summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix double free - review moved the pop_free of roots to x509_verify_ctx_freebeck2020-09-141-2/+1
| | | | so we don't need to pop free the roots separately
* revert previous, need to fix a problembeck2020-09-141-1/+3
|
* Enable the use of the new x509 chain validator by default.beck2020-09-141-3/+1
| | | | ok jsing@ tb@
* Add new x509 certificate chain validator in x509_verify.cbeck2020-09-1310-59/+1191
| | | | | | | | | | | | | | | | | | | The new validator finds multiple validated chains to handle the modern PKI cases which may frequently have multiple paths via different intermediates to different roots. It is loosely based on golang's x509 validator This includes integration so that the new validator can be used via X509_verify_cert() as well as a new api x509_verify() which will return multiple chains (similar to go). The new validator is not enabled by default with this commit, this will be changed in a follow on commit. The new public API is not yet exposed, and will be finalized and exposed with a man page and a library minor bump later. ok tb@ inoguchi@ jsing@
* Unindent a bit of code that performs a few too many checks totb2020-09-121-10/+8
| | | | figure out whether top > 0 or top == 0.
* Avoid an out-of-bounds access in BN_rand()tb2020-09-121-3/+8
| | | | | | | | | | If BN_rand() is called with top > 0 and bits == 1, it would allocate a buf[] of size 1 and set the top bit of buf[1]. Found in OpenSSL commit efee575ad464bfb60bf72dcb73f9b51768f4b1a1 while looking for something else. ok beck djm inoguchi
* Change over to use the new x509 name constraints verification.beck2020-09-121-28/+7
| | | | ok jsing@
* Include machine/endian.h in gost2814789.cinoguchi2020-09-121-1/+3
| | | | | | | To pick up __STRICT_ALIGNMENT define, include machine/endian.h. No kidding... deraadt@ ok bcook@ jsing@
* Add x509_constraints.c - a new implementation of x509 name constraints, withbeck2020-09-113-2/+1272
| | | | | | | regression tests. The use of the new name constraints is not yet activated in x509_vfy.c and will be activated in a follow on commit ok jsing@
* Add issuer cache, to be used by upcoming changes to validation code.beck2020-09-113-1/+216
| | | | ok tb@ jsing@
* Import latest OPENSSL_NO_* flags from OpenSSL 1.1.1ginoguchi2020-09-091-0/+8
| | | | ok tb@
* Mention that EC_KEY_get0_public_key returns a public key.tb2020-09-081-3/+5
| | | | wording from jmc
* Clean up asn1/x_info.ctb2020-09-031-22/+9
| | | | | | | | | | Instead of using malloc(3) and manually setting part of the structure to zero, part to something else and leaving the rest uninitialized, we can benefit from the fact that there's this thing called calloc(3). Moreover, all variants of free(3) in libcrypto are NULL safe. ok beck inoguchi
* Remove unnecessary zeroing after recallocarray(3)tb2020-09-031-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Zap a memset that was redundant since OpenSSL 0.97b was merged by markus in 2003. Nowadays it's otto's recallocarray(3) that does the zeroing. ok beck inoguchi otto PS: ASN1_BIT_STRING_set_bit(3) was committed on Dec 21 1998 by Ralf S. Engelschnall and used this bizarre allocation idiom: if (a->data == NULL) c=(unsigned char *)Malloc(w+1); else c=(unsigned char *)Realloc(a->data,w+1); People complained about Malloc, Realloc and Free being used elsewhere, so on Jun 1 2000, Richarde Levitte swept the OpenSSL tree and it became this. if (a->data == NULL) c=(unsigned char *)OPENSSL_malloc(w+1); else c=(unsigned char *)OPENSSL_realloc(a->data,w+1); Then it was found that existing data should be cleaned, and on Nov 13 2002 Ben Laurie changed the last line to c=(unsigned char *)OPENSSL_realloc_clean(a->data, a->length, w+1);
* define OPENSSL_NO_SSL_TRACE in opensslfeatures.hinoguchi2020-08-291-1/+1
| | | | ok jsing@ tb@
* delete another word to improve the wording; suggested by jmc@schwarze2020-08-061-2/+2
|
* Explain the purpose of CMAC_resume(3) in more detail.schwarze2020-08-061-3/+9
| | | | | | | | Triggered by jmc@ apparently misunderstanding the intention of the text and fixing a grammatical error in a way that wasn't ideal, so i guess he wouldn't have been the only one to find the previous version hard to understand. OK jmc@
* remove half a dozen "goto" statements and a labelschwarze2020-07-251-14/+1
| | | | | that change nothing whatsoever, except making the code harder to read; OK tb@
* tweak previous;jmc2020-07-241-4/+4
|
* document PEM_X509_INFO_read(3) and PEM_X509_INFO_read_bio(3)schwarze2020-07-237-14/+207
| | | | OK tb@
* Fix a bug in PEM_X509_INFO_read_bio(3) that is very likely to causeschwarze2020-07-231-21/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use-after-free and double-free issues in calling programs. The bug was introduced in SSLeay-0.6.0 released on June 21, 1996 and has been present since OpenBSD 2.4. I found the bug while documenting the function. The bug could bite in two ways that looked quite different from the perspective of the calling code: * If a stack was passed in that already contained some X509_INFO objects and an error occurred, all the objects passed in would be freed, but without removing the freed pointers from the stack, so the calling code would probable continue to access the freed pointers and eventually free them a second time. * If the input BIO contained at least two valid PEM objects followed by at least one PEM object causing an error, at least one freed pointer would be put onto the stack, even though the function would return NULL rather than the stack. But the calling code would still have a pointer to the stack, so it would be likely to access the new bogus pointers sooner or later. Fix all this by remembering the size of the input stack on entry and cutting it back to exactly that size when exiting due to an error, but no further. While here, do some related cleanup: * Garbage collect the automatic variables "error" and "i" which were only used at one single place each. * Use NULL rather than 0 for pointers. I like bugfixes that make the code four lines shorter, reduce the number of variables by one, reduce the number of brace-blocks by one, reduce the number if if-statements by one, and reduce the number of else-clauses by one. Tweaks and OK tb@.
* Disable assembly code for powerpc64; more work is needed to make it work.kettenis2020-06-291-8/+9
|
* Switch back to bn_mul_mont_int since the bn_mul_mont_fpu64 code isn'tkettenis2020-06-281-3/+3
| | | | | hooked up and the lack of a bn_mul_mont_int implementation results in undefined references.
* Accidentally doubled these files on first commit. Correcting.drahn2020-06-262-194/+1
|
* Intial attempt at powerpc64 libcrypto pieces.drahn2020-06-252-0/+386
| | | | just commit this kettenis@
* Properly document the return values of EVP_PKEY_base_id(3)schwarze2020-06-244-70/+152
| | | | | | | | and EVP_PKEY_id(3), then describe the "type" parameters of various functions more precisely referencing that information. In particular, document X509_get_signature_type(3) which was so far missing. OK tb@
* use n-bit <noun> consistently; ok schwarze for the principal of the idea,jmc2020-06-246-28/+28
| | | | and for flagging which pages to check;
* new manual page ChaCha(3);schwarze2020-06-243-2/+257
| | | | OK tb@
* new manual page CMAC_Init(3);schwarze2020-06-245-7/+298
| | | | OK tb@
* Document eight additional pre-OpenSSL-1.1 accessor functions that areschwarze2020-06-241-21/+122
| | | | | | | | | | still widely used according to code searches on the web, so people reading existing code will occasionally want to look them up. While here, correct the return type of X509_CRL_get0_lastUpdate(3) and X509_CRL_get0_nextUpdate(3), which return const pointers. Also, add some precision regarding RETURN VALUES.
* mark the functions documented in des_read_pw(3) as deprecatedschwarze2020-06-192-6/+11
| | | | | and point to UI_UTIL_read_pw(3) instead; tb@ agrees with the general direction
* document X509_get0_pubkey_bitstr(3),schwarze2020-06-191-5/+81
| | | | | | correct the description of X509_get_X509_PUBKEY(3), document error handling of the read accessors, and mention the relevant STANDARDS
* document error handling of X509_PUBKEY_get0(3) and X509_PUBKEY_get(3)schwarze2020-06-191-3/+52
|
* Merge documentation of X509_get0_serialNumber(3) from OpenSSL-1.1.1schwarze2020-06-191-4/+19
| | | | which is still under a free license. Wording tweaked by me.
* Document EVP_read_pw_string_min(3)tb2020-06-151-6/+44
| | | | | | | Add detailed information on the return values of all the functions in this page and remove the previous incorrect information. tweaks & ok schwarze
* Document PEM_def_callback(3).schwarze2020-06-153-106/+158
| | | | | | | Move pem_password_cb(3) to the file PEM_read(3) and rewrite its description from scratch for precision and conciseness. Plus some minor improvements in the vicinity. Tweaks and OK tb@.
* add my Copyright and license, which i forgot when adding a significantschwarze2020-06-121-3/+20
| | | | amount of text, the ERRORS section, in the previous commit
* add a comment saying that name_cmp() is intentionally undocumented;schwarze2020-06-121-2/+5
| | | | tb@ agrees that it should not be part of the public API
* document PEM_ASN1_read(3) and PEM_ASN1_read_bio(3);schwarze2020-06-125-7/+236
| | | | tweaks and OK tb@
* wording tweaks from ross l richardson and tb;jmc2020-06-111-6/+6
| | | | ok tb
* document PKCS7_get_signer_info(3)schwarze2020-06-105-8/+75
|
* describe six more PKCS7 attribute functionsschwarze2020-06-101-14/+208
|
* The check_includes step is incorrect dependency management model forderaadt2020-06-091-11/+1
| | | | | | how our tree gets built. If this was done in all the libraries (imagine sys/dev), it would disrupt the development process hugely. So it should not be done here either. use 'make includes' by hand instead.
* Add a custom copy handler for AES key wraptb2020-06-051-5/+31
| | | | | | | | | | | | | This is necessary because ctx->cipher_data is an EVP_AES_WRAP_CTX containing a pointer to ctx->iv. EVP_CIPHER_CTX_copy() uses memcpy to copy cipher_data to the target struct. The result is that the copy contains a pointer to the wrong struct, which then leads to a use-after-free. The custom copy handler fixes things up to avoid that. Issue reported by Guido Vranken ok beck inoguchi jsing
* Allow GOST R 34.11-2012 in PBE/PBKDF2/PKCS#5.jsing2020-06-051-1/+3
| | | | | | | | Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux ok inoguchi@ tb@
* Add OIDs for HMAC using Streebog (GOST R 34.11-2012) hash function.jsing2020-06-052-0/+4
| | | | | | | | Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux ok inoguchi@ tb@
* Add a few more errors to help debugging.jsing2020-06-051-6/+16
| | | | | | | | Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@ tb@
* Add support for additional GOST curves.jsing2020-06-054-12/+182
| | | | | | | | | | | | | These GOST curves are defined in RFC 7836 and draft-deremin-rfc4491-bis. Add aliases for 256-bit GOST curves (see draft-smyshlyaev-tls12-gost-suites) and rename the 512-bit curve ids to follow names defined in tc26 OID registry. Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@
* Remove remaining error *_str_functs[]jsing2020-06-054-274/+11
| | | | | | | | | A number of years ago we dropped the concept of having function names in errors, since it is not that useful and very quickly gets out of sync when refactoring. It would seem that some new ones got imported and some missed the last clean up. ok tb@ beck@ "kill it with fire"
* Apply some style(9).jsing2020-06-051-34/+30
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 08:33:31 +0000