- Jul 01, 2016
-
-
Matt Caswell authored
We calculate the size required for the ServerKeyExchange message and then call BUF_MEM_grow_clean() on the buffer. However we fail to take account of 2 bytes required for the signature algorithm and 2 bytes for the signature length, i.e. we could overflow by 4 bytes. In reality this won't happen because the buffer is pre-allocated to a large size that means it should be big enough anyway. Addresses an OCAP Audit issue. Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Even though it's hard to imagine, it turned out that upper half of arguments passed to V8+ subroutine can be non-zero. ["n" pseudo-instructions, such as srln being srl in 32-bit case and srlx in 64-bit one, were implemented in binutils 2.10. It's assumed that Solaris assembler implemented it around same time, i.e. 2000.] Reviewed-by:
Richard Levitte <levitte@openssl.org> (cherry picked from commit f198cc43)
-
- Jun 30, 2016
-
-
Matt Caswell authored
Ensure things really do get cleared when we intend them to. Addresses an OCAP Audit issue. Reviewed-by:Andy Polyakov <appro@openssl.org>
-
- Jun 29, 2016
-
-
Richard Levitte authored
Reviewed-by: -
Richard Levitte authored
While travelling up the certificate chain, the internal proxy_path_length must be updated with the pCPathLengthConstraint value, or verification will not work properly. This corresponds to RFC 3820, 4.1.4 (a). Reviewed-by: -
Richard Levitte authored
The subject name MUST be the same as the issuer name, with a single CN entry added. RT#1852 Reviewed-by:
-
- Jun 27, 2016
-
-
Matt Caswell authored
RAND_pseudo_bytes() allows random data to be returned even in low entropy conditions. Sometimes this is ok. Many times it is not. For the avoidance of any doubt, replace existing usage of RAND_pseudo_bytes() with RAND_bytes(). Reviewed-by:
-
- Jun 26, 2016
-
-
Rich Salz authored
OBJ_nid2obj() and friends should be treated as const. Reviewed-by:
Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 5d28ff38)
-
Rich Salz authored
This reverts commit 58b18779 . Reviewed-by:
-
- Jun 25, 2016
-
-
Rich Salz authored
OBJ_nid2obj() and friends should be treated as const. Reviewed-by:
-
- Jun 24, 2016
-
-
Matt Caswell authored
aesni_cbc_hmac_sha256_ctrl() and aesni_cbc_hmac_sha1_ctrl() cleanse the HMAC key after use, but static int rc4_hmac_md5_ctrl() doesn't. Fixes an OCAP Audit issue. Reviewed-by:
-
- Jun 23, 2016
-
-
Matt Caswell authored
tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy supports NumericString. tag2nbyte is also used in do_print_ex which will not be broken by setting 1 at 18th position of tag2nbyte Reviewed-by:
-
- Jun 22, 2016
-
-
Andy Polyakov authored
[Note that in master declaration is different.] RT#4568 Reviewed-by:
-
- Jun 21, 2016
-
-
John Foley authored
Reviewed-by:
-
- Jun 20, 2016
-
-
Richard Levitte authored
Reviewed-by: -
Dr. Matthias St. Pierre authored
Reviewed-by: -
Richard Levitte authored
Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
Andy Polyakov authored
RT#4578 Reviewed-by:
-
- Jun 16, 2016
-
-
Rich Salz authored
Sender verified that the fix works. This is a backport/cherry-pick of just the bugfix part of 0f91e1df Reviewed-by:
-
Matt Caswell authored
This reverts commit 75f90688 . TerminateProcess is asynchronous, so the code as written in the above commit is not correct (and doesn't even compile at the moment). It is also probably not needed in the speed case. Reverting in order to figure out the correct solution. Reviewed-by:
-
Pauli authored
Reviewed-by:Matt Caswell <matt@openssl.org>
-
- Jun 15, 2016
-
-
Rich Salz authored
Reviewed-by:
-
- Jun 14, 2016
-
-
Richard Levitte authored
Reviewed-by:
Emilia Käsper <emilia@openssl.org> (cherry picked from commit fdcb499c)
-
Richard Levitte authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Dr. Stephen Henson authored
The selector field could be omitted because it has a DEFAULT value. In this case *sfld == NULL (sfld can never be NULL). This was not noticed because this was never used in existing ASN.1 modules. Reviewed-by:
-
Andy Polyakov authored
Couple of never-used symbols were clasing with FIPS module, "weakening" them allows to resolve linking errors. RT#3699 Reviewed-by: -
Rich Salz authored
Reviewed-by:
-
- Jun 13, 2016
-
-
Rich Salz authored
Reviewed-by: -
Dr. Stephen Henson authored
Use string_to_hex, OPENSSL_hexstr2buf() doesn't exist in OpenSSL 1.0.2 Reviewed-by:
-
- Jun 12, 2016
-
-
Andy Polyakov authored
crypto/mem_clr.c was harmonized with master branch and doesn't use cleanse_ctr kludge anymore. RT#4563 Reviewed-by: -
Dr. Stephen Henson authored
Don't use BN_hex2bn() for PSK key conversion as the conversion to BN and back removes leading zeroes, use OPENSSL_hexstr2buf() instead. RT#4554 Reviewed-by:
-
Phillip Hellewell authored
Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit 6b360288)
-
Andy Polyakov authored
It's probably worth reminding that this is a fall-back implementation for platforms that don't have assembly OPENSSL_cleanse. Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- Jun 10, 2016
-
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
The TS_RESP_verify_response() function is used for verifying the response from a TSA. You can set the provided TS_VERIFY_CTX with different flags depending on what aspects of the response you wish to verify. A seg fault will occur if you supply the TS_VFY_SIGNER or TS_VFY_TSA_NAME flags without also specifying TS_VFY_SIGNATURE. Reviewed-by:
-
- Jun 07, 2016
-
-
Matt Caswell authored
The previous commit fixed a bug with BN_mod_word() which would have been caught if we had a test for it. This commit adds one. Reviewed-by:
-
