lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity
7,238 Commits 174 Branches 272 Tags
ec024483ae80e68f5e055fb0a6f12d4dda09e5cc
Commit Graph

7238 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
81d4e899a4 Don't rely on private key metadata in SSL 
In SSL, don't use mbedtls_pk_ec or mbedtls_pk_rsa on a private
signature or decryption key (as opposed to a public key or a key used
for DH/ECDH). Extract the data (it's the same data) from the public
key object instead. This way the code works even if the private key is
opaque or if there is no private key object at all.

Specifically, with an EC key, when checking whether the curve in a
server key matches the handshake parameters, rely only on the offered
certificate and not on the metadata of the private key.
 2018-04-24 09:26:03 +02:00
Rose Zadik
d35340550d Update ecp.h 
fixed omittion
 2018-04-23 16:12:42 +01:00
Rose Zadik
c32efb3f64 Update ecp.h 
Resolved last review comment
 2018-04-23 09:38:29 +01:00
Rose Zadik
d76ac587d3 Update ecp.h 
Changes based on review comments. Waiting for responses on 2 remaining comments
 2018-04-23 06:29:34 +01:00
Rose Zadik
abc9ec73b0 Update ecdsa.h 
Merged change to MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH from other commit for merging, as requested (lines 282+283).
 2018-04-23 06:16:40 +01:00
Mohammad Azim Khan
1d3b508b82 Same ciphersuite validation in server and client hello 2018-04-20 18:54:18 +01:00
Andrzej Kurek
5462e02874 ssl_tls: Fix invalid buffer sizes during compression / decompression 
Adjust information passed to zlib to include already written data.
 2018-04-20 07:58:53 -04:00
Rose Zadik
f089fa3341 Update ecp.h 
minor spacing/comment format fixes
 2018-04-20 10:41:16 +01:00
Rose Zadik
b2e111a288 Update ecp.h 
Changes based on review comments. 
2 comments still open pending decisions
 2018-04-20 10:13:48 +01:00
Gilles Peskine
5450d1f597 Merge branch 'crypto_alt_revision' into development-restricted-proposed 2018-04-19 21:02:40 +02:00
Gilles Peskine
81021ca2da Improve ChangeLog entry 2018-04-19 20:59:06 +02:00
Gilles Peskine
f2b76cd45c Merge remote-tracking branch 'upstream-restricted/pr/461' into development-restricted-proposed 2018-04-19 17:41:39 +02:00
Rose Zadik
93f9919c26 Update cipher.h 
Fixed typo.
 2018-04-19 14:41:33 +01:00
Rose Zadik
c441f74900 Update cipher.h 
minor fix
 2018-04-19 14:38:20 +01:00
Rose Zadik
4c368e82cc Update cipher.h 
Additional changes based on review comments
 2018-04-19 14:24:11 +01:00
Rose Zadik
826f264920 Update cipher.h 
Additional changes based on review comments
 2018-04-19 14:01:29 +01:00
Rose Zadik
f56cb34d60 Update ecp.h 
Updated based on review comment. 
One comment remains open (waiting for input)
 2018-04-19 12:49:10 +01:00
Manuel Pégourié-Gonnard
7aeb470f61 Merge remote-tracking branch 'public/pr/1234' into development-proposed 
* public/pr/1234:
  Doxygen: don't traverse symbolic links
 2018-04-18 16:13:52 +02:00
Manuel Pégourié-Gonnard
64f5adf9f9 Merge remote-tracking branch 'public/pr/1380' into development-proposed 
* public/pr/1380:
  Update ChangeLog for #1380
  Generate RSA keys according to FIPS 186-4
  Generate primes according to FIPS 186-4
  Avoid small private exponents during RSA key generation
 2018-04-18 16:13:52 +02:00
Manuel Pégourié-Gonnard
4acb0055e3 Merge remote-tracking branch 'public/pr/1518' into development-proposed 
* public/pr/1518:
  Update platform.h
  Update platform.h
 2018-04-18 16:13:52 +02:00
Manuel Pégourié-Gonnard
66d396826a Merge remote-tracking branch 'public/pr/1516' into development-proposed 
* public/pr/1516:
  Update sha512.h
 2018-04-18 16:13:52 +02:00
Manuel Pégourié-Gonnard
bb93c04aab Merge remote-tracking branch 'public/pr/1515' into development-proposed 
* public/pr/1515:
  Update sha256.h
  Update sha256.h
 2018-04-18 16:13:52 +02:00
Gilles Peskine
b80f04eb67 Merge remote-tracking branch 'upstream-public/pr/1514' into development-proposed 2018-04-18 16:13:30 +02:00
Gilles Peskine
2e1934ac0c Fix comment formatting to pacify check-names.sh 2018-04-18 16:08:26 +02:00
Manuel Pégourié-Gonnard
a9377336be Merge remote-tracking branch 'public/pr/1513' into development-proposed 
* public/pr/1513:
  Update rsa.h
  Update rsa.h
  Update rsa.h
 2018-04-18 11:58:53 +02:00
Manuel Pégourié-Gonnard
0392bff1b9 Merge remote-tracking branch 'public/pr/1512' into development-proposed 
* public/pr/1512:
  Update md.h
  Update md.h
 2018-04-18 11:57:50 +02:00
Manuel Pégourié-Gonnard
b3a8fe7285 Merge remote-tracking branch 'public/pr/1509' into development-proposed 
* public/pr/1509:
  Update ecdh.h
  Update ecdh.h
 2018-04-18 11:56:49 +02:00
Manuel Pégourié-Gonnard
01d72df113 Merge remote-tracking branch 'public/pr/1508' into development-proposed 
* public/pr/1508:
  Update ctr_drbg.h
  Update ctr_drbg.h
 2018-04-18 11:55:30 +02:00
Manuel Pégourié-Gonnard
7153496395 Merge remote-tracking branch 'public/pr/1507' into development-proposed 
* public/pr/1507:
  Update cmac.h
  Update cmac.h
 2018-04-18 11:54:42 +02:00
Manuel Pégourié-Gonnard
c265a25f4f Merge remote-tracking branch 'public/pr/1503' into development-proposed 
* public/pr/1503:
  Update aes.h
  Update aes.h
 2018-04-18 11:48:10 +02:00
Rose Zadik
fa1fe36e08 Update dhm.h 
Minor fix based on review comments
 2018-04-18 10:09:31 +01:00
Rose Zadik
ee96359d89 Update dhm.h 
Changes based on review comments
 2018-04-18 09:46:12 +01:00
Andrzej Kurek
f13ca9536c Test suites: print error on failed platform_setup 
Return encountered errors instead of covering them
Fix return value on the broken snprintf implementation
 2018-04-18 04:14:31 -04:00
Mohammad Azim Khan
e5b5bd7a40 Allocate a unique err code for MBEDTLS_ERR_AES_BAD_INPUT_DATA 2018-04-17 23:29:47 +01:00
Mohammad Azim Khan
3f7f8170d6 Check invalid nc_off 
Uninitialized nc_off value >0xf passed by the caller can cause array out-of-bound.
 2018-04-17 23:18:40 +01:00
Andres Amaya Garcia
14a8b59d7b Fix doxygen error for MBEDTLS_PLATFORM_ZEROIZE_ALT 2018-04-17 16:56:12 +01:00
Rose Zadik
379b95ca9b Update ccm.h 
Updated return values for mbedtls_ccm_auth_decrypt().
 2018-04-17 16:43:00 +01:00
Rose Zadik
477dce15bc Update ccm.h 
updated brief desc.
 2018-04-17 16:31:22 +01:00
Andres Amaya Garcia
c58787f507 Update docs for MBEDTLS_PLATFORM_ZEROIZE_ALT in config.h 2018-04-17 10:21:45 -05:00
Andres Amaya Garcia
3ea559ea6c Fix alignment in makefile 2018-04-17 10:17:22 -05:00
Andres Amaya Garcia
eecea0e281 Update zeroize test to use mbedtls_platform_zeroize() 2018-04-17 10:14:53 -05:00
Andres Amaya Garcia
9644983ae4 Add platform_utils and zeroize to visualc files 2018-04-17 10:03:44 -05:00
Andres Amaya Garcia
82934be144 Do not install zeroize program in CMakeLists 2018-04-17 10:02:17 -05:00
Andres Amaya Garcia
1f6301b3c8 Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
Andres Amaya Garcia
904e1efb8c Make utils module part of the platform 2018-04-17 10:00:11 -05:00
Rose Zadik
ec5d416cb2 Update ecdsa.h 
minor fix based on review comments
 2018-04-17 15:55:28 +01:00
Andres Amaya Garcia
ae8e306973 Fix docs typos for zeroize related features/test 2018-04-17 09:21:49 -05:00
Andres Amaya Garcia
757cd72edf Update license headers year and branding 2018-04-17 09:21:49 -05:00
Andres Amaya Garcia
42defd10a6 Improve docs for zeroize.c and test_zeroize.gdb 2018-04-17 09:21:49 -05:00
Andres Amaya Garcia
1e8ea5fa68 Improve docs for mbedtls_zeroize() and add refs 2018-04-17 09:21:49 -05:00