Commit Graph

1075 Commits

Author SHA1 Message Date
Todd Short
8bfa99f04f Fix EVP_MD_meth_get_flags
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2134)
2016-12-22 15:23:41 +01:00
Richard Levitte
2629440d42 Reformat M_check_autoarg to match our coding style
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2121)
2016-12-20 23:21:25 +01:00
Richard Levitte
d7c8f142ea M_check_autoarg: sanity check the key
For now, checking that the size is non-zero will suffice.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2120)
2016-12-20 16:10:24 +01:00
Dr. Stephen Henson
a5abd438f8 Fix ctrl operation for SHA1/MD5SHA1.
This makes S/MIME and CMS signing in MIME format for SHA1 work again.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-25 20:50:58 +00:00
Kurt Roeckx
2f545ae45d Add support for reference counting using C11 atomics
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1500
2016-11-17 22:02:25 +01:00
Richard Levitte
bf52165bda chacha20/poly1305: make sure to clear the buffer at correct position
The offset to the memory to clear was incorrect, causing a heap buffer
overflow.

CVE-2016-7054

Thanks to Robert Święcki for reporting this

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-10 13:04:11 +00:00
Richard Levitte
7280a5d332 Clean away remaining 'selftest' code
All of these don't compile cleanly any more, probably haven't for quite
some time

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:15:40 +01:00
Matt Caswell
3befffa39d Create BIO_write_ex() which handles size_t arguments
Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_write_ex function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28 09:48:54 +01:00
Matt Caswell
d07aee2c7a Create BIO_read_ex() which handles size_t arguments
Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_read function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28 09:48:54 +01:00
Patrick Steuer
96cce82050 Fix strict-warnings build
crypto/evp/e_aes.c: Types of inp and out parameters of
AES_xts_en/decrypt functions need to be changed from char to
unsigned char to avoid build error due to
'-Werror=incompatible-pointer-types'.

crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above
change.

Signed-off-by: Patrick Steuer <psteuer@mail.de>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial
2016-10-18 17:09:47 +01:00
Alex Gaynor
d65c3615f6 GH1537: Avoid double-free in the EVP_PKEY API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-07 09:41:20 -04:00
Richard Levitte
216e8d9103 Improve the definition of STITCHED_CALL in e_rc4_hmac_md5.c
The definition of STITCHED_CALL relies on OPENSSL_NO_ASM.  However,
when a configuration simply lacks the assembler implementation for RC4
(which is where we have implemented the stitched call), OPENSSL_NO_ASM
isn't implemented.  Better, then, to rely on specific macros that
indicated that RC4 (and MD5) are implemented in assembler.

For this to work properly, we must also make sure Configure adds the
definition of RC4_ASM among the C flags.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-08-26 12:41:07 +02:00
Andy Polyakov
9e421962e1 evp/bio_enc.c: stop using pointer arithmetic for error detection.
Thanks to David Benjamin for reporting this.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-24 10:34:27 +01:00
Andy Polyakov
c1a7dcbe16 evp/bio_enc.c: refine non-overlapping logic.
RT#4628

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-21 23:34:12 +02:00
Dr. Stephen Henson
8900f3e398 Convert X509* functions to use const getters
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 13:59:04 +01:00
Dr. Stephen Henson
245c6bc33b Constify private key decode.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Dr. Stephen Henson
5d6aaf8a9d Add point ctrls to X25519
Add ctrl operations to set or retrieve encoded point in
EVP_PKEY structures containing X25519 keys.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Dr. Stephen Henson
262bd85fde Add X25519 methods to internal tables
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Kurt Roeckx
5898b8eb87 Fix spelling of error code
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1421)
2016-08-10 09:58:57 -04:00
FdaSilvaYY
c47ba4e96c Constify some ASN1_OBJECT *obj input parameters
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
FdaSilvaYY
700b814549 Fix some style issues...
extra spacing and 80 cols

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1366)
2016-08-02 09:59:23 +02:00
Andy Polyakov
abdb460d8a evp/bio_enc.c: perform enc_read operation without using overlapping buffers.
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-07-31 17:03:21 +02:00
Andy Polyakov
83151b73a4 evp/evp_enc.c: make assert error message more readable
and add EVPerr(PARTIALLY_OVERLAPPED)

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-07-31 17:03:11 +02:00
Dr. Stephen Henson
976ef6adcc Note cipher BIO write errors too.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 22:42:31 +01:00
Dr. Stephen Henson
ee6ce5cc36 Set error if EVP_CipherUpdate fails.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-26 16:51:49 +01:00
Jakub Zelenka
c1054bb4d2 Add EVP_ENCODE_CTX_copy
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1344)
2016-07-24 19:23:00 +01:00
Kurt Roeckx
69588edbaa Check for errors allocating the error strings.
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
2016-07-20 19:20:53 +02:00
Andy Polyakov
365f95ad53 evp/e_aes.c: wire new CBC and CTR subroutines from aesfx-sparcv9.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-16 23:37:31 +02:00
FdaSilvaYY
68efafc513 Add checks on sk_TYPE_push() returned value
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-05 17:45:50 +01:00
Matt Caswell
3ce2fdabe6 Convert memset calls to OPENSSL_cleanse
Ensure things really do get cleared when we intend them to.

Addresses an OCAP Audit issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-30 15:51:57 +01:00
FdaSilvaYY
02e112a885 Whitespace cleanup in crypto
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-29 09:56:39 -04:00
Emilia Kasper
2cdce3e32f base64 macro: parenthesize for clarity
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-28 17:23:11 +02:00
Andy Polyakov
5fc77684f1 evp/evp_enc.c: refine partial buffer overlap detection.
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-27 10:09:07 +02:00
Andy Polyakov
c3a73daf0a evp/evp_enc.c: check for partially[!] overlapping buffers
in EVP_EncryptUpdate and EVP_DecryptUpdate. It is argued that in
general case it's impossible to provide guarantee that partially[!]
overlapping buffers can be tolerated.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-27 10:08:01 +02:00
Matt Caswell
0def528bc5 Ensure HMAC key gets cleansed after use
aesni_cbc_hmac_sha256_ctrl() and aesni_cbc_hmac_sha1_ctrl() cleanse the
HMAC key after use, but static int rc4_hmac_md5_ctrl() doesn't.

Fixes an OCAP Audit issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-24 13:25:00 +01:00
Rich Salz
fe2d149119 RT2867: des_ede3_cfb1 ignored "size in bits" flag
Code and tests by Steve.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-23 10:03:50 -04:00
Kurt Cancemi
b88e95f3a0 crypto/evp/e_aes_cbc_hmac_sha256.c: Remove spurious memset
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1231)
2016-06-20 09:38:37 -04:00
FdaSilvaYY
823146d65f Useless header include of openssl/rand.h
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
Nathaniel McCallum
ebad0b0beb Add EVP_PKEY_get0_hmac() function
Before the addition of this function, it was impossible to read the
symmetric key from an EVP_PKEY_HMAC type EVP_PKEY.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1217)
2016-06-16 13:33:47 -04:00
Matt Caswell
cf3404fcc7 Change the return type of EVP_EncodeUpdate
Previously EVP_EncodeUpdate returned a void. However there are a couple
of error conditions that can occur. Therefore the return type has been
changed to an int, with 0 indicating error and 1 indicating success.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-16 09:50:48 +01:00
Andy Polyakov
46f047d76b evp/e_aes.c: wire hardware-assisted XTS subroutines.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:19:35 +02:00
Matt Caswell
d356dc5619 Add some missing return value checks
Some misc return value checks

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:38:39 +01:00
Dr. Stephen Henson
f72f00d495 Parameter copy sanity checks.
Don't copy parameters is they're already present in the destination.
Return error if an attempt is made to copy different parameters to
destination. Update documentation.

If key type is not initialised return missing parameters

RT#4149

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-31 13:06:16 +01:00
Todd Short
c01a3c6df0 Fix braces in e_aes.c: aes_init_key
This compiles correctly, but depending on what may be defined, it's
possible that this could fail compilation. The braces are mismatched,
and it's possible to end up with an else followed by another else.

This presumes the indentation is mostly correct and indicative of
intent. Found via static analysis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1118)
2016-05-24 10:51:14 -04:00
J Mohan Rao Arisankala
a93e0e78db #4342: few missing malloc return checks and free in error paths
ossl_hmac_cleanup, pkey_hmac_cleanup:
 - allow to invoke with NULL data
 - using EVP_PKEY_CTX_[get|set]_data

EVP_DigestInit_ex:
 - remove additional check for ‘type’ and doing clear free instead of
free

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 23:08:22 +01:00
Rich Salz
0cd0a820ab Remove unused error/function codes.
Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 15:04:23 -04:00
Kazuki Yamaguchi
d2dfd4820b Fix a NULL dereference in chacha20_poly1305_init_key()
chacha20_poly1305_init_key() dereferences NULL when called with inkey !=
NULL && iv == NULL. This function is called by EVP_EncryptInit_ex()
family, whose documentation allows setting key and iv in separate calls.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-18 11:08:55 +02:00
Rich Salz
b6cff313cb Manual fixes after copyright consolidation
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 17:38:18 -04:00
Rich Salz
aa6bb1352b Copyright consolidation 05/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 15:38:09 -04:00
Rich Salz
6286757141 Copyright consolidation 04/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:24:46 -04:00