Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
1 年多 前同步成功

通知 10
Star 18
Fork 1
T
Third Party Openssl
切换分支/标签
  1. 28 9月, 2019 2 次提交
    • D
      Reorganize local header files · b5acbf91
      Dr. Matthias St. Pierre 提交于 
      Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like

  '*_lcl.h', '*_local.h', or '*_int.h'

This commit changes the different suffixes to '*_local.h' uniformly.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9681)
      b5acbf91
    • D
      Reorganize private crypto header files · 0c994d54
      Dr. Matthias St. Pierre 提交于 
      Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

  #include "internal/file.h"      # located in 'include/internal'
  #include "internal/file_int.h"  # located in 'crypto/include/internal'

This commit moves the private crypto headers from

  'crypto/include/internal'  to  'include/crypto'

As a result, the include directives become unambiguous

  #include "internal/file.h"       # located in 'include/internal'
  #include "crypto/file.h"         # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9681)
      0c994d54
  3. 10 9月, 2019 1 次提交
  5. 07 9月, 2019 1 次提交
    • B
      Remove x86/x86_64 BSAES and AES_ASM support · 87bea655
      Bernd Edlinger 提交于 
      This leaves VPAES and AESNI support.
The VPAES performance is comparable but BSAES is not
completely constant time. There are table lookups
using secret key data in AES_set_encrypt/decrypt_key
and in ctr mode short data uses the non-constant
time AES_encrypt function instead of bit-slicing.
Furthermore the AES_ASM is by far outperformed
by recent GCC versions.
Since BSAES calls back to AES_ASM for short
data blocks the performance on those is also
worse than the pure software implementaion.

Fixes: #9640
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9675)
      87bea655
  7. 19 8月, 2019 1 次提交
  9. 08 8月, 2019 1 次提交
  11. 01 7月, 2019 2 次提交
  13. 25 6月, 2019 1 次提交
  15. 24 6月, 2019 1 次提交
  17. 28 5月, 2019 1 次提交
  19. 22 5月, 2019 1 次提交
  21. 21 5月, 2019 1 次提交
  23. 08 5月, 2019 1 次提交
    • T
      Allow specifying the tag after AAD in CCM mode · b48e3be9
      Tobias Nießen 提交于 
      This change allows to pass the authentication tag after specifying
the AAD in CCM mode. This is already true for the other two supported
AEAD modes (GCM and OCB) and it seems appropriate to match the
behavior.

GCM and OCB also support to set the tag at any point before the call
to `EVP_*Final`, but this won't work for CCM due to a restriction
imposed by section 2.6 of RFC3610: The tag must be set before
actually decrypting data.

This commit also adds a test case for setting the tag after supplying
plaintext length and AAD.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7243)

(cherry picked from commit 67c81ec311d696464bdbf4c6d6f8a887a3ddf9f8)
      b48e3be9
  25. 10 4月, 2019 1 次提交
  27. 06 4月, 2019 1 次提交
  29. 27 3月, 2019 2 次提交
  31. 21 3月, 2019 1 次提交
  33. 06 3月, 2019 1 次提交
    • M
      Prevent over long nonces in ChaCha20-Poly1305 · f426625b
      Matt Caswell 提交于 
      ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for
every encryption operation. RFC 7539 specifies that the nonce value (IV)
should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and
front pads the nonce with 0 bytes if it is less than 12 bytes. However it
also incorrectly allows a nonce to be set of up to 16 bytes. In this case
only the last 12 bytes are significant and any additional leading bytes are
ignored.

It is a requirement of using this cipher that nonce values are unique.
Messages encrypted using a reused nonce value are susceptible to serious
confidentiality and integrity attacks. If an application changes the
default nonce length to be longer than 12 bytes and then makes a change to
the leading bytes of the nonce expecting the new value to be a new unique
nonce then such an application could inadvertently encrypt messages with a
reused nonce.

Additionally the ignored bytes in a long nonce are not covered by the
integrity guarantee of this cipher. Any application that relies on the
integrity of these ignored leading bytes of a long nonce may be further
affected.

Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe
because no such use sets such a long nonce value. However user
applications that use this cipher directly and set a non-default nonce
length to be longer than 12 bytes may be vulnerable.

CVE-2019-1543

Fixes #8345
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8406)

(cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6)
      f426625b
  35. 23 12月, 2018 1 次提交
  37. 10 12月, 2018 2 次提交
  39. 20 11月, 2018 1 次提交
  41. 02 10月, 2018 1 次提交
  43. 22 9月, 2018 1 次提交
  45. 13 9月, 2018 1 次提交
  47. 11 9月, 2018 1 次提交
  49. 07 9月, 2018 6 次提交
  51. 06 9月, 2018 1 次提交
  53. 07 8月, 2018 1 次提交
  55. 06 8月, 2018 1 次提交
  57. 03 8月, 2018 1 次提交
  59. 01 8月, 2018 1 次提交
  61. 13 7月, 2018 1 次提交