- 31 7月, 2023 1 次提交
-
-
由 Matt Caswell 提交于
Confirm that the only errors DH_check() finds with DH parameters with an excessively long modulus is that the modulus is too large. We should not be performing time consuming checks using that modulus. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21452) Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
-
- 10 8月, 2021 1 次提交
-
-
由 HJ 提交于
Signed-off-by: NHJ <huangjun42@huawei.com>
-
- 27 2月, 2020 1 次提交
-
-
由 h00416433 提交于
Description:openssl 1.1.1d used bu libhapverify Team:OTHERS Feature or Bugfix:Feature Binary Source:Yes, it is PrivateCode(Yes/No):No Change-Id: I8968f9c0f146b587da17a3e603bd04fb7b4c505b Reviewed-on: http://mgit-tm.rnd.huawei.com/7842784Tested-by: Npublic jenkins <public_jenkins@notesmail.huawei.com> Reviewed-by: Nhouyuezhou 00386575 <hou@huawei.com> Reviewed-by: Nlinyibin 00246405 <linyibin@huawei.com> Reviewed-by: Nweiping 00548480 <ping.wei@huawei.com>
-
- 10 9月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9847)
-
- 24 7月, 2019 1 次提交
-
-
由 Bernd Edlinger 提交于
This avoids leaking bit 0 of the private key. Backport-of: #9363 Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/9435)
-
- 01 7月, 2019 1 次提交
-
-
由 Antoine Cœur 提交于
CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9275)
-
- 10 9月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Reported by Coverity Scan (CID 1439136) [extended tests] Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7155)
-
- 29 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6371)
-
- 18 5月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6273)
-
- 26 9月, 2017 1 次提交
-
-
由 David Benjamin 提交于
The pub_key field for DH isn't actually used in DH_compute_key at all. (Note the peer public key is passed in as as BIGNUM.) It's mostly there so the caller may extract it from DH_generate_key. It doesn't particularly need to be present if filling in a DH from external parameters. The check in DH_set0_key conflicts with adding OpenSSL 1.1.0 to Node. Their public API is a thin wrapper over the old OpenSSL one: https://nodejs.org/api/crypto.html#crypto_class_diffiehellman They have separate setPrivateKey and setPublicKey methods, so the public key may be set last or not at all. In 1.0.2, either worked fine since operations on DH objects generally didn't use the public key. (Like with OpenSSL, Node's setPublicKey method is also largely a no-op, but so it goes.) In 1.1.0, DH_set0_key prevents create a private-key-only DH object. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4384)
-
- 22 8月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4217)
-
- 18 8月, 2017 1 次提交
-
-
由 Pauli 提交于
Apart from ssltest_old.c, the test suite relied on e_os.h for the OSSL_NELEM macro and nothing else. The ssltest_old.c also requires EXIT and some socket macros. Create a new header to define the OSSL_NELEM macro and use that instead. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4186)
-
- 03 8月, 2017 1 次提交
-
-
由 Rich Salz 提交于
If RAND_add wraps around, XOR with existing. Add test to drbgtest that does the wrap-around. Re-order seeding and stop after first success. Add RAND_poll_ex() Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's, mix in the address as the personalization bits. Centralize the entropy callbacks, from drbg_lib to rand_lib. (Conceptually, entropy is part of the enclosing application.) Thanks to Dr. Matthias St Pierre for the suggestion. Various code cleanups: -Make state an enum; inline RANDerr calls. -Add RAND_POLL_RETRIES (thanks Pauli for the idea) -Remove most RAND_seed calls from rest of library -Rename DRBG_CTX to RAND_DRBG, etc. -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the implementation of NIST DRBG. -Remove blocklength Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4019)
-
- 27 7月, 2017 1 次提交
-
-
由 Pauli 提交于
that needed test_main now works using the same infrastructure as tests that used register_tests. This meant: * renaming register_tests to setup_tests and giving it a success/failure return. * renaming the init_test function to setup_test_framework. * renaming the finish_test function to pulldown_test_framework. * adding a user provided global_init function that runs before the test frame work is initialised. It returns a failure indication that stops the stest. * adding helper functions that permit tests to access their command line args. * spliting the BIO initialisation and finalisation out from the test setup and teardown. * hiding some of the now test internal functions. * fix the comments in testutil.h Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3953)
-
- 14 7月, 2017 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3917)
-
- 28 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773)
-
- 25 4月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3243)
-
- 21 4月, 2017 1 次提交
-
-
由 Rich Salz 提交于
The issues were introduced by commit 93d02986. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3263)
-
- 19 4月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3209)
-
- 16 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Misc fixes following the constification of the DH, DSA and RSA getters. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 06 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 29 4月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
-
- 09 4月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Move the dh_st structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 4月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 05 4月, 2016 2 次提交
-
-
由 Rich Salz 提交于
This reverts commit 620d540b. It wasn't reviewed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 3月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 28 1月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Following on from the previous commit, add a test to ensure that DH_compute_key correctly fails if passed a bad y such that: y^q (mod p) != 1 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 08 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this. If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery. (Thanks to Jakob Bohm for the suggestion!) Make the "change wrapper functions" be the only paradigm. Wrote documentation! Format the 'set func' functions so their paramlists are legible. Format some multi-line comments. Remove ability to get/set the "memory debug" functions at runtme. Remove MemCheck_* and CRYPTO_malloc_debug_init macros. Add CRYPTO_mem_debug(int flag) function. Add test/memleaktest. Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 14 12月, 2015 1 次提交
-
-
由 Hongze Zhu 提交于
Signed-off-by: NHongze Zhu <hongze.zhu@gmail.com> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 08 10月, 2015 1 次提交
-
-
由 Pascal Cuoq 提交于
It returns -1 on error, not 0. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> MR #1231
-
- 06 9月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
The test executables use standard output and standard error for text output, so let's open the corresponding BIOs in text mode. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 04 5月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 29 4月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Following ANSI C rules, remove the casts from calls to OPENSSL_malloc and OPENSSL_realloc. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 4月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Rather than making include/openssl/foo.h a symlink to crypto/foo/foo.h, this change moves the file to include/openssl/foo.h once and for all. Likewise, move crypto/foo/footest.c to test/footest.c, instead of symlinking it there. Originally-by: NGeoff Thorpe <geoff@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Start ensuring all OpenSSL "free" routines allow NULL, and remove any if check before calling them. This gets DH_free, DSA_free, RSA_free Reviewed-by: NMatt Caswell <matt@openssl.org>
-