wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8766 commits 20 branches 302 tags 153 MiB
Commit graph

4302 commits

Author SHA1 Message Date
Dr. Stephen Henson
24b2806097 Move CRYPTO_memcmp to o_init.c when compiling with fips: cryptlib.o 
is in the fips module for fips capable builds.
 2013-02-05 16:50:34 +00:00
Ben Laurie
2928cb4c82 Fixups. 2013-02-05 16:50:33 +00:00
Ben Laurie
35a65e814b Make CBC decoding constant time. 
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bcc)

Conflicts:
	crypto/evp/c_allc.c
	ssl/ssl_algs.c
	ssl/ssl_locl.h
	ssl/t1_enc.c
(cherry picked from commit 3622239826698a0e534dcf0473204c724bb9b4b4)

Conflicts:
	ssl/d1_enc.c
	ssl/s3_enc.c
	ssl/s3_pkt.c
	ssl/ssl3.h
	ssl/ssl_algs.c
	ssl/t1_enc.c
 2013-02-05 16:50:32 +00:00
Ben Laurie
2708813166 Add and use a constant-time memcmp. 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)

Conflicts:
	crypto/crypto.h
	ssl/t1_lib.c
(cherry picked from commit dc406b59f3169fe191e58906df08dce97edb727c)

Conflicts:
	crypto/crypto.h
	ssl/d1_pkt.c
	ssl/s3_pkt.c
 2013-02-05 16:50:32 +00:00
Dr. Stephen Henson
66e8211c0b Don't try and verify signatures if key is NULL (CVE-2013-0166) 
Add additional check to catch this in ASN1_item_verify too.
 2013-02-05 16:50:31 +00:00
Dr. Stephen Henson
dd2dee60f3 Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set 2013-01-23 01:16:59 +00:00
Dr. Stephen Henson
6495179af6 Don't include comp.h if no-comp set. 2013-01-20 01:16:25 +00:00
Dr. Stephen Henson
42e10c3fd6 PR: 2803 
Submitted by: jean-etienne.schwartz@bull.net

In OCSP_basic_varify return an error if X509_STORE_CTX_init fails.
 2012-11-29 19:16:01 +00:00
Bodo Möller
75f0bc4f44 Fix EC_KEY initialization race. 
Submitted by: Adam Langley
 2012-10-05 20:51:47 +00:00
Bodo Möller
f7d2402cab Fix Valgrind warning. 
Submitted by: Adam Langley
 2012-09-24 19:50:07 +00:00
Richard Levitte
afa0580cd5 Remove duplicate symbol in crypto/symhacks.h 
Have the new names start in column 48, that makes it easy to see when
the 31 character limit is reached (on a 80 column display, do the math)
 2012-07-05 09:06:20 +00:00
Dr. Stephen Henson
4baee3031c PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:49:15 +00:00
Dr. Stephen Henson
db7a72b224 prepare for next version 2012-05-10 16:01:11 +00:00
Dr. Stephen Henson
f856173c43 prepare for 0.9.8x release 2012-05-10 14:36:07 +00:00
Dr. Stephen Henson
3978429ad5 Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:27:57 +00:00
Dr. Stephen Henson
e22e770147 prepare for next version 2012-04-23 21:15:22 +00:00
Dr. Stephen Henson
6dde222aae prepare form 0.9.8w release 2012-04-23 20:45:29 +00:00
Dr. Stephen Henson
8d038a08fb The fix for CVE-2012-2110 did not take into account that the 
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
int in OpenSSL 0.9.8, making it still vulnerable. Fix by
rejecting negative len parameter.

Thanks to the many people who reported this bug and to Tomas Hoger
<thoger@redhat.com> for supplying the fix.
 2012-04-23 20:35:55 +00:00
Dr. Stephen Henson
747c6ffda4 correct error code 2012-04-22 13:31:46 +00:00
Dr. Stephen Henson
eb7112c18e prepare for next version 2012-04-19 17:03:28 +00:00
Dr. Stephen Henson
8ab27e6ef7 prepare for 0.9.8v release 2012-04-19 11:39:03 +00:00
Dr. Stephen Henson
556e27b14f Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 11:36:09 +00:00
Dr. Stephen Henson
e351e2a7cf prepare for next version 2012-03-12 16:35:13 +00:00
Dr. Stephen Henson
215276243d corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 15:25:53 +00:00
Dr. Stephen Henson
2fad41d155 prepare for release 2012-03-12 14:53:14 +00:00
Dr. Stephen Henson
4f2fc3c2dd Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 14:51:45 +00:00
Dr. Stephen Henson
25d5d15fd5 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:01:44 +00:00
Dr. Stephen Henson
725713f74a PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions. [0.9.8 version of patch]
 2012-03-07 15:14:16 +00:00
Dr. Stephen Henson
73eb0972cf return failure code if I/O error 2012-03-06 19:08:30 +00:00
Dr. Stephen Henson
6720779c7e revert PR#2755: it breaks compilation 2012-03-06 18:25:33 +00:00
Dr. Stephen Henson
b2a2c6af2a PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:45:47 +00:00
Dr. Stephen Henson
272993bac4 PR: 2696 Submitted by: Rob Austein <sra@hactrn.net> 
Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.

[from HEAD]
 2012-03-06 13:37:52 +00:00
Dr. Stephen Henson
58532ae047 oops, revert unrelated patches 2012-03-06 13:22:32 +00:00
Dr. Stephen Henson
4e7f6d380d PR: 2748 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix possible DTLS timer deadlock.
 2012-03-06 13:20:20 +00:00
Dr. Stephen Henson
f0be325f88 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:36 +00:00
Dr. Stephen Henson
b66af23aa9 free headers after use in error message 2012-02-27 16:26:32 +00:00
Dr. Stephen Henson
29d0c13e97 Detect symmetric crypto errors in PKCS7_decrypt. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-27 15:23:20 +00:00
Dr. Stephen Henson
8a4e81a269 PR: 2711 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
 2012-02-23 21:50:13 +00:00
Dr. Stephen Henson
a72ce94213 prepare for next version 2012-01-18 14:27:13 +00:00
Dr. Stephen Henson
3309f8313c prepare for release 2012-01-18 13:14:49 +00:00
Dr. Stephen Henson
875ac0ec00 fix warning 2012-01-10 14:37:00 +00:00
Dr. Stephen Henson
244788464a update for next version 2012-01-04 23:56:13 +00:00
Dr. Stephen Henson
b3cebd5acf prepare for 0.9.8s release 2012-01-04 19:20:49 +00:00
Dr. Stephen Henson
1db0bbdc76 Fix double free in policy check code (CVE-2011-4109) 2012-01-04 19:00:28 +00:00
Dr. Stephen Henson
0e3a930fb4 Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 18:44:20 +00:00
Andy Polyakov
2ee77d36a0 x86-mont.pl: fix bug in integer-only squaring path [from HEAD]. 
PR: 2648
 2011-12-09 14:28:48 +00:00
Bodo Möller
72033fde7b Fix ecdsatest.c. 
Submitted by: Emilia Kasper
 2011-12-02 12:40:25 +00:00
Bodo Möller
9adf3fcf9a Fix BIO_f_buffer(). 
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
 2011-12-02 12:23:57 +00:00
Andy Polyakov
65f7456652 ppc.pl: fix bug in bn_mul_comba4 [from HEAD]. 
PR: 2636
Submitted by: Charles Bryant
 2011-11-05 10:17:06 +00:00
Dr. Stephen Henson
f8731bc2fd PR: 2632 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
 2011-10-26 16:42:48 +00:00
Bodo Möller
195d6bf760 BN_BLINDING multi-threading fix. 
Submitted by: Emilia Kasper (Google)
 2011-10-19 14:57:59 +00:00
Dr. Stephen Henson
6d50bce79f PR: 2482 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
 2011-10-09 00:56:18 +00:00
Dr. Stephen Henson
85e776885b PR: 2606 
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
 2011-09-23 13:40:06 +00:00
Bodo Möller
1c7c69a8a5 Fix memory leak on bad inputs. 2011-09-05 09:56:48 +00:00
Bodo Möller
24ad061037 Move OPENSSL_init declaration out of auto-generated code section 
(it is not auto-generated).
 2011-09-05 09:52:58 +00:00
Dr. Stephen Henson
92f96fa721 PR: 2576 
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
 2011-09-02 11:20:49 +00:00
Dr. Stephen Henson
0d1e362363 PR: 2340 
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
 2011-09-01 15:03:10 +00:00
Dr. Stephen Henson
a0bf2c86ab make timing attack protection unconditional 2011-09-01 14:23:41 +00:00
Dr. Stephen Henson
24d0524f31 PR: 2588 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
 2011-09-01 13:48:48 +00:00
Dr. Stephen Henson
46a1f2487e PR: 2559 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
 2011-07-20 15:20:19 +00:00
Dr. Stephen Henson
82a5049f6a PR: 2556 (partial) 
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
 2011-07-14 12:01:08 +00:00
Andy Polyakov
d027b75b73 perlasm/cbc.pl: fix tail processing bug [from HEAD]. 
PR: 2557
 2011-07-13 06:25:15 +00:00
Dr. Stephen Henson
87d14a3625 PR: 2470 
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
 2011-06-22 15:39:19 +00:00
Dr. Stephen Henson
22152d6885 PR: 2540 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
 2011-06-22 15:23:20 +00:00
Dr. Stephen Henson
102bcbce8d correctly encode OIDs near 2^32 2011-06-22 15:15:20 +00:00
Andy Polyakov
8655de423d rc4_skey.c [0.9.8]: at some point rc4_skey and x86[_64]cpuid were modified 
to examine bit#20 on x86[_64], but it was erroneously reverted to bit#28
in 2008 in process of FIPS integration.
 2011-06-06 19:58:21 +00:00
Dr. Stephen Henson
bc7ee385f5 Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:52:54 +00:00
Dr. Stephen Henson
1e368ab08f Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:43:47 +00:00
Dr. Stephen Henson
6d12b1f82b check buffer is larger enough before overwriting 2011-04-06 18:07:12 +00:00
Bodo Möller
d430f56de6 start 0.9.8s-dev 2011-02-08 17:58:34 +00:00
Bodo Möller
957ebe98fb OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) 
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
 2011-02-08 17:10:47 +00:00
Bodo Möller
9d09fc8485 Assorted bugfixes: 
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Neel Mehta, Bodo Moeller)
 2011-02-03 12:04:48 +00:00
Dr. Stephen Henson
a3dc628d86 PR: 2433 
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
 2011-01-24 16:21:00 +00:00
Dr. Stephen Henson
3c159fc1a5 check EC public key isn't point at infinity 2011-01-24 15:08:12 +00:00
Dr. Stephen Henson
6056afd223 PR: 1612 
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
 2011-01-24 14:42:11 +00:00
Dr. Stephen Henson
f4a4a0fdc7 PR: 2411 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
 2011-01-03 01:40:22 +00:00
Dr. Stephen Henson
9ad765173f Fix escaping code for string printing. If *any* escaping is enabled we 
must escape the escape character itself (backslash).
 2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
c8e3c1a9b5 PR: 2410 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
 2011-01-03 01:20:03 +00:00
Dr. Stephen Henson
ae378b769a use fips-dev not dev-fips 2011-01-03 00:43:47 +00:00
Dr. Stephen Henson
4de4e35459 PR: 2416 
Submitted by: Mark Phalan <mark.phalan@oracle.com>
Reviewed by: steve

Use L suffix in version number.
 2011-01-03 00:25:47 +00:00
Bodo Möller
5537a83e56 Add missing explicit instruction size. 
[CVS head and later branches have this since revision 1.7 of this file.]

Submitted by: Chandler Carruth (Google)
 2010-12-13 20:47:26 +00:00
Dr. Stephen Henson
b8be571868 update for next release 2010-12-02 19:42:28 +00:00
Dr. Stephen Henson
acd43bf38c prepare for release 2010-12-02 18:53:52 +00:00
Dr. Stephen Henson
7258d33794 PR: 2386 
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Correct SKM_ASN1_SET_OF_d2i macro.
 2010-12-02 18:02:02 +00:00
Dr. Stephen Henson
4d6af5c5d2 ../comm.txt 2010-11-27 17:33:34 +00:00
Ben Laurie
efed63d783 Backport J-PAKE fix. 2010-11-26 16:03:23 +00:00
Dr. Stephen Henson
0067580321 update for next version 2010-11-16 16:35:37 +00:00
Dr. Stephen Henson
82e0073624 oops, correct version number 2010-11-16 14:56:17 +00:00
Dr. Stephen Henson
7e541b1a7f prepare for release 2010-11-16 14:37:28 +00:00
Dr. Stephen Henson
3e8b8b8990 Submitted by: Jonathan Dixon <joth@chromium.org> 
Reviewed by: steve

If store is NULL set flags correctly.
 2010-11-02 15:57:00 +00:00
Dr. Stephen Henson
05bbbe9204 PR: 2295 
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
 2010-10-11 23:28:54 +00:00
Dr. Stephen Henson
93fc0e0e40 We can't always read 6 bytes in an OCSP response: fix so error statuses 
are read correctly for non-blocking I/O.
 2010-10-06 18:01:35 +00:00
Dr. Stephen Henson
6cb5746b65 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), 
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
 2010-10-03 18:55:57 +00:00
Dr. Stephen Henson
ae3b60ba99 fix bug in AES_unwrap() 2010-08-30 23:57:03 +00:00
Bodo Möller
d4ba6424a1 ECC library bugfixes. 
Submitted by: Emilia Kapser (Google)
 2010-08-26 12:10:25 +00:00
Dr. Stephen Henson
78dcaa0609 PR: 2297 
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
 2010-07-09 17:24:29 +00:00
Dr. Stephen Henson
65b4c34d86 initialise pbe_tmp 2010-07-08 16:51:48 +00:00
Andy Polyakov
d8486c312c rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3) 
[from HEAD].
PR: 2296
 2010-07-08 09:15:14 +00:00
Dr. Stephen Henson
63e3676e68 fix so it is safe to repeatedly add PBE algorithms 2010-06-26 12:55:01 +00:00
Dr. Stephen Henson
1dac2cae68 prepare for next release 2010-06-16 13:40:09 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
22872a5363 Prepare for release. 2010-06-01 14:47:12 +00:00
Dr. Stephen Henson
82b6b541b1 Fix CVE-2010-0742 2010-06-01 14:39:57 +00:00
Dr. Stephen Henson
60a989a76e fix PR#2261 in a different way 2010-05-31 13:17:52 +00:00
Andy Polyakov
18394ed50f 098 aes-x86_64.pl module was erroneously enabled in Win64 build without 
being adapted for Win64 ABI. Fix this.
 2010-05-30 22:02:03 +00:00
Dr. Stephen Henson
356f164f52 PR: 2258 
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Base64 BIO fixes:

Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
 2010-05-27 12:41:33 +00:00
Dr. Stephen Henson
203ef9988c PR: 2266 
Submitted By: Jonathan Gray <jsg@goblin.cx>

Correct ioctl definitions.
 2010-05-26 23:23:53 +00:00
Dr. Stephen Henson
59c4f46f0f PR: 2251 
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Memleak, BIO chain leak and realloc checks in v3_pci.c
 2010-05-22 00:31:18 +00:00
Dr. Stephen Henson
a7949b8da3 PR: 2253 
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Check callback return value when outputting errors.
 2010-05-15 00:36:40 +00:00
Andy Polyakov
b8febed96a Prevent ERR_print_errors_fp crash on Win32 [from HEAD]. 2010-04-20 20:28:30 +00:00
Andy Polyakov
c25e8ee9b3 md32_common.h: fix copy-n-paste typo. The typo was present in 098 only. 2010-03-29 11:23:11 +00:00
Dr. Stephen Henson
4525a048ec PR: 1696 
Check return value if d2i_PBEPARAM().
 2010-03-28 00:42:17 +00:00
Dr. Stephen Henson
17a79eec0c PR: 1763 
Remove useless num = 0 assignment.

Remove redundant cases on sock_ctrl(): default case handles them.
 2010-03-27 23:28:33 +00:00
Dr. Stephen Henson
1eda14b44f PR: 1813 
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.
 2010-03-27 18:28:24 +00:00
Richard Levitte
ab9c0ec9fc Have an underscore before <ARCH> to make sure any future architecture 
name won't be mixed up with any crypto name.
 2010-03-25 14:45:22 +00:00
Dr. Stephen Henson
ea5b3f5e62 PR: 2202 (partial) 
Submitted by: Steven M. Schweda <sms@antinode.info>

Make some declarations conditional on FIPS/ENGINE.
Make pqueue_print non-VAX.
 2010-03-25 12:17:17 +00:00
Dr. Stephen Henson
c3c658e1c0 updates for next version 2010-03-25 12:07:04 +00:00
Dr. Stephen Henson
4fae868811 prepare for release 2010-03-24 13:16:55 +00:00
Andy Polyakov
c3484e0268 rand_win.c: fix logical bug in readscreen [from HEAD]. 2010-03-22 22:44:48 +00:00
Andy Polyakov
6b0be9c73d bss_file.c: fix MSC 6.0 warning [from HEAD]. 2010-03-22 22:40:18 +00:00
Andy Polyakov
02312a91ca ppc.pl: assembler Y chokes on apostrophes in comment. 2010-03-22 20:58:43 +00:00
Andy Polyakov
f1502a491e Fix UPLINK typo [from HEAD]. 2010-03-15 22:27:32 +00:00
Dr. Stephen Henson
cc53036744 missing goto meant signature was never printed out 2010-03-12 12:07:16 +00:00
Dr. Stephen Henson
5e8e7054f7 The OID sanity check was incorrect. It should only disallow *leading* 0x80 
values.
 2010-03-07 16:40:31 +00:00
Dr. Stephen Henson
9a542ea01d don't add digest alias if signature algorithm is undefined 2010-03-06 20:52:33 +00:00
Dr. Stephen Henson
1939f83709 Fix memory leak: free up ENGINE functional reference if digest is not 
found in an ENGINE.
 2010-03-05 13:35:06 +00:00
Dr. Stephen Henson
7786ed6a64 don't mix definitions and code 2010-03-03 15:30:05 +00:00
Andy Polyakov
bdd08277b8 Fix s390x-specific HOST_l2c|c2l [from HEAD]. 
Submitted by: Andreas Krebbel
 2010-03-02 16:26:13 +00:00
Dr. Stephen Henson
2bf4faa7e4 PR: 2178 
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
 2010-03-01 23:54:19 +00:00
Dr. Stephen Henson
2e5e604b0c load cryptodev if HAVE_CRYPTODEV is set too 2010-03-01 00:30:11 +00:00
Ben Laurie
ed4cd027f3 Fix warnings. 2010-02-28 13:37:15 +00:00
Dr. Stephen Henson
582eb96d15 Revert CFB block length change. Despite what SP800-38a says the input to 
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
 2010-02-26 14:41:38 +00:00
Dr. Stephen Henson
2649ce1ebc Change versions for 0.9.8n-dev 2010-02-26 14:34:24 +00:00
Dr. Stephen Henson
7070cdba4e Prepare for 0.9.8m release 2010-02-25 17:18:23 +00:00
Richard Levitte
e885de28b1 Since crypto-lib.com is built to be executed in the crypto/ directory, 
there's no need to specify that directory in the include path.
 2010-02-24 01:20:04 +00:00
Bodo Möller
3e4da3f7cb Always check bn_wexpend() return values for failure (CVE-2009-3245). 
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
 2010-02-23 10:36:41 +00:00
Richard Levitte
defede6080 Include [.CRYPTO.<ARCH>] instead of just [.<ARCH>] 2010-02-23 07:50:54 +00:00
Richard Levitte
00d1ecb1da Add t1_reneg to the VMS build. 
Hack the symbols with long names.
 2010-02-22 07:05:24 +00:00
Bodo Möller
739e0e934a Fix X509_STORE locking 2010-02-19 18:25:39 +00:00
Dr. Stephen Henson
657b02d0cf PR: 2100 
Submitted by: James Baker <jbaker@tableausoftware.com> et al.

Workaround for slow Heap32Next on some versions of Windows.
 2010-02-17 14:32:01 +00:00
Dr. Stephen Henson
1b690c1a8b The "block length" for CFB mode was incorrectly coded as 1 all the time. It 
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
 2010-02-15 19:40:45 +00:00
Dr. Stephen Henson
2873a53f5f Correct ECB mode EVP_CIPHER definition: IV length is 0 2010-02-15 19:25:37 +00:00
Dr. Stephen Henson
04a781e844 PR: 2164 
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>

Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
 2010-02-15 19:02:53 +00:00
Dr. Stephen Henson
0bbbadf3f5 Fix memory leak in ENGINE autoconfig code. Improve error logging. 2010-02-09 14:18:15 +00:00
Dr. Stephen Henson
4a9d335bb4 tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:19:54 +00:00
Dr. Stephen Henson
0369804ffa In engine_table_select() don't clear out entire error queue: just clear 
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
 2010-01-28 17:53:11 +00:00
Dr. Stephen Henson
b3fb2492d5 eliminate some warnings in fips build 2010-01-27 13:21:34 +00:00
Dr. Stephen Henson
93b810637b Bypass algorithm blocking with TLS MD5+SHA1 signature in FIPS mode by 
calling underlying method directly.
 2010-01-27 00:51:24 +00:00
Dr. Stephen Henson
9413788571 PR: 2138 
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
 2010-01-26 18:08:42 +00:00
Dr. Stephen Henson
1b32943215 Update OID table too. 2010-01-25 16:08:52 +00:00