A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_2 2022-05-05T18:29:34+00:00 2022-05-05T18:29:34+00:00 tb 2022-05-05T18:29:34+00:00 urn:sha1:5ca6164aa9bf6ef7aa404bf1f75a806912d87c26 If a NULL key is passed to HMAC_Init_ex(), it tries to reuse the previous key. This makes no sense inside HMAC() since the HMAC_CTX has no key set yet. This is hit by HKDF() with NULL salt() via the EVP API and results in a few Wycheproof test failures. If key is NULL, use a zero length dummy key. This was not hit from wycheproof.go since we pass a []byte with a single NUL from Go. Matches OpenSSL if key is NULL and key_len is 0. If key_len != 0, OpenSSL will still fail by passing a NULL key which makes no sense, so set key_len to 0 instead. ok beck jsing 2022-03-30T07:17:48+00:00 tb 2022-03-30T07:17:48+00:00 urn:sha1:c650ef2b4f969ce6b8d9a39f9e86c5e181dfafbc It is possible to call pmeth->cleanup() with an EVP_PKEY_CTX whose data is NULL. If pmeth->init() in int_ctx_new() fails, EVP_PKEY_CTX_free() is called with such a context. This in turn calls pmeth->cleanup(), and thus these cleanup functions must be careful not to use NULL data. Most of them are, but one of GOST's functions and HMAC's aren't. Reported for HMAC by Masaru Masada https://github.com/libressl-portable/openbsd/issues/129 ok bcook jsing 2022-03-30T07:12:30+00:00 tb 2022-03-30T07:12:30+00:00 urn:sha1:4f0946cf87d94f094252f696625cc100be8bbd76 Instead of using malloc() and setting most struct members to 0, simply use calloc(). ok bcook jsing 2022-01-14T08:06:03+00:00 tb 2022-01-14T08:06:03+00:00 urn:sha1:91bb5e9900c0e103adf709034df105c4f34b6bd3 In OpenSSL commit 32fd54a9a3 HMAC_CTX_cleanup() was integrated into HMAC_CTX_init(), then HMAC_CTX_init() was renamed to HMAC_CTX_reset() in dc0099e1. LibreSSL retained them for API compatibility with OpenSSL 1.0. Not many things use them anymore. In fact, some projects that didn't want to modify their code for OpenSSL 1.1 API compatibility used the removed functions to wrap the OpenSSL 1.1 API. We had to patch some of these and this will now no longer be necessary. Also remove HMAC_cleanup(). Nothing uses this. ok inoguchi jsing 2022-01-14T08:04:14+00:00 tb 2022-01-14T08:04:14+00:00 urn:sha1:8be1fd92836a1a22c1b53e77ef08a7768e9a9b05 This moves most structs to evp_locl.h and moves HMAC_CTX to hmac_local.h. ok inoguchi jsing 2021-12-12T21:35:47+00:00 tb 2021-12-12T21:35:47+00:00 urn:sha1:c2c9cf22aa6a46cfa24e29a06a5d0385ca428117 in an upcoming bump. This omits EVP_AEAD_CTX which will be dealt with separately. EVP_CIPHER_INFO internals are still publicly visible in OpenSSL, so it won't be moved. Move typedefs for HMAC_CTX and EVP_ENCODE_CTX to ossl_typ.h. These typedefs will be visible by files including only hmac.h or evp.h since hmac.h includes evp.h and evp.h includes ossl_typ.h. ok inoguchi 2021-12-12T21:30:14+00:00 tb 2021-12-12T21:30:14+00:00 urn:sha1:b632ec4f99386efc52214c580c9f233748302224 evp.h will be moved to evp_locl.h in an upcoming bump. ok inoguchi 2021-12-12T21:27:38+00:00 tb 2021-12-12T21:27:38+00:00 urn:sha1:e6d34a52bf003f2e199023dc166779f5d25bfcff from hmac.h will be moved there in an umpcoming bump. Include this file where it will be needed. ok inoguchi 2018-02-17T14:53:59+00:00 jsing 2018-02-17T14:53:59+00:00 urn:sha1:fe31e083891620d38e67f59ea40fa3b92f6fcc48 HMAC_CTX_get_md(). 2017-05-02T03:59:45+00:00 deraadt 2017-05-02T03:59:45+00:00 urn:sha1:5904cc0e04409fde39a97e6580535da34eeb4291 reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck