- Mar 29, 2019
-
-
Shane Lontis authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8569)
-
- Mar 28, 2019
-
-
Pauli authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8606)
-
Paul Monson authored
CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8590)
-
Shane Lontis authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8566)
-
Dmitry Belyavskiy authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8308)
-
Matt Caswell authored
Fixes #8589 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8597)
-
Pauli authored
/usr/include/bits/waitstatus.h includes endian.h under some libc's. This clashes with the new test header file, so rename the latter. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8600)
-
- Mar 27, 2019
-
-
Pauli authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8572)
-
Jake Massimo authored
DH_check is used to test the validity of Diffie-Hellman parameter sets (p, q, g). Among the tests performed are primality tests on p and q, for this BN_is_prime_ex is called with the rounds of Miller-Rabin set as default. This will therefore use the average case error estimates derived from the function BN_prime_checks_for_size based on the bit size of the number tested. However, these bounds are only accurate on testing random input. Within this testing scenario, where we are checking the validity of a DH parameter set, we can not assert that these parameters are randomly generated. Thus we must treat them as if they are adversarial in nature and increase the rounds of Miller-Rabin performed. Generally, each round of Miller-Rabin can declare a composite number prime with probability at most (1/4), thus 64 rounds is sufficient in thwarting known generation techniques (even in safe prime settings - see https://eprint.iacr.org/2019/032 for full analysis). The choice of 64 rounds is also consistent with SRP_NUMBER_ITERATIONS_FOR_PRIME 64 as used in srp_Verify_N_and_g in openssl/apps/s_client.c. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8593)
-
Matt Caswell authored
See discussion in github issue #8563 Fixes #8563 Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8584)
-
Matt Caswell authored
EVP_MAC_ctrl is documented to return 0 or -1 on failure. Numerous places were not getting this check correct. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8584)
-
Matt Caswell authored
Fixes #8567 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8586)
-
Matt Caswell authored
We treat that as automatic success. Other EVP_*Update functions already do this (e.g. EVP_EncryptUpdate, EVP_DecryptUpdate etc). EVP_EncodeUpdate is a bit of an anomoly. That treats 0 byte input length as an error. Fixes #8576 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8587)
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8588)
-
Dr. Matthias St. Pierre authored
Reported by Mak Kolybabi Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8591)
-
- Mar 26, 2019
-
-
Shane Lontis authored
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8580)
-
- Mar 25, 2019
-
-
Hubert Kario authored
not specifying the digest both on command line and in the config file will lead to response generation aborting with 140617514493760:error:2F098088:time stamp routines:ts_CONF_lookup_fail: \ cannot find config variable:crypto/ts/ts_conf.c:106:tsr_test::signer_digest Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8421)
-
Shane Lontis authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8571)
-
- Mar 22, 2019
-
-
Bernd Edlinger authored
constant time with a memory access pattern that does not depend on secret information. [extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8543)
-
Bernd Edlinger authored
[extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8542)
-
Pauli authored
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8554)
-
- Mar 21, 2019
-
-
Matt Caswell authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
Matt Caswell authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
Matt Caswell authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
Matt Caswell authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
Matt Caswell authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
Matt Caswell authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
Shane Lontis authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8544)
-
- Mar 20, 2019
-
-
Lorinczy Zsigmond authored
So far, it only handled hash-and-algorithm pairs from TLS1.2, now it also handles 'schemes' defined in TLS1.3 like 0x0807=ed25519 or 0x0809=rsa_pss_pss_sha256 Now it prints information in one of these formats: ... Algorithm scheme=ecdsa_secp256r1_sha256, security bits=128 ... TLS1.3 ... Algorithm digest=SHA384, algorithm=DSA, security bits=192 ... TLS1.2 ... Algorithm scheme=unknown(0x0e01), security bits=128 ... unhandled case To implement this added three new lookup-tables: signature_tls13_scheme_list, signature_tls12_alg_list, signature_tls12_hash_list. Also minor changes in 'security_callback_debug', eg adding variable 'show_nm' to indicate if we should show 'nm'. Also coding-styles fixes from matcaswell Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8445)
-
Richard Levitte authored
Great effort has been made to make initialization more configurable. However, the behavior of OPENSSL_config() was lost in the process, having it suddenly generate errors it didn't previously, which is not how it's documented to behave. A simple setting of default flags fixes this problem. Fixes #8528 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8533)
-
Shane Lontis authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8532)
-
David von Oheimb authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/8527)
-
- Mar 19, 2019
-
-
Shane Lontis authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8507)
-
Richard Levitte authored
OpenSSL will come with a set of well known providers, some of which need to be accessible from the start. These are typically built in providers, or providers that will work as fallbacks. We do this when creating a new provider store, which means that this will happen in every library context, regardless of if it's the global default one, or an explicitely created one. We keep the data about the known providers we want to make accessible this way in crypto/provider_predefined.h, which may become generated. For now, though, we make it simple and edited manually. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8480)
-
Richard Levitte authored
To ensure that old applications aren't left without any provider, and at the same time not forcing any default provider on applications that know how to deal with them, we device the concept of fallback providers, which are automatically activated if no other provider is already activated. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8480)
-
Matt Caswell authored
DSA can accept other digests other than SHA1. EC ignores the digest option altogether. Fixes #8425 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8432)
-
Shane Lontis authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8230)
-
Rich Salz authored
They're only used in one place, and only for a legacy datatype. Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8302)
-
Dmitry Belyavskiy authored
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8329)
-
Dmitry Belyavskiy authored
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8329)
-