mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 17:43:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
mbedtls/library
History
Gilles Peskine c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing 
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:33 +02:00
..
.gitignore
Add gitignore anchors to denote generated files
2023-07-06 17:58:18 +01:00
aes.c
replace aesni target detection macros
2023-08-23 17:15:34 +08:00
aesce.c
replace arm64 macro and aesce enable flag
2023-08-23 17:15:34 +08:00
aesce.h
improve various issues
2023-08-28 10:58:24 +08:00
aesni.c
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode
2023-08-18 20:55:44 +00:00
aesni.h
improve various issues
2023-08-28 10:58:24 +08:00
alignment.h
Fix MBEDTLS_BSWAP32 on armcc 5
2023-07-11 14:06:37 +01:00
aria.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
asn1parse.c
Reduce size of mbedtls_asn1_get_len
2023-09-21 10:35:33 +01:00
asn1write.c
code style
2023-09-15 18:30:09 +01:00
base64_internal.h
Move base64 test interfaces into base64_internal.h
2023-05-26 12:42:48 +01:00
base64.c
Move base64 test interfaces into base64_internal.h
2023-05-26 12:42:48 +01:00
bignum_core.c
Improve sanity checking of MBEDTLS_HAVE_INTxx
2023-09-06 08:41:05 +01:00
bignum_core.h
Improve docs for mbedtls_mpi_core_cond_assign
2023-07-31 12:27:05 +01:00
bignum_mod_raw_invasive.h
Update documentation
2023-01-23 19:10:26 +01:00
bignum_mod_raw.c
Remove new bignum when not needed
2023-08-17 14:36:59 +01:00
bignum_mod_raw.h
bignum: Removed merge scaffolding.
2023-04-05 16:13:11 +01:00
bignum_mod.c
Remove new bignum when not needed
2023-08-17 14:36:59 +01:00
bignum_mod.h
bignum_mod: Added a typedef for OPT_RED function pointer.
2023-06-22 09:14:28 +01:00
bignum.c
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
bn_mul.h
Merge pull request #7784 from daverodgman/aesce-unroll
2023-07-04 18:41:13 +01:00
camellia.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
ccm.c
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
chacha20.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
chachapoly.c
Eliminate duplicate ct memcmp
2023-09-18 19:09:45 +01:00
check_crypto_config.h
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
2023-07-11 14:06:00 +02:00
cipher_wrap.c
cipher_wrap: remove 192- and 256-bit for AES_ONLY_128_BIT_KEY_LENGTH
2023-09-14 14:35:44 +08:00
cipher_wrap.h
code style
2023-06-24 13:37:28 +01:00
cipher.c
Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925
2023-09-25 18:16:01 +01:00
cmac.c
Merge pull request #1038 from Mbed-TLS/development
2023-07-21 15:40:36 +02:00
CMakeLists.txt
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
common.h
Simplify fixes for unreachable code
2023-09-05 18:15:31 +01:00
constant_time_impl.h
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
constant_time_internal.h
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
constant_time.c
Simplify mbedtls_ct_memcmp_partial
2023-09-19 17:21:50 +01:00
ctr_drbg.c
Update links to Rijndael paper and NIST SP 800-90 DRBGs
2023-08-04 13:55:03 +01:00
debug.c
Merge pull request #7999 from valeriosetti/issue7759
2023-08-10 08:34:57 +00:00
des.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
dhm.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
ecdh.c
Update SEC1 link in ecdh.c
2023-04-12 06:07:23 +00:00
ecdsa.c
Fix a few unchecked value issue
2023-08-01 22:41:17 +08:00
ecjpake.c
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
ecp_curves_new.c
Move variant test to ecp_curves
2023-08-02 10:32:21 +01:00
ecp_curves.c
Move variant test to ecp_curves
2023-08-02 10:32:21 +01:00
ecp_internal_alt.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
ecp_invasive.h
Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
2023-07-31 10:57:16 +01:00
ecp.c
Use MBEDTLS_GET_UINT16_BE in mbedtls_ecp_tls_read_group_id
2023-08-16 17:50:36 +01:00
entropy_poll.c
Fix error strings without quotes
2023-08-16 12:48:33 +01:00
entropy_poll.h
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
entropy.c
Use MD-light in entropy.c
2023-03-24 10:43:40 +01:00
gcm.c
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
hkdf.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
hmac_drbg.c
Fix instances of old feature macros being used
2023-03-24 10:43:40 +01:00
lmots.c
Merge pull request #7935 from AgathiyanB/add-enum-casts
2023-07-26 11:27:27 +02:00
lmots.h
Unify PSA to Mbed TLS error translation
2023-03-03 05:23:44 -05:00
lms.c
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
2023-08-03 12:56:21 +00:00
Makefile
Allow turning off re-generation of files with make
2023-09-08 16:19:13 +02:00
md5.c
Ensure all md_<hash>_finish functions perform zeroization
2023-09-11 12:59:36 +01:00
md_psa.h
Make MD<->PSA translation static inline
2023-06-08 12:10:03 +02:00
md_wrap.h
Omit block_size when MD_C is not enabled
2023-06-21 12:02:07 +02:00
md.c
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
memory_buffer_alloc.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
mps_common.h
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
mps_error.h
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
mps_reader.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
mps_reader.h
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
mps_trace.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
mps_trace.h
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
net_sockets.c
Merge pull request #7792 from robUx4/win32_winnt
2023-07-13 19:34:24 +01:00
nist_kw.c
Use mbedtls_ct_error_if
2023-09-22 10:01:47 +01:00
oid.c
Add OID for HMAC-RIPEMD160
2023-07-27 15:46:05 +01:00
padlock.c
replace target arch macros in padlock
2023-08-23 17:15:35 +08:00
padlock.h
improve various issues
2023-08-28 10:58:24 +08:00
pem.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
pk_internal.h
Add tests to test pkcs8 parsing of encrypted keys
2023-09-20 19:29:02 +01:00
pk_wrap.c
Merge pull request #7991 from sarveshb14/fix/psa_rsa_signature_using_large_stack
2023-08-16 09:23:29 +00:00
pk_wrap.h
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
2023-07-11 14:06:00 +02:00
pk.c
Create psa_util_internal.h
2023-07-06 12:42:33 +02:00
pkcs5.c
Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
2023-09-20 19:28:28 +01:00
pkcs7.c
Update wording in comments
2023-03-13 12:15:49 +00:00
pkcs12.c
Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
2023-09-20 19:29:02 +01:00
pkparse.c
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
pkwrite.c
Merge pull request #8234 from kouzhudong/development
2023-09-25 10:51:46 +01:00
pkwrite.h
pkwrite: add new internal symbol to properly size DER buffer
2023-08-10 06:43:23 +02:00
platform_util.c
Avoid error from old gcc version
2023-09-01 11:15:28 +01:00
platform.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
poly1305.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_crypto_aead.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_crypto_aead.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_cipher.c
Use fewer bits for block_size
2023-06-24 13:37:28 +01:00
psa_crypto_cipher.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_client.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_crypto_core_common.h
psa: Introduce PSA crypto core common symbols
2023-03-31 09:07:57 +02:00
psa_crypto_core.h
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
psa_crypto_driver_wrappers.h
Give a production-sounding name to the p256m option
2023-09-20 20:49:47 +02:00
psa_crypto_ecp.c
lib/test: replace BASIC_IMPORT_EXPORT internal symbol with BASIC,IMPORT,EXPORT
2023-06-30 10:16:22 +02:00
psa_crypto_ecp.h
Merge pull request #7098 from gilles-peskine-arm/retval-non-empty
2023-02-24 09:10:53 +00:00
psa_crypto_ffdh.c
psa: replace DH_KEY_PAIR_LEGACY with new symbols
2023-07-27 09:15:34 +02:00
psa_crypto_ffdh.h
Merge pull request #7627 from mprse/ffdh_tls13_v2
2023-07-03 10:12:33 +02:00
psa_crypto_hash.c
code style
2023-06-26 11:11:23 +01:00
psa_crypto_hash.h
Remove useless extern declarations and includes
2023-06-21 09:45:36 +02:00
psa_crypto_invasive.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_crypto_its.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_crypto_mac.c
Fully replace mbedtls_psa_safer_memcmp
2023-08-29 14:20:18 +01:00
psa_crypto_mac.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_pake.c
Use quotes include of psa_util_internal.h
2023-09-04 10:36:37 +02:00
psa_crypto_pake.h
Pacify clang15 warnings about empty /retval
2023-06-20 15:51:46 +01:00
psa_crypto_random_impl.h
Use quotes include of psa_util_internal.h
2023-09-04 10:36:37 +02:00
psa_crypto_rsa.c
Merge pull request #7902 from valeriosetti/issue7772
2023-07-25 17:13:43 +01:00
psa_crypto_rsa.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_se.c
Implement and use MBEDTLS_STATIC_ASSERT()
2023-03-08 14:19:51 +00:00
psa_crypto_se.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_crypto_slot_management.c
Reduce code-size to access key slots init flag
2023-08-16 17:56:28 +01:00
psa_crypto_slot_management.h
Make \retval commands non-empty
2023-02-14 19:21:09 +01:00
psa_crypto_storage.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
psa_crypto_storage.h
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
2023-08-31 17:06:58 +01:00
psa_crypto.c
Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full
2023-09-18 08:13:12 +00:00
psa_its_file.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
psa_util_internal.h
psa: fix missed LEGACY symbols caused by the rebase
2023-07-11 16:59:21 +02:00
psa_util.c
Use quotes include of psa_util_internal.h
2023-09-04 10:36:37 +02:00
ripemd160.c
Ensure all md_<hash>_finish functions perform zeroization
2023-09-11 12:59:36 +01:00
rsa_alt_helpers.c
Fix a few unchecked value issue
2023-08-01 22:41:17 +08:00
rsa_alt_helpers.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
rsa.c
Use mbedtls_ct_error_if
2023-09-22 10:01:47 +01:00
sha1.c
Ensure all md_<hash>_finish functions perform zeroization
2023-09-11 12:59:36 +01:00
sha3.c
Remove always-false null pointer check in sha3.c that Coverity complains about
2023-09-11 09:03:01 +01:00
sha256.c
Ensure all md_<hash>_finish functions perform zeroization
2023-09-11 12:59:36 +01:00
sha512.c
Ensure all md_<hash>_finish functions perform zeroization
2023-09-11 12:59:36 +01:00
ssl_cache.c
Merge pull request #7210 from sergio-nsk/patch-2
2023-09-13 16:38:55 +02:00
ssl_ciphersuites.c
Merge pull request #7921 from valeriosetti/issue7613
2023-09-20 12:47:55 +00:00
ssl_client.c
Merge pull request #7921 from valeriosetti/issue7613
2023-09-20 12:47:55 +00:00
ssl_client.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
ssl_cookie.c
Fix wrong array size calculation in error translation code
2023-06-13 05:46:47 -04:00
ssl_debug_helpers.h
refine ticket_flags printing helper
2023-01-16 11:28:49 +08:00
ssl_misc.h
Merge pull request #7921 from valeriosetti/issue7613
2023-09-20 12:47:55 +00:00
ssl_msg.c
Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
2023-09-25 16:16:26 +02:00
ssl_ticket.c
Fix wrong array size calculation in error translation code
2023-06-13 05:46:47 -04:00
ssl_tls12_client.c
Merge pull request #7921 from valeriosetti/issue7613
2023-09-20 12:47:55 +00:00
ssl_tls12_server.c
Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
2023-10-02 15:02:33 +02:00
ssl_tls13_client.c
Update spelling "mbed TLS" to "Mbed TLS"
2023-09-12 19:18:17 +02:00
ssl_tls13_generic.c
Fix buffer overflow in TLS 1.3 ECDH public key parsing
2023-10-02 15:02:10 +02:00
ssl_tls13_invasive.h
Switch to the new code style
2023-01-11 14:50:10 +01:00
ssl_tls13_keys.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
ssl_tls13_keys.h
Enhancement: change some functions to static in ssl_tls13_keys.c
2023-01-12 14:54:26 +08:00
ssl_tls13_server.c
Merge pull request #7884 from valeriosetti/issue7612
2023-08-01 07:13:36 +00:00
ssl_tls.c
Merge pull request #7921 from valeriosetti/issue7613
2023-09-20 12:47:55 +00:00
threading.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
timing.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
version.c
Switch to the new code style
2023-01-11 14:50:10 +01:00
x509_create.c
Fix propagation of return value from parse_attribute_value_hex_der_encoded
2023-09-25 19:59:31 +02:00
x509_crl.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
x509_crt.c
Fix warnings about unreachable code
2023-09-05 16:53:33 +01:00
x509_csr.c
Provide and use internal function mbedtls_zeroize_and_free()
2023-07-17 15:17:40 +01:00
x509.c
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509
2023-09-13 08:54:33 +00:00
x509write_crt.c
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
2023-08-16 09:19:46 +00:00
x509write_csr.c
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
2023-08-16 09:19:46 +00:00
x509write.c
Unify csr and crt san writing functions
2023-07-07 09:05:30 -04:00