TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-06 04:25:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
5d9224e11cb76712f4416da71715fec09aef12e7
mbedtls/library
History
Gilles Peskine 5d9224e11c RSA PSS: fix first byte check for keys of size 8N+1 
For a key of size 8N+1, check that the first byte after applying the
public key operation is 0 (it could have been 1 instead). The code was
incorrectly doing a no-op check instead, which led to invalid
signatures being accepted. Not a security flaw, since you would need the
private key to craft such an invalid signature, but a bug nonetheless.
2017-10-19 15:47:13 +02:00
..
.gitignore
Minor gitginore fixes
2015-01-28 15:34:01 +00:00
aes.c
Rename website and repository
2015-03-06 13:17:10 +00:00
aesni.c
Rename website and repository
2015-03-06 13:17:10 +00:00
arc4.c
Rename website and repository
2015-03-06 13:17:10 +00:00
asn1parse.c
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-13 12:54:32 +01:00
asn1write.c
Merge memory leak fix into branch 'mbedtls-1.3'
2016-01-02 00:28:19 +00:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-25 21:27:17 +00:00
bignum.c
Merge remote-tracking branch 'hanno/mpi_read_file_underflow_backport-1.3' into mbedtls-1.3
2017-06-08 19:54:29 +02:00
blowfish.c
Rename website and repository
2015-03-06 13:17:10 +00:00
camellia.c
Rename website and repository
2015-03-06 13:17:10 +00:00
ccm.c
Fix for MSVC Compiler warnings
2016-11-10 15:40:53 +00:00
certs.c
Rename website and repository
2015-03-06 13:17:10 +00:00
cipher_wrap.c
Rename website and repository
2015-03-06 13:17:10 +00:00
cipher.c
Fix integer overflows in buffer bound checks
2017-02-25 21:25:44 +00:00
CMakeLists.txt
Update version to 1.3.21
2017-08-10 11:52:14 +01:00
ctr_drbg.c
Fix integer overflows in buffer bound checks
2017-02-25 21:25:44 +00:00
debug.c
Revert "Avoid formatting debug message uselessly"
2015-08-10 17:36:47 +02:00
des.c
Rename website and repository
2015-03-06 13:17:10 +00:00
dhm.c
Backport 1.3: Check rc of mbedtls_mpi_fill_random
2017-07-20 01:26:53 +02:00
ecdh.c
Rename website and repository
2015-03-06 13:17:10 +00:00
ecdsa.c
Rename website and repository
2015-03-06 13:17:10 +00:00
ecp_curves.c
ECP: Prevent freeing a buffer on stack
2017-02-28 20:24:52 +00:00
ecp.c
Backport 1.3: Check rc of mbedtls_mpi_fill_random
2017-07-20 01:26:53 +02:00
entropy_poll.c
Fix -Wshadow warnings
2015-08-31 11:07:51 +02:00
entropy.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:08:16 +01:00
error.c
Only return VERIFY_FAILED from a single point
2017-07-28 13:15:57 +01:00
gcm.c
Backport 1.3: check if iv is zero in gcm.
2017-07-20 00:33:27 +02:00
havege.c
Rename website and repository
2015-03-06 13:17:10 +00:00
hmac_drbg.c
Fix use of deprecated function in the library
2015-03-20 18:23:52 +00:00
Makefile
Make ar invocation more portable
2016-01-08 15:28:40 +01:00
md2.c
Fix integer overflows in buffer bound checks
2017-02-25 21:25:44 +00:00
md4.c
Fix warning with MD/SHA ALT implementation
2015-08-31 11:22:47 +02:00
md5.c
Fix warning with MD/SHA ALT implementation
2015-08-31 11:22:47 +02:00
md_wrap.c
Rename website and repository
2015-03-06 13:17:10 +00:00
md.c
Add POLARSSL_DEPRECATED_{WARNING,REMOVED}
2015-03-23 14:11:11 +01:00
memory_buffer_alloc.c
Rename website and repository
2015-03-06 13:17:10 +00:00
net.c
Fix for net_usleep() timing selftest on mingw
2016-01-15 14:36:08 +00:00
oid.c
Fix typo in an OID name
2015-10-27 15:12:39 +01:00
padlock.c
Fix bug in Via Padlock support
2015-04-02 10:53:59 +01:00
pbkdf2.c
Add POLARSSL_DEPRECATED_{WARNING,REMOVED}
2015-03-23 14:11:11 +01:00
pem.c
Fix buffer overreads in mbedtls_pem_read_buffer()
2017-02-25 21:25:06 +00:00
pk_wrap.c
Fix data loss in unsigned int cast in PK
2017-02-15 10:44:02 +00:00
pk.c
Fix data loss in unsigned int cast in PK
2017-02-15 10:44:02 +00:00
pkcs5.c
Add missing 'const' on selftest data
2015-03-11 09:13:42 +00:00
pkcs11.c
Rename website and repository
2015-03-06 13:17:10 +00:00
pkcs12.c
Fix stack buffer overflow in pkcs12
2015-09-30 16:46:07 +02:00
pkparse.c
Fix bug in pk_parse_key()
2015-04-15 11:21:24 +02:00
pkwrite.c
Fix other occurrences of same bounds check issue
2015-10-27 11:47:37 +01:00
platform.c
Fix compile errors with NO_STD_FUNCTIONS
2015-06-03 10:20:33 +01:00
ripemd160.c
Rename website and repository
2015-03-06 13:17:10 +00:00
rsa.c
RSA PSS: fix first byte check for keys of size 8N+1
2017-10-19 15:47:13 +02:00
sha1.c
Fix warning with MD/SHA ALT implementation
2015-08-31 11:22:47 +02:00
sha256.c
Fix warning with MD/SHA ALT implementation
2015-08-31 11:22:47 +02:00
sha512.c
Fix warning with MD/SHA ALT implementation
2015-08-31 11:22:47 +02:00
ssl_cache.c
Rename website and repository
2015-03-06 13:17:10 +00:00
ssl_ciphersuites.c
Remember suitable hash function for any signature algorithm.
2017-05-24 10:47:54 +01:00
ssl_cli.c
Fix mbedtls_ssl_read
2017-06-08 15:59:38 +01:00
ssl_srv.c
Don't parse or write extensions in SSLv3
2017-06-09 15:30:29 +01:00
ssl_tls.c
Ensure application data records are not kept when fully processed
2017-06-09 10:52:45 +01:00
threading.c
Rename website and repository
2015-03-06 13:17:10 +00:00
timing.c
Increase tolerance of timing selftest
2015-08-19 14:48:34 +02:00
version_features.c
Update features list
2016-10-13 22:11:15 +01:00
version.c
Rename website and repository
2015-03-06 13:17:10 +00:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-10-27 11:47:37 +01:00
x509_crl.c
Fix potential integer overflow parsing DER CRL
2017-07-27 11:49:08 +01:00
x509_crt.c
Fix implementation-defined integer conversion
2017-07-28 13:15:57 +01:00
x509_csr.c
Prevent signed integer overflow in CSR parsing
2017-07-27 11:50:58 +01:00
x509.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:08:16 +01:00
x509write_crt.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:08:16 +01:00
x509write_csr.c
Add missing bounds check in X509 DER write funcs
2016-10-13 12:45:07 +01:00
xtea.c
Rename website and repository
2015-03-06 13:17:10 +00:00