Commits · 7c12c7b61c5b37c9dff930ccc68421fb7de00271 · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Jan 25, 2017

Properly handle a partial block in OCB mode · 7c12c7b6

Matt Caswell authored Jan 23, 2017



If we have previously been passed a partial block in an "Update" call then
make sure we properly increment the output buffer when we use it.

Fixes #2273

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2275)

7c12c7b6

Don't use magic numbers in aes_ocb_cipher() · 0ba5a9ea

Matt Caswell authored Jan 23, 2017



Lots of references to 16 replaced by AES_BLOCK_SIZE. Also a few other style
tweaks in that function

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2275)

0ba5a9ea

Oct 18, 2016

Fix strict-warnings build · 96cce820

Patrick Steuer authored Oct 15, 2016



crypto/evp/e_aes.c: Types of inp and out parameters of
AES_xts_en/decrypt functions need to be changed from char to
unsigned char to avoid build error due to
'-Werror=incompatible-pointer-types'.

crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above
change.

Signed-off-by: Patrick Steuer <psteuer@mail.de>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial

96cce820

Jul 16, 2016
- evp/e_aes.c: wire new CBC and CTR subroutines from aesfx-sparcv9. · 365f95ad
  Andy Polyakov authored Apr 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  365f95ad
Jun 14, 2016
- evp/e_aes.c: wire hardware-assisted XTS subroutines. · 46f047d7
  Andy Polyakov authored May 30, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  46f047d7
May 24, 2016

Fix braces in e_aes.c: aes_init_key · c01a3c6d

Todd Short authored May 24, 2016



This compiles correctly, but depending on what may be defined, it's
possible that this could fail compilation. The braces are mismatched,
and it's possible to end up with an else followed by another else.

This presumes the indentation is mostly correct and indicative of
intent. Found via static analysis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1118)

c01a3c6d

May 17, 2016
- Copyright consolidation 05/10 · aa6bb135
  Rich Salz authored May 17, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  aa6bb135
May 02, 2016

Remove obsolete defined(__INTEL__) condition. · b1a07c38

Andy Polyakov authored May 01, 2016



This macro was defined by no-longer-supported __MWERKS__ compiler.

Reviewed-by: Richard Levitte <levitte@openssl.org>

b1a07c38

Apr 20, 2016
- evp/aes_aes.c: engage Fujitsu SPARC64 X AES support. · 6944565b
  Andy Polyakov authored Apr 19, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  6944565b
Apr 13, 2016

Remove OPENSSL_NO_AES guards · 5158c763

Matt Caswell authored Apr 13, 2016



no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES
guards can be removed.

Reviewed-by: Richard Levitte <levitte@openssl.org>

5158c763

Mar 20, 2016

Remove #error from include files. · 3c27208f

Rich Salz authored Mar 18, 2016



Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>

3c27208f

Mar 18, 2016

Mark OCB as an AEAD cipher · c4aede20

Matt Caswell authored Mar 15, 2016



OCB is AEAD capable but was not marked as such with the
EVP_CIPH_FLAG_AEAD_CIPHER flag.

Reviewed-by: Andy Polyakov <appro@openssl.org>

c4aede20

Feb 05, 2016

GH601: Various spelling fixes. · 0d4fb843

FdaSilvaYY authored Feb 05, 2016



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

0d4fb843

Jan 12, 2016

Adapt builtin cipher implementations to opaque EVP_CIPHER · 6435f0f6

Richard Levitte authored Dec 18, 2015



They all stop including evp_locl.h, so we also take care of their
adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier
commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>

6435f0f6

Dec 10, 2015
- evp/e_aes.c: wire hardware-assisted block function to OCB. · 02dc0b82
  Andy Polyakov authored Dec 08, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  02dc0b82
- x86[_64] assembly pack: add optimized AES-NI OCB subroutines. · bd30091c
  Andy Polyakov authored Dec 02, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  bd30091c
Nov 09, 2015

Continue standardising malloc style for libcrypto · 90945fa3

Matt Caswell authored Oct 30, 2015



Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

90945fa3

Aug 14, 2015
- CCM support. · e75c5a79
  Dr. Stephen Henson authored Jul 31, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e75c5a79
Jul 06, 2015

Relax CCM tag check. · 9cca7be1

Dr. Stephen Henson authored Jun 09, 2015



In CCM mode don't require a tag before initialising decrypt: this allows
the tag length to be set without requiring the tag.

Reviewed-by: Rich Salz <rsalz@openssl.org>

9cca7be1

Jun 08, 2015

Use CRYPTO_memcmp when comparing authenticators · 1e4a355d

Emilia Kasper authored May 27, 2015



Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley
(Google).

Reviewed-by: Rich Salz <rsalz@openssl.org>

1e4a355d

Apr 30, 2015

Sanity check EVP_CTRL_AEAD_TLS_AAD · c8269881

Matt Caswell authored Apr 27, 2015

The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>

c8269881

Mar 28, 2015
- Engage vpaes-armv8 module. · 33b188a8
  Andy Polyakov authored Mar 18, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  33b188a8
Feb 09, 2015
- evp/e_aes.c: fix pair of SPARC T4-specific problems: · bdc985b1
  Andy Polyakov authored Feb 09, 2015
```
- SIGSEGV/ILL in CCM (RT#3688);
- SIGBUS in OCB;

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  bdc985b1
Feb 02, 2015
- Dead code: if 0 removal from crypto/evp and an unused file. · fd22ab9e
  Rich Salz authored Feb 02, 2015
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  fd22ab9e
Jan 28, 2015
- Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN · e640fa02
  Matt Caswell authored Jan 27, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e640fa02
- Replace EVP_CTRL_OCB_SET_TAGLEN with EVP_CTRL_SET_TAG for consistency with · d57d135c
  Matt Caswell authored Jan 27, 2015
```
CCM

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  d57d135c
Jan 22, 2015
- Run util/openssl-format-source -v -c . · 0f113f3e
  Matt Caswell authored Jan 22, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  0f113f3e
Jan 04, 2015

Remove inconsistency in ARM support. · c1669e1c

Andy Polyakov authored Nov 07, 2014


This facilitates "universal" builds, ones that target multiple
architectures, e.g. ARMv5 through ARMv7. See commentary in
Configure for details.

Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

c1669e1c

Dec 08, 2014
- remove OPENSSL_FIPSAPI · 73e45b2d
  Dr. Stephen Henson authored Oct 20, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  73e45b2d
- remove FIPS module code from crypto/evp · 916e5620
  Dr. Stephen Henson authored Oct 19, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  916e5620
- Added OPENSSL_NO_OCB guards · 3feb6305
  Matt Caswell authored Dec 07, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  3feb6305
- Add EVP support for OCB mode · e6b336ef
  Matt Caswell authored Dec 06, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  e6b336ef
Aug 21, 2014
- Fix build when BSAES_ASM is defined but VPAES_ASM is not · da92be4d
  Emilia Kasper authored Aug 19, 2014
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
  da92be4d
Jul 20, 2014

Engage GHASH for PowerISA 2.0.7. · 0e716d92

Andy Polyakov authored Jul 20, 2014



[and split ppccap.c to ppccap.c and ppc_arch.h]

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

0e716d92

Jul 18, 2014

RFC 5649 support. · d31fed73

Dr. Stephen Henson authored Jul 18, 2014



Add support for RFC5649 key wrapping with padding.

Add RFC5649 tests to evptests.txt

Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.

EVP support and minor changes added by Stephen Henson.

Doxygen comment block updates by Tim Hudson.

Reviewed-by: Tim Hudson <tjh@openssl.org>

d31fed73

Jul 17, 2014
- Make *Final work for key wrap again. · 58f4698f
  Dr. Stephen Henson authored Jul 17, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  58f4698f
- Sanity check lengths for AES wrap algorithm. · d12eef15
  Dr. Stephen Henson authored Jul 17, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  d12eef15
Jun 30, 2014

Fix copy for CCM, GCM and XTS. · c2fd5d79

Dr. Stephen Henson authored Jun 30, 2014

Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.

c2fd5d79

Jun 29, 2014
- Make EVP_CIPHER_CTX_copy work in GCM mode. · 370bf1d7
  ZNV authored Jun 29, 2014
```
PR#3272
```
  370bf1d7
Jun 16, 2014
- aesp8-ppc.pl: add CTR mode. · 764fe518
  Andy Polyakov authored Jun 16, 2014
  
  764fe518