wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8513 commits 20 branches 302 tags 153 MiB
Commit graph

214 commits

Author SHA1 Message Date
Dr. Stephen Henson
8e664b2055 Remove ASN1 library (and other) dependencies from fipscanister.o 2007-01-24 13:00:15 +00:00
Dr. Stephen Henson
566933a8ba Update from HEAD. 2007-01-21 16:02:37 +00:00
Nils Larsch
492a907089 fix function names in RSAerr calls 
PR: 1403
 2006-12-04 20:41:46 +00:00
Dr. Stephen Henson
ea474c567f Rebuild error source files. 2006-11-21 19:27:19 +00:00
Mark J. Cox
b213966415 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:53:51 +00:00
Bodo Möller
c2293d2e9a make consistent with 0.9.8-branch version of this file 2006-09-06 06:41:32 +00:00
Mark J. Cox
ffa0407233 Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:24:14 +00:00
Bodo Möller
094c6aa51d Thread-safety fixes 2006-06-16 01:01:34 +00:00
Bodo Möller
019a63f9c9 Thread-safety fixes 2006-06-14 08:50:11 +00:00
Nils Larsch
e0fe7abeec apply fixes from the cvs head 2006-03-14 09:07:06 +00:00
Dr. Stephen Henson
3c1ee6c147 Fix from HEAD. 2006-02-04 01:50:41 +00:00
Bodo Möller
8750e911f1 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:33:31 +00:00
Dr. Stephen Henson
5fbf6769fc Update from head. 2005-06-06 22:42:35 +00:00
Andy Polyakov
bb792a485a Make PSS more flexible, most notably assign special meaning to negative 
sLen values: -1 -> sLen = hLen, -2 -> sLen autochosen/autorecovered.
 2005-06-02 18:07:16 +00:00
Dr. Stephen Henson
26655341fc Update symbols. Add #ifdef OPENSSL_FIPS in various places. 2005-06-02 00:09:25 +00:00
Dr. Stephen Henson
5858d32a59 Fixes for unusual key lengths an PSS. 2005-06-01 22:06:46 +00:00
Dr. Stephen Henson
485bcc9cab Preliminary support for X9.31 RSA key generation for FIPS. 
Included prime derivation, random prime generation, test program and
new option to genrsa.
 2005-05-31 12:38:03 +00:00
Dr. Stephen Henson
4bd7bc97e8 make update 2005-05-29 12:30:21 +00:00
Dr. Stephen Henson
e4c2c550b9 Add X9.31 signature support, mainly for FIPS140. Add new option to rsautl and 
include options to use X9.31 in tests.
 2005-05-28 20:15:48 +00:00
Dr. Stephen Henson
7044d328a2 Add PSS support. Minimal at this stage for FIPS140. 2005-05-27 21:59:52 +00:00
Bodo Möller
80790d89ec Use BN_with_flags() in a cleaner way. 
Complete previous change:
Constant time DSA [sync with mainstream].
 2005-05-27 15:39:15 +00:00
Bodo Möller
ecb1445ce2 Implement fixed-window exponentiation to mitigate hyper-threading 
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
 2005-05-16 01:26:08 +00:00
Nils Larsch
b07a7b5daa fix typo 2005-04-23 12:46:24 +00:00
Dr. Stephen Henson
4ed56cba63 New function BN_MONT_CTX_set_locked, to set montgomery parameters in a 
threadsafe manner.

Modify or add calls to use it in rsa, dsa and dh algorithms.
 2005-04-22 13:17:49 +00:00
Dr. Stephen Henson
342b7e0458 Rebuild error codes. 2005-04-12 13:47:58 +00:00
Richard Levitte
9addd9b6fb Add emacs cache files to .cvsignore. 2005-04-11 14:18:14 +00:00
Dr. Stephen Henson
da8534693c Add lots of checks for memory allocation failure, error codes to indicate 
failure and freeing up memory if a failure occurs.

PR:620
 2004-12-05 01:04:44 +00:00
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break 
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
 2004-11-02 23:53:31 +00:00
Richard Levitte
5affe206e1 Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for 
size_t-ification of those algorithms in future version of OpenSSL...
 2004-05-19 14:16:33 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh 
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
 2003-12-27 15:00:24 +00:00
Richard Levitte
54a7ea6f36 DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function 
called downstream that need it to be non-const.  The fact that the RSA_METHOD
functions take the RSA* as a const doesn't matter, it just expresses that
*they* won't touch it.
PR: 602
 2003-05-07 11:38:13 +00:00
Richard Levitte
0e2f5ec2d2 Constify RSA_sign() and RSA_verify(). 
PR: 602
 2003-05-05 13:55:23 +00:00
Richard Levitte
7f0f9f1934 Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances. 
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
                 rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.
 2003-04-16 06:25:29 +00:00
Richard Levitte
8f09a154e3 Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt() 2003-04-15 13:01:50 +00:00
Richard Levitte
f78ae9c0f2 make update. 2003-04-10 20:10:22 +00:00
Dr. Stephen Henson
88ec5a637f Only call redirected rsa_sign or rsa_verify if the pointer is set. 
This allows, for example, a smart card to redirect rsa_sign and keep
the default rsa_verify.
 2003-04-10 01:13:37 +00:00
Richard Levitte
0ae4ad9e9f Include rand.h, so RAND_status() and friends get properly declared. 2003-04-08 11:07:13 +00:00
Richard Levitte
1ed3815650 We seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in 
form of unneeded direct calls through the engine pointer..
 2003-04-08 06:02:00 +00:00
Richard Levitte
27310553b1 We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form 
of unneeded includes of openssl/engine.h.
 2003-04-08 06:00:17 +00:00
Richard Levitte
78490b9cc2 RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function 
pointers should be used.  It doesn't necessarely mean it should go through
the ENGINE framework.
 2003-04-07 19:15:29 +00:00
Bodo Möller
46b695d850 make RSA blinding thread-safe 2003-04-02 09:50:55 +00:00
Bodo Möller
84b1e84af1 make sure RSA blinding works when the PRNG is not properly seeded; 
enable it automatically only for the built-in engine
 2003-03-19 18:58:55 +00:00
Ben Laurie
96c15b8aad Turn on RSA blinding by default. 2003-03-18 12:12:10 +00:00
Richard Levitte
bd573ee31a The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's 
bad, so let's not check OPENSSL_NO_ENGINE in those places.  Fortunately, all
the header files where the problem existed include ossl_typ.h, which makes
a 'forward declaration' of the ENGINE type.
 2003-01-30 18:52:52 +00:00
Richard Levitte
6d85cd36e2 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:37:49 +00:00
Richard Levitte
75e3026a14 Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:09:03 +00:00
Richard Levitte
8aa09a245c The logic in the main signing and verifying functions to check lengths was 
incorrect.  Fortunately, there is a second check that's correct, when adding
the pads.
PR: 355
 2002-11-26 11:14:45 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we 
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
 2002-10-09 13:21:33 +00:00
Lutz Jänicke
3720ea24f0 "make update" 
Submitted by:
Reviewed by:
PR:
 2002-07-30 07:18:03 +00:00