Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
1 年多 前同步成功

通知 10
Star 18
Fork 1
T
Third Party Openssl
切换分支/标签
  1. 04 6月, 2018 2 次提交
  3. 23 5月, 2018 1 次提交
    • V
      Limit scope of CN name constraints · d02d80b2
      Viktor Dukhovni 提交于 
      Don't apply DNS name constraints to the subject CN when there's a
least one DNS-ID subjectAlternativeName.

Don't apply DNS name constraints to subject CN's that are sufficiently
unlike DNS names.  Checked name must have at least two labels, with
all labels non-empty, no trailing '.' and all hyphens must be
internal in each label.  In addition to the usual LDH characters,
we also allow "_", since some sites use these for hostnames despite
all the standards.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>
      d02d80b2
  5. 02 5月, 2018 1 次提交
  7. 01 5月, 2018 1 次提交
  9. 27 4月, 2018 1 次提交
  11. 20 4月, 2018 1 次提交
  13. 14 4月, 2018 1 次提交
    • D
      DRBG: implement a get_nonce() callback · 5bc6bcf8
      Dr. Matthias St. Pierre 提交于 
      Fixes #5849

In pull request #5503 a fallback was added which adds a random nonce of
security_strength/2 bits if no nonce callback is provided. This change raised
the entropy requirements form 256 to 384 bit, which can cause problems on some
platforms (e.g. VMS, see issue #5849).

The requirements for the nonce are given in section 8.6.7 of NIST SP 800-90Ar1:

  A nonce may be required in the construction of a seed during instantiation
  in order to provide a security cushion to block certain attacks.
  The nonce shall be either:

  a) A value with at least (security_strength/2) bits of entropy, or

  b) A value that is expected to repeat no more often than a
     (security_strength/2)-bit random string would be expected to repeat.

  Each nonce shall be unique to the cryptographic module in which instantiation
  is performed, but need not be secret. When used, the nonce shall be considered
  to be a critical security parameter.

This commit implements a nonce of type b) in order to lower the entropy
requirements during instantiation back to 256 bits.

The formulation "shall be unique to the cryptographic module" above implies
that the nonce needs to be unique among (with high probability) among all
DRBG instances in "space" and "time". We try to achieve this goal by creating a
nonce of the following form

    nonce = app-specific-data || high-resolution-utc-timestamp || counter

Where || denotes concatenation. The application specific data can be something
like the process or group id of the application. A utc timestamp is used because
it increases monotonically, provided the system time is synchronized. This approach
may not be perfect yet for a FIPS evaluation, but it should be good enough for the
moment.

This commit also harmonizes the implementation of the get_nonce() and the
get_additional_data() callbacks and moves the platform specific parts from
rand_lib.c into rand_unix.c, rand_win.c, and rand_vms.c.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5920)
      5bc6bcf8
  15. 13 4月, 2018 2 次提交
    • M
      Add support for the SRP base64 alphabet · 3fd59700
      Matt Caswell 提交于 
      Historically we used to implement standalone base64 code for SRP. This
was replaced by commit 3d3f21aa with the standard base64 processing code.

However, the SRP base64 code was designed to be compatible with other SRP
libraries (notably libsrp, but also others) that use a variant of standard
base64. Specifically a different alphabet is used and no padding '='
characters are used. Instead 0 padding is added to the front of the string.
By changing to standard base64 we change the behaviour of the API which may
impact interoperability. It also means that SRP verifier files created prior
to 1.1.1 would not be readable in 1.1.1 and vice versa.

Instead we expand our standard base64 processing with the capability to be
able to read and generate the SRP base64 variant.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5925)
      3fd59700
    • M
      Change SRP functions to use EVP_EncodeUpdate/EVP_DecodeUpdate functions · c0804614
      Matt Caswell 提交于 
      Previously they were using EVP_EncodeBlock/EVP_DecodeBlock. These are low
level functions that do not handle padding characters. This was causing
the SRP code to fail. One side effect of using EVP_EncodeUpdate is that
it inserts newlines which is not what we need in SRP so we add a flag to
avoid that.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5925)
      c0804614
  17. 05 4月, 2018 1 次提交
  19. 03 4月, 2018 1 次提交
  21. 23 3月, 2018 1 次提交
  23. 20 3月, 2018 1 次提交
  25. 19 3月, 2018 1 次提交
  27. 17 3月, 2018 1 次提交
  29. 16 3月, 2018 1 次提交
  31. 15 3月, 2018 1 次提交
  33. 02 3月, 2018 1 次提交
  35. 27 2月, 2018 1 次提交
  37. 23 2月, 2018 1 次提交
  39. 24 1月, 2018 1 次提交
  41. 20 11月, 2017 1 次提交
  43. 12 11月, 2017 1 次提交
  45. 06 11月, 2017 1 次提交
  47. 31 10月, 2017 1 次提交
  49. 18 10月, 2017 1 次提交
    • D
      Fix reseeding issues of the public RAND_DRBG · c16de9d8
      Dr. Matthias St. Pierre 提交于 
      Reseeding is handled very differently by the classic RAND_METHOD API
and the new RAND_DRBG api. These differences led to some problems when
the new RAND_DRBG was made the default OpenSSL RNG. In particular,
RAND_add() did not work as expected anymore. These issues are discussed
on the thread '[openssl-dev] Plea for a new public OpenSSL RNG API'
and in Pull Request #4328. This commit fixes the mentioned issues,
introducing the following changes:

- Replace the fixed size RAND_BYTES_BUFFER by a new RAND_POOL API which
  facilitates collecting entropy by the get_entropy() callback.
- Don't use RAND_poll()/RAND_add() for collecting entropy from the
  get_entropy() callback anymore. Instead, replace RAND_poll() by
  RAND_POOL_acquire_entropy().
- Add a new function rand_drbg_restart() which tries to get the DRBG
  in an instantiated state by all means, regardless of the current
  state (uninstantiated, error, ...) the DRBG is in. If the caller
  provides entropy or additional input, it will be used for reseeding.
- Restore the original documented behaviour of RAND_add() and RAND_poll()
  (namely to reseed the DRBG immediately) by a new implementation based
  on rand_drbg_restart().
- Add automatic error recovery from temporary failures of the entropy
  source to RAND_DRBG_generate() using the rand_drbg_restart() function.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4328)
      c16de9d8
  51. 13 10月, 2017 1 次提交
  53. 12 10月, 2017 2 次提交
  55. 11 10月, 2017 1 次提交
  57. 14 9月, 2017 2 次提交
  59. 29 8月, 2017 1 次提交
  61. 22 8月, 2017 1 次提交
    • P
      This has been added to avoid the situation where some host ctype.h functions · a1df06b3
      Pauli 提交于 
      return true for characters > 127.  I.e. they are allowing extended ASCII
characters through which then cause problems.  E.g. marking superscript '2' as
a number then causes the common (ch - '0') conversion to number to fail
miserably.  Likewise letters with diacritical marks can also cause problems.

If a non-ASCII character set is being used (currently only EBCDIC), it is
adjusted for.

The implementation uses a single table with a bit for each of the defined
classes.  These functions accept an int argument and fail for
values out of range or for characters outside of the ASCII set.  They will
work for both signed and unsigned character inputs.
Reviewed-by: NAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4102)
      a1df06b3
  63. 08 8月, 2017 1 次提交
  65. 07 8月, 2017 2 次提交
  67. 03 8月, 2017 1 次提交
  69. 20 7月, 2017 1 次提交