Matt Caswell
ae5c8664e5
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:31:38 +00:00
Matt Caswell
e0d2139045
Fixed NULL pointer dereference in PKCS7_dataDecode reported by David Ramos in PR#3339
2014-05-07 23:23:15 +01:00
Ben Laurie
3b21abfd6c
Fix double frees.
...
Conflicts:
CHANGES
2014-04-22 17:00:52 +01:00
Dr. Stephen Henson
b1cef8d984
Submitted by: Markus Friedl <mfriedl@gmail.com>
...
Fix memory leaks in 'goto err' cases.
2012-03-22 15:43:28 +00:00
Dr. Stephen Henson
8186c00ef3
Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and
...
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
2012-03-12 16:27:50 +00:00
Dr. Stephen Henson
24d7159abd
Backport libcrypto audit: check return values of EVP functions instead
...
of assuming they will always suceed.
2011-06-03 20:53:00 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Ben Laurie
48bd505c0b
If you're going to check for negative, use an signed integer! Coverity ID 122.
2007-04-05 17:31:29 +00:00
Nils Larsch
907e99623c
check return value of ASN1_item_i2d(), Coverity ID 55
2007-04-04 19:41:20 +00:00
Ben Laurie
4f1a0b2c21
Handle bad content type. Coverity ID 99.
2007-04-04 15:31:17 +00:00
Nils Larsch
689f9faba4
fix potential memory leaks
...
PR: 1462
2007-02-03 09:55:42 +00:00
Dr. Stephen Henson
559d50138f
Add bit I missed from PKCS#7 streaming encoder.
2006-12-24 16:46:47 +00:00
Ben Laurie
777c47acbe
Make things static that should be. Declare stuff in headers that should be.
...
Fix warnings.
2006-08-28 17:01:04 +00:00
Dr. Stephen Henson
786aa98da1
Use correct pointer types for various functions.
2006-07-20 16:56:47 +00:00
Dr. Stephen Henson
b7683e3a5d
Allow digests to supply S/MIME micalg values from a ctrl.
...
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.
2006-07-10 18:36:55 +00:00
Dr. Stephen Henson
0e3453536e
Fix warnings.
2006-05-24 13:29:32 +00:00
Dr. Stephen Henson
5531192151
Add -resign and -md options to smime command to support resigning an
...
existing structure and using alternative digest for signing.
2006-05-18 23:44:44 +00:00
Dr. Stephen Henson
76fa8f1838
More S/MIME tidy. Place some common attribute operations in utility
...
functions.
2006-05-18 17:20:23 +00:00
Dr. Stephen Henson
f2b139ed1f
Remove old digest type hacks for non RSA keys.
2006-05-18 13:05:20 +00:00
Dr. Stephen Henson
7144c4212a
Update PKCS#7 decrypt routines to use new API.
2006-05-08 16:38:19 +00:00
Dr. Stephen Henson
399a6f0bd1
Update PKCS#7 enveloped data to new API.
2006-05-08 12:44:25 +00:00
Dr. Stephen Henson
3d153f7985
Remove dss1 hack from S/MIME code.
2006-04-19 17:47:15 +00:00
Dr. Stephen Henson
f733a5ef0e
Initial functions for main EVP_PKEY_METHOD operations.
...
No method implementations yet.
2006-04-07 16:42:09 +00:00
Dr. Stephen Henson
8f2e4fdf86
Allow PKCS7_decrypt() to work if no cert supplied.
2005-08-04 22:15:22 +00:00
Bodo Möller
8afca8d9c6
Fix more error codes.
...
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
216659eb87
Enhance EVP code to generate random symmetric keys of the
...
appropriate form, for example correct DES parity.
Update S/MIME code and EVP_SealInit to use new functions.
PR: 700
2004-03-28 17:38:00 +00:00
Dr. Stephen Henson
c5a5546389
Add support for digested data PKCS#7 type.
2003-10-11 22:11:45 +00:00
Dr. Stephen Henson
77fe058c10
Simplify cipher and digest lookup in PKCS#7 code.
2003-10-11 16:46:40 +00:00
Dr. Stephen Henson
caf044cb3e
Retrieve correct content to sign when the
...
type is "other".
2003-10-10 23:25:43 +00:00
Dr. Stephen Henson
beab098d53
Various S/MIME bug and compatibility fixes.
2003-06-01 20:51:58 +00:00
Richard Levitte
4579924b7e
Cleanse memory using the new OPENSSL_cleanse() function.
...
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:04:36 +00:00
Ben Laurie
54a656ef08
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
Bodo Möller
5488bb6197
get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
...
Submitted by: Nils Larsch
2002-08-12 08:47:41 +00:00
Dr. Stephen Henson
b12540520d
Always init ctx_tmp in PKCS7_dataFinal since it is always cleaned up.
2002-02-26 19:33:24 +00:00
Bodo Möller
4d94ae00d5
ECDSA support
...
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Richard Levitte
67fec850e1
Allow verification of other types than DATA.
...
Submitted by Leonard Janke <leonard@votehere.net>
2002-01-02 11:54:38 +00:00
Dr. Stephen Henson
f3e24baddf
Don't overwrite signing time.
2001-12-07 00:36:32 +00:00
Dr. Stephen Henson
581f1c8494
Modify EVP cipher behaviour in a similar way
...
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
...
with existing code.
Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Geoff Thorpe
79aa04ef27
Make the necessary changes to work with the recent "ex_data" overhaul.
...
See the commit log message for that for more information.
NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Ben Laurie
dbad169019
Really add the EVP and all of the DES changes.
2001-07-30 23:57:25 +00:00
Richard Levitte
4ac881ede3
Fix couple of memory leaks in PKCS7_dataDecode().
...
(provided by Stephen)
2001-04-05 10:19:12 +00:00
Richard Levitte
271da5a2e0
avoid linking problems when OpenSSL is built with no-dsa. Spotted by Hellan,Kim KHE <khe@kmd.dk>
2001-03-20 15:36:59 +00:00
Bodo Möller
5277d7cb7c
Fix ERR_R_... problems.
2001-03-07 01:19:07 +00:00
Dr. Stephen Henson
db4a465974
Stop PKCS7_verify() core dumping with unknown public
...
key algorithms and leaking if the signature verify
fails.
2001-02-24 01:38:56 +00:00
Dr. Stephen Henson
bb5ea36b96
Initial support for ASN1_ITEM_FUNCTION option to
...
change the way ASN1 modules are exported.
Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.
2001-02-23 03:16:09 +00:00
Dr. Stephen Henson
ec5add8784
Fix the S/MIME code so it now works again and
...
uses the new ASN1 code.
2000-12-31 17:31:57 +00:00
Dr. Stephen Henson
9d6b1ce644
Merge from the ASN1 branch of new ASN1 code
...
to main trunk.
Lets see if the makes it to openssl-cvs :-)
2000-12-08 19:09:35 +00:00
Richard Levitte
62324627aa
Use sk_*_new_null() instead of sk_*_new(NULL), since that takes care
...
of complaints from the compiler about data pointers and function
pointers not being compatible with each other.
2000-09-17 18:21:27 +00:00