DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/tls
History
Jouni Malinen 3af75f23b0 ASN.1: Reject invalid extended tags in DER encoding 
The extended tag case is allowed only for tag values that are 31 or
larger (i.e., the ones that would not fit in the single octet identifier
case with five bits). Extended tag format was previously accepted even
for the values 0..31 and this would enable multiple different encodings
for the same tag value. That is not allowed for DER.

Perform more strict checks to reject invalid extended tag values. This
is needed for a compliant implementation and this is especially
important for the case of verifying DER encoded signatures to prevent
potential forging attacks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
..
asn1.c ASN.1: Reject invalid extended tags in DER encoding 2021-03-14 11:37:58 +02:00
asn1.h ASN.1: Add helper functions for recognizing tag values 2021-03-14 11:37:58 +02:00
bignum.c bignum: Fix documentation for bignum_cmp_d() 2019-03-05 16:10:33 +02:00
bignum.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
libtommath.c libtommath: Make sure fast_s_mp_mul_digs initializes the W[] array 2019-06-22 18:56:44 +03:00
Makefile build: Make more library things common 2020-10-12 20:20:35 +03:00
pkcs1.c PKCS#1: Debug dump invalid Signature EB 2020-04-05 20:13:26 +03:00
pkcs1.h PKCS 1: Add function for checking v1.5 RSA signature 2014-05-20 19:52:18 +03:00
pkcs5.c TLS: Extend PKCS #5 to support PKCS #12 style key decryption 2015-12-14 15:49:01 +02:00
pkcs5.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
pkcs8.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
pkcs8.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rsa.c Fix couple more typos 2020-10-20 00:37:01 +03:00
rsa.h Add function for building RSA public key from n and e parameters 2014-05-19 23:27:30 +03:00
tlsv1_client.c TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_client.h TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_client_i.h TLS: Parse CertificateStatus message 2015-12-14 15:49:01 +02:00
tlsv1_client_ocsp.c TLS client: Multi-OCSP check to cover intermediate CAs 2015-12-24 00:54:30 +02:00
tlsv1_client_read.c TLS: TOD-STRICT and TOD-TOFU certificate policies 2020-01-26 16:44:49 +02:00
tlsv1_client_write.c tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
tlsv1_common.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
tlsv1_common.h TLS server: OCSP stapling with ocsp_multi option (RFC 6961) 2015-12-22 20:44:52 +02:00
tlsv1_cred.c Clean up base64_{encode,decode} pointer types 2019-11-28 16:39:09 +02:00
tlsv1_cred.h TLS server: OCSP stapling with ocsp_multi option (RFC 6961) 2015-12-22 20:44:52 +02:00
tlsv1_record.c TLS: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
tlsv1_record.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tlsv1_server.c TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_server.h TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_server_i.h TLS server: Add internal callbacks get_failed, get_*_alerts 2019-02-10 01:43:50 +02:00
tlsv1_server_read.c TLS server: Local failure information on verify_data mismatch 2019-02-10 01:43:50 +02:00
tlsv1_server_write.c tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
x509v3.c X509: Use unique debug prints for unused bits entries 2020-04-05 19:59:47 +03:00
x509v3.h TLS: TOD-STRICT and TOD-TOFU certificate policies 2020-01-26 16:44:49 +02:00