Simon Butcher
c176038d73
Update and clean up Changelog for #622
2016-10-13 15:34:27 +01:00
Andres AG
67ae0b9839
Fix sig->tag update in mbedtls_x509_get_sig()
2016-10-13 15:33:07 +01:00
Simon Butcher
c371c435c1
Added credit to Changelog for fix #558
2016-10-13 09:34:25 +01:00
Janos Follath
3072458ec3
Restore P>Q in RSA key generation ( #558 )
...
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
2016-10-13 09:27:18 +01:00
Simon Butcher
2c73577d4a
Clarified Changelog for fix #602
2016-10-12 19:56:17 +01:00
Andres AG
cdbcd2012d
Fix documentation for mbedtls_gcm_finish()
...
Fix implementation and documentation missmatch for the function
arguments to mbedtls_gcm_finish(). Also, removed redundant if condition
that always evaluates to true.
2016-10-12 19:56:03 +01:00
Simon Butcher
de4b7e8256
Updated Changelog for fix #599
2016-10-12 18:31:29 +01:00
Andres AG
15fdb7f9ff
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-12 18:28:03 +01:00
Simon Butcher
79f2e87f0c
Update Changelog for fix #559
2016-10-10 23:48:11 +01:00
Simon Butcher
7de1493728
Add extra compilation conditions to X.509 samples
...
The sample applications programs/pkey/cert_req.c and
programs/pkey/cert_write.c use the library functions mbedtls_pk_write_csr_pem()
and mbedtls_pk_write_crt_pem() respectively and programs/pkey/gen_key.c uses
the library function mbedtls_pk_write_key_pem().
These are dependent on the configuration option POLARSSL_PEM_WRITE_C. If the
option isn't defined the build breaks.
This change adds the compilation condition POLARSSL_PEM_WRITE_C to these
sample applications.
2016-10-10 23:23:41 +01:00
Simon Butcher
160830312f
Update for ChangeLog for fixes for cert_app
2016-09-26 22:06:16 +01:00
Simon Butcher
7a9e43fd1d
Actually apply debug_level settings in cert_app
2016-09-26 22:03:55 +01:00
Simon Butcher
f6d2b6fb19
Update to ChangeLog for bug #428
2016-09-05 15:15:31 +03:00
Simon Butcher
25e569877a
Fix guards in SSL for ECDH key exchanges
2016-09-05 15:14:22 +03:00
Simon Butcher
2af8b0dcb4
Update ChangeLog for fix to crypt_and_hash #441
2016-09-03 12:41:09 +01:00
Simon Butcher
d2ad47c7fd
Fix for #441 - crypt and hash gcm ( #546 )
...
* Fix crypt_and_hash to support decrypting GCM encrypted files
* Fix documentation in crypt_and_hash for the generic case
* Remove unused lastn from crypt_and_hash
lastn is not used with the cipher layer as it already provides padding
and understanding of length of the original data.
Backport of fix by Paul Bakker.
2016-09-03 12:39:38 +01:00
Simon Butcher
255e5f7a02
Merge pull request #537 from andresag01/mbedtls-1.3-iotssl-472-ca-chain-with-invalid-dates
...
Mbedtls 1.3 iotssl 472 ca chain with invalid dates
2016-07-19 13:09:08 +01:00
Andres AG
a5a7f8d464
Fix skipped test dependency in x509parse
...
Replace MBEDTLS_ with POLARSSL_ in the test dependency for x509parse,
otherwise tests are always skipped because dependencies are never
satisfied.
2016-07-15 17:19:10 +01:00
Simon Butcher
463129b7f7
Add missing dependencies to X509 Parse test suite for P-384 curve
...
The test script curves.pl was failing on testing dependencies for the P-384
curve on the new test cases introduced by ede75f0
and 884b4fc
.
2016-07-15 13:05:31 +01:00
Janos Follath
8a8445415f
X509: Fix bug triggered by future CA among trusted
...
Fix an issue that caused valid certificates being rejected whenever an
expired or not yet valid version of the trusted certificate was before the
valid version in the trusted certificate list.
2016-07-14 14:08:53 +01:00
Janos Follath
aeff929a5a
X509: Future CA among trusted: add more tests
2016-07-14 13:26:19 +01:00
Janos Follath
e6bf97995b
X509: Future CA among trusted: add unit tests
2016-07-14 13:26:13 +01:00
Simon Butcher
2d01f2d4c5
Update Changelog for release
2016-06-27 20:00:26 +01:00
Simon Butcher
4f7b13bd79
Changed library version number to 1.3.17
2016-06-27 19:37:31 +01:00
Simon Butcher
fd349bcb8e
Merge branch 'mbedtls-1.3' into mbedtls-1.3
2016-06-27 01:29:03 +01:00
Simon Butcher
53fa7cc6d3
Fix for armcc in all.sh
2016-06-27 00:46:07 +01:00
Janos Follath
307e181cfa
Fix non compliance SSLv3 in server extension handling.
...
The server code parses the client hello extensions even when the
protocol is SSLv3 and this behaviour is non compliant with rfc6101.
Also the server sends extensions in the server hello and omitting
them may prevent interoperability problems.
2016-05-23 18:52:14 +01:00
Janos Follath
8abaa8b275
Add a test for SSLv3 with extensions, server side
...
This test verifies if the server parses or sends extensions when
the protocol is SSLv3.
2016-05-23 14:53:41 +01:00
Simon Butcher
65e79fae53
Merge branch 'mbedtls-1.3'
2016-05-18 20:11:17 +01:00
Simon Butcher
3d24b19a95
Fixes error and exit paths in rsa sample programs
2016-05-18 20:08:16 +01:00
Janos Follath
347552d8d0
Fix memory leaks in example programs.
2016-05-18 20:08:16 +01:00
Janos Follath
bc68e9c087
Add tests to cover PKCS1 v1.5 signature functions.
...
The reported memory leak should have been spotted by
make memcheck
But it wasn't. Keeping the tests for better coverage.
2016-05-18 20:08:16 +01:00
Simon Butcher
6301f44f3f
Adds test_suite_pkcs1_v15 to tests/Makefile
2016-05-18 20:08:16 +01:00
Simon Butcher
959d4328c1
Fix ChangeLog for backport of IOTSSL-621
2016-05-18 20:08:16 +01:00
Janos Follath
af1836e1cf
Add Changelog entry for current branch
2016-05-18 20:07:27 +01:00
Simon Butcher
49ed628ede
Fix ChangeLog after merging fix for IOTSSL-628
2016-05-18 20:07:27 +01:00
Janos Follath
f383363d43
Extended ChangeLog entry
2016-05-18 20:01:46 +01:00
Janos Follath
c70515d455
Add Changelog entry for current branch
2016-05-18 20:00:19 +01:00
Simon Butcher
f31d9676d1
Fix ChangeLog for backport of IOTSSL-621
2016-05-18 19:58:41 +01:00
Janos Follath
742783fe85
Included tests for the overflow
...
Conflicts:
library/rsa.c
2016-05-18 19:58:41 +01:00
Janos Follath
21ca00243c
Add Changelog entry for current branch
2016-05-18 19:58:41 +01:00
Simon Butcher
d3253b018e
Fix for backprt of IOTSSL-628
...
Corrections to constand and function names changed between 1.3 and 2.1
2016-05-18 19:58:41 +01:00
Simon Butcher
2d49c4d2f6
Fix ChangeLog after merging fix for IOTSSL-628
2016-05-18 19:58:41 +01:00
Janos Follath
7295c189ee
Extended ChangeLog entry
2016-05-18 19:58:41 +01:00
Janos Follath
092f2c48c4
Move underflow test to make time constant
2016-05-18 19:58:41 +01:00
Janos Follath
574b118bf8
Add Changelog entry for current branch
2016-05-18 19:58:40 +01:00
Janos Follath
3bed13df1c
Included test for integer underflow.
2016-05-18 19:58:40 +01:00
Janos Follath
6483af8e42
Fix the broken pkcs1 v1.5 test.
...
The random buffer handed over to the test function was too small
and the remaining bytes were generated by the default (platform
dependant) function.
2016-05-18 19:58:40 +01:00
Janos Follath
8eeecd0444
Fix the backport of pkcs1 v1.5 test suite.
...
The test suite was not properly backported and it remained unnoticed,
because it was not compile due to the change in the naming of the
compile time requirements.
2016-05-18 19:58:40 +01:00
Janos Follath
f18263d78b
Removing 'if' branch from the fix.
...
This new error shouldn't be distinguishable from other padding errors.
Updating 'bad' instead of adding a new 'if' branch.
2016-05-18 19:58:40 +01:00