Commit graph

353 commits

Author SHA1 Message Date
Pascal Cuoq
99c2033375 Move BN_CTX_start() call so the error case can always call BN_CTX_end().
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR #1231
2015-10-07 18:54:13 +02:00
Ben Laurie
df2ee0e27d Enable -Wmissing-variable-declarations and
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require
any code changes).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-11 04:51:55 +01:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Ben Kaduk
36ac7bc8a9 GH367 follow-up, for more clarity
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-08-31 13:46:12 -04:00
Ismo Puustinen
f00a10b897 GH367: Fix dsa keygen for too-short seed
If the seed value for dsa key generation is too short (< qsize),
return an error. Also update the documentation.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-08-27 22:57:00 -04:00
Dr. Stephen Henson
9d04f83410 Add DSA digest length checks.
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-08-24 15:12:52 +01:00
Rich Salz
fbfcb22439 RT3999: Remove sub-component version strings
Especially since after the #ifdef cleanups this is not useful.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-10 12:13:32 -04:00
Martin Vejnar
fa4629b6a2 RT3774: double-free in DSA
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-07-29 21:21:00 -04:00
Rich Salz
74924dcb38 More secure storage of key material.
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-06-23 17:09:35 -04:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Richard Levitte
a3aadb2d9c make depend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:38:31 +02:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Rich Salz
75ebbd9aa4 Use p==NULL not !p (in if statements, mainly)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-11 10:06:38 -04:00
Rich Salz
86885c2895 Use "==0" instead of "!strcmp" etc
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-06 22:37:53 -04:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c free NULL cleanup 7
This gets BN_.*free:
    BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
    BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free

Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 21:37:06 -04:00
Rich Salz
4b45c6e52b free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
        CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:57:32 -04:00
Rich Salz
2ace745022 free NULL cleanup 8
Do not check for NULL before calling a free routine.  This addresses:
    ASN1_BIT_STRING_free ASN1_GENERALIZEDTIME_free ASN1_INTEGER_free
    ASN1_OBJECT_free ASN1_OCTET_STRING_free ASN1_PCTX_free ASN1_SCTX_free
    ASN1_STRING_clear_free ASN1_STRING_free ASN1_TYPE_free
    ASN1_UTCTIME_free M_ASN1_free_of

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 11:31:07 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Viktor Dukhovni
61986d32f3 Code style: space after 'if'
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Dr. Stephen Henson
ea6b07b54c Simplify DSA public key handling.
DSA public keys could exist in two forms: a single Integer type or a
SEQUENCE containing the parameters and public key with a field called
"write_params" deciding which form to use. These forms are non standard
and were only used by functions containing "DSAPublicKey" in the name.

Simplify code to only use the parameter form and encode the public key
component directly in the DSA public key method.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 22:04:15 +00:00
Rich Salz
ca3a82c3b3 free NULL cleanup
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Matt Caswell
266483d2f5 RAND_bytes updates
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:38:07 +00:00
Rich Salz
d64070838e free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets DH_free, DSA_free, RSA_free

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 23:17:16 -04:00
Dr. Stephen Henson
86d20cb6fd make depend
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:05:05 +00:00
Dr. Stephen Henson
27af42f9ac Move some EVP internals to evp_int.h
Move EVP internals to evp_int.h, remove -Ievp hack from crypto/Makefile

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:03:36 +00:00
Dr. Stephen Henson
5fe736e5fc Move some ASN.1 internals to asn1_int.h
Move ASN.1 internals used across multiple directories into new internal
header file asn1_int.h remove crypto/Makefile hack which allowed other
directories to include "asn1_locl.h"

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:03:36 +00:00
Rich Salz
0dfb9398bb free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets ASN1_OBJECT_free and ASN1_STRING_free.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 07:52:24 -04:00
Matt Caswell
0c7ca4033d Fix dsa_pub_encode
The return value from ASN1_STRING_new() was not being checked which could
lead to a NULL deref in the event of a malloc failure. Also fixed a mem
leak in the error path.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-12 09:23:42 +00:00
Dr. Stephen Henson
a8ae0891d4 Cleanse PKCS#8 private key components.
New function ASN1_STRING_clear_free which cleanses an ASN1_STRING
structure before freeing it.

Call ASN1_STRING_clear_free on PKCS#8 private key components.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-08 16:27:55 +00:00
Richard Levitte
c6ef15c494 clang on Linux x86_64 complains about unreachable code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-29 01:54:09 +01:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Rich Salz
a00ae6c46e OPENSSL_NO_xxx cleanup: many removals
The following compile options (#ifdef's) are removed:
    OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
    OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
    OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
    OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY

This diff is big because of updating the indents on preprocessor lines.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 10:06:22 -05:00
Rich Salz
9c46f4b9cd Remove obsolete uncomiled dsagen semi-test
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-22 12:43:26 -05:00
Matt Caswell
50e735f9e5 Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the
script should not move them)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:10 +00:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
68d39f3ce6 Move more comments that confuse indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
b853717fc4 Fix strange formatting by indent
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:08 +00:00
Rich Salz
4b618848f9 Cleanup OPENSSL_NO_xxx, part 1
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160
OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO
Two typo's on #endif comments fixed:
	OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB
	OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-14 15:57:28 -05:00
Rich Salz
6d23cf9744 RT3548: Remove unsupported platforms
This last one for this ticket.  Removes WIN16.
So long, MS_CALLBACK and MS_FAR.  We won't miss you.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-12 17:30:54 -05:00
Dr. Stephen Henson
684400ce19 Fix various certificate fingerprint issues.
By using non-DER or invalid encodings outside the signed portion of a
certificate the fingerprint can be changed without breaking the signature.
Although no details of the signed portion of the certificate can be changed
this can cause problems with some applications: e.g. those using the
certificate fingerprint for blacklists.

1. Reject signatures with non zero unused bits.

If the BIT STRING containing the signature has non zero unused bits reject
the signature. All current signature algorithms require zero unused bits.

2. Check certificate algorithm consistency.

Check the AlgorithmIdentifier inside TBS matches the one in the
certificate signature. NB: this will result in signature failure
errors for some broken certificates.

3. Check DSA/ECDSA signatures use DER.

Reencode DSA/ECDSA signatures and compare with the original received
signature. Return an error if there is a mismatch.

This will reject various cases including garbage after signature
(thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
(negative or with leading zeroes).

CVE-2014-8275
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-01-05 14:35:19 +00:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Matt Caswell
53e95716f5 Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATED
Introduce use of DECLARE_DEPRECATED

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-12-18 19:57:14 +00:00
Matt Caswell
5bafb04d2e Remove redundant OPENSSL_NO_DEPRECATED suppression
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-12-18 19:57:05 +00:00
Matt Caswell
c0d4390194 Implement internally opaque bn access from dsa
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 21:40:41 +00:00
Dr. Stephen Henson
73e45b2dd1 remove OPENSSL_FIPSAPI
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:25:38 +00:00
Dr. Stephen Henson
fce8311cae remove FIPS module code from crypto/dsa
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:25:38 +00:00