yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-11 12:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
3982 commits 88 branches 205 tags 69 MiB
Commit graph

2239 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard c907081a20 Polish the source 2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard f7368c983a Polish API and documentation 2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard e1927101fb Unify round two 2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard d8204a7bea Provide symmetric API for the first round 2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard e2d3a4e1b4 Unify loading of test vectors in tests 2015-09-07 12:43:11 +02:00
Manuel Pégourié-Gonnard ce4567614b Rename variable to prepare for cli/srv unification 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 6b798b9dae Tune up some comments 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard e0ad57b0b3 Replace explicit IDs with table look-ups 
That's a first step towards merging symmetric version of different functions
 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 5f18829609 Add derive_pms, completing first working version 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 6449391852 Store our role in the context 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 614bd5e919 Add write_client_params 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard ec0eece2ba Add read_client_params 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard bed9e41761 Add writing of server params 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 8d31e80da4 Improve testing strategy 
- reference handshake tests that we get the right values (not much now, but
  much more later when we get to deriving the PMS)
- random handshake in addition tests our generate/write functions against our
  read functions, that are tested by the reference handshake, and will be
further tested in the test suite later against invalid inputs
 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 1a7c5ef42b Optimize some case of mbedtls_ecp_muladd() 
Those are used by EC-JPAKE
 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard cb7cd03412 Add first draft or read_server_params 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 23dcbe3f16 Add support for passphrase in the context 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 4e8bc78ad9 Add context-using functions for Hello extensions 
Also re-order functions in the header so that they appear in the order they're
use, ie free() last.
 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 7af8bc1007 Start introducing mbedtls_ecjpake_context 2015-09-07 12:43:10 +02:00
Manuel Pégourié-Gonnard 3aed1851b3 Re-order functions. 
Use the same order for all read-write pair of functions
 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 9028c5af9a Improve const correctness of read() functions 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 082767ff0c Add ecjpake_kkpp_read/write 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 4f2cd95e1d Fix potential memory leaks 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard b1b250b68c Add ecjpake_kkp_read/write() 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 967cd7192d Add test vector for ZKP verification 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 6029a85572 Add ecjpake_zpk_read() 
Not really tested yet
 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard c618195bc4 Fix base point in ecjpake_write_zkp() 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard d9a3f47ecd Add mbedtls_ecp_gen_keypair_base() 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 8489f17277 First draft of ecjpake_write_zkp() 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 3dbf2fbb89 Implement hashing function for ZKP 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard 4d8685b4ff Add skeleton for EC J-PAKE module 2015-09-07 12:43:09 +02:00
Manuel Pégourié-Gonnard aac5502553 Bump version to 2.1.0 2015-09-04 14:33:31 +02:00
Manuel Pégourié-Gonnard 37ff14062e Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Simon Butcher 52754594b6 Merging iotssl-457-badtail with development branch 2015-09-03 13:06:01 +01:00
Manuel Pégourié-Gonnard fdbdd72b8b Skip to trusted certs early in the chain 
This helps in the case where an intermediate certificate is directly trusted.
In that case we want to ignore what comes after it in the chain, not only for
performance but also to avoid false negatives (eg an old root being no longer
trusted while the newer intermediate is directly trusted).

closes #220
 2015-09-01 17:24:42 +02:00
Manuel Pégourié-Gonnard 4d04cdcd12 Fix RSA mutex fix 
Once the mutex is acquired, we must goto cleanup rather that return.
Since cleanup adjusts the return value, adjust that in test cases.

Also, at cleanup we don't want to overwrite 'ret', or we'll loose track of
errors.

see #257
 2015-08-31 09:31:55 +02:00
Manuel Pégourié-Gonnard 1385a289f4 Fix possible mutex lock/unlock mismatch 
fixes #257
 2015-08-27 11:30:58 +02:00
Manuel Pégourié-Gonnard e578b1c79a Relax timing_self_test for windows idiosyncrasies 2015-08-18 20:11:48 +02:00
Manuel Pégourié-Gonnard c98204e68f Fix missing break in switch for SSL presets 
closes #235
 2015-08-11 04:21:01 +02:00
Manuel Pégourié-Gonnard 91bbfb6fb7 Make timing selftest less sensitive 
- allow up to 12.5% security/error margin
- use larger delays
- this avoid the security/error margin being too low

The test used to fail about 1 out of 6 times on some buildbots VMs, but never
failed on the physical machines used for development.
 2015-08-10 14:33:12 +02:00
Manuel Pégourié-Gonnard ed46c436c0 Fix error when loading libmbedtls.so 2015-08-10 10:17:32 +02:00
Manuel Pégourié-Gonnard 111ce9f735 Fix build error with shared libraries for windows 2015-08-07 12:07:16 +02:00
Manuel Pégourié-Gonnard 8018c28600 Add -static-libgcc for Windows dll builds 2015-08-07 11:55:56 +02:00
Manuel Pégourié-Gonnard 620ee19823 Fix return of x509_self_test without SHA-1 
No being able to run the test is not a failure
 2015-08-07 10:57:47 +02:00
Manuel Pégourié-Gonnard d1004f02e6 Fix printed output of some selftests 2015-08-07 10:57:41 +02:00
Manuel Pégourié-Gonnard 0a8857435c DTLS: treat bad MAC on Finished as an error 
This is not required nor recommended by the protocol, and it's a layering
violation, but it's a know flaw in the protocol that you can't detect a PSK
auth error in any other way, so it is probably the right thing to do.

closes #227
 2015-08-04 12:11:17 +02:00
Manuel Pégourié-Gonnard 052d10c9d5 Accept a trailing space at end of PEM lines 
With certs being copy-pasted from webmails and all, this will probably become
more and more common.

closes #226
 2015-07-31 11:11:26 +02:00
Manuel Pégourié-Gonnard 6fb8187279 Update date in copyright line 2015-07-28 17:11:58 +02:00
Simon Butcher 10a6f02f83 Merge branch 'development' into IOTSSL-442-hello-noext 
Conflicts:
	ChangeLog
 2015-07-27 13:45:40 +01:00
Manuel Pégourié-Gonnard 6f42417ba8 Fix typo in that broke installation in cmake 
closes #221
 2015-07-24 16:55:22 +02:00