Richard Levitte
3b7ab6f4b8
Include "constant_time_locl.h" rather than "../constant_time_locl.h".
...
The different -I compiler parameters will take care of the rest...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-25 08:06:47 +02:00
Andy Polyakov
ec65b83d65
crypto/bn/bn_nist.c: work around MSC ARM compiler bug.
...
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 8b07c005fe
)
2014-09-25 00:46:45 +02:00
Emilia Kasper
738911cde6
RT3425: constant-time evp_enc
...
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4aac102f75
)
Conflicts:
crypto/evp/evp_enc.c
2014-09-24 16:25:04 +02:00
Emilia Kasper
e1080ea3c7
RT3067: simplify patch
...
(Original commit adb46dbc6d
)
Use the new constant-time methods consistently in s3_srvr.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 455b65dfab
)
2014-09-24 15:54:51 +02:00
Emilia Kasper
9bed73adaa
RT3066: rewrite RSA padding checks to be slightly more constant time.
...
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1
This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Conflicts:
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_pk1.c
ssl/s3_cbc.c
2014-09-24 12:47:19 +02:00
Emilia Kasper
e774a3055b
Add i2d_re_X509_tbs
...
i2d_re_X509_tbs re-encodes the TBS portion of the certificate.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 95b1752cc7
)
2014-09-23 18:20:26 +02:00
Emilia Kasper
d9f99d4ef3
Revert "Add accessor for x509.cert_info."
...
This reverts commit 519ad9b384
.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-23 18:20:26 +02:00
Emilia Kasper
6ce2a64191
Revert "Add more accessors."
...
This reverts commit cacdfcb247
.
Conflicts:
crypto/x509/x509.h
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-23 18:20:26 +02:00
Andy Polyakov
9fa9370b6f
crypto/ecp_nistz256.c: harmonize error codes.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit be07ae9b10
)
2014-09-22 00:11:04 +02:00
Dr. Stephen Henson
12f14b1d8f
Fix warning.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 16e5b45f72
)
2014-09-22 00:10:53 +02:00
Andy Polyakov
27918b7c25
crypto/ec: harmonize new code with FIPS module.
...
RT: 3149
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-22 00:07:44 +02:00
Andy Polyakov
3842a64d36
Add ECP_NISTZ256 by Shay Gueron, Intel Corp.
...
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4d3fa06fce
)
2014-09-22 00:07:44 +02:00
Andy Polyakov
8aed2a7548
Reserve option to use BN_mod_exp_mont_consttime in ECDSA.
...
Submitted by Shay Gueron, Intel Corp.
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit f54be179aa
)
2014-09-22 00:07:44 +02:00
Andy Polyakov
f7835e1c20
perlasm/x86_64-xlate.pl: handle inter-bank movd.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 902b30df19
)
2014-09-22 00:07:44 +02:00
Andy Polyakov
11d8abb331
Configure: add configuration for crypto/ec/asm extensions.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 6019cdd327
)
Resolved conflicts:
Configure
Makefile.org
TABLE
2014-09-22 00:07:44 +02:00
Andy Polyakov
dfb5de6fc0
Harmonize Tru64 and Linux make rules.
...
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d475b2a3bf
)
2014-09-20 10:22:13 +02:00
Jake Goulding
5015a93ded
RT2301: GetDIBits, not GetBitmapBits in rand_win
...
GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 99b00fd993
)
2014-09-18 16:42:07 -04:00
Rich Salz
a9d928a8b6
RT2560: missing NULL check in ocsp_req_find_signer
...
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit b2aa38a980
)
2014-09-10 12:20:15 -04:00
Matt Caswell
f33ce36aff
RT3192: spurious error in DSA verify
...
This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit. Need more code-review? :)
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit eb63bce040
)
2014-09-09 17:10:57 -04:00
Geoff Keating
8c0d19d857
RT1909: Omit version for v1 certificates
...
When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 1f18f50c4b
)
2014-09-09 15:16:42 -04:00
Paul Suhler
b8d687bb56
RT2841: Extra return in check_issued
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 4cd1119df3
)
2014-09-08 18:50:40 -04:00
Kurt Roeckx
57c932dafd
RT2626: Change default_bits from 1K to 2K
...
This is a more comprehensive fix. It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1. This is from
Kurt's upstream Debian changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 44e0c2bae4
)
2014-09-08 17:23:37 -04:00
Robin Lee
240635c0b2
RT3031: Need to #undef some names for win32
...
Copy the ifdef/undef stanza from x509.h to x509v3.h
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 83e4e03eeb
)
2014-09-08 11:06:07 -04:00
Alon Bar-Lev
2a49fef28e
RT1771: Add string.h include.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 8842987e5a
)
2014-09-08 10:38:08 -04:00
Adam Langley
0600a5cd49
Ensure that x**0 mod 1 = 0.
...
(cherry picked from commit 2b0180c37f
)
Reviewed-by: Ben Laurie <ben@openssl.org>
2014-09-04 16:05:57 +02:00
Richard Levitte
a91b73fd29
Followup on RT3334 fix: make sure that a directory that's the empty
...
string returns 0 with errno = ENOENT.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 360928b7d0
)
2014-09-03 22:23:34 +02:00
Phil Mesnier
02c38e37a6
RT3334: Fix crypto/LPdir_win.c
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 6a14fe7576
)
2014-09-03 22:23:34 +02:00
Clang via Jeffrey Walton
fa2ae04c40
RT3140: Possibly-unit variable in pem_lib.c
...
Can't really happen, but the flow of control isn't obvious.
Add an initializer.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 0ff3687eab
)
2014-09-02 23:38:15 -04:00
Emilia Kasper
27739e9265
Make the inline const-time functions static.
...
"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit 86f50b36e6
)
2014-09-02 15:24:54 +02:00
Andy Polyakov
30b7d5e1d8
md5-x86_64.pl: work around warning.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4d86e8df6b
)
2014-08-30 19:18:12 +02:00
Andy Polyakov
9dd6240201
x86[_64] assembly pack: add Silvermont performance data.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b59f92e75d
)
2014-08-30 19:14:49 +02:00
Emilia Kasper
9a9b0c0401
Constant-time utilities
...
Pull constant-time methods out to a separate header, add tests.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
(cherry picked from commit 5a3d21c058
)
Conflicts:
ssl/s3_cbc.c
test/Makefile
2014-08-28 16:26:01 +02:00
Raphael Spreitzer
b85d461cdf
RT2400: ASN1_STRING_to_UTF8 missing initializer
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit f9fb43e176
)
2014-08-27 22:59:40 -04:00
Rich Salz
089f10e69e
RT2308: Add extern "C" { ... } wrapper
...
Add the wrapper to all public header files (Configure
generates one). Don't bother for those that are just
lists of #define's that do renaming.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Cherry-pick of commit 17e80c6bd0
2014-08-27 21:45:09 -04:00
Emilia Kasper
7f7c05ca63
Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey
...
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
2014-08-27 19:50:15 +02:00
Matt Caswell
2083f7c465
RT3065: automatically generate a missing EC public key
...
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit ed383f847156940e93f256fed78599873a4a9b28)
2014-08-27 19:50:15 +02:00
Adam Langley
1f2b943254
RT3065: ec_private_key_dont_crash
...
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:
-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit b391570bdeb386d4fd325917c248d593d3c43930)
2014-08-27 19:50:15 +02:00
Adam Langley
e19c93811f
RT3061: Don't SEGFAULT when trying to export a public DSA key as a private key.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-22 15:21:12 +02:00
Emilia Kasper
ebf221ee25
Fix build when BSAES_ASM is defined but VPAES_ASM is not
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit da92be4d68
)
2014-08-21 15:48:10 +02:00
Andy Polyakov
ef90877721
bn/asm/rsaz-*.pl: allow spaces in Perl path name.
...
RT: 2835
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 15735e4f0e
)
2014-08-21 00:19:24 +02:00
Andy Polyakov
a89adc148e
sha1-mb-x86_64.pl: add commentary.
...
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit e608273a80
)
2014-08-21 00:16:32 +02:00
Andy Polyakov
b698c427de
crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 2893a302a9
)
2014-08-20 22:20:21 +02:00
Andy Polyakov
e99ac8b868
sha1-mb-x86_64.pl: fix typo.
...
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 55eb14da20
)
2014-08-20 22:12:50 +02:00
Istvan Noszticzius
beeb0fa7be
Fix use after free bug.
...
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 5afa57fb7b17aa51cfba1ffa94e900fc7a5f0e04)
2014-08-15 16:46:14 +01:00
Bodo Moeller
267e6f3cc0
Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and
...
group_order_tests (ectest.c). Also fix the EC_POINTs_mul documentation (ec.h).
Reviewed-by: emilia@openssl.org
2014-08-13 17:40:33 +02:00
Dr. Stephen Henson
bc792813f0
Only use FIPS EC methods in FIPS mode.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 1433cac53c
)
2014-08-07 02:11:53 +01:00
Dr. Stephen Henson
53348780e9
Fix SRP buffer overrun vulnerability.
...
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.
Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
2014-08-06 20:41:24 +01:00
Emilia Kasper
c01618dd82
Fix OID handling:
...
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.
CVE-2014-3508
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06 20:41:24 +01:00
Dr. Stephen Henson
89d2f8f1a9
make update
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-01 21:21:03 +01:00
Dr. Stephen Henson
2c3673cd3f
Fix error discrepancy.
...
We can't rename ssleay_rand_bytes to md_rand_bytes_lock as this will cause
an error code discrepancy. Instead keep ssleay_rand_bytes and add an
extra parameter: since ssleay_rand_bytes is not part of the public API
this wont cause any binary compatibility issues.
Reviewed-by: Kurt Roeckx <kurt@openssl.org >
2014-08-01 18:42:41 +01:00
Bodo Moeller
d5213519c0
Simplify and fix ec_GFp_simple_points_make_affine
...
(which didn't always handle value 0 correctly).
Reviewed-by: emilia@openssl.org
2014-08-01 17:27:59 +02:00
Dr. Stephen Henson
a3efe1b6e9
Avoid multiple lock using FIPS DRBG.
...
Don't use multiple locks when SP800-90 DRBG is used outside FIPS mode.
PR#3176
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-07-30 21:08:07 +01:00
Matt Caswell
371d9a627b
Prepare for 1.0.2-beta3-dev
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-07-22 21:31:04 +01:00
Matt Caswell
2f63ad1c6d
Prepare for 1.0.2-beta2 release
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-07-22 21:30:33 +01:00
Matt Caswell
0e32035292
make update
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-07-22 21:30:33 +01:00
Billy Brumley
4ccc2c19e2
"EC_POINT_invert" was checking "dbl" function pointer instead of "invert".
...
PR#2569
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit cba11f57ce
)
2014-07-21 22:28:09 +01:00
Andy Polyakov
a2f34441ab
sha1-ppc.pl: shave off one cycle from BODY_20_39
...
and improve performance by 10% on POWER[78].
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 5c3598307e
)
2014-07-21 15:30:59 +02:00
Andy Polyakov
c991d8ae8b
Initial POWER8 support from development branch.
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:36:49 +02:00
Dr. Stephen Henson
4c05b1f8d6
Make *Final work for key wrap again.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 58f4698f67
)
2014-07-17 23:31:11 +01:00
Dr. Stephen Henson
6e1e5996df
Sanity check lengths for AES wrap algorithm.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit d12eef1501
)
2014-07-17 12:58:42 +01:00
Matt Caswell
14b5d0d029
Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.
...
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.
This does have the impact of masking any *real* unitialised data reads in bn though.
Patch based on approach suggested by Rich Salz.
PR#3415
(cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
2014-07-13 22:20:15 +01:00
Richard Levitte
5b9188454b
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
...
Detected by dcruette@qualitesys.com
(cherry picked from commit 8b5dd34091
)
2014-07-13 19:13:38 +02:00
Ben Laurie
5e189b4b8d
Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259).
...
(cherry picked from commit c1d1b0114e
)
2014-07-10 17:49:53 +01:00
Matt Caswell
23bd628735
Fix memory leak in BIO_free if there is no destroy function.
...
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>
PR#3439
(cherry picked from commit 66816c53be
)
2014-07-09 23:32:18 +01:00
Andy Polyakov
371feee876
x86_64 assembly pack: improve masm support.
...
(cherry picked from commit 1b0fe79f3e
)
2014-07-09 22:46:13 +02:00
Andy Polyakov
f50f0c6aa3
Please Clang's sanitizer, addendum.
...
(cherry picked from commit d11c70b2c2
)
2014-07-09 22:45:52 +02:00
Andy Polyakov
2064e2db08
Please Clang's sanitizer.
...
PR: #3424,#3423,#3422
(cherry picked from commit 021e5043e5
)
2014-07-09 22:45:38 +02:00
Andy Polyakov
0ad2a0a303
sha[1|512]-x86_64.pl: fix logical errors with $shaext=0.
...
(cherry picked from commit 07b635cceb
)
2014-07-07 17:02:00 +02:00
David Lloyd
2cb761c1f4
Prevent infinite loop loading config files.
...
PR#2985
(cherry picked from commit 9d23f422a3
)
2014-07-07 13:54:11 +01:00
Viktor Dukhovni
e83c913723
Update API to use (char *) for email addresses and hostnames
...
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
(cherry picked from commit 297c67fcd8
)
2014-07-07 19:20:34 +10:00
Viktor Dukhovni
55fe56837a
Set optional peername when X509_check_host() succeeds.
...
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.
(cherry picked from commit ced3d9158a
)
2014-07-07 19:20:34 +10:00
Viktor Dukhovni
1eb57ae2b7
New peername element in X509_VERIFY_PARAM_ID
...
Declaration, memory management, accessor and documentation.
(cherry picked from commit 6e661d458f
)
2014-07-07 19:20:34 +10:00
Viktor Dukhovni
41e3ebd5ab
One more typo when changing !result to result <= 0
...
(cherry picked from commit eef1827f89
)
2014-07-07 19:19:13 +10:00
Viktor Dukhovni
9624b50d51
Fix typo in last commit
...
(cherry picked from commit 90b70a6a6b
)
2014-07-07 19:19:13 +10:00
Viktor Dukhovni
449d864515
Multiple verifier reference identities.
...
Implemented as STACK_OF(OPENSSL_STRING).
(cherry picked from commit 8abffa4a73
)
2014-07-07 19:19:13 +10:00
Viktor Dukhovni
7f7e11ee5c
Implement sk_deep_copy.
...
(cherry picked from commit 66d884f067
)
2014-07-07 19:19:13 +10:00
Dr. Stephen Henson
5c1b373be6
Sanity check keylength in PVK files.
...
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
2014-07-06 00:36:14 +01:00
Andy Polyakov
6ce295a301
sha512-x86_64.pl: fix typo.
...
PR: #3431
(cherry picked from commit 7eb9680ae1
)
2014-07-06 00:00:34 +02:00
Alan Hryngle
ff5b11f547
Return smaller of ret and f.
...
PR#3418.
(cherry picked from commit fdea4fff8f
)
2014-07-05 22:38:17 +01:00
Dr. Stephen Henson
534656a997
Add license info.
...
(cherry picked from commit 55707a36cc
)
2014-07-04 18:43:06 +01:00
Andy Polyakov
47b9e06cfd
bn_exp.c: fix x86_64-specific crash with one-word modulus.
...
PR: #3397
(cherry picked from commit eca441b2b4
)
2014-07-02 21:16:45 +02:00
Dr. Stephen Henson
9223a31eb7
ASN1 sanity check.
...
Primitive encodings shouldn't use indefinite length constructed
form.
PR#2438 (partial).
(cherry picked from commit 398e99fe5e
)
2014-07-02 00:59:44 +01:00
Dr. Stephen Henson
654ae3d6ad
Accessor functions for app_data in ECDSA_METHOD
...
(cherry picked from commit 387b844ffd
)
2014-07-02 00:59:43 +01:00
Andy Polyakov
daa96141d3
sha512-x86_64.pl: fix linking problem under Windows.
...
(cherry picked from commit 29be3f6411
)
2014-07-01 17:12:41 +02:00
Dr. Stephen Henson
802fdcda1e
Fix copy for CCM, GCM and XTS.
...
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
(cherry picked from commit c2fd5d79ff
)
2014-06-30 13:59:38 +01:00
Dr. Stephen Henson
6006e352ad
Make EVP_Digest* work again.
2014-06-30 13:59:29 +01:00
Dr. Stephen Henson
df401f4796
Make CMAC work with EVP_PKEY.
...
Add patch originally accidentally omitted to allow CMAC to work with
EVP_PKEY APIs.
2014-06-29 23:44:44 +01:00
ZNV
14183e50e7
Make EVP_CIPHER_CTX_copy work in GCM mode.
...
PR#3272
(cherry picked from commit 370bf1d708
)
2014-06-29 22:02:23 +01:00
Andy Polyakov
377551b9c4
x86_64 assembly pack: refine clang detection.
...
(cherry picked from commit a356e488ad
)
Resolved conflicts:
crypto/bn/asm/rsaz-avx2.pl
2014-06-28 17:26:03 +02:00
Andreas Westfeld
e99980e8fd
Fix typo in ideatest.c
...
(cherry picked from commit d1d4382dcb
)
2014-06-28 00:06:32 +01:00
Dr. Stephen Henson
d0ba994483
Fix for EVP_PBE_alg_add().
...
In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.
PR#3206
(cherry picked from commit efb7caef637a1de8468ca109efd355a9d0e73a45)
2014-06-27 23:19:37 +01:00
Andy Polyakov
52f856526c
x86_64 assembly pack: addendum to last clang commit.
...
(cherry picked from commit 7eb0488280
)
2014-06-27 22:55:22 +02:00
Andy Polyakov
912f08dd5e
x86_64 assembly pack: allow clang to compile AVX code.
...
(cherry picked from commit ac171925ab
)
2014-06-27 22:55:07 +02:00
Andy Polyakov
1067663d85
bn/asm/rsaz-avx2.pl: fix occasional failures.
...
(cherry picked from commit 406d4af050
)
2014-06-27 22:43:43 +02:00
Dr. Stephen Henson
22228d2d40
Tolerate critical AKID in CRLs.
...
PR#3014
(cherry picked from commit 11da66f8b1
)
2014-06-27 18:50:19 +01:00
Tom Greenslade
c57745596c
Handle IPv6 addresses in OCSP_parse_url.
...
PR#2783
(cherry picked from commit b36f35cda9
)
2014-06-27 17:31:37 +01:00
Dr. Stephen Henson
65e4dca40c
Rebuild OID table.
2014-06-27 16:58:41 +01:00
Dr. Stephen Henson
ff4cfc4c58
Fix OID encoding for one component.
...
OIDs with one component don't have an encoding.
PR#2556 (Bug#1)
(cherry picked from commit 95791bf941
)
2014-06-27 16:58:16 +01:00
Dr. Stephen Henson
e42c208235
Memory leak and NULL dereference fixes.
...
PR#3403
(cherry picked from commit d2aea03829
)
2014-06-27 14:52:36 +01:00
Dr. Stephen Henson
e86951ca2a
Remove ancient obsolete files under pkcs7.
...
(cherry picked from commit 7be6b27aaf
)
2014-06-27 13:53:23 +01:00
Huzaifa Sidhpurwala
b7a4f98b15
Make sure BN_sqr can never return a negative value.
...
PR#3410
(cherry picked from commit e14e764c0d5d469da63d0819c6ffc0e1e9e7f0bb)
2014-06-26 23:56:32 +01:00
Andy Polyakov
82a9dafe32
bn_exp.c: move check for AD*X to rsaz-avx2.pl.
...
This ensures high performance is situations when assembler supports
AVX2, but not AD*X.
(cherry picked from commit f3f620e1e0
)
Resolved conflicts:
crypto/bn/asm/rsaz-avx2.pl
2014-06-27 00:36:05 +02:00
Andy Polyakov
1536bcfd56
aesv8-armx.pl: rigid input verification in key setup.
...
(cherry picked from commit 7b8c8c4d79
)
2014-06-25 22:12:08 +02:00
Viktor Dukhovni
3fc0b1edad
X509_check_mumble() failure is <= 0, not just 0
...
(cherry picked from commit a48fb0400c
)
2014-06-25 18:21:36 +01:00
Viktor Dukhovni
3d15d58e55
More complete input validation of X509_check_mumble
...
(cherry picked from commit 29edebe95c
)
2014-06-25 18:21:35 +01:00
Viktor Dukhovni
d93edc0aab
Drop hostlen from X509_VERIFY_PARAM_ID.
...
Just store NUL-terminated strings. This works better when we add
support for multiple hostnames.
(cherry picked from commit b3012c698a
)
2014-06-25 18:21:35 +01:00
Andy Polyakov
a073ceeff4
aesv8-armx.pl: inclrease interleave factor.
...
This is to compensate for higher aes* instruction latency on Cortex-A57.
(cherry picked from commit 015364baf3
)
2014-06-24 08:10:37 +02:00
Andy Polyakov
5cd8ce42ec
ARMv8 assembly pack: add Cortex performance numbers.
...
(cherry picked from commit 0f777aeb50
)
2014-06-24 08:07:04 +02:00
Richard Levitte
a61e509e9b
Adjust VMS build to Unix build. Most of all, make it so the disabled
...
algorithms MD2 and RC5 don't get built.
Also, disable building the test apps in crypto/des and crypto/pkcs7, as
they have no support at all.
2014-06-18 13:43:09 +02:00
Felix Laurie von Massenbach
1b823494de
Fix signed/unsigned comparisons.
...
(cherry picked from commit 50cc4f7b3d
)
2014-06-17 18:38:36 +01:00
Felix Laurie von Massenbach
6657e68bf2
Fix shadow declaration.
...
(cherry picked from commit 1f61d8b5b1
)
2014-06-17 18:36:48 +01:00
Richard Levitte
b9c0dae28e
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces
2014-06-16 13:25:16 +02:00
Andy Polyakov
d940b3b9c7
aesni-sha[1|256]-x86_64.pl: fix logical error and MacOS X build.
...
(cherry picked from commit 9024b84b7c
)
2014-06-16 10:12:56 +02:00
Viktor Dukhovni
cfbc10fb32
Enforce _X509_CHECK_FLAG_DOT_SUBDOMAINS internal-only
...
(cherry picked from commit d435e23959f1c2cb4feadbfba9ad884c59f37db9)
2014-06-14 22:31:28 +01:00
Andy Polyakov
79b960c046
evp/e_aes_cbc_sha[1|256].c: fix -DPEDANTIC build.
...
(cherry picked from commit ce00c64df9
)
2014-06-14 23:16:29 +02:00
Richard Levitte
66a6e2b2b6
Adjust VMS build files to the Unix ones
2014-06-14 16:58:11 +02:00
Richard Levitte
1be1d05184
Make sure that disabling the MAYLOSEDATA3 warning is only done when the
...
compiler supports it. Otherwise, there are warnings about it lacking
everywhere, which is quite tedious to read through while trying to check
for other warnings.
2014-06-14 16:58:11 +02:00
Andy Polyakov
8301245a5e
aesni-sha256-x86_64.pl: add missing rex in shaext.
...
PR: 3405
(cherry picked from commit 91a6bf80f8
)
2014-06-14 16:04:04 +02:00
Andy Polyakov
1f6d207625
sha1-x86_64.pl: add missing rex prefix in shaext.
...
PR: 3405
(cherry picked from commit c9cf29cca2
)
2014-06-14 15:28:38 +02:00
Viktor Dukhovni
3cc8a3f234
Client-side namecheck wildcards.
...
A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).
With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
(cherry picked from commit e52c52f10bb8e34aaf8f28f3e5b56939e8f6b357)
2014-06-12 23:19:24 +01:00
Andy Polyakov
56ba280ccd
Facilitate back-porting of AESNI and SHA modules.
...
Fix SEH and stack handling in Win64 build.
(cherry picked from commit 977f32e852
)
2014-06-12 21:51:35 +02:00
Dr. Stephen Henson
fa7a0efbac
make update
2014-06-12 10:52:49 +01:00
Andy Polyakov
66aeaec067
ghash-x86_64.pl: optimize for upcoming Atom.
...
(cherry picked from commit 1cf8f57b43
)
2014-06-11 11:35:23 +02:00
Andy Polyakov
70fddbe32a
Add support for Intel SHA extension.
...
(cherry picked from commit 619b94667c
)
2014-06-11 10:30:31 +02:00
Rob Stradling
5fc3d333c7
Separate the SCT List parser from the SCT List viewer
...
(cherry picked from commit fd2309aa29
)
2014-06-11 00:10:45 +01:00
Andy Polyakov
77fb5a303b
Engage GHASH for ARMv8.
...
(cherry picked from commit 82741e9c89
)
2014-06-11 00:10:00 +02:00
Andy Polyakov
7344089dc3
Add GHASH for ARMv8 Crypto Extension.
...
Result of joint effort with Ard Biesheuvel.
(cherry picked from commit 2d5a799d27
)
2014-06-11 00:09:35 +02:00
Andy Polyakov
7e03acf2be
Engage ARMv8 AES support [from HEAD].
2014-06-11 00:08:03 +02:00
Andy Polyakov
9af4cb3d3b
Add AES module for ARMv8 Crypto Extension [from HEAD].
2014-06-11 00:06:27 +02:00
Andy Polyakov
a00caa0257
sha[1|512]-armv8.pl: get instruction endianness right.
...
Submitted by: Ard Biesheuvel.
(cherry picked from commit cd91fd7c32
)
2014-06-10 23:34:53 +02:00
Andy Polyakov
4672acfa7d
linux-aarch64: engage SHA modules.
...
(cherry picked from commit f8aab6174c
)
2014-06-10 23:32:26 +02:00
Andy Polyakov
ea61b32719
Add SHA for ARMv8.
...
(cherry picked from commit ddb6b965da
)
2014-06-10 23:32:16 +02:00
Andy Polyakov
dabfbea7d9
Add linux-aarch64 taget.
...
armcap.c is shared between 32- and 64-bit builds and features link-time
detection of getauxval.
Submitted by: Ard Biesheuvel.
(cherry picked from commit e8d93e342b
)
2014-06-10 23:20:55 +02:00
Andy Polyakov
56d973709c
aesni-mb-x86_64.pl: add Win64 SEH.
...
(cherry picked from commit e2eabed110
)
2014-06-10 23:09:04 +02:00
Andy Polyakov
3a97ebb16b
ARM assembly pack: get ARMv7 instruction endianness right.
...
Pointer out and suggested by: Ard Biesheuvel.
(cherry picked from commit 5dcf70a1c5
)
2014-06-10 22:51:15 +02:00
Andy Polyakov
16f4d2e32f
armv4cpuid.S: switch to CNTVCT tick counter.
...
(cherry picked from commit 723463282f
)
2014-06-10 22:50:18 +02:00
Andy Polyakov
1f72a76f98
sha[1|256]-armv4: harmonize with arm_arch.h.
...
(cherry picked from commit 797d24bee9
)
2014-06-10 22:49:54 +02:00
Andy Polyakov
f5247cea39
sha/asm/sha1-armv4-large.pl: add NEON and ARMv8 code paths.
...
sha/asm/sha256-armv4.pl: add ARMv8 code path.
(cherry picked from commit 9250a30692
)
2014-06-10 22:48:27 +02:00
Andy Polyakov
3da2c3df78
crypto/armcap.c: detect ARMv8 capabilities [in 32-bit build].
...
(cherry picked from commit 4afa9f033d
)
2014-06-10 22:47:19 +02:00
Dr. Stephen Henson
cea5a1d5f2
Fix null pointer errors.
...
PR#3394
(cherry picked from commit 7a9d59c148
)
2014-06-10 14:48:02 +01:00
Jakub Wilk
38956b071a
Create ~/.rnd with mode 0600 instead of 0666
...
Because of a missing include <fcntl.h> we don't have O_CREATE and don't create
the file with open() using mode 0600 but fall back to using fopen() with the
default umask followed by a chmod().
Problem found by Jakub Wilk <jwilk@debian.org>.
2014-06-08 21:20:34 +01:00
Libor Krystek
a5d03c54ab
Corrected OPENSSL_NO_EC_NISTP_64_GCC_128 usage in ec_lcl.h. PR#3370
2014-06-03 23:17:21 +01:00
Dr. Stephen Henson
08b172b975
Set default global mask to UTF8 only.
...
(cherry picked from commit 3009244da4
)
2014-06-01 15:04:21 +01:00
Dr. Stephen Henson
1788072b9e
Set version number correctly.
...
PR#3249
(cherry picked from commit 8909bf20269035d295743fca559207ef2eb84eb3)
2014-05-29 14:08:54 +01:00
František Bořánek
5f2b5e3823
Fix memory leak.
...
PR#3278
(cherry picked from commit de56fe797081fc09ebd1add06d6e2df42a324fd5)
2014-05-29 13:49:50 +01:00
Martin Kaiser
42d73874ed
remove duplicate 0x for default RSASSA-PSS salt len
...
(cherry picked from commit 3820fec3a09faecba7fe9912aa20ef7fcda8337b)
2014-05-29 13:32:41 +01:00
Andy Polyakov
c90c694bc4
vpaes-ppc.pl: comply with ABI.
...
(cherry picked from commit b83d09f552
)
2014-05-23 20:16:21 +02:00
Ben Laurie
d77501d8fd
Check length first in BUF_strnlen().
2014-05-22 10:12:10 +01:00
Ben Laurie
4f7236edc7
Remove redundant test.
2014-05-21 12:03:50 +01:00
Ben Laurie
ed693e4332
Implement BUF_strnlen() and use it instead of strlen().
2014-05-21 11:56:21 +01:00