wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10635 commits 20 branches 302 tags 153 MiB
Commit graph

5473 commits

Author SHA1 Message Date
Dr. Stephen Henson
a6c62f0c25 Ignore NULL parameter in EVP_MD_CTX_destroy. 2013-12-20 22:52:41 +00:00
Andy Polyakov
2ec4181ba9 sha512.c: fullfull implicit API contract in SHA512_Transform. 
SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.
(cherry picked from commit cdd1acd788)
 2013-12-18 23:03:03 +01:00
Dr. Stephen Henson
f1068a1ab7 Get FIPS checking logic right. 
We need to lock when *not* in FIPS mode.
(cherry picked from commit 57c4e42d75)
 2013-12-10 12:54:55 +00:00
Dr. Stephen Henson
60df657b3a make update 2013-12-08 13:23:14 +00:00
Dr. Stephen Henson
17a2d0801f Avoid multiple locks in FIPS mode. 
PR: 3176.

In FIPS mode ssleay_rand_bytes is only used for PRNG seeding and is
performed in either a single threaded context (when the PRNG is first
initialised) or under a lock (reseeding). To avoid multiple locks disable
use of CRYPTO_LOCK_RAND in FIPS mode in ssleay_rand_bytes.
(cherry picked from commit 53142f72c9b9c9bad2f39ca6200a4f04f5c8001c)
 2013-12-08 13:23:14 +00:00
Andy Polyakov
accb3007ac bn/asm/x86_64-mont5.pl: comply with Win64 ABI. 
PR: 3189
Submitted by: Oscar Ciurana
(cherry picked from commit c5d5f5bd0f)
 2013-12-04 00:03:46 +01:00
Andy Polyakov
4ade6a8ca4 srp/srp_grps.h: make it Compaq C-friendly. 
PR: 3165
Submitted by: Daniel Richard G.
(cherry picked from commit 2df9ec01d5)
(cherry picked from commit 0de70011ad)
 2013-11-12 22:20:45 +01:00
Andy Polyakov
00fadef414 modes/asm/ghash-alpha.pl: update from HEAD. 
PR: 3165
(cherry picked from commit 220d1e5353)
 2013-11-12 22:01:31 +01:00
Andy Polyakov
7ed244a0b3 Make Makefiles OSF-make-friendly. 
PR: 3165
(cherry picked from commit d1cf23ac86)
 2013-11-12 22:01:20 +01:00
Dr. Stephen Henson
e94a23876c Fix memory leak. 
(cherry picked from commit 16bc45ba95)
 2013-11-11 23:55:40 +00:00
Dr. Stephen Henson
0ec1a77891 Check for missing components in RSA_check. 
(cherry picked from commit 01be36ef70525e81fc358d2e559bdd0a0d9427a5)
 2013-11-09 15:09:21 +00:00
Andy Polyakov
9abbf5cce7 modes/asm/ghash-alpha.pl: make it work with older assembler. 
PR: 3165
(cherry picked from commit d24d1d7daf)
 2013-11-08 23:09:13 +01:00
Dr. Stephen Henson
834d30bc63 Initialise context before using it. 
(cherry picked from commit a4947e4e06)
 2013-11-06 13:19:23 +00:00
Ben Laurie
e26faa9e0c PBKDF2 should be efficient. Contributed by Christian Heimes 
<christian@python.org>.
 2013-11-03 17:33:54 +00:00
Robin Seggelmann
44f4934bde DTLS/SCTP struct authchunks Bug 
PR: 2809

DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH.  It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
(cherry picked from commit f596e3c491)
(cherry picked from commit b814081136)
 2013-11-01 22:44:06 +00:00
Andy Polyakov
68dd8512b7 MIPS assembly pack: get rid of deprecated instructions. 
Latest MIPS ISA specification declared 'branch likely' instructions
obsolete. To makes code future-proof replace them with equivalent.
(cherry picked from commit 0c2adb0a9b)
 2013-10-13 13:19:12 +02:00
Andy Polyakov
bbf9f3c654 aes/asm/bsaes-x86_64.pl: update from master. 
Performance improvement and Windows-specific bugfix (PR#3139).
(cherry picked from commit 9ed6fba2b4)
 2013-10-12 21:50:15 +02:00
Andy Polyakov
eb22b7ec75 evp/e_des3.c: fix typo with potential integer overflow on 32-bit platforms. 
Submitted by: Yuriy Kaminskiy
(cherry picked from commit 524b00c0da)

Resolved conflicts:

	crypto/evp/e_des3.c
 2013-10-03 11:11:44 +02:00
Ben Laurie
b93916149d Constification. 2013-10-01 14:53:18 +01:00
Dr. Stephen Henson
82f42a1d2e Typo. 
(cherry picked from commit 415ece7301)
 2013-09-30 14:20:42 +01:00
Dr. Stephen Henson
a4870de5aa Disable Dual EC DRBG. 
Return an error if an attempt is made to enable the Dual EC DRBG: it
is not used by default.
 2013-09-22 18:24:12 +01:00
Dr. Stephen Henson
39aabe59c8 Fix warning. 2013-09-22 18:24:12 +01:00
Ben Laurie
d5bff72615 Remove AVX and VIS3 support. 2013-09-16 15:05:21 +01:00
Andy Polyakov
3b4be0018b gcm128.c: update from master (add AVX and VIS3 support). 2013-09-16 14:14:56 +01:00
Andy Polyakov
125c2ed8a3 crypto/modes: even more strict aliasing fixes [and fix bug in cbc128.c from 
previous cbc128.c commit].
 2013-09-16 14:12:25 +01:00
Andy Polyakov
09da95542a cbc128.c: fix strict aliasing warning. 2013-09-16 14:11:53 +01:00
Bodo Moeller
0aeeae0c9c Fix overly lenient comparisons: 
- EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
 2013-09-16 13:09:27 +02:00
Andy Polyakov
00c991f028 crypto/armcap.c: fix typo in rdtsc subroutine. 
PR: 3125
Submitted by: Kyle McMartin
(cherry picked from commit 8e52a9063a)
 2013-09-15 22:11:34 +02:00
Dr. Stephen Henson
7cf0529b52 Fix verify loop with CRL checking. 
PR #3090
Reported by: Franck Youssef <fry@open.ch>

If no new reason codes are obtained after checking a CRL exit with an
error to avoid repeatedly checking the same CRL.

This will only happen if verify errors such as invalid CRL scope are
overridden in a callback.
(cherry picked from commit 4b26645c1a)
 2013-08-06 16:08:09 +01:00
Kaspar Brand
6c03af135b Fix for PEM_X509_INFO_read_bio. 
PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.
(cherry picked from commit 5ae8d6bcba)
 2013-08-06 16:05:19 +01:00
Andy Polyakov
5cd1aa4f15 crypto/evp/e_aes.c: fix logical pre-processor bug and formatting. 
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
(cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa)
 2013-08-03 17:08:43 +02:00
Andy Polyakov
04b80f4003 crypto/sha/asm/sha1-x86_64.pl: comply with Win64 ABI. 2013-07-31 23:53:49 +02:00
Andy Polyakov
cd2693862b PA-RISC assembler pack: switch to bve in 64-bit builds. 
PR: 3074
(cherry picked from commit 02450ec69d)
 2013-06-30 23:15:53 +02:00
Dr. Stephen Henson
cdb6c48445 Don't use RC2 with PKCS#12 files in FIPS mode. 2013-05-30 21:39:50 +01:00
Dr. Stephen Henson
04b727b4dd Fix PSS signature printing. 
Fix PSS signature printing: consistently use 0x prefix for hex values for
padding length and trailer fields.
(cherry picked from commit deb24ad53147f5a8dd63416224a5edd7bbc0e74a)
 2013-05-05 14:03:30 +01:00
Dr. Stephen Henson
cbd93a0636 Reencode with X509_CRL_ctx_sign too. 
(cherry picked from commit 96940f4f2d0300c033379a87db0ff19e598c6264)
 2013-05-03 13:06:18 +01:00
Dr. Stephen Henson
b9e84f007f Reencode certificates in X509_sign_ctx. 
Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
(cherry picked from commit c6d8adb8a4)
 2013-05-02 12:24:56 +01:00
Andy Polyakov
29a546720b crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on ARMv7. 
While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. Side effect is that kernel
goes into endless loop retrying same instruction triggering unaligned trap.
Problem was observed in xts128.c and ccm128.c modules. It's possible to
resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT
be feels more appropriate.
(cherry picked from commit 3bdd80521a)
 2013-04-13 21:19:31 +02:00
Dr. Stephen Henson
79dabcc137 Typo. 
(cherry picked from commit 0ded2a0689)
 2013-03-31 17:43:58 +01:00
Matt Caswell
03e1b3a153 Make binary curve ASN.1 work in FIPS mode. 
Don't check for binary curves by checking methods: the values will
be different in FIPS mode as they are redirected to the validated module
version.
(cherry picked from commit 94782e0e9c)
 2013-03-26 16:58:40 +00:00
Andy Polyakov
96b680f210 x86cpuid.pl: make it work with older CPUs. 
PR: 3005
(cherry picked from commit 5702e965d7)
 2013-03-18 19:50:23 +01:00
Andy Polyakov
9ab3ce1246 e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. 
PR: 3002
(cherry picked from commit 5c60046553)
 2013-03-18 19:35:48 +01:00
Dr. Stephen Henson
85615e33e5 Encode INTEGER correctly. 
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c)
 2013-03-18 14:21:56 +00:00
Andy Polyakov
bca0d7fdb5 x86_64-gf2m.pl: fix typo. 
(cherry picked from commit 342dbbbe4e)
 2013-03-01 22:38:11 +01:00
Andy Polyakov
bc4ae2cb0b x86_64-gf2m.pl: add missing Windows build fix for #2963. 
PR: 3004
(cherry picked from commit 7c43601d44)
 2013-03-01 21:58:08 +01:00
Andy Polyakov
ef4b9f001a bn_nist.c: cumulative update from master. 
PR: 2981, 2837
 2013-02-16 11:40:35 +01:00
Dr. Stephen Henson
3151e328e0 prepare for next version 2013-02-11 16:14:11 +00:00
Dr. Stephen Henson
f66db68e1f prepare for release 2013-02-11 11:57:46 +00:00
Andy Polyakov
1113fc31ba sparccpuid.S: work around emulator bug on T1. 
(cherry picked from commit 3caeef94bd)
 2013-02-11 10:41:57 +01:00
Andy Polyakov
13e225300f e_aes_cbc_hmac_sha1.c: fine-tune cache line alignment. 
With previous commit it also ensures that valgrind is happy.
 2013-02-08 09:45:09 +01:00
Andy Polyakov
746c6f3a53 e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. 2013-02-07 23:04:31 +01:00
Dr. Stephen Henson
41cf07f0ec prepare for next version 2013-02-06 02:26:24 +00:00
Dr. Stephen Henson
f9f6a8f96c Prepare for release. 2013-02-04 22:40:10 +00:00
Dr. Stephen Henson
0d589ac150 make update 2013-02-04 21:29:41 +00:00
Andy Polyakov
529d27ea47 e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. 2013-02-03 20:04:39 +01:00
Andy Polyakov
b2226c6c83 bn_word.c: fix overflow bug in BN_add_word. 
(cherry picked from commit 134c00659a)
 2013-02-02 22:39:00 +01:00
Andy Polyakov
024de2174b x86_64 assembly pack: keep making Windows build more robust. 
PR: 2963 and a number of others
(cherry picked from commit 4568182a8b)
 2013-02-02 22:26:20 +01:00
Andy Polyakov
125093b59f e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. 
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
 2013-02-02 19:35:09 +01:00
Dr. Stephen Henson
62e4506a7d Don't try and verify signatures if key is NULL (CVE-2013-0166) 
Add additional check to catch this in ASN1_item_verify too.
 2013-01-29 16:49:24 +00:00
Ben Laurie
e130841bcc Make CBC decoding constant time. 
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.

This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.

In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
 2013-01-28 17:31:49 +00:00
Ben Laurie
2ee798880a Add and use a constant-time memcmp. 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
 2013-01-28 17:30:38 +00:00
Dr. Stephen Henson
ffcf4c6164 Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set 2013-01-23 01:07:23 +00:00
Andy Polyakov
b286a96811 x86_64 assembly pack: make Windows build more robust [from master]. 
PR: 2963 and a number of others
 2013-01-22 22:54:04 +01:00
Andy Polyakov
2a2df2e9f2 bn/asm/mips.pl: hardwire local call to bn_div_words. 2013-01-22 21:16:51 +01:00
Dr. Stephen Henson
15481c5e42 Don't include comp.h if no-comp set. 2013-01-20 01:10:52 +00:00
Ben Laurie
72f27cd2df Fix some clang warnings. 2013-01-14 00:22:28 +00:00
Dr. Stephen Henson
51447d5db5 In FIPS mode use PKCS#8 format when writing private keys: 
traditional format uses MD5 which is prohibited in FIPS mode.
 2013-01-07 16:19:28 +00:00
Dr. Stephen Henson
fca84dabe6 make no-comp compile 2012-12-30 16:05:11 +00:00
Dr. Stephen Henson
dd83cc298d Fix two bugs which affect delta CRL handling: 
Use -1 to check all extensions in CRLs.
Always set flag for freshest CRL.
 2012-12-06 18:25:03 +00:00
Andy Polyakov
ea00598596 aes-s390x.pl: fix XTS bugs in z196-specific code path [from HEAD]. 2012-12-05 17:45:24 +00:00
Andy Polyakov
7dc98a62b2 aes-s389x.pl: harmonize software-only code path [from HEAD]. 2012-12-01 11:11:12 +00:00
Dr. Stephen Henson
f20ba1c9bb PR: 2803 
Submitted by: jean-etienne.schwartz@bull.net

In OCSP_basic_varify return an error if X509_STORE_CTX_init fails.
 2012-11-29 19:15:36 +00:00
Dr. Stephen Henson
96f7fafa24 Don't require tag before ciphertext in AESGCM mode 2012-10-16 22:46:40 +00:00
Bodo Möller
09ef5f6258 Fix EC_KEY initialization race. 
Submitted by: Adam Langley
 2012-10-05 20:51:12 +00:00
Bodo Möller
bcc0e4ca7c Fix Valgrind warning. 
Submitted by: Adam Langley
 2012-09-24 19:49:42 +00:00
Bodo Möller
c3a5b7b82a Fix warning. 
Submitted by: Chromium Authors
 2012-09-17 17:24:44 +00:00
Andy Polyakov
bc78883017 e_aes.c: uninitialized variable in aes_ccm_init_key [from HEAD]. 
PR: 2874
Submitted by: Tomas Mraz
 2012-09-15 08:46:31 +00:00
Andy Polyakov
554cf97f03 bn_lcl.h: gcc removed support for "h" constraint, which broke inline 
assembler [from HEAD].
 2012-09-01 13:23:05 +00:00
Dr. Stephen Henson
7a217076d9 PR: 2786 
Reported by: Tomas Mraz <tmraz@redhat.com>

Treat a NULL value passed to drbg_free_entropy callback as non-op. This
can happen if the call to fips_get_entropy fails.
 2012-08-22 22:42:04 +00:00
Andy Polyakov
0720bf7df1 sha1-armv4-large.pl: comply with ABI [from HEAD]. 2012-08-17 19:59:49 +00:00
Andy Polyakov
9d6727781d aes-mips.pl: harmonize with fips module. 
PR: 2863
Submitted by: Duane Sand
 2012-08-17 09:02:40 +00:00
Andy Polyakov
78d767f5ec gcm128.c: fix AAD-only case with AAD length not divisible by 16 [from HEAD]. 
PR: 2859
Submitted by: John Foley
 2012-08-13 15:32:18 +00:00
Richard Levitte
c8b979e929 Add evp_cnf in the build. 2012-07-05 12:58:27 +00:00
Richard Levitte
efa288ceac Have the new names start in column 48, that makes it easy to see when 
the 31 character limit is reached (on a 80 column display, do the math)
 2012-07-05 09:00:49 +00:00
Richard Levitte
ad3bbd4a16 Cosmetics: remove duplicate symbol in crypto/symhacks.h 2012-07-05 08:49:30 +00:00
Dr. Stephen Henson
73913443a5 add missing evp_cnf.c file 2012-07-04 13:14:11 +00:00
Dr. Stephen Henson
e133ff7190 PR: 2840 
Reported by: David McCullough <david_mccullough@mcafee.com>

Restore fips configuration module from 0.9.8.
 2012-07-03 20:16:30 +00:00
Ben Laurie
4dc40f5eec Unused variable. 2012-07-01 16:04:12 +00:00
Andy Polyakov
a1a37575f0 bss_dgram.c: fix typos in Windows code. 2012-07-01 09:12:14 +00:00
Andy Polyakov
e1e882a368 x86_64 assembly pack: make it possible to compile with Perl located 
on path with spaces [from HEAD].

PR: 2835
 2012-06-27 12:58:03 +00:00
Andy Polyakov
7655044dd3 bss_dgram.c: fix bugs [from HEAD]. 
PR: 2833
 2012-06-19 12:36:00 +00:00
Dr. Stephen Henson
58fdd30664 revert more "version skew" changes that break FIPS builds 2012-06-10 23:01:28 +00:00
Dr. Stephen Henson
7175dbaeba Revert "version skew" patches that break FIPS compilation. 2012-06-09 23:35:34 +00:00
Ben Laurie
af454b5bb0 Reduce version skew. 2012-06-08 09:18:47 +00:00
Andy Polyakov
6321ac9e15 ppccap.c: assume no features under 32-bit AIX kernel [from HEAD]. 
PR: 2810
 2012-05-16 18:18:29 +00:00
Dr. Stephen Henson
eeca72f71e PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:52:46 +00:00
Dr. Stephen Henson
d9c34505e5 prepare for next version 2012-05-10 16:02:30 +00:00
Dr. Stephen Henson
f9885acc8c prepare for 1.0.1c release 2012-05-10 15:16:37 +00:00
Dr. Stephen Henson
5b9d0995a1 Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:34:22 +00:00
Andy Polyakov
c9b31189a9 ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more... [from HEAD].
PR: 2794
Submitted by: Ashley Lai
 2012-04-27 20:20:15 +00:00
Dr. Stephen Henson
c940e07014 prepare for next version 2012-04-26 12:01:38 +00:00
Dr. Stephen Henson
88be4ebfbc make update 2012-04-26 10:42:20 +00:00
Dr. Stephen Henson
effa47b80a prepare for 1.0.1b release 2012-04-26 10:40:39 +00:00
Dr. Stephen Henson
2f2d33f470 correct error code 2012-04-22 13:31:26 +00:00
Andy Polyakov
0d829f6681 e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted. 
PR: 2797, 2792
 2012-04-20 21:45:17 +00:00
Dr. Stephen Henson
d9540579c5 call OPENSSL_init when calling FIPS_mode too 2012-04-20 14:42:54 +00:00
Dr. Stephen Henson
ecf963b80d make ciphers work again for FIPS builds 2012-04-20 00:07:48 +00:00
Andy Polyakov
7fc6d35be0 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms 
[from HEAD].
PR: 2792
 2012-04-19 20:43:02 +00:00
Dr. Stephen Henson
e7d2a37158 update for next version 2012-04-19 16:53:43 +00:00
Dr. Stephen Henson
531c6fc8f3 prepare for 1.0.1a release 2012-04-19 12:17:19 +00:00
Dr. Stephen Henson
8d5505d099 Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 12:13:59 +00:00
Dr. Stephen Henson
143619ccf6 only call FIPS_cipherinit in FIPS mode 2012-04-18 22:41:50 +00:00
Andy Polyakov
9f339d75b5 e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. 
PR: 2792
 2012-04-18 17:51:33 +00:00
Andy Polyakov
32e12316e5 OPENSSL_NO_SOCK fixes [from HEAD]. 
PR: 2791
Submitted by: Ben Noordhuis
 2012-04-16 17:43:15 +00:00
Andy Polyakov
ad7b24f145 Minor compatibility fixes [from HEAD]. 
PR: 2790
Submitted by: Alexei Khlebnikov
 2012-04-16 17:36:12 +00:00
Andy Polyakov
371056f2b9 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:03 +00:00
Andy Polyakov
2d613908e8 s390x asm pack: fix typos. 2012-04-12 06:47:01 +00:00
Dr. Stephen Henson
18fb1fae08 oops, macro not present in OpenSSL 1.0.2 2012-04-11 15:11:16 +00:00
Dr. Stephen Henson
39ef161c72 fix reset fix 2012-04-11 15:05:45 +00:00
Dr. Stephen Henson
a7612c5066 make reinitialisation work for CMAC 2012-04-11 12:26:13 +00:00
Andy Polyakov
ebe81134c0 aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build [from HEAD]. 2012-04-09 15:12:45 +00:00
Andy Polyakov
a1d573e282 aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. 2012-04-05 08:31:37 +00:00
Andy Polyakov
e959e24b47 aes-s390x.pl: fix endless loop in linux32-s390x build. 2012-04-05 08:17:21 +00:00
Andy Polyakov
9bf5fd894f modes_lcl.h: make it work on i386 [from HEAD]. 
PR: 2780
 2012-03-31 17:03:54 +00:00
Andy Polyakov
6296729fae vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt [from HEAD]. 
PR: 2775
 2012-03-31 16:55:18 +00:00
Andy Polyakov
0a5575f3f6 bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND [from HEAD]. 2012-03-30 17:40:52 +00:00
Andy Polyakov
8c67b13407 perlasm/x86masm.pl: fix last fix [from HEAD]. 2012-03-29 18:11:21 +00:00
Andy Polyakov
2a477ccf0b ans1/tasn_prn.c: avoid bool in variable names [from HEAD]. 
PR: 2776
 2012-03-29 17:48:43 +00:00
Dr. Stephen Henson
c34137bef9 fix leak 2012-03-22 16:28:51 +00:00
Dr. Stephen Henson
914d91c5b3 Submitted by: Markus Friedl <mfriedl@gmail.com> 
Fix memory leaks in 'goto err' cases.
 2012-03-22 15:43:19 +00:00
Dr. Stephen Henson
e733dea3ce update version to 1.0.1a-dev 2012-03-22 15:18:19 +00:00
Andy Polyakov
d68d160cb7 bsaes-x86_64.pl: optimize key conversion [from HEAD]. 2012-03-16 21:45:51 +00:00
Dr. Stephen Henson
f3dcae15ac prepare for 1.0.1 release 2012-03-14 12:04:40 +00:00
Andy Polyakov
bcf9cf89e7 x86_64-xlate.pl: remove old kludge. 
PR: 2435,2440
 2012-03-13 19:19:31 +00:00
Dr. Stephen Henson
f0729fc3e0 corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 16:29:47 +00:00
Dr. Stephen Henson
8186c00ef3 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:27:50 +00:00
Dr. Stephen Henson
66fdb1c0d4 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:02:51 +00:00
Dr. Stephen Henson
25bfdca16a PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:47:27 +00:00
Richard Levitte
70505bc334 For OpenVMS, use inttypes.h instead of stdint.h 2012-03-01 21:29:16 +00:00
Dr. Stephen Henson
a8595879ec PR: 2742 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
 2012-02-29 14:01:53 +00:00
Dr. Stephen Henson
33a688e806 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:16 +00:00
Andy Polyakov
5c2bfad9b4 x86cpuid.pl: fix processor capability detection on pre-586 [from HEAD]. 2012-02-28 14:20:34 +00:00
Dr. Stephen Henson
250f979237 PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:18 +00:00
Dr. Stephen Henson
b527b6e8ff PR: 2737 
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Fix double free in PKCS12_parse if we run out of memory.
 2012-02-27 16:46:45 +00:00
Dr. Stephen Henson
4ed1f3490e PR: 2735 
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
 2012-02-27 16:33:25 +00:00
Dr. Stephen Henson
0a082e9b37 free headers after use in error message 2012-02-27 16:27:09 +00:00
Dr. Stephen Henson
236a99a409 Detect symmetric crypto errors in PKCS7_decrypt. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-27 15:22:54 +00:00
Andy Polyakov
37ebc20093 seed.c: Solaris portability fix from HEAD. 2012-02-26 21:53:28 +00:00
Dr. Stephen Henson
cef781cc87 PR: 2730 
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

VMS fixes: disable SCTP by default.
 2012-02-25 17:58:03 +00:00
Dr. Stephen Henson
08e4c7a967 correct CHANGES 2012-02-23 22:13:59 +00:00