summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt/cryptutil.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-01-22Use memmove instead of memcpy for overlapping memoryinoguchi1-5/+5
CID 250936 251103 OK beck@ jsing@ millert@ tb@
2022-01-22X509_GET_PUBKEY(3) return value check in libcryptoinoguchi1-2/+3
CID 345116 ok beck@ tb@
2022-01-22X509_GET_PUBKEY(3) return value check in libcryptoinoguchi1-3/+4
CID 25131 ok beck@ tb@ suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
2022-01-22X509_GET_PUBKEY(3) return value check in libcryptoinoguchi1-3/+3
ok beck@ tb@ suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
2022-01-22X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2-4/+7
ok beck@ tb@
2022-01-20Remove the remaining three parens in return statements.tb1-4/+4
2022-01-20Use correct spelling of NULL.tb1-2/+2
2022-01-20remove unused variable from all copies of _asr_strdname()naddy2-6/+6
... including those inlined into print_dname(). This also fixes -Wunused-but-set-variable warnings warnings in smtpd and smtpctl. The code was imported with asr and then copied around. ok deraadt@ guenther@
2022-01-20Add check for EVP_CIPHER_CTX_ctrlinoguchi1-4/+6
suggestion from tb@
2022-01-20Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi1-2/+3
CID 21653 ok jsing@ millert@ tb@
2022-01-20Add check for OBJ_nid2obj return valueinoguchi1-2/+3
input from tb@
2022-01-20Add check for ASN1_INTEGER_setinoguchi1-2/+3
CID 24893 ok jsing@ millert@ tb@
2022-01-20Fix check for BN_mod_inverse_ct return valueinoguchi5-13/+13
ok jsing@ millert@ tb@
2022-01-20Add check for BN_sub return valueinoguchi1-2/+3
CID 24839 ok jsing@ millert@ tb@
2022-01-20Add check for BIO_indent return valueinoguchi1-2/+3
CID 24778 ok jsing@ millert@ tb@
2022-01-20Add check for BIO_indent return valueinoguchi1-3/+5
CID 24812 ok jsing@ millert@ tb@
2022-01-20Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi1-2/+2
It returns 1 on success and 0 for failure, never negative value. ok jsing@ millert@ tb@
2022-01-20Add and fix check for BN functions return valueinoguchi1-4/+5
ok jsing@ millert@ tb@
2022-01-20Add check for BN functions return valueinoguchi1-3/+5
CID 21665 24835 comment from jsing@ and tb@ ok jsing@ millert@ tb@
2022-01-20Add check for BIO_indent return valueinoguchi1-2/+3
CID 24869 ok jsing@ millert@ tb@
2022-01-19Document the bizarre fact that {CMS,PCKS7}_get0_signers() needs sometb2-4/+12
freeing of what they return despite being get0 functions: the stack of X509s that they return must be freed with sk_X509_free(). The get0 thus probably refers to the individual certs, but not to the stack itself. The libcrypto and libssl APIs never cease to amaze with new traps. ok inoguchi
2022-01-19Check return value from EVP_CIPHER_CTX_new in cms_pwri.cinoguchi1-2/+4
CID 345137 ok jsing@ tb@
2022-01-19Check function return value in libtlsinoguchi1-9/+21
EVP_EncryptInit_ex, EVP_DecryptInit_ex and HMAC_Init_ex are possible to fail and return error. Error from these functions will be fatal for the callback, and I choose to return -1. SSL_CTX_set_tlsext_ticket_key_cb.3 explains the return value of callback. This also could fix Coverity CID 345319. ok jsing@ tb@
2022-01-16Avoid memory leak in error path with openssl(1) smimeinoguchi1-1/+2
CID 345316 ok tb@
2022-01-16Avoid memory leak in error path with openssl(1) cmsinoguchi1-1/+3
CID 345314 345320 ok tb@
2022-01-15spellingjsg12-39/+39
ok tb@
2022-01-15Add back an accidentally dropped .Pptb1-1/+2
2022-01-15Update for HMAC_CTX_{init,cleanup} hand HMAC_cleanup removaltb1-50/+2
2022-01-15Stop documenting clone digests.tb3-47/+7
2022-01-15Minor cleanup and simplification in dsa_pub_encode()tb1-15/+8
This function has a weird dance of allocating an ASN1_STRING in an inner scope and assigning it to a void pointer in an outer scope for passing it to X509_PUBKEY_set0_param() and ASN1_STRING_free() on error. This can be simplified and streamlined. ok inoguchi
2022-01-15Add ct.h and x509_vfy.hinoguchi1-1/+3
2022-01-14Avoid buffer overflow in asn1_parse2inoguchi1-2/+2
asn1_par.c r1.29 changed to access p[0] directly, and this pointer could be overrun since ASN1_get_object advances pointer to the first content octet. In case invalid ASN1 Boolean data, it has length but no content, I thought this could be happen. Adding check p with tot (diff below) will avoid this failure. Reported by oss-fuzz 43633 and 43648(later) ok tb@
2022-01-14Enable openssl pkey -{,pub}check and pkeyparam -checktb2-6/+2
2022-01-14Undo static linking and other workarounds that are no longer neededtb6-19/+15
after the bump
2022-01-14Convert wycheproof.go for opaque EVP_AEAD_CTXtb1-11/+18
2022-01-14The cttest can link dynamically nowtb1-2/+2
2022-01-14Simplify BN_mont test slightly using a new accessor.tb1-4/+2
2022-01-14openssl(1) dgst: fix build after clones removaltb1-4/+1
ok inoguchi jsing
2022-01-14Convert openssl(1) speed for opaque EVP_AEAD_CTXtb1-13/+31
ok inoguchi jsing
2022-01-14Convert openssl(1) rsa.c for opaque RSAtb1-2/+2
ok inoguchi jsing
2022-01-14openssl(1) genrsa: simplify access to rsa->etb1-5/+3
ok inoguchi jsing
2022-01-14Convert openssl(1) gendsa.c to opaque DSAtb1-2/+2
ok inoguchi jsing
2022-01-14Convert openssl(1) dsaparam to opaque dsatb1-11/+13
ok inoguchi jsing
2022-01-14Convert openssl(1) dsa.c to opaque DSAtb1-2/+2
ok inoguchi jsing
2022-01-14Convert openssl(1) dhparam to opaque DHtb1-12/+14
ok inoguchi jsing
2022-01-14Convert openssl(1) dh.c to opaque DHtb1-10/+12
ok inoguchi jsing
2022-01-14bump libcrypto, libssl, libtls majors after struct visibility changestb3-3/+3
and Symbol addition and removal in libcrypto.
2022-01-14Use the correct type for ssl_callback_ctrl()tb1-3/+3
2022-01-14Convert the new record layers to opaque EVP_AEAD_CTXtb2-12/+6
ok jsing
2022-01-14Convert ssl_kex.c to opaque DHtb1-11/+11
Stop reaching into DH internals and use the new API functions instead. ok inoguchi jsing