This project is mirrored from https://github.com/openssl/openssl.git.
Pull mirroring failed .
Last successful update .
Last successful update .
- 15 May, 2020 7 commits
-
-
Matt Caswell authored
Reviewed-by:Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Reviewed-by:
-
Nicolas Vigier authored
Using the date from SOURCE_DATE_EPOCH instead of the current date makes it possible to reproduce a build that was built on a different year: https://reproducible-builds.org/specs/source-date-epoch/ This is fixing an issue we had while building Tor Browser: https://trac.torproject.org/projects/tor/ticket/33535 CLA: trivial Reviewed-by:
Paul Dale <paul.dale@oracle.com> Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/11296)
-
Matt Caswell authored
The alignment calculation in ssl3_setup_write incorrectly results in an alignment allowance of (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1) bytes. This equals 3 in almost all cases. The maximum alignment actually used in do_ssl3_write is (SSL3_ALIGN_PAYLOAD - 1). This equals 7 bytes in almost all cases. So there is a potential to overrun the buffer by up to 4 bytes. Fortunately, the encryption overhead allowed for is 80 bytes which consists of 16 bytes for the cipher block size and 64 bytes for the MAC output. However the biggest MAC that we ever produce is HMAC-384 which is 48 bytes - so we have a headroom of 16 bytes (i.e. more than the 4 bytes of potential overrun). Thanks to Nagesh Hegde for reporting this. Fixes #11766 Reviewed-by:
-
Orgad Shaneh authored
This is a 32-bit ABI build (as opposed to linux64-mips64). Setting SIXTY_FOUR_BIT breaks hardware optimizations, at least on octeon processors. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11725)
-
Richard Levitte authored
Doing this is kind of contrary to how we normally do things, as this constitutes a kind of pre-approval. However, without this, the normal review process will modify the reviewed commits, and render the annotated release tag invalid, which forces the person doing the release to re-tag manually. Reviewed-by:
-
Thomas Dwyer III authored
flag (which is not supported by older compilers). CLA: trivial Reviewed-by:
-
- 14 May, 2020 23 commits
-
-
Richard Levitte authored
Reviewed-by:
Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11833)
-
Richard Levitte authored
The problem encountered is that some arrays were deemed unnecessary by clang, for example: providers/common/der/der_rsa.c:424:28: error: variable 'der_aid_sha224Identifier' is not needed and will not be emitted [-Werror,-Wunneeded-internal-declaration] static const unsigned char der_aid_sha224Identifier[] = { ^ However, these arrays are used in sizeof() expressions in other parts of the code that's actually used, making that warning-turned-error a practical problem. We solve this by making the array non-static, which guarantees that the arrays will be emitted, even though unnecessarily. Fortunately, they are very small. Reviewed-by:Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11710)
-
Richard Levitte authored
There are a few things in the OpenSSL code that are known to give warnings that we know are harmless. We test our builds accordingly. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
There were a few RSA-PSS related tests that were disabled for non-default library contexts. We now re-enable them. Reviewed-by:
-
Richard Levitte authored
To make it easier to check the generated key manually, display it before comparing diverse other serializations. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Instead of passing it with signature->digest_verify_init() and signature->digest_sign_init(), we pass it with signature->newctx(). This allows the digests that are indicated by RSA PSS parameters to have a useful propquery. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
We want to catch errors in passed parameters early, which requires kowledge of the ongoing operation. Fortunately, that's possible by re-using the EVP_PKEY_OP macros in specific init functions. Reviewed-by:
-
Richard Levitte authored
We separate out the NIST arc OIDs to a separate file, so it can be re-used, and also the DIGEST OIDs. Reviewed-by:
-
Richard Levitte authored
In some cases, a SEQUENCE that contains only optional fields may end up empty. In some cases, this may be represented by dropping the SEQUENCE entirely from the encoded DER. To do this, we detect the case where WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH is used, and adapt accordingly. Reviewed-by:
-
Richard Levitte authored
The import and export functions are affected. We also refactor them to assign the RSA key type more carefully. Reviewed-by:
-
Richard Levitte authored
RSA_PSS_PARAMS carries with it a lot of baggage in form of X509_ALGOR and ASN1_INTEGER, which we would rather avoid in our providers. Therefore, we create a parallell structure - RSA_PSS_PARAMS_30 - that contains the same information, but uses numeric identities (*) and C integers (**). This makes it simpler to handle. Note that neither this structure nor its contents are passed between libcrypto and the providers. Instead, the numeric identities are translated to and from names, which are then passed over that boundary. For future considerations, we might consider dropping RSA_PSS_PARAMS entirely. For now, it's still reserved for EVP_PKEY_ASN1_METHOD code, which RSA_PSS_PARAMS_30 is (almost entirely) reserved for use in our providers. (*) We use NIDs in this case, because we already have them and because only algorithms that libcrypto knows about are permitted in PSS restrictions. We could use any number series we want, as long as we know for sure what they represent. (**) That's for saltlen and for trailerfield, which are never expect to surpass the set of numbers that fit in a regular 'int'. Reviewed-by:
-
Richard Levitte authored
The scheme currently added is OAEP-PSSDigestAlgorithms codified. The translator functions translate an EVP_MD into a NID, and a NID into a name, to support the creation and parsing of OSSL_PARAM items. Reviewed-by:
-
Richard Levitte authored
The resulting function, rsa_todata(), is designed to be usable by providers as well. Reviewed-by:
-
Richard Levitte authored
The support of restricted RSA key types (OAEP and PSS) was lacking, or dependent on the presence of restriction parameters. For example, this means that even though an RSA-PSS key may have been generated, it may appear as a plain unrestricted RSA key if parameters weren't present (which is the case when default restriction parameters are used) To make it clearer what an RSA key is intended for, and avoid depending in an EVP_PKEY, we introduce RSA key types. This is done by reserving a section of the RSA flags (4 bits, which allows a total of 16 different types). This isn't terribly important for EVP_PKEY_ASN1_METHOD code, as that has access to the wrapping EVP_PKEY. This is very important for provider code, which has no access to the wrapping EVP_PKEY. Reviewed-by:
-
Richard Levitte authored
Verifies that #11671 is fixed Reviewed-by:
-
Richard Levitte authored
Fixes #11671 Reviewed-by:
-
Nikolay Morozov authored
Reviewed-by:
Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11795)
-
- 13 May, 2020 10 commits
-
-
Dr. David von Oheimb authored
Also update documentation and example code in openssl-cmp.pod.in Reviewed-by:
David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11470)
-
Dr. David von Oheimb authored
Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
-
Dr. David von Oheimb authored
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
-
Richard Levitte authored
This involves exposing two pvkfmt.c functions, but only internally. Reviewed-by:
-
Richard Levitte authored
The prompt includes the URI, to make it clear which object needs a pass phrase. Reviewed-by:
-
Richard Levitte authored
This capability existed internally, and is now made public. Reviewed-by:
-
