TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-05 20:15:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
31a2d14b92be6bbf66f3103bbdb04fb3aa26d72f
mbedtls/library
History
Gilles Peskine 31a2d14b92 RSA PSS: fix first byte check for keys of size 8N+1 
For a key of size 8N+1, check that the first byte after applying the
public key operation is 0 (it could have been 1 instead). The code was
incorrectly doing a no-op check instead, which led to invalid
signatures being accepted. Not a security flaw, since you would need the
private key to craft such an invalid signature, but a bug nonetheless.
2017-10-19 15:43:53 +02:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
aesni.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
arc4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
asn1parse.c
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-12 17:45:29 +01:00
asn1write.c
Fix potential double free in cert writing code
2015-12-10 11:24:35 +01:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-20 21:51:18 +00:00
bignum.c
Merge remote-tracking branch 'hanno/mpi_read_file_underflow_backport-2.1' into mbedtls-2.1
2017-06-08 19:51:19 +02:00
blowfish.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
camellia.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ccm.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
certs.c
X.509 self-tests: replaced SHA-1 certificates by SHA-256
2017-06-06 19:08:23 +02:00
cipher_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
cipher.c
Fix integer overflows in buffer bound checks
2017-02-20 21:49:01 +00:00
CMakeLists.txt
Update version number to 2.1.9
2017-08-10 11:51:47 +01:00
ctr_drbg.c
Fix integer overflows in buffer bound checks
2017-02-20 21:49:01 +00:00
debug.c
Fix macroization of inline in C++
2015-10-05 11:41:36 +01:00
des.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
dhm.c
Backport 2.1: Check rc of mbedtls_mpi_fill_random
2017-07-20 01:25:53 +02:00
ecdh.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecdsa.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecp_curves.c
ECP: Prevent freeing a buffer on stack
2017-02-28 18:56:35 +00:00
ecp.c
Backport 2.1: Check rc of mbedtls_mpi_fill_random
2017-07-20 01:25:53 +02:00
entropy_poll.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
entropy.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:14:55 +01:00
error.c
Only return VERIFY_FAILED from a single point
2017-07-28 12:20:48 +01:00
gcm.c
Backport 2.1: check if iv is zero in gcm.
2017-07-20 00:30:44 +02:00
havege.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
hmac_drbg.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Makefile
Make ar invocation more portable
2016-01-08 14:52:14 +01:00
md2.c
Fix integer overflows in buffer bound checks
2017-02-20 21:49:01 +00:00
md4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md5.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
memory_buffer_alloc.c
Fixes memory leak in memory_buffer_alloc.c debug
2016-05-05 17:51:09 +01:00
net.c
Clarify Comments and Fix Typos (#651)
2017-02-25 19:44:47 +00:00
oid.c
Fix typo in an OID name
2015-11-02 05:58:10 +09:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Fix unused variable/function compilation warnings
2017-02-25 19:48:32 +00:00
pk_wrap.c
Fix data loss in unsigned int cast in PK
2017-02-25 20:37:43 +00:00
pk.c
Fix data loss in unsigned int cast in PK
2017-02-25 20:37:43 +00:00
pkcs5.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Fix stack buffer overflow in pkcs12
2015-09-28 19:47:50 +02:00
pkparse.c
Clarify Comments and Fix Typos (#651)
2017-02-25 19:44:47 +00:00
pkwrite.c
Fix other occurrences of same bounds check issue
2015-11-02 10:43:03 +09:00
platform.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ripemd160.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
rsa.c
RSA PSS: fix first byte check for keys of size 8N+1
2017-10-19 15:43:53 +02:00
sha1.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
sha256.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
sha512.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_cache.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_ciphersuites.c
Undo API change
2017-06-20 19:33:51 +01:00
ssl_cli.c
Fix mbedtls_ssl_read
2017-06-08 14:04:22 +01:00
ssl_cookie.c
Backport 2.1:Resource leak in ssl_cookie and mutex
2017-03-02 21:11:16 +00:00
ssl_srv.c
Merge remote-tracking branch 'gilles/iotssl-1223/mbedtls-2.1' into mbedtls-2.1
2017-06-06 20:12:51 +02:00
ssl_ticket.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ssl_tls.c
Dont send alert on invalid DTLS record type
2017-09-15 10:57:29 +01:00
threading.c
Fix bug in threading sample implementation #667
2017-05-15 13:22:51 +01:00
timing.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
version_features.c
Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature
2016-10-13 10:35:34 +01:00
version.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-11-02 10:43:03 +09:00
x509_crl.c
Fix potential integer overflow parsing DER CRL
2017-07-26 17:56:42 +01:00
x509_crt.c
Improve comments
2017-07-28 12:20:48 +01:00
x509_csr.c
Prevent signed integer overflow in CSR parsing
2017-07-26 17:59:20 +01:00
x509.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:14:55 +01:00
x509write_crt.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:14:55 +01:00
x509write_csr.c
Add missing bounds check in X509 DER write funcs
2016-10-11 16:52:06 +01:00
xtea.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00