DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/tls
History
Jouni Malinen a0541334a6 ASN.1: Validate DigestAlgorithmIdentifier parameters 
The supported hash algorithms do not use AlgorithmIdentifier parameters.
However, there are implementations that include NULL parameters in
addition to ones that omit the parameters. Previous implementation did
not check the parameters value at all which supported both these cases,
but did not reject any other unexpected information.

Use strict validation of digest algorithm parameters and reject any
unexpected value when validating a signature. This is needed to prevent
potential forging attacks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
..
asn1.c ASN.1: Reject invalid definite long form length values in DER encoding 2021-03-14 11:37:58 +02:00
asn1.h ASN.1: Add helper functions for recognizing tag values 2021-03-14 11:37:58 +02:00
bignum.c bignum: Fix documentation for bignum_cmp_d() 2019-03-05 16:10:33 +02:00
bignum.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
libtommath.c libtommath: Make sure fast_s_mp_mul_digs initializes the W[] array 2019-06-22 18:56:44 +03:00
Makefile build: Make more library things common 2020-10-12 20:20:35 +03:00
pkcs1.c ASN.1: Validate DigestAlgorithmIdentifier parameters 2021-03-14 11:37:58 +02:00
pkcs1.h PKCS 1: Add function for checking v1.5 RSA signature 2014-05-20 19:52:18 +03:00
pkcs5.c TLS: Extend PKCS #5 to support PKCS #12 style key decryption 2015-12-14 15:49:01 +02:00
pkcs5.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
pkcs8.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
pkcs8.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
rsa.c Fix couple more typos 2020-10-20 00:37:01 +03:00
rsa.h Add function for building RSA public key from n and e parameters 2014-05-19 23:27:30 +03:00
tlsv1_client.c TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_client.h TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_client_i.h TLS: Parse CertificateStatus message 2015-12-14 15:49:01 +02:00
tlsv1_client_ocsp.c TLS client: Multi-OCSP check to cover intermediate CAs 2015-12-24 00:54:30 +02:00
tlsv1_client_read.c TLS: TOD-STRICT and TOD-TOFU certificate policies 2020-01-26 16:44:49 +02:00
tlsv1_client_write.c tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
tlsv1_common.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
tlsv1_common.h TLS server: OCSP stapling with ocsp_multi option (RFC 6961) 2015-12-22 20:44:52 +02:00
tlsv1_cred.c Clean up base64_{encode,decode} pointer types 2019-11-28 16:39:09 +02:00
tlsv1_cred.h TLS server: OCSP stapling with ocsp_multi option (RFC 6961) 2015-12-22 20:44:52 +02:00
tlsv1_record.c TLS: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
tlsv1_record.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tlsv1_server.c TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_server.h TLS: Add support for RFC 5705 TLS exporter context with internal TLS 2019-03-16 18:52:09 +02:00
tlsv1_server_i.h TLS server: Add internal callbacks get_failed, get_*_alerts 2019-02-10 01:43:50 +02:00
tlsv1_server_read.c TLS server: Local failure information on verify_data mismatch 2019-02-10 01:43:50 +02:00
tlsv1_server_write.c tests: TLS fuzzing tool 2019-02-11 02:35:29 +02:00
x509v3.c ASN.1: Validate DigestAlgorithmIdentifier parameters 2021-03-14 11:37:58 +02:00
x509v3.h TLS: TOD-STRICT and TOD-TOFU certificate policies 2020-01-26 16:44:49 +02:00