| Age | Commit message (Collapse) | Author |
|---|
|
|
|
ok beck inoguchi
|
|
tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory
for legal use of cryptography within China and [are] widely applied in
the country, covering identification/financial cards, contactless,
TPM 2.0 and PKI.
ok beck inoguchi jsing
|
|
RSA_meth_get_finish() RSA_meth_set1_name() EVP_CIPHER_CTX_(get|set)_iv()
feedback and ok jsing@ tb@
|
|
tested in a bulk by sthen
ok jsing
|
|
Requires adding a const to the priv_decode() member of
EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode()
functions. All this is already documented this way.
tested in a bulk build by sthen
ok jsing
|
|
we can add const to PKCS8_pkey_get0(). In order for this to work,
we need to sprinkle a few consts here and there.
tested in a bulk by sthen
ok jsing
|
|
Provide PKCS8_pkey_add1_attr_by_NID() and PKCS8_pkey_get0_attrs().
Remove the whole broken code and simplify pkcs8_priv_key_info_st
accordingly. Based on OpenSSL commit
54dbf42398e23349b59f258a3dd60387bbc5ba13 plus some const that was
added later.
tested in a bulk build by sthen
ok jsing
|
|
ok jsing
|
|
checking. Matches our documented behavior.
Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387
tested in a bulk by sthen
ok jsing
|
|
tested in a bulk by sthen
ok jsing
|
|
tested in a bulk by sthen
ok jsing
|
|
Prompted by a remark by jsing
|
|
the terminating NUL. EVP_read_pw_string_min() got this wrong, leading to
a one-byte buffer overrun in all callers of EVP_read_pw_string().
Found by mestre running 'openssl passwd' with MALLOC_OPTIONS including C.
Fix this by doing some basic sanity checking in EVP_read_pw_string_min().
Cap the len argument at BUFSIZ and ensure that min < len as well as
0 <= min and 1 <= len. The last two checks are important as these
numbers may end up in reallocarray().
ok bcook (on previous version), jsing, mestre
|
|
EVP_Verify*.
ok tb@
|
|
tested in a bulk build by sthen
ok jsing
|
|
EVP_PKEY_get_attr_by_OBJ(3), X509at_get_attr_by_OBJ(3),
X509at_get0_data_by_OBJ(3), X509_REQ_get_attr_by_OBJ(3)
tested in a bulk by sthen
ok beck (as part of a larger diff)
|
|
tested in a bulk build by sthen
ok beck (as part of a larger diff)
|
|
tested in a bulk build by sthen
ok beck (as part of a larger diff)
|
|
tested in a bulk build by sthen
ok beck (as part of a larger diff)
|
|
tested in a bulk build by sthen
ok beck (as part of a larger diff)
|
|
tested in bulk by sthen
ok jsing
|
|
OpenSSL commit 7c96dbcdab9 by Rich Salz.
This cleans up the caller side quite a bit and reduces the number of
lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net
shows that almost nothing checks the return value of ENGINE_finish().
While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'.
ok jsing, tested by & ok inoguchi
|
|
This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well
thread safety modifications for the existing LibreSSL init
functions. The initialization routines are called automatically
by the normal entry points into the library, as in newer OpenSSL
ok jsing@, nits by tb@ and deraadt@
|
|
ok jsing
|
|
Rides previous minor bump.
|
|
|
|
EVP_PKEY_get0_{DH,DSA,RSA}(), RSA_{g,s}et0_key().
ok jsing
|
|
|
|
with "warning: " since 2003, so the messages themselves need not
contain the prefix anymore.
From Scott Cheloha
ok jca, deraadt
|
|
chacha20-poly1305 cipher suites have been removed from libssl.
|
|
sizeof(struct) not sizeof(pointer).
otto@ points out that on OpenBSD currently freezero() would have still
zeroed the entire allocation, but this is not documented behaviour and
may change in future.
ok tom@
|
|
reduces conditional logic (-218, +82).
MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c
wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and
BN_FLG_STATIC_DATA where the condition cannot be collapsed completely.
Passes regress. ok beck
|
|
it under #ifndef LIBRESSL_INTERNAL.
ok beck@
|
|
|
|
used in various parts of TLS 1.0/1.1.
This will allow for code simplification in libssl.
The same interface exists in OpenSSL 1.1.
ok beck@ deraadt@ inoguchi@ millert@
|
|
This patch is originally from master branch of OpenSSL.
- 2198b3a crypto/evp: harden AEAD ciphers.
- 8e20499 crypto/evp: harden RC4_MD5 cipher.
ok tom@
|
|
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
|
|
No change to generated assembly excluding line numbers.
|
|
Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting
the bn_* symbols. These are documented as only being intended for internal
use, so why they were placed in a public header is beyond me...
This hides 363 previously exported symbols, most of which exist in headers
that are not installed and were never intended to be public. This also
removes a few crusty old things that should have died long ago (like
_ossl_old_des_read_pw). But don't worry... there are still 3451 symbols
exported from the library.
With input and testing from inoguchi@.
ok beck@ inoguchi@
|
|
they don't make sense.
ok beck@
|
|
ok bock@ jsing@
|
|
meaningful constants in a private header file, so that reviewers can actually
get a chance to figure out what the code is attempting to do without knowing
all cpuid bits.
While there, turn it from an array of two 32-bit ints into a properly aligned
64-bit int.
Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will
now always use OPENSSL_cpu_caps() and check for the proper bits in the
whole 64-bit word it returns.
i386 tests and ok jsing@
|
|
faster-on-genuine-80386-but-slower-on-80486-onwards innstruction sequence in
the SHA512 code, and had not been enabled in years, if at all.
ok tom@ bcook@
|
|
Software that refers to ctx after calling Final breaks with these changes.
revert parts of 1.31 and 1.32
|
|
corrected by deraadt@ / guenther@
|
|
|
|
This adds a linker warning for EVP_EncryptFinal(), EVP_DecryptFinal(),
EVP_CipherFinal(), and documents the recent behavior updates.
ok beck@
|
|
14 years ago these were changed in OpenSSL to be the same
as the _ex functions. We use the _ex functions only internally
to ensure it is obvious the ctx must be cleared.
ok bcook@
|
|
additionally, in EncodeUpdate, if the amount written would overflow,
return 0 instead to prevent bugs in the caller.
CVE-2016-2105 and CVE-2016-2106 from openssl.
|
