openssl

Author	SHA1	Message	Date
Matt Caswell	40720ce3ca	Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>	2015-01-22 09:52:55 +00:00
Tim Hudson	b558c8d597	mark all block comments that need format preserving so that indent will not alter them when reformatting comments (cherry picked from commit `1d97c84351`) Conflicts: crypto/bn/bn_lcl.h crypto/bn/bn_prime.c crypto/engine/eng_all.c crypto/rc4/rc4_utl.c crypto/sha/sha.h ssl/kssl.c ssl/t1_lib.c Conflicts: crypto/rc4/rc4_enc.c crypto/x509v3/v3_scts.c crypto/x509v3/v3nametest.c ssl/d1_both.c ssl/s3_srvr.c ssl/ssl.h ssl/ssl_locl.h ssl/ssltest.c ssl/t1_lib.c Conflicts: crypto/asn1/a_sign.c crypto/bn/bn_div.c crypto/dsa/dsa_asn1.c crypto/ec/ecp_nistp224.c crypto/ec/ecp_nistp256.c crypto/ec/ecp_nistp521.c crypto/ec/ecp_nistputil.c crypto/modes/gcm128.c crypto/opensslv.h ssl/d1_both.c ssl/heartbeat_test.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c ssl/t1_lib.c test/testutil.h Conflicts: apps/openssl.c apps/ts.c apps/vms_decc_init.c crypto/aes/aes_core.c crypto/aes/aes_x86core.c crypto/dsa/dsa_ameth.c crypto/ec/ec2_mult.c crypto/evp/evp.h crypto/objects/objects.h crypto/rsa/rsa_pss.c crypto/stack/safestack.h crypto/ts/ts.h crypto/ts/ts_rsp_verify.c crypto/whrlpool/wp_dgst.c crypto/x509v3/v3_ncons.c e_os2.h engines/ccgost/gost89.c engines/ccgost/gost_ctl.c engines/ccgost/gost_keywrap.c engines/ccgost/gost_keywrap.h engines/ccgost/gost_sign.c ssl/kssl.c ssl/s3_srvr.c Reviewed-by: Tim Hudson <tjh@openssl.org>	2015-01-22 09:48:44 +00:00
Matt Caswell	60431d0db3	make update Reviewed-by: Stephen Henson <steve@openssl.org>	2015-01-15 15:05:59 +00:00
Matt Caswell	56abaa14e0	Fix warning where BIO_FLAGS_UPLINK was being redefined. This warning breaks the build in 1.0.0 and 0.9.8 Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit `b1ffc6ca1c`)	2015-01-13 11:26:07 +00:00
Matt Caswell	f89250f2f2	make update Reviewed-by: Stephen Henson <steve@openssl.org>	2015-01-08 14:33:47 +00:00
Dr. Stephen Henson	ec2fede946	Fix various certificate fingerprint issues. By using non-DER or invalid encodings outside the signed portion of a certificate the fingerprint can be changed without breaking the signature. Although no details of the signed portion of the certificate can be changed this can cause problems with some applications: e.g. those using the certificate fingerprint for blacklists. 1. Reject signatures with non zero unused bits. If the BIT STRING containing the signature has non zero unused bits reject the signature. All current signature algorithms require zero unused bits. 2. Check certificate algorithm consistency. Check the AlgorithmIdentifier inside TBS matches the one in the certificate signature. NB: this will result in signature failure errors for some broken certificates. 3. Check DSA/ECDSA signatures use DER. Reencode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program for discovering this case) and use of BER or invalid ASN.1 INTEGERs (negative or with leading zeroes). CVE-2014-8275 Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit `208a6012be`) Conflicts: crypto/dsa/dsa_vrf.c	2015-01-05 16:37:10 +00:00
Bodo Möller	75f0bc4f44	Fix EC_KEY initialization race. Submitted by: Adam Langley	2012-10-05 20:51:47 +00:00
Dr. Stephen Henson	875ac0ec00	fix warning	2012-01-10 14:37:00 +00:00
Bodo Möller	72033fde7b	Fix ecdsatest.c. Submitted by: Emilia Kasper	2011-12-02 12:40:25 +00:00
Dr. Stephen Henson	a0bf2c86ab	make timing attack protection unconditional	2011-09-01 14:23:41 +00:00
Dr. Stephen Henson	1e368ab08f	Fix the ECDSA timing attack mentioned in the paper at: http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.	2011-05-25 14:43:47 +00:00
Dr. Stephen Henson	6d12b1f82b	check buffer is larger enough before overwriting	2011-04-06 18:07:12 +00:00
Ben Laurie	d886975835	Fix gcc 4.6 warnings. Check TLS server hello extension length.	2010-06-12 13:18:58 +00:00
Dr. Stephen Henson	b172352b52	PR: 1432 Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org Approved by: steve@openssl.org Truncate hash if it is too large: as required by FIPS 186-3.	2009-12-01 17:32:16 +00:00
Ben Laurie	4e92353d23	Make it build, plus make depend.	2009-09-27 14:04:33 +00:00
Dr. Stephen Henson	cf51a0dccb	Seed PRNG with DSA and ECDSA digests for additional protection against possible PRNG state duplication.	2009-09-09 12:07:41 +00:00
Dr. Stephen Henson	e852835da6	Make update: delete duplicate error code.	2008-09-17 17:11:09 +00:00
Dr. Stephen Henson	d83dde6180	Merge changes to build system from fips branch.	2008-09-16 21:44:57 +00:00
Dr. Stephen Henson	1af12ff1d1	Fix error code discrepancy. Make update.	2008-09-14 16:43:37 +00:00
Bodo Möller	7d610299c9	Should reject signatures that we can't properly verify and couldn't generate (as pointed out by Ernst G Giessmann)	2007-11-19 07:25:28 +00:00
Bodo Möller	5c676c47cd	The hash length check wasn't strict enough, as pointed out by Ernst G Giessmann	2007-11-16 13:00:57 +00:00
Dr. Stephen Henson	14346b3456	Fix warnings: C++ comments and computed value not used.	2007-07-04 12:56:33 +00:00
Dr. Stephen Henson	4a0d3530e0	Update from HEAD.	2007-01-21 13:16:49 +00:00
Dr. Stephen Henson	115fc340cb	Rebuild error file C source files.	2006-11-21 20:14:46 +00:00
Nils Larsch	aa145866f9	return an error if the supplied precomputed values lead to an invalid signature	2006-10-04 19:55:03 +00:00
Nils Larsch	58828ae573	fix typo: pass pre-computed parameters to the underlying signature function; thanks to Lucas Newman	2006-02-13 08:22:39 +00:00
Nils Larsch	22d1087e16	backport recent changes from the cvs head	2006-02-08 19:16:33 +00:00
Andy Polyakov	99237262d4	Missing CFLAG in couple of depend: targets [from HEAD]. PR: 1247 Submitted by: Doug Kaufman	2005-12-18 19:02:22 +00:00
Nils Larsch	f95d097359	fix typo	2005-07-17 21:05:11 +00:00
Nils Larsch	4913b88f70	make ./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make all test work again (+ make update) PR: 1159	2005-07-16 11:13:10 +00:00
Richard Levitte	8bdbf50772	Wrap the inclusion of openssl/engine.h with a protective check for the absence of OPENSSL_NO_ENGINE.	2005-06-23 22:08:41 +00:00
Nils Larsch	aff2922f9a	fix typo, add prototype	2005-05-20 23:01:31 +00:00
Andy Polyakov	ce92b6eb9c	Further BUILDENV refinement, further fool-proofing of Makefiles and [most importantly] put back dependencies accidentaly eliminated in check-in #13342.	2005-05-16 16:55:47 +00:00
Nils Larsch	9dd8405341	ecc api cleanup; summary: - hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7	2005-05-16 10:11:04 +00:00
Andy Polyakov	81a86fcf17	Fool-proofing Makefiles	2005-05-15 22:23:26 +00:00
Nils Larsch	8b15c74018	give EC_GROUP_new_by_nid a more meanigful name: EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name	2005-05-10 11:37:47 +00:00
Bodo Möller	fbeaa3c47d	Update util/ck_errf.pl script, and have it run automatically during "make errors" and thus during "make update". Fix lots of bugs that util/ck_errf.pl can detect automatically. Various others of these are still left to fix; that's why "make update" will complain loudly when run now.	2005-05-09 00:27:37 +00:00
Nils Larsch	6a50d0a422	hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis for ecdh)	2005-04-29 15:56:06 +00:00
Bodo Möller	aa4ce7315f	Fix various incorrect error function codes. ("perl util/ck_errf.pl /.c //*.c" still reports many more.)	2005-04-26 18:53:22 +00:00
Nils Larsch	a0bee97e55	more const	2005-04-22 21:57:36 +00:00
Nils Larsch	ff22e913a3	- use BN_set_negative and BN_is_negative instead of BN_set_sign and BN_get_sign - implement BN_set_negative as a function - always use "#define BN_is_zero(a) ((a)->top == 0)"	2005-04-22 20:02:44 +00:00
Dr. Stephen Henson	29dc350813	Rebuild error codes.	2005-04-12 16:15:22 +00:00
Ben Laurie	42ba5d2329	Blow away Makefile.ssl.	2005-03-30 13:05:57 +00:00
Richard Levitte	a2ac429da2	Don't use $(EXHEADER) directly in for loops, as most shells will break if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>	2004-11-02 23:55:01 +00:00
Geoff Thorpe	58ae65cd1a	Update ECDSA and ECDH for OPENSSL_NO_ENGINE. Reported by: Maxim Masiutin Submitted by: Nils Larsch	2004-10-21 00:06:14 +00:00
Geoff Thorpe	0210065bbd	Quick fix. Submitted by: Nils Larsch	2004-07-16 03:24:51 +00:00
Geoff Thorpe	b3b6720944	Correct the return codes for ecdsatest. Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-06-14 23:37:32 +00:00
Geoff Thorpe	0f814687b9	Deprecate the recursive includes of bn.h from various API headers (asn1.h, dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are already declared in ossl_typ.h. Add explicit includes for bn.h in those C files that need access to structure internals or API functions+macros.	2004-05-17 19:14:22 +00:00
Geoff Thorpe	60a938c6bc	(oops) Apologies all, that last header-cleanup commit was from the wrong tree. This further reduces header interdependencies, and makes some associated cleanups.	2004-04-19 18:09:28 +00:00
Geoff Thorpe	3a87a9b9db	Reduce header interdependencies, initially in engine.h (the rest of the changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic.	2004-04-19 17:46:04 +00:00

1 2

99 Commits