mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 19:05:43 +01:00
Merge remote-tracking branch 'upstream-restricted/pr/459' into development-restricted-proposed
This commit is contained in:
commit
24b2d6fb6d
@ -65,6 +65,8 @@ Bugfix
|
|||||||
could cause a key exchange to fail on valid data.
|
could cause a key exchange to fail on valid data.
|
||||||
* Don't define mbedtls_aes_decrypt and mbedtls_aes_encrypt under
|
* Don't define mbedtls_aes_decrypt and mbedtls_aes_encrypt under
|
||||||
MBEDTLS_DEPRECATED_REMOVED. #1388
|
MBEDTLS_DEPRECATED_REMOVED. #1388
|
||||||
|
* Fix a 1-byte heap buffer overflow (read-only) during private key parsing.
|
||||||
|
Found through fuzz testing.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Fix tag lengths and value ranges in the documentation of CCM encryption.
|
* Fix tag lengths and value ranges in the documentation of CCM encryption.
|
||||||
|
@ -181,6 +181,10 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
if ( end - *p < 1 )
|
||||||
|
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
|
||||||
|
MBEDTLS_ERR_ASN1_OUT_OF_DATA );
|
||||||
|
|
||||||
/* Tag may be either OID or SEQUENCE */
|
/* Tag may be either OID or SEQUENCE */
|
||||||
params->tag = **p;
|
params->tag = **p;
|
||||||
if( params->tag != MBEDTLS_ASN1_OID
|
if( params->tag != MBEDTLS_ASN1_OID
|
||||||
|
@ -1053,22 +1053,32 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MB
|
|||||||
pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0
|
pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0
|
||||||
|
|
||||||
Key ASN1 (Incorrect first tag)
|
Key ASN1 (Incorrect first tag)
|
||||||
pk_parse_key_rsa:"":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
pk_parse_key:"":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
Key ASN1 (RSAPrivateKey, incorrect version tag)
|
Key ASN1 (RSAPrivateKey, incorrect version tag)
|
||||||
pk_parse_key_rsa:"300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
depends_on:MBEDTLS_RSA_C
|
||||||
|
pk_parse_key:"300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
Key ASN1 (RSAPrivateKey, version tag missing)
|
Key ASN1 (RSAPrivateKey, version tag missing)
|
||||||
pk_parse_key_rsa:"3000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
depends_on:MBEDTLS_RSA_C
|
||||||
|
pk_parse_key:"3000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
Key ASN1 (RSAPrivateKey, invalid version)
|
Key ASN1 (RSAPrivateKey, invalid version)
|
||||||
pk_parse_key_rsa:"3003020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
depends_on:MBEDTLS_RSA_C
|
||||||
|
pk_parse_key:"3003020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
Key ASN1 (RSAPrivateKey, correct version, incorrect tag)
|
Key ASN1 (RSAPrivateKey, correct version, incorrect tag)
|
||||||
pk_parse_key_rsa:"300402010000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
depends_on:MBEDTLS_RSA_C
|
||||||
|
pk_parse_key:"300402010000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
Key ASN1 (RSAPrivateKey, values present, length mismatch)
|
Key ASN1 (RSAPrivateKey, values present, length mismatch)
|
||||||
pk_parse_key_rsa:"301c02010002010102010102010102010102010102010102010102010100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
depends_on:MBEDTLS_RSA_C
|
||||||
|
pk_parse_key:"301c02010002010102010102010102010102010102010102010102010100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
Key ASN1 (RSAPrivateKey, values present, check_privkey fails)
|
Key ASN1 (RSAPrivateKey, values present, check_privkey fails)
|
||||||
pk_parse_key_rsa:"301b020100020102020101020101020101020101020101020101020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
depends_on:MBEDTLS_RSA_C
|
||||||
|
pk_parse_key:"301b020100020102020101020101020101020101020101020101020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
|
||||||
|
Key ASN1 (ECPrivateKey, empty parameters)
|
||||||
|
depends_on:MBEDTLS_ECP_C
|
||||||
|
pk_parse_key:"30070201010400a000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||||
|
@ -113,8 +113,8 @@ exit:
|
|||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
/* BEGIN_CASE */
|
||||||
void pk_parse_key_rsa( char *key_data, char *result_str, int result )
|
void pk_parse_key( char *key_data, char *result_str, int result )
|
||||||
{
|
{
|
||||||
mbedtls_pk_context pk;
|
mbedtls_pk_context pk;
|
||||||
unsigned char buf[2000];
|
unsigned char buf[2000];
|
||||||
|
Loading…
Reference in New Issue
Block a user