TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-10 22:33:41 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
faf0b8604ac49456b0cff7a34ad27485ca145cce
mbedtls/library
History
Gilles Peskine faf0b8604a mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher 
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-18 19:07:50 +02:00
..
.gitignore
Add gitignore anchors to denote generated files
2023-07-06 17:58:18 +01:00
aes.c
Rename mbedtls_aesce_has_support macro to satisfy case rules
2023-08-20 20:20:12 +01:00
aesce.c
Use -1 as uninitialised marker
2023-08-20 20:20:12 +01:00
aesce.h
Rename mbedtls_aesce_has_support macro to satisfy case rules
2023-08-20 20:20:12 +01:00
aesni.c
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode
2023-08-18 20:55:44 +00:00
aesni.h
revert padlock from aesni module
2023-08-18 17:35:59 +08:00
alignment.h
Fix MBEDTLS_BSWAP32 on armcc 5
2023-07-11 14:06:37 +01:00
aria.c
asn1parse.c
asn1write.c
Read and write X25519 and X448 private keys
2023-05-04 13:01:47 +02:00
base64_internal.h
Move base64 test interfaces into base64_internal.h
2023-05-26 12:42:48 +01:00
base64.c
Move base64 test interfaces into base64_internal.h
2023-05-26 12:42:48 +01:00
bignum_core.c
Merge pull request #7578 from daverodgman/safer-ct5
2023-08-10 16:57:39 +00:00
bignum_core.h
Improve docs for mbedtls_mpi_core_cond_assign
2023-07-31 12:27:05 +01:00
bignum_mod_raw_invasive.h
bignum_mod_raw.c
Remove new bignum when not needed
2023-08-17 14:36:59 +01:00
bignum_mod_raw.h
bignum: Removed merge scaffolding.
2023-04-05 16:13:11 +01:00
bignum_mod.c
Remove new bignum when not needed
2023-08-17 14:36:59 +01:00
bignum_mod.h
bignum_mod: Added a typedef for OPT_RED function pointer.
2023-06-22 09:14:28 +01:00
bignum.c
Merge pull request #7996 from gilles-peskine-arm/small_primes-gaps
2023-08-22 12:48:56 +00:00
bn_mul.h
Merge pull request #7784 from daverodgman/aesce-unroll
2023-07-04 18:41:13 +01:00
camellia.c
ccm.c
Use fewer bits for block_size
2023-06-24 13:37:28 +01:00
chacha20.c
chachapoly.c
check_crypto_config.h
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
2023-07-11 14:06:00 +02:00
cipher_wrap.c
Make naming more consistent
2023-08-14 15:26:28 +01:00
cipher_wrap.h
code style
2023-06-24 13:37:28 +01:00
cipher.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
cmac.c
Merge pull request #1038 from Mbed-TLS/development
2023-07-21 15:40:36 +02:00
CMakeLists.txt
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
2023-08-16 09:19:46 +00:00
common.h
Fix error strings without quotes
2023-08-16 12:48:33 +01:00
constant_time_impl.h
Merge pull request #7579 from daverodgman/safer-ct-asm
2023-08-28 08:26:29 +00:00
constant_time_internal.h
Add aarch64 const-time asm
2023-08-11 08:47:38 +01:00
constant_time.c
Avoid implementation defined behaviour
2023-09-12 12:38:53 +01:00
ctr_drbg.c
Update links to Rijndael paper and NIST SP 800-90 DRBGs
2023-08-04 13:55:03 +01:00
debug.c
Merge pull request #7999 from valeriosetti/issue7759
2023-08-10 08:34:57 +00:00
des.c
dhm.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
ecdh.c
Update SEC1 link in ecdh.c
2023-04-12 06:07:23 +00:00
ecdsa.c
Fix a few unchecked value issue
2023-08-01 22:41:17 +08:00
ecjpake.c
Remove hash_info.[ch]
2023-06-06 10:33:54 +02:00
ecp_curves_new.c
Move variant test to ecp_curves
2023-08-02 10:32:21 +01:00
ecp_curves.c
Move variant test to ecp_curves
2023-08-02 10:32:21 +01:00
ecp_internal_alt.h
ecp_invasive.h
Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
2023-07-31 10:57:16 +01:00
ecp.c
Improve doc on special use of A in ecp group structure
2023-08-07 23:02:31 +08:00
entropy_poll.c
Fix error strings without quotes
2023-08-16 12:48:33 +01:00
entropy_poll.h
entropy.c
Use MD-light in entropy.c
2023-03-24 10:43:40 +01:00
gcm.c
Rename mbedtls_aesce_has_support macro to satisfy case rules
2023-08-20 20:20:12 +01:00
hkdf.c
hmac_drbg.c
Fix instances of old feature macros being used
2023-03-24 10:43:40 +01:00
lmots.c
Merge pull request #7935 from AgathiyanB/add-enum-casts
2023-07-26 11:27:27 +02:00
lmots.h
Unify PSA to Mbed TLS error translation
2023-03-03 05:23:44 -05:00
lms.c
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
2023-08-03 12:56:21 +00:00
Makefile
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
2023-08-16 09:19:46 +00:00
md5.c
md_psa.h
Make MD<->PSA translation static inline
2023-06-08 12:10:03 +02:00
md_wrap.h
Omit block_size when MD_C is not enabled
2023-06-21 12:02:07 +02:00
md.c
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
2023-08-03 12:56:21 +00:00
memory_buffer_alloc.c
mps_common.h
Merge branch 'development' into development
2023-06-04 14:57:19 -04:00
mps_error.h
mps_reader.c
mps_reader.h
mps_trace.c
mps_trace.h
net_sockets.c
Merge pull request #7792 from robUx4/win32_winnt
2023-07-13 19:34:24 +01:00
nist_kw.c
Use fewer bits for block_size
2023-06-24 13:37:28 +01:00
oid.c
library: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
2023-06-19 19:24:05 +02:00
padlock.c
improve check config option for i386
2023-08-10 13:36:32 +08:00
padlock.h
Add via padlock detection macro
2023-08-17 11:20:09 +08:00
pem.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
pk_internal.h
Create psa_util_internal.h
2023-07-06 12:42:33 +02:00
pk_wrap.c
Merge pull request #7991 from sarveshb14/fix/psa_rsa_signature_using_large_stack
2023-08-16 09:23:29 +00:00
pk_wrap.h
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
2023-07-11 14:06:00 +02:00
pk.c
Create psa_util_internal.h
2023-07-06 12:42:33 +02:00
pkcs5.c
Fix typo in pkcs5.c
2023-09-01 11:45:39 +01:00
pkcs7.c
Update wording in comments
2023-03-13 12:15:49 +00:00
pkcs12.c
Improve & test legacy mbedtls_pkcs12_pbe
2023-09-05 15:45:55 +01:00
pkparse.c
pkparse: remove unnecessary header
2023-08-10 06:43:23 +02:00
pkwrite.c
pkwrite: fix internal buffer size in pk_write_ec_pubkey()
2023-08-10 07:40:18 +02:00
pkwrite.h
pkwrite: add new internal symbol to properly size DER buffer
2023-08-10 06:43:23 +02:00
platform_util.c
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
2023-08-03 12:56:21 +00:00
platform.c
poly1305.c
psa_crypto_aead.c
psa_crypto_aead.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_cipher.c
Use fewer bits for block_size
2023-06-24 13:37:28 +01:00
psa_crypto_cipher.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_client.c
psa_crypto_core_common.h
psa: Introduce PSA crypto core common symbols
2023-03-31 09:07:57 +02:00
psa_crypto_core.h
Add utility function to check for drivers init
2023-03-16 09:46:51 +01:00
psa_crypto_driver_wrappers.h
Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example.
2023-04-28 17:54:09 +01:00
psa_crypto_ecp.c
lib/test: replace BASIC_IMPORT_EXPORT internal symbol with BASIC,IMPORT,EXPORT
2023-06-30 10:16:22 +02:00
psa_crypto_ecp.h
Merge pull request #7098 from gilles-peskine-arm/retval-non-empty
2023-02-24 09:10:53 +00:00
psa_crypto_ffdh.c
psa: replace DH_KEY_PAIR_LEGACY with new symbols
2023-07-27 09:15:34 +02:00
psa_crypto_ffdh.h
Merge pull request #7627 from mprse/ffdh_tls13_v2
2023-07-03 10:12:33 +02:00
psa_crypto_hash.c
psa_crypto_hash.h
Remove useless extern declarations and includes
2023-06-21 09:45:36 +02:00
psa_crypto_invasive.h
psa_crypto_its.h
psa_crypto_mac.c
psa_crypto_mac.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_pake.c
Fix logical dead code found by Coverity
2023-08-11 17:45:20 +01:00
psa_crypto_pake.h
Pacify clang15 warnings about empty /retval
2023-06-20 15:51:46 +01:00
psa_crypto_random_impl.h
Create psa_util_internal.h
2023-07-06 12:42:33 +02:00
psa_crypto_rsa.c
Merge pull request #7902 from valeriosetti/issue7772
2023-07-25 17:13:43 +01:00
psa_crypto_rsa.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_se.c
Implement and use MBEDTLS_STATIC_ASSERT()
2023-03-08 14:19:51 +00:00
psa_crypto_se.h
psa_crypto_slot_management.c
Move the ARRAY_LENGTH definition to common.h
2023-06-13 05:46:47 -04:00
psa_crypto_slot_management.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_storage.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
psa_crypto_storage.h
Fix error strings without quotes
2023-08-16 12:48:33 +01:00
psa_crypto.c
Remove the workaround for psa_key_agreement_internal
2023-08-17 15:27:56 +01:00
psa_its_file.c
psa_util_internal.h
psa: fix missed LEGACY symbols caused by the rebase
2023-07-11 16:59:21 +02:00
psa_util.c
psa: fix missed LEGACY symbols caused by the rebase
2023-07-11 16:59:21 +02:00
ripemd160.c
Fix use of sizeof without brackets
2023-02-02 12:40:50 +00:00
rsa_alt_helpers.c
Fix a few unchecked value issue
2023-08-01 22:41:17 +08:00
rsa_alt_helpers.h
rsa.c
Rename ...if0 to ...else_0
2023-08-10 12:11:31 +01:00
sha1.c
sha3.c
Fix for big-endian architectures
2023-06-07 19:59:05 +01:00
sha256.c
Add error message for old armclang
2023-07-13 10:40:29 +08:00
sha512.c
Add error message for old armclang
2023-07-13 10:40:29 +08:00
ssl_cache.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
ssl_ciphersuites.c
Merge pull request #7884 from valeriosetti/issue7612
2023-08-01 07:13:36 +00:00
ssl_client.c
tls: replace ECDH_C guards with new helpers
2023-07-07 17:23:53 +02:00
ssl_client.h
ssl_cookie.c
Fix wrong array size calculation in error translation code
2023-06-13 05:46:47 -04:00
ssl_debug_helpers.h
ssl_misc.h
Merge branch 'development' into safer-ct5
2023-08-07 11:47:35 +01:00
ssl_msg.c
mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher
2023-09-18 19:07:50 +02:00
ssl_ticket.c
Fix wrong array size calculation in error translation code
2023-06-13 05:46:47 -04:00
ssl_tls12_client.c
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
2023-08-03 12:56:21 +00:00
ssl_tls12_server.c
Rename uint->bool operators to reflect input types
2023-08-10 11:58:18 +01:00
ssl_tls13_client.c
tls: use TLS 1.3 guards in ssl_tls13 modules
2023-07-25 11:23:50 +02:00
ssl_tls13_generic.c
ssl_tls13: fix guard for FFDH function
2023-08-11 06:33:52 +02:00
ssl_tls13_invasive.h
ssl_tls13_keys.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
ssl_tls13_keys.h
ssl_tls13_server.c
Merge pull request #7884 from valeriosetti/issue7612
2023-08-01 07:13:36 +00:00
ssl_tls.c
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
2023-08-03 12:56:21 +00:00
threading.c
timing.c
version.c
x509_create.c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier
2023-08-07 19:14:54 +00:00
x509_crl.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
x509_crt.c
Fix error strings without quotes
2023-08-16 12:48:33 +01:00
x509_csr.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
x509.c
Merge pull request #6003 from gstrauss/x509_time
2023-07-06 09:28:14 +01:00
x509write_crt.c
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
2023-08-16 09:19:46 +00:00
x509write_csr.c
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
2023-08-16 09:19:46 +00:00
x509write.c
Unify csr and crt san writing functions
2023-07-07 09:05:30 -04:00