AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7,234 Commits 1 Branch 0 Tags 61 MiB
08a4aebc46
Commit Graph

1472 Commits

Author SHA1 Message Date
Janos Follath
08a4aebc46 HKDF: Add warning to partial functions 
The standard HKDF security guarantees only hold if `mbedtls_hkdf()` is
used or if `mbedtls_hkdf_extract()` and `mbedtls_hkdf_expand()` are
called in succession carefully and an equivalent way.

Making `mbedtls_hkdf_extract()` and `mbedtls_hkdf_expand()` static would
prevent any misuse, but doing so would require the TLS 1.3 stack to
break abstraction and bypass the module API.

To reduce the risk of misuse we add warnings to the function
descriptions.
 2018-08-14 16:08:38 +01:00
Simon Butcher
b363382ba4 Add ChangeLog entry for bug #1890 2018-07-30 22:10:48 +01:00
Simon Butcher
6c34268e20 Merge remote-tracking branch 'restricted/pr/501' into development-restricted 2018-07-26 14:24:56 +01:00
Simon Butcher
f11a7cda73 Clarify Changelog entries 
Corrected the Changelog to move an entry in the wrong place after a merge, some
entries which were Changes not bugfixes, and corrected style issues.
 2018-07-25 17:29:59 +01:00
Jaeden Amero
193c86425e Update version to 2.12.0 2018-07-25 15:42:26 +01:00
Simon Butcher
37b9fd5df6 Merge remote-tracking branch 'restricted/pr/490' into development 2018-07-24 23:40:37 +01:00
Simon Butcher
2c92949e0a Merge remote-tracking branch 'public/pr/1198' into development 2018-07-24 17:20:17 +01:00
Simon Butcher
c88c627fba Merge remote-tracking branch 'public/pr/1658' into development 2018-07-24 17:19:10 +01:00
Ron Eldor
9cf0d53adc Add ChangeLog 
Add entry in ChangeLog for the Key Wrapping feature.
 2018-07-24 16:43:20 +01:00
Simon Butcher
ccb43df37e Merge remote-tracking branch 'public/pr/927' into development 2018-07-24 13:06:54 +01:00
Simon Butcher
dad05b7fc9 Merge remote-tracking branch 'public/pr/1844' into development 2018-07-24 13:05:09 +01:00
Simon Butcher
05330541ea Revise ChangeLog entry for empty data records fixes 2018-07-24 12:54:15 +01:00
Simon Butcher
116ac43d00 Merge remote-tracking branch 'public/pr/1852' into development 2018-07-24 12:18:59 +01:00
Simon Butcher
fced1f2fb3 Merge remote-tracking branch 'public/pr/1854' into development 2018-07-24 10:26:46 +01:00
Simon Butcher
ecb635efca Add ChangeLog entry for #1098 fix. 2018-07-24 10:03:41 +01:00
Brian J Murray
4736e96568 add myself to changelog 2018-07-23 10:34:47 -07:00
Andres Amaya Garcia
81f0633c16 Add ChangeLog entry for empty app data fix 2018-07-20 23:09:29 +01:00
Angus Gratton
1a7a17e548 Check for invalid short Alert messages 
(Short Change Cipher Spec & Handshake messages are already checked for.)
 2018-07-20 23:09:29 +01:00
Angus Gratton
b512bc1d29 CBC mode: Allow zero-length message fragments (100% padding) 
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
 2018-07-20 23:09:29 +01:00
Simon Butcher
922bd1efb2 Merge remote-tracking branch 'public/pr/1752' into development 2018-07-20 14:33:18 +01:00
Simon Butcher
862e703d51 Merge remote-tracking branch 'public/pr/921' into development 2018-07-20 14:30:50 +01:00
Simon Butcher
4f37bcabf9 Fix ChangeLog entry for issue #1663 
The ChangeLog entry was under the wrong version, and under Changes, not
BugFixes.
 2018-07-19 19:52:32 +01:00
Simon Butcher
df15356259 Merge remote-tracking branch 'public/pr/1663' into development 2018-07-19 19:48:10 +01:00
Simon Butcher
a72098b4d6 Merge remote-tracking branch 'public/pr/1778' into development 2018-07-19 16:10:38 +01:00
Manuel Pégourié-Gonnard
830ce11eba Clarify attack conditions in the ChangeLog. 
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
 2018-07-11 18:27:08 +02:00
Simon Butcher
00af447ba8 Add ChangeLog entry for PR #536 2018-07-10 15:35:43 +01:00
Simon Butcher
32b074720e Merge remote-tracking branch 'public/pr/1737' into development 2018-07-10 14:57:50 +01:00
Simon Butcher
cdbb2f2168 Merge remote-tracking branch 'public/pr/1563' into development 2018-07-10 12:49:26 +01:00
Simon Butcher
231d7e5669 Add ChangeLog entry for PR #1567. 
ChangeLog entry for platform support for the Haiku OS. PR #1567.
 2018-07-10 11:56:19 +01:00
Simon Butcher
6331cb0607 Fix some whitespace issues in ChangeLog and CMakeLists.txt 
Stray tab in library/CMakeLists.txt and incorrect formatting in ChangeLog.
 2018-07-10 11:48:42 +01:00
Manuel Pégourié-Gonnard
7b42030b5d Add counter-measure to cache-based Lucky 13 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.

A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).

Let's make sure they're always read.
 2018-07-05 14:44:49 +02:00
Manuel Pégourié-Gonnard
1cc1fb0599 Fix Lucky 13 cache attack on MD/SHA padding 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
 2018-07-05 10:47:00 +02:00
Ron Eldor
382c1db6c0 Minor fixes 
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
 2018-07-04 17:42:47 +03:00
Ron Eldor
5ffc220f16 Documentation error in mbedtls_ssl_get_session 
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
 2018-07-03 16:04:41 +03:00
Simon Butcher
05fa46e6b7 Add ChangeLog entry for #992 fix 2018-07-02 12:08:32 +01:00
Ron Eldor
da2a31237e Add entry in ChangeLog 
Add entry in ChangeLog for compilation error fix of #1719
 2018-07-01 10:22:53 +03:00
Gilles Peskine
104d85865d Add ChangeLog entry 2018-06-28 17:36:02 +02:00
Simon Butcher
1ab9b57148 Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse() 2018-06-28 12:13:14 +01:00
Simon Butcher
4b6b08e7d2 Merge remote-tracking branch 'public/pr/1006' into development 2018-06-28 12:08:59 +01:00
Simon Butcher
1d97cab5f5 Merge remote-tracking branch 'public/pr/1645' into development 2018-06-28 12:06:16 +01:00
Simon Butcher
bea00bd89c Merge remote-tracking branch 'public/pr/1783' into development 2018-06-28 12:04:19 +01:00
Simon Butcher
9e02b973f1 Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1 2018-06-28 11:59:15 +01:00
Simon Butcher
9fa21bffe6 Merge remote-tracking branch 'public/pr/1533' into development 2018-06-27 10:50:58 +01:00
Simon Butcher
95a1c1f8ab Merge remote-tracking branch 'public/pr/1617' into development 2018-06-27 10:49:59 +01:00
niisato
164b9cd025 update ChangeLog 2018-06-25 20:47:14 +09:00
niisato
b7d39db047 update ChangeLog 2018-06-25 20:45:03 +09:00
niisato
99a3e80721 update change log. 2018-06-25 20:21:43 +09:00
niisato
15550854a3 add ChangeLog to this commit. 2018-06-25 20:07:48 +09:00
Nicholas Wilson
2682edf205 Fix build using -std=c99 
In each place where POSIX/GNU functions are used, the file must declare
that it wants POSIX functionality before including any system headers.
 2018-06-25 12:00:26 +01:00
Nicholas Wilson
512b4ee9c7 Use gmtime_r to fix thread-safety issue, and use mbedtls_time on Windows 2018-06-25 11:59:54 +01:00