Commit graph

43 commits

Author SHA1 Message Date
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Emilia Kasper
294d1e36c2 RT3066: rewrite RSA padding checks to be slightly more constant time.
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-24 12:45:42 +02:00
Andy Polyakov
4513b1b641 crypto/rsa/rsa_chk.c: harmonize error codes.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-21 23:05:13 +02:00
Dr. Stephen Henson
0574cadf85 CMS RSA-OAEP and RSA-PSS support.
Extend RSA ASN1 method to support CMS PSS signatures for both sign
and verify.

For signing the EVP_PKEY_CTX parameters are read and the appropriate
CMS structures set up.

For verification the CMS structures are analysed and the corresponding
parameters in the EVP_PKEY_CTX set.

Also add RSA-OAEP support.

For encrypt the EVP_PKEY_CTX parameters are used.

For decrypt the CMS structure is uses to set the appropriate EVP_PKEY_CTX
parameters.
2013-06-21 23:43:05 +01:00
Dr. Stephen Henson
271fef0ef3 Exetended OAEP support.
Extend OAEP support. Generalise the OAEP padding functions to support
arbitrary digests. Extend EVP_PKEY RSA method to handle the new OAEP
padding functions and add ctrls to set the additional parameters.
2013-06-12 18:48:17 +01:00
Bodo Möller
2440d8b1db Fix error codes. 2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
c553721e8b FIPS mode RSA changes:
Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.
2011-01-26 15:37:41 +00:00
Dr. Stephen Henson
1c8d92997d ctrl operations to retrieve RSA algorithm settings 2010-03-11 13:55:18 +00:00
Dr. Stephen Henson
31904ecdf3 RSA PSS verification support including certificates and certificate
requests. Add new ASN1 signature initialisation function to handle this
case.
2010-03-08 18:10:35 +00:00
Ben Laurie
0eab41fb78 If we're going to return errors (no matter how stupid), then we should
test for them!
2008-12-29 16:11:58 +00:00
Ben Laurie
8aa02e97a7 Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
(Coverity ID 135).
2008-12-29 13:35:08 +00:00
Dr. Stephen Henson
4f1aa191b3 Initial support for enveloped data decrypt. Extent runex.pl to cover these
examples. All RFC4134 examples can not be processed.
2008-03-15 23:21:33 +00:00
Dr. Stephen Henson
47a9d527ab Update from 0.9.8 stable. Eliminate duplicate error codes. 2006-11-21 21:29:44 +00:00
Bodo Möller
5e3225cc44 Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
2006-09-28 13:45:34 +00:00
Bodo Möller
2952886010 Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:11 +00:00
Mark J. Cox
b79aa05e3b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:58:03 +00:00
Dr. Stephen Henson
5c95c2ac23 Fix various error codes to match functions. 2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
7f57b076a6 New functions to get key types without dereferncing EVP_PKEY.
More error checking for RSA pmeth.
2006-05-11 21:33:00 +00:00
Dr. Stephen Henson
c927df3fa1 Initial DSA EVP_PKEY_METHOD. Fixup some error codes. 2006-04-12 10:20:47 +00:00
Dr. Stephen Henson
75d44c0452 Store digests as EVP_MD instead of a NID.
Add digest size sanity checks.
2006-04-09 21:24:48 +00:00
Dr. Stephen Henson
b2a97be7f4 Support for digest signing and X931 in rsa_pkey_meth. 2006-04-09 19:17:25 +00:00
Dr. Stephen Henson
448be74335 Initial support for pluggable public key ASN1 support. Process most public
key ASN1 handling through a single EVP_PKEY_ASN1_METHOD structure and move
the spaghetti algorithm specific code to a single ASN1 module for each
algorithm.
2006-03-20 12:22:24 +00:00
Andy Polyakov
d51204f1b1 PSS update [from 0.9.7]. 2005-06-02 18:25:36 +00:00
Dr. Stephen Henson
499fca2db3 Update from 0.9.7-stable. Also repatch and rebuild error codes. 2005-05-28 20:44:02 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes.
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Nils Larsch
800e400de5 some updates for the blinding code; summary:
- possibility of re-creation of the blinding parameters after a
  fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
  are present (see bug report #785)
- improve the performance when if one rsa structure is shared by
  more than a thread (see bug report #555)
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
2005-04-26 22:31:48 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Bodo Möller
24cff6ced5 always reject data >= n 2001-07-25 17:02:58 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Bodo Möller
59fc2b0fc2 Preserve reason strings in automatically build tables. 2000-03-05 00:19:36 +00:00
Dr. Stephen Henson
1c80019a2c Add new sign and verify members to RSA_METHOD and change SSL code to use sign
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
Dr. Stephen Henson
c1cd88a0eb Oops... forgot the other RSA_NULL patches... 1999-09-08 18:19:45 +00:00
Bodo Möller
3a55fc1aab correct error handling
insert spaces in products that occur in error codes
1999-07-12 09:46:34 +00:00
Bodo Möller
03cd49447f New function RSA_check_key,
openssl rsa -check
1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
6d31193858 Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Dr. Stephen Henson
0c8a1281d0 Make RSA_NO_PADDING really use no padding.
Submitted by: Ulf Moeller <ulf@fitug.de>
1999-02-21 17:39:07 +00:00
Ben Laurie
6b056c414d Fix case of new functions in error files. 1999-02-18 18:26:42 +00:00
Ben Laurie
a49498969e Add OAEP. 1999-02-17 21:11:08 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00