mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
28,866 Commits 34 Branches 385 Tags 420 MiB
ae6f65ae08
Commit Graph

8 Commits

Author SHA1 Message Date
Matt Caswell
a28d06f3e9 Update copyright year 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
 2021-02-18 15:05:17 +00:00
Juergen Christ
732a4d15b0 Fix cipher reinit on s390x if no key is specified 
If key==null on EVP_CipherInit_ex, the init functions for the hardware
implementation is not called.  The s390x implementation of OFB and CFB mode
used the init function to copy the IV into the hardware causing test failures
on cipher reinit.  Fix this by moving the copy operation into the cipher
operation.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/13984)
 2021-01-28 15:23:25 +01:00
Matt Caswell
eec0ad10b9 Update copyright year 
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13144)
 2020-10-15 14:10:06 +01:00
Pauli
592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13030)
 2020-10-01 10:33:57 +10:00
Benjamin Kaduk
520150151b Expose S390x HW ciphers' IV state to provider layer 
The S390x hardware-accelerated cipher implementations keep their IV
state in an internal structure tied to the underlying implementation.
However, the provider itself needs to be able to expose the IV state
to libcrypto when processing the "iv-state" parameter.  In the absence
of a S390x hardware-specific get_ctx_params() implementation,  be sure
to copy the IV state from the hw-specific structure back to the
generic PROV_CIPHER_CTX object after each cipher operation in order to
synchronize the internal and fetchable state.

[extended tests]

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12233)
 2020-08-11 07:07:58 -07:00
Shane Lontis
dbca036435 fix s390 compile error due to missing comma. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10467)
 2019-11-19 10:38:05 +10:00
Shane Lontis
f75abcc0f0 Fix Use after free when copying cipher ctx 
Fixes #10438
issue found by clusterfuzz/ossfuzz

The dest was getting a copy of the src structure which contained a pointer that should point to an offset inside itself - because of the copy it was pointing to the original structure.

The setup for a ctx is mainly done by the initkey method in the PROV_CIPHER_HW structure. Because of this it makes sense that the structure should also contain a copyctx method that is use to resolve any pointers that need to be setup.

A dup_ctx has been added to the cipher_enc tests in evp_test. It does a dup after setup and then frees the original ctx. This detects any floating pointers in the duplicated context that were pointing back to the freed ctx.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10443)
 2019-11-18 13:13:05 +10:00
Richard Levitte
604e884bb8 Providers: move all ciphers 
From providers/{common,default}/ to providers/implementations/

Except for common code, which remains in providers/common/ciphers/.
However, we do move providers/common/include/internal/ciphers/*.h
to providers/common/include/prov/, and adjust all source including
any of those header files.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10088)
 2019-10-10 14:12:15 +02:00