yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 18:21:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
6581 commits 88 branches 205 tags 69 MiB
Commit graph

1373 commits

Author SHA1 Message Date
Andres Amaya Garcia d1b1788b40 Improve ChangeLog for DLEXT and AR_DASH changes 2018-03-27 19:14:24 +01:00
Jaeden Amero b604960572 Merge remote-tracking branch 'upstream-public/pr/1435' into development-proposed 2018-03-27 16:45:36 +01:00
Gilles Peskine e4f2736b42 Add ChangeLog entry 2018-03-26 12:29:30 +02:00
Andres Amaya Garcia ea5a8a418b Add ChangeLog entry for library/makefile changes 2018-03-25 23:57:09 +01:00
Jaeden Amero f65379bc40 Merge remote-tracking branch 'upstream-restricted/pr/382' into development 2018-03-23 11:14:17 +00:00
Gilles Peskine 51d9394fdf Add changelog entries for improved testing 
Fixes #1040
 2018-03-23 02:16:43 +01:00
Gilles Peskine 15ad579895 Merge tag 'mbedtls-2.8.0' into iotssl-1381-x509-verify-refactor-restricted 
Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.
 2018-03-23 02:16:22 +01:00
Jethro Beekman d2df936e67 Fix parsing of PKCS#8 encoded Elliptic Curve keys. 
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:

PrivateKeyInfo ::= SEQUENCE {
  version                   Version,
  privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
  privateKey                PrivateKey,
  attributes           [0]  IMPLICIT Attributes OPTIONAL
}

AlgorithmIdentifier  ::=  SEQUENCE  {
  algorithm   OBJECT IDENTIFIER,
  parameters  ANY DEFINED BY algorithm OPTIONAL
}

ECParameters ::= CHOICE {
  namedCurve         OBJECT IDENTIFIER
  -- implicitCurve   NULL
  -- specifiedCurve  SpecifiedECDomain
}

ECPrivateKey ::= SEQUENCE {
  version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
  privateKey     OCTET STRING,
  parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
  publicKey  [1] BIT STRING OPTIONAL
}

Because of the two optional fields, there are 4 possible variants that need to
be parsed: no optional fields, only parameters, only public key, and both
optional fields. Previously mbedTLS was unable to parse keys with "only
parameters". Also, only "only public key" was tested. There was a test for "no
optional fields", but it was labelled incorrectly as SEC.1 and not run because
of a great renaming mixup.
 2018-03-22 18:01:18 -07:00
Gilles Peskine fc458d0b9b Merge remote-tracking branch 'myfork/pr_1073' into development-proposed 2018-03-22 21:53:12 +01:00
Gilles Peskine 0818540ff7 Merge branch 'pr_726' into development-proposed 2018-03-22 21:50:48 +01:00
Gilles Peskine 88c6df1ce8 Add ChangeLog entry 2018-03-22 21:48:28 +01:00
Gilles Peskine 5bdb671404 Merge branch 'pr_403' into development-proposed 2018-03-22 21:34:15 +01:00
Gilles Peskine 58afc39dd7 Add ChangeLog entry 2018-03-22 21:33:28 +01:00
Gilles Peskine 9b9cc616ca Add ChangeLog entry 2018-03-22 17:03:45 +01:00
Azim Khan bdfc14e4a3 Add reference to original PR in Changelog 2018-03-22 12:17:36 +00:00
Azim Khan 4d58881f52 Clarify bug scenario in Changlog 2018-03-22 12:04:25 +00:00
Azim Khan bc30c5fec2 Add change log entry for mbedtls_ssl_config_free() fix 2018-03-22 10:24:06 +00:00
mohammad1603 b878805919 Verify that f_send and f_recv send and receive the expected length 
Verify that f_send and f_recv send and receive the expected length
 2018-03-22 02:58:23 -07:00
Andres Amaya Garcia 768bbaf0c1 Add ChangeLog entry for redundant mutex initialization optimizations 2018-03-21 17:36:52 +00:00
Gilles Peskine d49ab3ee60 Add ChangeLog entry. 
Fixes #1353
 2018-03-21 17:03:44 +01:00
Gilles Peskine 4e4be7cf62 Optimize unnecessary zeorizing in mbedtls_mpi_copy 
Based on a contribution by Alexey Skalozub
(https://github.com/ARMmbed/mbedtls/pull/405).
 2018-03-21 16:29:03 +01:00
Andres Amaya Garcia 8e0e16032d Add ChangeLog entry for dylib builds using Makefile 2018-03-21 11:15:08 +00:00
Krzysztof Stachowiak c0b13f7f0c Update change log 2018-03-20 14:10:15 +01:00
Jaeden Amero 8be0e6db41 Update version to 2.8.0 2018-03-16 16:25:12 +00:00
Jaeden Amero 79a5e72719 Merge remote-tracking branch 'upstream-restricted/pr/463' into development-restricted-proposed 2018-03-15 08:25:05 +00:00
Jaeden Amero 24b2d6fb6d Merge remote-tracking branch 'upstream-restricted/pr/459' into development-restricted-proposed 2018-03-15 08:24:44 +00:00
Jaeden Amero ce183d994c Merge remote-tracking branch 'upstream-public/pr/1448' into development-proposed 2018-03-15 08:23:53 +00:00
Jaeden Amero d1fedc55d7 Merge remote-tracking branch 'upstream-public/pr/1440' into development-proposed 2018-03-15 08:23:35 +00:00
Jaeden Amero 95ad522ecc Merge remote-tracking branch 'upstream-public/pr/1439' into development-proposed 2018-03-15 08:23:10 +00:00
Jaeden Amero 64293777eb Merge remote-tracking branch 'upstream-public/pr/1423' into development-proposed 2018-03-15 08:22:48 +00:00
Krzysztof Stachowiak 7fa1ae70c8 Add Changelog entry 2018-03-14 11:57:37 +01:00
Krzysztof Stachowiak 00bbf572af Update change log 2018-03-14 11:14:13 +01:00
Manuel Pégourié-Gonnard fd3e4fbae7 x509: CRL: reject unsupported critical extensions 2018-03-14 09:15:02 +01:00
Gilles Peskine 5f1932817c Merge remote-tracking branch 'upstream-restricted/pr/398' into development-restricted-proposed 2018-03-13 17:18:06 +01:00
Gilles Peskine 553a06f08a Merge remote-tracking branch 'upstream-restricted/pr/351' into development-restricted-proposed 
Move the added ChangeLog entry to the bottom so that the list remains
in merge order.
 2018-03-13 17:15:34 +01:00
Hanno Becker 62dcbaf567 Improve crediting in ChangeLog 2018-03-13 10:54:43 +00:00
Gilles Peskine f3ada4adb0 Merge branch 'pr_679' into development-proposed 2018-03-13 00:13:29 +01:00
Gilles Peskine 6dc4a31988 Add ChangeLog entry. Fixes #678 2018-03-13 00:13:06 +01:00
Gilles Peskine d5f7d24e84 Merge branch 'pr_1064' into development-proposed 2018-03-13 00:08:05 +01:00
Gilles Peskine 3ff4a074af Fix ChangeLog style. Fix #918 2018-03-13 00:06:19 +01:00
Gilles Peskine a31d8206b1 Merge remote-tracking branch 'upstream-public/pr/778' into development-proposed 2018-03-12 23:45:08 +01:00
Gilles Peskine 469b882947 Merge branch 'pr_1407' into development-proposed 2018-03-11 00:45:10 +01:00
Gilles Peskine 19c3862d0c Merge remote-tracking branch 'upstream-public/pr/1079' into development-proposed 2018-03-11 00:45:10 +01:00
Gilles Peskine b4c571e603 Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD 2018-03-11 00:44:14 +01:00
Gilles Peskine 3f1b89d251 This fixes #664 2018-03-11 00:35:39 +01:00
Gilles Peskine 08af538ec9 Fix grammar in ChangeLog entry 2018-03-11 00:20:08 +01:00
Gilles Peskine 29d7d4da2f Merge remote-tracking branch 'upstream-public/pr/936' into development-proposed 2018-03-10 23:51:58 +01:00
Gilles Peskine 9c4f4038dd Add changelog entry 2018-03-10 23:36:30 +01:00
Sanne Wouda cf79312a6d Update changelog entry 2018-03-06 23:31:52 +01:00
Sanne Wouda 52895b2b2e Add Changelog entry 2018-03-06 23:31:52 +01:00
Hanno Becker cf092b2ccf Deprecate support for record compression 2018-03-06 14:27:09 +00:00
Hanno Becker a3389ebb09 Merge branch 'development-restricted' into iotssl-1306-rsa-is-vulnerable-to-bellcore-glitch-attack 2018-03-06 11:55:21 +00:00
Manuel Pégourié-Gonnard 8c661b90c7 Fix section order in the ChangeLog 2018-03-06 10:00:00 +01:00
Hanno Becker 7deee20cd2 Add ChangeLog entry for previous security fix 
Fixes #825
 2018-03-05 12:44:28 +01:00
itayzafrir 693a1d9ca7 Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig. 
Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig.
 2018-02-28 15:59:40 +02:00
Gilles Peskine 1bf6123fca Add attribution for #1351 report 2018-02-27 08:37:52 +01:00
Gilles Peskine b7f6086ba3 Merge branch 'prr_424' into development-proposed 2018-02-22 16:15:01 +01:00
Gilles Peskine 04f9bd028f Note incompatibility of truncated HMAC extension in ChangeLog 
The change in the truncated HMAC extension aligns Mbed TLS with the
standard, but breaks interoperability with previous versions. Indicate
this in the ChangeLog, as well as how to restore the old behavior.
 2018-02-22 15:41:26 +01:00
Gilles Peskine 9d56251260 Merge remote-tracking branch 'upstream-public/pr/1384' into development-proposed 2018-02-22 14:49:16 +01:00
mohammad1603 4bbaeb4ffa Add guard to out_left to avoid negative values 
return error when f_send return a value greater than out_left
 2018-02-22 05:04:48 -08:00
Gilles Peskine bb2565cf12 Add ChangeLog entry for PR #1382 2018-02-22 10:24:59 +00:00
Gilles Peskine 8db3efbc76 Add missing MBEDTLS_DEPRECATED_REMOVED guards 
Add missing MBEDTLS_DEPRECATED_REMOVED guards around the definitions
of mbedtls_aes_decrypt and mbedtls_aes_encrypt.
This fixes the build under -Wmissing-prototypes -Werror.

Fixes #1388
 2018-02-21 19:16:20 +01:00
Jaeden Amero c5d08f8ea5 Add ChangeLog entry for PR #1384 2018-02-21 13:34:04 +00:00
Gilles Peskine d76d8bc9a5 Merge branch 'pr_1352' into development-proposed 2018-02-20 16:42:08 +01:00
Gilles Peskine 200b24fdf8 Mention in ChangeLog that this fixes #1351 2018-02-20 16:40:11 +01:00
Gilles Peskine e6844ccf2b Merge branch 'pr_1135' into development-proposed 2018-02-14 17:20:42 +01:00
Gilles Peskine 3dabd6a145 Add issue number to ChangeLog 
Resolves #1122
 2018-02-14 17:19:41 +01:00
Gilles Peskine 42a97ac693 Merge branch 'pr_1219' into development-proposed 2018-02-14 16:17:21 +01:00
Gilles Peskine 1d80a67869 Note in the changelog that this fixes an interoperability issue. 
Fixes #1339
 2018-02-14 16:16:08 +01:00
Gilles Peskine df29868bb6 Merge branch 'pr_1280' into development-proposed 
Conflict: configs/config-picocoin.h was both edited and removed.
Resolution: removed, since this is the whole point of PR #1280 and the
changes in development are no longer relevant.
 2018-02-14 15:49:54 +01:00
Gilles Peskine 2235bd677a Style fix in ChangeLog 2018-02-14 15:47:46 +01:00
Gilles Peskine 1e3fd69777 Merge remote-tracking branch 'upstream-public/pr/1333' into development-proposed 2018-02-14 15:12:49 +01:00
Gilles Peskine 49ac5d06ed Merge branch 'pr_1365' into development-proposed 2018-02-14 14:36:44 +01:00
Gilles Peskine 27b0754501 Add ChangeLog entries for PR #1168 and #1362 2018-02-14 14:36:33 +01:00
Gilles Peskine 5daa76537a Add ChangeLog entry for PR #1165 2018-02-14 14:10:24 +01:00
Antonio Quartulli 12ccef2761
pkcs5v2: add support for additional hmacSHA algorithms 
Currently only SHA1 is supported as PRF algorithm for PBKDF2
(PKCS#5 v2.0).
This means that keys encrypted and authenticated using
another algorithm of the SHA family cannot be decrypted.

This deficiency has become particularly incumbent now that
PKIs created with OpenSSL1.1 are encrypting keys using
hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default
and even if v2 was forced, it would still use hmacSHA1).

Enable support for all the digest algorithms of the SHA
family for PKCS#5 v2.0.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
 2018-02-08 17:18:15 +08:00
Ron Eldor 1072e5c7e5 Update ChangeLog style 
Add dot at end of change in ChangeLog
 2018-02-07 18:43:02 +02:00
Ron Eldor 099e61df52 Rephrase Changelog 
Rephrase Changelog to be more coherent to users
 2018-02-06 17:34:27 +02:00
Ron Eldor 85e1dcff6a Fix handshake failure in suite B 
Fix handshake failure where PK key is translated as `MBEDTLS_ECKEY`
instead of `MBEDTLS_ECDSA`
 2018-02-06 15:59:38 +02:00
Simon Butcher 55fc4e0c5a Update ChangeLog with language and technical corrections 
To clarify and correct the ChangeLog.
 2018-02-05 08:41:14 +00:00
Jaeden Amero 98b9373849 Merge branch 'development' into development-restricted 2018-01-30 17:32:12 +00:00
Hanno Becker 2a03794d62 Adapt ChangeLog 2018-01-30 14:40:10 +00:00
Gilles Peskine 0edda4236d Added ChangeLog entry for 64-bit ILP32 fix 
Fixes #849
 2018-01-29 21:31:16 +01:00
Jaeden Amero 26342e54f5 Merge branch 'development' into development-restricted 2018-01-29 12:49:52 +00:00
Jaeden Amero 3b8fbaab87 Merge remote-tracking branch 'upstream-public/pr/1328' into development 2018-01-29 12:49:46 +00:00
Manuel Pégourié-Gonnard 5405962954 Fix alarm(0) failure on mingw32 
A new test for mbedtls_timing_alarm(0) was introduced in PR 1136, which also
fixed it on Unix. Apparently test results on MinGW were not checked at that
point, so we missed that this new test was also failing on this platform.
 2018-01-29 10:24:50 +01:00
Jaeden Amero 2acbf17b97 Merge branch 'development' into development-restricted 2018-01-26 20:57:38 +00:00
Jaeden Amero 751aa510c0 Merge remote-tracking branch 'upstream-public/pr/1303' into development 2018-01-26 20:48:55 +00:00
Jaeden Amero 784de59ccd Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted 
- Resolve ChangeLog conflicts
- Update Doxygen warning block in dhm.h to render correctly
- Prefix the exported identifier deprecated_constant_t with mbedtls_
 2018-01-26 18:43:04 +00:00
Gilles Peskine 7ecab3df4c Error codes for hardware accelerator failures 
Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography
modules where the software implementation can be replaced by a hardware
implementation.

This does not include the individual message digest modules since they
currently have no way to return error codes.

This does include the higher-level md, cipher and pk modules since
alternative implementations and even algorithms can be plugged in at
runtime.
 2018-01-26 17:56:38 +01:00
Jaeden Amero a03587b848 Merge branch 'development' into development-restricted 2018-01-26 12:48:04 +00:00
Jaeden Amero 791e08ad8b Add a ChangeLog entry 2018-01-26 12:04:12 +00:00
Jaeden Amero 66954e1c1f Merge branch 'development' into development-restricted 2018-01-25 17:28:31 +00:00
Jaeden Amero 005239e3ed Merge remote-tracking branch 'upstream-public/pr/1294' into development 2018-01-25 14:47:39 +00:00
Jaeden Amero 65ba60a975 Merge branch 'development' into development-restricted 2018-01-25 10:09:03 +00:00
Jaeden Amero cef0c5a2c8 Merge remote-tracking branch 'upstream-public/pr/1304' into development 2018-01-25 10:07:39 +00:00
Hanno Becker 087d5ad593 Minor improvement in ChangeLog 2018-01-24 16:06:25 +00:00
Jaeden Amero 3c082ce293 Merge branch 'development' into development-restricted 2018-01-24 15:17:15 +00:00
Gilles Peskine 9b534666a2 Add ChangeLog entry 2018-01-24 10:47:19 +00:00
Hanno Becker 616d1ca605 Add support for alternative ECJPAKE implementation 
This commit allows users to provide alternative implementations of the
ECJPAKE interface through the configuration option MBEDTLS_ECJPAKE_ALT.
When set, the user must add `ecjpake_alt.h` declaring the same
interface as `ecjpake.h`, as well as add some compilation unit which
implements the functionality. This is in line with the preexisting
support for alternative implementations of other modules.
 2018-01-24 10:36:22 +00:00