mbedtls/library at dda475a00a0ae5cd4912b963d6bb03e82e5453c8 - mbedtls - D7

TeamHepta/mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-22 04:01:19 +01:00

Files

History

Gilles Peskine dda475a00a Remove SHA-1 in TLS by default

Default to forbidding the use of SHA-1 in TLS where it is unsafe: for
certificate signing, and as the signature hash algorithm for the TLS
1.2 handshake signature. SHA-1 remains allowed in HMAC-SHA-1 in the
XXX_SHA ciphersuites and in the PRF for TLS <= 1.1.

For easy backward compatibility for use in controlled environments,
turn on the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 compiled-time option.

2017-05-04 16:17:21 +02:00

..

.gitignore

Split libs with make + general make cleanups

2015-06-25 10:59:56 +02:00

aes.c

Fix unused variable in AES selftest when CBC and CFB disabled (#393 )

2016-06-22 16:48:16 +01:00

aesni.c

Fix build errors on x32 by using the generic 'add' instruction

2016-05-23 14:29:28 +01:00

arc4.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

asn1parse.c

Fix 1 byte overread in mbedtls_asn1_get_int()

2016-10-13 13:54:14 +01:00

asn1write.c

Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths

2016-08-25 15:42:27 +01:00

base64.c

Add comment to integer overflow fix in base64.c

2017-02-15 23:31:07 +02:00

bignum.c

Fix buffer overflow in mbedtls_mpi_write_string()

2017-03-02 21:34:21 +00:00

blowfish.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

camellia.c

Address user reported coverity issues.

2016-06-07 14:52:35 +01:00

ccm.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

certs.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

cipher_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

cipher.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

cmac.c

Update CMAC test vectors.

2017-02-15 22:55:30 +02:00

CMakeLists.txt

Update library version number to 2.4.1

2017-02-15 22:55:55 +02:00

ctr_drbg.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

debug.c

Fix compiler warning in debug.c

2017-02-15 09:08:26 +00:00

des.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

dhm.c

Corrected references for RSA and DHM

2016-01-20 00:44:42 +00:00

ecdh.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ecdsa.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ecjpake.c

Fix potential stack buffer overflow in ecjpake

2015-10-20 16:20:56 +02:00

ecp_curves.c

ECP: Prevent freeing a buffer on stack

2017-02-28 18:41:39 +00:00

ecp.c

Address user reported coverity issues.

2016-06-07 14:52:35 +01:00

entropy_poll.c

Renames null entropy source function for clarity

2016-06-12 00:31:33 +01:00

entropy.c

Fix unused variable warnings for null entropy config

2016-09-15 18:57:34 +01:00

error.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

gcm.c

Fix documentation for mbedtls_gcm_finish()

2016-10-13 13:54:47 +01:00

havege.c

Fixes warnings found by Clang static analyser

2016-05-23 23:18:26 +01:00

hmac_drbg.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

Makefile

Added cmac.o to libary/Makefile

2016-10-13 13:51:09 +01:00

md2.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

md4.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md5.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

memory_buffer_alloc.c

Fixes memory leak in memory_buffer_alloc.c debug

2016-05-23 14:29:29 +01:00

net_sockets.c

Fix formatting issues in net_sockets.c

2017-02-15 09:08:26 +00:00

oid.c

Removing in compile time unused entries from oid_ecp_grp list

2016-09-04 15:14:38 +01:00

padlock.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pem.c

Fix unused variable/function compilation warnings

2017-02-15 22:54:42 +02:00

pk_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pk.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pkcs5.c

Fix output of PKCS#5 and RIPEMD-160 self tests

2016-08-25 16:36:35 +01:00

pkcs11.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pkcs12.c

Shut up a few clang-analyze warnings about use of uninitialized variables

2016-05-23 14:29:28 +01:00

pkparse.c

Clarify Comments and Fix Typos (#651 )

2017-02-15 09:08:26 +00:00

pkwrite.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

platform.c

Fix various compiler warnings with MSVC

2017-02-15 09:08:26 +00:00

ripemd160.c

Fix output of PKCS#5 and RIPEMD-160 self tests

2016-08-25 16:36:35 +01:00

rsa.c

Restore P>Q in RSA key generation (#558 )

2016-10-13 13:54:48 +01:00

sha1.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

sha256.c

Use allocated memory for SHA self tests

2016-10-13 15:10:14 +01:00

sha512.c

Use allocated memory for SHA self tests

2016-10-13 15:10:14 +01:00

ssl_cache.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_ciphersuites.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_cli.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

ssl_cookie.c

Fix resource leak when using mutex and ssl_cookie

2017-03-02 12:26:11 +00:00

ssl_srv.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

ssl_ticket.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_tls.c

Remove SHA-1 in TLS by default

2017-05-04 16:17:21 +02:00

threading.c

Add safety check to sample mutex implementation

2016-10-13 13:51:07 +01:00

timing.c

Give better error messages for semi-portable parts

2016-02-22 10:47:32 +01:00

version_features.c

Merge fix for AEAD Random IVs

2016-10-14 00:48:33 +01:00

version.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

x509_create.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

x509_crl.c

Fix memory leak in mbedtls_x509_crl_parse()

2017-02-28 14:51:31 +00:00

x509_crt.c

Remove SHA-1 in TLS by default

2017-05-04 16:17:21 +02:00

x509_csr.c

Fix unused variable/function compilation warnings

2017-02-15 22:54:42 +02:00

x509.c

Fix buffer overread in mbedtls_x509_get_time()

2017-02-28 14:23:12 +00:00

x509write_crt.c

Add missing bounds check in X509 DER write funcs

2016-10-11 14:07:48 +01:00

x509write_csr.c

Add missing bounds check in X509 DER write funcs

2016-10-11 14:07:48 +01:00

xtea.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00