- May 11, 2017
-
-
Bernd Edlinger authored
- Mostly missing fall thru comments - And uninitialized value used in sslapitest.c Reviewed-by:
Rich Salz <rsalz@openssl.org> Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3440)
-
Dr. Stephen Henson authored
Add "single part" digest sign and verify functions. These sign and verify a message in one function. This simplifies some operations and it will later be used as the API for algorithms which do not support the update/final mechanism (e.g. PureEdDSA). Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3409)
-
- Apr 24, 2017
-
-
Rich Salz authored
Reviewed-by:
Matt Caswell <matt@openssl.org> Reviewed-by:
-
- Apr 04, 2017
-
-
Gergely Nagy authored
This commit contains some optimizations in PKCS5_PBKDF2_HMAC() and HMAC_CTX_copy() functions which together makes PBKDF2 computations faster by 15-40% according to my measurements made on x64 Linux with both asm optimized and no-asm versions of SHA1, SHA256 and SHA512. Reviewed-by:
-
- Mar 25, 2017
-
-
Bernd Edlinger authored
Don't access memory before checking the correct length in aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD. Reviewed-by:
-
- Mar 17, 2017
-
-
Péter Budai authored
The documentation of this function states that the password parameter can be NULL. However, the implementation returns an error in this case due to the inner workings of the HMAC_Init_ex() function. With this change, NULL password will be treated as an empty string and PKCS5_PBKDF2_HMAC() no longer fails on this input. I have also added two new test cases that tests the handling of the special values NULL and -1 of the password and passlen parameters, respectively. Reviewed-by:
-
- Mar 02, 2017
-
-
Andy Polyakov authored
Reviewed-by:
-
- Feb 28, 2017
-
-
Matt Caswell authored
Reviewed-by:
-
Emilia Kasper authored
This removes the fips configure option. This option is broken as the required FIPS code is not available. FIPS_mode() and FIPS_mode_set() are retained for compatibility, but FIPS_mode() always returns 0, and FIPS_mode_set() can only be used to turn FIPS mode off. Reviewed-by:Stephen Henson <steve@openssl.org>
-
- Feb 21, 2017
-
-
Pauli authored
This implementation is written in endian agnostic C code. No attempt at providing machine specific assembly code has been made. This implementation expands the evptests by including the test cases from RFC 5794 and ARIA official site rather than providing an individual test case. Support for ARIA has been integrated into the command line applications, but not TLS. Implemented modes are CBC, CFB1, CFB8, CFB128, CTR, ECB and OFB128. Reviewed-by:
-
- Feb 16, 2017
-
-
Kazuki Yamaguchi authored
Fix a typo. Probably this has not been found because EVP_CIPHER_CTX is smaller than EVP_CHACHA_AEAD_CTX and heap overflow does not occur. Reviewed-by:
-
- Feb 10, 2017
-
-
Lukasz Pawelczyk authored
EVP_CIPH_FLAG_LENGTH_BITS flag for CFB1 has been broken with the introduction of the is_partially_overlapping() check that did not take it into the account (treating number of bits passed as bytes). This remedies that and allows this flag to work as intended. Reviewed-by:
-
- Feb 08, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Feb 07, 2017
-
-
Bernd Edlinger authored
or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed. If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL, aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse. Reviewed-by:
-
- Feb 03, 2017
-
-
Bernd Edlinger authored
Fixed a memory leak in ASN1_digest and ASN1_item_digest. Reworked error handling in asn1_item_embed_new. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in CRYPTO_free_ex_data. Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon. Check for null pointer in tls_process_cert_verify. Fixes #2103 #2104 #2105 #2109 #2111 #2115 Reviewed-by:
-
- Feb 01, 2017
-
-
Todd Short authored
The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by:
-
- Jan 26, 2017
-
-
Andy Polyakov authored
Originally a crash in 32-bit build was reported CHACHA20-POLY1305 cipher. The crash is triggered by truncated packet and is result of excessive hashing to the edge of accessible memory. Since hash operation is read-only it is not considered to be exploitable beyond a DoS condition. Other ciphers were hardened. Thanks to Robert Święcki for report. CVE-2017-3731 Reviewed-by: -
Andy Polyakov authored
Originally a crash in 32-bit build was reported CHACHA20-POLY1305 cipher. The crash is triggered by truncated packet and is result of excessive hashing to the edge of accessible memory (or bogus MAC value is produced if x86 MD5 assembly module is involved). Since hash operation is read-only it is not considered to be exploitable beyond a DoS condition. Thanks to Robert Święcki for report. CVE-2017-3731 Reviewed-by:
-
- Jan 25, 2017
-
-
Matt Caswell authored
This function is used to validate application supplied parameters. An assert should be used to check for an error that is internal to OpenSSL. Reviewed-by:
-
Matt Caswell authored
When doing in place encryption the overlapping buffer check can fail incorrectly where we have done a partial block "Update" operation. This fixes things to take account of any pending partial blocks. Reviewed-by:
-
Matt Caswell authored
If we have previously been passed a partial block in an "Update" call then make sure we properly increment the output buffer when we use it. Fixes #2273 Reviewed-by:
-
Matt Caswell authored
Lots of references to 16 replaced by AES_BLOCK_SIZE. Also a few other style tweaks in that function Reviewed-by:
-
- Jan 24, 2017
-
-
Todd Short authored
Remove duplicate defines from EVP source files. Most of them were in evp.h, which is always included. Add new ones evp_int.h EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK is now always defined in evp.h, so remove conditionals on it Reviewed-by:
-
Todd Short authored
Add Poly1305 as a "signed" digest. Reviewed-by:
-
Kazuki Yamaguchi authored
ChaCha20 code uses its own custom cipher_data. Add EVP_CIPH_CUSTOM_IV and EVP_CIPH_ALWAYS_CALL_INIT so that the key and the iv can be set by different calls of EVP_CipherInit_ex(). Reviewed-by:
-
- Jan 08, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
New function EVP_PKEY_CTX_md() which takes a string and passes a digest to a ctrl. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Dec 22, 2016
-
-
Todd Short authored
Reviewed-by:
-
- Dec 20, 2016
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
For now, checking that the size is non-zero will suffice. Reviewed-by:
-
- Nov 25, 2016
-
-
Dr. Stephen Henson authored
This makes S/MIME and CMS signing in MIME format for SHA1 work again. Reviewed-by:
-
- Nov 17, 2016
-
-
Kurt Roeckx authored
Reviewed-by:
-
- Nov 10, 2016
-
-
Richard Levitte authored
The offset to the memory to clear was incorrect, causing a heap buffer overflow. CVE-2016-7054 Thanks to Robert Święcki for reporting this Reviewed-by:
-
- Nov 03, 2016
-
-
Richard Levitte authored
All of these don't compile cleanly any more, probably haven't for quite some time Reviewed-by:
Emilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1789)
-
- Oct 28, 2016
-
-
Matt Caswell authored
Also extend BIO_METHOD to be able to supply an implementation for the new BIO_write_ex function. Reviewed-by: -
Matt Caswell authored
Also extend BIO_METHOD to be able to supply an implementation for the new BIO_read function. Reviewed-by:
-
- Oct 18, 2016
-
-
Patrick Steuer authored
crypto/evp/e_aes.c: Types of inp and out parameters of AES_xts_en/decrypt functions need to be changed from char to unsigned char to avoid build error due to '-Werror=incompatible-pointer-types'. crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above change. Signed-off-by:
Patrick Steuer <psteuer@mail.de> Reviewed-by:
-
- Sep 07, 2016
-
-
Alex Gaynor authored
Reviewed-by:
-
