- 20 11月, 2019 2 次提交
-
-
由 Patrick Steuer 提交于
The asm modules may assume an input length > 0. Fixes: #9262 Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10323)
-
由 Rich Salz 提交于
Add documentation for all commands that have parameters. Fix a couple of minor doc and programming bugs, too. Fixes #10313 Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10371)
-
- 19 11月, 2019 4 次提交
-
-
由 Matt Caswell 提交于
Various ciphers have the ability to support varaible length keys. This adds some test cases for algorithms where we did not test a key length other than the default size. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10449)
-
由 Matt Caswell 提交于
EVP_CIPHER_CTX_set_keylen() was succeeding even though a bad key length is passed to it. This is because the set_ctx_params() were all accepting this parameter and blindly changing the keylen even though the cipher did not accept a variable key length. Even removing this didn't entirely resolve the issue because set_ctx_params() functions succeed even if passed a parameter they do not recognise. This should fix various issues found by OSSfuzz/Cryptofuzz. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10449)
-
由 Shane Lontis 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10467)
-
由 Xiaokang Qian 提交于
Speed test, aes-siv related cases fail on both x86 and arm. The return value of siv_init() causes this problem, remove the iv check to fix it. Verify it locally, the result is pass. Fixes #10416 Change-Id: If1a18599f3d0f56f22a1ce4f8f114b8db0f68cca Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10419)
-
- 18 11月, 2019 3 次提交
-
-
由 Pauli 提交于
The property query cache was not reference count aware and this could cause problems if the property store removes an algorithm while it is being returned from an asynchronous query. This change makes the cache reference count aware and avoids disappearing algorithms. A side effect of this change is that the reference counts are now owned by the cache and store. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10408)
-
由 Shane Lontis 提交于
Fixes #10438 issue found by clusterfuzz/ossfuzz The dest was getting a copy of the src structure which contained a pointer that should point to an offset inside itself - because of the copy it was pointing to the original structure. The setup for a ctx is mainly done by the initkey method in the PROV_CIPHER_HW structure. Because of this it makes sense that the structure should also contain a copyctx method that is use to resolve any pointers that need to be setup. A dup_ctx has been added to the cipher_enc tests in evp_test. It does a dup after setup and then frees the original ctx. This detects any floating pointers in the duplicated context that were pointing back to the freed ctx. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10443)
-
由 Richard Levitte 提交于
There's no reason why the object to be written, or the key string given by the caller should be non-const. This makes the IMPLEMENT_PEM_..._const and DECLARE_PEM_..._const macros superfluous, so we keep them around but mark them deprecated. In all places where IMPLEMENT_PEM_..._const and DECLARE_PEM_..._const are used, they are replaced with the corresponding macros without '_const'. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10452)
-
- 17 11月, 2019 2 次提交
-
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10454)
-
由 Anthony Hu 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/10388)
-
- 16 11月, 2019 2 次提交
-
-
由 raniervf 提交于
Author: raniervf <ranier_gyn@hotmail.com> Date: Thu Nov 7 18:59:11 2019 -0300 Avoid calling strlen repeatedly in loops. Reviewed-by: NPaul Yang <kaishen.yy@antfin.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10380)
-
由 Rich Salz 提交于
Replace L<> link to header-file with a C<> reference. Change some broken L<provider(3)> links to L<provider(7)>. For consistency, rename four cipher pages to have a specific mode. Fix up all references to any "generic" names to point to specific names. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10100)
-
- 15 11月, 2019 5 次提交
-
-
由 Matt Caswell 提交于
A travis build was failing because of a memory leak in confdump due to us not freeing an allocated CONF structure. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10429)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10446)
-
由 Patrick Steuer 提交于
Avoid conflicts with some linkers. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10439)
-
由 Tomas Mraz 提交于
The context and label is info and salt respectively - fix the example in KB manpage for that. There are some typos and bug in EVP_KDF_derive call in the KRB5KDF example. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10426)
-
由 Tomas Mraz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10432)
-
- 14 11月, 2019 19 次提交
-
-
由 Matt Caswell 提交于
PR 8882 added a new field to the CONF structure. Unfortunately this structure was created using OPENSSL_malloc() and the new field was not explicitly initialised in the "init" function. Therefore when we came to read it for the first time we got an uninitialised read. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10428)
-
由 Matt Caswell 提交于
We modify the build.info file to exclude the legacy_blake2.c file in the event that blake2 support has been disabled. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10425)
-
由 Matt Caswell 提交于
Fix a misplaced "#endif" which was disabling a little too much code. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10423)
-
由 Richard Levitte 提交于
Exporting data from a provider owned domainparams or key is quite an ordeal, with having to figure out what parameter keys an implementation supports, call the export function a first time to find out how large each parameter buffer must be, allocate the necessary space for it, and call the export function again. So how about letting the export function build up the key data params and call back with that? This change implements exactly such a mechanism. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10414)
-
由 Matt Caswell 提交于
Guard two tests that depend on CMAC and Camellia so that we don't fail if those algorithms are not available. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10424)
-
由 Matt Caswell 提交于
We added a new executable to the test directory which didn't match the existing gitignore rules, so we add it explicitly. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10430)
-
由 Matt Caswell 提交于
We have converted a number of macros to functions and made them work with providers. We've also added some *_ex() variants that needed documenting. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
The old value of 10 for OSSL_PARAM_BLD_MAX is insufficient for multi-prime RSA. That code has this assert: if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1 + numprimes + numexps + numcoeffs <= OSSL_PARAM_BLD_MAX)) goto err; So we increase OSSL_PARAM_BLD_MAX which would be enough for 7 primes (more than you would ever reasonably want). Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
Sometimes it is useful to be able to pass NULL/zero length strings Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Matt Caswell 提交于
Sometimes it is valid to send a NULL pointer in params. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
-
由 Richard Levitte 提交于
This offers a very generic way to define a callback as well as calling it. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10412)
-
由 Joerg Schmidbauer 提交于
Signed-off-by: NJoerg Schmidbauer <jschmidb@de.ibm.com> Reviewed-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10417)
-
由 Nicola Tuveri 提交于
Add more explicit documentation about the relation between EC_POINT_point2oct(), EC_POINT_point2hex(), EC_POINT_point2bn() and their reverse. In particular highlight that EC_POINT_point2oct() and EC_POINT_oct2point() conform to, respectively, Sec. 2.3.3 and Sec. 2.3.4 of the SECG SEC 1 standard (which is the normative reference for the already mentioned RFC 5480), highlighting with a note how this affect the encoding/decoding of the point at infinity (which in contrast with any other valid generic point of a curve is assigned an exceptional fixed octet string encoding, i.e., 0x00). Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10329)
-
由 Nicola Tuveri 提交于
Adds tests for each curve to ensure that encodings obtained through EC_POINT_hex2point() can be fed to EC_POINT_point2hex() yielding a point identical to the one from which the encoding is generated. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10329)
-
由 Nicola Tuveri 提交于
EC_POINT_bn2point() rejected BIGNUMs with a zero value. This behavior indirectly caused failures when converting a point at infinity through EC_POINT_point2hex() and then back to a point with EC_POINT_hex2point(). With this change such BIGNUMs are treated like any other and exported to an octet buffer filled with zero. It is then EC_POINT_oct2point() (either the default implementation or the custom one in group->meth->oct2point) to determine if such encoding maps to a valid point (generally the point at infinity is encoded as 0x00). Fixes #10258 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10329)
-
- 13 11月, 2019 3 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10421)
-
由 Nicola Tuveri 提交于
https://github.com/openssl/openssl/issues/10224#issuecomment-546593113 highlighted that existing testing infrastructure is not covering common usage patterns of the `req` app. This commit explicitly adds request generations thorugh the CLI using RSA, DSA and ECDSA (P-256) keys. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/pr-10312)
-
由 Jon Spillett 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9752)
-