Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 15 10月, 2020 3 次提交
  3. 09 11月, 2019 1 次提交
  5. 29 9月, 2019 2 次提交
    • D
      Fix header file include guard names · ae4186b0
      Dr. Matthias St. Pierre 提交于 
      Make the include guards consistent by renaming them systematically according
to the naming conventions below

For the public header files (in the 'include/openssl' directory), the guard
names try to match the path specified in the include directives, with
all letters converted to upper case and '/' and '.' replaced by '_'. For the
private header files files, an extra 'OSSL_' is added as prefix.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
      ae4186b0
    • D
      Reorganize private crypto header files · 25f2138b
      Dr. Matthias St. Pierre 提交于 
      Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

  #include "internal/file.h"      # located in 'include/internal'
  #include "internal/file_int.h"  # located in 'crypto/include/internal'

This commit moves the private crypto headers from

  'crypto/include/internal'  to  'include/crypto'

As a result, the include directives become unambiguous

  #include "internal/file.h"       # located in 'include/internal'
  #include "crypto/file.h"         # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
      25f2138b
  7. 06 8月, 2019 1 次提交
  9. 21 3月, 2019 1 次提交
  11. 12 3月, 2019 1 次提交
  13. 06 12月, 2018 1 次提交
  15. 05 12月, 2018 1 次提交
  17. 11 9月, 2018 1 次提交
  19. 24 8月, 2018 1 次提交
  21. 22 7月, 2018 1 次提交
  23. 18 7月, 2018 1 次提交
  25. 12 7月, 2018 1 次提交
  27. 22 6月, 2018 1 次提交
  29. 28 2月, 2017 1 次提交
  31. 18 5月, 2016 1 次提交
  33. 01 3月, 2016 1 次提交
    • M
      Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption · 99ba9fd0
      Matt Caswell 提交于 
      In the BN_hex2bn function the number of hex digits is calculated using
an int value |i|. Later |bn_expand| is called with a value of |i * 4|.
For large values of |i| this can result in |bn_expand| not allocating any
memory because |i * 4| is negative. This leaves ret->d as NULL leading
to a subsequent NULL ptr deref. For very large values of |i|, the
calculation |i * 4| could be a positive value smaller than |i|. In this
case memory is allocated to ret->d, but it is insufficiently sized
leading to heap corruption. A similar issue exists in BN_dec2bn.

This could have security consequences if BN_hex2bn/BN_dec2bn is ever
called by user applications with very large untrusted hex/dec data. This is
anticipated to be a rare occurrence.

All OpenSSL internal usage of this function uses data that is not expected
to be untrusted, e.g. config file data or application command line
arguments. If user developed applications generate config file data based
on untrusted data then it is possible that this could also lead to security
consequences. This is also anticipated to be a rare.

Issue reported by Guido Vranken.

CVE-2016-0797
Reviewed-by: NAndy Polyakov <appro@openssl.org>
      99ba9fd0
  35. 27 4月, 2015 1 次提交
  37. 22 1月, 2015 1 次提交
  39. 09 12月, 2014 2 次提交
  41. 18 4月, 2008 1 次提交
  43. 13 8月, 2002 1 次提交
  45. 28 2月, 2002 1 次提交
  47. 08 2月, 2002 1 次提交
  49. 06 2月, 2002 1 次提交
    • R
      With the changed des_old API, let's complete the work by renaming the · 44bdb056
      Richard Levitte 提交于 
      functions in ui_compat.  This gave reason to rework that part more
thoroughly, so here are the changes made:

1. Add DES_read_password() and DES_read_2passwords() with the same
   functionality as the corresponding old des_ functions, as a
   convenience to the users.
2. Add UI_UTIL_read_pw_string() and UI_UTIL_read_pw() with the
   functionality from des_read_pw_string() and des_read_pw(), again as
   a concenience to the users.
3. Rename des_read_password(), des_read_2passwords(),
   des_read_pw_string() and des_read_pw() by changing des_ to
   _ossl_old_des_, and add the usual mapping macros.
4. Move the implementation of des_read_password() and
   des_read_2passwords() to the des directory, since they are tightly
   tied to DES anyway.

This change was inspired by a patch from Assar Westerlund <assar@sics.se>:

There are some functions that didn't get the kick-away-old-des-and-
replace-des-with-DES action.  Here's a patch that adds DES_ and des_
(in des_old.h) versions of des_read_pw_string et al.  This patch
includes some of the first des_old.h semi-colon macro fixes that I've
already sent.
      44bdb056
  51. 25 10月, 2001 1 次提交
    • R
      Due to an increasing number of clashes between modern OpenSSL and · c2e4f17c
      Richard Levitte 提交于 
      libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
      c2e4f17c
  53. 05 7月, 2001 1 次提交
  55. 13 5月, 2001 2 次提交
  57. 20 2月, 2001 1 次提交
  59. 08 1月, 2001 1 次提交
  61. 19 3月, 2000 1 次提交
  63. 06 2月, 2000 1 次提交
  65. 05 2月, 2000 1 次提交
  67. 04 12月, 1999 1 次提交
    • B
      Add functions des_set_key_checked, des_set_key_unchecked. · cddfe788
      Bodo Möller 提交于 
      Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
      cddfe788
  69. 16 5月, 1999 1 次提交
    • B
      Change type of various DES function arguments from des_cblock · edf0bfb5
      Bodo Möller 提交于 
      (meaning pointer to char) to des_cblock * (meaning pointer to
array with 8 char elements), which allows the compiler to
do more typechecking.  (The changed argument types were of type
des_cblock * back in SSLeay, and a lot of ugly casts were
used then to turn them into pointers to elements; but it can be
done without those casts.)

Introduce new type const_des_cblock -- before, the pointers rather
than the elements pointed to were declared const, and for
some reason gcc did not complain about this (but some other
compilers did).
      edf0bfb5