aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Fix X509_NAME decode for malloc failures.Dr. Stephen Henson2016-10-111-17/+20
| | | | | | | | | | | | The original X509_NAME decode free code was buggy: this could result in double free or leaks if a malloc failure occurred. Simplify and fix the logic. Thanks to Guido Vranken for reporting this issue. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1691)
* Fix up bn_prime.pl formatting.David Benjamin2016-10-102-260/+259
| | | | | | | | Align at 5 characters, not 4. There are 5-digit numbers in the output. Also avoid emitting an extra blank line and trailing whitespace. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove trailing whitespace from some files.David Benjamin2016-10-1079-362/+362
| | | | | | | | | | | | | | | | | | The prevailing style seems to not have trailing whitespace, but a few lines do. This is mostly in the perlasm files, but a few C files got them after the reformat. This is the result of: find . -name '*.pl' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' find . -name '*.c' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' find . -name '*.h' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' Then bn_prime.h was excluded since this is a generated file. Note mkerr.pl has some changes in a heredoc for some help output, but other lines there lack trailing whitespace too. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* SRP code tidy.Dr. Stephen Henson2016-10-011-69/+17
| | | | | | | | | Tidy up srp_Calc_k and SRP_Calc_u by making them a special case of srp_Calc_xy which performs SHA1(PAD(x) | PAD(y)). This addresses an OCAP Audit issue. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Print <ABSENT> if a STACK is NULL.Dr. Stephen Henson2016-09-291-1/+2
| | | | | | | If a STACK (corresponding to SEQUENCE OF or SET OF) is NULL then the field is absent as opposed to empty (present but has zero elements). Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add ASN1_ITEM lookup and enumerate functions.Dr. Stephen Henson2016-09-293-1/+204
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add -Wswitch-enumRich Salz2016-09-227-31/+86
| | | | | | | Change code so when switching on an enumeration, have case's for all enumeration values. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Add OCSP_RESPID_match()Matt Caswell2016-09-221-1/+27
| | | | | | | Add a function for testing whether a given OCSP_RESPID matches with a certificate. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add the ability to set OCSP_RESPID fieldsMatt Caswell2016-09-221-10/+37
| | | | | | | OCSP_RESPID was made opaque in 1.1.0, but no accessors were provided for setting the name/key value for the OCSP_RESPID. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Don't leak on an OPENSSL_realloc() failureMatt Caswell2016-09-211-10/+6
| | | | | | | If OPENSSL_sk_insert() calls OPENSSL_realloc() and it fails, it was leaking the originally allocated memory. Reviewed-by: Rich Salz <rsalz@openssl.org>
* rand/randfile.c: treat empty string in RAND_file_name as error.Andy Polyakov2016-09-211-1/+1
| | | | | | Suggested in GH#1589. Reviewed-by: Rich Salz <rsalz@openssl.org>
* rand/randfile.c: rationalize __OpenBSD__ code path.Andy Polyakov2016-09-211-5/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* rand/randfile.c: restore fallback to $HOME for non-setuid programs.Andy Polyakov2016-09-211-4/+6
| | | | | | Reported in GH#1589, but solution is different from suggested. Reviewed-by: Rich Salz <rsalz@openssl.org>
* GH1555: Don't bump size on realloc failureRich Salz2016-09-211-1/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Revert "Constify code about X509_VERIFY_PARAM"Rich Salz2016-09-211-2/+2
| | | | | | This reverts commit 81f9ce1e1965e0e33db6d2391285c4c1b6af0434. Reviewed-by: Matt Caswell <matt@openssl.org>
* Fix a missing NULL check in dsa_builtin_paramgenMatt Caswell2016-09-211-0/+3
| | | | | | | | | We should check the last BN_CTX_get() call to ensure that it isn't NULL before we try and use any of the allocated BIGNUMs. Issue reported by Shi Lei. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Convert num_alloc to a size_t in stack.c and tweak styleMatt Caswell2016-09-191-34/+23
| | | | | | | | | | | We were casting num_alloc to size_t in lots of places, or just using it in a context where size_t makes more sense - so convert it. This simplifies the code a bit. Also tweak the style in stack.c a bit following on from the previous commit Reviewed-by: Rich Salz <rsalz@openssl.org>
* Prevent overflows in stack APIGuido Vranken2016-09-191-8/+42
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Constify code about X509_VERIFY_PARAMFdaSilvaYY2016-09-181-2/+2
| | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1594)
* Remove an useless definition.FdaSilvaYY2016-09-171-1/+1
| | | | | | | APP_INFO is currently a field of MEM struct. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1583)
* Add some sanity checks around usage of t_fromb64()Matt Caswell2016-09-141-9/+27
| | | | | | | | | | | | | | | The internal SRP function t_fromb64() converts from base64 to binary. It does not validate that the size of the destination is sufficiently large - that is up to the callers. In some places there was such a check, but not in others. Add an argument to t_fromb64() to provide the size of the destination buffer and validate that we don't write too much data. Also add some sanity checks to the callers where appropriate. With thanks to Shi Lei for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org>
* bn/bn_lcl.h: improve interoperability with clang and Android NDK.Andy Polyakov2016-09-131-2/+2
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* VMS: be less picky when loading DSOsRichard Levitte2016-09-111-9/+7
| | | | | | | | | | | The DSO API was picky about casing of symbol names on VMS. There's really no reason to be that picky, it's mostly just annoying. Therefore, we take away the possibility to flag for a choice, and will instead first try to find a symbol with exact case, and failing that, we try to find it in upper case. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix EC_KEY_print so it prints out private key informationTim Hudson2016-09-101-1/+1
| | | | | | even when the public key is not present in an EC_KEY Reviewed-by: Stephen Henson <steve@openssl.org>
* If errno is ENXIO in BSS_new_file(), set BIO_R_NO_SUCH_FILERichard Levitte2016-09-081-1/+5
| | | | | | | VMS sets that errno when the device part of a file spec is malformed or a logical name that doesn't exist. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix mem leaks during auto-deinitMatt Caswell2016-09-085-0/+5
| | | | | | | | | | | | | | Certain functions are automatically called during auto-deinit in order to deallocate resources. However, if we have never entered a function which marks lib crypto as inited then they never get called. This can happen if the user only ever makes use of a small sub-set of functions that don't hit the auto-init code. This commit ensures all such resources deallocated by these functions also init libcrypto when they are initially allocated. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Laurie <ben@openssl.org>
* chacha/asm/chacha-ppc.pl: add missing .text directive.Andy Polyakov2016-09-081-0/+1
| | | | | | RT#4667 Reviewed-by: Rich Salz <rsalz@openssl.org>
* Avoid EVP_PKEY_cmp() crash on EC keys without public componentDavid Woodhouse2016-09-071-0/+4
| | | | | | | | | | | | | | | | | Some hardware devices don't provide the public EC_POINT data. The only way for X509_check_private_key() to validate that the key matches a given certificate is to actually perform a sign operation and then verify it using the public key in the certificate. Maybe that can come later, as discussed in issue 1532. But for now let's at least make it fail gracefully and not crash. GH: 1532 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1547) (cherry picked from commit 92ed7fa575a80955f3bb6efefca9bf576a953586)
* GH1537: Avoid double-free in the EVP_PKEY APIAlex Gaynor2016-09-071-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Misc BN fixesRich Salz2016-09-063-15/+23
| | | | | | | | | | | | | | | | | Never output -0; make "negative zero" an impossibility. Do better checking on BN_rand top/bottom requirements and #bits. Update doc. Ignoring trailing garbage in BN_asc2bn. Port this commit from boringSSL: https://boringssl.googlesource.com/boringssl/+/899b9b19a4cd3fe526aaf5047ab9234cdca19f7d%5E!/ Ensure |BN_div| never gives negative zero in the no_branch code. Have |bn_correct_top| fix |bn->neg| if the input is zero so that we don't have negative zeros lying around. Thanks to Brian Smith for noticing. Reviewed-by: Richard Levitte <levitte@openssl.org>
* modes/asm/ghash-armv4.pl: improve interoperability with Android NDK.Andy Polyakov2016-09-031-1/+3
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* MIPS assembly pack: adapt it for MIPS[32|64]R6.Andy Polyakov2016-09-0211-482/+608
| | | | | | | | | MIPS[32|64]R6 is binary and source incompatible with previous MIPS ISA specifications. Fortunately it's still possible to resolve differences in source code with standard pre-processor and switching to trap-free version of addition and subtraction instructions. Reviewed-by: Richard Levitte <levitte@openssl.org>
* crypto/bn/*: x86[_64] division instruction doesn't handle constants, change ↵Andy Polyakov2016-08-312-3/+3
| | | | | | | constraint from 'g' to 'r'. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
* Code cleanup UIRich Salz2016-08-311-20/+2
| | | | | | Remove NULL check on parameter, and use NULL not ! on buffer. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add ecp_nistz256-ppc64 module.Andy Polyakov2016-08-293-0/+2400
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* perlasm/ppc-xlate.pl: recognize .type directive.Andy Polyakov2016-08-291-19/+53
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* bn/asm/ppc.pl: harmonize .size directive in bn_mul_words.Andy Polyakov2016-08-291-1/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove comment tags from structs (coding style)Rich Salz2016-08-291-5/+5
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Use uppercase name for PCT_ enumRich Salz2016-08-292-16/+21
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Improve the definition of STITCHED_CALL in e_rc4_hmac_md5.cRichard Levitte2016-08-261-1/+1
| | | | | | | | | | | | | The definition of STITCHED_CALL relies on OPENSSL_NO_ASM. However, when a configuration simply lacks the assembler implementation for RC4 (which is where we have implemented the stitched call), OPENSSL_NO_ASM isn't implemented. Better, then, to rely on specific macros that indicated that RC4 (and MD5) are implemented in assembler. For this to work properly, we must also make sure Configure adds the definition of RC4_ASM among the C flags. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Windows: UTF-8 opt-in for command-line arguments and console input.Andy Polyakov2016-08-251-15/+17
| | | | | | | | | | User can make Windows openssl.exe to treat command-line arguments and console input as UTF-8 By setting OPENSSL_WIN32_UTF8 environment variable (to any value). This is likely to be required for data interchangeability with other OSes and PKCS#12 containers generated with Windows CryptoAPI. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Don't switch password formats using global state.Andy Polyakov2016-08-253-77/+3
| | | | | | | To avoid possible race conditions don't switch password format using global state in crypto/pkcs12 Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix an uninitialised read on an error pathMatt Caswell2016-08-251-1/+1
| | | | | | Found by Coverity. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Un-delete still documented X509_STORE_CTX_set_verifyViktor Dukhovni2016-08-241-0/+6
| | | | | | It should not have been removed. Reviewed-by: Rich Salz <rsalz@openssl.org>
* ec/asm/ecp_nistz256-x86_64.pl: /cmovb/cmovc/ as nasm doesn't recognize cmovb.Andy Polyakov2016-08-241-40/+40
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* CRYPTO_atomic_add(): check that the object is lock freeRichard Levitte2016-08-241-3/+5
| | | | | | If not, fall back to our own code, using the given mutex Reviewed-by: Andy Polyakov <appro@openssl.org>
* CRYPTO_atomic_add(): use acquire release memory order rather than relaxedRichard Levitte2016-08-241-2/+2
| | | | | | | | For increments, the relaxed model is fine. For decrements, it's recommended to use the acquire release model. We therefore go for the latter. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Check for __GNUC__ to use GNU C atomic buildinsRichard Levitte2016-08-241-3/+3
| | | | | | | | | Note: we trust any other compiler that fully implements GNU extension to define __GNUC__ RT#4642 Reviewed-by: Andy Polyakov <appro@openssl.org>
* Avoid overflow in MDC2_Update()Dr. Stephen Henson2016-08-241-1/+1
| | | | | | | | Thanks to Shi Lei for reporting this issue. CVE-2016-6303 Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove useless assignmentMatt Caswell2016-08-241-2/+1
| | | | | | The variable assignment c1 is never read before it is overwritten. Reviewed-by: Tim Hudson <tjh@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-21 20:15:25 +0000