mbedtls/library at f1aca9fdba2df0aaf2964b88140eb4ecc437dcd7 - mbedtls - D7

TeamHepta/mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-23 04:31:09 +01:00

Files

History

Manuel Pégourié-Gonnard 601128eb58 Fix potential memory overread in seed functions

The previous commit introduced a potential memory overread by reading
secret_len bytes from secret->p, while the is no guarantee that secret has
enough limbs for that.

Fix that by using an intermediate buffer and mpi_write_binary().

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

2020-06-19 10:56:55 +02:00

..

.gitignore

Split libs with make + general make cleanups

2015-06-25 10:59:56 +02:00

aes.c

Zeroize local AES variables before exiting the function

2019-11-12 03:23:51 -05:00

aesni.c

Fix build errors on x32 by using the generic 'add' instruction

2016-05-23 14:29:28 +01:00

arc4.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

asn1parse.c

Fix 1 byte overread in mbedtls_asn1_get_int()

2016-10-13 13:54:14 +01:00

asn1write.c

Fix ASN1 bitstring writing

2019-02-11 21:10:48 +00:00

base64.c

Add comment to integer overflow fix in base64.c

2017-02-15 23:31:07 +02:00

bignum.c

Clean up some comments

2020-06-09 11:54:20 +02:00

blowfish.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

camellia.c

Address user reported coverity issues.

2016-06-07 14:52:35 +01:00

ccm.c

enforce input and output of ccm selftest on stack

2018-07-30 11:43:08 +03:00

certs.c

Fix comment to match reality

2020-02-04 09:52:27 +01:00

cipher_wrap.c

Fix after PR comments

2018-06-21 14:03:14 +03:00

cipher.c

Remove redundant block_size validity check

2020-01-22 19:09:05 +01:00

cmac.c

Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7

2018-06-27 11:11:34 +01:00

CMakeLists.txt

Bump version to Mbed TLS 2.7.15

2020-04-08 17:22:51 +01:00

ctr_drbg.c

Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted

2020-01-15 16:59:10 +00:00

debug.c

Return from debugging functions if SSL context is unset

2018-08-23 14:57:39 +01:00

des.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

dhm.c

Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted

2018-01-26 18:43:04 +00:00

ecdh.c

Fix ecdh_get_params with mismatching group

2019-02-21 18:17:05 +01:00

ecdsa.c

ECDSA: Fix side channel vulnerability

2019-10-25 09:01:34 +01:00

ecjpake.c

Fix handling of md failure

2019-07-08 15:26:09 +02:00

ecp_curves.c

ECP: Add module and function level replacement options.

2017-05-11 22:42:14 +01:00

ecp.c

Fix potential memory overread in seed functions

2020-06-19 10:56:55 +02:00

entropy_poll.c

Add missing bracket

2018-11-05 12:17:15 +00:00

entropy.c

Merge branch 'development' into development-restricted

2018-01-25 17:28:31 +00:00

error.c

Add error condition for bad user configurations

2020-06-12 09:59:28 +02:00

gcm.c

Merge remote-tracking branch 'upstream-public/pr/964' into development

2018-01-02 16:24:29 +01:00

havege.c

Prevent building the HAVEGE module on platforms where it doesn't work

2019-07-05 11:33:10 +02:00

hmac_drbg.c

HMAC_DRBG: support set_entropy_len() before seed()

2019-10-23 18:01:25 +02:00

Makefile

Fix #2370 , minor typos and spelling mistakes

2019-02-18 15:57:54 +00:00

md2.c

MD: Make deprecated functions not inline

2018-02-22 08:20:42 +00:00

md4.c

MD: Make deprecated functions not inline

2018-02-22 08:20:42 +00:00

md5.c

Fix Lucky 13 cache attack on MD/SHA padding

2018-07-12 10:18:37 +02:00

md_wrap.c

New MD API: rename functions from _ext to _ret

2018-01-22 11:54:42 +01:00

md.c

Merge branch 'development' into development-restricted

2018-01-25 17:28:31 +00:00

memory_buffer_alloc.c

Fix braces in mbedtls_memory_buffer_alloc_status()

2018-05-23 16:32:33 +01:00

net_sockets.c

net_sockets: Fix typo in net_would_block()

2019-06-20 16:28:10 +01:00

oid.c

pkcs5v2: add support for additional hmacSHA algorithms

2018-02-08 17:18:15 +08:00

padlock.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pem.c

Merge remote-tracking branch 'upstream-public/pr/778' into mbedtls-2.7-proposed

2018-03-12 23:44:56 +01:00

pk_wrap.c

Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH

2018-03-30 18:43:16 +02:00

pk.c

Change PK module preprocessor check on word size

2017-08-04 13:32:15 +01:00

pkcs5.c

Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C

2018-10-16 13:53:58 +01:00

pkcs11.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pkcs12.c

Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C

2018-10-16 13:53:50 +01:00

pkparse.c

Fix pkparse bug wrt MBEDTLS_RSA_ALT

2020-02-18 11:27:08 +01:00

pkwrite.c

Fix pk_write with an EC key to write a constant-length private value

2018-09-04 11:22:08 +02:00

platform.c

Omit runtime configuration of calloc/free if macro config enabled

2018-10-11 11:10:14 +01:00

ripemd160.c

MD: Make deprecated functions not inline

2018-02-22 08:20:42 +00:00

rsa_internal.c

Add explicit type cast to avoid truncation warning

2018-01-03 09:27:40 +00:00

rsa.c

Parse RSA parameters DP, DQ and QP from PKCS1 private keys

2020-01-29 13:13:04 -05:00

sha1.c

Fix Lucky 13 cache attack on MD/SHA padding

2018-07-12 10:18:37 +02:00

sha256.c

Fix Lucky 13 cache attack on MD/SHA padding

2018-07-12 10:18:37 +02:00

sha512.c

Fix Lucky 13 cache attack on MD/SHA padding

2018-07-12 10:18:37 +02:00

ssl_cache.c

Address PR review comments

2017-10-29 17:53:52 +02:00

ssl_ciphersuites.c

Reduce priority of 3DES ciphersuites

2019-02-13 09:52:46 +00:00

ssl_cli.c

ssl_client: Align line breaking with MBEDTLS_SSL_DEBUG_*

2020-06-12 10:00:16 +02:00

ssl_cookie.c

Uniformize bounds checks using new macro

2020-06-11 14:51:25 +02:00

ssl_srv.c

Fix #2370 , minor typos and spelling mistakes

2019-02-18 15:57:54 +00:00

ssl_ticket.c

Uniformize bounds checks using new macro

2020-06-11 14:51:25 +02:00

ssl_tls.c

Use defines to check alpn ext list validity

2020-06-12 10:00:04 +02:00

threading.c

Do not define and initialize global mutexes on configurations that do not use them.

2018-03-21 15:13:08 +00:00

timing.c

timing: Remove redundant include file

2019-06-20 16:28:10 +01:00

version_features.c

Add config.h option MBEDTLS_ECP_NO_INTERNAL_RNG

2020-06-19 10:05:16 +02:00

version.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

x509_create.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

x509_crl.c

Always return a high-level error code from X.509 module

2019-06-04 14:03:27 +01:00

x509_crt.c

Guard from undefined behaviour in case of an INT_MAX max_pathlen

2020-04-17 11:30:21 +02:00

x509_csr.c

Fix CSR parsing header call

2018-12-05 23:23:39 +00:00

x509.c

Correct comment on the configuration option in x509.c

2020-03-28 00:43:40 +00:00

x509write_crt.c

Change size of preallocated buffer for pk_sign() calls

2019-06-06 13:06:46 +02:00

x509write_csr.c

Add missing return code check on call to mbedtls_md()

2020-01-22 19:06:32 +01:00

xtea.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00