8d31e80da4
Improve testing strategy
...
- reference handshake tests that we get the right values (not much now, but
much more later when we get to deriving the PMS)
- random handshake in addition tests our generate/write functions against our
read functions, that are tested by the reference handshake, and will be
further tested in the test suite later against invalid inputs
2015-09-07 12:43:10 +02:00
1a7c5ef42b
Optimize some case of mbedtls_ecp_muladd()
...
Those are used by EC-JPAKE
2015-09-07 12:43:10 +02:00
cb7cd03412
Add first draft or read_server_params
2015-09-07 12:43:10 +02:00
23dcbe3f16
Add support for passphrase in the context
2015-09-07 12:43:10 +02:00
4e8bc78ad9
Add context-using functions for Hello extensions
...
Also re-order functions in the header so that they appear in the order they're
use, ie free() last.
2015-09-07 12:43:10 +02:00
7af8bc1007
Start introducing mbedtls_ecjpake_context
2015-09-07 12:43:10 +02:00
3aed1851b3
Re-order functions.
...
Use the same order for all read-write pair of functions
2015-09-07 12:43:09 +02:00
9028c5af9a
Improve const correctness of read() functions
2015-09-07 12:43:09 +02:00
082767ff0c
Add ecjpake_kkpp_read/write
2015-09-07 12:43:09 +02:00
4f2cd95e1d
Fix potential memory leaks
2015-09-07 12:43:09 +02:00
b1b250b68c
Add ecjpake_kkp_read/write()
2015-09-07 12:43:09 +02:00
967cd7192d
Add test vector for ZKP verification
2015-09-07 12:43:09 +02:00
6029a85572
Add ecjpake_zpk_read()
...
Not really tested yet
2015-09-07 12:43:09 +02:00
c618195bc4
Fix base point in ecjpake_write_zkp()
2015-09-07 12:43:09 +02:00
d9a3f47ecd
Add mbedtls_ecp_gen_keypair_base()
2015-09-07 12:43:09 +02:00
8489f17277
First draft of ecjpake_write_zkp()
2015-09-07 12:43:09 +02:00
3dbf2fbb89
Implement hashing function for ZKP
2015-09-07 12:43:09 +02:00
4d8685b4ff
Add skeleton for EC J-PAKE module
2015-09-07 12:43:09 +02:00
7f2f062a5d
Fix possible client crash on API misuse
2015-09-07 12:27:24 +02:00
14d800507a
Remove "private" setting from module.json
2015-09-04 15:35:47 +02:00
0a0c22e0ef
Add ChangeLog entry about license change
2015-09-04 14:38:26 +02:00
aac5502553
Bump version to 2.1.0
2015-09-04 14:33:31 +02:00
67e4652bfc
Fix bug in bump_version.sh
...
Missing quotes around "version" in module.json
2015-09-04 14:31:16 +02:00
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
f9c599cd8a
Bump yotta patch version
2015-09-03 16:45:26 +02:00
2d43479ac5
Merge branch 'development' of ssh://github.com/ARMmbed/mbedtls into development
2015-09-03 13:08:55 +01:00
1a66081d7f
Merge branch 'iotssl-457-badtail' into development
2015-09-03 13:08:09 +01:00
52754594b6
Merging iotssl-457-badtail with development branch
2015-09-03 13:06:01 +01:00
f851f14214
Moe top-level Readme to markdown
...
For consistency
2015-09-03 13:29:45 +02:00
ed51594337
Merge pull request #265 from ARMmbed/iotssl-460-bugfixes
...
Iotssl 460 bugfixes
2015-09-02 23:36:36 +01:00
1662c4a338
Merge pull request #264 from ARMmbed/misc
...
Misc improvements
2015-09-02 17:51:23 +01:00
f459a0f5f2
Bump yotta patch version
2015-09-02 10:24:46 +02:00
b2beb84be6
Changelog entry fro the previous commit
2015-09-01 19:37:32 +02:00
f81ee2eba8
Add NULL checks to top-level SSL functions
...
On normal use these should never be useful, but if the application has issues,
it's best for us to return an error than to crash.
2015-09-01 17:43:40 +02:00
fdbdd72b8b
Skip to trusted certs early in the chain
...
This helps in the case where an intermediate certificate is directly trusted.
In that case we want to ignore what comes after it in the chain, not only for
performance but also to avoid false negatives (eg an old root being no longer
trusted while the newer intermediate is directly trusted).
closes #220
2015-09-01 17:24:42 +02:00
560fea3767
Add tests for verify callback
...
As we're about to change the chain construction logic, we want to make sure
the callback will still be called exactly when it should, and not on the
(upcoming) ignored certs in the chain.
2015-09-01 17:24:42 +02:00
4f202badec
Document the three libraries in Readme
...
see #266
2015-09-01 10:27:16 +02:00
c881ca8502
Document how to build shared libs with CMake
...
Also updated
https://tls.mbed.org/kb/compiling-and-building/how-do-i-build-compile-mbedtls
closes #267
2015-09-01 10:08:28 +02:00
5f5e0ec3f1
Improve mbedtls_ssl_write() documentation
2015-08-31 20:47:04 +02:00
a2cda6bfaf
Add mbedtls_ssl_get_max_frag_len()
...
This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing.
2015-08-31 20:47:04 +02:00
7b23c51595
Print "thread ID" in debug messages
...
closes #218
2015-08-31 16:17:33 +02:00
d68434efba
Disable some tests with valgrind
...
Tends to cause spurious failures on buildbots due to peer timing out.
Anyway, those tests are mainly for interop, any memory error is most likely
catched by some earlier self-op test. (Also, we'll run these tests with ASan
anyway.)
2015-08-31 12:48:22 +02:00
bb83844a1d
Clarify that there are two SSL I/O buffers
2015-08-31 12:46:01 +02:00
824ba72442
Only use -Wshadow with GCC 4.8 or higher
...
Before that, we get useless warnings about local variables shadowing extern
functions, which means we can't have a local variable called index when we
include string.h.
https://lkml.org/lkml/2006/11/28/239
https://gcc.gnu.org/gcc-4.8/changes.html
2015-08-31 10:34:27 +02:00
cf9ab63863
Fix error reporting in pkey/pk_* programs
2015-08-31 10:34:27 +02:00
ce7a08ba49
Fix more comments/outputs in verify programs
2015-08-31 10:34:27 +02:00
102a620c9a
Fix hash buffer size in pkey programs
2015-08-31 10:34:27 +02:00
d224ff1f63
Change default RSA key size in rsa_genkey
2015-08-31 10:34:27 +02:00
1d8f2da7df
Fix comments about filenames in some programs
2015-08-31 10:34:27 +02:00
d74c697035
Fix memory corruption in rsa sign/verify programs
...
We have no guarantee there is enough room in the argv strings.
Fixes #210
2015-08-31 10:34:27 +02:00
