summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add checks for invalid base64 encoded data, specifically relating to thejsing2014-05-031-0/+12
| | | | | | | | | | | | | | | | | | | | | handling of padding. This fixes a crash that can be triggered by feeding base64 data followed by 64 or more padding characters, which results in a negative output length. This issue was reported by David Ramos, although the same bug has been sitting in the OpenSSL RT since 2011: https://rt.openssl.org/Ticket/Display.html?id=2608 Worse still, BIO_read seems to be completely unable to detect that the base64 input was invalid/corrupt - in particular, enabling BIO_FLAGS_BASE64_NO_NL results in a stream of zero value bytes rather than no input (possibly a good replacement for /dev/null...), which could result in nasty consequences. Prior to this fix some zero value bytes were also injected without this flag being enabled. The recently added base64 regress triggers and documents these issues (and also ensures that this change retains functional behaviour).
* It is definitly not the correct spelling.jsing2014-05-031-2/+2
|
* KNF.jsing2014-05-034-932/+910
|
* KNF.jsing2014-05-034-495/+514
|
* Nuke unused evptests.txt - the real one is over in regress.jsing2014-05-011-334/+0
| | | | ok miod@
* Provide an EVP implementation for ChaCha.jsing2014-05-013-0/+73
| | | | ok miod@
* Use C99 initializers for the various FOO_METHOD structs. More readable, andmiod2014-04-274-48/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
* Replace all use of ERR_add_error_data with ERR_asprintf_error_data.beck2014-04-262-2/+2
| | | | | | | | This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
* Unifdef -UPEDANTIC. ok beck@ tedu@miod2014-04-233-13/+1
|
* Figure out endianness at compile-time, using _BYTE_ORDER frommiod2014-04-231-3/+3
| | | | | | | <machine/endian.h>, rather than writing 1 to a 32-bit variable and checking whether the first byte is nonzero. tweaks and ok matthew@; ok beck@ tedu@
* Remove files which look like actual code compiled in libcrypto, but isn't.miod2014-04-221-71/+0
| | | | One even says (in comments): HAS BUGS! DON'T USE
* use intrinsic strlcpy and strlcat everywhere so we only have one set ofbeck2014-04-191-1/+1
| | | | | | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
* kill REF_PRINT/REF_CHECK debugging framework noone would usederaadt2014-04-171-10/+1
| | | | ok miod
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-1710-31/+31
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* Do not feed RSA private key information to the random subsystem asderaadt2014-04-171-2/+0
| | | | | | | | entropy. It might be fed to a pluggable random subsystem.... What were they thinking?! ok guenther
* call the correct decrypt function in aes_cbc_cipher()jsg2014-04-171-1/+1
| | | | | | | | | | | | | | | | From: commit e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d Author: Andy Polyakov <appro@openssl.org> Date: Wed Dec 18 21:42:46 2013 +0100 evp/e_[aes|camellia].c: fix typo in CBC subroutine. It worked because it was never called. Our e_camellia.c does not have this problem. ok miod@ deraadt@
* Clean up dangerous strncpy use. This included a use where the resultingbeck2014-04-161-2/+1
| | | | | | | string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
* remove md2, jpake, and seed clutter.tedu2014-04-152-184/+0
|
* we don't use these files for buildingtedu2014-04-151-100/+0
|
* remove FIPS mode support. people who require FIPS can buy something thattedu2014-04-1510-213/+2
| | | | | meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
* Moved to regress/lib/libcrypto.miod2014-04-151-450/+0
|
* Send the rotIBM stream cipher (ebcdic) to Valhalla to party for eternitybeck2014-04-151-11/+0
| | | | | with the bearded ones... some API's that nobody should be using will dissapear with this commit.
* unifdef -U OPENBSD_DEV_CRYPTO and OPENSSL_OPENBSD_DEV_CRYPTO. This code was themiod2014-04-142-455/+0
| | | | | | early attempt at getting kernel-assisted crypto(4) used by libcrypto, before the engine API existed, and has been #if 0'd out for ages anyway. No API/ABI change.
* remove auto-generated dependencies from the old unused build system, soderaadt2014-04-141-676/+0
| | | | | that it is easier to find code pieces. They are getting in the way. ok miod
* Cope with the removal of openssl/symhacks.hderaadt2014-04-131-2/+0
|
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-1314-55/+108
|
* cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus2013-02-141-21/+195
| | | | | from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
* remove ACSS, crank libcrypto major; ok markus@ deraadt@djm2013-01-262-91/+0
|
* resolve conflictsdjm2012-10-1333-179/+1806
|
* This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-131-0/+113
|\ | | | | branch.
| * import OpenSSL-1.0.1cdjm2012-10-131-0/+113
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-136-3/+765
|\ \ | | | | | | branch.
| * | import OpenSSL-1.0.1cdjm2012-10-1333-131/+2412
| | |
* | | openssl-1.0.0e: resolve conflictsdjm2011-11-036-4/+8
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2011-11-032-2/+4
|\| | | | | | | | branch.
| * | import OpenSSL 1.0.0edjm2011-11-037-6/+11
| | |
* | | fix -Wall due to API changedjm2010-10-011-3/+3
| | |
* | | resolve conflicts, fix local changesdjm2010-10-0148-3630/+2227
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2010-10-017-2/+1370
|\| | | | | | | | branch.
| * | import OpenSSL-1.0.0adjm2010-10-0144-1475/+3190
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2010-10-011-1/+1
|\ \ \ | | |/ | |/| branch.
| * | import OpenSSL-1.0.0adjm2010-10-011-1/+1
| | |
* | | AES-NI engine support for OpenSSL.thib2010-07-012-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is code mostly picked up from upstream OpenSSL, or to be more exact a diff from David Woodhouse <dwmw2 at infradead dot org>. Remember to make includes before doing a build! no objections from djm@ OK deraadt@, reyk@ (AES is about 4.25x faster on his x201 now)
* | | resolve conflictsdjm2009-04-061-5/+5
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-04-061-1/+1
|\ \ \ | | | | | | | | branch.
| * | | import of OpenSSL 0.9.8kdjm2009-04-062-6/+6
| | | |
* | | | resolve conflictsdjm2009-01-0929-617/+810
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-01-091-1/+1
|\ \ \ \ | | |_|/ | |/| | branch.
| * | | import openssl-0.9.8jdjm2009-01-0925-312/+440
| | | |
* | | | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-01-093-0/+695
|\ \ \ \ | | |/ / | |/| | branch.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-09-03 01:28:42 +0000