Jonas Maebe
d8513b4abd
dev_crypto_cipher: return immediately if allocating cin/cout failed
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-17 18:51:35 +02:00
Jonas Maebe
c84029dbdc
dev_crypto_init_key: return error if allocating CDATA(ctx)->key failed
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-17 18:51:16 +02:00
Rich Salz
c9a81b3026
RT2751: Declare get_issuer_sk() earlier.
...
Add a declaration for get_issuer_sk() so that other
functions in x509_vf.c could use it. (Planned work
around cross-certification chains.)
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-08-15 17:49:03 -04:00
Jonas Maebe
d6f69ae547
cryptodev_digest_copy: return error if allocating dstate->mac_data fails
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:51 +02:00
Jonas Maebe
349e6b2b0a
cryptodev_digest_update: don't leak original state->mac_data if realloc fails
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:36 +02:00
Jonas Maebe
36f7ed5040
cms_SignerInfo_content_sign: free sig on failure path
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:19 +02:00
Jonas Maebe
4e64f671c9
rtcp_new: return failure if allocation of bi->ptr failed
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:05 +02:00
Jonas Maebe
1c4b688cb4
multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push()
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:37:48 +02:00
Jonas Maebe
bd4acbc70e
BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:37:28 +02:00
Jonas Maebe
8957278869
mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:37:14 +02:00
Jonas Maebe
15297d962c
mime_hdr_new: free mhdr, tmpname, tmpval on error path
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:36:54 +02:00
Jonas Maebe
c9c63b0180
ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:36:34 +02:00
Jonas Maebe
b9b9f853b5
SetBlob: free rgSetBlob on error path
...
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:35:11 +02:00
Istvan Noszticzius
865886553d
Fix use after free bug.
...
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-15 16:50:16 +01:00
Frdric Giudicelli
c753e71e0a
RT783: Minor optimization to ASN1_INTEGER_set
...
Remove local variable and avoid extra assignment.
Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
2014-08-15 10:54:43 -04:00
Rob Austein
cf8bac4456
RT2465: Silence some gcc warnings
...
"Another machine, another version of gcc, another batch
of compiler warnings." Add "=NULL" to some local variable
declarations that are set by passing thier address into a
utility function; confuses GCC it might not be set.
Reviewed-by: Emilia Ksper <emilia@silkandcyanide.net>
2014-08-15 10:52:06 -04:00
Hans Wennborg
01e438f288
RT3023: Redundant logical expressions
...
Remove some redundant logical expressions
Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
2014-08-15 10:45:00 -04:00
Emilia Kasper
f0ca9ccaef
make depend
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-14 15:24:58 +02:00
Bodo Moeller
16602b5cd5
Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and
...
group_order_tests (ectest.c). Also fix the EC_POINTs_mul documentation (ec.h).
Reviewed-by: emilia@openssl.org
2014-08-13 17:37:19 +02:00
Dr Stephen Henson
b00f586a81
Fix d4a4370050
...
Fully remove old error, per drH
Reviewed-by: rsalz
2014-08-11 17:32:57 -04:00
Scott Schaefer
d4a4370050
RT 2517: Various typo's.
...
Reviewed-by: Emilia Kasper
Many of these were already fixed, this catches the last
few that were missed.
2014-08-11 13:43:31 -04:00
Rich Salz
f642ebc1e2
Undo a90081576c
...
Undo unapproved commit that removed DJGPP and WATT32
2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c
Remove DJGPP (and therefore WATT32) #ifdef's.
...
DJGPP is no longer a supported platform. Remove all #ifdef, etc.,
cases that refer to it. DJGPP also #define'd WATT32, so that
is now removed as well.
2014-08-08 16:54:14 -04:00
Dr. Stephen Henson
4a23b12a03
Fix SRP buffer overrun vulnerability.
...
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.
Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
2014-08-06 20:36:41 +01:00
Emilia Kasper
0042fb5fd1
Fix OID handling:
...
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.
CVE-2014-3508
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06 20:36:41 +01:00
Bodo Moeller
0fe73d6c36
Simplify and fix ec_GFp_simple_points_make_affine
...
(which didn't always handle value 0 correctly).
Reviewed-by: emilia@openssl.org
2014-08-01 17:18:14 +02:00
Billy Brumley
cba11f57ce
"EC_POINT_invert" was checking "dbl" function pointer instead of "invert".
...
PR#2569
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-07-21 22:18:40 +01:00
Andy Polyakov
5c3598307e
sha1-ppc.pl: shave off one cycle from BODY_20_39
...
and improve performance by 10% on POWER[78].
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-07-21 15:29:09 +02:00
Andy Polyakov
0e716d9207
Engage GHASH for PowerISA 2.0.7.
...
[and split ppccap.c to ppccap.c and ppc_arch.h]
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:16:31 +02:00
Andy Polyakov
f5b798f50c
Add GHASH for PowerISA 2.0.7.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:14:26 +02:00
Dr. Stephen Henson
03c075e572
Windows build fixes.
...
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 22:57:37 +01:00
Dr. Stephen Henson
d31fed73e2
RFC 5649 support.
...
Add support for RFC5649 key wrapping with padding.
Add RFC5649 tests to evptests.txt
Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.
EVP support and minor changes added by Stephen Henson.
Doxygen comment block updates by Tim Hudson.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67
Make *Final work for key wrap again.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501
Sanity check lengths for AES wrap algorithm.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 12:57:40 +01:00
Andy Polyakov
e91718e80d
Revert "Add GHASH for PowerISA 2.07."
...
This reverts commit 927f2e5dea
.
2014-07-16 13:38:15 +02:00
Andy Polyakov
6cd13f70bb
Revert "Engage GHASH for PowerISA 2.07."
...
This reverts commit 14aaf883d9
.
2014-07-16 13:37:37 +02:00
Andy Polyakov
14aaf883d9
Engage GHASH for PowerISA 2.07.
2014-07-16 08:03:34 +02:00
Andy Polyakov
927f2e5dea
Add GHASH for PowerISA 2.07.
2014-07-16 08:01:41 +02:00
Matt Caswell
f8571ce822
Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.
...
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.
This does have the impact of masking any *real* unitialised data reads in bn though.
Patch based on approach suggested by Rich Salz.
PR#3415
2014-07-13 22:17:39 +01:00
Richard Levitte
8b5dd34091
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
...
Detected by dcruette@qualitesys.com
2014-07-13 19:11:46 +02:00
Ben Laurie
c1d1b0114e
Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259).
2014-07-10 17:49:02 +01:00
Matt Caswell
66816c53be
Fix memory leak in BIO_free if there is no destroy function.
...
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>
PR#3439
2014-07-09 23:29:17 +01:00
Andy Polyakov
1b0fe79f3e
x86_64 assembly pack: improve masm support.
2014-07-09 20:08:01 +02:00
Andy Polyakov
d11c70b2c2
Please Clang's sanitizer, addendum.
2014-07-08 23:06:59 +02:00
Andy Polyakov
021e5043e5
Please Clang's sanitizer.
...
PR: #3424,#3423,#3422
2014-07-08 22:24:44 +02:00
Andy Polyakov
07b635cceb
sha[1|512]-x86_64.pl: fix logical errors with $shaext=0.
2014-07-07 17:01:07 +02:00
David Lloyd
9d23f422a3
Prevent infinite loop loading config files.
...
PR#2985
2014-07-07 13:19:57 +01:00
Viktor Dukhovni
297c67fcd8
Update API to use (char *) for email addresses and hostnames
...
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
2014-07-07 19:11:38 +10:00
Dr. Stephen Henson
5ecf1141a5
Sanity check keylength in PVK files.
...
PR#2277
2014-07-06 00:36:16 +01:00
Andy Polyakov
7eb9680ae1
sha512-x86_64.pl: fix typo.
...
PR: #3431
2014-07-05 23:59:57 +02:00