- Aug 30, 2017
-
-
Andy Polyakov authored
This reverts commit a610934c . Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4281)
-
Jon Spillett authored
AEAD cipher mode implementation is based on that used for AES: https://tools.ietf.org/html/rfc5116 TLS GCM cipher suites as specified in: https://tools.ietf.org/html/rfc6209 Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4287)
-
Jon Spillett authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4286)
-
- Aug 29, 2017
-
-
Pauli authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
-
Pauli authored
cryptilib.h is the second. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
-
Pauli authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
-
Pauli authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
-
Pauli authored
Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and ssl/ssl_locl.h). Added e_os.h into the files that need it now. Directly reference internal/nelem.h when required. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
-
- Aug 28, 2017
-
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #4268
-
Kurt Roeckx authored
The one creating the DRBG should instantiate it, it's there that we know which parameters we should use to instantiate it. This splits the rand init in two parts to avoid a deadlock because when the global drbg is created it wands to call rand_add on the global rand method. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #4268
-
Rich Salz authored
Fixes CVE 2017-3735 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4276)
-
Richard Levitte authored
Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4274)
-
Dr. Matthias St. Pierre authored
The DRBG callbacks 'get_entropy()' and 'cleanup_entropy()' are designed in such a way that the randomness buffer does not have to be allocated by the calling function. It receives the address of a dynamically allocated buffer from get_entropy() and returns this address to cleanup_entropy(), where it is freed. If these two calls are properly paired, the address can be stored in a stack local variable of the calling function, so there is no need for having a 'randomness' member (and a 'filled' member) in 'RAND_DRBG'. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4266)
-
Dr. Matthias St. Pierre authored
With the introduction of RAND_poll_ex(), the `RAND_add()` calls were replaced by meaningless cb(...). This commit changes the 'cb(...)' calls back to 'rand_add(...)' calls by changing the signature as follows: -int RAND_poll_ex(RAND_poll_fn cb, void *arg); +int RAND_poll_ex(RAND_poll_cb rand_add, void *arg); Changed the function typedef name to 'RAND_poll_cb' to emphasize the fact that the function type represents a callback function. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4266)
-
Dr. Matthias St. Pierre authored
Unlike the NIST DRBG standard, entropy counts are in bits and buffer lengths are in bytes. This has lead to some confusion and errors in the past, see my comment on PR 3789. To clarify the destinction between entropy counts and buffer lengths, a 'len' suffix has been added to all member names of RAND_DRBG which represent buffer lengths: - {min,max}_{entropy,adin,nonce,pers} + {min,max}_{entropy,adin,nonce,pers}len This change makes naming also more consistent, as can be seen in the diffs, for example: - else if (adinlen > drbg->max_adin) { + else if (adinlen > drbg->max_adinlen) { Also replaced all 'ent's by 'entropy's, following a suggestion of Paul Dale. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4266)
-
- Aug 27, 2017
-
-
Rich Salz authored
VisualStudio 6 and earlier aren't supported. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4263)
-
- Aug 25, 2017
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4261)
-
Richard Levitte authored
The guard was checked but never defined. Also, rename it to reflect that this is an internal header file, not a public one. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4254)
-
Richard Levitte authored
The socket stuff for DJGPP and VMS was only partially moved to include/internal/sockets.h... Remains vxWorks. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4254)
-
Paul Yang authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4223)
-
Paul Yang authored
this part contains only the return (x) fix. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4223)
-
Rich Salz authored
Also use a local variable, collapse some code. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4258)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4242)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4242)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4257)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4252)
-
Richard Levitte authored
This is a vestige from pre-1.1.0 OpenSSL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4256)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4259)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4259)
-
Kazuki Yamaguchi authored
A condition was removed by commit 1053a6e2 ; presumably it was an unintended change. Restore the previous behavior so the get_session_cb won't be called with zero-length session ID. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4236)
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4251)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4243)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4245)
-
Meena Vyas authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4250)
-
Meena Vyas authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4249)
-
- Aug 24, 2017
-
-
Pauli authored
range of ctype functions. Revert "Don't try to compare the ctype functions on values > 127" This reverts commit 6ac58908 . Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4225)
-
Richard Levitte authored
This mimics the behaviour of DES_crypt, where the salt and password are expected to be in EBCDIC when CHARSET_EBCDIC is defined, and are converted internally to ASCII. This is also done with the magic ID string if it's not already ASCII. The resulting output is entirely built up of ASCII components and is converted back to EBCDIC at the end. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4229)
-
Richard Levitte authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4229)
-
Richard Levitte authored
Fixes #4130 Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4229)
-
Pauli authored
The C standard defines EOF as: ... an integer constant expression, with type int and a negative value... This means a conforming implemenetation could define this as a one of the printable characters. This won't be a problem for ASCII. A specific test case has been added for EOF. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4240)
-