yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 17:55:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,657 Commits 88 Branches 205 Tags 69 MiB
1cc1fb0599
Commit Graph

6657 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Manuel Pégourié-Gonnard
1cc1fb0599 Fix Lucky 13 cache attack on MD/SHA padding 
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.

Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.

Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
 2018-07-05 10:47:00 +02:00
Gilles Peskine
104d85865d Add ChangeLog entry 2018-06-28 17:36:02 +02:00
Gilles Peskine
d0e55a4657 ssl_decrypt_buf: remove code for hashes that aren't used in TLS 2018-06-04 14:41:19 +02:00
Gilles Peskine
5c38984fa7 Use our habitual INTERNAL_ERROR debug message 2018-06-04 12:02:43 +02:00
Gilles Peskine
a7fe25d5a5 Remove tests of #define's that don't exist 2018-06-04 12:01:18 +02:00
Gilles Peskine
1bd9d58b21 Clarify comment about integer division by a variable 2018-06-04 11:58:44 +02:00
Gilles Peskine
20b4408fbd Fix Lucky13 attack protection when using HMAC-SHA-384 
As a protection against the Lucky Thirteen attack, the TLS code for
CBC decryption in encrypt-then-MAC mode performs extra MAC
calculations to compensate for variations in message size due to
padding. The amount of extra MAC calculation to perform was based on
the assumption that the bulk of the time is spent in processing
64-byte blocks, which is correct for most supported hashes but not for
SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512
which is currently not used in TLS, and MD2 although no one should
care about that).
 2018-05-29 14:06:49 +02:00
Simon Butcher
2f3a581567 Merge remote-tracking branch 'public/pr/1178' into development 2018-05-23 16:15:13 +01:00
Simon Butcher
f889202158 Merge remote-tracking branch 'public/pr/1434' into development 2018-05-23 16:11:32 +01:00
Darryl Green
4d393b9835 Add check-files.py to travis.yml 2018-05-21 11:59:28 +01:00
Darryl Green
2699de3370 Add check-files.py to pre-push.sh 2018-05-21 11:41:18 +01:00
Darryl Green
a07039cfe2 Add check-files.py to all.sh 2018-05-21 11:41:04 +01:00
Darryl Green
10d9ce332f Add script for source integrity checking 2018-05-21 11:39:49 +01:00
Jaeden Amero
c4bd8ec5ed Merge remote-tracking branch 'upstream-public/pr/1446' into development 2018-05-17 11:46:13 +01:00
Darryl Green
11999bb72e Fix minor code style issues 2018-05-15 09:21:57 +01:00
Jaeden Amero
cdd97fd632 Merge remote-tracking branch 'upstream-public/pr/1433' into development 2018-05-11 10:48:15 +01:00
Jaeden Amero
a331e0f0af Merge remote-tracking branch 'upstream-restricted/pr/421' into development-proposed 2018-05-04 14:39:24 +01:00
Jaeden Amero
fb19399f41 Merge remote-tracking branch 'upstream-public/pr/1498' into development-proposed 2018-05-04 11:09:14 +01:00
Jaeden Amero
09c4e7ef5a Merge remote-tracking branch 'upstream-public/pr/1486' into development-proposed 2018-05-04 11:03:16 +01:00
Jaeden Amero
070e356476 Merge remote-tracking branch 'upstream-restricted/pr/481' into development-restricted 2018-05-01 15:28:18 +01:00
Simon Butcher
e6a2a1aa97 Add the uodate to the soversion to the ChangeLog 2018-05-01 14:02:24 +01:00
Jaeden Amero
78d2f7d5df Merge remote-tracking branch 'upstream-restricted/pr/478' into development-restricted 2018-04-30 17:37:42 +01:00
Simon Butcher
b03120ad41 Fix the ChangeLog for clarity, english and credit 2018-04-30 17:13:42 +01:00
Jaeden Amero
00cbed23b8 Merge remote-tracking branch 'upstream-restricted/pr/474' into development-restricted 2018-04-30 10:21:25 +01:00
Jaeden Amero
7d7bad6b1f Update version to 2.9.0 
Bump SOVERSION for parity with 2.7.2 and 2.7.3.
 2018-04-30 09:58:33 +01:00
Jaeden Amero
8b98498e9a Merge remote-tracking branch 'upstream-restricted/pr/477' into development-restricted-proposed 2018-04-27 18:27:47 +01:00
Jaeden Amero
fe0669f52a ecp: Fix binary compatibility with group ID 
We naturally added the new Curve448 ECP group ID in alphabetical order in
the mbedtls_ecp_group_id enum. However, this causes binary incompatibility
issues as previous binaries will use values for groups that now have a
different meaning. For example, MBEDTLS_ECP_DP_SECP192K1, old value 10,
would mean Curve448 (MBEDTLS_ECP_DP_CURVE448) and the wrong group ID used.

Fix the binary compatibility issue by adding new enum entries to the end of
the enum, even though this isn't so great for readbility as the list is no
longer in alphabetical order. However, the list wasn't perfectly in
alphabetical order before anyway.
 2018-04-27 18:20:31 +01:00
Jaeden Amero
c64a300027 Merge remote-tracking branch 'upstream-restricted/pr/471' into development-restricted-proposed 
Remove trailing whitespace in ChangeLog.
 2018-04-26 09:06:33 +01:00
Jaeden Amero
bd05dfd49f Merge branch 'development-proposed' into development-restricted-proposed 
Resolve conflicts in ChangeLog
 2018-04-26 09:03:03 +01:00
Jaeden Amero
84a1107818 Merge remote-tracking branch 'upstream-public/pr/1592' into development-proposed 2018-04-25 14:22:12 +01:00
Jaeden Amero
38c42d5afa Merge remote-tracking branch 'upstream-public/pr/1570' into development-proposed 
Resolve merge conflict in ChangeLog.
 2018-04-25 14:20:08 +01:00
Andrzej Kurek
b7a18c0498 Changelog entry 2018-04-25 05:25:30 -04:00
Andrzej Kurek
03bac448db Change accepted ciphersuite versions when parsing server hello 
Accept only ciphersuites for version chosen by the server
 2018-04-25 05:06:07 -04:00
Jaeden Amero
8945343a51 Merge branch 'development-proposed' into development-restricted-proposed 
Resolve merge conflict in ecp.h, where `mbedtls_ecp_keypair` was moved.
 2018-04-24 17:16:34 +01:00
Andres Amaya Garcia
8491406803 Remove preprocessor directives around platform_util.h include 2018-04-24 08:40:46 -05:00
Andres Amaya Garcia
6698d2fc5c Fix style for mbedtls_mpi_zeroize() 2018-04-24 08:39:07 -05:00
Andres Amaya Garcia
56e06db102 Improve mbedtls_platform_zeroize() docs 2018-04-24 08:37:52 -05:00
Andres Amaya Garcia
708c5cb6ab mbedtls_zeroize -> mbedtls_platform_zeroize in docs 2018-04-24 08:33:31 -05:00
Andres Amaya Garcia
d0ef468d39 Reword config.h docs for MBEDTLS_PLATFORM_ZEROIZE_ALT 2018-04-24 08:31:34 -05:00
Andres Amaya Garcia
bc7bdbf5c8 Organize CMakeLists targets in alphabetical order 2018-04-24 08:29:20 -05:00
Andres Amaya Garcia
21b376b56c Organize output objs in alfabetical order in Makefile 2018-04-24 08:28:26 -05:00
Jaeden Amero
1afdec1812 Merge remote-tracking branch 'upstream-public/pr/1578' into development-proposed 2018-04-24 14:19:41 +01:00
Jaeden Amero
3dd8abd037 Regenerate errors after ecp.h updates 
The error descriptions were updated in ecp.h (PR #1578), so also update
the strings in error.c.
 2018-04-24 14:13:15 +01:00
Jaeden Amero
519b129f78 Merge remote-tracking branch 'upstream-public/pr/1580' into development-proposed 2018-04-24 13:20:11 +01:00
Rose Zadik
a7a6155272
Update ecp.h 
One fix. Removed trailing whitespaces
 2018-04-24 13:14:01 +01:00
Andrzej Kurek
a9ceef8e03 Change variable bytes_written to header_bytes in record decompression 
The name is changed to better reflect the input, decompression case
 2018-04-24 06:34:17 -04:00
Jaeden Amero
7c68878e17 Merge remote-tracking branch 'upstream-public/pr/1511' into development-proposed 2018-04-24 10:28:25 +01:00
Jaeden Amero
d803c1f1ab Merge remote-tracking branch 'upstream-public/pr/1510' into development-proposed 
Resolve conflict in comment for mbedtls_ecdsa_read_signature in include/mbedtls/ecdsa.h
 2018-04-24 10:27:38 +01:00
Jaeden Amero
f852f4c35b Merge remote-tracking branch 'upstream-public/pr/1506' into development-proposed 2018-04-24 10:27:05 +01:00
Jaeden Amero
ebfd3cad58 Merge remote-tracking branch 'upstream-public/pr/1505' into development-proposed 2018-04-24 10:26:48 +01:00