summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Limit OID text conversion to 64 bits per arc.jsing2022-02-121-55/+16
| | | | | | | | | | | | | | | | The current implementation uses an unsigned long, then switches to BN once the arc exceeds its size. However, the complexity of BN_bn2dec() is quadratic in the length of number being converted. This means that OIDs with excessively large arcs take a lot of computation to convert to text. While the X.660 specification states that arcs are unbounded, in reality they are not overly large numbers - 640K^W64 bits ought to be enough for any arc. Remove BN entirely, switch from unsigned long to uin64_t and fail if an arc exceeds this size. Identified via oss-fuzz timeouts - should fix #41028 and #44372. ok tb@
* Fix length check of IP addresses for name constraintstb2022-02-111-2/+3
| | | | | | | | | An IP address in a name constraint is actually an IP address concatenated with a netmask, so it is twice as long as usual. This fixes a third bug introduced in r1.3 and reported by Volker Schlecht ok jsing
* Add missing error check for a2i_GENERAL_NAME()tb2022-02-111-1/+3
| | | | | | Fixes a segfault reported by Volker Schlecht. ok jsing
* Fix a double free in v2i_NAME_CONSTRAINTS()tb2022-02-111-2/+3
| | | | | | | | | | | a2i_GENERAL_NAME() modifies and returns the out argument that was passed in unless out == NULL, in which case it returns something freshly allocated. Thus, in v2i_GENERAL_NAME_ex() we must only free ret if out == NULL so v2i_NAME_CONSTRAINTS() can free correctly. Issue reported by Volker Schlecht ok jsing
* Make OBJ_obj2nid() work correctly with NID_undef.jsing2022-02-111-3/+3
| | | | | | | | | | Currently OBJ_obj2nid() with NID_undef returns NID_ccitt - this is due to doing a lookup on an empty value and having NID_undef conflict with an uninitialised NID value. Somewhat based on OpenSSL 0fb99904809. ok tb@
* Change second argument of x25519_ge_scalarmult_base() fromtb2022-02-081-2/+2
| | | | | | | | a 'const uint8_t *a' to a 'const uint8_t a[32]' to match the prototype in curve25519_internal.h and the other variant inside OPENSSL_SMALL. ok millert
* Avoid a NULL dereference in BN_mod_exp2_mont()tb2022-02-071-2/+2
| | | | | | | | | | This is a very rarely used function and the crash is hard to reach in practice. Instead of implementing BN_is_odd() badly by hand, just call the real thing. Reported by Guido Vranken ok beck jsing
* Check for zero modulus in BN_MONT_CTX_set().tb2022-02-071-1/+4
| | | | | | From OpenSSL 6a009812, prompted by a report by Guido Vranken ok beck jsing
* Bump libressl's version in pkgconfig to 2.0.0tb2022-02-041-2/+3
| | | | | | | | | | | | | LibreSSL's pc files effectively hardcode the version to 1.0.0 since LibreSSL exists. That probably never made much sense. This causes some pain for ports that "need 'openssl' ['>= +1.1.0'] found '1.0.0'" or similar while they would build perfectly fine with LibreSSL. This only affects OpenBSD. We do not put the actual LibreSSL version in there since it may cause trouble Discussed with sthen, millert, inoguchi, beck over the past year. Diff from/ok sthen
* Remove a strange inheritance check from addr_validate_path_internal()tb2022-02-041-4/+1
| | | | | | | | The trust anchor can't inherit, but the code says that it can inherit just not if the leaf tries to inherit from that. This makes no sense and doesn't match what is done on the asid side. ok jsing
* Fix capitalization of ChaCha20tb2022-02-041-3/+3
|
* Fix copy-paste error: X509_V_ERR_CRL_SIGNATURE_FAILURE means that thetb2022-02-031-3/+3
| | | | CRL's signature is invalid, not the certificate's.
* sort includes as usualtb2022-01-271-2/+2
|
* Do not depend on engine.h pulling in err.h and evp.htb2022-01-272-6/+10
|
* Remove some HMAC_CTX_init() remnants in HMAC(3).tb2022-01-251-31/+5
| | | | spotted by/ok jmc
* Document X509_V_ERR_UNNESTED_RESOURCE. Previous version looked goodtb2022-01-241-2/+9
| | | | to claudio
* Use memmove instead of memcpy for overlapping memoryinoguchi2022-01-221-3/+3
| | | | | | CID 251047 251094 OK beck@ jsing@ millert@ tb@
* Use memmove instead of memcpy for overlapping memoryinoguchi2022-01-221-5/+5
| | | | | | CID 250936 251103 OK beck@ jsing@ millert@ tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-2/+3
| | | | | | CID 345116 ok beck@ tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-3/+4
| | | | | | | | CID 25131 ok beck@ tb@ suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-3/+3
| | | | | | ok beck@ tb@ suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-222-4/+7
| | | | ok beck@ tb@
* Add check for EVP_CIPHER_CTX_ctrlinoguchi2022-01-201-4/+6
| | | | suggestion from tb@
* Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi2022-01-201-2/+3
| | | | | | CID 21653 ok jsing@ millert@ tb@
* Add check for OBJ_nid2obj return valueinoguchi2022-01-201-2/+3
| | | | input from tb@
* Add check for ASN1_INTEGER_setinoguchi2022-01-201-2/+3
| | | | | | CID 24893 ok jsing@ millert@ tb@
* Fix check for BN_mod_inverse_ct return valueinoguchi2022-01-205-13/+13
| | | | ok jsing@ millert@ tb@
* Add check for BN_sub return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24839 ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24778 ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-3/+5
| | | | | | CID 24812 ok jsing@ millert@ tb@
* Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi2022-01-201-2/+2
| | | | | | It returns 1 on success and 0 for failure, never negative value. ok jsing@ millert@ tb@
* Add and fix check for BN functions return valueinoguchi2022-01-201-4/+5
| | | | ok jsing@ millert@ tb@
* Add check for BN functions return valueinoguchi2022-01-201-3/+5
| | | | | | | CID 21665 24835 comment from jsing@ and tb@ ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24869 ok jsing@ millert@ tb@
* Document the bizarre fact that {CMS,PCKS7}_get0_signers() needs sometb2022-01-192-4/+12
| | | | | | | | | | | freeing of what they return despite being get0 functions: the stack of X509s that they return must be freed with sk_X509_free(). The get0 thus probably refers to the individual certs, but not to the stack itself. The libcrypto and libssl APIs never cease to amaze with new traps. ok inoguchi
* Check return value from EVP_CIPHER_CTX_new in cms_pwri.cinoguchi2022-01-191-2/+4
| | | | | | CID 345137 ok jsing@ tb@
* spellingjsg2022-01-1510-33/+33
| | | | ok tb@
* Add back an accidentally dropped .Pptb2022-01-151-1/+2
|
* Update for HMAC_CTX_{init,cleanup} hand HMAC_cleanup removaltb2022-01-151-50/+2
|
* Stop documenting clone digests.tb2022-01-153-47/+7
|
* Minor cleanup and simplification in dsa_pub_encode()tb2022-01-151-15/+8
| | | | | | | | | This function has a weird dance of allocating an ASN1_STRING in an inner scope and assigning it to a void pointer in an outer scope for passing it to X509_PUBKEY_set0_param() and ASN1_STRING_free() on error. This can be simplified and streamlined. ok inoguchi
* Avoid buffer overflow in asn1_parse2inoguchi2022-01-141-2/+2
| | | | | | | | | | | | asn1_par.c r1.29 changed to access p[0] directly, and this pointer could be overrun since ASN1_get_object advances pointer to the first content octet. In case invalid ASN1 Boolean data, it has length but no content, I thought this could be happen. Adding check p with tot (diff below) will avoid this failure. Reported by oss-fuzz 43633 and 43648(later) ok tb@
* bump libcrypto, libssl, libtls majors after struct visibility changestb2022-01-141-1/+1
| | | | and Symbol addition and removal in libcrypto.
* Update Symbols.listtb2022-01-141-49/+190
| | | | ok inoguchi
* Unconditionally comment out OPENSSL_NO_RFC3779tb2022-01-141-3/+1
| | | | ok inoguchi jsing
* Remove header guard around RFC 3779 declarationstb2022-01-141-3/+1
| | | | ok inoguchi jsing
* Expose Certificate Transparency symbols in headerstb2022-01-143-11/+3
| | | | ok inoguchi jsing
* Hide OBJ_bsearch_ from public visibility,tb2022-01-141-84/+4
| | | | | | | | | This removes OBJ_bsearch_ex_() from the exported symbols and makes OBJ_bsearch_() semi-private. It is still used in libssl. While here, remove some hideous unused macros ok inoguchi jsing
* Move ASN1_BOOLEAN to internal only.tb2022-01-142-5/+5
| | | | | | | This moves {d2i,i2d}_ASN1_BOOLEAN() to internal only. They are unused, but help us testing the encoding. ok jsing
* Remove check_defer and obj_cleanup_defer from public visibilitytb2022-01-141-1/+3
| | | | ok inoguchi jsing