summaryrefslogtreecommitdiff
path: root/crypto
AgeCommit message (Collapse)AuthorFilesLines
2017-11-24Imported Upstream version 1.0.2mupstream/1.0.2mPawel Kowalski118-1089/+1599
2017-05-04Imported Upstream version 1.0.2kupstream/1.0.2kLukasz Pawelczyk30-184/+215
2016-10-04Imported Upstream version 1.0.2jupstream/1.0.2jDongsun Lee3-6/+6
Change-Id: I57424e369a568144838d2a7b8e2ca3a5737adf58 Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
2016-09-26Imported Upstream version 1.0.2iupstream/1.0.2iDongsun Lee140-949/+1652
Change-Id: Ie36b37cac23a47c82793df31244ade44f98093fa Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
2016-07-28Imported Upstream version 1.0.2hupstream/1.0.2hKyungwook Tak38-122/+334
Change-Id: Ica9a30d71f52395a402accf32110b52f46851c11 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-03-07Imported Upstream version 1.0.2gupstream/1.0.2gsangsu123-1189/+2101
Change-Id: I2b5f4248ba97b6abbe363a5da33c953e623e0a7e Signed-off-by: sangsu <sangsu.choi@samsung.com>
2015-12-18Imported Upstream version 1.0.2eupstream/1.0.2esangwan.kwon119-638/+1098
Change-Id: Ib2b4a8546eecf9f4d4a80d8f91b48dbf50bff173
2015-10-06Imported Upstream version 1.0.2dupstream/1.0.2dYury Usishchev304-8554/+78003
Change-Id: I565a3e3ac5176f83139175faa2d2a11a334e8908 Signed-off-by: Yury Usishchev <y.usishchev@samsung.com>
2015-08-31Imported Upstream version 1.0.1pupstream/1.0.1pKyungwook Tak139-464/+1211
Change-Id: I297624cdcb5d68a3442cdf4666722e66ce7a264b
2015-03-25Imported Upstream version 1.0.1mupstream/1.0.1mkyungwook tak816-172424/+176104
Change-Id: Ifa60e86d772dade7afe158c8899e6d36c5561bba
2015-03-12Imported Upstream version 1.0.1lupstream/1.0.1lkyungwook tak49-2943/+625
Change-Id: I99680d38528c4117e59bb5377cc54820b22b93a2
2014-10-20Prepare for 1.0.1j releaseupstream/1.0.1jsandbox/jkozerski/upstreamMatt Caswell1-3/+3
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-20Fix SSL_R naming inconsistency.Bodo Moeller1-1/+1
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20aesni-x86_64.pl: make ECB subroutine Windows ABI compliant.Andy Polyakov1-25/+27
RT: 3553 Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 69d5747f90136aa026a96204f26ab39549dfc69b)
2014-10-20Add constant_time_locl.h to HEADERS,Tim Hudson1-1/+2
so the Win32 compile picks it up correctly. Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-10-20Include "constant_time_locl.h" rather than "../constant_time_locl.h".Richard Levitte3-3/+3
The different -I compiler parameters will take care of the rest... Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Spaces were added in some strings for better readability. However, those ↵Richard Levitte1-3/+3
spaces do not belong in file names, so when picking out the individual parts, remove the spaces Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Adjust VMS build to Unix build. Most of all, make it so the disabledRichard Levitte2-20/+29
algorithms MD2 and RC5 don't get built. Also, disable building the test apps in crypto/des and crypto/pkcs7, as they have no support at all. Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Make sure that disabling the MAYLOSEDATA3 warning is only done when the ↵Richard Levitte1-3/+18
compiler supports it. Otherwise, there are warnings about it lacking everywhere, which is quite tedious to read through while trying to check for other warnings. Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Support TLS_FALLBACK_SCSV.Bodo Moeller1-0/+1
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-20Removed duplicate definition of PKCS7_type_is_encryptedMatt Caswell1-4/+0
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also remove duplicate definition of PKCS7_type_is_digest. PR#3551 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit e0fdea3e49e7454aa76bd5ecf3a3747641354c68)
2014-10-20Add additional DigestInfo checks.Dr. Stephen Henson1-1/+20
Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Add missing testsEmilia Kasper1-5/+7
Accidentally omitted from commit 455b65dfab0de51c9f67b3c909311770f2b3f801 Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit fdc35a9d3e8cf4cfd9330d5df9883f42cf5648ad)
2014-10-20crypto/bn/bn_nist.c: work around MSC ARM compiler bug.Andy Polyakov1-3/+3
RT: 3541 Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 8b07c005fe006044d0e4a795421447deca3c9f2c)
2014-10-20RT3425: constant-time evp_encEmilia Kasper2-26/+32
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e) Conflicts: crypto/evp/evp_enc.c (cherry picked from commit 738911cde68b2b3706e502cf8daf5b14738f2f42)
2014-10-20RT3067: simplify patchEmilia Kasper2-0/+54
(Original commit adb46dbc6dd7347750df2468c93e8c34bcb93a4b) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 455b65dfab0de51c9f67b3c909311770f2b3f801)
2014-10-20RT3066: rewrite RSA padding checks to be slightly more constant time.Emilia Kasper7-112/+302
Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Conflicts: crypto/rsa/rsa_oaep.c
2014-10-20RT2560: missing NULL check in ocsp_req_find_signerRich Salz1-2/+5
If we don't find a signer in the internal list, then fall through and look at the internal list; don't just return NULL. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit b2aa38a980e9fbf158aafe487fb729c492b241fb)
2014-10-20Ensure that x**0 mod 1 = 0.Adam Langley2-2/+52
(cherry picked from commit 2b0180c37fa6ffc48ee40caa831ca398b828e680) Reviewed-by: Ben Laurie <ben@openssl.org>
2014-10-20Followup on RT3334 fix: make sure that a directory that's the emptyRichard Levitte2-1/+12
string returns 0 with errno = ENOENT. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 360928b7d0f16dde70e26841bbf9e1af727e8b8f)
2014-10-20RT3334: Fix crypto/LPdir_win.cPhil Mesnier1-7/+35
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 6a14fe7576e7a14a46ba14df8be8fe478536b4fb)
2014-10-20Make the inline const-time functions static.Emilia Kasper1-16/+16
"inline" without static is not correct as the compiler may choose to ignore it and will then either emit an external definition, or expect one. Reviewed-by: Geoff Thorpe <geoff@openssl.org> (cherry picked from commit 86f50b36e63275a916b147f9d8764e3c0c060fdb)
2014-10-20md5-x86_64.pl: work around warning.Andy Polyakov1-1/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4d86e8df6be69ed13abb73fd564f1f894eea0a98)
2014-10-20Constant-time utilitiesEmilia Kasper3-0/+375
Pull constant-time methods out to a separate header, add tests. Reviewed-by: Bodo Moeller <bodo@openssl.org> (cherry picked from commit 9a9b0c0401cae443f115ff19921d347b20aa396b) Conflicts: test/Makefile
2014-10-20RT2400: ASN1_STRING_to_UTF8 missing initializerRaphael Spreitzer1-0/+1
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit f9fb43e176ad2a914108cd2b403425dc1ebc7262)
2014-10-20RT2308: Add extern "C" { ... } wrapperRich Salz6-0/+41
Add the wrapper to all public header files (Configure generates one). Don't bother for those that are just lists of #define's that do renaming. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 089f10e69ece75ce31540501fe0898b15e898552)
2014-10-20Explicitly check for empty ASN.1 strings in d2i_ECPrivateKeyEmilia Kasper1-3/+9
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer when the buffer length is 0. Change this to verify explicitly that the ASN.1 string has positive length. Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
2014-10-20RT3065: automatically generate a missing EC public keyMatt Caswell1-8/+19
When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit ed383f847156940e93f256fed78599873a4a9b28) Conflicts: doc/crypto/EC_KEY_new.pod
2014-10-20RT3065: ec_private_key_dont_crashAdam Langley2-7/+10
This change saves several EC routines from crashing when an EC_KEY is missing a public key. The public key is optional in the EC private key format and, without this patch, running the following through `openssl ec` causes a crash: -----BEGIN EC PRIVATE KEY----- MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH -----END EC PRIVATE KEY----- Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit b391570bdeb386d4fd325917c248d593d3c43930)
2014-10-20RT3061: Don't SEGFAULT when trying to export a public DSA key as a private key.Adam Langley1-1/+6
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit e19c93811f0db499c98d2888f1c0c0ab65e6238a)
2014-10-20Fix build when BSAES_ASM is defined but VPAES_ASM is notEmilia Kasper1-1/+1
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit da92be4d68bec81030838e3228ef0238c565af85)
2014-10-20Add volatile qualifications to two blocks of inline asm to stop GCC fromAdam Langley1-4/+4
eliminating them as dead code. Both volatile and "memory" are used because of some concern that the compiler may still cache values across the asm block without it, and because this was such a painful debugging session that I wanted to ensure that it's never repeated. (cherry picked from commit 7753a3a68431aa81b82beea4c3f5374b41454679) Conflicts: crypto/bn/asm/x86_64-gcc.c Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-20Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) andBodo Moeller3-5/+6
group_order_tests (ectest.c). Also fix the EC_POINTs_mul documentation (ec.h). Reviewed-by: emilia@openssl.org
2014-10-20Only use FIPS EC methods in FIPS mode.Dr. Stephen Henson4-16/+20
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Prepare for 1.0.1j-devMatt Caswell1-3/+3
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-20Prepare for 1.0.1i releaseupstream/1.0.1iMatt Caswell1-3/+3
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-20make updateMatt Caswell1-1718/+1711
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-20Fix SRP buffer overrun vulnerability.Dr. Stephen Henson1-0/+6
Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B < N to SRP code. Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC Group for reporting this issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-10-20Fix OID handling:Emilia Kasper2-16/+30
- Upon parsing, reject OIDs with invalid base-128 encoding. - Always NUL-terminate the destination buffer in OBJ_obj2txt printing function. CVE-2014-3508 Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-20Fix error discrepancy.Dr. Stephen Henson3-11/+5
We can't rename ssleay_rand_bytes to md_rand_bytes_lock as this will cause an error code discrepancy. Instead keep ssleay_rand_bytes and add an extra parameter: since ssleay_rand_bytes is not part of the public API this wont cause any binary compatibility issues. Reviewed-by: Kurt Roeckx <kurt@openssl.org > (cherry picked from commit 8068a675a7d1a657c54546f24e673e59e6707f03)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 14:01:54 +0000