yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-05 02:39:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
5652 commits 88 branches 205 tags 69 MiB
Commit graph

5652 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hanno Becker bdefff1dde Change signature of mbedtls_rsa_deduce_private 
Make input arguments constant and adapt the implementation to use a temporary instead of in-place operations.
 2017-10-02 09:59:48 +01:00
Hanno Becker ba5b755f1a Change signature and semantics of mbedtls_rsa_deduce_moduli 
Input arguments are marked as constant. Further, no double-checking is performed when a factorization of the modulus has
been found.
 2017-10-02 09:55:49 +01:00
Simon Butcher 83ce8201dc Update ChangeLog for fix to #836 2017-09-30 23:39:46 +01:00
Hanno Becker 2f38a43d3a Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog. 
Add a reference to the relevant RFC, adapt ChangeLog.
 2017-09-30 23:35:21 +01:00
Hanno Becker f5f9d11acc Enhance documentation of mbedtls_ssl_set_hostname 
(1) Add missing error condition
(2) Specify allowance and effect of of NULL hostname parameter
(3) Describe effect of function on failure
 2017-09-30 23:35:12 +01:00
Hanno Becker 39f5d359f5 Make mbedtls_ssl_set_hostname safe to be called multiple times 
Zeroize and free previously set hostnames before overwriting
them. Also, allow clearance of hostname by providing NULL parameter.
 2017-09-30 23:35:02 +01:00
Hanno Becker 713fe7f66c Add test case calling ssl_set_hostname twice 
Add a test case calling ssl_set_hostname twice to test_suite_ssl.
When run in CMake build mode ASan, this catches the current leak,
but will hopefully be fine with the new version.
 2017-09-30 23:34:52 +01:00
Ron Eldor 376f7f5fe1 Fix typo in configs/README.txt file 
Fix typo in Readme file: ajust->adjust
 2017-09-30 21:37:59 +01:00
Xinyu Chen 00afe1c046 Correct the printf message of the DTLS handshake. 
Make it consistent with dtls_server.c
 2017-09-30 09:52:38 +01:00
Hanno Becker 08a36dde80 Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
Hanno Becker b4274210a4 Improve documentation in pkparse.c 
State explicitly that `pk_parse_pkcs8_undencrypted_der` and `pk_parse_key_pkcs8_encrypted_der` are not responsible for
zeroizing and freeing the provided key buffer.
 2017-09-29 19:18:51 +01:00
Hanno Becker f04111f5c5 Fix typo 2017-09-29 19:18:42 +01:00
Gilles Peskine 5b7ee07ff6 Cleaned up get_line for test data files 
Look, ma, a use for do...while!

Also removed 1-3 calls to strlen.
 2017-09-29 18:00:25 +02:00
Hanno Becker 56bae95e1d Improve style and documentation, fix typo 2017-09-29 15:43:49 +01:00
Gilles Peskine 26182edd0c Allow comments in test data files 2017-09-29 15:45:12 +02:00
Hanno Becker 4b2f691691 Doxygen: Use typewriter font for variables in rsa.h documentation 2017-09-29 13:36:54 +01:00
Hanno Becker ed20361321 Increase readability of Doxygen output 
Multiple lists were not properly recognized as such.
 2017-09-29 13:34:25 +01:00
Hanno Becker 91c194dabb Add and document an RSA-specific error code for unsupported exports 
E.g., a private key on an external chip might not be exportable to RAM.
 2017-09-29 12:50:12 +01:00
Hanno Becker bead71752e Correct typo in rsa.c 2017-09-29 12:41:06 +01:00
Hanno Becker e1582a832b Add expectation when testing RSA key import/export 
This commit adds a flag to the RSA import/export tests indicating whether it is
expected that a full RSA keypair can be set up from the provided parameters.

Further, the tests of `mbedtls_rsa_import` and `mbedtls_rsa_import_raw` are
expanded to perform key checks and an example encryption-decryption.
 2017-09-29 11:54:05 +01:00
Hanno Becker 4d6e83406c Improve readability of test for mbedtls_rsa_import 2017-09-29 11:54:05 +01:00
Hanno Becker 5063cd2cca Deprecate direct manipulation of structure fields in RSA context 2017-09-29 11:54:05 +01:00
Hanno Becker ba1ba11a98 Check that length is properly set in mbedtls_rsa_check_pubkey 2017-09-29 11:54:05 +01:00
Hanno Becker 2f8f06aa25 Don't always recompute context length in mbedtls_rsa_get_len 
This commit changes the implementation of `mbedtls_rsa_get_len` to return
`ctx->len` instead of always re-computing the modulus' byte-size via
`mbedtls_mpi_size`.
 2017-09-29 11:54:05 +01:00
Hanno Becker 54cfc585cd Add test cases for mbedtls_rsa_import[_raw] where N is missing 2017-09-29 11:54:05 +01:00
Hanno Becker 2cca6f3290 Always deduce N from P, Q in mbedtls_rsa_complete 
Previously, a parameter set of (-, P, Q, -, E) was completed, but (-, P, Q, D,
E) wasn't - this is odd.
 2017-09-29 11:54:05 +01:00
Hanno Becker 041a6b030f Adapt ChangeLog 2017-09-28 14:52:26 +01:00
Hanno Becker cc56628117 Don't use all_final as a target in tests/data_files/Makefile 
The `neat` target in that Makefile assumes all_final to be a concatenation of
file names.
 2017-09-26 16:21:19 +01:00
Hanno Becker 6428f8d78e Let ssl-opt.sh gracefully fail is SSL_MAX_CONTENT_LEN is not 16384 
Some tests in ssl-opt.sh require MBEDTLS_SSL_MAX_CONTENT_LEN to be set to its
default value of 16384 to succeed. While ideally such a dependency should not
exist, as a short-term remedy this commit adds a small check that will at least
lead to graceful exit if that assumption is violated.
 2017-09-22 16:58:50 +01:00
Hanno Becker d8a6f7cfbe Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
Hanno Becker a20e33ad59 Use X509 CRT version macros for version checks in x509write_crt_der 2017-09-22 15:40:01 +01:00
Hanno Becker 7f3652ddf1 Fix error code printing in cert_write 
Error codes can consume up to two bytes, but only one was printed so far.
 2017-09-22 15:39:02 +01:00
Hanno Becker 38eff43791 Use X509 CRT version macros in cert_write program 2017-09-22 15:38:20 +01:00
Hanno Becker e1b1d0af8e Fix senseless comment 2017-09-22 15:35:16 +01:00
Hanno Becker 930025da6d Adapt ChangeLog 2017-09-18 16:12:28 +01:00
Florin 0b7b83fd91 Fixed SIGSEGV problem when writing with ssl_write_real a buffer that is over MBEDTLS_SSL_MAX_CONTENT_LEN bytes 
Signed-off-by: Florin <petriuc.florin@gmail.com>
 2017-09-18 16:11:42 +01:00
Hanno Becker 2b187c4d5f Correct typo 2017-09-18 16:11:42 +01:00
Hanno Becker 09930d1f01 Add expected number of fragments to 16384-byte packet tests 2017-09-18 16:11:42 +01:00
Hanno Becker c526696c05 Add tests for messages beyond 16384 bytes to ssl-opt.sh 
This commit adds four tests to ssl-opt.sh testing the library's behavior when
`mbedtls_ssl_write` is called with messages beyond 16384 bytes. The combinations
tested are TLS vs. DTLS and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH enabled vs. disabled.
 2017-09-18 16:11:42 +01:00
Hanno Becker 4aed27e469 Add missing test-dependencies for MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 
The tests for the maximum fragment length extension were lacking a dependency on
MBEDTLS_SSL_MAX_FRAGMENT_LENGTH being set in the config.
 2017-09-18 16:11:42 +01:00
Hanno Becker e4ad3e8803 Allow requests of size larger than 16384 in ssl_client2 2017-09-18 16:11:42 +01:00
Hanno Becker 5175ac6e13 Add tests for disabled MFL-extension to all.sh 
This commit adds a build with default config except
MBEDTLS_SSL_MAX_FRAGMENT_LENGTH to all.sh, as well as a run of the MFL-related
tests in ssl-opt.sh.
 2017-09-18 16:11:39 +01:00
Andres Amaya Garcia 01692531c6 Document code silently discarding invalid records 2017-09-14 20:20:31 +01:00
Andres Amaya Garcia f569f701c2 Fix ChangeLog entry 2017-09-14 20:20:21 +01:00
Andres Amaya Garcia 06fc6650f4 Add ChangeLog entry 2017-09-14 20:20:15 +01:00
Andres Amaya Garcia 2fad94b193 Dont send alert on invalid DTLS record type 
Do not send fatal alerts when receiving a record with an invalid header
while running DTLS as this is not compliant behaviour.
 2017-09-14 20:18:37 +01:00
Hanno Becker d4a872ee67 Rename internal MBEDTLS_ENTROPY_HAVE_STRONG to ENTROPY_HAVE_STRONG 
This commit renames the test-only flag MBEDTLS_ENTROPY_HAVE_STRONG to ENTROPY_HAVE_STRONG to make it more transparent
that it's an internal flag, and also to content the testscript tests/scripts/check-names.pl which previously complained
about the macro occurring in a comment in `entropy.c` without being defined in a library file.
 2017-09-14 08:04:13 +01:00
Hanno Becker 45037ceac5 Add check for presence of relevant parameters in mbedtls_rsa_private 
If CRT is used, check for the presence N, P, Q, D, E, DP, DQ and QP. If CRT is
not used, check for N, P, Q, D, E only.
 2017-09-14 08:02:14 +01:00
Hanno Becker 81535d0011 Minor style and typo corrections 2017-09-14 07:51:54 +01:00
Hanno Becker 476986547b Omit version from X.509 v1 certificates 
The version field in an X.509 certificate is optional and defaults to v1, so it
may be omitted in this case.
 2017-09-14 07:51:54 +01:00