Gilles Peskine 
							
						 
					 
					
						
						
							
						
						7fb29b17c7 
					 
					
						
						
							
							Merge branch 'development' into development-restricted  
						
						
						
						
					 
					
						2017-11-28 18:46:09 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						7ca6d1fdd4 
					 
					
						
						
							
							Merge remote-tracking branch 'upstream-restricted/pr/399' into development-restricted  
						
						
						
						
					 
					
						2017-11-28 14:17:53 +01:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
							
						
						65112b15e6 
					 
					
						
						
							
							Adress Hannos's comments  
						
						... 
						
						
						
						Remove zeroizing buffer, as it was done already in PR #369 
Check that buffer is not null by `!= NULL` statement 
						
						
					 
					
						2017-09-06 17:09:41 +03:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
							
						
						9d84b4c102 
					 
					
						
						
							
							update after Andres comments  
						
						... 
						
						
						
						Update after Andres coments:
1. zeroize the buffer in `mbedtls_pem_read_buffer()` before freeing it
2. use `mbedtls_zeroize()` instead of `memset()` 
						
						
					 
					
						2017-09-05 17:17:31 +03:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
							
						
						31162e4423 
					 
					
						
						
							
							Set PEM buffer to zero before freeing it  
						
						... 
						
						
						
						Set PEM buffer to zero before freeing it, to avoid private keys
being leaked to memory after releasing it. 
						
						
					 
					
						2017-09-05 15:34:35 +03:00 
						 
				 
			
				
					
						
							
							
								Andres Amaya Garcia 
							
						 
					 
					
						
						
							
						
						92d46f0246 
					 
					
						
						
							
							Zeroize buf if mbedtls_base64_decode() fails  
						
						
						
						
					 
					
						2017-07-07 10:46:51 +01:00 
						 
				 
			
				
					
						
							
							
								Andres Amaya Garcia 
							
						 
					 
					
						
						
							
						
						8d08c4489e 
					 
					
						
						
							
							Change pem to use new MD API and check ret code  
						
						
						
						
					 
					
						2017-06-29 11:16:38 +01:00 
						 
				 
			
				
					
						
							
							
								Andres Amaya Garcia 
							
						 
					 
					
						
						
							
						
						03d70504ca 
					 
					
						
						
							
							Zeroize heap buf on failure in pem.c  
						
						
						
						
					 
					
						2017-06-26 11:44:54 +01:00 
						 
				 
			
				
					
						
							
							
								Andres AG 
							
						 
					 
					
						
						
							
						
						51a7ae1353 
					 
					
						
						
							
							Add missing ret code checks in PEM module  
						
						... 
						
						
						
						Add missing return code checks in the functions pem_des_decrypt(),
pem_3des_decrypt() and pem_aes_decrypt() so that the calling function
mbedtls_pem_read_buffer() is notified of errors reported by the crypto
primitives AES, DES and 3DES. 
						
						
					 
					
						2017-05-30 16:40:36 +01:00 
						 
				 
			
				
					
						
							
							
								Andres AG 
							
						 
					 
					
						
						
							
						
						c0db511820 
					 
					
						
						
							
							Fix unused variable/function compilation warnings  
						
						... 
						
						
						
						This PR fixes a number of unused variable/function compilation warnings
that arise when using a config.h that does not define the macro
MBEDTLS_PEM_PARSE_C. 
						
						
					 
					
						2017-02-15 22:54:42 +02:00 
						 
				 
			
				
					
						
							
							
								Andres AG 
							
						 
					 
					
						
						
							
						
						703990b839 
					 
					
						
						
							
							Fix buffer overreads in mbedtls_pem_read_buffer()  
						
						
						
						
					 
					
						2016-10-24 13:00:37 +01:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
							
						
						a45aa1399b 
					 
					
						
						
							
							Merge of IOTSSL-476 - Random malloc in pem_read()  
						
						
						
						
					 
					
						2015-10-05 00:26:36 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						37ff14062e 
					 
					
						
						
							
							Change main license to Apache 2.0  
						
						
						
						
					 
					
						2015-09-04 14:21:07 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						052d10c9d5 
					 
					
						
						
							
							Accept a trailing space at end of PEM lines  
						
						... 
						
						
						
						With certs being copy-pasted from webmails and all, this will probably become
more and more common.
closes  #226  
						
						
					 
					
						2015-07-31 11:11:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6fb8187279 
					 
					
						
						
							
							Update date in copyright line  
						
						
						
						
					 
					
						2015-07-28 17:11:58 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						ba56136b5c 
					 
					
						
						
							
							Avoid in-out length in base64  
						
						
						
						
					 
					
						2015-06-02 16:30:35 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6a8ca33fa5 
					 
					
						
						
							
							Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED  
						
						
						
						
					 
					
						2015-05-28 16:25:05 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7551cb9ee9 
					 
					
						
						
							
							Replace malloc with calloc  
						
						... 
						
						
						
						- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too 
						
						
					 
					
						2015-05-26 16:04:06 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						2cf5a7c98e 
					 
					
						
						
							
							The Great Renaming  
						
						... 
						
						
						
						A simple execution of tmp/invoke-rename.pl 
						
						
					 
					
						2015-04-08 13:25:31 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7f8099773e 
					 
					
						
						
							
							Rename include directory to mbedtls  
						
						
						
						
					 
					
						2015-03-10 11:23:56 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						fe44643b0e 
					 
					
						
						
							
							Rename website and repository  
						
						
						
						
					 
					
						2015-03-06 13:17:10 +00:00 
						 
				 
			
				
					
						
							
							
								Mansour Moufid 
							
						 
					 
					
						
						
							
						
						c531b4af3c 
					 
					
						
						
							
							Apply the semantic patch rm-malloc-cast.cocci.  
						
						... 
						
						
						
						for dir in library programs; do
        spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
        --in-place;
    done 
						
						
					 
					
						2015-02-16 10:43:52 +00:00 
						 
				 
			
				
					
						
							
							
								Rich Evans 
							
						 
					 
					
						
						
							
						
						ce2f237697 
					 
					
						
						
							
							change test function includes to use one convention  
						
						
						
						
					 
					
						2015-02-10 11:28:46 +00:00 
						 
				 
			
				
					
						
							
							
								Rich Evans 
							
						 
					 
					
						
						
							
						
						00ab47026b 
					 
					
						
						
							
							cleanup library and some basic tests. Includes, add guards to includes  
						
						
						
						
					 
					
						2015-02-10 11:28:46 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						860b51642d 
					 
					
						
						
							
							Fix url again  
						
						
						
						
					 
					
						2015-01-28 17:12:07 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						085ab040aa 
					 
					
						
						
							
							Fix website url to use https.  
						
						
						
						
					 
					
						2015-01-23 11:06:27 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9698f5852c 
					 
					
						
						
							
							Remove maintainer line.  
						
						
						
						
					 
					
						2015-01-23 10:59:00 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						19f6b5dfaa 
					 
					
						
						
							
							Remove redundant "all rights reserved"  
						
						
						
						
					 
					
						2015-01-23 10:54:00 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a658a4051b 
					 
					
						
						
							
							Update copyright  
						
						
						
						
					 
					
						2015-01-23 09:55:24 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						967a2a5f8c 
					 
					
						
						
							
							Change name to mbed TLS in the copyright notice  
						
						
						
						
					 
					
						2015-01-22 14:28:16 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						5b4af39a36 
					 
					
						
						
							
							Add _init() and _free() for hash modules  
						
						
						
						
					 
					
						2014-07-09 10:19:23 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c7ea99af4f 
					 
					
						
						
							
							Add _init() and _free() for cipher modules  
						
						
						
						
					 
					
						2014-07-09 10:19:22 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						3461772559 
					 
					
						
						
							
							Introduce polarssl_zeroize() instead of memset() for zeroization  
						
						
						
						
					 
					
						2014-06-14 16:46:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						14b16c62e9 
					 
					
						
						
							
							Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker)  
						
						... 
						
						
						
						Move strlen out of for loop.
Remove redundant null checks before free. 
						
						
					 
					
						2014-05-28 11:34:33 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b9e4e2c97a 
					 
					
						
						
							
							Fix formatting: fix some 'easy' > 80 length lines  
						
						
						
						
					 
					
						2014-05-01 14:18:25 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cef4ad2509 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1630058dde 
					 
					
						
						
							
							Potential buffer overwrite in pem_write_buffer() fixed  
						
						... 
						
						
						
						Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this. 
						
						
					 
					
						2014-04-11 13:58:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						7dc4c44267 
					 
					
						
						
							
							Library files moved to use platform layer  
						
						
						
						
					 
					
						2014-02-06 13:20:16 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						cff6842b39 
					 
					
						
						
							
							POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C  
						
						
						
						
					 
					
						2013-09-16 13:36:18 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						77e23fb0e0 
					 
					
						
						
							
							Move *_pemify() function to PEM module  
						
						
						
						
					 
					
						2013-09-15 20:03:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						92cb1d3a91 
					 
					
						
						
							
							Make CBC an option, step 3: individual ciphers  
						
						
						
						
					 
					
						2013-09-13 17:25:43 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7d4e5b739e 
					 
					
						
						
							
							Simplify password check in pem_read_buffer()  
						
						
						
						
					 
					
						2013-07-09 16:42:35 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f8648d51b1 
					 
					
						
						
							
							Fix undocumented feature of pem_read_buffer()  
						
						... 
						
						
						
						Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too,
and may even work with similar enough structures when they appear. 
						
						
					 
					
						2013-07-08 17:32:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						6e339b52e8 
					 
					
						
						
							
							Memory-allocation abstraction layer and buffer-based allocator added  
						
						
						
						
					 
					
						2013-07-03 17:22:31 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b6c5d2e1a6 
					 
					
						
						
							
							Cleanup up non-prototyped functions (static) and const-correctness  
						
						... 
						
						
						
						More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code. 
						
						
					 
					
						2013-06-25 16:25:17 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						cf445ffc4e 
					 
					
						
						
							
							Added missing free()  
						
						... 
						
						
						
						(cherry picked from commit ff3a4b010b 
						
						
					 
					
						2013-06-25 15:06:53 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						00b2860e8d 
					 
					
						
						
							
							pem_read_buffer() already update use_len after header and footer are read  
						
						... 
						
						
						
						After header and footer are read, pem_read_buffer() is able to determine
the length of input data used. This allows calling functions to skip
this PEM bit if an error occurs during its parsing.
(cherry picked from commit 9255e8300e 
						
						
					 
					
						2013-06-24 19:09:25 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						3c2122ff9d 
					 
					
						
						
							
							Fixed const correctness issues that have no impact on the ABI  
						
						... 
						
						
						
						(cherry picked from commit eae09db9e5 
						
						
					 
					
						2013-06-24 19:09:24 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						6c0ceb3f9a 
					 
					
						
						
							
							-  Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error  
						
						
						
						
					 
					
						2011-12-04 12:24:18 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9d781407bc 
					 
					
						
						
							
							- A error_strerror function() has been added to translate between error codes and their description.  
						
						... 
						
						
						
						- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers. 
						
						
					 
					
						2011-05-09 16:17:09 +00:00