Simon Butcher
d620f6f56b
Adds a filter to run-test-suites.pl to exclude data files
...
The run-test-suites.pl script was executing all files of the form 'test_suite*'
which were either executable or ended with a .exe extension.
On some filesystems, such as through network shares or VMs, which are
abstracting one set of file permissions to Unix permissions, may set the
executable permissions on all files, whether they're executable or not.
That was leading to the run-test-suites.pl script to attempt to execute the .c
intermediate files because they followed the form 'test_suite_*.c'. This change
now excludes them, just in case they accidentally have execute permissions.
2018-09-27 17:29:44 +01:00
Simon Butcher
7a539a57d7
Merge remote-tracking branch 'public/pr/1812' into mbedtls-2.7
2018-09-27 17:19:29 +01:00
Gilles Peskine
b46c59e2a7
In keep-going mode, don't hard-fail on some tests
...
Add if_build_succeeded in front of the invocation of some test runs
where it was missing.
2018-09-27 10:12:58 +02:00
Gilles Peskine
732826d265
In keep-going mode, don't hard-fail on some auxiliary script
...
Add record_status in front of the invocation of several scripts where
it was missing.
2018-09-27 10:08:31 +02:00
Simon Butcher
f73b437fc6
Add ChangeLog entry for PR #1812
2018-09-26 22:59:42 +01:00
Simon Butcher
fa5054ffab
Fix ChangeLog entry for PR #1972
2018-09-26 22:59:31 +01:00
Andrzej Kurek
c895821766
ssl-opt.sh: change expected output for large srv packet test with SSLv3
...
This test also exercises a protection against BEAST
and should expect message splitting.
2018-09-26 22:53:13 +01:00
Andrzej Kurek
3d5cd4ec0a
Remove trailing whitespace
2018-09-26 22:53:13 +01:00
Andrzej Kurek
216b40de9b
ssl_server2: add buffer overhead for a termination character
...
Switch to mbedtls style of memory allocation
2018-09-26 22:53:12 +01:00
Andrzej Kurek
d731a6348a
Add missing large and small packet tests for ssl_server2
2018-09-26 22:53:12 +01:00
Andrzej Kurek
557335e56d
Added buffer_size and response_size options for ssl-server2.
...
Added appropriate tests.
2018-09-26 22:53:12 +01:00
Simon Butcher
651902d062
Merge remote-tracking branch 'public/pr/1972' into mbedtls-2.7
2018-09-26 22:35:51 +01:00
Simon Butcher
9863afc5e2
Merge remote-tracking branch 'public/pr/1899' into mbedtls-2.7
2018-09-26 22:00:02 +01:00
Gilles Peskine
94a779b2c2
Add ChangeLog entry for deprecation of mbedtls_xxx_drbg_update
2018-09-13 22:27:12 +02:00
Gilles Peskine
aadc818126
HMAC_DRBG: report all errors from HMAC functions
...
Make sure that any error from mbedtls_md_hmac_xxx is propagated.
2018-09-13 22:20:58 +02:00
Gilles Peskine
4d23757fad
HMAC_DRBG: deprecate mbedtls_hmac_drbg_update because it ignores errors
...
Deprecate mbedtls_hmac_drbg_update (which returns void) in favor of a
new function mbedtls_hmac_drbg_update_ret which reports error. The old
function is not officially marked as deprecated in this branch because
this is a stable maintenance branch.
2018-09-13 22:19:57 +02:00
Gilles Peskine
9ce2972399
CTR_DRBG: add mbedtls_ctr_drbg_update_ret
...
Deprecate mbedtls_ctr_drbg_update (which returns void) in favor of a
new function mbedtls_ctr_drbg_update_ret which reports error. The old
function is not officially marked as deprecated in this branch because
this is a stable maintenance branch.
2018-09-13 22:19:31 +02:00
Gilles Peskine
f249e37e86
Add ChangeLog entry for wiping sensitive buffers
2018-09-13 22:11:23 +02:00
Gilles Peskine
1da7776bd7
HMAC_DRBG: clean stack buffers
...
Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
2018-09-13 22:11:17 +02:00
Gilles Peskine
d324c5954a
CTR_DRBG: clean stack buffers
...
Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
2018-09-13 22:10:46 +02:00
Simon Butcher
d6a63f4ca5
Clarified ChangeLog entry
...
ChangeLog entry for backport of #1890 was misleading, so corrected it.
2018-09-13 11:59:03 +01:00
Gilles Peskine
938845484c
Add ChangeLog entry
2018-09-04 11:22:08 +02:00
Gilles Peskine
98add4fd5a
Fix pk_write with an EC key to write a constant-length private value
...
When writing a private EC key, use a constant size for the private
value, as specified in RFC 5915. Previously, the value was written
as an ASN.1 INTEGER, which caused the size of the key to leak
about 1 bit of information on average, and could cause the value to be
1 byte too large for the output buffer.
2018-09-04 11:22:08 +02:00
Gilles Peskine
313a5c1fec
pk_write test cases with short/long private key
...
Add pk_write test cases where the ASN.1 INTEGER encoding of the
private value does not have the mandatory size for the OCTET STRING
that contains the value.
ec_256_long_prv.pem is a random secp256r1 private key, selected so
that the private value is >= 2^255, i.e. the top bit of the first byte
is set (which would cause the INTEGER encoding to have an extra
leading 0 byte).
ec_521_short_prv.pem is a random secp521r1 private key, selected so
that the private value is < 2^518, i.e. the first byte is zero and the
top bit of the second byte is 0 (which would cause the INTEGER
encoding to have one less 0 byte at the start).
2018-09-04 11:16:42 +02:00
Simon Butcher
eee169a082
Merge pull request #506 from sbutcher-arm/mbedtls-version-2.7.6
...
Update library version number to 2.7.6
2018-08-31 17:29:24 +01:00
Simon Butcher
34997fd291
Update library version number to 2.7.6
2018-08-31 16:07:23 +01:00
Simon Butcher
a36fe37429
Revised and clarified ChangeLog
...
Minor changes to fix language, merge mistakes and incorrect classifications of
changes.
2018-08-31 12:00:58 +01:00
Andrzej Kurek
77798b9f2d
ssl-opt.sh: change expected output for large srv packet test with SSLv3
...
This test also exercises a protection against BEAST
and should expect message splitting.
2018-08-29 07:05:59 -04:00
Andrzej Kurek
0d50aeb4d4
Remove trailing whitespace
2018-08-29 07:05:44 -04:00
Andrzej Kurek
fb764931ee
ssl_server2: add buffer overhead for a termination character
...
Switch to mbedtls style of memory allocation
2018-08-29 07:05:44 -04:00
Andrzej Kurek
d5ab1883b7
Add missing large and small packet tests for ssl_server2
2018-08-29 07:05:44 -04:00
Andrzej Kurek
6b3ec17463
Added buffer_size and response_size options for ssl-server2.
...
Added appropriate tests.
2018-08-29 07:05:44 -04:00
Simon Butcher
9877efb401
Merge remote-tracking branch 'restricted/pr/437' into mbedtls-2.7-restricted
2018-08-28 15:34:28 +01:00
Simon Butcher
242169bdc3
Merge remote-tracking branch 'restricted/pr/498' into mbedtls-2.7-restricted
2018-08-28 15:29:55 +01:00
Simon Butcher
6910201cd1
Merge remote-tracking branch 'restricted/pr/493' into mbedtls-2.7-restricted
2018-08-28 15:23:39 +01:00
Simon Butcher
fbd0ccc0f0
Merge remote-tracking branch 'public/pr/1978' into mbedtls-2.7
2018-08-28 12:32:21 +01:00
Simon Butcher
4102b3d377
Merge remote-tracking branch 'public/pr/1888' into mbedtls-2.7
2018-08-28 12:25:12 +01:00
Simon Butcher
cc4f58d08c
Merge remote-tracking branch 'public/pr/1956' into mbedtls-2.7
2018-08-28 12:16:11 +01:00
Simon Butcher
f7be6b029e
Merge remote-tracking branch 'public/pr/1960' into mbedtls-2.7
2018-08-28 11:51:56 +01:00
Simon Butcher
040cff9895
Merge remote-tracking branch 'public/pr/1974' into mbedtls-2.7
2018-08-28 10:20:37 +01:00
Simon Butcher
b6cf145b7a
Merge remote-tracking branch 'public/pr/1981' into mbedtls-2.7
2018-08-28 10:18:32 +01:00
Hanno Becker
6728d3cfdb
Improve documentation of mbedtls_x509_crt_parse()
2018-08-24 10:02:03 +01:00
Hanno Becker
b37ca7a4eb
Move ChangeLog entry from Bugfix to Changes section
2018-08-23 16:42:32 +01:00
Hanno Becker
ca16cf67da
Improve wording
2018-08-23 16:15:26 +01:00
Hanno Becker
063c50df8a
pk_encrypt: Uniformize debugging output
2018-08-23 15:57:15 +01:00
Hanno Becker
ca8c3b434c
Improve documentation of mbedtls_x509_crt_parse()
...
Fixes #1883 .
2018-08-23 15:52:01 +01:00
Hanno Becker
45d006a9cc
Fix typos in programs/x509/cert_write.c
...
Fixes #1922 .
2018-08-23 15:27:21 +01:00
Hanno Becker
6953ac2dbe
Minor formatting improvements in pk_encrypt and pk_decrypt examples
2018-08-23 15:14:52 +01:00
Hanno Becker
20b5d14b28
Adapt ChangeLog
2018-08-23 15:14:51 +01:00
Hanno Becker
a82a6e126d
Correct memory leak in pk_decrypt example program
2018-08-23 15:14:50 +01:00