- 02 3月, 2017 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 3月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2774)
-
- 28 2月, 2017 1 次提交
-
-
由 Emilia Kasper 提交于
This removes the fips configure option. This option is broken as the required FIPS code is not available. FIPS_mode() and FIPS_mode_set() are retained for compatibility, but FIPS_mode() always returns 0, and FIPS_mode_set() can only be used to turn FIPS mode off. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 21 2月, 2017 1 次提交
-
-
由 Pauli 提交于
This implementation is written in endian agnostic C code. No attempt at providing machine specific assembly code has been made. This implementation expands the evptests by including the test cases from RFC 5794 and ARIA official site rather than providing an individual test case. Support for ARIA has been integrated into the command line applications, but not TLS. Implemented modes are CBC, CFB1, CFB8, CFB128, CTR, ECB and OFB128. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2337)
-
- 16 2月, 2017 1 次提交
-
-
由 Kazuki Yamaguchi 提交于
Fix a typo. Probably this has not been found because EVP_CIPHER_CTX is smaller than EVP_CHACHA_AEAD_CTX and heap overflow does not occur. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2294)
-
- 10 2月, 2017 1 次提交
-
-
由 Lukasz Pawelczyk 提交于
EVP_CIPH_FLAG_LENGTH_BITS flag for CFB1 has been broken with the introduction of the is_partially_overlapping() check that did not take it into the account (treating number of bits passed as bytes). This remedies that and allows this flag to work as intended. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1942)
-
- 08 2月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2550)
-
- 07 2月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed. If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL, aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2562)
-
- 04 2月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Fixed a memory leak in ASN1_digest and ASN1_item_digest. Reworked error handling in asn1_item_embed_new. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in CRYPTO_free_ex_data. Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon. Check for null pointer in tls_process_cert_verify. Fixes #2103 #2104 #2105 #2109 #2111 #2115 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2342)
-
- 02 2月, 2017 1 次提交
-
-
由 Todd Short 提交于
The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2216)
-
- 26 1月, 2017 2 次提交
-
-
由 Andy Polyakov 提交于
Originally a crash in 32-bit build was reported CHACHA20-POLY1305 cipher. The crash is triggered by truncated packet and is result of excessive hashing to the edge of accessible memory. Since hash operation is read-only it is not considered to be exploitable beyond a DoS condition. Other ciphers were hardened. Thanks to Robert Święcki for report. CVE-2017-3731 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Originally a crash in 32-bit build was reported CHACHA20-POLY1305 cipher. The crash is triggered by truncated packet and is result of excessive hashing to the edge of accessible memory (or bogus MAC value is produced if x86 MD5 assembly module is involved). Since hash operation is read-only it is not considered to be exploitable beyond a DoS condition. Thanks to Robert Święcki for report. CVE-2017-3731 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 1月, 2017 5 次提交
-
-
由 Matt Caswell 提交于
This function is used to validate application supplied parameters. An assert should be used to check for an error that is internal to OpenSSL. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2275)
-
由 Matt Caswell 提交于
When doing in place encryption the overlapping buffer check can fail incorrectly where we have done a partial block "Update" operation. This fixes things to take account of any pending partial blocks. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2275)
-
由 Matt Caswell 提交于
If we have previously been passed a partial block in an "Update" call then make sure we properly increment the output buffer when we use it. Fixes #2273 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2275)
-
由 Matt Caswell 提交于
Lots of references to 16 replaced by AES_BLOCK_SIZE. Also a few other style tweaks in that function Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2275)
-
由 Todd Short 提交于
Remove duplicate defines from EVP source files. Most of them were in evp.h, which is always included. Add new ones evp_int.h EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK is now always defined in evp.h, so remove conditionals on it Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2201)
-
- 24 1月, 2017 2 次提交
-
-
由 Todd Short 提交于
Add Poly1305 as a "signed" digest. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2128)
-
由 Kazuki Yamaguchi 提交于
ChaCha20 code uses its own custom cipher_data. Add EVP_CIPH_CUSTOM_IV and EVP_CIPH_ALWAYS_CALL_INIT so that the key and the iv can be set by different calls of EVP_CipherInit_ex(). Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2156)
-
- 08 1月, 2017 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
-
由 Dr. Stephen Henson 提交于
New function EVP_PKEY_CTX_md() which takes a string and passes a digest to a ctrl. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
-
- 22 12月, 2016 1 次提交
-
-
由 Todd Short 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2134)
-
- 21 12月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2121)
-
- 20 12月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
For now, checking that the size is non-zero will suffice. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2120)
-
- 26 11月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
This makes S/MIME and CMS signing in MIME format for SHA1 work again. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 11月, 2016 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1500
-
- 10 11月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
The offset to the memory to clear was incorrect, causing a heap buffer overflow. CVE-2016-7054 Thanks to Robert Święcki for reporting this Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 11月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
All of these don't compile cleanly any more, probably haven't for quite some time Reviewed-by: NEmilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1789)
-
- 28 10月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Also extend BIO_METHOD to be able to supply an implementation for the new BIO_write_ex function. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Also extend BIO_METHOD to be able to supply an implementation for the new BIO_read function. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 19 10月, 2016 1 次提交
-
-
由 Patrick Steuer 提交于
crypto/evp/e_aes.c: Types of inp and out parameters of AES_xts_en/decrypt functions need to be changed from char to unsigned char to avoid build error due to '-Werror=incompatible-pointer-types'. crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above change. Signed-off-by: NPatrick Steuer <psteuer@mail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> CLA: trivial
-
- 07 9月, 2016 1 次提交
-
-
由 Alex Gaynor 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 26 8月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
The definition of STITCHED_CALL relies on OPENSSL_NO_ASM. However, when a configuration simply lacks the assembler implementation for RC4 (which is where we have implemented the stitched call), OPENSSL_NO_ASM isn't implemented. Better, then, to rely on specific macros that indicated that RC4 (and MD5) are implemented in assembler. For this to work properly, we must also make sure Configure adds the definition of RC4_ASM among the C flags. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 24 8月, 2016 1 次提交
-
-
由 Andy Polyakov 提交于
Thanks to David Benjamin for reporting this. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 8月, 2016 1 次提交
-
-
由 Andy Polyakov 提交于
RT#4628 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 8月, 2016 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add ctrl operations to set or retrieve encoded point in EVP_PKEY structures containing X25519 keys. Reviewed-by: NRich Salz <rsalz@openssl.org>
-