Geoff Thorpe
9febee0272
evp: prevent underflow in base64 decoding
...
This patch resolves RT ticket #2608 .
Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-05-06 18:23:54 -04:00
Dr. Stephen Henson
47f689ac09
Initialize num properly.
...
PR#3289
PR#3345
(cherry picked from commit 3ba1e406c2
)
2014-05-06 14:09:26 +01:00
Eric Young
9ad5c5e4f9
Fix base64 decoding bug.
...
A short PEM encoded sequence if passed to the BIO, and the file
had 2 \n following would fail.
PR#3289
(cherry picked from commit 10378fb5f4
)
2014-04-02 19:58:25 +01:00
Ben Laurie
2928cb4c82
Fixups.
2013-02-05 16:50:33 +00:00
Ben Laurie
35a65e814b
Make CBC decoding constant time.
...
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.
This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.
In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bcc
)
Conflicts:
crypto/evp/c_allc.c
ssl/ssl_algs.c
ssl/ssl_locl.h
ssl/t1_enc.c
(cherry picked from commit 3622239826698a0e534dcf0473204c724bb9b4b4)
Conflicts:
ssl/d1_enc.c
ssl/s3_enc.c
ssl/s3_pkt.c
ssl/ssl3.h
ssl/ssl_algs.c
ssl/t1_enc.c
2013-02-05 16:50:32 +00:00
Dr. Stephen Henson
24d0524f31
PR: 2588
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Close file pointer.
2011-09-01 13:48:48 +00:00
Dr. Stephen Henson
4d6af5c5d2
../comm.txt
2010-11-27 17:33:34 +00:00
Dr. Stephen Henson
05bbbe9204
PR: 2295
...
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve
OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:28:54 +00:00
Dr. Stephen Henson
65b4c34d86
initialise pbe_tmp
2010-07-08 16:51:48 +00:00
Dr. Stephen Henson
63e3676e68
fix so it is safe to repeatedly add PBE algorithms
2010-06-26 12:55:01 +00:00
Ben Laurie
d886975835
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
356f164f52
PR: 2258
...
Submitted By: Ger Hobbelt <ger@hobbelt.com>
Base64 BIO fixes:
Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
2010-05-27 12:41:33 +00:00
Dr. Stephen Henson
9a542ea01d
don't add digest alias if signature algorithm is undefined
2010-03-06 20:52:33 +00:00
Dr. Stephen Henson
1939f83709
Fix memory leak: free up ENGINE functional reference if digest is not
...
found in an ENGINE.
2010-03-05 13:35:06 +00:00
Dr. Stephen Henson
582eb96d15
Revert CFB block length change. Despite what SP800-38a says the input to
...
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
2010-02-26 14:41:38 +00:00
Dr. Stephen Henson
1b690c1a8b
The "block length" for CFB mode was incorrectly coded as 1 all the time. It
...
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
2010-02-15 19:40:45 +00:00
Dr. Stephen Henson
2873a53f5f
Correct ECB mode EVP_CIPHER definition: IV length is 0
2010-02-15 19:25:37 +00:00
Dr. Stephen Henson
c22050be29
Traditional Yuletide commit ;-)
...
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
2009-12-25 14:11:18 +00:00
Dr. Stephen Henson
9e5dea0ffd
PR: 2124
...
Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>
Check for memory allocation failures.
2009-12-09 13:41:50 +00:00
Dr. Stephen Henson
2c5f3606d1
Remove MD2 from digest algorithm table. This follows the recommendation in
...
several places that it is not used in new applications.
2009-07-08 08:33:27 +00:00
Ben Laurie
1eee8a4226
Use the correct length (reported by Quanhong Wang).
2009-03-03 15:06:49 +00:00
Ben Laurie
e26ad0c4fd
Fix FIPS typo.
2009-02-18 10:27:23 +00:00
Ben Laurie
f092a073a7
Fix warnings.
2008-12-02 18:14:44 +00:00
Dr. Stephen Henson
b84e441861
Don't attempt to enter FIPS mode in autoconfig module if already in FIPS mode.
2008-11-11 12:52:14 +00:00
Dr. Stephen Henson
2c17b493b1
Make -DKSSL_DEBUG work again.
2008-11-10 18:55:07 +00:00
Dr. Stephen Henson
3795297af8
Change old obsolete email address...
2008-11-05 18:36:57 +00:00
Dr. Stephen Henson
138f20433e
Camellia low level API algorithm blocking.
2008-09-21 11:21:43 +00:00
Dr. Stephen Henson
7747c67861
Make camellia work with updated EVP macros.
2008-09-21 10:24:08 +00:00
Dr. Stephen Henson
e852835da6
Make update: delete duplicate error code.
2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180
Merge changes to build system from fips branch.
2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
f947b818bf
Oops, restore change that got reverted accidentally.
2008-09-15 22:32:23 +00:00
Dr. Stephen Henson
a2dc9b6be2
Merge EVP changes in from FIPS branch.
2008-09-15 22:21:42 +00:00
Dr. Stephen Henson
1af12ff1d1
Fix error code discrepancy.
...
Make update.
2008-09-14 16:43:37 +00:00
Bodo Möller
cdd0f3b328
Don't use assertions to check application-provided arguments;
...
and don't unnecessarily fail on input size 0.
2008-08-14 21:37:20 +00:00
Dr. Stephen Henson
14748adb09
Make ssl code consistent with FIPS branch. The new code has no effect
...
at present because it asserts either noop flags or is inside
OPENSSL_FIPS #ifdef's.
2008-06-16 16:56:43 +00:00
Ben Laurie
4f2b7d48b1
make depend
2007-09-19 12:17:11 +00:00
Andy Polyakov
4d2a292e8a
EVP_*_cfb1 was broken [from HEAD].
...
PR: 1318
2007-07-08 19:18:15 +00:00
Dr. Stephen Henson
14346b3456
Fix warnings: C++ comments and computed value not used.
2007-07-04 12:56:33 +00:00
Bodo Möller
c3cc4662af
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:50:26 +00:00
Dr. Stephen Henson
392a0345de
EVP_CIPHER_CTX_key_length() should return the set key length in the
...
EVP_CIPHER_CTX structure which may not be the same as the underlying
cipher key length for variable length ciphers.
2007-02-27 18:42:52 +00:00
Dr. Stephen Henson
594c723f98
Add hmac option to dgst from 0.9.7-stable.
2007-02-08 19:08:21 +00:00
Dr. Stephen Henson
4a0d3530e0
Update from HEAD.
2007-01-21 13:16:49 +00:00
Nils Larsch
8e6905d238
remove trailing '\'
...
PR: 1438
2006-12-19 19:47:39 +00:00
Nils Larsch
d4a6240005
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:47:15 +00:00
Dr. Stephen Henson
115fc340cb
Rebuild error file C source files.
2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
f4f1dc39e0
Fix from HEAD.
2006-08-31 21:01:41 +00:00
Bodo Möller
1921a1adb2
"make depend" for the default configuration, i.e. no-camellia here in
...
the 0.9.8 branch!
2006-06-14 09:56:08 +00:00
Bodo Möller
edbf9f878d
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-11 01:08:15 +00:00
Bodo Möller
e18eef3d7a
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
b095418d20
Fix from 0.9.7-stable.
2006-04-15 17:43:18 +00:00