yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-06-29 21:53:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Backport 2.1: check if iv is zero in gcm.

Browse source 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
This commit is contained in:
Ron Eldor 2017-07-20 00:30:44 +02:00 committed by Simon Butcher
parent eeb1350073
commit b5851193eb
1 changed files with 18 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
ChangeLog
View file

@ -2,6 +2,22 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.1.9 branch released xxxx-xx-xx = mbed TLS 2.1.9 branch released xxxx-xx-xx
Security
* Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's
X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA
(default: 8) intermediates, even when it was not trusted. Could be
triggered remotely on both sides. (With auth_mode set to required
(default), the handshake was correctly aborted.)
API Changes
* Certificate verification functions now set flags to -1 in case the full
chain was not verified due to an internal error (including in the verify
callback) or chain length limitations.
* With authmode set to optional, handshake is now aborted if the
verification of the peer's certificate failed due to an overlong chain or
a fatal error in the vrfy callback.
Bugfix Bugfix
* Add a check if iv_len is zero, and return an error if it is zero. reported * Add a check if iv_len is zero, and return an error if it is zero. reported
by roberto. #716 by roberto. #716
@ -24,22 +40,8 @@ Bugfix
encoded X509 CSRs. The overflow would enable maliciously constructed CSRs encoded X509 CSRs. The overflow would enable maliciously constructed CSRs
to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
KNOX Security, Samsung Research America KNOX Security, Samsung Research America
* Add a check if iv_len is zero, and return an error if it is zero. reported
Security by roberto. #716
* Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's
X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA
(default: 8) intermediates, even when it was not trusted. Could be
triggered remotely on both sides. (With auth_mode set to required
(default), the handshake was correctly aborted.)
API Changes
* Certificate verification functions now set flags to -1 in case the full
chain was not verified due to an internal error (including in the verify
callback) or chain length limitations.
* With authmode set to optional, handshake is now aborted if the
verification of the peer's certificate failed due to an overlong chain or
a fatal error in the vrfy callback.
= mbed TLS 2.1.8 branch released 2017-06-21 = mbed TLS 2.1.8 branch released 2017-06-21