Dr. Stephen Henson
b36bab7812
PR: 2239
...
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>
Add Brainpool curves from RFC5639.
Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
2012-04-22 13:06:51 +00:00
Andy Polyakov
8ea92ddd13
e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms.
...
PR: 2792
2012-04-19 20:38:05 +00:00
Dr. Stephen Henson
d9a9d10f4f
Check for potentially exploitable overflows in asn1_d2i_read_bio
...
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 16:19:56 +00:00
Dr. Stephen Henson
b214184160
recognise X9.42 DH certificates on servers
2012-04-18 17:03:29 +00:00
Andy Polyakov
6dd9b0fc43
e_rc4_hmac_md5.c: harmonize zero-length fragment handling with
...
e_aes_cbc_hmac_sha1.c (mostly for aesthetic reasons).
2012-04-18 14:55:39 +00:00
Andy Polyakov
e36f6b9cfa
e_rc4_hmac_md5.c: oops, can't use rc4_hmac_md5_cipher on legacy Intel CPUs.
...
PR: 2792
2012-04-18 14:50:28 +00:00
Andy Polyakov
3e181369dd
C64x+ assembler pack. linux-c64xplus build is *not* tested nor can it be
...
tested, because kernel is not in shape to handle it *yet*. The code is
committed mostly to stimulate the kernel development.
2012-04-18 13:01:36 +00:00
Andy Polyakov
4a1fbd13ee
OPENSSL_NO_SOCK fixes.
...
PR: 2791
Submitted by: Ben Noordhuis
2012-04-16 17:42:36 +00:00
Andy Polyakov
9eba5614fe
Minor compatibility fixes.
...
PR: 2790
Submitted by: Alexei Khlebnikov
2012-04-16 17:35:30 +00:00
Andy Polyakov
fc90e42c86
e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag
...
countermeasure.
PR: 2778
2012-04-15 14:14:22 +00:00
Andy Polyakov
26e6bac143
ghash-s390x.pl: fix typo [that can induce SEGV in 31-bit build].
2012-04-12 06:44:34 +00:00
Dr. Stephen Henson
80eb43519e
fix reset fix
2012-04-11 15:05:07 +00:00
Dr. Stephen Henson
bbe0c8c5be
make reinitialisation work for CMAC
2012-04-11 12:26:41 +00:00
Andy Polyakov
b1fd0ccb38
aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build.
2012-04-09 15:12:13 +00:00
Andy Polyakov
45cd45bbbc
aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1].
2012-04-05 08:30:22 +00:00
Andy Polyakov
bc9583efa2
aes-s390x.pl: make it more foolproof [inspired by 1.0.1].
2012-04-05 08:22:09 +00:00
Andy Polyakov
f62f792057
modes_lcl.h: make it work on i386.
...
PR: 2780
2012-03-31 17:02:46 +00:00
Andy Polyakov
5db9645f1b
vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt.
...
PR: 2775
2012-03-31 16:53:34 +00:00
Dr. Stephen Henson
d3379de5a9
don't shadow
2012-03-30 15:43:32 +00:00
Andy Polyakov
4736eab947
bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND.
2012-03-29 21:35:28 +00:00
Andy Polyakov
23a05fa0c1
modes/gcm128.c: fix self-test.
2012-03-29 18:25:38 +00:00
Andy Polyakov
482a7d80cf
sha512-armv4.pl: optimize NEON code path by utilizing vbsl, bitwise select.
2012-03-29 18:20:11 +00:00
Andy Polyakov
ee743dca53
perlasm/x86masm.pl: fix last fix.
2012-03-29 18:09:36 +00:00
Andy Polyakov
6da165c631
ans1/tasn_prn.c: avoid bool in variable names.
...
PR: 2776
2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
751e26cb9b
fix leak
2012-03-22 16:28:07 +00:00
Dr. Stephen Henson
f404acfa2c
Submitted by: Markus Friedl <mfriedl@gmail.com>
...
Fix memory leaks in 'goto err' cases.
2012-03-22 15:44:51 +00:00
Andy Polyakov
884c580e05
eng_all.c: revert previous "disable Padlock" commit, which was unjustified.
2012-03-19 20:20:41 +00:00
Andy Polyakov
df27a35137
vpaes-x86_64.pl: out-of-date Apple assembler fails to calculate
...
distance between local labels.
PR: 2762
2012-03-17 16:06:31 +00:00
Andy Polyakov
f9ef874a21
bsaes-x86_64.pl: optimize key conversion.
2012-03-16 21:44:19 +00:00
Andy Polyakov
442c9f13d4
bsaes-armv7.pl: optmize Sbox and key conversion.
2012-03-16 21:41:48 +00:00
Andy Polyakov
5c88dcca5b
ghash-x86.pl: omit unreferenced rem_8bit from no-sse2 build.
2012-03-13 19:43:42 +00:00
Andy Polyakov
b2ae61ecf2
x86_64-xlate.pl: remove old kludge.
...
PR: 2435,2440
2012-03-13 19:19:08 +00:00
Dr. Stephen Henson
78dfd43955
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 16:32:19 +00:00
Dr. Stephen Henson
146b52edd1
Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and
...
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
2012-03-12 16:31:39 +00:00
Dr. Stephen Henson
34b61f5a25
check return value of BIO_write in PKCS7_decrypt
2012-03-08 14:10:23 +00:00
Dr. Stephen Henson
62b6948a27
PR: 2755
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions.
2012-03-06 13:47:43 +00:00
Dr. Stephen Henson
d895f7f060
don't do loop check for single self signed certificate
2012-03-05 15:48:13 +00:00
Andy Polyakov
358c372d16
bsaes-armv7.pl: change preferred contact.
2012-03-03 13:04:53 +00:00
Andy Polyakov
c4a52a6dca
Add bit-sliced AES for ARM NEON. This initial version is effectively
...
reference implementation, it does not interface to OpenSSL yet.
2012-03-03 12:33:28 +00:00
Dr. Stephen Henson
3c6a7cd44b
PR: 2742
...
Reported by: Dmitry Belyavsky <beldmit@gmail.com>
If resigning with detached content in CMS just copy data across.
2012-02-29 14:02:02 +00:00
Dr. Stephen Henson
dc4f678cdc
Fix memory leak cause by race condition when creating public keys.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:02 +00:00
Andy Polyakov
0f2ece872d
x86cpuid.pl: fix processor capability detection on pre-586.
2012-02-28 14:20:21 +00:00
Dr. Stephen Henson
68a7b5ae1e
PR: 2736
...
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
2012-02-27 18:45:28 +00:00
Dr. Stephen Henson
161c9b4262
PR: 2737
...
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Fix double free in PKCS12_parse if we run out of memory.
2012-02-27 16:46:34 +00:00
Dr. Stephen Henson
d441e6d8db
PR: 2735
...
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
2012-02-27 16:33:34 +00:00
Dr. Stephen Henson
228a8599ff
free headers after use in error message
2012-02-27 16:27:17 +00:00
Dr. Stephen Henson
d16bb406d4
Detect symmetric crypto errors in PKCS7_decrypt.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27 15:22:41 +00:00
Andy Polyakov
d0e68a98c5
seed.c: incredibly enough seed.c can fail to compile on Solaris with certain
...
flags, because SS is defined after inclusion of <stdlib.h>, in <sys/regset.h>
2012-02-26 21:52:43 +00:00
Dr. Stephen Henson
a36fb72584
PR: 2730
...
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
VMS fixes: disable SCTP by default.
2012-02-25 17:59:40 +00:00
Dr. Stephen Henson
6941b7b918
PR: 2711
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
2012-02-23 21:50:44 +00:00