generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10,575 Commits 16 Branches 258 Tags
Commit Graph

657 Commits

Author SHA1 Message Date
Dr. Stephen Henson
c28b055a0c Fix copy for CCM, GCM and XTS. 
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
(cherry picked from commit c2fd5d79ffc4fc9d120a0faad579ce96473e6a2f)
 2014-06-30 14:00:00 +01:00
ZNV
105a3db56e Make EVP_CIPHER_CTX_copy work in GCM mode. 
PR#3272
(cherry picked from commit 370bf1d708e6d7af42e1752fb078d0822c9bc73d)
 2014-06-29 22:02:42 +01:00
Dr. Stephen Henson
69b8f2895b Fix for EVP_PBE_alg_add(). 
In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.

PR#3206
(cherry picked from commit efb7caef637a1de8468ca109efd355a9d0e73a45)
 2014-06-27 22:58:55 +01:00
Geoff Thorpe
d0666f289a evp: prevent underflow in base64 decoding 
This patch resolves RT ticket #2608.

Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-05-06 18:10:23 -04:00
Dr. Stephen Henson
a41d5174e2 Initialize num properly. 
PR#3289
PR#3345
(cherry picked from commit 3ba1e406c2309adb427ced9815ebf05f5b58d155)
 2014-05-06 14:09:14 +01:00
Eric Young
bfc3424d1f Fix base64 decoding bug. 
A short PEM encoded sequence if passed to the BIO, and the file
had 2 \n following would fail.

PR#3289
(cherry picked from commit 10378fb5f4c67270b800e8f7c600cd0548874811)
 2014-04-02 19:57:27 +01:00
Dr. Stephen Henson
c776a3f398 make update 2014-01-06 13:33:27 +00:00
Dr. Stephen Henson
a6c62f0c25 Ignore NULL parameter in EVP_MD_CTX_destroy. 2013-12-20 22:52:41 +00:00
Dr. Stephen Henson
60df657b3a make update 2013-12-08 13:23:14 +00:00
Andy Polyakov
7ed244a0b3 Make Makefiles OSF-make-friendly. 
PR: 3165
(cherry picked from commit d1cf23ac86c05b22b8780e2c03b67230564d2d34)
 2013-11-12 22:01:20 +01:00
Dr. Stephen Henson
e94a23876c Fix memory leak. 
(cherry picked from commit 16bc45ba956fdf07c7cda7feda88de597569df63)
 2013-11-11 23:55:40 +00:00
Dr. Stephen Henson
834d30bc63 Initialise context before using it. 
(cherry picked from commit a4947e4e064d2d5bb622ac64cf13edc4a46ed196)
 2013-11-06 13:19:23 +00:00
Ben Laurie
e26faa9e0c PBKDF2 should be efficient. Contributed by Christian Heimes 
<christian@python.org>.
 2013-11-03 17:33:54 +00:00
Andy Polyakov
eb22b7ec75 evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms. 
Submitted by: Yuriy Kaminskiy
(cherry picked from commit 524b00c0da42b129ed8622dfb3f5eab9cc5d6617)

Resolved conflicts:

	crypto/evp/e_des3.c
 2013-10-03 11:11:44 +02:00
Andy Polyakov
5cd1aa4f15 crypto/evp/e_aes.c: fix logical pre-processor bug and formatting. 
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
(cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)
 2013-08-03 17:08:43 +02:00
Andy Polyakov
9ab3ce1246 e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. 
PR: 3002
(cherry picked from commit 5c60046553716fcf160718f59160493194f212dc)
 2013-03-18 19:35:48 +01:00
Andy Polyakov
13e225300f e_aes_cbc_hmac_sha1.c: fine-tune cache line alignment. 
With previous commit it also ensures that valgrind is happy.
 2013-02-08 09:45:09 +01:00
Andy Polyakov
746c6f3a53 e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. 2013-02-07 23:04:31 +01:00
Dr. Stephen Henson
0d589ac150 make update 2013-02-04 21:29:41 +00:00
Andy Polyakov
529d27ea47 e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. 2013-02-03 20:04:39 +01:00
Andy Polyakov
125093b59f e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
 2013-02-02 19:35:09 +01:00
Ben Laurie
e130841bcc Make CBC decoding constant time. 
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
 2013-01-28 17:31:49 +00:00
Dr. Stephen Henson
96f7fafa24 Don't require tag before ciphertext in AESGCM mode 2012-10-16 22:46:40 +00:00
Andy Polyakov
bc78883017 e_aes.c: uninitialized variable in aes_ccm_init_key [from HEAD]. 
PR: 2874
Submitted by: Tomas Mraz
 2012-09-15 08:46:31 +00:00
Dr. Stephen Henson
73913443a5 add missing evp_cnf.c file 2012-07-04 13:14:11 +00:00
Dr. Stephen Henson
e133ff7190 PR: 2840 
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.
 2012-07-03 20:16:30 +00:00
Dr. Stephen Henson
58fdd30664 revert more "version skew" changes that break FIPS builds 2012-06-10 23:01:28 +00:00
Ben Laurie
af454b5bb0 Reduce version skew. 2012-06-08 09:18:47 +00:00
Dr. Stephen Henson
88be4ebfbc make update 2012-04-26 10:42:20 +00:00
Andy Polyakov
0d829f6681 e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted. 
PR: 2797, 2792
 2012-04-20 21:45:17 +00:00
Dr. Stephen Henson
ecf963b80d make ciphers work again for FIPS builds 2012-04-20 00:07:48 +00:00
Andy Polyakov
7fc6d35be0 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms 
[from HEAD].
PR: 2792
 2012-04-19 20:43:02 +00:00
Dr. Stephen Henson
143619ccf6 only call FIPS_cipherinit in FIPS mode 2012-04-18 22:41:50 +00:00
Andy Polyakov
9f339d75b5 e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. 
PR: 2792
 2012-04-18 17:51:33 +00:00
Andy Polyakov
371056f2b9 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:03 +00:00
Dr. Stephen Henson
c34137bef9 fix leak 2012-03-22 16:28:51 +00:00
Dr. Stephen Henson
8705846710 only cleanup ctx if we need to, save ctx flags when we do 2012-02-10 16:54:56 +00:00
Dr. Stephen Henson
7b23c126e6 undef some symbols that cause problems with make depend for fips builds 2012-01-18 01:40:36 +00:00
Dr. Stephen Henson
5c05f69450 make update 2011-12-27 14:38:27 +00:00
Ben Laurie
825e1a7c56 Fix warnings. 2011-12-02 14:39:41 +00:00
Dr. Stephen Henson
a310428527 Workaround so "make depend" works for fips builds. 2011-11-22 12:50:59 +00:00
Andy Polyakov
cd7b854bbb e_rc4_hmac_md5.c: make it work on darwin64, which is configured with RC4_CHAR. 2011-11-15 12:39:48 +00:00
Andy Polyakov
e6ccc6ed70 Configure, e_aes.c: allow for XTS assembler implementation [from HEAD]. 2011-11-15 12:19:56 +00:00
Andy Polyakov
e959a01fac e_aes.c: jumbo update from HEAD. 2011-11-14 21:17:08 +00:00
Andy Polyakov
d807d4c21f c_allc.c: add XTS ciphers [from HEAD]. 2011-11-14 21:13:35 +00:00
Ben Laurie
4c02cf8ecc make depend. 2011-11-13 20:23:34 +00:00
Bodo Möller
67f8de9ab8 "make update" 2011-10-19 15:24:44 +00:00
Andy Polyakov
a99ce1f5b1 e_aes.c: fix bug in aesni_gcm_tls_cipher [in HEAD]. 2011-10-14 09:34:14 +00:00
Bodo Möller
93ff4c69f7 Make CTR mode behaviour consistent with other modes: 
clear ctx->num in EVP_CipherInit_ex

Submitted by: Emilia Kasper
 2011-10-13 13:42:29 +00:00
Dr. Stephen Henson
6841abe842 update pkey method initialisation and copy 2011-10-11 18:16:02 +00:00