wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12449 commits 20 branches 302 tags 153 MiB
Commit graph

6353 commits

Author SHA1 Message Date
Scott Schaefer
d4a4370050 RT 2517: Various typo's. 
Reviewed-by: Emilia Kasper

Many of these were already fixed, this catches the last
few that were missed.
 2014-08-11 13:43:31 -04:00
Rich Salz
f642ebc1e2 Undo a90081576c 
Undo unapproved commit that removed DJGPP and WATT32
 2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c Remove DJGPP (and therefore WATT32) #ifdef's. 
DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.
 2014-08-08 16:54:14 -04:00
Dr. Stephen Henson
4a23b12a03 Fix SRP buffer overrun vulnerability. 
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
 2014-08-06 20:36:41 +01:00
Emilia Kasper
0042fb5fd1 Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 20:36:41 +01:00
Bodo Moeller
0fe73d6c36 Simplify and fix ec_GFp_simple_points_make_affine 
(which didn't always handle value 0 correctly).

Reviewed-by: emilia@openssl.org
 2014-08-01 17:18:14 +02:00
Billy Brumley
cba11f57ce "EC_POINT_invert" was checking "dbl" function pointer instead of "invert". 
PR#2569

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-07-21 22:18:40 +01:00
Andy Polyakov
5c3598307e sha1-ppc.pl: shave off one cycle from BODY_20_39 
and improve performance by 10% on POWER[78].

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-07-21 15:29:09 +02:00
Andy Polyakov
0e716d9207 Engage GHASH for PowerISA 2.0.7. 
[and split ppccap.c to ppccap.c and ppc_arch.h]

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:16:31 +02:00
Andy Polyakov
f5b798f50c Add GHASH for PowerISA 2.0.7. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:14:26 +02:00
Dr. Stephen Henson
03c075e572 Windows build fixes. 
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-19 22:57:37 +01:00
Dr. Stephen Henson
d31fed73e2 RFC 5649 support. 
Add support for RFC5649 key wrapping with padding.

Add RFC5649 tests to evptests.txt

Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.

EVP support and minor changes added by Stephen Henson.

Doxygen comment block updates by Tim Hudson.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67 Make *Final work for key wrap again. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501 Sanity check lengths for AES wrap algorithm. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-17 12:57:40 +01:00
Andy Polyakov
e91718e80d Revert "Add GHASH for PowerISA 2.07." 
This reverts commit 927f2e5dea.
 2014-07-16 13:38:15 +02:00
Andy Polyakov
6cd13f70bb Revert "Engage GHASH for PowerISA 2.07." 
This reverts commit 14aaf883d9.
 2014-07-16 13:37:37 +02:00
Andy Polyakov
14aaf883d9 Engage GHASH for PowerISA 2.07. 2014-07-16 08:03:34 +02:00
Andy Polyakov
927f2e5dea Add GHASH for PowerISA 2.07. 2014-07-16 08:01:41 +02:00
Matt Caswell
f8571ce822 Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data. 
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415
 2014-07-13 22:17:39 +01:00
Richard Levitte
8b5dd34091 * crypto/ui/ui_lib.c: misplaced brace in switch statement. 
Detected by dcruette@qualitesys.com
 2014-07-13 19:11:46 +02:00
Ben Laurie
c1d1b0114e Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). 2014-07-10 17:49:02 +01:00
Matt Caswell
66816c53be Fix memory leak in BIO_free if there is no destroy function. 
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439
 2014-07-09 23:29:17 +01:00
Andy Polyakov
1b0fe79f3e x86_64 assembly pack: improve masm support. 2014-07-09 20:08:01 +02:00
Andy Polyakov
d11c70b2c2 Please Clang's sanitizer, addendum. 2014-07-08 23:06:59 +02:00
Andy Polyakov
021e5043e5 Please Clang's sanitizer. 
PR: #3424,#3423,#3422
 2014-07-08 22:24:44 +02:00
Andy Polyakov
07b635cceb sha[1|512]-x86_64.pl: fix logical errors with $shaext=0. 2014-07-07 17:01:07 +02:00
David Lloyd
9d23f422a3 Prevent infinite loop loading config files. 
PR#2985
 2014-07-07 13:19:57 +01:00
Viktor Dukhovni
297c67fcd8 Update API to use (char *) for email addresses and hostnames 
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
 2014-07-07 19:11:38 +10:00
Dr. Stephen Henson
5ecf1141a5 Sanity check keylength in PVK files. 
PR#2277
 2014-07-06 00:36:16 +01:00
Andy Polyakov
7eb9680ae1 sha512-x86_64.pl: fix typo. 
PR: #3431
 2014-07-05 23:59:57 +02:00
Alan Hryngle
fdea4fff8f Return smaller of ret and f. 
PR#3418.
 2014-07-05 22:37:41 +01:00
Viktor Dukhovni
ced3d9158a Set optional peername when X509_check_host() succeeds. 
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.
 2014-07-06 01:50:50 +10:00
Viktor Dukhovni
6e661d458f New peername element in X509_VERIFY_PARAM_ID 
Declaration, memory management, accessor and documentation.
 2014-07-06 01:50:50 +10:00
Ben Laurie
6835f572a9 Reduce casting nastiness. 2014-07-05 15:00:53 +01:00
Dr. Stephen Henson
55707a36cc Add license info. 2014-07-04 18:41:45 +01:00
Dr. Stephen Henson
b948ee27b0 Remove all RFC5878 code. 
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs
 2014-07-04 13:26:35 +01:00
Andy Polyakov
eca441b2b4 bn_exp.c: fix x86_64-specific crash with one-word modulus. 
PR: #3397
 2014-07-02 19:35:50 +02:00
Dr. Stephen Henson
398e99fe5e ASN1 sanity check. 
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
 2014-07-02 00:59:26 +01:00
Andy Polyakov
c7ada16d39 perlasm/ppc-xlate.pl update. 2014-07-01 19:11:11 +02:00
Andy Polyakov
cd1922cde0 Engage SHA256/512 for PowerISA 2.07. 2014-07-01 19:09:11 +02:00
Andy Polyakov
eaa4820471 Add SHA256/512 for PowerISA 2.07. 2014-07-01 19:09:11 +02:00
Andy Polyakov
29be3f6411 sha512-x86_64.pl: fix linking problem under Windows. 2014-07-01 17:11:22 +02:00
Dr. Stephen Henson
387b844ffd Accessor functions for app_data in ECDSA_METHOD 2014-07-01 12:01:51 +01:00
Dr. Stephen Henson
0d263d2acf Test copying of contexts in evp_test. 
Test EVP_CIPHER_CTX_copy in evp_test. This will catch any
problems with copying in underlying ciphers.
 2014-07-01 12:01:51 +01:00
Ben Laurie
e3ba6a5f83 Make depend. 2014-06-30 16:03:29 +01:00
Dr. Stephen Henson
c2fd5d79ff Fix copy for CCM, GCM and XTS. 
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
 2014-06-30 12:57:29 +01:00
ZNV
370bf1d708 Make EVP_CIPHER_CTX_copy work in GCM mode. 
PR#3272
 2014-06-29 22:01:28 +01:00
Ben Laurie
8892ce7714 Constification - mostly originally from Chromium. 2014-06-29 21:05:23 +01:00
Dr. Stephen Henson
0e7bda79a1 Handle BER length encoding. 
Tolerate BER length encoding which may include leading zeroes.

PR#2746
 2014-06-29 00:07:08 +01:00
Andy Polyakov
a356e488ad x86_64 assembly pack: refine clang detection. 2014-06-28 17:23:21 +02:00
Andreas Westfeld
d1d4382dcb Fix typo in ideatest.c 2014-06-28 00:06:13 +01:00
Dr. Stephen Henson
59deb33cbe Fix for EVP_PBE_alg_add(). 
In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.

PR#3206
 2014-06-27 23:19:39 +01:00
Andy Polyakov
406d4af050 bn/asm/rsaz-avx2.pl: fix occasional failures. 2014-06-27 22:41:58 +02:00
Dr. Stephen Henson
11da66f8b1 Tolerate critical AKID in CRLs. 
PR#3014
 2014-06-27 18:49:32 +01:00
Tom Greenslade
b36f35cda9 Handle IPv6 addresses in OCSP_parse_url. 
PR#2783
 2014-06-27 17:30:59 +01:00
Dr. Stephen Henson
abac8e0e08 Rebuild OID table. 2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
95791bf941 Fix OID encoding for one component. 
OIDs with one component don't have an encoding.

PR#2556 (Bug#1)
 2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
d2aea03829 Memory leak and NULL dereference fixes. 
PR#3403
 2014-06-27 14:35:07 +01:00
Huzaifa Sidhpurwala
3b3b69ab25 Make sure BN_sqr can never return a negative value. 
PR#3410
 2014-06-26 23:56:34 +01:00
Dr. Stephen Henson
7be6b27aaf Remove ancient obsolete files under pkcs7. 2014-06-26 23:56:34 +01:00
Andy Polyakov
f3f620e1e0 bn_exp.c: move check for AD*X to rsaz-avx2.pl. 
This ensures high performance is situations when assembler supports
AVX2, but not AD*X.
 2014-06-27 00:07:15 +02:00
Andy Polyakov
052ecf91d2 aesp8-ppc.pl: rigid input verification in key setup. 2014-06-25 22:13:17 +02:00
Andy Polyakov
7b8c8c4d79 aesv8-armx.pl: rigid input verification in key setup. 2014-06-25 22:10:45 +02:00
Andy Polyakov
7eb0488280 x86_64 assembly pack: addendum to last clang commit. 2014-06-24 08:37:05 +02:00
Andy Polyakov
ac171925ab x86_64 assembly pack: allow clang to compile AVX code. 2014-06-24 08:24:25 +02:00
Andy Polyakov
015364baf3 aesv8-armx.pl: inclrease interleave factor. 
This is to compensate for higher aes* instruction latency on Cortex-A57.
 2014-06-24 08:08:58 +02:00
Andy Polyakov
0f777aeb50 ARMv8 assembly pack: add Cortex performance numbers. 2014-06-24 08:06:05 +02:00
Viktor Dukhovni
eef1827f89 One more typo when changing !result to result <= 0 2014-06-23 16:26:34 +01:00
Viktor Dukhovni
90b70a6a6b Fix typo in last commit 2014-06-22 20:39:52 -04:00
Viktor Dukhovni
8abffa4a73 Multiple verifier reference identities. 
Implemented as STACK_OF(OPENSSL_STRING).
 2014-06-22 20:32:35 -04:00
Viktor Dukhovni
66d884f067 Implement sk_deep_copy. 2014-06-22 20:24:18 -04:00
Viktor Dukhovni
29edebe95c More complete input validation of X509_check_mumble 2014-06-22 20:18:53 -04:00
Viktor Dukhovni
a48fb0400c X509_check_mumble() failure is <= 0, not just 0 2014-06-22 20:14:53 -04:00
Viktor Dukhovni
b3012c698a Drop hostlen from X509_VERIFY_PARAM_ID. 
Just store NUL-terminated strings.  This works better when we add
support for multiple hostnames.
 2014-06-22 19:52:44 -04:00
Felix Laurie von Massenbach
50cc4f7b3d Fix signed/unsigned comparisons. 2014-06-17 17:41:46 +01:00
Felix Laurie von Massenbach
1f61d8b5b1 Fix shadow declaration. 2014-06-17 17:41:46 +01:00
Andy Polyakov
9024b84b7c aesni-sha[1|256]-x86_64.pl: fix logical error and MacOS X build. 2014-06-16 10:11:45 +02:00
Andy Polyakov
764fe518da aesp8-ppc.pl: add CTR mode. 2014-06-16 08:05:19 +02:00
Viktor Dukhovni
7241a4c7fd Enforce _X509_CHECK_FLAG_DOT_SUBDOMAINS internal-only 2014-06-14 22:31:29 +01:00
Andy Polyakov
ce00c64df9 evp/e_aes_cbc_sha[1|256].c: fix -DPEDANTIC build. 2014-06-14 23:15:39 +02:00
Andy Polyakov
91a6bf80f8 aesni-sha256-x86_64.pl: add missing rex in shaext. 
PR: 3405
 2014-06-14 16:03:06 +02:00
Andy Polyakov
c9cf29cca2 sha1-x86_64.pl: add missing rex prefix in shaext. 
PR: 3405
 2014-06-14 15:27:54 +02:00
Viktor Dukhovni
a09e4d24ad Client-side namecheck wildcards. 
A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).

With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
 2014-06-12 23:19:25 +01:00
Andy Polyakov
977f32e852 Facilitate back-porting of AESNI and SHA modules. 
Fix SEH and stack handling in Win64 build.
 2014-06-12 21:45:41 +02:00
Andy Polyakov
1cf8f57b43 ghash-x86_64.pl: optimize for upcoming Atom. 2014-06-11 11:34:18 +02:00
Andy Polyakov
619b94667c Add support for Intel SHA extension. 2014-06-11 10:27:45 +02:00
Rob Stradling
fd2309aa29 Separate the SCT List parser from the SCT List viewer 2014-06-10 23:44:13 +01:00
Andy Polyakov
e2eabed110 aesni-mb-x86_64.pl: add Win64 SEH. 2014-06-10 23:08:06 +02:00
Dr. Stephen Henson
7a9d59c148 Fix null pointer errors. 
PR#3394
 2014-06-10 14:47:29 +01:00
Jakub Wilk
7be1d8764d Create ~/.rnd with mode 0600 instead of 0666 
Because of a missing include <fcntl.h> we don't have O_CREATE and don't create
the file with open() using mode 0600 but fall back to using fopen() with the
default umask followed by a chmod().

Problem found by Jakub Wilk <jwilk@debian.org>.
 2014-06-08 21:15:48 +01:00
Andy Polyakov
5dcf70a1c5 ARM assembly pack: get ARMv7 instruction endianness right. 
Pointer out and suggested by: Ard Biesheuvel.
 2014-06-06 21:27:18 +02:00
Andy Polyakov
cd91fd7c32 sha[1|512]-armv8.pl: get instruction endianness right. 
Submitted by: Ard Biesheuvel.
 2014-06-06 20:50:43 +02:00
Andy Polyakov
82741e9c89 Engage GHASH for ARMv8. 2014-06-06 20:48:35 +02:00
Andy Polyakov
2d5a799d27 Add GHASH for ARMv8 Crypto Extension. 
Result of joint effort with Ard Biesheuvel.
 2014-06-06 20:43:02 +02:00
Andy Polyakov
65cad34b10 aesv8-armx.pl update: 
- fix 32-bit build (submitted by Ard Biesheuvel);
- fix performance issue in CTR;
 2014-06-06 12:18:51 +02:00
Andy Polyakov
d86689e1d9 aesp8-ppc.pl: fix typos. 2014-06-04 08:34:18 +02:00
Andy Polyakov
53a224bb0a evp/e_aes.c: add erroneously omitted break; 2014-06-04 08:33:06 +02:00
Libor Krystek
8e3231642b Corrected OPENSSL_NO_EC_NISTP_64_GCC_128 usage in ec_lcl.h. PR#3370 2014-06-03 23:15:58 +01:00
Andy Polyakov
030a3f9527 evp/e_aes.c: populate HWAES_* to remaning modes. 
Submitted by: Ard Biesheuvel.
 2014-06-02 21:48:02 +02:00
Andy Polyakov
de51e830a6 Engage POWER8 AES support. 2014-06-01 23:38:11 +02:00
Andy Polyakov
723463282f armv4cpuid.S: switch to CNTVCT tick counter. 2014-06-01 22:34:02 +02:00
Andy Polyakov
797d24bee9 sha[1|256]-armv4: harmonize with arm_arch.h. 2014-06-01 22:29:50 +02:00
Andy Polyakov
ddacb8f27b Engage ARMv8 AES support. 2014-06-01 22:20:37 +02:00
Andy Polyakov
f8aab6174c linux-aarch64: engage SHA modules. 2014-06-01 18:03:51 +02:00
Andy Polyakov
ddb6b965da Add SHA for ARMv8. 2014-06-01 18:02:11 +02:00
Andy Polyakov
e8d93e342b Add linux-aarch64 taget. 
armcap.c is shared between 32- and 64-bit builds and features link-time
detection of getauxval.

Submitted by: Ard Biesheuvel.
 2014-06-01 17:21:06 +02:00
Ben Laurie
c93233dbfd Tidy up, don't exceed the number of requested bits. 2014-06-01 15:31:27 +01:00
Ben Laurie
46838817c7 Constify and reduce coprime random bits to allow for multiplier. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
8927c2786d Add a test to check we're really generating probable primes. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
9a3a99748b Remove unused BIGNUMs. 2014-06-01 15:31:27 +01:00
Felix Laurie von Massenbach
c74e148776 Refactor the first prime index. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
982c42cb20 Try skipping over the adding and just picking a new random number. 
Generates a number coprime to 2, 3, 5, 7, 11.

Speed:
Trial div (add) : trial div (retry) : coprime
1 : 0.42 : 0.84
 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
c09ec5d2a0 Generate safe primes not divisible by 3, 5 or 7. 
~2% speed improvement on trial division.
 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
b0513819e0 Add a method to generate a prime that is guaranteed not to be divisible by 3 or 5. 
Possibly some reduction in bias, but no speed gains.
 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e46a059ebf Remove static from probable_prime_dh. 2014-06-01 15:31:26 +01:00
Felix Laurie von Massenbach
e55fca760b Remove indentation from the goto targets. 2014-06-01 15:31:26 +01:00
Dr. Stephen Henson
3009244da4 Set default global mask to UTF8 only. 2014-06-01 15:03:00 +01:00
Andy Polyakov
e09ea622bb aesv8-armx.pl: add CTR implementation. 
Submitted by: Ard Biesheuvel.
 2014-05-29 22:45:35 +02:00
Dr. Stephen Henson
46d889f33e Set version number correctly. 
PR#3249
 2014-05-29 14:33:32 +01:00
František Bořánek
4da0ddc47e Fix memory leak. 
PR#3278
 2014-05-29 14:33:32 +01:00
Martin Kaiser
1c4575ebc3 remove duplicate 0x for default RSASSA-PSS salt len 2014-05-29 14:33:32 +01:00
Andy Polyakov
7cbdb975c2 aesp8-ppc.pl: optimize CBC decrypt even further. 
10-19% improvement depending on key length and endianness.
 2014-05-29 15:10:12 +02:00
Ben Laurie
ba4477d649 Make it build. 
Closes #31.
 2014-05-25 17:35:04 +01:00
Christian Heimes
56431240ae add test case to makefiles 2014-05-25 17:35:04 +01:00
Christian Heimes
4d4a535dcf Implement tests for PKCS#5 PBKDF2 HMAC 2014-05-25 17:35:04 +01:00
Dr. Stephen Henson
0930251df8 Don't use expired certificates if possible. 
When looking for the issuer of a certificate, if current candidate is
expired, continue looking. Only return an expired certificate if no valid
certificates are found.

PR#3359
 2014-05-25 04:50:15 +01:00
Dr. Stephen Henson
6c21b860ba Rename vpm_int.h to x509_lcl.h 2014-05-25 04:50:14 +01:00
Luiz Angelo Daros de Luca
dd36fce023 OpenSSL is able to generate a certificate with name constraints with any possible 
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP
as an example:

	nameConstraints=permitted;IP:192.168.0.0/255.255.0.0

However, until now, the verify code for IP name contraints did not exist. Any
check with a IP Address Name Constraint results in a "unsupported name constraint
type" error.

This patch implements support for IP Address Name Constraint (v4 and v6). This code
validaded correcly certificates with multiple IPv4/IPv6 address checking against
a CA certificate with these constraints:

	permitted;IP.1=10.9.0.0/255.255.0.0
	permitted;IP.2=10.48.0.0/255.255.0.0
	permitted;IP.3=10.148.0.0/255.255.0.0
	permitted;IP.4=fdc8:123f:e31f::/ffff:ffff:ffff::

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2014-05-23 23:05:38 +01:00
Andy Polyakov
fda29b6db0 aesp8-ppc.pl: add optimized CBC decrypt. 2014-05-23 20:15:06 +02:00
Andy Polyakov
b83d09f552 vpaes-ppc.pl: comply with ABI. 2014-05-23 20:14:38 +02:00
Ben Laurie
eb33348879 Check length first in BUF_strnlen(). 2014-05-22 10:13:22 +01:00
Ben Laurie
12f1b3e79f Remove redundant test. 2014-05-21 12:03:02 +01:00
Ben Laurie
dea4a18404 Implement BUF_strnlen() and use it instead of strlen(). 2014-05-21 11:58:03 +01:00
Viktor Dukhovni
397a8e747d Fixes to host checking. 
Fixes to host checking wild card support and add support for
setting host checking flags when verifying a certificate
chain.
 2014-05-21 11:31:28 +01:00
Dr. Stephen Henson
558c94efc0 Fix for PKCS12_create if no-rc2 specified. 
Use triple DES for certificate encryption if no-rc2 is
specified.

PR#3357
 2014-05-21 11:28:58 +01:00
Andy Polyakov
3e68273326 aesv8-armx.pl: fix typo. 2014-05-20 23:32:12 +02:00
Andy Polyakov
a0a17fcb75 aesv8-armx.pl: optimize by adding 128-bit code paths. 2014-05-20 22:50:28 +02:00
Ben Laurie
d8ac1ea77e Don't allocate more than is needed in BUF_strndup(). 2014-05-20 13:52:31 +01:00
Janpopan
ff626ba5f4 Fix a wrong parameter count ERR_add_error_data 2014-05-19 22:10:14 +01:00
Andy Polyakov
5727e4dab8 Add "teaser" AES module for ARMv8. 
"Teaser" means that it's initial proof-of-concept to build EVP module
upon.
 2014-05-19 08:46:44 +02:00
Andy Polyakov
f75faa16af Add "teaser" AES module for PowerISA 2.07. 
"Teaser" means that it's not integrated yet and purpose of this
commit is primarily informational, to exhibit design choices,
such as how to handle alignment and endianness. In other words
it's proof-of-concept code that EVP module will build upon.
 2014-05-12 10:35:29 +02:00
Kurt Roeckx
3b3ecce141 Set authkey to NULL and check malloc return value. 2014-05-12 00:20:08 +01:00
Martin Brejcha
00f3a236e0 dgram_sctp_ctrl: authkey memory leak 
PR: 3327
 2014-05-12 00:20:08 +01:00
Dr. Stephen Henson
0bcb17a777 Return an error if no recipient type matches. 
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
 2014-05-09 14:24:54 +01:00
Matt Caswell
2d2e0479eb Fixed NULL pointer dereference in PKCS7_dataDecode reported by David Ramos in PR#3339 2014-05-07 23:21:02 +01:00
Geoff Thorpe
fce3821111 evp: prevent underflow in base64 decoding 
This patch resolves RT ticket #2608.

Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-05-06 17:52:19 -04:00
Geoff Thorpe
12e9f627f9 bignum: allow concurrent BN_MONT_CTX_set_locked() 
The lazy-initialisation of BN_MONT_CTX was serialising all threads, as
noted by Daniel Sands and co at Sandia. This was to handle the case that
2 or more threads race to lazy-init the same context, but stunted all
scalability in the case where 2 or more threads are doing unrelated
things! We favour the latter case by punishing the former. The init work
gets done by each thread that finds the context to be uninitialised, and
we then lock the "set" logic after that work is done - the winning
thread's work gets used, the losing threads throw away what they've done.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-05-06 17:43:35 -04:00
Dr. Stephen Henson
3ba1e406c2 Initialize num properly. 
PR#3289
PR#3345
 2014-05-06 14:07:37 +01:00
Dr. Stephen Henson
546b1b4384 Set Enveloped data version to 2 if ktri version not zero. 2014-05-06 13:59:05 +01:00
Tim Hudson
8bbfd94e36 - fix coverity issues 966593-966596 2014-05-06 00:02:31 +01:00