aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2017-10-17modes/gcm128.c: harmonize GCM_MUL macro with GHASH.Andy Polyakov1-45/+56
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-10-16Some cleanups to apps/ca.cFdaSilvaYY1-56/+34
Few code format fixup Fix limit computation; was too strict by 2 bytes. Simplify computation of buffer limits Checking is strictly same as sizeof(".pem") == 5 Simplify loop of code for certificate filename creation Fix MAX_PATH usage Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1936)
2017-10-16Make '-name' option of the 's_client' more genericPaul Yang2-14/+32
And also make '-xmpphost' an alias of the '-name' option. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4524)
2017-10-16Remove unused variable.Ben Laurie1-0/+2
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4367)
2017-10-16Cleaning secret data after useEasySec1-3/+7
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4509)
2017-10-16added cmcCA and cmcRA as per rfc6402, capitalized per RFC7030 authorMichael Richardson4-6/+30
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4378)
2017-10-16Code hygiene; initialize some pointers.Mouse2-2/+2
CLA: trivial Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4515)
2017-10-16Tweak the comment regarding record version check with respect to TLSv1.3Matt Caswell1-3/+4
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4527)
2017-10-16Sanity check the HRR version fieldMatt Caswell1-0/+7
The previous commit removed version negotiation on an HRR. However we should still sanity check the contents of the version field. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4527)
2017-10-16Don't do version neg on an HRRMatt Caswell5-16/+39
Previously if a client received an HRR then we would do version negotiation immediately - because we know we are going to get TLSv1.3. However this causes a problem when we emit the 2nd ClientHello because we start changing a whole load of stuff to ommit things that aren't relevant for < TLSv1.3. The spec requires that the 2nd ClientHello is the same except for changes required from the HRR. Therefore the simplest thing to do is to defer the version negotiation until we receive the ServerHello. Fixes #4292 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4527)
2017-10-16Fix incorrect function name in BN_bn2bin manpagedaurnimator1-1/+1
CLA: trivial Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4529)
2017-10-16Fix a bug in ALPN comparation code of a test casePaul Yang1-1/+1
Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4497)
2017-10-16Fix reading heap overflow in a test casePaul Yang1-6/+7
Caught by AddressSanitizer Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4497)
2017-10-16Add branch coverage to coveralls statisticsRichard Levitte1-1/+1
Fixes #4444 [extended tests] Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4447)
2017-10-13Remove email addresses from source code.Rich Salz97-259/+129
Names were not removed. Some comments were updated. Replace Andy's address with openssl.org Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4516)
2017-10-12Add CRYPTO_get_alloc_counts.Rich Salz6-59/+100
Use atomic operations for the counters Rename malloc_lock to memdbg_lock Also fix some style errors in mem_dbg.c Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4359)
2017-10-12Fix memory leak in DH_get_nid()Benjamin Kaduk1-4/+3
If q is non-NULL but p is indeed a safe prime, a modified copy of p could be leaked. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4525)
2017-10-12Add a test for setting initial SNI in CH but not using it with early_dataMatt Caswell1-0/+10
Test for the bug where early_data is not accepted by the server when it does not have an SNI callback set up, but the client sent a servername in the initial ClientHello establishing the session. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4519)
2017-10-12Fix bug where early_data does not work if no SNI callback is presentMatt Caswell1-0/+5
Fixes #4496 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4519)
2017-10-12make updateDr. Stephen Henson7-3/+54
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Add RFC7919 documentation.Dr. Stephen Henson3-0/+53
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Add RFC7919 tests.Dr. Stephen Henson1-0/+557
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Add pad supportDr. Stephen Henson2-1/+20
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Don't assume shared key length matches expected lengthDr. Stephen Henson1-1/+4
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Add RFC7919 support to EVPDr. Stephen Henson2-4/+41
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Add objects for RFC7919 parametersDr. Stephen Henson1-0/+7
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12DH named parameter supportDr. Stephen Henson5-1/+92
Add functions to return DH parameters using NID and to return the NID if parameters match a named set. Currently this supports only RFC7919 parameters but could be expanded in future. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Add primes from RFC7919Dr. Stephen Henson1-0/+288
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Support constant BN for DH parametersDr. Stephen Henson2-22/+17
If BN_FLG_STATIC_DATA is set don't cleanse a->d as it will reside in read only memory. If BN_FLG_MALLOCED is not set don't modify the BIGNUM at all. This change applies to BN_clear_free() and BN_free(). Now the BIGNUM structure is opaque applications cannot create a BIGNUM structure without BN_FLG_MALLOCED being set so they are unaffected. Update internal DH routines so they only copy pointers for read only parameters. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12Document EVP_PKEY_set1_engine()Dr. Stephen Henson1-4/+15
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-12Add EVP_PKEY_METHOD redirection testDr. Stephen Henson1-0/+170
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-12make updateDr. Stephen Henson4-0/+5
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-12Add EVP_PKEY_set1_engine() function.Dr. Stephen Henson4-3/+29
Add an ENGINE to EVP_PKEY structure which can be used for cryptographic operations: this will typically be used by an HSM key to redirect calls to a custom EVP_PKEY_METHOD. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-12Fix memory leak on lookup failureDr. Stephen Henson1-0/+3
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-12Don't ignore passed ENGINE.Dr. Stephen Henson1-2/+3
If we are passed an ENGINE to use in int_ctx_new e.g. via EVP_PKEY_CTX_new() use it instead of the default. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
2017-10-11Ensure we test all parameters for BN_FLG_CONSTTIMEMatt Caswell1-6/+16
RSA_setup_blinding() calls BN_BLINDING_create_param() which later calls BN_mod_exp() as follows: BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx) ret->mod will have BN_FLG_CONSTTIME set, but ret->e does not. In BN_mod_exp() we only test the third param for the existence of this flag. We should test all the inputs. Thanks to Samuel Weiser (samuel.weiser@iaik.tugraz.at) for reporting this issue. This typically only happens once at key load, so this is unlikely to be exploitable in any real scenario. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4477)
2017-10-11Remove an unused fileMatt Caswell1-136/+0
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4468)
2017-10-11Appease -Werror=maybe-uninitializedBenjamin Kaduk1-1/+1
test/bad_dtls_test.c: In function 'validate_client_hello': test/bad_dtls_test.c:128:33: error: 'u' may be used uninitialized in this function [-Werror=maybe-uninitialized] if (!PACKET_get_1(&pkt, &u) || u != SSL3_RT_HANDSHAKE) ^ Apparently -O1 does not perform sufficient optimization to ascertain that PACKET_get_1 will always initialize u if it returns true. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4518)
2017-10-11Move supportedgroup ext-block fields out of NO_ECBenjamin Kaduk1-2/+2
Now that we are moving to support named FFDH groups, these fields are not ec-specific, so we need them to always be available. This fixes the no-ec --strict-warnings build, since gcc 5.4.0-6ubuntu1~16.04.4 appears to always try to compile the static inline functions from ssl_locl.h, even when they are not used in the current compilation unit. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4518)
2017-10-11Return a value from atomic read on Windows.Pauli2-2/+2
Use a read lock when reading using pthreads. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4517)
2017-10-10Fix typosKeshav Kini2-4/+4
CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4513)
2017-10-10crypto/x509v3/v3_utl.c, ssl/ssl_cert.c: fix Coverity problems.Andy Polyakov2-4/+9
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4492)
2017-10-10apps/speed.c: add 'rand' algo to enable DRBG performance measurements.Patrick Steuer2-3/+30
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4481)
2017-10-10Don't change client random in Client Hello in its second flightTatsuhiro Tsujikawa1-2/+3
Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4490)
2017-10-10Add atomic write callPauli6-2/+41
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4414)
2017-10-10Add a CRYPTO_atomic_read call which allows an int variable to be readPauli6-1/+42
in an atomic fashion. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4414)
2017-10-10EVP_EncryptInit.pod: EVP_CIPHER_mode and EVP_CIPHER_CTX_mode updatePatrick Steuer1-2/+3
Mention CTR, GCM, CCM, OCB, WRAP and XTS modes. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4498)
2017-10-10apps/speed.c: fix ccm performance measurements.Patrick Steuer1-1/+43
CCM does not support streaming: An additional call to (EVP_...)Update must precede each call to Update to pass the total message length. The generic Update_loop calls Update one time such that in case of CCM only the total message length is passed. No encryption/decryption measured. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4480)
2017-10-10set_hex() behaviour changeEasySec1-10/+11
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4488)
2017-10-09Reduce the things we ignore in test/Richard Levitte1-6/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4507)
generated by cgit v1.1 at 2024-07-13 16:40:29 +0000