Commits · 16cfc2c90d9e7776965db07c1f31bbec2f6c41e3 · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Mar 19, 2018

Don't use a ssl specific DRBG anymore · 16cfc2c9

Kurt Roeckx authored Mar 08, 2018



Since the public and private DRBG are per thread we don't need one
per ssl object anymore. It could also try to get entropy from a DRBG
that's really from an other thread because the SSL object moved to an
other thread.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5547)

16cfc2c9

Mar 15, 2018

Publish the RAND_DRBG API · 6decf943

Dr. Matthias St. Pierre authored Mar 05, 2018



Fixes #4403

This commit moves the internal header file "internal/rand.h" to
<openssl/rand_drbg.h>, making the RAND_DRBG API public.
The RAND_POOL API remains private, its function prototypes were
moved to "internal/rand_int.h" and converted to lowercase.

Documentation for the new API is work in progress on GitHub #5461.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5462)

6decf943

Feb 28, 2018
- Tell the ciphers which DRBG to use for generating random bytes. · d91f4568
  Kurt Roeckx authored Nov 05, 2017
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #4672
```
  d91f4568
Feb 23, 2018

Fix some bugs with the cfb1 bitsize handling · 604e591e

Bernd Edlinger authored Feb 21, 2018



Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5426)

604e591e

Feb 06, 2018

crypto/evp/e_aes.c: add comments to s390x aes gcm implementation · 5d2a6f4b

Patrick Steuer authored Feb 03, 2018



Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5230)

5d2a6f4b

s390x assembly pack: add KMAC code path for aes-ccm · 39f5b069

Patrick Steuer authored Jan 18, 2018



Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5230)

39f5b069

Jan 09, 2018
- Update copyright years on all files merged since Jan 1st 2018 · 3c7d0945
  Richard Levitte authored Jan 09, 2018
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5038)
```
  3c7d0945
Jan 07, 2018

s390x assembly pack: add KMA code path for aes-gcm. · 96530eea

Patrick Steuer authored Oct 02, 2017



Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4634)

96530eea

May 11, 2017

Fix gcc-7 warnings. · 018fcbec

Bernd Edlinger authored May 11, 2017


- Mostly missing fall thru comments
- And uninitialized value used in sslapitest.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3440)

018fcbec

Feb 08, 2017

Make EVP_*Final work for CCM ciphers · 197421b1

Dr. Stephen Henson authored Feb 03, 2017



Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2550)

197421b1

Feb 07, 2017

Fix a crash in EVP_CIPHER_CTX_cleanup due to cipher_data may be NULL · 273a0218

Bernd Edlinger authored Feb 06, 2017


or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed.
If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL,
aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2562)

273a0218

Jan 26, 2017

crypto/evp: harden AEAD ciphers. · 2198b3a5

Andy Polyakov authored Jan 19, 2017



Originally a crash in 32-bit build was reported CHACHA20-POLY1305
cipher. The crash is triggered by truncated packet and is result
of excessive hashing to the edge of accessible memory. Since hash
operation is read-only it is not considered to be exploitable
beyond a DoS condition. Other ciphers were hardened.

Thanks to Robert Święcki for report.

CVE-2017-3731

Reviewed-by: Rich Salz <rsalz@openssl.org>

2198b3a5

Jan 25, 2017

Fix the overlapping check for fragmented "Update" operations · 7141ba31

Matt Caswell authored Jan 24, 2017



When doing in place encryption the overlapping buffer check can fail
incorrectly where we have done a partial block "Update" operation. This
fixes things to take account of any pending partial blocks.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2275)

7141ba31

Properly handle a partial block in OCB mode · 7c12c7b6

Matt Caswell authored Jan 23, 2017



If we have previously been passed a partial block in an "Update" call then
make sure we properly increment the output buffer when we use it.

Fixes #2273

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2275)

7c12c7b6

Don't use magic numbers in aes_ocb_cipher() · 0ba5a9ea

Matt Caswell authored Jan 23, 2017



Lots of references to 16 replaced by AES_BLOCK_SIZE. Also a few other style
tweaks in that function

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2275)

0ba5a9ea

Oct 18, 2016

Fix strict-warnings build · 96cce820

Patrick Steuer authored Oct 15, 2016



crypto/evp/e_aes.c: Types of inp and out parameters of
AES_xts_en/decrypt functions need to be changed from char to
unsigned char to avoid build error due to
'-Werror=incompatible-pointer-types'.

crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above
change.

Signed-off-by: Patrick Steuer <psteuer@mail.de>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial

96cce820

Jul 16, 2016
- evp/e_aes.c: wire new CBC and CTR subroutines from aesfx-sparcv9. · 365f95ad
  Andy Polyakov authored Apr 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  365f95ad
Jun 14, 2016
- evp/e_aes.c: wire hardware-assisted XTS subroutines. · 46f047d7
  Andy Polyakov authored May 30, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  46f047d7
May 24, 2016

Fix braces in e_aes.c: aes_init_key · c01a3c6d

Todd Short authored May 24, 2016



This compiles correctly, but depending on what may be defined, it's
possible that this could fail compilation. The braces are mismatched,
and it's possible to end up with an else followed by another else.

This presumes the indentation is mostly correct and indicative of
intent. Found via static analysis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1118)

c01a3c6d

May 17, 2016
- Copyright consolidation 05/10 · aa6bb135
  Rich Salz authored May 17, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  aa6bb135
May 02, 2016

Remove obsolete defined(__INTEL__) condition. · b1a07c38

Andy Polyakov authored May 01, 2016



This macro was defined by no-longer-supported __MWERKS__ compiler.

Reviewed-by: Richard Levitte <levitte@openssl.org>

b1a07c38

Apr 20, 2016
- evp/aes_aes.c: engage Fujitsu SPARC64 X AES support. · 6944565b
  Andy Polyakov authored Apr 19, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  6944565b
Apr 13, 2016

Remove OPENSSL_NO_AES guards · 5158c763

Matt Caswell authored Apr 13, 2016



no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES
guards can be removed.

Reviewed-by: Richard Levitte <levitte@openssl.org>

5158c763

Mar 20, 2016

Remove #error from include files. · 3c27208f

Rich Salz authored Mar 18, 2016



Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>

3c27208f

Mar 18, 2016

Mark OCB as an AEAD cipher · c4aede20

Matt Caswell authored Mar 15, 2016



OCB is AEAD capable but was not marked as such with the
EVP_CIPH_FLAG_AEAD_CIPHER flag.

Reviewed-by: Andy Polyakov <appro@openssl.org>

c4aede20

Feb 05, 2016

GH601: Various spelling fixes. · 0d4fb843

FdaSilvaYY authored Feb 05, 2016



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

0d4fb843

Jan 12, 2016

Adapt builtin cipher implementations to opaque EVP_CIPHER · 6435f0f6

Richard Levitte authored Dec 18, 2015



They all stop including evp_locl.h, so we also take care of their
adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier
commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>

6435f0f6

Dec 10, 2015
- evp/e_aes.c: wire hardware-assisted block function to OCB. · 02dc0b82
  Andy Polyakov authored Dec 08, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  02dc0b82
- x86[_64] assembly pack: add optimized AES-NI OCB subroutines. · bd30091c
  Andy Polyakov authored Dec 02, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  bd30091c
Nov 09, 2015

Continue standardising malloc style for libcrypto · 90945fa3

Matt Caswell authored Oct 30, 2015



Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

90945fa3

Aug 14, 2015
- CCM support. · e75c5a79
  Dr. Stephen Henson authored Jul 31, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e75c5a79
Jul 06, 2015

Relax CCM tag check. · 9cca7be1

Dr. Stephen Henson authored Jun 09, 2015



In CCM mode don't require a tag before initialising decrypt: this allows
the tag length to be set without requiring the tag.

Reviewed-by: Rich Salz <rsalz@openssl.org>

9cca7be1

Jun 08, 2015

Use CRYPTO_memcmp when comparing authenticators · 1e4a355d

Emilia Kasper authored May 27, 2015



Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley
(Google).

Reviewed-by: Rich Salz <rsalz@openssl.org>

1e4a355d

Apr 30, 2015

Sanity check EVP_CTRL_AEAD_TLS_AAD · c8269881

Matt Caswell authored Apr 27, 2015

The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>

c8269881

Mar 28, 2015
- Engage vpaes-armv8 module. · 33b188a8
  Andy Polyakov authored Mar 18, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  33b188a8
Feb 09, 2015
- evp/e_aes.c: fix pair of SPARC T4-specific problems: · bdc985b1
  Andy Polyakov authored Feb 09, 2015
```
- SIGSEGV/ILL in CCM (RT#3688);
- SIGBUS in OCB;

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  bdc985b1
Feb 02, 2015
- Dead code: if 0 removal from crypto/evp and an unused file. · fd22ab9e
  Rich Salz authored Feb 02, 2015
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  fd22ab9e
Jan 28, 2015
- Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN · e640fa02
  Matt Caswell authored Jan 27, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e640fa02
- Replace EVP_CTRL_OCB_SET_TAGLEN with EVP_CTRL_SET_TAG for consistency with · d57d135c
  Matt Caswell authored Jan 27, 2015
```
CCM

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  d57d135c
Jan 22, 2015
- Run util/openssl-format-source -v -c . · 0f113f3e
  Matt Caswell authored Jan 22, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  0f113f3e