Simon Butcher
fabce5e137
Merge branch 'misc' into development
...
Fixes github #358 , #362 and IOTSSL-536
2015-12-22 18:56:56 +00:00
Simon Butcher
207990dcf5
Added description of change to the Changelog
...
Also clarified some comments following review.
2015-12-16 01:51:30 +00:00
Manuel Pégourié-Gonnard
1e07562da4
Fix wrong length limit in GCM
...
See for example page 8 of
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
The previous constant probably came from a typo as it was 2^26 - 2^5 instead
of 2^36 - 2^5. Clearly the intention was to allow for a constant bigger than
2^32 as the ull suffix and cast to uint64_t show.
fixes #362
2015-12-10 14:54:21 +01:00
Manuel Pégourié-Gonnard
7f17155ac6
Avoid seemingly-possible overflow
...
By looking just at that test, it looks like 2 + dn_size could overflow. In
fact that can't happen as that would mean we've read a CA cert of size is too
big to be represented by a size_t.
However, it's best for code to be more obviously free of overflow without
having to reason about the bigger picture.
2015-12-10 14:36:25 +01:00
Manuel Pégourié-Gonnard
acbb050118
Make documentation more explicit on TLS errors
...
fixes #358
2015-12-10 13:57:27 +01:00
Manuel Pégourié-Gonnard
e2e25e7427
DTLS: avoid dropping too many records
...
When the peer retransmits a flight with many record in the same datagram, and
we already saw one of the records in that datagram, we used to drop the whole
datagram, resulting in interoperability failure (spurious handshake timeouts,
due to ignoring record retransmitted by the peer) with some implementations
(issues with Chrome were reported).
So in those cases, we want to only drop the current record, and look at the
following records (if any) in the same datagram. OTOH, this is not something
we always want to do, as sometime the header of the current record is not
reliable enough.
This commit introduces a new return code for ssl_parse_header() that allows to
distinguish if we should drop only the current record or the whole datagram,
and uses it in mbedtls_ssl_read_record()
fixes #345
2015-12-03 16:13:17 +01:00
Manuel Pégourié-Gonnard
1630888aa0
Fix two more compiler warnings
...
- declaration after statement
- always true comparison due to limited range of operand
2015-12-01 10:27:00 +01:00
Manuel Pégourié-Gonnard
e3e8edfa51
Fix potential integer overflow in prev. commit
...
Found by Clang's -Wshift-count-overflow
2015-12-01 09:34:36 +01:00
Simon Butcher
15b15d1361
Added integer divide by as separate function
...
Added 64bit integer divided by 32bit integer, with remainder
2015-11-26 19:35:03 +00:00
Manuel Pégourié-Gonnard
3134ef0504
footprint.sh: tune output again
2015-11-25 10:50:27 +00:00
Manuel Pégourié-Gonnard
4553a6cdcf
footprint.sh: improve printed output
2015-11-25 10:39:54 +00:00
Simon Butcher
8254ed2a9f
Change version number to 2.2.0
...
Changed for library and yotta module
2015-11-04 19:55:40 +00:00
Simon Butcher
59a8fa7e2e
Corrected typo in ChangeLog
2015-11-03 23:09:28 +00:00
Manuel Pégourié-Gonnard
bd3639852c
Merge branch 'iotssl-519-asn1write-overflows-restricted' into development-restricted
...
* iotssl-519-asn1write-overflows-restricted:
Fix other int casts in bounds checking
Fix other occurrences of same bounds check issue
Fix potential buffer overflow in asn1write
2015-11-02 11:07:30 +09:00
Manuel Pégourié-Gonnard
537e2a9b58
Merge branch 'iotssl-518-winpathlen-restricted' into development-restricted
...
* iotssl-518-winpathlen-restricted:
Fix potential heap corruption on Windows
2015-11-02 11:04:59 +09:00
Manuel Pégourié-Gonnard
f8b2442e2f
Merge branch 'iotssl-517-double-free-restricted' into development-restricted
...
* iotssl-517-double-free-restricted:
Fix potential double-free in ssl_conf_psk()
2015-11-02 11:03:32 +09:00
Manuel Pégourié-Gonnard
ce0e3f7f5c
Bump yotta version number to 2.2.0-rc2
2015-11-02 06:53:44 +09:00
Manuel Pégourié-Gonnard
a8838af8e6
Use own implementation of strsep()
...
Not available on windows, and strtok() is not a good option
2015-11-02 06:44:24 +09:00
Manuel Pégourié-Gonnard
644c2e0fdb
Add new program to gitignore
2015-11-02 06:34:29 +09:00
Manuel Pégourié-Gonnard
c99dffad36
Add ChangeLog entry for ASN.1 DER boolean fix
2015-11-02 06:00:02 +09:00
Manuel Pégourié-Gonnard
0a543a8bc5
Merge pull request #320 from Inikup/fix-issue-318
...
Fix boolean values according to DER specs
2015-11-02 05:52:42 +09:00
Manuel Pégourié-Gonnard
1c6f19aa47
Merge pull request #317 from Inikup/fix-issue-315
...
cert_write : fix "Destination buffer is too small" error
2015-11-02 05:52:26 +09:00
Manuel Pégourié-Gonnard
ba1d897987
Merge branch 'bugfixes' into development
...
* bugfixes:
Fix typo in an OID name
Disable reportedly broken assembly of Sparc(64)
2015-11-02 05:50:41 +09:00
Manuel Pégourié-Gonnard
568f1e7cb3
Merge branch 'iotssl-515-max-pathlen' into development
...
* iotssl-515-max-pathlen:
Add Changelog entries for this branch
Fix a style issue
Fix whitespace at EOL issues
Use symbolic constants in test data
Fixed pathlen contraint enforcement.
Additional corner cases for testing pathlen constrains. Just in case.
Added test case for pathlen constrains in intermediate certificates
2015-11-02 05:49:08 +09:00
Manuel Pégourié-Gonnard
1fa36597fc
Merge remote-tracking branch 'refs/remotes/origin/development' into development
...
* refs/remotes/origin/development:
Fix help message for cert_req/cert_write programs
2015-10-30 16:54:35 +01:00
Manuel Pégourié-Gonnard
54eeecfff3
Merge pull request #316 from Inikup/help-key_cert_sign-fix
...
Fix help message for cert_req/cert_write programs
2015-10-30 14:50:42 +01:00
Manuel Pégourié-Gonnard
067523ef98
Small improvement to test script
2015-10-30 11:15:40 +01:00
Manuel Pégourié-Gonnard
fb84d38b45
Try to prevent some misuse of RSA functions
...
fixes #331
2015-10-30 10:56:25 +01:00
Manuel Pégourié-Gonnard
2b624e9b39
Add Changelog entries for this branch
2015-10-30 09:45:34 +01:00
Manuel Pégourié-Gonnard
45777c384d
Fix a style issue
2015-10-30 09:24:28 +01:00
Manuel Pégourié-Gonnard
e670f90e48
Fix whitespace at EOL issues
2015-10-30 09:23:19 +01:00
Manuel Pégourié-Gonnard
03dde85c3b
Use symbolic constants in test data
2015-10-30 09:18:06 +01:00
Manuel Pégourié-Gonnard
f7a4688257
Mention new test script in Readme
2015-10-28 13:43:43 +01:00
Manuel Pégourié-Gonnard
8de8a327f4
Bump yotta version to 2.2.0-rc.1
2015-10-27 18:09:39 +01:00
Simon Butcher
6edd78bd8b
Merge branch 'misc' into development
2015-10-27 16:58:01 +00:00
Simon Butcher
204606238c
Merge branch 'development' into misc
2015-10-27 16:57:34 +00:00
Simon Butcher
459a950f31
Fixed typo in comment
2015-10-27 16:09:03 +00:00
Simon Butcher
b48ace74c4
Merge branch 'iotssl-513-alerts' into development
2015-10-27 16:06:10 +00:00
Simon Butcher
62aab15085
Merge branch 'development' into iotssl-513-alerts
2015-10-27 16:05:34 +00:00
Simon Butcher
c87747b675
Removed debug code accidentally left in test code
...
Removed debug code accidentally left in test_suite_x509parse.function.
2015-10-27 15:16:51 +00:00
Simon Butcher
fa8094ea40
Merge branch 'iotssl-521-keylen-check' into development
2015-10-27 15:15:40 +00:00
Simon Butcher
5f7c34b8b0
Merge branch iotssl-521-keylen-check
2015-10-27 15:14:55 +00:00
Manuel Pégourié-Gonnard
e0b2feae34
Mention performance fix in ChangeLog
2015-10-27 10:24:54 +01:00
Simon Butcher
e357a64355
Merge pull request #328 from ARMmbed/iotssl-461-ecjpake-finalization
...
Iotssl 461 ecjpake finalization
2015-10-27 00:08:31 +00:00
Manuel Pégourié-Gonnard
231a065909
yotta Readme: edited by Irit
2015-10-26 17:50:04 +01:00
Manuel Pégourié-Gonnard
65eefc8707
Fix missing check for RSA key length on EE certs
...
- also adapt tests to use lesser requirement for compatibility with old
testing material
2015-10-23 16:19:53 +02:00
Manuel Pégourié-Gonnard
ac8673cb3f
Add quick script to estimate ROM footprint
2015-10-23 15:51:02 +02:00
Manuel Pégourié-Gonnard
de9f953b9f
Optimize more common cases in ecp_muladd()
2015-10-23 15:50:37 +02:00
Manuel Pégourié-Gonnard
d21eb2ae81
Fix attribution in ChangeLog
2015-10-23 15:35:02 +02:00
Manuel Pégourié-Gonnard
fbdf06c1a4
Fix handling of non-fatal alerts
...
fixes #308
2015-10-23 13:11:31 +02:00