aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2023-02-13Delete .travis.ymlossl_patchedalexspirt1-70/+0
2023-02-13Fix FreeBSD integrationalexspirt1-1/+1
2023-02-12fix typo causing 'bad mac' error in tls 1.3 handshakeigrkir3-2/+7
2022-10-31patches: improve ssl trace outputigrkir1-7/+20
2022-10-27update OpenSSL version up to OpenSSL_1_1_1rigrkir8-18/+18
2022-10-27patches: fix OSSL write/read early data creashesigrkir3-38/+40
2022-09-17MinGW adjustmentsDmitry Belyavskiy1-0/+2
2022-09-16Make mingw-friendly buildDmitry Belyavskiy3-9/+47
2022-09-16No more C++ commentsDmitry Belyavskiy1-6/+6
2022-05-30fix: next error value for new errorigrkir1-1/+1
2022-05-30On unpacking key blob output buffer size should be fixedDmitry Belyavskiy1-9/+14
Related: CVE-2022-29242
2022-05-30Fix buffer overrun in creating key transport blob according to RFC 9189, 4.2.4.2Dmitry Belyavskiy1-1/+21
Resolves: CVE-2022-29242
2022-05-30Fix buffer overrun in creating key transport blob according to RFC 9189, 4.2.4.1Dmitry Belyavskiy3-1/+22
Resolves: CVE-2022-29242
2022-01-11TLS 1.2: update TLSTREE mode supportigrkir3-19/+89
2021-12-29Update gost_ec_keyx.cse-prok1-0/+7
It's not right to have segmentation faults.
2021-12-29add tcl tests for TLS1.3igrkir2-1/+226
2021-12-29change OpenSSL version up to OpenSSL_1_1_1migrkir8-1780/+1824
add new 'tls13' openssl patch CI: .cirrus, GitHub Actions
2021-12-29add EVP_PKEY_CTRL_PARAMS_MATCH pub key controligrkir1-0/+60
2021-12-29Add TLS 1.3 derive function for ECDHE secret valueigrkir1-2/+132
2021-12-29Add TLS 1.3 new modes for TLSTREE algorithmigrkir10-8/+112
two new modes (long and short) per MGM algorithm (magma and kuznyechik).
2021-12-29Add TLS 1.3 EC point encoding for key_share ext.igrkir5-0/+191
reverse byte order
2021-06-08make tests pass throughigrkir8-29/+29
2021-06-08add mgm testigrkir2-0/+273
2021-06-08CI: set OpenSSL branch v.1.1.1g, apply new patchigrkir5-47/+765
add new patch to update OpenSSL objects database
2021-06-08CI: copy GitHub Actions files from masterigrkir4-6/+142
2021-06-08initial unified impl magma/kuznetchik MGM modeigrkir10-12/+939
without any speedup math calculation
2021-06-08fix OpenSSL v.1.1.1 API consistencyigrkir4-4/+16
revert commit 4108e77e0eb091fdd9b9c4174374a6ac0cc0abd0: remove "const" in pub_decode_gost_ec(). First commited on master branch on May 26, 2020 (see https://github.com/openssl/openssl/commit/7674e92324648b59786d86d8e9014bbaed4e6d07). partially revert commit dbc8f4780fa78d66a68174f78f9ae9aa9cdad53c: OpenSSL v.1.1.1 API has no function EC_GROUP_get0_field(). First commited on master branch on Feb 15, 2019 (see https://github.com/openssl/openssl/commit/fa1f03061037cbdac5369849a885c1191a2550d9). checks OpenSSL v.3.0 API function calls: OSSL_STORE_attach(), PEM_write_bio_X509_PUBKEY()/i2d_X509_PUBKEY_bio(). First commited on master branch on May 13, 2020 (see https://github.com/openssl/openssl/commit/6ab6ecfd6d2d659326f427dceb1b65ae1b4b012b). First commited on master branch on Nov 29, 2019 (see https://github.com/openssl/openssl/commit/cb58d81e68c72ab0128e0a5fc6faa007f8632acd).
2021-02-20Avoid some buffer overflowsDmitry Belyavskiy1-0/+15
2020-12-06gost_crypt: process full available block in CFB and CNT modeAlexei A. Smekalkine1-2/+2
If at the input of the encryption function in the CFB mode we have an integer number of blocks, then in the main loop all blocks will be processed, except for the last one due to an incorrect border check. The last block will be fully processed as a "partial" remainder, but the initialization vector will not be updated. And, thus, the value of IV will always be incorrect in this case. This breaks stateless protocols due to an invalid initialization vector: all messages except the first cannot be decrypted. (Naturally, we are talking about a case with disabled key meshing, which does not allow context recovery due to an erroneous implementation.) It is worth noting here that the code for processing partial blocks (both at the input of the encryption functions and at the output) is a historically unnecessary artifact, since we do not set the EVP_CIPH_FLAG_CUSTOM_CIPHER flag and, as a result, OpenSSL processes partial blocks for us. This patch corrects the checking of the main loop boundary. A similar error is present in the code for the CNT mode, but there it does not manifest itself in any way, because the restoration of the state in this mode is impossible: even after disabling key meshing, we still have the state-dependent transformation of the IV. As an extra result of this fix, the code for processing partial blocks can be completely removed now. (cherry picked from commit cf402dd4d89271d5b1ca4ea938ce7a2f13a44d58)
2020-11-28update magma cipher ctr_acpkm mode encryptingIgor Kirillov1-28/+32
Fixed bug when acpkm key meshing didn't apply at appropriate time during TLS secure exchange. Unify usage of 'num' variable of EVP_CIPHER_CTX for kuznetchik and magma. (cherry picked from commit 2dd3a2f2e9a6286fab4dd80f7f127ce8289bc77e)
2020-11-28Tests updated to support GOST2001DHDmitry Belyavskiy2-2/+2
(cherry picked from commit 447f1be1ca0e61348f7fe627d95ab0298d27b624)
2020-11-28Add explicit support for NID_id_GostR3410_2001DH (GOST R 34.10-2001 DH)Dmitry Timoshkov4-1/+22
(cherry picked from commit e1afd2a137a0a4cab89260202fdc1828263d098d)
2020-10-31fix_cbc_281Wolfgang Beck1-1/+3
2020-09-18KDF Tree fix for BIG_ENDIANDmitry Belyavskiy1-8/+1
(cherry picked from commit 47be42da87cb9bf9bad6f415c442b586ce0752ef)
2020-09-18Strict alignment Kuznyechik bugfixDmitry Belyavskiy1-0/+6
(cherry picked from commit 1997dd99db27383a89d1f91bd4d7091b553ca6ee)
2020-09-18Provide cmake test if alignment requirement is strictVitaly Chikunov1-0/+12
This is based on AX_CHECK_ALIGNED_ACCESS_REQUIRED from autoconf-archive. Note, that on some arches unaligned access behavior could be changed at runtime via prctl(1). Also, unaligned memory access is still slower (and very slow on some arches) even if it's not strictly required. (cherry picked from commit d2810d23a9f30ae885f9bf0783f0847a12972ff3)
2020-09-18Endianess bugfixDmitry Belyavskiy1-0/+5
(cherry picked from commit f1f47c6c7710291157aa863768d9048aaeaa9530)
2020-09-02Special branch reuires patching OpenSSLDmitry Belyavskiy3-2/+3376
This branch is created for experiments with the patched OpenSSL version. The patch implements Russian GOST TLS 1.2 and TLS 1.3 support in OpenSSL. Some parts of the patch are already included in OpenSSL 3.0, some are not and possibly, will never be. This branch is recommended for ditribution builders and those who want make experiments. It MUST NOT be used instead of system OpenSSL.
2020-08-28Tests adjustmentDmitry Belyavskiy1-7/+7
2020-08-22Fix Coverity #305798Dmitry Belyavskiy1-2/+5
2020-08-22Fix coverity #305799Dmitry Belyavskiy1-1/+1
2020-08-22Fix Coverity #305800Dmitry Belyavskiy1-21/+18
Plus some minor style fix
2020-08-21[ecp] validation with coverityLuis Rivera Zamarripa8-3639/+4949
2020-08-20Update test to match current openssl messagesDmitry Belyavskiy3-13/+13
2020-08-13SSL tests fixDmitry Belyavskiy1-7/+7
2020-08-11Use alpha6 opensslDmitry Belyavskiy1-2/+1
2020-08-06Bugfix - arguments orderDmitry Belyavskiy1-1/+1
2020-08-06API renamingDmitry Belyavskiy1-6/+6
2020-08-06Clang build fixDmitry Belyavskiy1-1/+1
2020-07-23Edwards map fixBilly Brumley2-33/+33
ECCKiila Changes from https://gitlab.com/nisec/ecckiila/-/issues/2 https://gitlab.com/nisec/ecckiila/-/commit/7445ecabef77965743e0ae8d39d7433b07820be6 * X3 -> X1 * eliminate a temp variable X3 = X1 as pointers is the reason this was still passing unit tests. But that might not hold in future versions of ECCKiila, so fix it now.
generated by cgit v1.1 at 2024-08-26 15:56:05 +0000