Commits · eb96e8b5fd1ad4eeae0b0330ca465ca462e0f6c1 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Aug 23, 2016

Document that o2i_SCT_signature can leave the SCT in an inconsistent state · eb96e8b5
Rob Percival authored Aug 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
```
eb96e8b5

Removes {i2o,o2i}_SCT_signature from the CT public API · 63e27d4d

Rob Percival authored Aug 23, 2016



They may return if an SCT_signature struct is added in the future that
allows them to be refactored to conform to the i2d/d2i function signature
conventions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

63e27d4d

Prevent double-free of CTLOG public key · 986dbbbe

Rob Percival authored Aug 23, 2016

Previously, if ct_v1_log_id_from_pkey failed, public_key would be freed by
CTLOG_free at the end of the function, and then again by the caller (who
would assume ownership was not transferred when CTLOG_new returned NULL).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

986dbbbe

Internalizes SCT_verify and removes SCT_verify_v1 · cdb2a603

Rob Percival authored Aug 23, 2016



SCT_verify is impossible to call through the public API (SCT_CTX_new() is
not part of the public API), so rename it to SCT_CTX_verify and move it
out of the public API.

SCT_verify_v1 is redundant, since SCT_validate does the same verification
(by calling SCT_verify) and more. The API is less confusing with a single
verification function (SCT_validate).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

cdb2a603

Update fuzz corpora · 5579eab9

Kurt Roeckx authored Aug 12, 2016



This is a new minimal corpus with the following changes:
- asn1: files: 1135 (+474), tuples: 27236 (+7496)
- asn1parse: files: 305 (-3), tuples: 8758 (+11)
- bignum: files: 370 (-1), tuples: 9547 (+10)
- bndiv: files: 160 (+0), tuples: 2416 (+6)
- cms: files: 155 (-1), tuples: 3408 (+0)
- conf: files: 231 (-11), tuples: 4668 (+3)
- crl: files: 905 (+188), tuples: 22876 (+4096)
- ct: files: 117 (+35), tuples: 3557 (+908)
- x509: files: 920, tuples: 28334

Note that tuple count depends on the binary and is random.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

5579eab9

Constify a bit X509_NAME_get_entry · 0fe91236

FdaSilvaYY authored Aug 19, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

0fe91236

Constify some X509_NAME, ASN1 printing code · 9f5466b9

FdaSilvaYY authored Jul 07, 2016



 ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

9f5466b9

Constify some input parameters. · bf9d5e48

FdaSilvaYY authored Aug 12, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

bf9d5e48

Constify some inputs buffers · a026fbf9

FdaSilvaYY authored Aug 06, 2016



remove useless cast to call ASN1_STRING_set

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

a026fbf9

Constify ASN1_PCTX_* · 35da893f

FdaSilvaYY authored Aug 02, 2016



... add a static keyword.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

35da893f

Fix bio_enc_test · 61884b81

Matt Caswell authored Aug 22, 2016



There was a block of code at the start that used the Camellia cipher. The
original idea behind this was to fill the buffer with non-zero data so that
oversteps can be detected. However this block failed when using no-camellia.
This has been replaced with a RAND_bytes() call.

I also updated the the CTR test section, since it seems to be using a CBC
cipher instead of a CTR cipher.

Reviewed-by: Andy Polyakov <appro@openssl.org>

61884b81

Aug 22, 2016

Add some sanity checks when checking CRL scores · 8b7c51a0
Matt Caswell authored Aug 23, 2016
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
8b7c51a0

Remove some dead code · c6231e9c

Matt Caswell authored Aug 22, 2016



The assignment to ret is dead, because ret is assigned again later.

Reviewed-by: Tim Hudson <tjh@openssl.org>

c6231e9c

Sanity check an ASN1_object_size result · a36c5eab

Matt Caswell authored Aug 22, 2016



If it's negative don't try and malloc it.

Reviewed-by: Tim Hudson <tjh@openssl.org>

a36c5eab

Check for error return from ASN1_object_size · b197257d
Matt Caswell authored Aug 22, 2016
```
Otherwise we try to malloc a -1 size.

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
b197257d

Check for malloc error in bn_x931p.c · 4d94bd36

Matt Caswell authored Aug 22, 2016



Ensure BN_CTX_get() has been successful

Reviewed-by: Tim Hudson <tjh@openssl.org>

4d94bd36

Fix mem leak on error path · 4162c7d3

Matt Caswell authored Aug 22, 2016



The mem pointed to by cAB can be leaked on an error path.

Reviewed-by: Tim Hudson <tjh@openssl.org>

4162c7d3

Fix mem leak on error path · 85d6b09d

Matt Caswell authored Aug 22, 2016



The mem pointed to by cAB can be leaked on an error path.

Reviewed-by: Tim Hudson <tjh@openssl.org>

85d6b09d

Fix mem leak on error path · c72b8e06

Matt Caswell authored Aug 22, 2016



The mem pointed to by tmp can be leaked on an error path.

Reviewed-by: Tim Hudson <tjh@openssl.org>

c72b8e06

Ensure the mime_hdr_free function can handle NULLs · 030648ce
Matt Caswell authored Aug 22, 2016
```
Sometimes it is called with a NULL pointer

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
030648ce
Ensure CT_POLICY_EVAL_CTX_free behaves properly with a NULL arg · 2b201c5c
Matt Caswell authored Aug 22, 2016
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
2b201c5c
Fix leak on error in tls_construct_cke_gost · 2f3930bc
Matt Caswell authored Aug 22, 2016
```
Don't leak pke_ctx on error.

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
2f3930bc
Test the support curves in tls · b1b22b0b
Kurt Roeckx authored Aug 20, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1472
```
b1b22b0b

Closing output file from inside the loop who open it · 2d87ee68

FdaSilvaYY authored Aug 20, 2016



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1471

2d87ee68

Fix no-des · 1c55e372

Matt Caswell authored Aug 22, 2016



The PKCS12 command line utility is not available if no-des is used.

Reviewed-by: Rich Salz <rsalz@openssl.org>

1c55e372

RT2676: Reject RSA eponent if even or 1 · 464d59a5

Rich Salz authored Aug 22, 2016



Also, re-organize RSA check to use goto err.
Add a test case.
Try all checks, not just stopping at first (via Richard Levitte)

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

464d59a5

Configure: Properly cache the configured compiler command · a66234bc
Richard Levitte authored Aug 17, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a66234bc

Fix a memory leak in EC_GROUP_get_ecparameters() · 0110a470

Kazuki Yamaguchi authored Aug 06, 2016



The variable 'buffer', allocated by EC_POINT_point2buf(), isn't
free'd on the success path.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

0110a470

Expose alloc functions for EC{PK,}PARAMETERS · 9ba6f347

Kazuki Yamaguchi authored Aug 16, 2016

Declare EC{PK,}PARAMETERS_{new,free} functions in public headers. The
free functions are necessary because EC_GROUP_get_ec{pk,}parameters()
was made public by commit 60b350a3

 ("RT3676: Expose ECgroup i2d
functions").

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

9ba6f347

Fix loopargs_t object duplication into ASYNC context · fb2141c7

FdaSilvaYY authored Aug 18, 2016



Code was relying on an implicit data-sharing through duplication of
loopargs_t pointer-members made by ASYNC_start_job().

Now share structure address instead of structure content.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

fb2141c7

Avoid more compiler warnings for use of uninitialised variables · 0038ad48
Richard Levitte authored Aug 22, 2016
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
0038ad48

Make 'openssl req -x509' more equivalent to 'openssl req -new' · 599e5904

Richard Levitte authored Aug 22, 2016



The following would fail, or rather, freeze:

    openssl genrsa -out rsa2048.pem 2048
    openssl req -x509 -key rsa2048.pem -keyform PEM -out cert.pem

In that case, the second command wants to read a certificate request
from stdin, because -x509 wasn't fully flagged as being for creating
something new.  This changes makes it fully flagged.

RT#4655

Reviewed-by: Andy Polyakov <appro@openssl.org>

599e5904

bn/asm/x86[_64]-mont*.pl: implement slightly alternative page-walking. · 3ba1ef82

Andy Polyakov authored Mar 16, 2016



Original strategy for page-walking was adjust stack pointer and then
touch pages in order. This kind of asks for double-fault, because
if touch fails, then signal will be delivered to frame above adjusted
stack pointer. But touching pages prior adjusting stack pointer would
upset valgrind. As compromise let's adjust stack pointer in pages,
touching top of the stack. This still asks for double-fault, but at
least prevents corruption of neighbour stack if allocation is to
overstep the guard page.

Also omit predict-non-taken hints as they reportedly trigger illegal
instructions in some VM setups.

Reviewed-by: Richard Levitte <levitte@openssl.org>

3ba1ef82

Choose a ciphersuite for testing that won't be affected by "no-*" options · fe34735c
Matt Caswell authored Aug 22, 2016
```
The previous ciphersuite broke in no-ec builds.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
fe34735c

Fix overflow check in BN_bn2dec() · 099e2968

Kazuki Yamaguchi authored Aug 22, 2016

Fix an off by one error in the overflow check added by 07bed46f


("Check for errors in BN_bn2dec()").

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

099e2968

ssltestlib: Tell compiler we don't care about the value when we don't · 1c288878

Richard Levitte authored Aug 22, 2016



In mempacket_test_read(), we've already fetched the top value of the
stack, so when we shift the stack, we don't care for the value.  The
compiler needs to be told, or it will complain harshly when we tell it
to be picky.

Reviewed-by: Matt Caswell <matt@openssl.org>

1c288878

crypto/pkcs12: facilitate accessing data with non-interoperable password. · 1194ea8d

Andy Polyakov authored Jul 26, 2016



Originally PKCS#12 subroutines treated password strings as ASCII.
It worked as long as they were pure ASCII, but if there were some
none-ASCII characters result was non-interoperable. But fixing it
poses problem accessing data protected with broken password. In
order to make asscess to old data possible add retry with old-style
password.

Reviewed-by: Richard Levitte <levitte@openssl.org>

1194ea8d

crypto/pkcs12: default to UTF-8. · b799aef8
Andy Polyakov authored Jul 26, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
b799aef8
Add PKCS#12 UTF-8 interoperability test. · 70bf33d1
Andy Polyakov authored Jul 26, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
70bf33d1
crypto/pkcs12: add UTF8 support. · 9e6b2f54
Andy Polyakov authored Nov 24, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
9e6b2f54