mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-26 21:39:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
mbedtls/library
History
Gilles Peskine da0913ba6b Call setbuf when reading or writing files: library 
After opening a file containing sensitive data, call mbedtls_setbuf() to
disable buffering. This way, we don't expose sensitive data to a memory
disclosure vulnerability in a buffer outside our control.

This commit adds a call to mbedtls_setbuf() after each call to fopen(),
except:
* In ctr_drbg.c, in load_file(), because this is only used for DH parameters
  and they are not confidential data.
* In psa_its_file.c, in psa_its_remove(), because the file is only opened
  to check its existence, we don't read data from it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-30 17:03:40 +02:00
..
.gitignore
Add psa_crypto_driver_wrappers.c to .gitignore
2021-12-18 13:29:10 +05:30
aes.c
Ensure ctr_drbg is initialised every time
2022-02-10 18:38:53 +00:00
aesni.c
Move aesni.h to library
2021-03-10 12:52:37 +00:00
aesni.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
aria.c
Replace 3 byte shift with appropriate macro
2021-08-19 09:55:42 +01:00
asn1parse.c
Add missing const attribute to asn1 api
2021-01-26 13:57:46 +01:00
asn1write.c
Fix memcpy() UB in mbedtls_asn1_named_data()
2022-05-04 11:45:06 +01:00
base64.c
Delete base64_invasive.h due to functions are moved to the constant-time module
2021-11-26 17:20:02 +01:00
bignum_internal.h
Fix Doxygen for mbedtls_mpi_core_mla()
2022-04-11 13:44:15 +01:00
bignum.c
Use separate counters for 8-fold and single multiplication steps
2022-04-17 06:16:03 +01:00
bn_mul.h
Add comment explaining structure of UMAAL assembly
2022-04-17 06:59:33 +01:00
camellia.c
Add Character byte reading macros
2021-08-19 09:55:41 +01:00
ccm.c
Ignore plaintext length for CCM*-no-tag.
2021-10-21 11:33:37 +02:00
chacha20.c
Replace instances of byte reading macros with PUT
2021-08-19 09:56:47 +01:00
chachapoly.c
Replace instances of byte reading macros with PUT
2021-08-19 09:56:47 +01:00
check_crypto_config.h
psa: config: Add CAMELLIA to the list of possible CMAC ciphers
2021-03-25 14:25:46 +01:00
cipher_wrap.c
Use separate MBEDTLS_MODE for the CCM*.
2021-10-27 10:42:31 +02:00
cipher_wrap.h
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
2022-01-03 12:53:24 +01:00
cipher.c
Return an error for IV lengths other than 12 with ChaCha20+Poly1305
2022-01-14 16:31:54 +01:00
cmac.c
Allow skipping 3DES in CMAC self-test when ALT implemented
2021-03-02 10:18:08 +01:00
CMakeLists.txt
Merge pull request #1133 from RonEld/1805
2022-04-11 09:31:59 +02:00
common.h
fix wrong para name in doxygen comments
2021-10-28 10:26:13 +08:00
constant_time_internal.h
Implement mbedtls_ct_hmac() using PSA hash API
2022-02-25 15:16:50 +01:00
constant_time_invasive.h
Add documentation for the functions
2021-11-26 17:25:14 +01:00
constant_time.c
Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac()
2022-03-18 11:09:58 +01:00
ctr_drbg.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
debug.c
Add missing parentheses
2021-06-17 21:46:29 +02:00
des.c
Catch failures of AES or DES operations
2021-09-27 16:22:08 +02:00
dhm.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
ecdh.c
Remove ECDH code specific to TLS 1.3
2022-04-19 18:31:24 +02:00
ecdsa.c
Rename error translation functions and move them to library/pk_wrap.*
2022-03-01 15:21:02 +01:00
ecjpake.c
Tidy up grouped MBEDTLS_BYTE_x macros
2021-08-23 11:52:28 +01:00
ecp_curves.c
Remove unnecessary memory operations in p25519 quasireduction
2022-04-13 07:26:53 +01:00
ecp_internal_alt.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
ecp_invasive.h
Move mbedtls_mpi_random to the bignum module
2021-06-03 18:10:04 +02:00
ecp.c
Remove parameters validation using ECP_VALIDATE_RET
2022-03-28 07:23:08 +02:00
entropy_poll.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
entropy_poll.h
Rename config.h to mbedtls_config.h
2021-06-28 09:28:33 +01:00
entropy.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
gcm.c
Merge pull request #5213 from tom-cosgrove-arm/pr_4950
2021-11-22 22:22:37 +01:00
hkdf.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
hmac_drbg.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
Makefile
Move TLS 1.3 client hello writing to new TLS 1.2 and 1.3 client file
2022-03-29 17:00:29 +02:00
md5.c
GET macros use a target variable
2021-08-19 09:31:55 +01:00
md_wrap.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
md.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
memory_buffer_alloc.c
Count allocs without side-effects
2022-01-05 10:08:59 +01:00
mps_common.h
Capitalise MPS trace macros
2021-04-07 12:45:35 +01:00
mps_error.h
Fix Doxygen headers for MPS files
2021-03-29 14:20:18 +01:00
mps_reader.c
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
2021-12-10 13:47:55 +01:00
mps_reader.h
Fix Doxygen headers for MPS files
2021-03-29 14:20:18 +01:00
mps_trace.c
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
2021-12-10 13:47:55 +01:00
mps_trace.h
Capitalise MPS trace macros
2021-04-07 12:45:35 +01:00
net_sockets.c
Add a missing guard for time.h in net_sockets.c
2022-03-04 05:07:45 -05:00
nist_kw.c
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module
2021-11-24 10:44:13 +01:00
oid.c
Remove MD2, MD4, RC4, Blowfish and XTEA
2021-06-16 10:34:25 +02:00
padlock.c
Move padlock.h to library
2021-03-10 12:52:37 +00:00
padlock.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
pem.c
Rename the _ret() functions
2021-06-08 16:45:41 +02:00
pk_wrap.c
Implement PK Opaque RSA PSS signature
2022-04-12 15:11:49 +02:00
pk_wrap.h
Add support for RSA PK Opaque key
2022-04-07 14:51:47 +02:00
pk.c
Change mbedtls_pk_wrap_as_opaque() signature to specify alg, usage and key_enrollment_algorithm
2022-04-28 13:27:59 +02:00
pkcs5.c
Apply MBEDTLS_ERROR_ADD to library
2021-04-15 11:19:47 +01:00
pkcs12.c
Remove incorrect hashing
2021-12-02 18:03:12 +00:00
pkparse.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
pkwrite.c
Add support for RSA Opaque PK key in mbedtls_pk_write_pubkey_der()
2022-04-07 15:01:24 +02:00
pkwrite.h
Rename max sizes of RSA & EC DER keys defines
2022-03-01 10:03:21 +01:00
platform_util.c
Correction to callback declaration and usage
2021-07-13 12:23:12 +02:00
platform.c
Add setbuf platform function
2022-06-30 17:01:40 +02:00
poly1305.c
Replace instances of byte reading macros with PUT
2021-08-19 09:57:41 +01:00
psa_crypto_aead.c
Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm
2021-12-09 14:49:42 +01:00
psa_crypto_aead.h
Restore internal driver for aead_set_lengths
2021-09-28 11:16:27 +01:00
psa_crypto_cipher.c
If a cipher algorithm is not supported, fail during setup
2022-04-05 15:03:39 +02:00
psa_crypto_cipher.h
Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr
2021-12-14 10:58:18 +01:00
psa_crypto_client.c
Move the inclusion of crypto_spe.h to psa/crypto_platform.h
2021-06-17 11:43:58 +02:00
psa_crypto_core.h
Code style improvements
2021-09-08 22:04:13 +05:30
psa_crypto_driver_wrappers.h
Merge pull request #5292 from mprse/asym_encrypt
2022-03-10 20:07:38 +01:00
psa_crypto_ecp.c
psa: Remove test code in the library
2021-12-06 07:50:27 +01:00
psa_crypto_ecp.h
psa: test driver: Move driver test entry points prototypes
2021-12-06 07:50:27 +01:00
psa_crypto_hash.c
psa: Fix and improve comments
2021-12-06 07:50:27 +01:00
psa_crypto_hash.h
psa: test driver: Move driver test entry points prototypes
2021-12-06 07:50:27 +01:00
psa_crypto_invasive.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
psa_crypto_its.h
Update documentation
2020-11-25 13:10:50 +01:00
psa_crypto_mac.c
psa: Fix and improve comments
2021-12-06 07:50:27 +01:00
psa_crypto_mac.h
psa: test driver: Move driver test entry points prototypes
2021-12-06 07:50:27 +01:00
psa_crypto_random_impl.h
Work around MSVC bug with duplicate static declarations
2021-02-16 18:55:05 +01:00
psa_crypto_rsa.c
psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt
2022-01-10 12:55:06 +01:00
psa_crypto_rsa.h
psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt
2022-01-10 12:55:06 +01:00
psa_crypto_se.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
psa_crypto_se.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
psa_crypto_slot_management.c
Merge pull request #4878 from SiliconLabs/remove_dependency_4877
2021-09-20 22:20:16 +02:00
psa_crypto_slot_management.h
psa: Fix error code when creating/registering a key with invalid id
2021-04-01 14:05:41 +02:00
psa_crypto_storage.c
Erase secrets in allocated memory before freeing said memory
2022-02-25 11:14:59 +01:00
psa_crypto_storage.h
Rename PSA_KEY_SLOT_COUNT to MBEDTLS_PSA_KEY_SLOT_COUNT
2021-02-15 14:26:44 +01:00
psa_crypto.c
Do not erase input key in psa_tls12_prf_psk_to_ms_set_key()
2022-05-04 11:06:22 +02:00
psa_its_file.c
Call setbuf when reading or writing files: library
2022-06-30 17:03:40 +02:00
ripemd160.c
GET macros use a target variable
2021-08-19 09:31:55 +01:00
rsa_alt_helpers.c
Rename rsa_internal.* to rsa_alt_helpers.*
2021-03-10 12:52:37 +00:00
rsa_alt_helpers.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
rsa.c
Rename error translation functions and move them to library/pk_wrap.*
2022-03-01 15:21:02 +01:00
sha1.c
GET macros use a target variable
2021-08-19 09:31:55 +01:00
sha256.c
Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration
2022-04-19 13:52:24 +01:00
sha512.c
Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration
2022-04-19 13:52:24 +01:00
ssl_cache.c
Fix search for outdated entries in SSL session cache
2021-05-14 14:55:15 +01:00
ssl_ciphersuites.c
mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version
2022-04-14 15:40:12 -04:00
ssl_client.c
Rebase and solve conflicts
2022-05-07 01:37:04 +00:00
ssl_client.h
Refine code base on review
2022-04-20 11:05:24 +00:00
ssl_cookie.c
Rename psa_hmac to psa_hmac_key in mbedtls_ssl_cookie_ctx
2022-03-22 10:41:38 +01:00
ssl_debug_helpers.h
add signature algorithm debug helper
2022-03-22 15:13:33 +08:00
ssl_misc.h
Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks
2022-05-09 10:15:16 +02:00
ssl_msg.c
Rename mbedtls_get_mode_from_XXX to mbedtls_ssl_get_mode_from_XXX
2022-04-22 14:25:59 +02:00
ssl_ticket.c
Reorganize PSA/!PSA code in mbedtls_ssl_ticket_setup()
2022-04-27 10:35:28 +02:00
ssl_tls12_client.c
Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes
2022-05-05 14:01:49 +02:00
ssl_tls12_server.c
Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes
2022-05-05 14:01:49 +02:00
ssl_tls13_client.c
fix various issues
2022-05-06 11:16:55 +08:00
ssl_tls13_generic.c
tls13: Share write ecdh_key_exchange function
2022-04-22 16:45:01 +08:00
ssl_tls13_invasive.h
Use hash algoritm for parameter instead of HMAC
2022-03-26 17:28:06 +01:00
ssl_tls13_keys.c
fix coding style issues
2022-05-06 16:40:05 +08:00
ssl_tls13_keys.h
fix various issues
2022-05-06 11:16:55 +08:00
ssl_tls13_server.c
Update code base on comments
2022-05-09 01:11:21 +00:00
ssl_tls.c
Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks
2022-05-09 10:15:16 +02:00
threading.c
Fix typo "phtreads" to "pthreads"
2022-03-29 17:43:56 +02:00
timing.c
Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C
2022-04-08 04:41:42 -04:00
version.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
x509_create.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
x509_crl.c
Do not include time.h without MBEDTLS_HAVE_TIME
2022-03-04 05:07:45 -05:00
x509_crt.c
Merge pull request #3624 from daxtens/timeless
2022-03-15 16:43:19 +00:00
x509_csr.c
Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased
2021-04-28 17:31:55 +01:00
x509.c
Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased
2021-04-28 17:31:55 +01:00
x509write_crt.c
Improving readability of x509_crt and x509write_crt for PR
2022-03-07 13:59:44 +01:00
x509write_csr.c
Improving readability of x509_crt and x509write_crt for PR
2022-03-07 13:59:44 +01:00