TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-06 20:46:32 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0be55a0549c01bea702249fafacde12188ace11d
mbedtls/library
History
Janos Follath 0be55a0549 Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature 
In a USENIX WOOT '16 paper the authors warn about a security risk
of random Initialisation Vectors (IV) repeating values.

The MBEDTLS_SSL_AEAD_RANDOM_IV feature is affected by this risk and
it isn't compliant with RFC5116. Furthermore, strictly speaking it
is a different cipher suite from the TLS (RFC5246) point of view.

Removing the MBEDTLS_SSL_AEAD_RANDOM_IV feature to resolve the above
problems.

Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky and Philipp
Jovanovic, "Nonce-Disrespecting Adversaries: Practical Forgery Attacks
on GCM in TLS", USENIX WOOT '16
2016-10-13 10:35:34 +01:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
aesni.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
arc4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
asn1parse.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
asn1write.c
Fix potential double free in cert writing code
2015-12-10 11:24:35 +01:00
base64.c
Fix references to non-standard SIZE_T_MAX
2015-10-05 15:23:11 +01:00
bignum.c
Improved on the previous fix and added a test case to cover both types
2016-01-08 14:48:01 +01:00
blowfish.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
camellia.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ccm.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
certs.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
cipher_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
cipher.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
CMakeLists.txt
Changed version number to version 2.1.5
2016-06-27 19:37:08 +01:00
ctr_drbg.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
debug.c
Fix macroization of inline in C++
2015-10-05 11:41:36 +01:00
des.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
dhm.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecdh.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecdsa.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecp_curves.c
Fix macroization of inline in C++
2015-10-05 11:41:36 +01:00
ecp.c
Optimize more common cases in ecp_muladd()
2015-10-27 10:30:36 +01:00
entropy_poll.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
entropy.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
error.c
DTLS: avoid dropping too many records
2015-12-03 19:22:55 +01:00
gcm.c
Fix wrong length limit in GCM
2015-12-10 15:08:37 +01:00
havege.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
hmac_drbg.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Makefile
Make ar invocation more portable
2016-01-08 14:52:14 +01:00
md2.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md5.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
memory_buffer_alloc.c
Fixes memory leak in memory_buffer_alloc.c debug
2016-05-05 17:51:09 +01:00
net.c
Fix compile error in net.c with musl libc
2015-10-05 12:17:49 +01:00
oid.c
Fix typo in an OID name
2015-11-02 05:58:10 +09:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Merge of IOTSSL-476 - Random malloc in pem_read()
2015-10-05 00:26:36 +01:00
pk_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pk.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs5.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Fix stack buffer overflow in pkcs12
2015-09-28 19:47:50 +02:00
pkparse.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkwrite.c
Fix other occurrences of same bounds check issue
2015-11-02 10:43:03 +09:00
platform.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ripemd160.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
rsa.c
Moved underflow test to better reflect time constant behaviour.
2016-05-18 19:33:39 +01:00
sha1.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
sha256.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
sha512.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_cache.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_ciphersuites.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_cli.c
Fix guards in SSL for ECDH key exchanges
2016-09-05 12:26:04 +03:00
ssl_cookie.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_srv.c
Fix guards in SSL for ECDH key exchanges
2016-09-05 12:26:04 +03:00
ssl_ticket.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_tls.c
Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature
2016-10-13 10:35:34 +01:00
threading.c
Add safety check to sample mutex implementation
2016-10-11 10:40:42 +01:00
timing.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
version_features.c
Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature
2016-10-13 10:35:34 +01:00
version.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-11-02 10:43:03 +09:00
x509_crl.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_crt.c
X509: Fix bug triggered by future CA among trusted
2016-07-14 13:19:46 +01:00
x509_csr.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509write_crt.c
Add missing bounds check in X509 DER write funcs
2016-10-11 16:52:06 +01:00
x509write_csr.c
Add missing bounds check in X509 DER write funcs
2016-10-11 16:52:06 +01:00
xtea.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00