mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-28 19:21:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
mbedtls/library
History
Paul Bakker db1f05985e Add a check for buffer overflow to pkcs11_sign() 
pkcs11_sign() reuses *sig to store the header and hash, but those might
be larger than the actual sig, causing a buffer overflow.

An overflow can occur when using raw sigs with hashlen > siglen, or when
the RSA key is less than 664 bits long (or less when using hashes
shorter than SHA512)

As siglen is always within the 'low realm' < 32k, an overflow of asnlen
+ hashlen is not possible.
2014-03-26 15:14:21 +01:00
..
.gitignore
Added proper gitignores for linux compilation
2012-11-17 00:04:49 +01:00
aes.c
Add missing #ifdefs in aes.h
2014-03-13 19:25:06 +01:00
aesni.c
Made AES-NI bit-size specific key expansion functions static
2013-12-30 19:20:06 +01:00
arc4.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
asn1parse.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
asn1write.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
base64.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
bignum.c
Make the compiler work-around more specific
2014-03-14 18:23:26 +01:00
blowfish.c
Make CBC an option, step 3: individual ciphers
2013-09-13 17:25:43 +02:00
camellia.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
certs.c
Change RSA embedded cert to a localhost cert
2014-03-14 08:41:00 +01:00
cipher_wrap.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
cipher.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
CMakeLists.txt
MinGW32 static build should link to windows libs and libz
2014-03-17 15:11:13 +01:00
ctr_drbg.c
Fix some MSVC12 conversion warnings
2014-03-21 12:03:07 +01:00
debug.c
Tune debug_print_ret format
2014-03-26 12:58:46 +01:00
des.c
Fix depend issues in test suites for cipher modes
2014-03-13 19:25:06 +01:00
dhm.c
Fix error code in dhm_selftest()
2014-03-13 19:25:06 +01:00
ecdh.c
Merged support for secp224k1, secp192k1 and secp25k1
2014-01-22 13:10:48 +01:00
ecdsa.c
Fix some MSVC12 conversion warnings
2014-03-21 12:03:07 +01:00
ecp_curves.c
Add fast reduction for the other Koblitz curves
2014-01-18 17:48:00 +01:00
ecp.c
Fix broken tests due to changed error code
2014-03-26 14:12:20 +01:00
entropy_poll.c
Defines for UEFI environment under MSVC added
2013-10-29 14:05:38 +01:00
entropy.c
Provide no info from entropy_func() on future entropy
2014-03-26 12:51:25 +01:00
error.c
Support for seed file writing and reading in Entropy
2014-03-26 11:58:07 +01:00
gcm.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
havege.c
Also compiles / runs without time-based functions in OS
2013-07-03 17:22:32 +02:00
hmac_drbg.c
Fix some MSVC12 conversion warnings
2014-03-21 12:03:07 +01:00
Makefile
Migrated the Memory layer to the Platform layer
2014-02-06 13:20:17 +01:00
md2.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
md4.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
md5.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
md_wrap.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
md.c
Renamed RMD160 to RIPEMD160
2014-01-22 14:17:31 +01:00
memory_buffer_alloc.c
Typo fix in memory_buffer_alloc.c
2014-02-06 13:20:19 +01:00
net.c
Fix warnings on MinGW
2014-03-21 12:03:03 +01:00
oid.c
Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
2014-02-12 09:39:59 +01:00
padlock.c
Initialize ebx and edx in padlock functions
2013-12-31 09:46:09 +01:00
pbkdf2.c
PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
2013-06-25 15:06:52 +02:00
pem.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
pk_wrap.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
pk.c
Revert "Add pk_rsa_set_padding() and rsa_set_padding()"
2014-01-27 11:59:29 +01:00
pkcs5.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
pkcs11.c
Add a check for buffer overflow to pkcs11_sign()
2014-03-26 15:14:21 +01:00
pkcs12.c
Explicit conversions and minor changes to prevent MSVC compiler warnings
2013-10-14 15:50:40 +02:00
pkparse.c
Make support for SpecifiedECDomain optional
2014-03-19 16:50:59 +01:00
pkwrite.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
platform.c
Migrated the Memory layer to the Platform layer
2014-02-06 13:20:17 +01:00
ripemd160.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
rsa.c
Fix stupid bug in rsa_copy()
2014-03-26 12:58:49 +01:00
sha1.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
sha256.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
sha512.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
ssl_cache.c
Fix memory leak in ssl_cache
2014-03-14 08:41:01 +01:00
ssl_ciphersuites.c
Add #ifs arround ssl_ciphersuite_uses_XXX()
2014-01-22 12:56:37 +01:00
ssl_cli.c
Avoid possible segfault on bad server ciphersuite
2014-03-13 19:25:06 +01:00
ssl_srv.c
Fix possible buffer overflow with PSK
2014-03-26 12:58:50 +01:00
ssl_tls.c
Further tightened the padlen check to prevent underflow / overflow
2014-03-26 15:14:20 +01:00
threading.c
Added failure stub for uninitialized POLARSSL_THREADING_ALT functions
2013-12-31 11:55:27 +01:00
timing.c
Fix bug in m_sleep()
2014-03-14 08:41:00 +01:00
version.c
- Fixed copyright message
2010-07-18 20:36:00 +00:00
x509_create.c
Addition conditions for UEFI environment under MSVC
2013-10-29 15:44:13 +01:00
x509_crl.c
Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
2014-02-12 09:39:59 +01:00
x509_crt.c
Reject certs and CRLs from the future
2014-03-13 19:25:06 +01:00
x509_csr.c
Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
2014-02-12 09:39:59 +01:00
x509.c
Add x509_time_future()
2014-03-13 19:25:06 +01:00
x509write_crt.c
Const correctness
2013-10-28 21:19:10 +01:00
x509write_csr.c
Const correctness
2013-10-28 21:19:10 +01:00
xtea.c
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00