
Jaeden Amero 1fc4d33f5f Update version to 2.7.3 2018-04-27 13:15:45 +01:00
Azim Khan 26838608f8 Use correct version of snprintf on Windows
platform.h defines MBEDTLS_PLATFORM_STD_SNPRINTF based on _WIN32. But while defining macro mbedtls_snprintf it sets it to STD C snprintf that is deprecated on Windows.
2018-04-17 23:35:04 +01:00
Jaeden Amero 15cdc5ec7b Merge remote-tracking branch 'upstream-public/pr/1458' into mbedtls-2.7-proposed 2018-04-03 18:28:46 +01:00
Jaeden Amero e7dc46240d Merge remote-tracking branch 'upstream-public/pr/1543' into mbedtls-2.7-proposed 2018-04-03 12:03:30 +01:00
Gilles Peskine 5114d3e4e1 Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
Clarify what MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH and
MBEDTLS_ERR_PK_SIG_LEN_MISMATCH mean. Add comments to highlight that
this indicates that a valid signature is present, unlike other error
codes. See
https://github.com/ARMmbed/mbedtls/pull/1149#discussion_r178130705
2018-03-30 18:43:16 +02:00
Darryl Green 28448b267f Improve documentation of mbedtls_ssl_write() 2018-03-29 16:51:16 +01:00
Jaeden Amero 0c692cda8b Merge remote-tracking branch 'upstream-public/pr/758' into mbedtls-2.7-proposed 2018-03-29 11:02:52 +01:00
Jaeden Amero ef59b732c2 Merge remote-tracking branch 'upstream-public/pr/1479' into mbedtls-2.7-proposed 2018-03-28 14:21:19 +01:00
Ivan Krylov 5cb1f09ab4 slight rewording requested by reviewer (#758) 2018-03-24 18:48:04 +03:00
Jaeden Amero 877c6dcf22 Merge remote-tracking branch 'upstream-restricted/pr/456' into mbedtls-2.7 2018-03-23 11:19:43 +00:00
Gilles Peskine 2cfeb887b4 Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
2018-03-23 02:12:44 +01:00
Gilles Peskine 48115740da Merge remote-tracking branch 'upstream-public/pr/1442' into mbedtls-2.7-proposed 2018-03-22 21:30:19 +01:00
Gergely Budai 8190678c01 Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:13:08 +00:00
Jaeden Amero 9ae1fba869 Update version to 2.7.2 2018-03-16 16:30:17 +00:00
Simon Butcher 001427b6c3 Add clarity to use of the rsa_internal.h interface
Added additional clarification to the use of the rsa_internal.h interface and as
and when it can be used by whom. Policy hasn't changed, but it needed to be
clearer who can and can't use it and it's level of support.
2018-03-16 15:46:29 +00:00
Gilles Peskine 64540d9577 Merge remote-tracking branch 'upstream-restricted/pr/458' into mbedtls-2.7-restricted-proposed 2018-03-13 17:24:46 +01:00
Gilles Peskine 955d70459d Merge remote-tracking branch 'upstream-restricted/pr/460' into mbedtls-2.7-restricted-proposed 2018-03-13 17:24:33 +01:00
Andrzej Kurek f21eaa1502 Add a missing bracket in ifdef for __cplusplus 2018-03-13 08:17:28 -04:00
Gilles Peskine 427ff4836c Merge remote-tracking branch 'upstream-public/pr/1219' into mbedtls-2.7-proposed 2018-03-12 23:52:24 +01:00
Gilles Peskine 158fc33368 Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD 2018-03-11 00:47:54 +01:00
Gilles Peskine c0826f1625 Merge remote-tracking branch 'upstream-public/pr/936' into mbedtls-2.7-proposed 2018-03-10 23:48:10 +01:00
Hanno Becker 930ec7dfe5 Minor fixes 2018-03-09 10:48:12 +00:00
Hanno Becker 26f1f6061d Improve documentation on the use of blinding in RSA 2018-03-09 10:47:30 +00:00
Gilles Peskine c1a493d79b Refer to X.690 by number
It's easier to identify and find by number than by its very wordy
title, especially as there was a typo in the title.
2018-03-08 18:18:34 +01:00
Andres Amaya Garcia 5e85c612fc Define ASN1 bitmask macros in more direct way 2018-03-06 19:26:26 +00:00
Andres Amaya Garcia d5101aa27a Add macros to ASN.1 module to parse ASN.1 tags
The macros simply extract the component bits of an ASN.1 tag value
2018-03-06 19:24:15 +00:00
Manuel Pégourié-Gonnard 75d35600de Fix some comment typos 2018-03-05 13:22:59 +01:00
Manuel Pégourié-Gonnard fcc4348ee2 Improve some comments 2018-03-05 13:20:21 +01:00
Manuel Pégourié-Gonnard 2f1633e002 Improve some comments, fix some typos 2018-03-05 13:19:41 +01:00
Manuel Pégourié-Gonnard 3a130848fd Clarify documentation for directly-trusted certs
The fact that self-signed end-entity certs can be explicitly trusted by
putting them in the CA list even if they don't have the CA bit was not
documented though it's intentional, and tested by "Certificate verification #73
(selfsigned trusted without CA bit)" in test_suite_x509parse.data

It is unclear to me whether the restriction that explicitly trusted end-entity
certs must be self-signed is a good one. However, it seems intentional as it is
tested in tests #42 and #43, so I'm not touching it for now.
2018-03-05 13:00:20 +01:00
Jaeden Amero 6a4e22c26c Update version to 2.7.1 2018-02-26 10:53:47 +00:00
Gilles Peskine 3f9cff20d7 Merge branch 'prr_424' into mbedtls-2.7-proposed 2018-02-22 16:07:32 +01:00
Jaeden Amero a53ff8d088 MD: Make deprecated functions not inline
In 2.7.0, we replaced a number of MD functions with deprecated inline
versions. This causes ABI compatibility issues, as the functions are no
longer guaranteed to be callable when built into a shared library.
Instead, deprecate the functions without also inlining them, to help
maintain ABI backwards compatibility.
2018-02-22 08:20:42 +00:00
Jaeden Amero 6d6c7982ce Merge remote-tracking branch 'upstream-public/pr/1362' into development 2018-02-08 17:02:31 +00:00
Jaeden Amero 129f50838b dhm: Fix typo in RFC 5114 constants
We accidentally named the constant MBEDTLS_DHM_RFC5114_MODP_P instead of
MBEDTLS_DHM_RFC5114_MODP_2048_P.

Fixes #1358
2018-02-08 14:29:14 +00:00
Antonio Quartulli 12ccef2761
pkcs5v2: add support for additional hmacSHA algorithms
Currently only SHA1 is supported as PRF algorithm for PBKDF2
(PKCS#5 v2.0).
This means that keys encrypted and authenticated using
another algorithm of the SHA family cannot be decrypted.

This deficiency has become particularly incumbent now that
PKIs created with OpenSSL1.1 are encrypting keys using
hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default
and even if v2 was forced, it would still use hmacSHA1).

Enable support for all the digest algorithms of the SHA
family for PKCS#5 v2.0.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2018-02-08 17:18:15 +08:00
Mathieu Briand ffb6efd383 Fix doxygen documentation for CCM encryption
Fix valid tag length values for mbedtls_ccm_encrypt_and_tag() function.
Add valid value ranges for mbedtls_ccm_auth_decrypt() parameters.

Signed-off-by: Mathieu Briand <mbriand@witekio.com>
2018-02-07 10:29:27 +01:00
Jaeden Amero 3b438d33c1 Update version to 2.7.0 2018-02-02 18:09:45 +00:00
Jaeden Amero 98b9373849 Merge branch 'development' into development-restricted 2018-01-30 17:32:12 +00:00
Jaeden Amero 15f90e0266 Merge remote-tracking branch 'upstream-public/pr/1336' into development 2018-01-30 17:28:31 +00:00
Jaeden Amero 9564e97460 Merge branch 'development' into development-restricted 2018-01-30 17:04:47 +00:00
Rose Zadik 27ff120a61 Improve SHA-512 documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full
  and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.
- Align deprecated function descriptions with those of the superseding
  functions.

GitHub PR: #1326
2018-01-30 16:22:05 +00:00
Rose Zadik 602285eac2 Improve SHA-256 documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full
  and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.
- Align deprecated function descriptions with those of the superseding
  functions.

GitHub PR: #1325
2018-01-30 16:22:05 +00:00
Rose Zadik 64feefb4a2 Improve message digest documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full
  and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.

GitHub PR: #1319
2018-01-30 16:22:05 +00:00
Rose Zadik 2f8163d3cd Improve CTR-DRBG documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full
  and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.
- Add full standard name in file description.

GitHub PR: #1316
2018-01-30 16:22:05 +00:00
Rose Zadik 44833d9597 Improve SHA-1 documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.

GitHub PR: #1322
2018-01-30 16:22:05 +00:00
Rose Zadik bff87d905d Improve ECDSA documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full
  and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.

GitHub PR: #1318
2018-01-30 16:22:05 +00:00