- 09 5月, 2018 3 次提交
-
-
由 Billy Brumley 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6070)
-
由 Billy Brumley 提交于
* EC_POINT_mul is now responsible for constant time point multiplication (for single fixed or variable point multiplication, when the scalar is in the range [0,group_order), so we need to strip the nonce padding from ECDSA. * Entry added to CHANGES * Updated EC_POINT_mul documentation - Integrate existing EC_POINT_mul and EC_POINTs_mul entries in the manpage to reflect the shift in constant-time expectations when performing a single fixed or variable point multiplication; - Add documentation to ec_method_st to reflect the updated "contract" between callers and implementations of ec_method_st.mul. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6070)
-
由 Richard Levitte 提交于
items->ile3$w_code was checked before it was assigned its value... Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6200)
-
- 08 5月, 2018 3 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6191)
-
由 Andy Polyakov 提交于
Triggered by Coverity analysis. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6190)
-
由 Matt Caswell 提交于
The function CMS_RecipientInfo_set0_pkey() is a "set0" and therefore memory management passes to OpenSSL. If the same function is called again then we should ensure that any previous value that was set is freed first before we set it again. Fixes #5052 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6142)
-
- 05 5月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
When the input length is zero, just return zero early. Otherwise, there's a small chance that memory allocation is engaged, fails and returns -1, which is a bit confusing when nothing should be written. Fixes #4782 #4827 Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/6175)
-
- 04 5月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Fixes #6121 Thanks to Mingtao Yang for reporting this bug. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6162)
-
- 03 5月, 2018 7 次提交
-
-
由 Richard Levitte 提交于
Add more items that could serve as entropy source. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6151)
-
由 Richard Levitte 提交于
Stop redefining structures that are already defined in system headers. This also means we can stop setting the pointer size globally, because the system structures will have the correct pointer sizes either way. The only exception is passing the right pointer size to a function. Stop trying to twist things around with rand(), that's the job of the DRBG that we feed. Stop assuming the location of the JPI$_FINALEXC item, look it up instead. Signal an exception if the sys$getjpiw call fails (it means the item list isn't set up right, so works as an assertion, but using VMS methodology). Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6151)
-
由 Matt Caswell 提交于
Calculating BN_mod_inverse where n is 1 (or -1) doesn't make sense. We should return an error in that case. Instead we were returning a valid result with value 0. Fixes #6004 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6119)
-
由 Matt Caswell 提交于
Commit 5b748dea added this function which should have taken a const argument. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6154)
-
由 FdaSilvaYY 提交于
No need to buildtest on opensslconf.h Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6149)
-
由 Andy Polyakov 提交于
Montgomery multiplication post-conditions in some of code paths were formally non-constant time. Cache access pattern was result-neutral, but a little bit asymmetric, which might have produced a signal [if processor reordered load and stores at run-time]. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6141)
-
由 Dr. Matthias St. Pierre 提交于
which is used for ASN1_STRING_print_ex*() and X509_NAME_print_ex*(). Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6105)
-
- 02 5月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
rand_pool_bytes_needed() was constructed in such a way that the smallest acceptable entropy factor was 1 entropy bits per 8 bits of data. At the same time, we have a DRBG_MINMAX_FACTOR that allows weaker source, as small as 1 bit of entropy per 128 bits of data. The conclusion is that rand_pool_bytes_needed() needs to change to support weaker entropy sources. We therefore change the input of entropy per byte to be an entropy factor instead. This entropy factor expresses how many bits of data it takes (on average) to get 1 bit of entropy. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/6150)
-
由 Pavel Kopyl 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4700)
-
- 01 5月, 2018 3 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6124)
-
由 Matt Caswell 提交于
Fixes #5061 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6139)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6145)
-
- 29 4月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Fixes: #6120 Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6123)
-
- 27 4月, 2018 6 次提交
-
-
由 Bernd Edlinger 提交于
Fixes: #6081 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6089)
-
由 Billy Brumley 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6099)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6094)
-
由 Rich Salz 提交于
Add a script to find them in the future Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/6103)
-
由 Bernd Edlinger 提交于
Fixes: #5950 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6038)
-
由 FdaSilvaYY 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6085)
-
- 26 4月, 2018 3 次提交
-
-
由 Richard Levitte 提交于
get_last_sys_error() already exists, so there's no need for yet another macro that fulfills the same purpose. Fixes #4120 Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6088)
-
由 Richard Levitte 提交于
Add a bit more commentary to explain what's going on. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6080)
-
由 Richard Levitte 提交于
That error is already caught by EVP_read_pw_string_min, and causes this function to return -1, so the code detecting too short passwords in this function is practically dead. Fixes #5465 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6080)
-
- 25 4月, 2018 2 次提交
-
-
由 Nicola Tuveri 提交于
Currently, critical bugs prevent using SM2 signatures through the `EVP_PKEY` interface: any application that managed to satisfy the requirement of forcing SM3 as the message digest – even if this is currently not possible transparently through the `EVP_PKEY` interface and requires manually forcing the MD selection – would crash with a segmentation fault upon calling the `SM2_sign()` function. This is easily verified using the OpenSSL CLI to execute this critical code path under the right conditions: `openssl dgst -sm3 -hex -sign sm2.eckey /path/to/file/to/sign` The issue is caused by a double free at the end of `SM2_sign()` in `crypto/sm2/sm2_sign.c` in case of successful signature generation. In addition, even if the double free was not causing segfaults, the function returns the wrong return value in case of success (it would return 0 rather than 1). This patch fixes both problems. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6066)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6071)
-
- 24 4月, 2018 8 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Noticed in #5837 Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6064)
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5837)
-
由 Dr. Matthias St. Pierre 提交于
The 'tag2nbyte' lookup table maps the tags of ASN1 string types to their respective character widths. It is used for example by ASN1_STRING_to_UTF8(). This commit adds the tag names as comments. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6062)
-
由 Billy Brumley 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6009)
-
由 Nicola Tuveri 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6009)
-
由 Nicola Tuveri 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6009)
-
由 Billy Brumley 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6009)
-
由 Nicola Tuveri 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6009)
-