mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-31 00:32:50 +00:00

Author	SHA1	Message	Date
Gilles Peskine	c29df535ee	Improve robustness of ECDH public key length validation In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to validate what is written in handshake->xxdh_psa_peerkey. The previous code was correct, but a little fragile to misconfiguration or maintenance. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 15:02:39 +02:00
Gilles Peskine	c8df898204	Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH or ECDHE key exchange was not validated. This could result in an overflow of handshake->xxdh_psa_peerkey, overwriting further data in the handshake structure or further on the heap. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 15:02:33 +02:00
Gilles Peskine	12c5aaae57	Fix buffer overflow in TLS 1.3 ECDH public key parsing Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The length of the public key in an ECDH- or FFDH-based key exchange was not validated. This could result in an overflow of handshake->xxdh_psa_peerkey, overwriting further data in the handshake structure or further on the heap. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-02 15:02:10 +02:00
Gilles Peskine	391dd7fe87	Fix propagation of return value from parse_attribute_value_hex_der_encoded Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-25 19:59:31 +02:00
Gilles Peskine	7f420faf03	parse_attribute_value_hex_der_encoded: clean up length validation Separate the fits-in-buffer check (data_length <= data_size) from the we-think-it's-a-sensible-size check (data_length <= MBEDTLS_X509_MAX_DN_NAME_SIZE). This requires using an intermediate buffer for the DER data, since its maximum sensible size has to be larger than the maximum sensible size for the payload, due to the overhead of the ASN.1 tag+length. Remove test cases focusing on the DER length since the implementation no longer has a threshold for it. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-25 19:59:31 +02:00
Gilles Peskine	7077781af5	Fix integer overflow with an input buffer larger than INT_MAX Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-25 19:59:31 +02:00
Gilles Peskine	25665781f6	Rewrite parse_attribute_value_hex_der_encoded() Rename the function from parse_attribute_value_der_encoded: the hex aspect seems important. There was a buffer overflow due to not validating that the intermediate data fit in the stack buffer. The rewrite doesn't use this buffer, and takes care not to overflow the buffer that it does use. Document all that's going on. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-25 19:59:31 +02:00
Dave Rodgman	6da7872aa2	Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925 Merge development into development-restricted	2023-09-25 18:16:01 +01:00
Gilles Peskine	ffe590d197	Merge pull request #1058 from waleed-elmelegy-arm/check-set_padding-is-called Check set_padding has been called in mbedtls_cipher_finish	2023-09-25 17:12:36 +02:00
Gilles Peskine	ca1e605b9c	Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925 Conflicts: * `include/mbedtls/build_info.h`: a new fragment to auto-enable `MBEDTLS_CIPHER_PADDING_PKCS7` was added in c9f4040f7f3356293e90c58d11f6567def641e08 in `development-restricted`. In `development`, this section of the file has moved to `include/mbedtls/config_adjust_legacy_crypto.h`. * `library/bignum.c`: function name change in `development-restricted` vs comment change in development. The comment change in `development` is not really relevant, so just take the line from `development-restricted`.	2023-09-25 16:16:26 +02:00
Dave Rodgman	025bed9eb7	Merge pull request #1076 from daverodgman/more-ct Use CT module more consistently	2023-09-25 11:50:10 +01:00
Dave Rodgman	5a3add2c67	Merge pull request #8234 from kouzhudong/development Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c	2023-09-25 10:51:46 +01:00
Gilles Peskine	6809f231a6	Merge pull request #8210 from yanrayw/aes_128bit_improvement AES 128bit only: add guards in cipher_wrap.c	2023-09-22 18:15:03 +00:00
Gilles Peskine	18e1d11cfe	Merge pull request #1049 from waleed-elmelegy-arm/Switch-pkparse-to-mbedtls_pkcs5_pbe2_ext Switch pkparse to use new pkcs5/12 pbe functions	2023-09-22 18:06:50 +02:00
Dave Rodgman	4f53520f54	Merge pull request #8241 from daverodgman/cast_warning fix cast warning	2023-09-22 14:23:05 +00:00
Dave Rodgman	c0633bc777	Add comment Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-22 10:54:43 +01:00
Dave Rodgman	38c3228f3e	fix cast warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-22 10:51:37 +01:00
Gilles Peskine	193f94276e	Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher	2023-09-22 11:43:03 +02:00
Dave Rodgman	d03f483dbe	Use mbedtls_ct_error_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-22 10:01:47 +01:00
Dave Rodgman	fbe74a9e51	Add mbedtls_ct_error_if, with tests Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-22 09:58:25 +01:00
Tom Cosgrove	41434d043c	Merge pull request #8237 from tom-cosgrove-arm/mbedtls_pk_write_key_der-unused-len-and-unreachable-ret Remove unused variable and unreachable return from mbedtls_pk_write_key_der()	2023-09-22 08:45:48 +00:00
Dave Rodgman	a9d70125a3	Remove mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 21:53:54 +01:00
Dave Rodgman	7ad37e40a6	Remove use of mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 21:53:31 +01:00
Dave Rodgman	530c3da698	Improve implementation of mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 21:06:48 +01:00
Dave Rodgman	61f1beaccf	Update library to use mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 19:23:17 +01:00
Dave Rodgman	f81b2a14f2	Generalise mbedtls_ct_error_if to mbedtls_ct_int_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 19:22:43 +01:00
Dave Rodgman	aaebc9be51	Merge pull request #8235 from daverodgman/misc-size	2023-09-21 18:42:37 +01:00
Tom Cosgrove	8d276fbc23	Remove unused variable and unreachable return from mbedtls_pk_write_key_der() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-09-21 17:19:36 +01:00
correy	a15b4851d4	Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c Signed-off-by: correy <112426112@qq.com>	2023-09-21 20:18:52 +08:00
Dave Rodgman	1a404e8f34	Use mbedtls_ct_error for CT error selection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 13:12:28 +01:00
Dave Rodgman	e50b537266	Add mbedtls_ct_error_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 11:29:58 +01:00
Dave Rodgman	ef6795d2a9	Reduce size of mbedtls_asn1_get_len Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-21 10:35:33 +01:00
Dave Rodgman	584a08f91d	Add cast for MSVC Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 20:15:52 +01:00
Gilles Peskine	efaee9a299	Give a production-sounding name to the p256m option Now that p256-m is officially a production feature and not just an example, give it a more suitable name. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-20 20:49:47 +02:00
Waleed Elmelegy	1db5cdaf57	Add tests to test pkcs8 parsing of encrypted keys Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:29:02 +01:00
Waleed Elmelegy	5e48cad7f0	Fix codestyle issues in pkcs12.h & pkparse.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:29:02 +01:00
Waleed Elmelegy	d527896b7e	Switch pkparse to use new mbedtls_pkcs12_pbe_ext function Switch pkparse to use new mbedtls_pkcs12_pbe_ext function and deprecate mbedtls_pkcs12_pbe function. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:29:02 +01:00
Waleed Elmelegy	c9f4040f7f	Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function and deprecate mbedtls_pkcs5_pbes2 function. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-09-20 19:28:28 +01:00
Dave Rodgman	1cf181fd46	Reinstate more robust return value handling Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:10:17 +01:00
Dave Rodgman	c43a0a4adb	rename dont_ignore to in_padding Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:09:51 +01:00
Dave Rodgman	e834d6c9f2	Move declaration for robustness against future edits Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:09:51 +01:00
Dave Rodgman	c62f7fcce9	Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:09:51 +01:00
Dave Rodgman	e94cd0b99b	Correct use of mbedtls_ct_mpi_uint_if_else_0 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 19:09:51 +01:00
Gilles Peskine	eda1b1f744	Merge pull request #7921 from valeriosetti/issue7613 TLS: Clean up ECDSA dependencies	2023-09-20 12:47:55 +00:00
Dave Rodgman	ee5464fab9	Simplify unnecessarily complex error code handling Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-20 09:13:12 +01:00
Dave Rodgman	fd96579ecd	Use properly typed versions of mbedtls_ct_xxx_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 21:52:13 +01:00
Dave Rodgman	143f5f7c68	Add mbedtls_ct_bool_if and mbedtls_ct_bool_if_else_0 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 21:52:13 +01:00
Dave Rodgman	437500c5b1	Fix MSVC type complaint Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 21:52:13 +01:00
Dave Rodgman	814d096420	Fix error in handling of return value from mbedtls_nist_kw_unwrap Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 20:48:51 +01:00
Dave Rodgman	6be4bcff16	code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-09-19 19:47:51 +01:00

1 2 3 4 5 ...

12054 Commits