generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
11,546 Commits 16 Branches 258 Tags
Commit Graph

5914 Commits

Author SHA1 Message Date
Emilia Kasper
7f7c05ca63 Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey 
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
 2014-08-27 19:50:15 +02:00
Matt Caswell
2083f7c465 RT3065: automatically generate a missing EC public key 
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit ed383f847156940e93f256fed78599873a4a9b28)
 2014-08-27 19:50:15 +02:00
Adam Langley
1f2b943254 RT3065: ec_private_key_dont_crash 
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:

-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit b391570bdeb386d4fd325917c248d593d3c43930)
 2014-08-27 19:50:15 +02:00
Adam Langley
e19c93811f RT3061: Don't SEGFAULT when trying to export a public DSA key as a private key. 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-22 15:21:12 +02:00
Emilia Kasper
ebf221ee25 Fix build when BSAES_ASM is defined but VPAES_ASM is not 
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit da92be4d68bec81030838e3228ef0238c565af85)
 2014-08-21 15:48:10 +02:00
Andy Polyakov
ef90877721 bn/asm/rsaz-*.pl: allow spaces in Perl path name. 
RT: 2835

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 15735e4f0e81d535cda0ad7ab52a0ed64b644cd0)
 2014-08-21 00:19:24 +02:00
Andy Polyakov
a89adc148e sha1-mb-x86_64.pl: add commentary. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit e608273a8094a95a5703c26a428a007497e74392)
 2014-08-21 00:16:32 +02:00
Andy Polyakov
b698c427de crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 2893a302a9b6a70161d1859d985a52af11b2195d)
 2014-08-20 22:20:21 +02:00
Andy Polyakov
e99ac8b868 sha1-mb-x86_64.pl: fix typo. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 55eb14da201cc35fe744a08718f5c2efb97f6155)
 2014-08-20 22:12:50 +02:00
Istvan Noszticzius
beeb0fa7be Fix use after free bug. 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 5afa57fb7b17aa51cfba1ffa94e900fc7a5f0e04)
 2014-08-15 16:46:14 +01:00
Bodo Moeller
267e6f3cc0 Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and 
group_order_tests (ectest.c).  Also fix the EC_POINTs_mul documentation (ec.h).

Reviewed-by: emilia@openssl.org
 2014-08-13 17:40:33 +02:00
Dr. Stephen Henson
bc792813f0 Only use FIPS EC methods in FIPS mode. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 1433cac53c93f9f109290389f60b17078a572d3d)
 2014-08-07 02:11:53 +01:00
Dr. Stephen Henson
53348780e9 Fix SRP buffer overrun vulnerability. 
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
 2014-08-06 20:41:24 +01:00
Emilia Kasper
c01618dd82 Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 20:41:24 +01:00
Dr. Stephen Henson
89d2f8f1a9 make update 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-01 21:21:03 +01:00
Dr. Stephen Henson
2c3673cd3f Fix error discrepancy. 
We can't rename ssleay_rand_bytes to md_rand_bytes_lock as this will cause
an error code discrepancy. Instead keep ssleay_rand_bytes and add an
extra parameter: since ssleay_rand_bytes is not part of the public API
this wont cause any binary compatibility issues.
Reviewed-by: Kurt Roeckx <kurt@openssl.org >
 2014-08-01 18:42:41 +01:00
Bodo Moeller
d5213519c0 Simplify and fix ec_GFp_simple_points_make_affine 
(which didn't always handle value 0 correctly).

Reviewed-by: emilia@openssl.org
 2014-08-01 17:27:59 +02:00
Dr. Stephen Henson
a3efe1b6e9 Avoid multiple lock using FIPS DRBG. 
Don't use multiple locks when SP800-90 DRBG is used outside FIPS mode.

PR#3176
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-07-30 21:08:07 +01:00
Matt Caswell
371d9a627b Prepare for 1.0.2-beta3-dev 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-07-22 21:31:04 +01:00
Matt Caswell
2f63ad1c6d Prepare for 1.0.2-beta2 release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-07-22 21:30:33 +01:00
Matt Caswell
0e32035292 make update 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-07-22 21:30:33 +01:00
Billy Brumley
4ccc2c19e2 "EC_POINT_invert" was checking "dbl" function pointer instead of "invert". 
PR#2569

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit cba11f57ce161fd301a72194827327128191de7e)
 2014-07-21 22:28:09 +01:00
Andy Polyakov
a2f34441ab sha1-ppc.pl: shave off one cycle from BODY_20_39 
and improve performance by 10% on POWER[78].

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 5c3598307ebbf5a88d1c39fbb2629536e443a5dd)
 2014-07-21 15:30:59 +02:00
Andy Polyakov
c991d8ae8b Initial POWER8 support from development branch. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:36:49 +02:00
Dr. Stephen Henson
4c05b1f8d6 Make *Final work for key wrap again. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 58f4698f67c33b723a9e99bed1101161a59eea73)
 2014-07-17 23:31:11 +01:00
Dr. Stephen Henson
6e1e5996df Sanity check lengths for AES wrap algorithm. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit d12eef15016e49fc09d6c96653c61624e032d1a3)
 2014-07-17 12:58:42 +01:00
Matt Caswell
14b5d0d029 Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data. 
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415

(cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
 2014-07-13 22:20:15 +01:00
Richard Levitte
5b9188454b * crypto/ui/ui_lib.c: misplaced brace in switch statement. 
Detected by dcruette@qualitesys.com

(cherry picked from commit 8b5dd340919e511137696792279f595a70ae2762)
 2014-07-13 19:13:38 +02:00
Ben Laurie
5e189b4b8d Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). 
(cherry picked from commit c1d1b0114e9d370c30649e46182393dbfc00e20c)
 2014-07-10 17:49:53 +01:00
Matt Caswell
23bd628735 Fix memory leak in BIO_free if there is no destroy function. 
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439

(cherry picked from commit 66816c53bea0ecddb9448da7ea9a51a334496127)
 2014-07-09 23:32:18 +01:00
Andy Polyakov
371feee876 x86_64 assembly pack: improve masm support. 
(cherry picked from commit 1b0fe79f3ee27ebd20510da3af9ec04c6ee0f800)
 2014-07-09 22:46:13 +02:00
Andy Polyakov
f50f0c6aa3 Please Clang's sanitizer, addendum. 
(cherry picked from commit d11c70b2c2a655d112fa72d34c6702e9aa2eff79)
 2014-07-09 22:45:52 +02:00
Andy Polyakov
2064e2db08 Please Clang's sanitizer. 
PR: #3424,#3423,#3422
(cherry picked from commit 021e5043e524b1cb28a929ef902548a987c16e65)
 2014-07-09 22:45:38 +02:00
Andy Polyakov
0ad2a0a303 sha[1|512]-x86_64.pl: fix logical errors with $shaext=0. 
(cherry picked from commit 07b635cceb60abaddba2f0e469e5f5978258f46b)
 2014-07-07 17:02:00 +02:00
David Lloyd
2cb761c1f4 Prevent infinite loop loading config files. 
PR#2985
(cherry picked from commit 9d23f422a32cb333a5e803199ae230706b1bf9f5)
 2014-07-07 13:54:11 +01:00
Viktor Dukhovni
e83c913723 Update API to use (char *) for email addresses and hostnames 
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().

(cherry picked from commit 297c67fcd817ea643de2fdeff4e434b050d571e2)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
55fe56837a Set optional peername when X509_check_host() succeeds. 
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.

(cherry picked from commit ced3d9158a7a8c676be504bb6cd3b5ffb7cc7f13)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
1eb57ae2b7 New peername element in X509_VERIFY_PARAM_ID 
Declaration, memory management, accessor and documentation.

(cherry picked from commit 6e661d458f5aa8f52bf3d9098bd10025de5f08ea)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
41e3ebd5ab One more typo when changing !result to result <= 0 
(cherry picked from commit eef1827f89ebb82d3bcb5391fa15e05061bab4b2)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
9624b50d51 Fix typo in last commit 
(cherry picked from commit 90b70a6a6b4df267fea2724c7af37d93366a1fec)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
449d864515 Multiple verifier reference identities. 
Implemented as STACK_OF(OPENSSL_STRING).

(cherry picked from commit 8abffa4a73fcbf6536e0a42d736ed9211a8204ea)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
7f7e11ee5c Implement sk_deep_copy. 
(cherry picked from commit 66d884f06770f2daaee8016299ef7e1e3b91dfd1)
 2014-07-07 19:19:13 +10:00
Dr. Stephen Henson
5c1b373be6 Sanity check keylength in PVK files. 
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
 2014-07-06 00:36:14 +01:00
Andy Polyakov
6ce295a301 sha512-x86_64.pl: fix typo. 
PR: #3431
(cherry picked from commit 7eb9680ae1bf5dd9aeb61c401f2c3bd900ac9aeb)
 2014-07-06 00:00:34 +02:00
Alan Hryngle
ff5b11f547 Return smaller of ret and f. 
PR#3418.
(cherry picked from commit fdea4fff8fb058be928980600b24cf4c62ef3630)
 2014-07-05 22:38:17 +01:00
Dr. Stephen Henson
534656a997 Add license info. 
(cherry picked from commit 55707a36cce3584457f687ff020842c079624ee8)
 2014-07-04 18:43:06 +01:00
Andy Polyakov
47b9e06cfd bn_exp.c: fix x86_64-specific crash with one-word modulus. 
PR: #3397
(cherry picked from commit eca441b2b4d33d2a18d163ef9b4b3aff14251c73)
 2014-07-02 21:16:45 +02:00
Dr. Stephen Henson
9223a31eb7 ASN1 sanity check. 
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
(cherry picked from commit 398e99fe5e06edb11f55a39ce0883d9aa633ffa9)
 2014-07-02 00:59:44 +01:00
Dr. Stephen Henson
654ae3d6ad Accessor functions for app_data in ECDSA_METHOD 
(cherry picked from commit 387b844ffdc79b733be0b1dbaddd2ac64a6c1192)
 2014-07-02 00:59:43 +01:00
Andy Polyakov
daa96141d3 sha512-x86_64.pl: fix linking problem under Windows. 
(cherry picked from commit 29be3f6411774e10169e60e1507df3d7c2e589df)
 2014-07-01 17:12:41 +02:00