wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13366 commits 20 branches 302 tags 153 MiB
Commit graph

333 commits

Author SHA1 Message Date
Rich Salz
8332f91cc0 fix various typo's 
https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-03 08:50:34 -04:00
Dr. Stephen Henson
b6eb9827a6 Add OSSL_NELEM macro. 
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-03 12:53:08 +01:00
Rich Salz
efa7dd6444 free NULL cleanup 11 
Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c free null cleanup finale 
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c free NULL cleanup 7 
This gets BN_.*free:
    BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
    BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free

Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-04-30 21:37:06 -04:00
Rich Salz
b196e7d936 remove malloc casts 
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-04-28 15:28:14 -04:00
Viktor Dukhovni
61986d32f3 Code style: space after 'if' 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-04-16 13:44:59 -04:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant 
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory 
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-03-31 20:16:01 +02:00
Dr. Stephen Henson
9837bfbfc7 make depend 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-25 14:15:00 +00:00
Dr. Stephen Henson
2e43027757 make ASN1_OBJECT opaque 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-03-24 17:35:58 +00:00
Matt Caswell
918bb86529 Unchecked malloc fixes 
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-03-05 09:09:57 +00:00
Rich Salz
c81f425eaa RT937: Enable pilotAttributeType uniqueIdentifier 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-02-12 14:38:31 -05:00
Andy Polyakov
c79e17731f Add more Camellia OIDs. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-02-11 20:28:47 +01:00
Andy Polyakov
849037169d Bring objects.pl output even closer to new format. 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-02-09 15:59:09 +01:00
Andy Polyakov
7ce3862319 Harmonize objects.pl output with new format. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-02-09 09:53:24 +01:00
Rich Salz
5b18d3025c util/mkstack.pl now generates entire safestack.h 
The mkstack.pl script now generates the entire safestack.h file.
It generates output that follows the coding style.
Also, removed all instances of the obsolete IMPLEMENT_STACK_OF
macro.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2015-02-06 10:47:53 -05:00
Dr. Stephen Henson
6922ddee1b Make objxref.pl output in correct format 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-02-04 03:50:09 +00:00
Rich Salz
a00ae6c46e OPENSSL_NO_xxx cleanup: many removals 
The following compile options (#ifdef's) are removed:
    OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
    OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
    OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
    OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY

This diff is big because of updating the indents on preprocessor lines.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-01-27 10:06:22 -05:00
Rich Salz
68b00c2372 ifdef cleanup part 3: OPENSSL_SYSNAME 
Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx
Remove MS_STATIC; it's a relic from platforms <32 bits.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-23 11:58:26 -05:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:09 +00:00
Matt Caswell
3a83462dfe Further comment amendments to preserve formatting prior to source reformat 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-06 15:45:25 +00:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that 
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-30 22:10:26 +00:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 13:23:45 +00:00
Matt Caswell
e6b336efa3 Add EVP support for OCB mode 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:28:34 +00:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-28 18:32:43 -05:00
Dr. Stephen Henson
55f7fb8848 Fix cross reference table generator. 
If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table.
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-13 13:34:42 +00:00
Emilia Kasper
0042fb5fd1 Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 20:36:41 +01:00
Andy Polyakov
d11c70b2c2 Please Clang's sanitizer, addendum. 2014-07-08 23:06:59 +02:00
Dr. Stephen Henson
abac8e0e08 Rebuild OID table. 2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
95791bf941 Fix OID encoding for one component. 
OIDs with one component don't have an encoding.

PR#2556 (Bug#1)
 2014-06-27 14:35:07 +01:00
Rob Stradling
52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Rob Stradling
dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
 2014-02-14 23:24:35 +00:00
Dr. Stephen Henson
7f5fd314c0 Sync OID numbers with 1.0.2 branch. 2013-10-15 11:33:30 +01:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
6af440ced4 Add new OIDs from RFC5753 
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.
 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson
e423c360fd Add new OID to pSpecified from PKCS#1 2013-06-21 21:33:00 +01:00
Andy Polyakov
8a97a33063 Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
Ben Laurie
08e5536445 Fix some clang warnings. 2013-01-13 21:04:39 +00:00
Andy Polyakov
71fa3bc5ec objxref.pl: improve portability. 2012-04-22 21:18:30 +00:00
Dr. Stephen Henson
b36bab7812 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:06:51 +00:00
Dr. Stephen Henson
b333905011 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:25:37 +00:00
Dr. Stephen Henson
afb14cda8c Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
 2011-12-07 00:32:34 +00:00
Dr. Stephen Henson
66bb328e11 ? crypto/aes/aes-armv4.S 
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c	5 Nov 2008 18:38:58 -0000	1.9
+++ crypto/objects/obj_xref.c	6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*pdig_nid = rv->hash_id;
-	*ppkey_nid = rv->pkey_id;
+	if (pdig_nid)
+		*pdig_nid = rv->hash_id;
+	if (ppkey_nid)
+		*ppkey_nid = rv->pkey_id;
 	return 1;
 	}

@@ -144,7 +146,8 @@
 #endif
 	if (rv == NULL)
 		return 0;
-	*psignid = (*rv)->sign_id;
+	if (psignid)
+		*psignid = (*rv)->sign_id;
 	return 1;
 	}

Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c	26 Oct 2007 12:06:33 -0000	1.10
+++ crypto/x509/x509type.c	6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
 		break;
 		}

-	i=X509_get_signature_type(x);
-	switch (i)
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	if (i && OBJ_find_sigid_algs(i, NULL, &i))
 		{
-	case EVP_PKEY_RSA:
-		ret|=EVP_PKS_RSA;
-		break;
-	case EVP_PKEY_DSA:
-		ret|=EVP_PKS_DSA;
-		break;
-	case EVP_PKEY_EC:
-		ret|=EVP_PKS_EC;
-		break;
-	default:
-		break;
+
+		switch (i)
+			{
+		case NID_rsaEncryption:
+		case NID_rsa:
+			ret|=EVP_PKS_RSA;
+			break;
+		case NID_dsa:
+		case NID_dsa_2:
+			ret|=EVP_PKS_DSA;
+			break;
+		case NID_X9_62_id_ecPublicKey:
+			ret|=EVP_PKS_EC;
+			break;
+		default:
+			break;
+			}
 		}

 	if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
 2011-10-06 20:44:02 +00:00
Andy Polyakov
c608171d9c Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. 2011-08-23 20:51:38 +00:00
Dr. Stephen Henson
32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
ff04bbe363 Add PSS algorithm printing. This is an initial step towards full PSS support. 
Uses ASN1 module in Martin Kaiser's PSS patch.
 2010-03-06 19:55:25 +00:00
Dr. Stephen Henson
df4c395c6d add anyExtendedKeyUsage OID 2010-02-24 15:53:58 +00:00
Andy Polyakov
e5a4de9e44 Add assigned OIDs, as well as "anonymous" ones for AES counter mode. 2010-02-23 16:47:17 +00:00