Commits · b4fae579e8fd72b5e57864d28b5b2c07bad5ce27 · BC / public / external / mbedtls

22 Jan, 2014 9 commits
- Add pk_rsa_set_padding() and rsa_set_padding() · b4fae579
  Manuel Pégourié-Gonnard authored Jan 20, 2014
  
  b4fae579
- Remove a few dead stores · 7c59363a
  Manuel Pégourié-Gonnard authored Jan 20, 2014
  
  7c59363a
- Fix potential memory leak in bignum selftest · 9e987edf
  Manuel Pégourié-Gonnard authored Jan 20, 2014
  
  9e987edf
- Fix misplaced initialisation. · fd6a1913
  Manuel Pégourié-Gonnard authored Jan 18, 2014
```
If one of the calls to mpi_grow() before setting Apos would fail, then
mpi_free( &Apos ) would be executed without Apos being initialised.
```
  fd6a1913
- Fix missing error checking in gcm · 073f0fa2
  Manuel Pégourié-Gonnard authored Jan 18, 2014
  
  073f0fa2
- Add #ifs arround ssl_ciphersuite_uses_XXX() · 280f95bd
  Manuel Pégourié-Gonnard authored Jan 18, 2014
  
  280f95bd
- Add a length check in ssl_derive_keys() · 7cfdcb8c
  Manuel Pégourié-Gonnard authored Jan 18, 2014
  
  7cfdcb8c
- Gitignore ssl_pthread_server · 2f5217ea
  Manuel Pégourié-Gonnard authored Jan 18, 2014
  
  2f5217ea
- Enable cmake tests with Clang too · bd0de942
  Manuel Pégourié-Gonnard authored Jan 18, 2014
  
  bd0de942
14 Jan, 2014 1 commit
- Clarified ssl_set_ciphersuites() doc for influencing preference as well · cf1d73b2
  Paul Bakker authored Jan 14, 2014
  
  cf1d73b2
13 Jan, 2014 1 commit
- Included GCM in API documentation for Enc/Dec · 4c52af24
  Paul Bakker authored Jan 13, 2014
  
  4c52af24
31 Dec, 2013 9 commits
- Added failure stub for uninitialized POLARSSL_THREADING_ALT functions · c78c8422
  Paul Bakker authored Dec 31, 2013
  
  c78c8422
- Removed POLARSSL_THREADING_DUMMY option · a8fd3e31
  Paul Bakker authored Dec 31, 2013
  
  a8fd3e31
- Rewrote check to prevent read of uninitialized data in · 4de44aa0
  Paul Bakker authored Dec 31, 2013
```
rsa_rsassa_pss_verify()
```
  4de44aa0
- Fixed potential overflow in certificate size in ssl_write_certificate() · 6992eb76
  Paul Bakker authored Dec 31, 2013
  
  6992eb76
- Added missing MPI_CHK() around some statements · 6ea1a95c
  Paul Bakker authored Dec 31, 2013
  
  6ea1a95c
- Prepped for 1.3.3 · 5bc07a3d
  Paul Bakker authored Dec 31, 2013
  
  5bc07a3d
- Added cast to socket() return value to prevent Windows warning · 00f5c52b
  Paul Bakker authored Dec 31, 2013
  
  00f5c52b
- Merged ECP memory usage optimizations · c7387913
  Paul Bakker authored Dec 31, 2013
  
  c7387913
- Initialize ebx and edx in padlock functions · 53e1513f
  Paul Bakker authored Dec 30, 2013
  
  53e1513f
30 Dec, 2013 20 commits
- Proper const modifier in test_suite_x509_csr_check() · 3a8cb6ff
  Paul Bakker authored Dec 30, 2013
  
  3a8cb6ff
- Fix a few unchecked return codes in EC · 26bc1c0f
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  26bc1c0f
- Made AES-NI bit-size specific key expansion functions static · 93759b04
  Paul Bakker authored Dec 30, 2013
  
  93759b04
- Add another option to reduce EC memory usage · 9e4191c3
  Manuel Pégourié-Gonnard authored Dec 30, 2013
```
Also document speed/memory trade-offs better.
```
  9e4191c3
- Add statistics about number of allocated blocks · 70896a02
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  70896a02
- Forced cast to unsigned int for %u format in the ecdsa application · caf0e609
  Paul Bakker authored Dec 30, 2013
  
  caf0e609
- Forced cast to unsigned int for %u format in ecp_selftest() · ec4bea7e
  Paul Bakker authored Dec 30, 2013
  
  ec4bea7e
- Position of -Werror is relevant · e1e962de
  Paul Bakker authored Dec 30, 2013
  
  e1e962de
- Fixed documentation issues found by clang · a36d23e2
  Paul Bakker authored Dec 30, 2013
  
  a36d23e2
- Support for CLANG compiler in CMakeLists.txt · 92bc875e
  Paul Bakker authored Dec 30, 2013
  
  92bc875e
- Lessen peak memory usage in EC by freeing earlier · 1f789b83
  Manuel Pégourié-Gonnard authored Dec 30, 2013
```
Cuts peak usage by 25% :)
```
  1f789b83
- Save some small memory allocations inside ecp_mul() · 72c172a1
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  72c172a1
- Properly put the pragma comment for the MSVC linker in defines · f0fc2a27
  Paul Bakker authored Dec 30, 2013
  
  f0fc2a27
- Removed 'z' length modifier from format in ecdsa program · 29e86eae
  Paul Bakker authored Dec 30, 2013
  
  29e86eae
- Removed 'z' length modifier from low-value size_t in ecp_selftest() · 92bcadb1
  Paul Bakker authored Dec 30, 2013
  
  92bcadb1
- Fixed superfluous return value in aesni.c · e7f51335
  Paul Bakker authored Dec 30, 2013
  
  e7f51335
- Only specify done label in aes.c when AES-NI is possible · 0d0de921
  Paul Bakker authored Dec 30, 2013
  
  0d0de921
- Only search for Pthread on Windows platforms · 3e72f6ef
  Paul Bakker authored Dec 30, 2013
  
  3e72f6ef
- Reduced the input / output overhead with 200+ bytes and covered corner · 956c9e06
  Paul Bakker authored Dec 19, 2013
```
case

The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.

Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.

We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
```
  956c9e06
- Added version of the SSL pthread server example · f9c4953e
  Paul Bakker authored Dec 19, 2013
  
  f9c4953e