openbsd/src/lib/libcrypto/evp, branch libressl-v2.9.2

openbsd/src/lib/libcrypto/evp, branch libressl-v2.9.2 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.9.2 2019-04-03T15:33:37+00:00 Avoid some out of bound accesses in aesni_cbc_hmac_sha1_cipher(). 2019-04-03T15:33:37+00:00 tb 2019-04-03T15:33:37+00:00 urn:sha1:1292146bda904a7983b666fdf116ea07699d00e6 The plen variable can be NO_PAYLOAD_LENGTH == (size_t)-1, so doing tls_aad[plen-4] is no good. Also check that the length of the AAD set via the control interface is equal to 13 since the whole file is written with that case in mind. Note that we no longer use this code in LibreSSL/OpenBSD. We eliminated the use of these control interfaces and stitched cipher modes in libssl a while ago. Problem found by Guido Vranken with his cryptofuzz - thanks! input & ok beck, jsing Cast nonce bytes to avoid undefined behaviour when left shifting. 2019-03-27T15:34:01+00:00 jsing 2019-03-27T15:34:01+00:00 urn:sha1:cdf69bf1f6e114809c90b04a7d5dbadab3264929 Reported by oss-fuzz, really fixes issue #13805. ok beck@ tb@ Cast nonce bytes to avoid undefined behaviour when left shifting. 2019-03-24T12:04:12+00:00 jsing 2019-03-24T12:04:12+00:00 urn:sha1:66f0e9952ce2ad50c63a44df282d6e217c1e9f84 Reported by oss-fuzz, fixes issue #13805. ok beck@ tb@ Expand the ERR_PACK() macro to ERR_REASON() for consistency. 2019-03-18T05:34:29+00:00 tb 2019-03-18T05:34:29+00:00 urn:sha1:60690466852971b4a7bd7a7a7ef0d04fe15c0ced No binary change. Provide EVP_PKEY_get0_hmac(). From OpenSSL 1.1.1 which is still 2019-03-17T18:17:45+00:00 tb 2019-03-17T18:17:45+00:00 urn:sha1:d1cff79a11e003c54fb26944575ab3013366508d freely licensed. From jsing Provide EVP_aes_{128,192,256}_wrap(). This is a compatible 2019-03-17T18:07:41+00:00 tb 2019-03-17T18:07:41+00:00 urn:sha1:9651ec05f00bf3384031fb7428d88d3daf1e1139 implementation based on the one in OpenSSL 1.0.2r which is still freely licensed. The functions are undocumented in OpenSSL. To use them, one needs to set the undocumented EVP_CIPHER_CTX_FLAG_WRAP_ALLOW flag on the EVP_CIPHER_CTX. resolves #505 ok jsing Add the SM4 block cipher from the Chinese standard GB/T 32907-2016. 2019-03-17T17:42:37+00:00 tb 2019-03-17T17:42:37+00:00 urn:sha1:83706f88f1f845458a32eb6c86da86d667e28f1b This is an ISC licensed version based on the sources by Ribose Inc that were ported to OpenSSL in 2017. Patch from Daniel Wyatt with minor tweaks. ok inoguchi, jsing add support for xchacha20 and xchacha20-poly1305 2019-01-22T00:59:21+00:00 dlg 2019-01-22T00:59:21+00:00 urn:sha1:4dfb993f9f695f40d03730129e2c082223711b65 xchacha is a chacha stream that allows for an extended nonce, which in turn makes it feasible to use random nonces. ok tb@ provide EVP_ENCODE_CTX_{new,free}(). 2019-01-19T01:24:18+00:00 tb 2019-01-19T01:24:18+00:00 urn:sha1:8f423e1fc981cab57cbb760dd6cab4253792b86b ok jsing Make AES CCM available in tables. 2018-12-26T15:11:04+00:00 tb 2018-12-26T15:11:04+00:00 urn:sha1:2701c034d87fc7e79576861ab2d5ebc638a23f43 Omission reported by reyk and Alice Wonder. ok bcook jsing