Commit graph

11908 commits

Author SHA1 Message Date
Serguei E. Leontiev
4a56d9a2ed Replace manual ASN1 decoder with ASN1_get_object
Replace manual ASN.1 decoder with ASN1_get object. This
will decode the tag and length properly and check against
it does not exceed the supplied buffer length.

PR#3335
2014-05-12 18:41:52 +01:00
Dr. Stephen Henson
89e674744d Correct example. 2014-05-12 18:41:52 +01:00
Andy Polyakov
f75faa16af Add "teaser" AES module for PowerISA 2.07.
"Teaser" means that it's not integrated yet and purpose of this
commit is primarily informational, to exhibit design choices,
such as how to handle alignment and endianness. In other words
it's proof-of-concept code that EVP module will build upon.
2014-05-12 10:35:29 +02:00
Matt Caswell
7b06ac7593 Fixed NULL pointer dereference. See PR#3321 2014-05-12 00:38:37 +01:00
Kurt Roeckx
3b3ecce141 Set authkey to NULL and check malloc return value. 2014-05-12 00:20:08 +01:00
Martin Brejcha
00f3a236e0 dgram_sctp_ctrl: authkey memory leak
PR: 3327
2014-05-12 00:20:08 +01:00
Günther Noack
308505b838 Avoid out-of-bounds write in SSL_get_shared_ciphers
PR: 3317
2014-05-11 23:52:47 +01:00
Viktor Dukhovni
b00676bb6f Fix infinite loop. PR#3347 2014-05-11 20:28:56 +01:00
Matt Caswell
971a7c5ff7 Move length check earlier to ensure we don't go beyond the end of the user's buffer. PR#3320 2014-05-11 11:27:26 +01:00
Tim Hudson
c388d8b40c safety check to ensure we dont send out beyond the users buffer 2014-05-11 11:21:30 +01:00
Matt Caswell
c4afc40a9b Fixed CRLF in file 2014-05-10 01:19:50 +01:00
Dr. Stephen Henson
0bcb17a777 Return an error if no recipient type matches.
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
2014-05-09 14:24:54 +01:00
Geoff Thorpe
a935132099 s_client/s_server: support unix domain sockets
The "-unix <path>" argument allows s_server and s_client to use a unix
domain socket in the filesystem instead of IPv4 ("-connect", "-port",
"-accept", etc). If s_server exits gracefully, such as when "-naccept"
is used and the requested number of SSL/TLS connections have occurred,
then the domain socket file is removed. On ctrl-C, it is likely that
the stale socket file will be left over, such that s_server would
normally fail to restart with the same arguments. For this reason,
s_server also supports an "-unlink" option, which will clean up any
stale socket file before starting.

If you have any reason to want encrypted IPC within an O/S instance,
this concept might come in handy. Otherwise it just demonstrates that
there is nothing about SSL/TLS that limits it to TCP/IP in any way.

(There might also be benchmarking and profiling use in this path, as
unix domain sockets are much lower overhead than connecting over local
IP addresses).

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-05-08 22:07:09 -04:00
Tim Hudson
b6e69d284b coverity 966576 - close socket in error path 2014-05-08 23:14:52 +01:00
Tim Hudson
8e94fadd0b PR#3342 fix resource leak coverity issue 966577 2014-05-08 23:08:33 +01:00
Tim Hudson
630f9fc69d fix coverity issue 966597 - error line is not always initialised 2014-05-07 23:54:25 +01:00
Matt Caswell
2d2e0479eb Fixed NULL pointer dereference in PKCS7_dataDecode reported by David Ramos in PR#3339 2014-05-07 23:21:02 +01:00
Geoff Thorpe
fce3821111 evp: prevent underflow in base64 decoding
This patch resolves RT ticket #2608.

Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-05-06 17:52:19 -04:00
Geoff Thorpe
12e9f627f9 bignum: allow concurrent BN_MONT_CTX_set_locked()
The lazy-initialisation of BN_MONT_CTX was serialising all threads, as
noted by Daniel Sands and co at Sandia. This was to handle the case that
2 or more threads race to lazy-init the same context, but stunted all
scalability in the case where 2 or more threads are doing unrelated
things! We favour the latter case by punishing the former. The init work
gets done by each thread that finds the context to be uninitialised, and
we then lock the "set" logic after that work is done - the winning
thread's work gets used, the losing threads throw away what they've done.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-05-06 17:43:35 -04:00
Dr. Stephen Henson
3ba1e406c2 Initialize num properly.
PR#3289
PR#3345
2014-05-06 14:07:37 +01:00
Dr. Stephen Henson
546b1b4384 Set Enveloped data version to 2 if ktri version not zero. 2014-05-06 13:59:05 +01:00
Tim Hudson
8bbfd94e36 - fix coverity issues 966593-966596 2014-05-06 00:02:31 +01:00
Geoff Thorpe
e1ce131d4d apps/s_server: document '-naccept' cmd-line argument
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-05-04 22:42:41 -04:00
Andy Polyakov
b943b7d2c7 md5/asm/md5-[586|x86_64].pl: +15% on Atom.
[MD5 is hardly relevant, just cleaning up repository]
2014-05-04 16:56:00 +02:00
Andy Polyakov
496f2b148b C64x+ assembply pack: add RC4 module. 2014-05-04 16:39:59 +02:00
Andy Polyakov
bd227733b9 C64x+ assembly pack: make it work with older toolchain. 2014-05-04 16:38:32 +02:00
Andy Polyakov
9250a30692 sha/asm/sha1-armv4-large.pl: add NEON and ARMv8 code paths.
sha/asm/sha256-armv4.pl: add ARMv8 code path.
2014-05-04 10:57:55 +02:00
Andy Polyakov
4afa9f033d crypto/armcap.c: detect ARMv8 capabilities [in 32-bit build]. 2014-05-04 10:55:49 +02:00
David Ramos
16ba70746b Double free in i2o_ECPublicKey
PR: 3338
2014-05-04 00:46:20 +01:00
Geoff Thorpe
da12bfca51 dso: eliminate VMS code on non-VMS systems
Even though the meat of dso_vms.c is compiled out on non-VMS builds,
the (pre-)compiler still traverses some of the macro handling. This
trips up at least one non-VMS build configuration, so this commit
makes the skip-VMS case more robust.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-05-01 21:59:36 -04:00
Jeff Trawick
e5676b8328 typo in SSL_get_peer_cert_chain docs
RT: 3304
2014-05-01 13:40:01 +02:00
Matt Caswell
a141effa7b Fixed spelling error in error message. Fix supplied by Marcos Marado 2014-05-01 00:28:00 +01:00
Geoff Thorpe
a529261891 bignum: fix boundary condition in montgomery logic
It's not clear whether this inconsistency could lead to an actual
computation error, but it involved a BIGNUM being passed around the
montgomery logic in an inconsistent state. This was found using flags
-DBN_DEBUG -DBN_DEBUG_RAND, and working backwards from this assertion
in 'ectest';

ectest: bn_mul.c:960: BN_mul: Assertion `(_bnum2->top == 0) ||
(_bnum2->d[_bnum2->top - 1] != 0)' failed

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-04-30 11:49:31 -04:00
Ben Laurie
9cabf6bb80 More warnings. 2014-04-29 18:19:54 +01:00
Matt Caswell
ba1cb9a553 Fix SSL_CONF_cmd missing =back 2014-04-27 18:57:34 +01:00
Matt Caswell
b5450d6349 Fixed minor errors in docs 2014-04-26 21:56:36 +01:00
Matt Caswell
6bcc4475fc PKCS5_PBKDF2_HMAC documentation submitted by Jeffrey Walton 2014-04-26 21:44:26 +01:00
Chris Rorvick
fa9d77dcd2 doc: Add missing =back directive.
Signed-off-by: Chris Rorvick <chris@rorvick.com>
2014-04-26 12:32:53 -05:00
mancha
8acb953880 Fix version documentation.
Specify -f is for compilation flags. Add -d to synopsis section.

Closes #77.
2014-04-26 08:09:53 +01:00
mancha
e14f14d36e Fix eckey_priv_encode()
Fix eckey_priv_encode to return an error on failure of i2d_ECPrivateKey.
2014-04-26 07:59:13 +01:00
Geoff Thorpe
79c6c4e828 make depend 2014-04-25 14:31:05 -04:00
Geoff Thorpe
76c3ff6937 apps: constify some string parameters
There are certainly many more constifiable strings in the various
interfaces, which I hope to get to eventually.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-04-25 14:31:05 -04:00
Geoff Thorpe
647f360e2e util/mkerr.pl: fix perl warning
Gets rid of this;

defined(@array) is deprecated at ../util/mkerr.pl line 792.
        (Maybe you should just omit the defined()?)
defined(@array) is deprecated at ../util/mkerr.pl line 800.
        (Maybe you should just omit the defined()?)

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-04-25 14:31:05 -04:00
Mark J. Cox
cdcd5dc865 Remove latest version, it's pretty redundant and just one more thing
to keep up to date with releases.  Reported because
http://www.openssl.org/support/faq.html#MISC1 was out of date
2014-04-25 08:12:13 +01:00
Geoff Thorpe
c9011ec460 util/mkdef.pl: o_time.h doesn't exist any more
o_time.h was removed in commit ff49a94, which breaks "make update"
unless mkdir.pl is updated accordingly.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-04-25 01:01:17 -04:00
Steve Marquess
d2cc3d8a4e Add new sponsors 2014-04-24 12:33:03 +01:00
Andy Polyakov
f8cee9d081 bn/asm/armv4-gf2m.pl, modes/asm/ghash-armv4.pl: faster multiplication
algorithm suggested in following paper:

Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
Polynomial Multiplication on ARM Processors using the NEON Engine.

http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
2014-04-24 10:24:53 +02:00
Andy Polyakov
558ff0f0c1 aes/asm/bsaes-x86_64.pl: Atom-specific optimization. 2014-04-24 10:13:30 +02:00
Ben Laurie
94d1f4b0f3 Fix use after free. 2014-04-23 07:24:03 +01:00
Ben Laurie
4ba5e63bfd Fix double frees. 2014-04-22 16:58:43 +01:00