Commit 9a73632f authored by Paul Bakker's avatar Paul Bakker

- Merged changesets 1399 up to and including 1415 into 1.2 branch

parent 97872ace
PolarSSL ChangeLog
= Version Trunk
= Version 1.2.1 released 2012-11-13
Changes
* Depth that the certificate verify callback receives is now numbered
bottom-up (Peer cert depth is 0)
Bugfixes
* Fixes for MSVC6
* Moved mpi_inv_mod() outside POLARSSL_GENPRIME
* Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel
Pégourié-Gonnard)
* Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
= Version 1.2.0 released 2012-10-31
Features
......
......@@ -32,6 +32,18 @@ install:
fi \
done
uninstall:
rm -rf $(DESTDIR)/include/polarssl
rm -f $(DESTDIR)/lib/libpolarssl.*
for p in programs/*/* ; do \
if [ -x $$p ] && [ ! -d $$p ] ; \
then \
f=$(PREFIX)`basename $$p` ; \
rm -f $(DESTDIR)/bin/$$f ; \
fi \
done
clean:
cd library && $(MAKE) clean && cd ..
cd programs && $(MAKE) clean && cd ..
......
......@@ -4,7 +4,7 @@
*/
/**
* @mainpage PolarSSL v1.2.0 source code documentation
* @mainpage PolarSSL v1.2.1 source code documentation
*
* This documentation describes the internal structure of PolarSSL. It was
* automatically generated from specially formatted comment blocks in
......@@ -21,7 +21,7 @@
*
* @section mainpage_modules Modules
*
* PolarSSL supports SSLv3 up to TLSv1.1 communication by providing the
* PolarSSL supports SSLv3 up to TLSv1.2 communication by providing the
* following:
* - TCP/IP communication functions: listen, connect, accept, read/write.
* - SSL/TLS communication functions: init, handshake, read/write.
......
......@@ -25,7 +25,7 @@ DOXYFILE_ENCODING = UTF-8
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
# by quotes) that should identify the project.
PROJECT_NAME = "PolarSSL v1.2.0"
PROJECT_NAME = "PolarSSL v1.2.1"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
......
......@@ -141,7 +141,7 @@ int aes_crypt_cfb128( aes_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief AES-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
......
......@@ -66,7 +66,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keyle
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output );
/*
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
......
......@@ -223,7 +223,7 @@ void mpi_swap( mpi *X, mpi *Y );
*/
int mpi_lset( mpi *X, t_sint z );
/*
/**
* \brief Get a specific bit from X
*
* \param X MPI to use
......@@ -233,7 +233,7 @@ int mpi_lset( mpi *X, t_sint z );
*/
int mpi_get_bit( const mpi *X, size_t pos );
/*
/**
* \brief Set a bit of X to a specific value of 0 or 1
*
* \note Will grow X if necessary to set a bit to 1 in a not yet
......
......@@ -129,7 +129,7 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief Blowfish-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
......
......@@ -139,7 +139,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief CAMELLIA-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
......
......@@ -150,7 +150,7 @@
*
* Enable weak ciphersuites in SSL / TLS
* Warning: Only do so when you know what you are doing. This allows for
* channels without virtually no security at all!
* channels with virtually no security at all!
*
* This enables the following ciphersuites:
* TLS_RSA_WITH_DES_CBC_SHA
......@@ -345,7 +345,7 @@
/**
* \def POLARSSL_BIGNUM_C
*
* Enable the multo-precision integer library.
* Enable the multi-precision integer library.
*
* Module: library/bignum.c
* Caller: library/dhm.c
......@@ -738,7 +738,7 @@
*/
#define POLARSSL_SSL_CLI_C
/*
/**
* \def POLARSSL_SSL_SRV_C
*
* Enable the SSL/TLS server code.
......
......@@ -220,7 +220,7 @@ int des3_crypt_cbc( des3_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
......
......@@ -225,7 +225,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
int dhm_calc_secret( dhm_context *ctx,
unsigned char *output, size_t *olen );
/*
/**
* \brief Free the components of a DHM key
*/
void dhm_free( dhm_context *ctx );
......
......@@ -104,7 +104,7 @@ int pkcs11_decrypt( pkcs11_context *ctx,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len );
size_t output_max_len );
/**
* \brief Do a private RSA to sign a message digest
......@@ -134,7 +134,7 @@ int pkcs11_sign( pkcs11_context *ctx,
*/
static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
unsigned int output_max_len )
size_t output_max_len )
{
return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output,
output_max_len );
......
......@@ -167,6 +167,9 @@ extern "C" {
/**
* \brief Initialize an RSA context
*
* Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP
* encryption scheme and the RSASSA-PSS signature scheme.
*
* \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
......
......@@ -116,8 +116,8 @@
#define SSL_LEGACY_RENEGOTIATION 0
#define SSL_SECURE_RENEGOTIATION 1
#define SSL_RENEGOTIATION_ENABLED 0
#define SSL_RENEGOTIATION_DISABLED 1
#define SSL_RENEGOTIATION_DISABLED 0
#define SSL_RENEGOTIATION_ENABLED 1
#define SSL_LEGACY_NO_RENEGOTIATION 0
#define SSL_LEGACY_ALLOW_RENEGOTIATION 1
......@@ -852,7 +852,8 @@ void ssl_set_min_version( ssl_context *ssl, int major, int minor );
* (Default: SSL_RENEGOTIATION_DISABLED)
*
* Note: A server with support enabled is more vulnerable for a
* resource DoS by a malicious client.
* resource DoS by a malicious client. You should enable this on
* a client to enable server-initiated renegotiation.
*
* \param ssl SSL context
* \param renegotiation Enable or disable (SSL_RENEGOTIATION_ENABLED or
......@@ -883,8 +884,9 @@ void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
* (Most secure option, interoperability issues)
*
* \param ssl SSL context
* \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION or
* SSL_ALLOW_LEGACY_RENEGOTIATION)
* \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION,
* SSL_ALLOW_LEGACY_RENEGOTIATION or
* SSL_LEGACY_BREAK_HANDSHAKE)
*/
void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy );
......@@ -999,7 +1001,7 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
* (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL)
* \param message The alert message (SSL_ALERT_MSG_*)
*
* \return 1 if successful, or a specific SSL error code.
* \return 0 if successful, or a specific SSL error code.
*/
int ssl_send_alert_message( ssl_context *ssl,
unsigned char level,
......
......@@ -39,16 +39,16 @@
*/
#define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 2
#define POLARSSL_VERSION_PATCH 0
#define POLARSSL_VERSION_PATCH 1
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define POLARSSL_VERSION_NUMBER 0x01020000
#define POLARSSL_VERSION_STRING "1.2.0"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.0"
#define POLARSSL_VERSION_NUMBER 0x01020100
#define POLARSSL_VERSION_STRING "1.2.1"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.1"
#if defined(POLARSSL_VERSION_C)
......
......@@ -641,7 +641,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix,
*/
const char *x509_oid_get_description( x509_buf *oid );
/*
/**
* \brief Give an OID, return a string version of its OID number.
*
* \param buf Buffer to write to
......@@ -680,7 +680,7 @@ int x509parse_time_expired( const x509_time *time );
* (void *parameter, x509_cert *crt, int certificate_depth,
* int *flags). With the flags representing current flags for
* that specific certificate and the certificate depth from
* the top (Trust CA depth = 0).
* the bottom (Peer cert depth = 0).
*
* All flags left after returning from the callback
* are also returned to the application. The function should
......
......@@ -97,7 +97,7 @@ int xtea_crypt_cbc( xtea_context *ctx,
unsigned char *input,
unsigned char *output);
/*
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
......
......@@ -57,7 +57,7 @@ add_library(polarssl STATIC ${src})
else(NOT USE_SHARED_POLARSSL_LIBRARY)
add_library(polarssl SHARED ${src})
set_target_properties(polarssl PROPERTIES VERSION 1.2.0 SOVERSION 2)
set_target_properties(polarssl PROPERTIES VERSION 1.2.1 SOVERSION 2)
endif(NOT USE_SHARED_POLARSSL_LIBRARY)
......
......@@ -18,7 +18,9 @@ endif
# CFLAGS += -D_BSD_EXTENSION
# To compile as a shared library:
# CFLAGS += -fPIC
ifdef SHARED
CFLAGS += -fPIC
endif
SONAME=libpolarssl.so.0
......@@ -51,7 +53,11 @@ OBJS= aes.o arc4.o asn1parse.o \
.SILENT:
ifndef SHARED
all: static
else
all: shared
endif
static: libpolarssl.a
......
......@@ -1195,9 +1195,9 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B )
if( R != NULL )
{
mpi_shift_r( &X, k );
X.s = A->s;
mpi_copy( R, &X );
R->s = A->s;
if( mpi_cmp_int( R, 0 ) == 0 )
R->s = 1;
}
......@@ -1212,10 +1212,6 @@ cleanup:
/*
* Division by int: A = Q * b + R
*
* Returns 0 if successful
* 1 if memory allocation failed
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
*/
int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b )
{
......
......@@ -194,7 +194,7 @@ int ctr_drbg_update_internal( ctr_drbg_context *ctx,
/*
* Increase counter
*/
for( i = CTR_DRBG_BLOCKSIZE; i >= 0; i-- )
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 )
break;
......
/*
* Error message information
*
* Copyright (C) 2006-2010, Brainspark B.V.
* Copyright (C) 2006-2012, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
......@@ -553,4 +553,4 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
}
#endif /* POLARSSL_VERBOSE_ERROR */
#endif /* POLARSSL_ERROR_C */
......@@ -115,7 +115,7 @@ int pkcs11_decrypt( pkcs11_context *ctx,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len )
size_t output_max_len )
{
size_t input_len, output_len;
......
......@@ -794,6 +794,9 @@ int rsa_pkcs1_sign( rsa_context *ctx,
hlen = md_get_size( md_info );
slen = hlen;
if( olen < hlen + slen + 2 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
memset( sig, 0, olen );
memset( &md_ctx, 0, sizeof( md_context_t ) );
......
......@@ -2984,8 +2984,6 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
/*
* Wrapper for x509 hashes.
*
* \param out Buffer to receive the hash (Should be at least 64 bytes)
*/
static void x509_hash( const unsigned char *in, size_t len, int alg,
unsigned char *out )
......@@ -3116,12 +3114,12 @@ int x509_wildcard_verify( const char *cn, x509_buf *name )
static int x509parse_verify_top(
x509_cert *child, x509_cert *trust_ca,
x509_crl *ca_crl, int *path_cnt, int *flags,
x509_crl *ca_crl, int path_cnt, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *),
void *p_vrfy )
{
int hash_id, ret;
int ca_flags = 0;
int ca_flags = 0, check_path_cnt = path_cnt + 1;
unsigned char hash[64];
if( x509parse_time_expired( &child->valid_to ) )
......@@ -3143,8 +3141,19 @@ static int x509parse_verify_top(
continue;
}
/*
* Reduce path_len to check against if top of the chain is
* the same as the trusted CA
*/
if( child->subject_raw.len == trust_ca->subject_raw.len &&
memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
child->issuer_raw.len ) == 0 )
{
check_path_cnt--;
}
if( trust_ca->max_pathlen > 0 &&
trust_ca->max_pathlen < *path_cnt )
trust_ca->max_pathlen < check_path_cnt )
{
trust_ca = trust_ca->next;
continue;
......@@ -3168,7 +3177,13 @@ static int x509parse_verify_top(
break;
}
if( trust_ca != NULL )
/*
* If top of chain is not the same as the trusted CA
*/
if( trust_ca != NULL &&
( child->subject_raw.len != trust_ca->subject_raw.len ||
memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
child->issuer_raw.len ) != 0 ) )
{
/* Check trusted CA's CRL for then chain's top crt */
*flags |= x509parse_verifycrl( child, trust_ca, ca_crl );
......@@ -3188,7 +3203,7 @@ static int x509parse_verify_top(
if( NULL != f_vrfy )
{
if( ( ret = f_vrfy( p_vrfy, trust_ca, 0, &ca_flags ) ) != 0 )
if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 )
return( ret );
}
}
......@@ -3196,12 +3211,10 @@ static int x509parse_verify_top(
/* Call callback on top cert */
if( NULL != f_vrfy )
{
if( ( ret = f_vrfy(p_vrfy, child, 1, flags ) ) != 0 )
if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 )
return( ret );
}
*path_cnt = 2;
*flags |= ca_flags;
return( 0 );
......@@ -3209,7 +3222,7 @@ static int x509parse_verify_top(
static int x509parse_verify_child(
x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
x509_crl *ca_crl, int *path_cnt, int *flags,
x509_crl *ca_crl, int path_cnt, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *),
void *p_vrfy )
{
......@@ -3248,28 +3261,26 @@ static int x509parse_verify_child(
break;
}
(*path_cnt)++;
if( grandparent != NULL )
{
/*
* Part of the chain
*/
ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt, &parent_flags, f_vrfy, p_vrfy );
ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
if( ret != 0 )
return( ret );
}
else
{
ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt, &parent_flags, f_vrfy, p_vrfy );
ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
if( ret != 0 )
return( ret );
}
/* child is verified to be a child of the parent, call verify callback */
if( NULL != f_vrfy )
if( ( ret = f_vrfy( p_vrfy, child, *path_cnt, flags ) ) != 0 )
if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
return( ret );
(*path_cnt)++;
*flags |= parent_flags;
......@@ -3288,7 +3299,7 @@ int x509parse_verify( x509_cert *crt,
{
size_t cn_len;
int ret;
int pathlen = 1;
int pathlen = 0;
x509_cert *parent;
x509_name *name;
x509_sequence *cur = NULL;
......@@ -3370,13 +3381,13 @@ int x509parse_verify( x509_cert *crt,
/*
* Part of the chain
*/
ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, &pathlen, flags, f_vrfy, p_vrfy );
ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
if( ret != 0 )
return( ret );
}
else
{
ret = x509parse_verify_top( crt, trust_ca, ca_crl, &pathlen, flags, f_vrfy, p_vrfy );
ret = x509parse_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
if( ret != 0 )
return( ret );
}
......
......@@ -146,8 +146,6 @@ int x509_write_name( unsigned char **p, unsigned char *start, char *oid,
/*
* Wrapper for x509 hashes.
*
* \param out Buffer to receive the hash (Should be at least 64 bytes)
*/
static void x509_hash( const unsigned char *in, size_t len, int alg,
unsigned char *out )
......
......@@ -298,6 +298,7 @@ int main( int argc, char *argv[] )
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
{
printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
ssl_free( &ssl );
goto exit;
}
}
......@@ -313,12 +314,14 @@ int main( int argc, char *argv[] )
if( ret == -1 )
{
printf( " failed\n ! x509parse_cert_info returned %d\n\n", ret );
ssl_free( &ssl );
goto exit;
}
printf( "%s\n", buf );
ssl_close_notify( &ssl );
ssl_free( &ssl );
}
else
goto usage;
......@@ -329,7 +332,6 @@ exit:
net_close( server_fd );
x509_free( &clicert );
rsa_free( &rsa );
ssl_free( &ssl );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
......
#!/usr/bin/perl
# Detect comment blocks that are likely meant to be doxygen blocks but aren't.
#
# More precisely, look for normal comment block containing '\'.
# Of course one could use doxygen warnings, eg with:
# sed -e '/EXTRACT/s/YES/NO/' doxygen/polarssl.doxyfile | doxygen -
# but that would warn about any undocumented item, while our goal is to find
# items that are documented, but not marked as such by mistake.
use warnings;
use strict;
use File::Basename;
# header files in the following directories will be checked
my @directories = qw(include/polarssl library doxygen/input);
# very naive pattern to find directives:
# everything with a backslach except '\0'
my $doxy_re = qr/\\(?!0)/;
sub check_file {
my ($fname) = @_;
open my $fh, '<', $fname or die "Failed to open '$fname': $!\n";
# first line of the last normal comment block,
# or 0 if not in a normal comment block
my $block_start = 0;
while (my $line = <$fh>) {
$block_start = $. if $line =~ m/\/\*(?![*!])/;
$block_start = 0 if $line =~ m/\*\//;
if ($block_start and $line =~ m/$doxy_re/) {
print "$fname:$block_start: directive on line $.\n";
$block_start = 0; # report only one directive per block
}
}
close $fh;
}
sub check_dir {
my ($dirname) = @_;
for my $file (<$dirname/*.[ch]>) {