- 24 May, 2019 2 commits
-
-
agnosticdev authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8995) (cherry picked from commit 5435a830)
-
Sambit Kumar Dash authored
CLA: trivial Reviewed-by:
-
- 23 May, 2019 2 commits
-
-
Bernd Edlinger authored
e.g. openssl speed -evp id-aes256-wrap-pad was crashing because the return code from EVP_CipherInit_ex was ignored. Not going to allow that cipher mode because wrap ciphers produces more bytes output than the input length and EVP_Update_loop is not really prepared for that. Reviewed-by:
Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by:
Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8739) (cherry picked from commit 5d238a10)
-
Matt Caswell authored
This imports all of the NIST CAVS test vectors for CCM (SP800-38C) and coverts them for use within evp_test. This commit also adds a script to convert the .rsp CAVS files into the evp_test format. Reviewed-by:
-
- 22 May, 2019 3 commits
-
-
Patrick Steuer authored
Fixes #7323 Signed-off-by:
Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8970) (cherry picked from commit 3f950d87)
-
Patrick Steuer authored
Fixes #8957 Signed-off-by:
-
Patrick Steuer authored
67c81ec3 forgot about s390x Signed-off-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
- 21 May, 2019 2 commits
-
-
Kurt Roeckx authored
Fixes: #8737 Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by:
-
Matt Caswell authored
This reverts commit dcb982d7 . This change is causing extended tests to fail. [extended tests] Reviewed-by:
-
- 20 May, 2019 1 commit
-
-
Arne Schwabe authored
This function only returns a status and does not modify the parameter. Since similar function are already taking const parameters, also change this function to have a const parameter. Fixes #8934 CLA: trivial Signed-off-by:
Arne Schwabe <arne@rfc2549.org> Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by:
-
- 16 May, 2019 1 commit
-
-
Valentin Robert authored
CLA: trivial Reviewed-by:
-
- 09 May, 2019 1 commit
-
-
Rashmica Gupta authored
CLA: trivial Reviewed-by:
-
- 08 May, 2019 1 commit
-
-
Tobias Nießen authored
This change allows to pass the authentication tag after specifying the AAD in CCM mode. This is already true for the other two supported AEAD modes (GCM and OCB) and it seems appropriate to match the behavior. GCM and OCB also support to set the tag at any point before the call to `EVP_*Final`, but this won't work for CCM due to a restriction imposed by section 2.6 of RFC3610: The tag must be set before actually decrypting data. This commit also adds a test case for setting the tag after supplying plaintext length and AAD. Reviewed-by:
-
- 07 May, 2019 2 commits
-
-
Matt Caswell authored
Fixes #8875 Reviewed-by:
-
Dr. Matthias St. Pierre authored
Reviewed-by:
-
- 02 May, 2019 4 commits
-
-
Dr. Matthias St. Pierre authored
If the `openssl cms` command is called without specifying an operation option, it replies with the following laconic error message: cms: Use -help for summary. This commit adds a helpful error message: No operation option (-encrypt|-decrypt|-sign|-verify|...) specified. Reviewed-by: -
Dr. Matthias St. Pierre authored
Since commit 137096a7 it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by:
-
Wojciech Kaluza authored
Reviewed-by:
-
Wojciech Kaluza authored
- Allow user-defined RCFLAGS - Pass RCFLAGS to RC Reviewed-by:
-
- 30 Apr, 2019 1 commit
-
-
Richard Levitte authored
The reason is that the shared-info attributes may depend on %disabled, so we need to process all enablings/disablings first. Reviewed-by:
-
- 25 Apr, 2019 3 commits
-
-
Pauli authored
The testutil support for doubles isn't present in 1.1.1. This reverts commit 4a717667 from #8818. Reviewed-by:
-
Pauli authored
Add a Chi^2 goodness of fit test to empirically provide a degree of confidence in the uniformity of the output of the random range generation function. Reviewed-by:
-
Guido Vranken authored
Return error if the output tag buffer size doesn't match the tag size exactly. This prevents the caller from using that portion of the tag buffer that remains uninitialized after an otherwise succesfull call to CRYPTO_ccm128_tag. Bug found by OSS-Fuzz. Fix suggested by Kurt Roeckx. Signed-off-by:
Guido Vranken <guidovranken@gmail.com> Reviewed-by:
-
- 24 Apr, 2019 1 commit
-
-
Jakub Jelen authored
CLA: trivial Signed-off-by:
Jakub Jelen <jjelen@redhat.com> Reviewed-by:
Paul Yang <yang.yang@baishancloud.com> Reviewed-by:
-
- 23 Apr, 2019 3 commits
-
-
Richard Levitte authored
Disabling one thing may mean having to disable other things as well. We already have a process to auto-disable things through cascading, but that was under-used. Making the cascading mechanism available through a function to be called to disable stuff makes it more automatic, and helps us when we forget how different disabling options affect others. Reviewed-by:
-
Richard Levitte authored
Fixes #8787 Reviewed-by:
-
Richard Levitte authored
This came about with the realisation that upper case CFLAGS, LDFLAGS and so on aren't treated much after that, and this makes figuring out user added flags significantly easier, just look in %config. Reviewed-by:
-
- 19 Apr, 2019 3 commits
-
-
dyrock authored
Check if num is 0 before trying to malloc memory. Otherwise for client hellos without extensions SSL_client_hello_get1_extensions_present will return MALLOC_FAILURE. Reviewed-by:
Ben Kaduk <kaduk@mit.edu> Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
- 18 Apr, 2019 1 commit
-
-
Richard Levitte authored
|str| was used for multiple conflicting purposes. When using '-strictpem', it's used to uniquely hold a reference to the loaded payload. However, when using '-strparse', |str| was re-used to hold the position from where to start parsing. So when '-strparse' and '-strictpem' are were together, |str| ended up pointing into data pointed at by |at|, and was yet being freed, with the result that the payload it held a reference to became a memory leak, and there was a double free conflict when both |str| and |at| were being freed. The situation is resolved by always having |buf| hold the pointer to the file data, and always and only use |str| to hold the position to start parsing from. Now, we only need to free |buf| properly and not |str|. Fixes #8752 Reviewed-by:
-
- 16 Apr, 2019 5 commits
-
-
Tomas Mraz authored
Reviewed-by:
-
Tomas Mraz authored
Reviewed-by:
-
Tomas Mraz authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Tomas Mraz authored
Reviewed-by:
-
- 15 Apr, 2019 4 commits
-
-
Joshua Lock authored
A couple of minor tweaks to match the style introduced in #7854: - BIO_connect: remove line break to make more grep friendly - SSL_CTX_new: harmoise the format of the HISTORY section Reviewed-by:
-
Joshua Lock authored
SEE ALSO before HISTORY is the more common pattern in OpenSSL manual pages and seems to be the prevalent order based on sampling my system manual pages. Fixes #8631 Reviewed-by:
-
Joshua Lock authored
Check that the HISTORY section is located after the SEE ALSO section, this is a much more frequent order in OpenSSL manual pages (and UNIX manual pages in general). Also check that SEE ALSO comes after EXAMPLES, so that the tool can ensure the correct manual section sequence. Reviewed-by:
-
Joshua Lock authored
Change to check_section_location(), a generic function to ensure that section SECTION appears before section BEFORE in the man pages. Reviewed-by:
-
