| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ok deraadt@
|
| | |
|
| | |
|
| |
|
|
| |
libcrypto minor bump.
|
| |
|
|
| |
cleanup diff.
|
| |
|
|
|
| |
broken in r1.3.
Spotted by Dmitry Eremin-Solenikov
|
| |
|
|
| |
the function argument not being NULL
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There used to be a strong reluctance to provide this cipher in LibreSSL in the
past, because the licence terms under which Cammelia was released by NTT were
free-but-not-in-the-corners, by restricting the right to modify the source
code, as well retaining the right to enforce their patents against anyone
in the future.
However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html ,
NTT changed its mind and made this code truly free. We only wish there had
been more visibility of this, for we could have had enabled Cammelia
earlier (-:
Licence change noticed by deraadt@. General agreement from the usual LibreSSL
suspects.
Crank libcrypto.so minor version due to the added symbols.
|
| |
|
|
|
|
| |
expect a good use for this knowledge in the tree in the near future.
Contributed by Vincent Gross, thanks!
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- make VKO_compute_key() no longer void so that it can return failure.
- fix unchecked allocations in too many routines to mention /-:
- fix unchecked BN operations in gost2001_do_sign(), gost2001_do_verify(),
VKO_compute_key().
- fix the gost2001_do_sign() interface violation by having its sole caller
free the BIGNUM it passes to that function by itself, instead of having
the callee do this.
Reviewed (except for the last item) by Dmitry Eremin-Solenikov.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
return the number of items read of written.
When you intend to return the number of bytes actually processed, it is
wise to pass 1 as the item size and the size as the number of items.
But in *some* places, the OpenSSL does the opposite, and has extra logic
to change a successful return of 1 (item processed) into the real size.
And, guess why it does that? Because of old VMS, for they (used to) have a
substandard stdio implementation.
Note that this change causes the return values of BIO_dump_fp() and
BIO_dump_indent_fp() to no longer be useless (actual number of callback calls),
but actual bytes output. Given the irrelevance of the return value before,
it is unlikely that anything depends upon it (and if something does, it
probably has other problems in need for a fix...)
ok tedu@ beck@ jsing@
|
| |
|
|
|
|
| |
CryptAcquireContext and CryptGenRandom returns zero (FALSE) if fails.
From: Dongsheng Song <dongsheng.song@gmail.com>
|
| |
|
|
|
|
|
| |
other allocations in the same block couldn't.
problem pointed out by David Ramos on the openssl-dev list
ok miod@ doug@
|
| | |
|
| |
|
|
| |
instead of a printf and a success return, when the operation fails.
|
| |
|
|
|
| |
`gost_' prefix to them, so that we do not pollute the global namespace too
much.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov;
libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this
state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets
compiled with OPENSSL_NO_GOST defined. However, the public header gost.h
will be installed.
|
| |
|
|
|
|
|
|
|
| |
This functionality was already available (and optional), and used in the
bowels of the ASN.1 code. This exposes it as a public interface, which will
be used by the upcoming GOST code.
Crank libcrypto minor version.
From Dmitry Eremin-Solenikov.
|
| |
|
|
|
|
| |
necessary for upcoming GOST code.
From Dmitry Eremin-Solenikov
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FreeBSD-native arc4random_buf implementation falls back to weak sources of
entropy if the sysctl fails. Remove these dangerous fallbacks by overriding
locally.
Unfortunately, pthread_atfork() is also broken on FreeBSD (at least 9 and 10)
if a program does not link to -lthr. Callbacks registered with pthread_atfork()
simply fail silently. So, it is not always possible to detect a PID wraparound.
I wish we could do better.
This improves arc4random_buf's safety compared to the native FreeBSD
implementation.
Tested on FreeBSD 9 and 10.
|
| |
|
|
| |
ok jsing@ miod@
|
| |
|
|
| |
ok doug@ jsing@
|
| |
|
|
|
| |
of p12->mac->salt->data has actually succeeded.
In one of my trees for a long time already...
|
| |
|
|
| |
are still needed for the engine). Our code should use arc4random instead.
|
| |
|
|
|
|
|
|
| |
arc4random_buf() is guaranteed to always succeed - it is worth noting
that a number of the replaced function calls were already missing return
value checks.
ok deraadt@
|
| |
|
|
|
|
|
|
| |
Modified patch from Dmitry Eremin-Solenikov
leave the sole public define in ripemd.h
ok deraadt@ miod@
|
| | |
|
| | |
|
| |
|
|
|
| |
intrinsic functions everywhere, and wrap these functions in an
#ifndef LIBRESSL_INTERNAL to make sure we don't bring their use back.
|
| |
|
|
|
|
|
|
|
|
|
| |
This makes 'openssl version' print a string that matches the -portable
release number. Thanks to @blakkeim for pointing it out.
The version integer is left alone, with the idea of discouraging software from
relying on magic numbers for detecting features. Software configuration should
do explicit feature tests instead.
ok beck@, deraadt@
|
| |
|
|
|
|
| |
only that it returns -1 on failure.
pointed out by guenther@
|
| |
|
|
|
|
|
|
|
| |
Prefer this because it is the POSIX standard and has consistent behavior
across platforms.
Use BIO_socket_nbio consistently across the tree.
from Jonas 'Sortie' Termansen, ok deraadt@
|
| |
|
|
| |
function was found broken in 1993, and later on in 1997?
|
| |
|
|
| |
in order to catch all negative sizes.
|
| |
|
|
| |
not all versions of <linux/random.h> include <linux/types.h> by default
|
| |
|
|
| |
ok doug@ jsing@
|
| |
|
|
|
| |
need to do it in ec_copy_parameters() prior to invoking EC_KEY_set_group().
ok doug@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
X509_PURPOSE object (obtained with X509_PURPOSE_get0() instead of being
allocated in the function) to be freed if modifying that object would fail
due to a low memory condition, while this object would still be referenced
elsewhere.
Fix this by only cleaning the object if we did not allocate it here.
While there, fail early if either `name' or `sname' are NULL, rather than
allocating an object and realizing we have nothing to strdup() into it.
ok guenther@
|
| |
|
|
|
|
| |
if it fails, free the object we were about to push.
Factor error handling to avoid having four copies of about the same code.
ok guenther@
|
| |
|
|
|
|
| |
on a stack; if the latter fails, we need to free the object before returning
failure.
ok guenther@
|
| |
|
|
| |
ok guenther@
|
| |
|
|
| |
Tweaks and ok guenther@
|
| |
|
|
| |
ok deraadt@ guenther@
|
| |
|
|
| |
ok deraadt@ guenther@
|
| |
|
|
| |
ok miod
|
| |
|
|
| |
ok tedu@, miod@
|
