summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* mutibyte -> multibytejsg2022-02-211-3/+3
|
* Fix a buffer overread in OAEP padding removaltb2022-02-201-11/+11
| | | | | | | | | This only occurs on very small payloads and tightly allocated buffers that don't usually occur in practice. This is OpenSSL f61c6804 ok inoguchi jsing
* Remove references to performance issues caused by frequent memmove().jsing2022-02-191-13/+2
| | | | ok inoguchi@ tb@
* Reduce memmoves in memory BIOs.jsing2022-02-191-22/+38
| | | | | | | | | | | | | | | | | Currently, a read/write memory BIO pulls up the data via memmove() on each read. This becomes very expensive when a lot of small reads are performed, especially if there is a reasonable amount of data stored in the memory BIO. Instead, store a read offset into the buffer and only perform a memmove() to pull up the data on a write, if we have read more than 4096 bytes. This way we only perform memmove() when the space saving will potentially be of benefit, while avoiding frequent memmove() in the case of small interleaved reads and writes. Should address oss-fuzz #19881. ok inoguchi@ tb@
* certificiate -> certificatejsg2022-02-191-3/+3
|
* Provide a struct bio_mem for memory BIO specific data.jsing2022-02-191-47/+58
| | | | | | | | | In order to fix and improve the memory BIO, we need to be able to track more than just a single BUF_MEM *. Provide a struct bio_mem (which currently only contains a BUF_MEM *) and rework the internals to use this struct. ok inoguchi@ tb@
* Clean up and simplify memory BIO code.jsing2022-02-181-124/+139
| | | | | | | | This is a first pass that uses sensible and consistent names for variables. Call the BIO 'bio' (instead of 'a', 'b', 'bp', or 'h'), drop a bunch of unnecessary casts, simplify some logic and add additional error checking. With input from and ok tb@
* prefer https links in man pagesjsg2022-02-182-6/+6
| | | | ok gnezdo@ miod@ jmc@
* grammar/rewordjsg2022-02-181-5/+7
| | | | ok jmc@
* Avoid potential single byte overread in asn1_parse2().jsing2022-02-121-3/+4
| | | | | | | | | | A fix for this was previously commited in r1.32, however while this added a bounds check the logic means we still fall through and perform the overread. Fix the logic such that we only log the error if the bounds check fails. While here, flip the test around such that we check for validity then print (which is more readable and matches earlier code). ok inoguchi@ tb@
* Limit OID text conversion to 64 bits per arc.jsing2022-02-121-55/+16
| | | | | | | | | | | | | | | | The current implementation uses an unsigned long, then switches to BN once the arc exceeds its size. However, the complexity of BN_bn2dec() is quadratic in the length of number being converted. This means that OIDs with excessively large arcs take a lot of computation to convert to text. While the X.660 specification states that arcs are unbounded, in reality they are not overly large numbers - 640K^W64 bits ought to be enough for any arc. Remove BN entirely, switch from unsigned long to uin64_t and fail if an arc exceeds this size. Identified via oss-fuzz timeouts - should fix #41028 and #44372. ok tb@
* Fix length check of IP addresses for name constraintstb2022-02-111-2/+3
| | | | | | | | | An IP address in a name constraint is actually an IP address concatenated with a netmask, so it is twice as long as usual. This fixes a third bug introduced in r1.3 and reported by Volker Schlecht ok jsing
* Add missing error check for a2i_GENERAL_NAME()tb2022-02-111-1/+3
| | | | | | Fixes a segfault reported by Volker Schlecht. ok jsing
* Fix a double free in v2i_NAME_CONSTRAINTS()tb2022-02-111-2/+3
| | | | | | | | | | | a2i_GENERAL_NAME() modifies and returns the out argument that was passed in unless out == NULL, in which case it returns something freshly allocated. Thus, in v2i_GENERAL_NAME_ex() we must only free ret if out == NULL so v2i_NAME_CONSTRAINTS() can free correctly. Issue reported by Volker Schlecht ok jsing
* Make OBJ_obj2nid() work correctly with NID_undef.jsing2022-02-111-3/+3
| | | | | | | | | | Currently OBJ_obj2nid() with NID_undef returns NID_ccitt - this is due to doing a lookup on an empty value and having NID_undef conflict with an uninitialised NID value. Somewhat based on OpenSSL 0fb99904809. ok tb@
* Change second argument of x25519_ge_scalarmult_base() fromtb2022-02-081-2/+2
| | | | | | | | a 'const uint8_t *a' to a 'const uint8_t a[32]' to match the prototype in curve25519_internal.h and the other variant inside OPENSSL_SMALL. ok millert
* Avoid a NULL dereference in BN_mod_exp2_mont()tb2022-02-071-2/+2
| | | | | | | | | | This is a very rarely used function and the crash is hard to reach in practice. Instead of implementing BN_is_odd() badly by hand, just call the real thing. Reported by Guido Vranken ok beck jsing
* Check for zero modulus in BN_MONT_CTX_set().tb2022-02-071-1/+4
| | | | | | From OpenSSL 6a009812, prompted by a report by Guido Vranken ok beck jsing
* Bump libressl's version in pkgconfig to 2.0.0tb2022-02-041-2/+3
| | | | | | | | | | | | | LibreSSL's pc files effectively hardcode the version to 1.0.0 since LibreSSL exists. That probably never made much sense. This causes some pain for ports that "need 'openssl' ['>= +1.1.0'] found '1.0.0'" or similar while they would build perfectly fine with LibreSSL. This only affects OpenBSD. We do not put the actual LibreSSL version in there since it may cause trouble Discussed with sthen, millert, inoguchi, beck over the past year. Diff from/ok sthen
* Remove a strange inheritance check from addr_validate_path_internal()tb2022-02-041-4/+1
| | | | | | | | The trust anchor can't inherit, but the code says that it can inherit just not if the leaf tries to inherit from that. This makes no sense and doesn't match what is done on the asid side. ok jsing
* Fix capitalization of ChaCha20tb2022-02-041-3/+3
|
* Fix copy-paste error: X509_V_ERR_CRL_SIGNATURE_FAILURE means that thetb2022-02-031-3/+3
| | | | CRL's signature is invalid, not the certificate's.
* sort includes as usualtb2022-01-271-2/+2
|
* Do not depend on engine.h pulling in err.h and evp.htb2022-01-272-6/+10
|
* Remove some HMAC_CTX_init() remnants in HMAC(3).tb2022-01-251-31/+5
| | | | spotted by/ok jmc
* Document X509_V_ERR_UNNESTED_RESOURCE. Previous version looked goodtb2022-01-241-2/+9
| | | | to claudio
* Use memmove instead of memcpy for overlapping memoryinoguchi2022-01-221-3/+3
| | | | | | CID 251047 251094 OK beck@ jsing@ millert@ tb@
* Use memmove instead of memcpy for overlapping memoryinoguchi2022-01-221-5/+5
| | | | | | CID 250936 251103 OK beck@ jsing@ millert@ tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-2/+3
| | | | | | CID 345116 ok beck@ tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-3/+4
| | | | | | | | CID 25131 ok beck@ tb@ suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-3/+3
| | | | | | ok beck@ tb@ suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-222-4/+7
| | | | ok beck@ tb@
* Add check for EVP_CIPHER_CTX_ctrlinoguchi2022-01-201-4/+6
| | | | suggestion from tb@
* Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi2022-01-201-2/+3
| | | | | | CID 21653 ok jsing@ millert@ tb@
* Add check for OBJ_nid2obj return valueinoguchi2022-01-201-2/+3
| | | | input from tb@
* Add check for ASN1_INTEGER_setinoguchi2022-01-201-2/+3
| | | | | | CID 24893 ok jsing@ millert@ tb@
* Fix check for BN_mod_inverse_ct return valueinoguchi2022-01-205-13/+13
| | | | ok jsing@ millert@ tb@
* Add check for BN_sub return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24839 ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24778 ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-3/+5
| | | | | | CID 24812 ok jsing@ millert@ tb@
* Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi2022-01-201-2/+2
| | | | | | It returns 1 on success and 0 for failure, never negative value. ok jsing@ millert@ tb@
* Add and fix check for BN functions return valueinoguchi2022-01-201-4/+5
| | | | ok jsing@ millert@ tb@
* Add check for BN functions return valueinoguchi2022-01-201-3/+5
| | | | | | | CID 21665 24835 comment from jsing@ and tb@ ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24869 ok jsing@ millert@ tb@
* Document the bizarre fact that {CMS,PCKS7}_get0_signers() needs sometb2022-01-192-4/+12
| | | | | | | | | | | freeing of what they return despite being get0 functions: the stack of X509s that they return must be freed with sk_X509_free(). The get0 thus probably refers to the individual certs, but not to the stack itself. The libcrypto and libssl APIs never cease to amaze with new traps. ok inoguchi
* Check return value from EVP_CIPHER_CTX_new in cms_pwri.cinoguchi2022-01-191-2/+4
| | | | | | CID 345137 ok jsing@ tb@
* spellingjsg2022-01-1510-33/+33
| | | | ok tb@
* Add back an accidentally dropped .Pptb2022-01-151-1/+2
|
* Update for HMAC_CTX_{init,cleanup} hand HMAC_cleanup removaltb2022-01-151-50/+2
|
* Stop documenting clone digests.tb2022-01-153-47/+7
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-18 20:07:16 +0000