mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
12,966 Commits 33 Branches 385 Tags 484 MiB
7a4dadc3a6
Commit Graph

6614 Commits

Author SHA1 Message Date
Matt Caswell
fd0ba77717 make update 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-11 23:52:47 +00:00
Rich Salz
5ab65c50ef RT3497: Clean up "dclean" targets 
Some Makefiles had actions for "dclean" that really belonged
to the "clean" target.  This is wrong because clean ends up,
well, not really cleaning everything.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-11 17:01:16 -05:00
Rich Salz
5cf37957fb RT3543: Remove #ifdef LINT 
I also replaced some exit/return wrappers in various
programs (from main) to standardize on return.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-10 17:31:04 -05:00
Jonas Maebe
3a7581bf5a tree_print: check for NULL after allocating err 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-10 18:35:18 +01:00
Matt Caswell
02a62d1a4a Move bn internal functions into bn_int.h and bn_lcl.h 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:41:42 +00:00
Matt Caswell
1939187922 Make bn opaque 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:41:27 +00:00
Matt Caswell
29e7a56d54 Disable engines that will fail to build when bn is made opaque 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:41:12 +00:00
Matt Caswell
2cbc8d7de5 Implement internally opaque bn access from ts 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:41:07 +00:00
Matt Caswell
aeb556f831 Implement internally opaque bn access from srp 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:41:02 +00:00
Matt Caswell
18125f7f55 Implement internally opaque bn access from rsa 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:57 +00:00
Matt Caswell
68c29f61a4 Implement internally opaque bn access from evp 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:52 +00:00
Matt Caswell
5784a52145 Implement internally opaque bn access from ec 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:47 +00:00
Matt Caswell
c0d4390194 Implement internally opaque bn access from dsa 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:41 +00:00
Matt Caswell
829ccf6ab6 Implement internally opaque bn access from dh 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:32 +00:00
Matt Caswell
76b2a02274 Implement internally opaque bn access from asn1 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:26 +00:00
Matt Caswell
7a5233118c Prepare exptest for bn opaquify 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:19 +00:00
Matt Caswell
85bcf27ccc Prepare for bn opaquify. Implement internal helper functions. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 21:40:12 +00:00
Geoff Thorpe
e52a3c3d14 Include <openssl/foo.h> instead of "foo.h" 
Exported headers shouldn't be included as "foo.h" by code from the same
module, it should only do so for module-internal headers. This is
because the symlinking of exported headers (from include/openssl/foo.h
to crypto/foo/foo.h) is being removed, and the exported headers are
being moved to the include/openssl/ directory instead.

Change-Id: I4c1d80849544713308ddc6999a549848afc25f94
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-12-08 14:21:35 -05:00
Dr. Stephen Henson
73e45b2dd1 remove OPENSSL_FIPSAPI 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
b2ecc05a9a remove FIPS_*_SIZE_T 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
916e56208b remove FIPS module code from crypto/evp 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
ebdf37e4b1 remove FIPS module code from crypto/bn 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
1c98de6d81 remove FIPS module code from crypto/ecdh 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
dbfbe10a1f remove FIPS module code from crypto/ecdsa 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
1bfffe9bd0 Remove FIPS module code from crypto/dh 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
fce8311cae remove FIPS module code from crypto/dsa 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
8d73db288f remove FIPS module code from crypto/rsa 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
05417a3476 Remove FIPS error library from openssl.ec mkerr.pl 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
e4e5bc39f9 Remove fips_constseg references. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
85129ab579 remove another FIPSCANISTER reference 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:37 +00:00
Dr. Stephen Henson
b3da6f496b remove unnecessary OPENSSL_FIPS reference 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:37 +00:00
Dr. Stephen Henson
c603c723ce Remove OPENSSL_FIPSCANISTER code. 
OPENSSL_FIPSCANISTER is only set if the fips module is being built
(as opposed to being used). Since the fips module wont be built in
master this is redundant.
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:25:16 +00:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:23:45 +00:00
Matt Caswell
3feb63054a Added OPENSSL_NO_OCB guards 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:29:03 +00:00
Matt Caswell
d827c5edb5 Add tests for OCB mode 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:28:47 +00:00
Matt Caswell
e6b336efa3 Add EVP support for OCB mode 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:28:34 +00:00
Matt Caswell
c857a80c9d Add support for OCB mode as per RFC7253 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:27:56 +00:00
Kurt Roeckx
45f55f6a5b Remove SSLv2 support 
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-04 11:55:03 +01:00
Matt Caswell
0d3ae34df5 There are a number of instances throughout the code where the constant 28 is 
used with no explanation. Some of this was introduced as part of RT#1929. The
value 28 is the length of the IP header (20 bytes) plus the UDP header (8
bytes). However use of this constant is incorrect because there may be
instances where a different value is needed, e.g. an IPv4 header is 20 bytes
but an IPv6 header is 40. Similarly you may not be using UDP (e.g. SCTP).
This commit introduces a new BIO_CTRL that provides the value to be used for
this mtu "overhead". It will be used by subsequent commits.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-03 09:24:04 +00:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-28 18:32:43 -05:00
Richard Levitte
91316e6765 Check for FindNextFile when defining it rather than FindFirstFile 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-11-28 23:27:21 +01:00
Annie Yousar
c56a50b229 RT2679: Fix error if keysize too short 
In keygen, return KEY_SIZE_TOO_SMALL not INVALID_KEYBITS.

** I also increased the minimum from 256 to 512, which is now
documented in CHANGES file. **

Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-11-20 13:45:25 -05:00
Rich Salz
14d3b76be8 RT3488: Update doc for OPENSSL_config 
Fix CONF_load_modules to CONF_modules_load.
Document that it calls exit.
Advise against using it now.
Add an error print to stderr.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-11-20 13:40:03 -05:00
Matt Caswell
8d02bebddf When using EVP_PKEY_derive with a KDF set, a negative error from 
ECDH_compute_key is silently ignored and the KDF is run on duff data

Thanks to github user tomykaira for the suggested fix.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-11-20 15:20:37 +00:00
Jan Hykel
012aa9ec76 Don't use msg on error. 
Don't attempt to access msg structure if recvmsg returns an error.

PR#3483
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-17 12:40:44 +00:00
Mike Bland
13d30e27c2 Add missing SRC variable 
This is the only Makefile without SRC defined. This change enables a
standard Makefile include directive to cover crypto/jpake/*.d files.

This was automatically applied by AddSrcVarIfNeeded() in:
https://code.google.com/p/mike-bland/source/browse/openssl/update_makefiles.py

Change-Id: I030204a1bc873b5de5b06c8ddc0b94bb224c6650
Signed-off-by: Mike Bland <mbland@acm.org>
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-11-16 16:45:01 -05:00
Mike Bland
dbaf608320 Remove redundant test targets outside of test/ 
These correspond to targets of the same name in test/Makefile that clash when
using the single-makefile build method using GitConfigure and GitMake.

Change-Id: If7e900c75f4341b446608b6916a3d76f202026ea
Signed-off-by: Mike Bland <mbland@acm.org>
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-11-16 16:44:51 -05:00
Dr. Stephen Henson
55f7fb8848 Fix cross reference table generator. 
If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table.
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-13 13:34:42 +00:00
Michal Bozon
ae64fb528e Correct timestamp output when clock_precision_digits > 0 
PR#3535

Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-11-12 20:51:41 +00:00
Matt Caswell
e04d426bf9 Fix free of garbage pointer. PR#3595 
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-11-12 20:26:31 +00:00
Kurt Roeckx
67b8bcee95 Fix warning about negative unsigned intergers 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-11-11 15:46:28 +01:00
Russell Coker
f8ae603238 Fix datarace reported by valgrind/helgrind 
This doesn't really fix the datarace but changes it so it can only happens
once. This isn't really a problem since we always just set it to the same
value. We now just stop writing it after the first time.

PR3584, https://bugs.debian.org/534534

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-11-10 18:34:11 +01:00
Andy Polyakov
6696203963 armv4cpuid.S: fix compilation error in pre-ARMv7 build. 
PR: 3474
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-10-30 20:24:29 +01:00
Dr. Stephen Henson
ecb9966e7c Fix WIN32 build by disabling bn* calls. 
The trial division and probable prime with coprime tests are disabled
on WIN32 builds because they use internal functions not exported from
the WIN32 DLLs.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-10-29 22:23:31 +00:00
Andy Polyakov
c381b63764 ec/asm/ecp_nistz256-x86_64.pl: fix inconsistency in path handling. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-10-29 10:57:46 +01:00
Andy Polyakov
d45282fc7c md32_common.h: address compiler warning in HOST_c2l. 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-10-29 10:48:39 +01:00
Samuel Neves
d2fa182988 Use only unsigned arithmetic in constant-time operations 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-10-28 20:40:45 +01:00
Andy Polyakov
3ff08e1dde ecp_nistz256 update. 
Facilitate switch to custom scatter-gather routines. This modification
does not change algorithms, only makes it possible to implement
alternative. This is achieved by a) moving precompute table to assembly
(perlasm parses ecp_nistz256_table.c and is free to rearrange data to
match gathering algorithm); b) adhering to explicit scatter subroutine
(which for now is simply a memcpy). First implementations that will use
this option are 32-bit assembly implementations, ARMv4 and x86, where
equivalent of current read-whole-table-select-single-value algorithm
is too time-consuming. [On side note, switching to scatter-gather on
x86_64 would allow to improve server-side ECDSA performance by ~5%].

Reviewed-by: Bodo Moeller <bodo@openssl.org>
 2014-10-23 16:08:44 +02:00
Kurt Cancemi
87d388c955 RT3547: Add missing static qualifier 
Reviewed-by: Ben Laurie <ben@openssl.org>
 2014-10-17 11:41:39 +02:00
Tim Hudson
c6e9b39ce8 Add constant_time_locl.h to HEADERS, 
so the Win32 compile picks it up correctly.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Conflicts:
	crypto/Makefile
 2014-10-15 17:00:06 +02:00
Richard Levitte
7f09a8773b Include "constant_time_locl.h" rather than "../constant_time_locl.h". 
The different -I compiler parameters will take care of the rest...

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	crypto/evp/evp_enc.c
	crypto/rsa/rsa_oaep.c
	crypto/rsa/rsa_pk1.c
 2014-10-15 17:00:06 +02:00
Bodo Moeller
0b382a8e8d Fix SSL_R naming inconsistency. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-10-15 14:48:14 +02:00
Andy Polyakov
69d5747f90 aesni-x86_64.pl: make ECB subroutine Windows ABI compliant. 
RT: 3553
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-10-15 11:10:08 +02:00
Bodo Moeller
cf6da05304 Support TLS_FALLBACK_SCSV. 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-10-15 04:03:28 +02:00
Dr. Stephen Henson
ffa08b3242 Remove reference to deleted md4.c 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-10-11 13:37:44 +01:00
Matt Caswell
e0fdea3e49 Removed duplicate definition of PKCS7_type_is_encrypted 
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.

PR#3551

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-10-06 23:42:13 +01:00
Andy Polyakov
ae4af7a067 crypto/cast/asm/cast-586.pl: +5% on PIII and remove obsolete readme. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-10-01 23:59:14 +02:00
Rich Salz
df8c39d522 RT3549: Remove obsolete files in crypto 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-10-01 16:05:47 -04:00
Rich Salz
d5f34443ad RT2910: Remove des.c and its Makefile target 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-09-30 16:44:10 -04:00
Andy Polyakov
323154be33 crypto/bn/bn_nist.c: bring original failing code back for reference. 
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-09-30 21:00:44 +02:00
Dr. Stephen Henson
1cfd255c91 Add additional DigestInfo checks. 
Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-09-29 12:01:05 +01:00
Rich Salz
3d81ec5b92 Remove #ifdef's for IRIX_CC_BUG 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-09-25 14:43:24 -04:00
Emilia Kasper
fdc35a9d3e Add missing tests 
Accidentally omitted from commit 455b65dfab

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-09-25 13:46:08 +02:00
Andy Polyakov
8b07c005fe crypto/bn/bn_nist.c: work around MSC ARM compiler bug. 
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-09-25 00:42:26 +02:00
Rich Salz
92c7846372 RT3544: Remove MWERKS support 
The following #ifdef tests were all removed:
	__MWERKS__
	MAC_OS_pre_X
	MAC_OS_GUSI_SOURCE
	MAC_OS_pre_X
	OPENSSL_SYS_MACINTOSH_CLASSIC
	OPENSSL_SYS_MACOSX_RHAPSODY

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-09-24 18:07:29 -04:00
Emilia Kasper
4aac102f75 RT3425: constant-time evp_enc 
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-09-24 16:19:18 +02:00
Emilia Kasper
455b65dfab RT3067: simplify patch 
(Original commit adb46dbc6d)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-09-24 15:35:02 +02:00
Emilia Kasper
294d1e36c2 RT3066: rewrite RSA padding checks to be slightly more constant time. 
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-09-24 12:45:42 +02:00
Andy Polyakov
4513b1b641 crypto/rsa/rsa_chk.c: harmonize error codes. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-21 23:05:13 +02:00
Andy Polyakov
be07ae9b10 crypto/ecp_nistz256.c: harmonize error codes. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-21 15:56:02 +02:00
Andy Polyakov
d475b2a3bf Harmonize Tru64 and Linux make rules. 
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-09-20 10:20:38 +02:00
Dr. Stephen Henson
16e5b45f72 Fix warning. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-09-20 00:08:56 +01:00
Jake Goulding
99b00fd993 RT2301: GetDIBits, not GetBitmapBits in rand_win 
GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-09-18 16:41:31 -04:00
Andy Polyakov
569e2d1257 crypto/bn/asm/x86_64-mont*.pl: add missing clang detection. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-09-12 00:44:51 +02:00
Andy Polyakov
4d3fa06fce Add ECP_NISTZ256 by Shay Gueron, Intel Corp. 
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-09-12 00:37:41 +02:00
Andy Polyakov
f54be179aa Reserve option to use BN_mod_exp_mont_consttime in ECDSA. 
Submitted by Shay Gueron, Intel Corp.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-09-12 00:13:20 +02:00
Andy Polyakov
902b30df19 perlasm/x86_64-xlate.pl: handle inter-bank movd. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-09-12 00:06:00 +02:00
Rich Salz
b2aa38a980 RT2560: missing NULL check in ocsp_req_find_signer 
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-10 12:18:50 -04:00
Matt Caswell
eb63bce040 RT3192: spurious error in DSA verify 
This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit.  Need more code-review? :)

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-09 17:10:15 -04:00
Geoff Keating
1f18f50c4b RT1909: Omit version for v1 certificates 
When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-09 15:15:45 -04:00
Paul Suhler
4cd1119df3 RT2841: Extra return in check_issued 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-08 18:50:07 -04:00
Kurt Roeckx
44e0c2bae4 RT2626: Change default_bits from 1K to 2K 
This is a more comprehensive fix.  It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1.  This is from
Kurt's upstream Debian changes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-09-08 17:21:04 -04:00
Bjoern Zeeb
6452a139fe RT671: export(i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING 
The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but
the low-level functions are not public. They are useful, no need
to make them static. Note that BITSTRING already was exposed since
this RT was created, so now we just export IA5STRING functions.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-09-08 11:27:07 -04:00
Rich Salz
2afb29b480 RT992: RSA_check_key should have a callback arg 
The original RT request included a patch.  By the time
we got around to doing it, however, the callback scheme
had changed. So I wrote a new function RSA_check_key_ex()
that uses the BN_GENCB callback.  But thanks very much
to Vinet Sharma <vineet.sharma@gmail.com> for the
initial implementation.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-08 11:11:49 -04:00
Robin Lee
83e4e03eeb RT3031: Need to #undef some names for win32 
Copy the ifdef/undef stanza from x509.h to x509v3.h

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-08 11:05:48 -04:00
Alon Bar-Lev
8842987e5a RT1771: Add string.h include. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-09-08 10:37:28 -04:00
Emilia Kasper
95b1752cc7 Add i2d_re_X509_tbs 
i2d_re_X509_tbs re-encodes the TBS portion of the certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-09-05 17:18:06 +02:00
Richard Levitte
360928b7d0 Followup on RT3334 fix: make sure that a directory that's the empty 
string returns 0 with errno = ENOENT.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-09-03 21:57:44 +02:00
Phil Mesnier
6a14fe7576 RT3334: Fix crypto/LPdir_win.c 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-09-03 21:56:40 +02:00
Clang via Jeffrey Walton
0ff3687eab RT3140: Possibly-unit variable in pem_lib.c 
Can't really happen, but the flow of control isn't obvious.
Add an initializer.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-09-02 23:37:17 -04:00
Emilia Kasper
86f50b36e6 Make the inline const-time functions static. 
"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
 2014-09-02 15:21:01 +02:00
Kurt Cancemi
b0426a0f8c RT3508: Remove unused variable introduced by b09eb24 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-31 23:43:37 -04:00
Rich Salz
9fc8dc5469 Add explanatory note to crypto/store/README 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-08-31 15:27:17 -04:00
Andy Polyakov
6019cdd327 Configure: add configuration for crypto/ec/asm extensions. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-30 19:22:51 +02:00
Andy Polyakov
4d86e8df6b md5-x86_64.pl: work around warning. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-30 19:17:09 +02:00
Andy Polyakov
b59f92e75d x86[_64] assembly pack: add Silvermont performance data. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-30 19:13:49 +02:00
Rich Salz
0f957287df Remove some outdated README files, to avoid confusing people. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-08-30 10:29:35 -04:00
Matt Caswell
13be7da81f Fixed double inclusion of string.h 
PR2693

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-29 21:42:54 +01:00
Rich Salz
b09eb246e2 RT3246: req command prints version number wrong 
Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-08-28 19:17:05 -04:00
l.montecchiani@gmail.com
ac53354b94 RT2193: #ifdef errors in bss_dgram.c 
Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-08-28 17:17:36 -04:00
Dr. Stephen Henson
879bde123b fix warning 
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
 2014-08-28 17:06:52 +01:00
Emilia Kasper
5a3d21c058 Constant-time utilities 
Pull constant-time methods out to a separate header, add tests.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
 2014-08-28 15:48:45 +02:00
Raphael Spreitzer
f9fb43e176 RT2400: ASN1_STRING_to_UTF8 missing initializer 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-27 22:59:05 -04:00
Rich Salz
506a3d1f9c Merge branch 'master' of git.openssl.org:openssl 
Gah, I hate when I forget to pull before merging.

Reviewed-by: rsalz
 2014-08-27 21:36:36 -04:00
Rich Salz
17e80c6bd0 RT2308: Add extern "C" { ... } wrapper 
Add the wrapper to all public header files (Configure
generates one).  Don't bother for those that are just
lists of #define's that do renaming.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-27 21:35:32 -04:00
Emilia Kasper
f34a57202b Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey 
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-27 19:49:35 +02:00
Matt Caswell
f063e30fe9 RT3065: automatically generate a missing EC public key 
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-27 19:49:35 +02:00
Adam Langley
0388ac4c99 RT3065: ec_private_key_dont_crash 
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:

-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-27 19:49:34 +02:00
Emilia Kasper
bc46db60f1 RT3061: slightly amend patch 
Add an extra NULL dereference check

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2014-08-22 15:23:33 +02:00
Emilia Kasper
da92be4d68 Fix build when BSAES_ASM is defined but VPAES_ASM is not 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-08-21 15:42:57 +02:00
Andy Polyakov
15735e4f0e bn/asm/rsaz-*.pl: allow spaces in Perl path name. 
RT: 2835

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-21 00:17:45 +02:00
Andy Polyakov
e608273a80 sha1-mb-x86_64.pl: add commentary. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-21 00:15:40 +02:00
Laszlo Papp
09ec8c8e89 PR2490: Remove unused local variable bn ecp_nist.c 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-20 16:36:20 -04:00
Andy Polyakov
2893a302a9 crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-20 22:18:14 +02:00
Andy Polyakov
55eb14da20 sha1-mb-x86_64.pl: fix typo. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-20 22:10:20 +02:00
Martin Olsson
1afd7fa97c RT2513: Fix typo's paramter-->parameter 
I also found a couple of others (padlock and signinit)
and fixed them.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 11:09:33 -04:00
Laszlo Papp
8b6e517e33 RT2492: Remove extra NULL check. 2014-08-18 17:41:24 -04:00
Laszlo Papp
ddc29125a1 RT2489: Remove extra "sig" local variable. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 17:36:49 -04:00
Doug Goldstein
448155e9bb RT2163: Remove some unneeded #include's 
Several files #include stdio.h and don't need it.
Also, per tjh, remove BN_COUNT

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-18 12:50:00 -04:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements 
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 11:49:16 -04:00
Jonas Maebe
9f01a8acb3 process_pci_value: free (*policy)->data before setting to NULL after failed realloc 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:35 +02:00
Jonas Maebe
259ac68aeb do_ext_i2d: free ext_der or ext_oct on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:24 +02:00
Jonas Maebe
54298141d3 do_othername: check for NULL after allocating objtmp 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:05 +02:00
Jonas Maebe
f6983d0d76 NETSCAPE_SPKI_b64_encode: free der_spki and b64_str on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:55:12 +02:00
Jonas Maebe
254f1c8019 get_cert_by_subject: check for NULL when allocating hent 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:55:01 +02:00
Jonas Maebe
fb7fbf28b3 UI_construct_prompt: check for NULL when allocating prompt 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:49 +02:00
Jonas Maebe
ba494ee593 hashbn: check for NULL result when allocating bin and return an error if it fails all (in)direct callers of hashbn: propagate potential error in hashbn 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:39 +02:00
Jonas Maebe
462319c3e9 JPAKE_CTX_new: check for NULL result when allocating ctx 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:11 +02:00
Jonas Maebe
34374c2d2c old_hmac_encode: check for NULL result when allocating *pder 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:52:44 +02:00
Jonas Maebe
6f77f82bfc dev_crypto_md5_copy: return error if allocating to_md->data fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:52:30 +02:00
Jonas Maebe
771e0c6c7a dev_crypto_md5_update: check result of realloc(md_data->data) and don't leak memory if it fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:52:14 +02:00
Jonas Maebe
d8513b4abd dev_crypto_cipher: return immediately if allocating cin/cout failed 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:51:35 +02:00
Jonas Maebe
c84029dbdc dev_crypto_init_key: return error if allocating CDATA(ctx)->key failed 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:51:16 +02:00
Rich Salz
c9a81b3026 RT2751: Declare get_issuer_sk() earlier. 
Add a declaration for get_issuer_sk() so that other
functions in x509_vf.c could use it.  (Planned work
around cross-certification chains.)
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-08-15 17:49:03 -04:00
Jonas Maebe
d6f69ae547 cryptodev_digest_copy: return error if allocating dstate->mac_data fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:51 +02:00
Jonas Maebe
349e6b2b0a cryptodev_digest_update: don't leak original state->mac_data if realloc fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:36 +02:00
Jonas Maebe
36f7ed5040 cms_SignerInfo_content_sign: free sig on failure path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:19 +02:00
Jonas Maebe
4e64f671c9 rtcp_new: return failure if allocation of bi->ptr failed 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:05 +02:00
Jonas Maebe
1c4b688cb4 multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push() 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:48 +02:00
Jonas Maebe
bd4acbc70e BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:28 +02:00
Jonas Maebe
8957278869 mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:14 +02:00
Jonas Maebe
15297d962c mime_hdr_new: free mhdr, tmpname, tmpval on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:54 +02:00
Jonas Maebe
c9c63b0180 ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:34 +02:00
Jonas Maebe
b9b9f853b5 SetBlob: free rgSetBlob on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:35:11 +02:00
Istvan Noszticzius
865886553d Fix use after free bug. 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-15 16:50:16 +01:00
Frdric Giudicelli
c753e71e0a RT783: Minor optimization to ASN1_INTEGER_set 
Remove local variable and avoid extra assignment.

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:54:43 -04:00
Rob Austein
cf8bac4456 RT2465: Silence some gcc warnings 
"Another machine, another version of gcc, another batch
of compiler warnings."  Add "=NULL" to some local variable
declarations that are set by passing thier address into a
utility function; confuses GCC it might not be set.

Reviewed-by: Emilia Ksper <emilia@silkandcyanide.net>
 2014-08-15 10:52:06 -04:00
Hans Wennborg
01e438f288 RT3023: Redundant logical expressions 
Remove some redundant logical expressions

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:45:00 -04:00
Emilia Kasper
f0ca9ccaef make depend 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-14 15:24:58 +02:00
Bodo Moeller
16602b5cd5 Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and 
group_order_tests (ectest.c).  Also fix the EC_POINTs_mul documentation (ec.h).

Reviewed-by: emilia@openssl.org
 2014-08-13 17:37:19 +02:00
Dr Stephen Henson
b00f586a81 Fix d4a4370050 
Fully remove old error, per drH
Reviewed-by: rsalz
 2014-08-11 17:32:57 -04:00
Scott Schaefer
d4a4370050 RT 2517: Various typo's. 
Reviewed-by: Emilia Kasper

Many of these were already fixed, this catches the last
few that were missed.
 2014-08-11 13:43:31 -04:00
Rich Salz
f642ebc1e2 Undo a90081576c 
Undo unapproved commit that removed DJGPP and WATT32
 2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c Remove DJGPP (and therefore WATT32) #ifdef's. 
DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.
 2014-08-08 16:54:14 -04:00
Dr. Stephen Henson
4a23b12a03 Fix SRP buffer overrun vulnerability. 
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
 2014-08-06 20:36:41 +01:00
Emilia Kasper
0042fb5fd1 Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 20:36:41 +01:00
Bodo Moeller
0fe73d6c36 Simplify and fix ec_GFp_simple_points_make_affine 
(which didn't always handle value 0 correctly).

Reviewed-by: emilia@openssl.org
 2014-08-01 17:18:14 +02:00
Billy Brumley
cba11f57ce "EC_POINT_invert" was checking "dbl" function pointer instead of "invert". 
PR#2569

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-07-21 22:18:40 +01:00
Andy Polyakov
5c3598307e sha1-ppc.pl: shave off one cycle from BODY_20_39 
and improve performance by 10% on POWER[78].

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-07-21 15:29:09 +02:00
Andy Polyakov
0e716d9207 Engage GHASH for PowerISA 2.0.7. 
[and split ppccap.c to ppccap.c and ppc_arch.h]

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:16:31 +02:00
Andy Polyakov
f5b798f50c Add GHASH for PowerISA 2.0.7. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:14:26 +02:00
Dr. Stephen Henson
03c075e572 Windows build fixes. 
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-19 22:57:37 +01:00
Dr. Stephen Henson
d31fed73e2 RFC 5649 support. 
Add support for RFC5649 key wrapping with padding.

Add RFC5649 tests to evptests.txt

Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.

EVP support and minor changes added by Stephen Henson.

Doxygen comment block updates by Tim Hudson.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67 Make *Final work for key wrap again. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501 Sanity check lengths for AES wrap algorithm. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-17 12:57:40 +01:00
Andy Polyakov
e91718e80d Revert "Add GHASH for PowerISA 2.07." 
This reverts commit 927f2e5dea.
 2014-07-16 13:38:15 +02:00
Andy Polyakov
6cd13f70bb Revert "Engage GHASH for PowerISA 2.07." 
This reverts commit 14aaf883d9.
 2014-07-16 13:37:37 +02:00
Andy Polyakov
14aaf883d9 Engage GHASH for PowerISA 2.07. 2014-07-16 08:03:34 +02:00
Andy Polyakov
927f2e5dea Add GHASH for PowerISA 2.07. 2014-07-16 08:01:41 +02:00
Matt Caswell
f8571ce822 Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data. 
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415
 2014-07-13 22:17:39 +01:00
Richard Levitte
8b5dd34091 * crypto/ui/ui_lib.c: misplaced brace in switch statement. 
Detected by dcruette@qualitesys.com
 2014-07-13 19:11:46 +02:00
Ben Laurie
c1d1b0114e Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). 2014-07-10 17:49:02 +01:00
Matt Caswell
66816c53be Fix memory leak in BIO_free if there is no destroy function. 
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439
 2014-07-09 23:29:17 +01:00
Andy Polyakov
1b0fe79f3e x86_64 assembly pack: improve masm support. 2014-07-09 20:08:01 +02:00
Andy Polyakov
d11c70b2c2 Please Clang's sanitizer, addendum. 2014-07-08 23:06:59 +02:00
Andy Polyakov
021e5043e5 Please Clang's sanitizer. 
PR: #3424,#3423,#3422
 2014-07-08 22:24:44 +02:00
Andy Polyakov
07b635cceb sha[1|512]-x86_64.pl: fix logical errors with $shaext=0. 2014-07-07 17:01:07 +02:00
David Lloyd
9d23f422a3 Prevent infinite loop loading config files. 
PR#2985
 2014-07-07 13:19:57 +01:00
Viktor Dukhovni
297c67fcd8 Update API to use (char *) for email addresses and hostnames 
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
 2014-07-07 19:11:38 +10:00
Dr. Stephen Henson
5ecf1141a5 Sanity check keylength in PVK files. 
PR#2277
 2014-07-06 00:36:16 +01:00
Andy Polyakov
7eb9680ae1 sha512-x86_64.pl: fix typo. 
PR: #3431
 2014-07-05 23:59:57 +02:00
Alan Hryngle
fdea4fff8f Return smaller of ret and f. 
PR#3418.
 2014-07-05 22:37:41 +01:00
Viktor Dukhovni
ced3d9158a Set optional peername when X509_check_host() succeeds. 
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.
 2014-07-06 01:50:50 +10:00
Viktor Dukhovni
6e661d458f New peername element in X509_VERIFY_PARAM_ID 
Declaration, memory management, accessor and documentation.
 2014-07-06 01:50:50 +10:00
Ben Laurie
6835f572a9 Reduce casting nastiness. 2014-07-05 15:00:53 +01:00
Dr. Stephen Henson
55707a36cc Add license info. 2014-07-04 18:41:45 +01:00
Dr. Stephen Henson
b948ee27b0 Remove all RFC5878 code. 
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs
 2014-07-04 13:26:35 +01:00
Andy Polyakov
eca441b2b4 bn_exp.c: fix x86_64-specific crash with one-word modulus. 
PR: #3397
 2014-07-02 19:35:50 +02:00
Dr. Stephen Henson
398e99fe5e ASN1 sanity check. 
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
 2014-07-02 00:59:26 +01:00
Andy Polyakov
c7ada16d39 perlasm/ppc-xlate.pl update. 2014-07-01 19:11:11 +02:00
Andy Polyakov
cd1922cde0 Engage SHA256/512 for PowerISA 2.07. 2014-07-01 19:09:11 +02:00
Andy Polyakov
eaa4820471 Add SHA256/512 for PowerISA 2.07. 2014-07-01 19:09:11 +02:00
Andy Polyakov
29be3f6411 sha512-x86_64.pl: fix linking problem under Windows. 2014-07-01 17:11:22 +02:00
Dr. Stephen Henson
387b844ffd Accessor functions for app_data in ECDSA_METHOD 2014-07-01 12:01:51 +01:00
Dr. Stephen Henson
0d263d2acf Test copying of contexts in evp_test. 
Test EVP_CIPHER_CTX_copy in evp_test. This will catch any
problems with copying in underlying ciphers.
 2014-07-01 12:01:51 +01:00
Ben Laurie
e3ba6a5f83 Make depend. 2014-06-30 16:03:29 +01:00
Dr. Stephen Henson
c2fd5d79ff Fix copy for CCM, GCM and XTS. 
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
 2014-06-30 12:57:29 +01:00
ZNV
370bf1d708 Make EVP_CIPHER_CTX_copy work in GCM mode. 
PR#3272
 2014-06-29 22:01:28 +01:00
Ben Laurie
8892ce7714 Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
Dr. Stephen Henson
0e7bda79a1 Handle BER length encoding. 
Tolerate BER length encoding which may include leading zeroes.

PR#2746
 2014-06-29 00:07:08 +01:00
Andy Polyakov
a356e488ad x86_64 assembly pack: refine clang detection. 2014-06-28 17:23:21 +02:00
Andreas Westfeld
d1d4382dcb Fix typo in ideatest.c 2014-06-28 00:06:13 +01:00
Dr. Stephen Henson
59deb33cbe Fix for EVP_PBE_alg_add(). 
In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.

PR#3206
 2014-06-27 23:19:39 +01:00
Andy Polyakov
406d4af050 bn/asm/rsaz-avx2.pl: fix occasional failures. 2014-06-27 22:41:58 +02:00
Dr. Stephen Henson
11da66f8b1 Tolerate critical AKID in CRLs. 
PR#3014
 2014-06-27 18:49:32 +01:00
Tom Greenslade
b36f35cda9 Handle IPv6 addresses in OCSP_parse_url. 
PR#2783
 2014-06-27 17:30:59 +01:00
Dr. Stephen Henson
abac8e0e08 Rebuild OID table. 2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
95791bf941 Fix OID encoding for one component. 
OIDs with one component don't have an encoding.

PR#2556 (Bug#1)
 2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
d2aea03829 Memory leak and NULL dereference fixes. 
PR#3403
 2014-06-27 14:35:07 +01:00
Huzaifa Sidhpurwala
3b3b69ab25 Make sure BN_sqr can never return a negative value. 
PR#3410
 2014-06-26 23:56:34 +01:00
Dr. Stephen Henson
7be6b27aaf Remove ancient obsolete files under pkcs7. 2014-06-26 23:56:34 +01:00
Andy Polyakov
f3f620e1e0 bn_exp.c: move check for AD*X to rsaz-avx2.pl. 
This ensures high performance is situations when assembler supports
AVX2, but not AD*X.
 2014-06-27 00:07:15 +02:00
Andy Polyakov
052ecf91d2 aesp8-ppc.pl: rigid input verification in key setup. 2014-06-25 22:13:17 +02:00
Andy Polyakov
7b8c8c4d79 aesv8-armx.pl: rigid input verification in key setup. 2014-06-25 22:10:45 +02:00
Andy Polyakov
7eb0488280 x86_64 assembly pack: addendum to last clang commit. 2014-06-24 08:37:05 +02:00
Andy Polyakov
ac171925ab x86_64 assembly pack: allow clang to compile AVX code. 2014-06-24 08:24:25 +02:00
Andy Polyakov
015364baf3 aesv8-armx.pl: inclrease interleave factor. 
This is to compensate for higher aes* instruction latency on Cortex-A57.
 2014-06-24 08:08:58 +02:00
Andy Polyakov
0f777aeb50 ARMv8 assembly pack: add Cortex performance numbers. 2014-06-24 08:06:05 +02:00
Viktor Dukhovni
eef1827f89 One more typo when changing !result to result <= 0 2014-06-23 16:26:34 +01:00
Viktor Dukhovni
90b70a6a6b Fix typo in last commit 2014-06-22 20:39:52 -04:00
Viktor Dukhovni
8abffa4a73 Multiple verifier reference identities. 
Implemented as STACK_OF(OPENSSL_STRING).
 2014-06-22 20:32:35 -04:00
Viktor Dukhovni
66d884f067 Implement sk_deep_copy. 2014-06-22 20:24:18 -04:00
Viktor Dukhovni
29edebe95c More complete input validation of X509_check_mumble 2014-06-22 20:18:53 -04:00
Viktor Dukhovni
a48fb0400c X509_check_mumble() failure is <= 0, not just 0 2014-06-22 20:14:53 -04:00
Viktor Dukhovni
b3012c698a Drop hostlen from X509_VERIFY_PARAM_ID. 
Just store NUL-terminated strings.  This works better when we add
support for multiple hostnames.
 2014-06-22 19:52:44 -04:00
Felix Laurie von Massenbach
50cc4f7b3d Fix signed/unsigned comparisons. 2014-06-17 17:41:46 +01:00
Felix Laurie von Massenbach
1f61d8b5b1 Fix shadow declaration. 2014-06-17 17:41:46 +01:00
Andy Polyakov
9024b84b7c aesni-sha[1|256]-x86_64.pl: fix logical error and MacOS X build. 2014-06-16 10:11:45 +02:00
Andy Polyakov
764fe518da aesp8-ppc.pl: add CTR mode. 2014-06-16 08:05:19 +02:00
Viktor Dukhovni
7241a4c7fd Enforce _X509_CHECK_FLAG_DOT_SUBDOMAINS internal-only 2014-06-14 22:31:29 +01:00
Andy Polyakov
ce00c64df9 evp/e_aes_cbc_sha[1|256].c: fix -DPEDANTIC build. 2014-06-14 23:15:39 +02:00
Andy Polyakov
91a6bf80f8 aesni-sha256-x86_64.pl: add missing rex in shaext. 
PR: 3405
 2014-06-14 16:03:06 +02:00
Andy Polyakov
c9cf29cca2 sha1-x86_64.pl: add missing rex prefix in shaext. 
PR: 3405
 2014-06-14 15:27:54 +02:00
Viktor Dukhovni
a09e4d24ad Client-side namecheck wildcards. 
A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).

With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
 2014-06-12 23:19:25 +01:00
Andy Polyakov
977f32e852 Facilitate back-porting of AESNI and SHA modules. 
Fix SEH and stack handling in Win64 build.
 2014-06-12 21:45:41 +02:00
Andy Polyakov
1cf8f57b43 ghash-x86_64.pl: optimize for upcoming Atom. 2014-06-11 11:34:18 +02:00
Andy Polyakov
619b94667c Add support for Intel SHA extension. 2014-06-11 10:27:45 +02:00
Rob Stradling
fd2309aa29 Separate the SCT List parser from the SCT List viewer 2014-06-10 23:44:13 +01:00
Andy Polyakov
e2eabed110 aesni-mb-x86_64.pl: add Win64 SEH. 2014-06-10 23:08:06 +02:00
Dr. Stephen Henson
7a9d59c148 Fix null pointer errors. 
PR#3394
 2014-06-10 14:47:29 +01:00