yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-11-20 11:04:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/library
History
Andres AG 2f3fe70f7e Fix verify out flags from x509_crt_verify_top() 
This change fixes a regression introduced by an earlier commit that
modified x509_crt_verify_top() to ensure that valid certificates
that are after past or future valid in the chain are processed. However
the change introduced a change in behaviour that caused the
verification flags BADCERT_EXPIRED and BADCERT_FUTURE to always be set
whenever there is a failure in the verification regardless of the cause.

The fix maintains both behaviours:
  * Ensure that valid certificates after future and past are verified
  * Ensure that the correct verification flags are set.

To do so, a temporary pointer to the first future or past valid
certificate is maintained while traversing the chain. If a truly valid
certificate is found then that one is used, otherwise if no valid
certificate is found and the end of the chain is reached, the program
reverts back to using the future or past valid certificate.
2017-01-20 17:12:36 +00:00
..
.gitignore
aes.c
aesni.c
arc4.c
asn1parse.c
asn1write.c
base64.c
bignum.c
blowfish.c
camellia.c
ccm.c
certs.c
cipher.c
cipher_wrap.c
CMakeLists.txt
ctr_drbg.c
debug.c
des.c
dhm.c
ecdh.c
ecdsa.c
ecp.c
ecp_curves.c Fix spurious #endif from previous cherry-pick 2015-10-05 14:57:01 +01:00
entropy.c
entropy_poll.c
error.c
gcm.c
havege.c
hmac_drbg.c
Makefile
md.c
md2.c Fix warning with MD/SHA ALT implementation 2015-08-31 11:22:47 +02:00
md4.c
md5.c
md_wrap.c Rename website and repository 2015-03-06 13:17:10 +00:00
memory_buffer_alloc.c
net.c
oid.c
padlock.c
pbkdf2.c
pem.c
pk.c
pk_wrap.c
pkcs5.c
pkcs11.c
pkcs12.c
pkparse.c Fix bug in pk_parse_key() 2015-04-15 11:21:24 +02:00
pkwrite.c
platform.c
ripemd160.c
rsa.c
sha1.c
sha256.c
sha512.c
ssl_cache.c
ssl_ciphersuites.c
ssl_cli.c
ssl_srv.c
ssl_tls.c Fix for MSVC Compiler warnings 2016-11-10 15:40:53 +00:00
threading.c
timing.c
version.c Rename website and repository 2015-03-06 13:17:10 +00:00
version_features.c
x509.c Fix integration of bugfix for #626 2016-10-17 22:41:54 +01:00
x509_create.c
x509_crl.c
x509_crt.c
x509_csr.c
x509write_crt.c
x509write_csr.c Add missing bounds check in X509 DER write funcs 2016-10-13 12:45:07 +01:00
xtea.c