yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-12 22:05:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
3362 commits 88 branches 205 tags 69 MiB
Commit graph

120 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 139708d105 Fix backporting errors 2017-05-11 15:10:32 +02:00
Janos Follath bb1e6888c9 Add exponent blinding to RSA with CRT 
The sliding window exponentiation algorithm is vulnerable to
side-channel attacks. As a countermeasure we add exponent blinding in
order to prevent combining the results of different measurements.

This commit handles the case when the Chinese Remainder Theorem is used
to accelerate the computation.
 2017-05-11 11:22:51 +02:00
Janos Follath 5d392579c2 Add exponent blinding to RSA without CRT 
The sliding window exponentiation algorithm is vulnerable to
side-channel attacks. As a countermeasure we add exponent blinding in
order to prevent combining the results of different measurements.

This commits handles the case when the Chinese Remainder Theorem is NOT
used to accelerate computations.
 2017-05-11 11:13:19 +02:00
Simon Butcher 60371454bd Merge branch for fix for #502 - Unchecked calls 2016-10-14 01:10:02 +01:00
Janos Follath bfcd032f9d Restore P>Q in RSA key generation (#558) 
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.

This commit restores this behaviour.
 2016-10-13 12:54:33 +01:00
Brian J Murray 4556d205a3 Fixed unchecked calls to mbedtls_md_setup in rsa.c (#502) 
* Fixed unchecked calls to mbedtls_md_setup in rsa.c:

* style fixes
 2016-09-05 14:11:45 +01:00
Janos Follath 742783fe85 Included tests for the overflow 
Conflicts:
	library/rsa.c
 2016-05-18 19:58:41 +01:00
Simon Butcher d3253b018e Fix for backprt of IOTSSL-628 
Corrections to constand and function names changed between 1.3 and 2.1
 2016-05-18 19:58:41 +01:00
Janos Follath 092f2c48c4 Move underflow test to make time constant 2016-05-18 19:58:41 +01:00
Janos Follath 3bed13df1c Included test for integer underflow. 2016-05-18 19:58:40 +01:00
Janos Follath f18263d78b Removing 'if' branch from the fix. 
This new error shouldn't be distinguishable from other padding errors.
Updating 'bad' instead of adding a new 'if' branch.
 2016-05-18 19:58:40 +01:00
Janos Follath f570f7f686 Length check added 2016-05-18 19:58:40 +01:00
Janos Follath 7ddc2cdfce Fix null pointer dereference in the RSA module. 
Introduced null pointer checks in mbedtls_rsa_rsaes_pkcs1_v15_encrypt
 2016-04-19 10:28:24 +01:00
Simon Butcher e9f842782b Adds test for odd bit length RSA key size 
Also tidy up ChangeLog following review.
 2016-04-19 10:02:43 +01:00
Janos Follath d61fc6881a Fix odd bitlength RSA key generation 
Fix issue that caused a hang up when generating RSA keys of odd
bitlength.
 2016-04-19 09:42:17 +01:00
Simon Butcher 7d3f3a8ac8 Fix for memory leak in RSA-SSA signing 
Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
 2016-01-02 00:03:39 +00:00
Manuel Pégourié-Gonnard a1cdcd2364 Add counter-measure against RSA-CRT attack 
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/

backport of 5f50104
 2015-09-09 12:23:47 +02:00
Manuel Pégourié-Gonnard 5efed09c5f Fix possible unlock before lock in RSA 
Backport of 1385a28 and 4d04cdc

see #257
 2015-08-31 10:21:10 +02:00
Manuel Pégourié-Gonnard aac657a1d3 Merge remote-tracking branch 'pj/development' into mbedtls-1.3 
* pj/development:
  Added more constant-time code and removed biases in the prime number generation routines.
 2015-04-15 14:12:59 +02:00
Manuel Pégourié-Gonnard 88fca3ef0e Fix thread safety issue in RSA operations 
The race was due to mpi_exp_mod storing a Montgomery coefficient in the
context (RM, RP, RQ).

The fix was verified with -fsanitize-thread using ssl_pthread_server and two
concurrent clients.

A more fine-grained fix should be possible, locking just enough time to check
if those values are OK and set them if not, rather than locking for the whole
mpi_exp_mod() operation, but it will be for later.
 2015-03-27 15:12:05 +01:00
Pascal Junod b99183dfc6 Added more constant-time code and removed biases in the prime number generation routines. 2015-03-11 16:49:45 +01:00
Manuel Pégourié-Gonnard fe44643b0e Rename website and repository 2015-03-06 13:17:10 +00:00
Manuel Pégourié-Gonnard a273371fc4 Fix "int vs enum" warnings from armcc v5 
enumerated type mixed with another type
 2015-02-10 17:34:48 +01:00
Rich Evans 00ab47026b cleanup library and some basic tests. Includes, add guards to includes 2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard 860b51642d Fix url again 2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard 085ab040aa Fix website url to use https. 2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard 9698f5852c Remove maintainer line. 2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard 19f6b5dfaa Remove redundant "all rights reserved" 2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard a658a4051b Update copyright 2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard 967a2a5f8c Change name to mbed TLS in the copyright notice 2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard 2f8d1f9fc3 Add rsa_check_pub_priv() 2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard e10e06d863 Blind RSA operations even without CRT 2014-11-06 18:25:44 +01:00
Paul Bakker 21e081b068 Prevent (incorrect) compiler warning 2014-07-24 10:38:01 +02:00
Paul Bakker 84bbeb58df Adapt cipher and MD layer with _init() and _free() 2014-07-09 10:19:24 +02:00
Paul Bakker 66d5d076f7 Fix formatting in various code to match spacing from coding style 2014-06-17 17:06:47 +02:00
Paul Bakker d8bb82665e Fix code styling for return statements 2014-06-17 14:06:49 +02:00
Manuel Pégourié-Gonnard 88aa6e0b58 Fix potential memory leak in RSASSA-PSS verify 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard 0eaa8beb36 Fix signedness warning 2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard 5ec628a2b9 Add rsa_rsassa_pss_verify_ext() 2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard e6d1d82b66 Relax checks on RSA mode for public key operations 2014-06-04 12:09:08 +02:00
Paul Bakker 9af723cee7 Fix formatting: remove trailing spaces, #endif with comments (> 10 lines) 2014-05-01 13:03:14 +02:00
Manuel Pégourié-Gonnard cef4ad2509 Adapt sources to configurable config.h name 2014-04-30 16:40:20 +02:00
Paul Bakker f96f7b607a On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-04-30 16:02:38 +02:00
Paul Bakker 24f37ccaed rsa_check_pubkey() now allows an E up to N 2014-04-30 13:43:51 +02:00
Paul Bakker 3d8fb63e11 Added missing MPI_CHK around mpi functions 2014-04-17 12:42:41 +02:00
Manuel Pégourié-Gonnard fdddac90a6 Fix stupid bug in rsa_copy() 2014-03-26 12:58:49 +01:00
Manuel Pégourié-Gonnard 844a4c0aef Fix RSASSA-PSS example programs 2014-03-13 19:25:06 +01:00
Paul Bakker 7dc4c44267 Library files moved to use platform layer 2014-02-06 13:20:16 +01:00
Manuel Pégourié-Gonnard fbf0915404 Fix bug in RSA PKCS#1 v1.5 "reversed" operations 2014-02-05 17:01:24 +01:00
Paul Bakker 42099c3155 Revert "Add pk_rsa_set_padding() and rsa_set_padding()" 
This reverts commit b4fae579e8.

Conflicts:
	library/pk.c
	tests/suites/test_suite_pk.data
	tests/suites/test_suite_pk.function
 2014-01-27 11:59:29 +01:00