mbedtls/library
Hanno Becker 7c8cb9c28b Fix information leak in ecp_gen_keypair_base
The function mbedtls_ecp_gen_keypair_base did not wipe the stack buffer used to
hold the private exponent before returning. This commit fixes this by not using
a stack buffer in the first place but instead calling mpi_fill_random directly
to acquire the necessary random MPI.
2017-10-17 15:19:38 +01:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Export mbedtls_aes_(en/de)crypt to retain for API compatibility 2017-07-27 21:44:33 +01:00
aesni.c Fix build errors on x32 by using the generic 'add' instruction 2016-05-23 14:29:28 +01:00
arc4.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
asn1parse.c Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-13 13:54:14 +01:00
asn1write.c Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths 2016-08-25 15:42:27 +01:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-15 23:31:07 +02:00
bignum.c Make mpi_read_binary time constant 2017-10-17 15:17:27 +01:00
blowfish.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
camellia.c Address user reported coverity issues. 2016-06-07 14:52:35 +01:00
ccm.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
certs.c Undo API change from SHA1 deprecation 2017-07-27 21:44:33 +01:00
cipher.c Fix integer overflows in buffer bound checks 2017-02-15 23:31:07 +02:00
cipher_wrap.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
cmac.c Rename time and index parameter to avoid name conflict. 2017-07-28 22:28:08 +01:00
CMakeLists.txt Update version number to 2.6.0 2017-08-10 11:51:16 +01:00
ctr_drbg.c Fix integer overflows in buffer bound checks 2017-02-15 23:31:07 +02:00
debug.c Fix compiler warning in debug.c 2017-02-15 09:08:26 +00:00
des.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
dhm.c Check return code of mbedtls_mpi_fill_random 2017-07-27 21:44:33 +01:00
ecdh.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ecdsa.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ecjpake.c Fix potential stack buffer overflow in ecjpake 2015-10-20 16:20:56 +02:00
ecp.c Fix information leak in ecp_gen_keypair_base 2017-10-17 15:19:38 +01:00
ecp_curves.c ECP: Add module and function level replacement options. 2017-05-11 22:42:14 +01:00
entropy.c Rename time and index parameter to avoid name conflict. 2017-07-28 22:28:08 +01:00
entropy_poll.c Renames null entropy source function for clarity 2016-06-12 00:31:33 +01:00
error.c Only return VERIFY_FAILED from a single point 2017-07-06 11:58:41 +02:00
gcm.c fix for issue 1118: check if iv is zero in gcm. 2017-07-27 21:44:33 +01:00
havege.c Fixes warnings found by Clang static analyser 2016-05-23 23:18:26 +01:00
hmac_drbg.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Makefile Added cmac.o to libary/Makefile 2016-10-13 13:51:09 +01:00
md.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md2.c Fix integer overflows in buffer bound checks 2017-02-15 23:31:07 +02:00
md4.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md5.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md_wrap.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
memory_buffer_alloc.c Fixes memory leak in memory_buffer_alloc.c debug 2016-05-23 14:29:29 +01:00
net_sockets.c Fix typo and bracketing in macro args 2017-10-12 23:21:37 +01:00
oid.c Removing in compile time unused entries from oid_ecp_grp list 2016-09-04 15:14:38 +01:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Fix unused variable/function compilation warnings 2017-02-15 22:54:42 +02:00
pk.c Fix data loss in unsigned int cast in PK 2017-05-11 21:55:17 +01:00
pk_wrap.c Fix data loss in unsigned int cast in PK 2017-05-11 21:55:17 +01:00
pkcs5.c Fix output of PKCS#5 and RIPEMD-160 self tests 2016-08-25 16:36:35 +01:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Shut up a few clang-analyze warnings about use of uninitialized variables 2016-05-23 14:29:28 +01:00
pkparse.c Clarify Comments and Fix Typos (#651) 2017-02-15 09:08:26 +00:00
pkwrite.c Fix other occurrences of same bounds check issue 2015-10-21 12:50:45 +02:00
platform.c Rename macro SETUP_ALT to SETUP_TEARDOWN_ALT 2017-07-27 21:44:33 +01:00
ripemd160.c Fix output of PKCS#5 and RIPEMD-160 self tests 2016-08-25 16:36:35 +01:00
rsa.c Merge remote-tracking branch 'restricted/iotssl-1138-rsa-padding-check-restricted' into development-restricted 2017-06-08 20:31:06 +02:00
sha1.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
sha256.c Use allocated memory for SHA self tests 2016-10-13 15:10:14 +01:00
sha512.c Use allocated memory for SHA self tests 2016-10-13 15:10:14 +01:00
ssl_cache.c Fix naked call to time() with platform call 2017-07-28 23:46:43 +01:00
ssl_ciphersuites.c Undo API change 2017-07-27 21:44:33 +01:00
ssl_cli.c Always print gmt_unix_time in TLS client 2017-10-06 11:59:13 +01:00
ssl_cookie.c Fix resource leak when using mutex and ssl_cookie 2017-03-02 12:26:11 +00:00
ssl_srv.c Parse Signature Algorithm ext when renegotiating 2017-10-12 23:21:37 +01:00
ssl_ticket.c Puts platform time abstraction into its own header 2016-07-13 14:46:18 +01:00
ssl_tls.c Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog. 2017-10-06 11:58:50 +01:00
threading.c Remove mutexes from ECP hardware acceleration 2017-07-27 21:44:32 +01:00
timing.c Give better error messages for semi-portable parts 2016-02-22 10:47:32 +01:00
version.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
version_features.c Checked names 2017-07-27 21:44:33 +01:00
x509.c Correctly handle leap year in x509_date_is_valid() 2017-10-12 23:21:37 +01:00
x509_create.c Fix other occurrences of same bounds check issue 2015-10-21 12:50:45 +02:00
x509_crl.c Fix potential integer overflow parsing DER CRL 2017-07-27 21:44:34 +01:00
x509_crt.c Fix potential integer overflow parsing DER CRT 2017-07-27 21:44:34 +01:00
x509_csr.c Prevent signed integer overflow in CSR parsing 2017-07-27 21:44:34 +01:00
x509write_crt.c Rename time and index parameter to avoid name conflict. 2017-07-28 22:28:08 +01:00
x509write_csr.c Add missing bounds check in X509 DER write funcs 2016-10-11 14:07:48 +01:00
xtea.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00