yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-11 07:55:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
10057 commits 88 branches 205 tags 69 MiB
Commit graph

32 commits

Author SHA1 Message Date
Jaeden Amero df8185eae3
Merge pull request #2923 from Patater/reduce-ram-pem-csr 
x509write_csr: Reduce stack usage of mbedtls_x509write_csr_pem()
 2019-11-14 16:39:48 +00:00
Gilles Peskine bf88780e64 Use MBEDTLS_PK_SIGNATURE_MAX_SIZE in X.509 
Use the constant that is now provided by the crypto submodule instead
of rolling our own definition which is not correct in all cases.
 2019-11-13 15:32:11 +01:00
Jaeden Amero 6ffac75995 x509write_csr: Reduce stack usage of mbedtls_x509write_csr_pem() 
Using 4096 bytes of stack for the temporary buffer used for holding a
throw-away DER-formatted CSR limits the portability of generating
certificate signing requests to only devices with lots of stack space.
To increase portability, use the mbedtls_pem_write_buffer() in-place
capability instead, using the same buffer for input and output. This
works since the DER encoding for some given data is always smaller than
that same data PEM-encoded.

PEM format is desirable to use even on stack-constrained devices as the
format is easy to work with (for example, copy-pasting from a tiny
device's serial console output, for CSRs generated on tiny devices
without the private key leaving said tiny device).
 2019-11-13 14:29:38 +00:00
k-stachowiak c4638cc640 Change size of preallocated buffer for pk_sign() calls 2019-06-06 13:20:48 +02:00
Andres Amaya Garcia 6e95914f0e Add new function mbedtls_asn1_write_named_bitstring() 
Add a new function mbedtls_asn1_write_named_bitstring() that removes
trailing 0s at the end of DER encoded bitstrings. The function is
implemented according to Hanno Becker's suggestions.

This commit also changes the functions x509write_crt_set_ns_cert_type
and crt_set_key_usage to call the new function as the use named
bitstrings instead of the regular bitstrings.
 2019-02-28 09:36:30 +00:00
Jaeden Amero 3497323f79 Initialize PSA Crypto operation contexts 
It is now required to initialize PSA Crypto operation contexts before
calling psa_*_setup(). Otherwise, one gets a PSA_ERROR_BAD_STATE error.
 2019-02-20 10:58:55 +00:00
Andrzej Kurek a609337ca0 x509: remove unnecessary calls to psa_hash_abort 
According to the documentation, it does not need to be called after a failed
psa_hash call.
 2018-11-22 11:53:04 -05:00
Andrzej Kurek d4a6553191 x509: use the PSA API to perform hashing operations 
So far limited only to certificate verification withour CRL and CSR generation.
 2018-11-22 11:53:04 -05:00
Andres Amaya Garcia 1f6301b3c8 Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
Andres Amaya Garcia e32df087fb Remove individual copies of mbedtls_zeroize() 
This commit removes all the static occurrencies of the function
mbedtls_zeroize() in each of the individual .c modules. Instead the
function has been moved to utils.h that is included in each of the
modules.
 2018-04-17 09:19:05 -05:00
Hanno Becker d8a6f7cfbe Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
Hanno Becker 81535d0011 Minor style and typo corrections 2017-09-14 07:51:54 +01:00
Hanno Becker fc77144802 Fix extraction of signature-type from PK context instance 2017-09-14 07:51:54 +01:00
Andres AG 60dbc93831 Add missing bounds check in X509 DER write funcs 
This patch adds checks in both mbedtls_x509write_crt_der and
mbedtls_x509write_csr_der before the signature is written to buf
using memcpy().
 2016-10-11 14:07:48 +01:00
Manuel Pégourié-Gonnard 37ff14062e Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Manuel Pégourié-Gonnard 6fb8187279 Update date in copyright line 2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard 2cf5a7c98e The Great Renaming 
A simple execution of tmp/invoke-rename.pl
 2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard 7f8099773e Rename include directory to mbedtls 2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard fe44643b0e Rename website and repository 2015-03-06 13:17:10 +00:00
Rich Evans 00ab47026b cleanup library and some basic tests. Includes, add guards to includes 2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard 860b51642d Fix url again 2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard 085ab040aa Fix website url to use https. 2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard 9698f5852c Remove maintainer line. 2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard 19f6b5dfaa Remove redundant "all rights reserved" 2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard a658a4051b Update copyright 2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard 967a2a5f8c Change name to mbed TLS in the copyright notice 2015-01-22 14:28:16 +00:00
Paul Bakker 3461772559 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-06-14 16:46:03 +02:00
Paul Bakker b9e4e2c97a Fix formatting: fix some 'easy' > 80 length lines 2014-05-01 14:18:25 +02:00
Manuel Pégourié-Gonnard cef4ad2509 Adapt sources to configurable config.h name 2014-04-30 16:40:20 +02:00
Paul Bakker 50dc850c52 Const correctness 2013-10-28 21:19:10 +01:00
Paul Bakker b9cfaa0c7f Explicit conversions and minor changes to prevent MSVC compiler warnings 2013-10-14 15:50:40 +02:00
Paul Bakker 9556d3d650 Renamed x509_crt_write.c and x509_csr_write.c 2013-09-18 13:50:13 +02:00
Renamed from library/x509_csr_write.c (Browse further)