wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11849 commits 20 branches 302 tags 153 MiB
Commit graph

6087 commits

Author SHA1 Message Date
Andy Polyakov
997d1aac7c crypto/modes/gcm128.c: more strict aliasing fixes. 2014-04-06 17:19:54 +02:00
Andy Polyakov
6eebcf3459 vpaes-[x86_64|ppc].pl: fix typo, which for some reason triggers rkhunter. 2014-04-06 12:50:36 +02:00
Eric Young
10378fb5f4 Fix base64 decoding bug. 
A short PEM encoded sequence if passed to the BIO, and the file
had 2 \n following would fail.

PR#3289
 2014-04-02 19:54:27 +01:00
Dr. Stephen Henson
b48310627d Don't try and verify signatures if key is NULL (CVE-2013-0166) 
Add additional check to catch this in ASN1_item_verify too.
(cherry picked from commit 66e8211c0b)
 2014-04-01 16:37:51 +01:00
Dr. Stephen Henson
2514fa79ac Add functions returning security bits. 
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
 2014-03-28 14:49:04 +00:00
Dr. Stephen Henson
3a98f9cf20 Workaround for some CMS signature formats. 
Some CMS SignedData structure use a signature algorithm OID such
as SHA1WithRSA instead of the RSA algorithm OID. Workaround this
case by tolerating the signature if we recognise the OID.
 2014-03-19 17:28:01 +00:00
Dr. Stephen Henson
f9b6c0ba4c Fix for CVE-2014-0076 
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be3483)

Conflicts:

	CHANGES
 2014-03-12 14:29:43 +00:00
Andy Polyakov
5e44c144e6 SPARC T4 assembly pack: treat zero input length in CBC. 
The problem is that OpenSSH calls EVP_Cipher, which is not as
protective as EVP_CipherUpdate. Formally speaking we ought to
do more checks in *_cipher methods, including rejecting
lengths not divisible by block size (unless ciphertext stealing
is in place). But for now I implement check for zero length in
low-level based on precedent.

PR: 3087, 2775
 2014-03-07 10:30:37 +01:00
Andy Polyakov
53e5161231 dh_check.c: check BN_CTX_get's return value. 2014-03-06 14:19:37 +01:00
Andy Polyakov
972b0dc350 bss_dgram.c,d1_lib.c: make it compile with mingw. 
Submitted by: Roumen Petrov
 2014-03-06 14:04:56 +01:00
Dr. Stephen Henson
315cd871c4 For self signed root only indicate one error. 
(cherry picked from commit bdfc0e284c)
 2014-03-03 23:36:46 +00:00
Dr. Stephen Henson
5693a30813 PKCS#8 support for alternative PRFs. 
Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
(cherry picked from commit b60272b01f)
 2014-03-01 23:16:08 +00:00
Dr. Stephen Henson
01757858fe Fix memory leak. 
(cherry picked from commit 124d218889)
 2014-03-01 23:15:53 +00:00
Andy Polyakov
b62a4a1c0e perlasm/x86asm.pl: recognize elf-1 denoting old ELF platforms. 2014-02-27 14:26:12 +01:00
Andy Polyakov
ce876d8316 perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. 2014-02-27 14:22:13 +01:00
Andy Polyakov
f861b1d433 rc4/asm/rc4-586.pl: allow for 386-only build. 2014-02-27 14:19:19 +01:00
Andy Polyakov
fd361a67ef des/asm/des-586.pl: shortcut reference to DES_SPtrans. 2014-02-27 14:17:43 +01:00
Rob Stradling
52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Andy Polyakov
d49135e7ea sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. 2014-02-26 10:22:13 +01:00
Andy Polyakov
147cca8f53 sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. 2014-02-26 09:30:03 +01:00
Andy Polyakov
e704741bf3 aes/asm/vpaes-ppc.pl: fix traceback info. 2014-02-25 20:11:34 +01:00
Dr. Stephen Henson
e0520c65d5 Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. 
(cherry picked from commit 3678161d71)
 2014-02-25 15:06:51 +00:00
Dr. Stephen Henson
3a325c60a3 Fix for v3_scts.c 
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
(cherry picked from commit 6634416732)
 2014-02-25 14:56:31 +00:00
Dr. Stephen Henson
a4cc3c8041 Avoid Windows 8 Getversion deprecated errors. 
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
 2014-02-25 13:40:33 +00:00
Rob Stradling
19f65ddbab Parse non-v1 SCTs less awkwardly. 2014-02-25 10:14:51 +00:00
Andy Polyakov
758954e0d8 x509/by_dir.c: fix run-away pointer (and potential SEGV) 
when adding duplicates in add_cert_dir.

PR: 3261
Reported by: Marian Done
 2014-02-24 15:16:56 +01:00
Andy Polyakov
214368ffee aes/asm/aesni-x86[_64].pl: minor Atom-specific performance tweak. 2014-02-21 12:14:04 +01:00
Dr. Stephen Henson
47739161c6 fix WIN32 warnings 
(cherry picked from commit b709f8ef54)
 2014-02-20 22:55:24 +00:00
Dr. Stephen Henson
ded18639d7 Move CT viewer extension code to crypto/x509v3 2014-02-20 18:48:56 +00:00
Dr. Stephen Henson
4cfeb00be9 make depend 2014-02-19 20:09:08 +00:00
Dr. Stephen Henson
84917787b5 Remove references to o_time.h 2014-02-19 20:06:13 +00:00
Ben Laurie
ff49a94439 Move gmtime functions to crypto.h. 2014-02-19 18:02:04 +00:00
Ben Laurie
c0482547b3 Reverse export of o_time.h. 2014-02-19 17:57:07 +00:00
Ben Laurie
765e9ba911 Merge branch 'sct-viewer-master' of https://github.com/robstradling/openssl into sct-viewer 2014-02-19 17:17:14 +00:00
Rob Stradling
b263f21246 Move the SCT List extension parser into libssl. 
Add the extension parser in the s_client, ocsp and x509 apps.
 2014-02-19 13:12:46 +00:00
Dr. Stephen Henson
6ecbc2bb62 Don't use CRYPTO_AES_CTR if it isn't defined. 2014-02-18 22:20:30 +00:00
Dr. Stephen Henson
5a7652c3e5 Remove duplicate statement. 2014-02-15 01:27:56 +00:00
Klaus-Peter Junghanns
be2c4d9bd9 Add support for aes-128/192/256-ctr to the cryptodev engine. 
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.
 2014-02-15 00:01:40 +00:00
Rob Stradling
dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
 2014-02-14 23:24:35 +00:00
Scott Schaefer
2b4ffc659e Fix various spelling errors 2014-02-14 22:29:12 +00:00
Andy Polyakov
701134320a ssl/s3_pkt.c: detect RAND_bytes error in multi-block. 2014-02-14 17:43:31 +01:00
Andy Polyakov
f4d456408d x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:24:12 +01:00
Andy Polyakov
5599c7331b aes/asm/aesni-x86_64.pl: further optimization for Atom Silvermont. 
Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33%
improvement over "pre-Silvermont" version. [Add performance table to
aesni-x86.pl].
 2014-02-14 17:06:15 +01:00
Dr. Stephen Henson
385b348666 Include TA in checks/callback with partial chains. 
When a chain is complete and ends in a trusted root checks are also
performed on the TA and the callback notified with ok==1. For
consistency do the same for chains where the TA is not self signed.
 2014-02-14 15:07:01 +00:00
Dr. Stephen Henson
2dac2667d1 Don't do loop detection for self signed check. 2014-02-14 14:52:23 +00:00
Dr. Stephen Henson
847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Andy Polyakov
9587429fa0 evp/e_aes_cbc_hmac_sha*.c: improve cache locality. 2014-02-13 14:39:55 +01:00
Andy Polyakov
98e143f118 ghash-x86[_64].pl: ~15% improvement on Atom Silvermont 
(other processors unaffected).
 2014-02-13 14:37:28 +01:00
Ben Laurie
fc92396976 Fix warning. 2014-02-13 03:11:58 +00:00
Andy Polyakov
5a42c8f07f e_aes_cbc_hmac_sha[1|256].c: fix compiler warning. 2014-02-05 16:38:22 +01:00