- Feb 07, 2017
-
-
Peter Wu authored
The server and client demos (s_client and s_server) are extended with a -keylogfile option. This is similar as setting the SSLKEYLOGFILE environment variable for NSS and creates a keylog file which is suitable for Wireshark. Reviewed-by:
Matt Caswell <matt@openssl.org> Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2343)
-
Pauli authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2566)
-
Bernd Edlinger authored
or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed. If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL, aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse. Reviewed-by:
-
- Feb 06, 2017
-
-
Rich Salz authored
Reported by Jakub Wilk. Reviewed-by:
-
Rich Salz authored
Reported by Alexander Köppe Reviewed-by:
-
Andy Polyakov authored
Idea is to keep it last for all eternity, so that if you find yourself in time-pressed situation and deem that fuzz test can be temporarily skipped, you can terminate the test suite with less hesitation about following tests that you would have originally missed. Reviewed-by: -
Andy Polyakov authored
- harmonize handlers with guidelines and themselves; - fix some bugs in handlers; - add missing handlers in chacha and ecp_nistz256 modules; Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- Feb 05, 2017
-
-
Bernd Edlinger authored
Reviewed-by:
-
- Feb 03, 2017
-
-
Bernd Edlinger authored
Fixed a memory leak in ASN1_digest and ASN1_item_digest. Reworked error handling in asn1_item_embed_new. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in CRYPTO_free_ex_data. Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon. Check for null pointer in tls_process_cert_verify. Fixes #2103 #2104 #2105 #2109 #2111 #2115 Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Robert Scheck authored
Reviewed-by:
-
Dmitry Kostjuchenko authored
Reviewed-by:
-
Dmitry Kostjuchenko authored
Reviewed-by:
-
Dmitry Kostjuchenko authored
Updated indentations according project rules, renamed file-local define to the shorter version - USE_RWLOCK, fixed declaration after the if statement in CRYPTO_THREAD_lock_new(). Reviewed-by:
-
Dmitry Kostjuchenko authored
Fix compilation on platforms with missing pthread_rwlock_t implementation by replacing it with pthread_mutex_t. An example of such platform can be Android OS 2.0 - 2.1, API level 5 (Eclair), Android NDK platform - android-5 where pthread_rwlock_t is not implemented and is missing in pthread.h. In case of missing pthread_rwlock_t implementation CRYPTO_RWLOCK will work as exclusive lock in write-only mode of pthread_rwlock_t lock. The implementation based on pthread_mutex_t must be using PTHREAD_MUTEX_RECURSIVE mode to be compatible with recursive behavior of pthread_rwlock_rdlock. Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
- Feb 02, 2017
-
-
Richard Levitte authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
For TLS 1.3 we select certificates with signature algorithms extension only. For ECDSA+SHA384 there is the additional restriction that the curve must be P-384: since the test uses P-256 this should fail. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
We now set the server certificate in tls_choose_sigalg() so there is no need for a special case for TLS 1.3 any more. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
New function tls_choose_sigalg(). This is a signature algorithm version of ssl3_choose_cipher(): it picks and sets the appropriate signature algorithm and certificate based on shared signature algorithms. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Cory Benfield authored
Reviewed-by:
-
Cory Benfield authored
Reviewed-by:
-
- Feb 01, 2017
-
-
Todd Short authored
The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Todd Short authored
session_ctx and initial_ctx are aliases of each other, and with the opaque data structures, there's no need to keep both around. Since there were more references of session_ctx, replace all instances of initial_ctx with session_ctx. Reviewed-by:
-
Richard Levitte authored
Reviewed-by: -
Geoff Thorpe authored
The BIGNUM behaviour is supposed to be "consistent" when going into and out of APIs, where "consistent" means 'top' is set minimally and that 'neg' (negative) is not set if the BIGNUM is zero (which is iff 'top' is zero, due to the previous point). The BN_DEBUG testing (make test) caught the cases that this patch corrects. Note, bn_correct_top() could have been used instead, but that is intended for where 'top' is expected to (sometimes) require adjustment after direct word-array manipulation, and so is heavier-weight. Here, we are just catching the negative-zero case, so we test and correct for that explicitly, in-place. Change-Id: Iddefbd3c28a13d935648932beebcc765d5b85ae7 Signed-off-by:
Geoff Thorpe <geoff@openssl.org> Reviewed-by:
-
Geoff Thorpe authored
Change-Id: I5ab72ad0aae9069b47d5b7b7b9e25bd1b7afa251 Signed-off-by:
-
Geoff Thorpe authored
Couple of updates to make this code work properly again; * use OPENSSL_assert() instead of assert() (and #include <assert.h>) * the circular-dependency-avoidance uses RAND_bytes() (not pseudo) Change-Id: Iefb5a9dd73f71fd81c1268495c54a64378955354 Signed-off-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
