Commit graph

5309 commits

Author SHA1 Message Date
Simon Butcher bfc26104ad Merge remote-tracking branch 'public/pr/2103' into mbedtls-2.1 2018-12-20 01:21:44 +00:00
Jaeden Amero 4f41b61d94 Merge remote-tracking branch 'upstream-public/pr/2221' into mbedtls-2.1 2018-12-07 10:39:59 +00:00
Jaeden Amero 59a6cc838d Merge remote-tracking branch 'upstream-public/pr/2178' into mbedtls-2.1 2018-12-07 10:39:58 +00:00
Jaeden Amero 1d990feb96 Merge remote-tracking branch 'upstream-public/pr/2133' into mbedtls-2.1 2018-12-07 10:39:07 +00:00
Jaeden Amero 51762e87c8 Merge remote-tracking branch 'upstream-public/pr/2151' into mbedtls-2.1 2018-12-06 16:01:16 +00:00
Jaeden Amero c51b3388c1 Merge remote-tracking branch 'upstream-public/pr/2065' into mbedtls-2.1 2018-12-06 15:57:37 +00:00
Jaeden Amero f3b18bd07f Merge remote-tracking branch 'upstream-public/pr/1983' into mbedtls-2.1 2018-12-06 15:54:30 +00:00
Simon Butcher 85a5bbc24a
Merge pull request #542 from ARMmbed/version-2.1.17
Update the library version to 2.1.17
2018-12-02 13:22:20 +00:00
Simon Butcher 67301e894a Update library version number to 2.1.17 2018-12-02 12:30:30 +00:00
Simon Butcher 4b6ef83a55 Clarify attribution for the Bleichenbacher's Cat fix 2018-12-02 12:26:34 +00:00
Simon Butcher 6c2f139271 Merge remote-tracking branch 'restricted/pr/514' into mbedtls-2.1 2018-11-29 17:33:07 +00:00
Simon Butcher b5bbb95389 Merge remote-tracking branch 'restricted/pr/537' into mbedtls-2.1 2018-11-29 17:32:22 +00:00
Simon Butcher 75da5504e5 Merge remote-tracking branch 'restricted/pr/519' into mbedtls-2.1 2018-11-29 17:30:35 +00:00
Gilles Peskine c12113a61a Add changelog entry for mbedtls_mpi_write_binary fix 2018-11-29 12:47:52 +01:00
Gilles Peskine cc47d6c595 Tweak RSA vulnerability changelog entry
* Correct the list of authors.
* Add the CVE number.
* Improve the impact description.
2018-11-29 12:47:50 +01:00
Gilles Peskine 43c19648db Wipe stack buffers in block_cipher_df
This is a partial backport of
1b36499062 (only for the buffer wiping).
Other wiping calls were previously added as backports of
"CTR_DRBG: clean stack
buffers" (d9aa84dc0d). This completes
the backporting of stack buffer wiping from the development branch.
2018-11-27 16:41:09 +01:00
Gilles Peskine f1a8eeb0a6 mbedtls_mpi_write_binary: don't leak the exact size of the number
In mbedtls_mpi_write_binary, avoid leaking the size of the number
through timing or branches, if possible. More precisely, if the number
fits in the output buffer based on its allocated size, the new code's
trace doesn't depend on the value of the number.
2018-11-26 12:51:34 +01:00
Gilles Peskine 7272d78d21 check-files: detect merge artifacts
Detect Git merge artifacts. These are lines starting with "<<<<<<",
"|||||||" or ">>>>>>>" followed by a space, or containing just
"=======". For "=======", exempt Markdown files, because this can be
used to underline a title, as a compromise between false negatives and
false positives.
2018-11-23 22:43:31 +01:00
Gilles Peskine b7b1a2adbc Factor record_issue into its own method 2018-11-23 22:43:30 +01:00
Simon Butcher 568ec7cb61
Merge pull request #534 from sbutcher-arm/version-2.1.16
Bump Mbed TLS Version to 2.1.16
2018-11-19 18:56:03 +00:00
Simon Butcher cf33e2ef00 Update library version number to 2.1.16 2018-11-19 18:33:24 +00:00
Simon Butcher 90e6c3b941 Refine the language in the ChangeLog
Fix the language and descriptions in the ChangeLog and some duplicate entries,
following review of the Release Notes for the next release.
2018-11-19 16:11:15 +00:00
Simon Butcher a2c8691c0d Fix language and formatting in ChangeLog
Changed the formatting and language in the ChangeLog to the house-style.
2018-11-08 13:47:40 +00:00
Simon Butcher 3bc2b8be36 Merge remote-tracking branch 'restricted/pr/522' into mbedtls-2.1-restricted-proposed 2018-11-07 00:07:31 +00:00
Simon Butcher 6f682ee463 Merge remote-tracking branch 'restricted/pr/524' into mbedtls-2.1-restricted-proposed 2018-11-07 00:07:03 +00:00
Simon Butcher 35b41ea779 Fix the ChangeLog entry for dh_server bugfix
The merge had placed the ChangeLog entry under the wrong version.
2018-11-06 23:50:32 +00:00
Simon Butcher e92e446781 Merge remote-tracking branch 'public/pr/2139' into mbedtls-2.1-proposed 2018-11-06 23:44:09 +00:00
Simon Butcher 5eeded67a5 Merge remote-tracking branch 'public/pr/2081' into mbedtls-2.1-proposed 2018-11-06 23:43:50 +00:00
Simon Butcher 35cdc5d5d4 Merge remote-tracking branch 'public/pr/2136' into mbedtls-2.1-proposed 2018-11-06 23:39:16 +00:00
Simon Butcher 7ae3c20f93 Merge remote-tracking branch 'public/pr/2152' into mbedtls-2.1-proposed 2018-11-06 23:36:59 +00:00
Simon Butcher befdde732e Merge remote-tracking branch 'public/pr/2154' into mbedtls-2.1-proposed 2018-11-06 23:33:07 +00:00
Simon Butcher f32d5afb22 Merge remote-tracking branch 'public/pr/2177' into mbedtls-2.1-proposed 2018-11-06 23:18:24 +00:00
Hanno Becker 02ea47603f Adapt ChangeLog 2018-11-06 14:07:58 +00:00
Hanno Becker d3e4244caf Add explicit integer to enumeration casts to programs/pkey/gen_key.c
Fixes #2170.
2018-11-06 13:37:46 +00:00
Hanno Becker 00152d4d94 Adapt ChangeLog 2018-11-06 13:22:45 +00:00
Hanno Becker a18de85425 Don't perform binary comparison of CRL issuer and CA subject
Previously, when checking whether a CRT was revoked through
one of the configured CRLs, the library would only consider
those CRLs whose `issuer` field binary-matches the `subject`
field of the CA that has issued the CRT in question. If those
fields were not binary equivalent, the corresponding CRL was
discarded.

This is not in line with RFC 5280, which demands that the
comparison should be format- and case-insensitive. For example:

- If the same string is once encoded as a `PrintableString` and
  another time as a `UTF8String`, they should compare equal.
- If two strings differ only in their choice of upper and lower case
  letters, they should compare equal.

This commit fixes this by using the dedicated x509_name_cmp()
function to compare the CRL issuer with the CA subject.

Fixes #1784.
2018-11-06 13:22:34 +00:00
Hanno Becker dafd5405e4 Move static x509_name_cmp() in library/x509_crt.c
A subsequent change will need this function earlier
within the file.
2018-11-06 13:22:17 +00:00
Hanno Becker af02a7bbed Add tests for relaxed CRL-CA name comparison
This commit introduces variants test-ca_utf8.crt,
test-ca_printablestring.crt and test-ca_uppercase.crt
of tests/data_files/test-ca.crt which differ from
test-ca.crt in their choice of string encoding and
upper and lower case letters in the DN field. These
changes should be immaterial to the recovation check,
and three tests are added that crl.pem, which applies
to test-ca.crt, is also considered as applying to
test-ca_*.crt.

The test files were generated using PR #1641 which
- adds a build instruction for test-ca.crt to
  tests/data_files/Makefile which allows easy
  change of the subject DN.
- changes the default string format from `PrintableString`
  to `UTF8String`.

Specifically:
- `test-ca_utf8.crt` was generated by running
      `rm test-ca.crt && make test-ca.crt`
   on PR #1641.
- `test-ca_uppercase.crt`, too, was generated by running
      `rm test-ca.crt && make test-ca.crt`
   on PR #1641, after modifying the subject DN line in the build
   instruction for `test-ca.crt` in `tests/data_files/Makefile`.
-  `test-ca_printable.crt` is a copy of `test-ca.crt`
   because at the time of this commit, `PrintableString` is
   still the default string format.
2018-11-06 13:21:22 +00:00
Gilles Peskine 2521d16ace Fix buffer overflow in test mbedtls_mpi_is_prime_det 2018-11-05 16:37:06 +01:00
Hanno Becker 766ca32d2f Add missing bracket
Wasn't spotted earlier because it's guarded by `! HAVE_GETRANDOM`.
2018-11-05 12:17:00 +00:00
Simon Butcher 2b0b9912e0 Merge remote-tracking branch 'public/pr/2046' into mbedtls-2.1-proposed 2018-11-04 18:52:30 +00:00
Simon Butcher 5ca1f27bff Merge remote-tracking branch 'public/pr/2097' into mbedtls-2.1-proposed 2018-11-04 18:49:17 +00:00
Simon Butcher ad95594acf Merge remote-tracking branch 'public/pr/2116' into mbedtls-2.1-proposed 2018-11-04 18:42:59 +00:00
Hanno Becker 8ac041637f Adapt ChangeLog 2018-10-30 10:09:45 +00:00
Hanno Becker 6e7d5abe06 Correct typo in documentation of MBEDTLS_SSL_RENEGOTIATION 2018-10-30 09:39:06 +00:00
Hanno Becker 25422e1f02 Improve documentation of mbedtls_ssl_get_verify_result()
Fixes #517.
2018-10-30 09:35:43 +00:00
Hanno Becker 42085fb92a Adapt ChangeLog 2018-10-30 09:32:23 +00:00
Hanno Becker 9a7fcd6a97 Entropy: Fall through to /dev/random if getrandom() syscall unknown
This commit fixes issue #1212 related to platform-specific entropy
polling in an syscall-emulated environment.

Previously, the implementation of the entropy gathering function
`mbedtls_platform_entropy_poll()` for linux machines used the
following logic to determine how to obtain entropy from the kernel:

1. If the getrandom() system call identifier SYS_getrandom is present and
   the kernel version is 3.17 or higher, use syscall( SYS_getrandom, ... )
2. Otherwise, fall back to reading from /dev/random.

There are two issues with this:

1. Portability:
   When cross-compiling the code for a different
   architecture and running it through system call
   emulation in qemu, qemu reports the host kernel
   version through uname but, as of v.2.5.0,
   doesn't support emulating the getrandom() syscall.
   This leads to `mbedtls_platform_entropy_poll()`
   failing even though reading from /dev/random would
   have worked.

2. Style:
   Extracting the linux kernel version from
   the output of `uname` is slightly tedious.

This commit fixes both by implementing the suggestion in #1212:
- It removes the kernel-version detection through uname().
- Instead, it checks whether `syscall( SYS_getrandom, ... )`
  fails with errno set to ENOSYS indicating an unknown system call.
  If so, it falls through to trying to read from /dev/random.

Fixes #1212.
2018-10-30 09:32:03 +00:00
Simon Butcher 4acdf6dea8 Merge remote-tracking branch 'public/pr/1298' into mbedtls-2.1-proposed 2018-10-28 18:17:00 +00:00
Simon Butcher 1238a2fd03 Merge remote-tracking branch 'public/pr/1762' into mbedtls-2.1-proposed 2018-10-28 18:15:26 +00:00