Commit graph

4286 commits

Author SHA1 Message Date
Simon Butcher e1a46cea49 Fix Visual Studio template files
Adds interim directories to the Visual Studio project files to avoid warning
MSB8028 in Visual Studio 2015, where shared directories of intermediate files
between project files generate the warning.
2017-03-01 23:05:38 +00:00
Ron Eldor 78011d9656 fix for issue 1101: missing rsa context initialization
added mbedtls_rsa_init in rsa_decrypt sample application
2017-03-01 16:05:25 +00:00
Paul Bakker c60c31226f Fix default hostname for verification used in ssl_client1 2017-02-28 23:33:28 +00:00
Simon Butcher d4940b5355 Merge branch 'mbedtls-2.1' 2017-02-04 23:38:05 +00:00
Simon Butcher ec75466f6f Add clarification to the TLS renegotiation period
Expanded details on use of mbedtls_ssl_conf_renegotiation_period()
2017-02-04 23:35:14 +00:00
Andres AG 9b1927bf9b Add DTLS test to check 6 byte record ctr is cmp
Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
the TLS case. Because currently there are no testing facilities to check
that renegotiation routines are triggered after X number of input/output
messages, the test consists on setting a renegotiation period that
cannot be represented in 6 bytes, but whose least-significant byte is 2.
If the library behaves correctly, the renegotiation routines will be
executed after two exchanged.
2017-02-04 23:35:14 +00:00
Andres AG 7fa66d4622 Fix renegotiation at incorrect times in DTLS
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
2017-02-04 23:35:14 +00:00
Simon Butcher dac83d24c3 Add clarification to the TLS renegotiation period
Expanded details on use of mbedtls_ssl_conf_renegotiation_period()
2017-02-03 01:28:24 +00:00
Simon Butcher 33c970cefc Merge mbedtls-2.1-iotssl-1099-incorrect-renego-utils
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
2017-02-03 01:26:04 +00:00
Andres AG 9d32bd91b0 Fix examples that failed to compile without PEM 2017-02-02 17:08:46 +00:00
Simon Butcher d3eaf44675 Merge branch 'mbedtls-2.1' 2017-02-02 16:50:30 +00:00
Simon Butcher 134d692a70 Add credit to Changelog for #562 2017-02-02 16:36:59 +00:00
Simon Butcher 5ca1c2906d Merge 'mbedtls-2.1-iotssl-952-tfirmware-warnings'
This PR fixes a number of unused variable/function compilation warnings
that arise when using a config.h that does not define the macro
MBEDTLS_PEM_PARSE_C.
2017-02-02 16:34:15 +00:00
Simon Butcher a0fbc582f0 Fix undefined variable in scripts/config.pl
The variable $config_file was being referenced without being defined in the
script config.pl.
2017-02-02 15:03:17 +00:00
Simon Butcher 07cc549376 Fix undefined variable in scripts/config.pl
The variable $config_file was being referenced without being defined in the
script config.pl.
2017-02-02 14:26:15 +00:00
Simon Butcher c45ddbec9b Clarify fix for #673 in Changelog
Clarified fix, and added credit.
2017-02-02 13:51:54 +00:00
Simon Butcher d9dae0dbe8 Merge mbedtls-2.1-iotssl-1079-macro-redefinition-warning
Fix redefinition of macro ssl_set_bio to undefined symbol
mbedtls_ssl_set_bio_timeout in compat-1.3.h.
2017-02-02 13:50:46 +00:00
Simon Butcher 8ee9c76ccd Merge branch 'mbedtls-2.1' of ssh://github.com/ARMmbed/mbedtls into mbedtls-2.1 2017-01-23 17:47:51 +00:00
Andres AG 96b4b01a23 Add DTLS test to check 6 byte record ctr is cmp
Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
the TLS case. Because currently there are no testing facilities to check
that renegotiation routines are triggered after X number of input/output
messages, the test consists on setting a renegotiation period that
cannot be represented in 6 bytes, but whose least-significant byte is 2.
If the library behaves correctly, the renegotiation routines will be
executed after two exchanged.
2017-01-20 15:56:13 +00:00
Andres AG 428f28d8d7 Fix renegotiation at incorrect times in DTLS
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
2017-01-20 15:56:03 +00:00
Andres AG a7cd85f081 Fix unused variable/function compilation warnings
This PR fixes a number of unused variable/function compilation warnings
that arise when using a config.h that does not define the macro
MBEDTLS_PEM_PARSE_C.
2016-12-07 16:13:28 +00:00
Andres AG faf9ce910c Fix redefinition of macro ssl_set_bio
Fix redefinition of macro ssl_set_bio to undefined symbol
mbedtls_ssl_set_bio_timeout in compat-1.3.h.
2016-12-07 13:58:18 +00:00
Simon B 41ce6e6076 Remove need for elevated command line in Windows
Changes use of mklink in Windows test builds, to create junctions instead of
directory symbolic links. This removes the need for an elevated command prompt
when running cmake to create the Visual Studio project files.
2016-11-17 16:05:25 +00:00
Brian J Murray e7f8dc304e Clarify Comments and Fix Typos (#651)
Fixes many typos, and errors in comments.

* Clarifies many comments
* Grammar correction in config.pl help text
* Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE.
* Comment typo fix (Dont => Don't)
* Comment typo fix (assure => ensure)
* Comment typo fix (byes => bytes)
* Added citation for quoted standard
* Comment typo fix (one complement => 1's complement)

The is some debate about whether to prefer "one's complement",  "ones'
complement", or "1's complement".  The more recent RFCs related to TLS
(RFC 6347,  RFC 4347, etc) use " 1's complement", so I followed that
convention.

* Added missing ")" in comment
* Comment alignment
* Incorrect comment after #endif
2016-11-10 17:38:34 +00:00
Simon B e2e2db4348 Fix config of compiler warning flags with MSVC
Compiler warnings were being configured twice and not suppressed on the
test suites with Microsoft Visual Studio.
2016-11-10 15:38:52 +00:00
Simon B 635f215145 Fix compiler warning with MSVC
Fixes compiler warnings found with Microsoft Visual Studio 2015 (and earlier
versions).
2016-11-10 15:38:52 +00:00
Nicholas Wilson 44ea01110c Allow test suites to be run on Windows
For a start, they don't even compile with Visual Studio due to strcasecmp
being missing.  Secondly, on Windows Perl scripts aren't executable and have
to be run using the Perl interpreter directly; thankfully CMake is able to
find cygwin Perl straight away without problems.
2016-11-10 15:38:52 +00:00
Andres Amaya Garcia f6e0330c65 Merge pull request #677 from sbutcher-arm/config-fix-2.1
Fix multiple erroneously named source files in comments - 2.1 backport
2016-11-04 14:12:06 +00:00
Simon Butcher f267830d6f Fix multiple erroneously named source files in comments
This fixes many incorrect references to filenames in the comments in config.h.
2016-11-04 13:36:37 +00:00
Simon Butcher 016a0d3b6f Update library version number to 2.1.6 2016-10-17 15:44:26 +01:00
Simon Butcher 1ef155c905 Merge branch 'mbedtls-2.1' 2016-10-17 13:53:18 +01:00
Simon Butcher 8bd467c47d Merge branch 'mbedtls-2.1' 2016-10-17 13:51:27 +01:00
Simon Butcher c655434280 Merge branch 'mbedtls-2.1' 2016-10-17 13:20:14 +01:00
Simon Butcher 35d0d94f5b Merge branch 'mbedtls-2.1' 2016-10-17 13:07:32 +01:00
Simon Butcher a978fac02b Merge branch 'mbedtls-2.1' 2016-10-17 12:16:27 +01:00
Simon Butcher 657c010884 Tidied up style and phrasing of ChangeLog 2016-10-16 00:18:54 +01:00
Simon Butcher d7f1902342 Updated test script all.sh
Changes to increase the release test coverage and also allow testing with
two different versions of OpenSSL and GNUTLS for legacy features.
2016-10-14 10:48:17 +01:00
Simon Butcher c83f470eb8 Update Changelog for issue #502 2016-10-14 01:04:51 +01:00
Simon Butcher 72388387c0 Merge branch for fix for #502 - Unchecked calls
Conflicts:
	ChangeLog
2016-10-14 01:03:11 +01:00
Simon Butcher 8ee9d7658c Update to Changelog for #626 2016-10-13 16:30:19 +01:00
Andres AG 53d77130fc Add check for validity of date in x509_get_time() 2016-10-13 16:24:12 +01:00
Andres AG 6220ecbc48 Fix overread when verifying SERVER_HELLO in DTLS 2016-10-13 15:43:46 +01:00
Simon Butcher 8390e0a97c Update and clean up Changelog for #622 2016-10-13 15:27:09 +01:00
Andres AG 6a3fa2159c Fix sig->tag update in mbedtls_x509_get_sig() 2016-10-13 15:23:35 +01:00
Simon Butcher d9d0cda9fe Merge branch 'mbedtls-2.1' 2016-10-13 10:35:52 +01:00
Janos Follath 0be55a0549 Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature
In a USENIX WOOT '16 paper the authors warn about a security risk
of random Initialisation Vectors (IV) repeating values.

The MBEDTLS_SSL_AEAD_RANDOM_IV feature is affected by this risk and
it isn't compliant with RFC5116. Furthermore, strictly speaking it
is a different cipher suite from the TLS (RFC5246) point of view.

Removing the MBEDTLS_SSL_AEAD_RANDOM_IV feature to resolve the above
problems.

Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky and Philipp
Jovanovic, "Nonce-Disrespecting Adversaries: Practical Forgery Attacks
on GCM in TLS", USENIX WOOT '16
2016-10-13 10:35:34 +01:00
Janos Follath 6d3e3389e5 Add simple test for repeated IVs when using AEAD
In a USENIX WOOT '16 paper the authors exploit implementation
mistakes that cause Initialisation Vectors (IV) to repeat. This
did not happen in mbed TLS, and this test makes sure that this
won't happen in the future either.

A new test option is introduced to ssl-opt.sh that checks the server
and client logs for a pattern and fails in case there are any
duplicates in the lines following the matching ones. (This is
necessary because of the structure of the logging)

Added a test case as well to utilise the new option. This test forces
the TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 ciphersuite to make the
client and the server use an AEAD cipher.

Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky and Philipp
Jovanovic, "Nonce-Disrespecting Adversaries: Practical Forgery Attacks
on GCM in TLS", USENIX WOOT '16
2016-10-13 10:26:58 +01:00
Simon Butcher 759b5a1286 Added credit to Changelog for fix #558 2016-10-13 01:00:19 +01:00
Janos Follath 95b303648c Restore P>Q in RSA key generation (#558)
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.

This commit restores this behaviour.
2016-10-13 00:58:09 +01:00
Simon Butcher 6f066a8636 Clarified Changelog for fix #602 2016-10-12 19:54:24 +01:00