- Feb 06, 2018
-
-
Patrick Steuer authored
Signed-off-by:
Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5230)
-
- Jan 09, 2018
-
-
Richard Levitte authored
Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5038)
-
- Jan 07, 2018
-
-
Patrick Steuer authored
Signed-off-by:
-
- May 11, 2017
-
-
Bernd Edlinger authored
- Mostly missing fall thru comments - And uninitialized value used in sslapitest.c Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3440)
-
- Feb 08, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2550)
-
- Feb 07, 2017
-
-
Bernd Edlinger authored
or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed. If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL, aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse. Reviewed-by:
-
- Jan 26, 2017
-
-
Andy Polyakov authored
Originally a crash in 32-bit build was reported CHACHA20-POLY1305 cipher. The crash is triggered by truncated packet and is result of excessive hashing to the edge of accessible memory. Since hash operation is read-only it is not considered to be exploitable beyond a DoS condition. Other ciphers were hardened. Thanks to Robert Święcki for report. CVE-2017-3731 Reviewed-by:
-
- Jan 25, 2017
-
-
Matt Caswell authored
When doing in place encryption the overlapping buffer check can fail incorrectly where we have done a partial block "Update" operation. This fixes things to take account of any pending partial blocks. Reviewed-by:
-
Matt Caswell authored
If we have previously been passed a partial block in an "Update" call then make sure we properly increment the output buffer when we use it. Fixes #2273 Reviewed-by:
-
Matt Caswell authored
Lots of references to 16 replaced by AES_BLOCK_SIZE. Also a few other style tweaks in that function Reviewed-by:
-
- Oct 18, 2016
-
-
Patrick Steuer authored
crypto/evp/e_aes.c: Types of inp and out parameters of AES_xts_en/decrypt functions need to be changed from char to unsigned char to avoid build error due to '-Werror=incompatible-pointer-types'. crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above change. Signed-off-by:
Patrick Steuer <psteuer@mail.de> Reviewed-by:
-
- Jul 16, 2016
-
-
Andy Polyakov authored
Reviewed-by:
-
- Jun 14, 2016
-
-
Andy Polyakov authored
Reviewed-by:
-
- May 24, 2016
-
-
Todd Short authored
This compiles correctly, but depending on what may be defined, it's possible that this could fail compilation. The braces are mismatched, and it's possible to end up with an else followed by another else. This presumes the indentation is mostly correct and indicative of intent. Found via static analysis. Reviewed-by:
-
- May 17, 2016
-
-
Rich Salz authored
Reviewed-by:
-
- May 02, 2016
-
-
Andy Polyakov authored
This macro was defined by no-longer-supported __MWERKS__ compiler. Reviewed-by:
-
- Apr 20, 2016
-
-
Andy Polyakov authored
Reviewed-by:
-
- Apr 13, 2016
-
-
Matt Caswell authored
no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES guards can be removed. Reviewed-by:
-
- Mar 20, 2016
-
-
Rich Salz authored
Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by:
-
- Mar 18, 2016
-
-
Matt Caswell authored
OCB is AEAD capable but was not marked as such with the EVP_CIPH_FLAG_AEAD_CIPHER flag. Reviewed-by:
-
- Feb 05, 2016
-
-
FdaSilvaYY authored
Signed-off-by:
-
- Jan 12, 2016
-
-
Richard Levitte authored
They all stop including evp_locl.h, so we also take care of their adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier commit. Reviewed-by:
-
- Dec 10, 2015
-
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- Nov 09, 2015
-
-
Matt Caswell authored
Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by:Kurt Roeckx <kurt@openssl.org>
-
- Aug 14, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Jul 06, 2015
-
-
Dr. Stephen Henson authored
In CCM mode don't require a tag before initialising decrypt: this allows the tag length to be set without requiring the tag. Reviewed-by:
-
- Jun 08, 2015
-
-
Emilia Kasper authored
Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley (Google). Reviewed-by:
-
- Apr 30, 2015
-
-
Matt Caswell authored
The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at least 13 bytes long. Add sanity checks to ensure that the length is at least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for reporting this issue. Reviewed-by:
-
- Mar 28, 2015
-
-
Andy Polyakov authored
Reviewed-by:
-
- Feb 09, 2015
-
-
Andy Polyakov authored
- SIGSEGV/ILL in CCM (RT#3688); - SIGBUS in OCB; Reviewed-by:
-
- Feb 02, 2015
-
-
Rich Salz authored
Reviewed-by:
-
- Jan 28, 2015
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
CCM Reviewed-by:
-
- Jan 22, 2015
-
-
Matt Caswell authored
Reviewed-by:
-
- Jan 04, 2015
-
-
Andy Polyakov authored
This facilitates "universal" builds, ones that target multiple architectures, e.g. ARMv5 through ARMv7. See commentary in Configure for details. Reviewed-by:
Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by:
-
- Dec 08, 2014
-
-
Dr. Stephen Henson authored
Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
