openbsd/src/lib/libcrypto/evp, branch libressl-v3.2.0 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.2.0 2020-04-30T18:43:11+00:00 Disallow setting the AES-GCM IV length to 0 2020-04-30T18:43:11+00:00 tb 2020-04-30T18:43:11+00:00 urn:sha1:1813a9138ee882b675662d47ed9fe6974bd433f3 It is possible to do this by abusing the EVP_CTRL_INIT API. Pointed out by jsing. ok inoguchi jsing (as part of a larger diff) Disallow the use of zero length IVs in AES-GCM via 2020-04-27T19:31:02+00:00 tb 2020-04-27T19:31:02+00:00 urn:sha1:59b4077b60cc24004bc23295bd2ff465be743f11 EVP_AEAD_CTX_{open,seal}, as this leaks the authentication key. Issue reported and fix tested by Guido Vranken. ok beck, jsing This commit adds a constant to a public header despite library lock, as discussed with deraadt and sthen. Check high bit for base64 decode 2020-03-04T11:53:21+00:00 inoguchi 2020-03-04T11:53:21+00:00 urn:sha1:b112788885dac0be8d46296a88f6713f8e4fccd0 Referred to this OpenSSL commit and adopted to the codebase. b785504a10310cb2872270eb409b70971be5e76e suggest and ok tb@ Fix base64 processing of long lines 2020-03-03T15:03:14+00:00 inoguchi 2020-03-03T15:03:14+00:00 urn:sha1:a1b14dfcb76f18893ca6869d0509ab8ae9795933 Fix the problem that long unbroken line of base64 text is not decoded. Referred to this OpenSSL commit and adapted to the codebase. 3cdd1e94b1d71f2ce3002738f9506da91fe2af45 Reported by john.a.passaro <at> gmail.com to the LibreSSL ML. ok tb@ typo 2020-01-26T07:47:26+00:00 tb 2020-01-26T07:47:26+00:00 urn:sha1:ca5665b8ffa6163d6ad17325016957e9ac2d2230 Improve the comment explaining why the previous change matches OpenSSL's 2020-01-26T07:34:05+00:00 tb 2020-01-26T07:34:05+00:00 urn:sha1:85d803b7cde3d60ac20d7fac7b777c5884dec1b2 behavior. ok jsing Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics: 2020-01-26T02:39:58+00:00 tb 2020-01-26T02:39:58+00:00 urn:sha1:d70d94b77ba7878e6682514bd07a9048e151e224 The new IV is 128 bit long and is actually the 64 bit counter followed by 64 the bit initialization vector. This is needed by an upcoming change in OpenSSH and is a breaking change for all current callers. There are language bindings for Node.js, Rust and Erlang, but none of our ports use them. Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014 while the entirely incompatible version in OpenSSL was committed on Dec 9, 2015. Initial diff from djm and myself, further refinements by djm. Ports grepping by sthen ok jsing Avoid leak in error path of PKCS5_PBE_keyivgen 2020-01-12T07:11:13+00:00 inoguchi 2020-01-12T07:11:13+00:00 urn:sha1:bfc89f200ba04986edb72a16fba03657ec54f115 ok jsing@ tb@ Wire up PKEY methods for RSA-PSS. 2019-11-01T15:08:57+00:00 jsing 2019-11-01T15:08:57+00:00 urn:sha1:282fdd8d97a9876e874f7baa9ff7e5abf5a1f786 ok tb@ Provide EVP_PKEY_CTX_md(). 2019-10-29T07:52:17+00:00 jsing 2019-10-29T07:52:17+00:00 urn:sha1:6420bafd6b7099fd194f24cbdeec86794ceccf81 This handles controls with a message digest by name, looks up the message digest and then proxies the control through with the EVP_MD *. This is internal only for now and will be used in upcoming RSA related changes. Based on OpenSSL 1.1.1d. ok inoguchi@ tb@