wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10929 commits 20 branches 302 tags 153 MiB
Commit graph

65 commits

Author SHA1 Message Date
Matt Caswell
10621efd32 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:38:39 +00:00
Emilia Kasper
036df29387 Add a comment noting the padding oracle. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 03af843039)
 2014-12-17 14:56:25 +01:00
Emilia Kasper
60b7d3bbb5 Revert "RT3425: constant-time evp_enc" 
Causes more problems than it fixes: even though error codes
are not part of the stable API, several users rely on the
specific error code, and the change breaks them. Conversely,
we don't have any concrete use-cases for constant-time behaviour here.

This reverts commit f2df488a1c.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-12-17 14:56:05 +01:00
Richard Levitte
8202802fad Include "constant_time_locl.h" rather than "../constant_time_locl.h". 
The different -I compiler parameters will take care of the rest...

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-10-15 10:49:35 +02:00
Emilia Kasper
f2df488a1c RT3425: constant-time evp_enc 
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4aac102f75)

Conflicts:
	crypto/evp/evp_enc.c

(cherry picked from commit 738911cde6)
 2014-09-24 16:25:54 +02:00
Dr. Stephen Henson
ecf963b80d make ciphers work again for FIPS builds 2012-04-20 00:07:48 +00:00
Dr. Stephen Henson
143619ccf6 only call FIPS_cipherinit in FIPS mode 2012-04-18 22:41:50 +00:00
Dr. Stephen Henson
8705846710 only cleanup ctx if we need to, save ctx flags when we do 2012-02-10 16:54:56 +00:00
Bodo Möller
93ff4c69f7 Make CTR mode behaviour consistent with other modes: 
clear ctx->num in EVP_CipherInit_ex

Submitted by: Emilia Kasper
 2011-10-13 13:42:29 +00:00
Dr. Stephen Henson
5792219d1d Redirect cipher operations to FIPS module for FIPS builds. 2011-05-29 16:18:38 +00:00
Dr. Stephen Henson
293c58c1e7 Use approved API for EVP digest operations in FIPS builds. 
Call OPENSSL_init() in a few more places to make sure it is always called
at least once.

Initial cipher API redirection (incomplete).
 2011-05-29 15:55:13 +00:00
Dr. Stephen Henson
19043426b9 backport AES EVP ctr mode changes from HEAD 2010-11-17 17:46:23 +00:00
Dr. Stephen Henson
7770da4b41 PR: 2295 
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
 2010-10-11 23:25:23 +00:00
Dr. Stephen Henson
fb24311e7c 'typo' 2010-03-01 01:52:47 +00:00
Dr. Stephen Henson
1700426256 Add missing function EVP_CIPHER_CTX_copy(). Current code uses memcpy() to copy 
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs
who need to duplicate internal handles etc.
 2010-02-07 13:41:23 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Bodo Möller
2e415778f2 Don't use assertions to check application-provided arguments; 
and don't unnecessarily fail on input size 0.
 2008-08-14 21:37:51 +00:00
Dr. Stephen Henson
560b79cbff Constify version strings and some structures. 2007-01-21 13:07:17 +00:00
Dr. Stephen Henson
b40228a61d New functions to support opaque EVP_CIPHER_CTX handling. 2005-12-02 13:46:39 +00:00
Nils Larsch
b554eef43b the final byte of a pkcs7 padded plaintext can never be 0 
Submitted by: K S Sreeram <sreeram@tachyontech.net>
 2005-07-20 22:03:36 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes. 
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
 2005-05-11 03:45:39 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the 
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
 2004-04-19 17:46:04 +00:00
Dr. Stephen Henson
216659eb87 Enhance EVP code to generate random symmetric keys of the 
appropriate form, for example correct DES parity.

Update S/MIME code and EVP_SealInit to use new functions.

PR: 700
 2004-03-28 17:38:00 +00:00
Richard Levitte
2fe9ab8e20 It was pointed out to me that if the requested size is 0, we shouldn't 
ty to allocate anything at all.  This will allow eNULL to still work.

PR: 751
Notified by: Lutz Jaenicke
 2003-12-01 13:25:37 +00:00
Richard Levitte
1145e03870 Check that OPENSSL_malloc() really returned some memory. 
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
 2003-12-01 12:11:55 +00:00
Geoff Thorpe
2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. 
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
 2003-10-29 20:24:15 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:39:26 +00:00
Dr. Stephen Henson
59ae8c9419 EVP_DecryptInit() should call EVP_CipherInit() not EVP_CipherInit_ex(). 2003-01-17 00:48:47 +00:00
Richard Levitte
43d601641f A few more memset()s converted to OPENSSL_cleanse(). 
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
 2002-11-29 11:30:45 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Dr. Stephen Henson
544a2aea4b Zero cipher_data in EVP_CIPHER_CTX_cleanup 
Add cleanup calls to evp_test.c

Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
 2002-05-15 18:49:25 +00:00
Dr. Stephen Henson
3e268d2717 Ensure EVP_CipherInit() uses the correct encode/decode parameter if 
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
 2002-03-16 23:20:05 +00:00
Dr. Stephen Henson
bf6a9e66d6 Make ciphers and digests obtain an ENGINE functional reference 
if impl is explicitly supplied.
 2002-03-09 18:58:05 +00:00
Dr. Stephen Henson
a3829cb720 Updates from stable branch. 2002-02-23 13:50:29 +00:00
Dr. Stephen Henson
581f1c8494 Modify EVP cipher behaviour in a similar way 
to digests to retain compatibility.
 2001-10-17 00:37:12 +00:00
Geoff Thorpe
18eda73234 EVP_EncryptInit_ex() and EVP_DecryptInit_ex() had been defined in evp.h but 
not implemented. (Bug reported by Martin Szotkowski)

This also changes the non-"_ex" versions to defer directly to
EVP_CipherInit_ex() rather than EVP_CipherInit() to avoid an unecessary
level of indirection.
 2001-10-08 17:24:10 +00:00
Dr. Stephen Henson
f329b8d73b Make EVP_DecryptUpdate work again. 2001-10-02 16:19:49 +00:00
Geoff Thorpe
11a57c7be5 This changes EVP's cipher and digest code to hook via the ENGINE support. 
See crypto/engine/README for details.

- it also removes openbsd_hw.c from the build (that functionality is
  going to be available in the openbsd ENGINE in a upcoming commit)

- evp_test has had the extra initialisation added so it will use (if
  possible) any ENGINEs supporting the algorithms required.
 2001-09-25 21:37:02 +00:00
Ben Laurie
82b2230527 Add RC4 support to OpenBSD. 2001-08-18 16:04:36 +00:00
Ben Laurie
0e36019977 Add EVP test program. 2001-08-18 13:53:01 +00:00
Ben Laurie
f0446ca8d7 Move CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids 
problems with leaks and uninitialised structures.
 2001-08-11 11:32:54 +00:00
Ben Laurie
db75357110 Fix memory leak. 2001-08-05 16:13:49 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Dr. Stephen Henson
dc706cd35f Make sure *outl is always initialized in EVP_EncryptUpdate(). 2001-07-27 02:24:47 +00:00
Ben Laurie
c148d70978 A better compromise between encrypt and decrypt (but why isn't it as fast 
for encrypt?).
 2001-07-09 21:00:36 +00:00
Ben Laurie
7b6055d1af Handle the common case first (where input size is a multiple of block size). 
Worth around 5% for encrypt. Slows down decrypt slightly, but I expect to
regain that later.
 2001-07-08 19:42:10 +00:00
Ben Laurie
f31b12503e Use & instead of % - worth about 4% for 8 byte blocks. 2001-07-08 17:27:32 +00:00
Dr. Stephen Henson
f2e5ca84d4 Option to disable standard block padding with EVP API. 
Add -nopad option to enc command.

Update docs.
 2001-02-14 02:11:52 +00:00
Dr. Stephen Henson
49528751b8 More EVP cipher revision. 
Change EVP_SealInit() and EVP_OpenInit() to
handle cipher parameters.

Make it possible to set RC2 and RC5 params.

Make RC2 ASN1 code use the effective key bits
and not the key length.

TODO: document how new API works.
 2000-05-30 18:26:22 +00:00