Skip to content
  1. May 09, 2019
  2. May 08, 2019
    • Tobias Nießen's avatar
      Allow specifying the tag after AAD in CCM mode · b48e3be9
      Tobias Nießen authored
      
      
      This change allows to pass the authentication tag after specifying
      the AAD in CCM mode. This is already true for the other two supported
      AEAD modes (GCM and OCB) and it seems appropriate to match the
      behavior.
      
      GCM and OCB also support to set the tag at any point before the call
      to `EVP_*Final`, but this won't work for CCM due to a restriction
      imposed by section 2.6 of RFC3610: The tag must be set before
      actually decrypting data.
      
      This commit also adds a test case for setting the tag after supplying
      plaintext length and AAD.
      
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/7243)
      
      (cherry picked from commit 67c81ec311d696464bdbf4c6d6f8a887a3ddf9f8)
      b48e3be9
  3. May 07, 2019
  4. May 02, 2019
  5. Apr 30, 2019
  6. Apr 25, 2019
  7. Apr 24, 2019
  8. Apr 23, 2019
  9. Apr 19, 2019
  10. Apr 18, 2019
    • Richard Levitte's avatar
      asn1parse: avoid double free · 18111b13
      Richard Levitte authored
      
      
      |str| was used for multiple conflicting purposes.  When using
      '-strictpem', it's used to uniquely hold a reference to the loaded
      payload.  However, when using '-strparse', |str| was re-used to hold
      the position from where to start parsing.
      
      So when '-strparse' and '-strictpem' are were together, |str| ended up
      pointing into data pointed at by |at|, and was yet being freed, with
      the result that the payload it held a reference to became a memory
      leak, and there was a double free conflict when both |str| and |at|
      were being freed.
      
      The situation is resolved by always having |buf| hold the pointer to
      the file data, and always and only use |str| to hold the position to
      start parsing from.  Now, we only need to free |buf| properly and not
      |str|.
      
      Fixes #8752
      
      Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
      (Merged from https://github.com/openssl/openssl/pull/8753)
      
      (cherry picked from commit 4f29f3a29b8b416a501c7166dbbca5284b198f81)
      18111b13
  11. Apr 16, 2019
  12. Apr 15, 2019
  13. Apr 14, 2019
  14. Apr 10, 2019
  15. Apr 09, 2019
  16. Apr 08, 2019
  17. Apr 06, 2019