[openssl-commits] [openssl] master update
The branch master has been updated via c4fad5d348a5f57c4c08e63c444702c310ec891a (commit) from b26befb541f8bc7d4f4e0beead50248b16949932 (commit) - Log - commit c4fad5d348a5f57c4c08e63c444702c310ec891a Author: Dr. Matthias St. Pierre Date: Mon Jun 18 22:09:20 2018 +0200 Improve the output of `make doc-nits` - Print positive feedback in the case when 'make doc-nits' finds no errors. - Other than before, keep the 'doc-nits' output file only in case of errors and remove it if it is empty. - Declare 'doc-nits' as a phony make target to facilitate rerunning 'make doc-nits' without having to remove the output file first. Reviewed-by: Rich Salz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/6517) --- Summary of changes: Configurations/unix-Makefile.tmpl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 10deec6..42da98d 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -708,9 +708,11 @@ update: generate errors ordinals generate: generate_apps generate_crypto_bn generate_crypto_objects \ generate_crypto_conf generate_crypto_asn1 generate_fuzz_oids +.PHONY: doc-nits doc-nits: (cd $(SRCDIR); $(PERL) util/find-doc-nits -n -p ) >doc-nits - if [ -s doc-nits ] ; then cat doc-nits; rm doc-nits ; exit 1; fi + @if [ -s doc-nits ] ; then cat doc-nits ; exit 1; \ + else echo 'doc-nits: no errors.'; rm doc-nits ; fi # Test coverage is a good idea for the future #coverage: $(PROGRAMS) $(TESTPROGRAMS) _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via b26befb541f8bc7d4f4e0beead50248b16949932 (commit) from f667820c16a44245a4a898a568936c47a9b0ee6e (commit) - Log - commit b26befb541f8bc7d4f4e0beead50248b16949932 Author: Nicola Tuveri Date: Mon Jun 18 19:13:36 2018 +0300 Fix & update documentation about RAND_priv_bytes() Reviewed-by: Rich Salz Reviewed-by: Kurt Roeckx Reviewed-by: Ben Kaduk Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/6514) --- Summary of changes: doc/man3/BN_rand.pod| 45 + doc/man3/RAND_bytes.pod | 32 ++-- doc/man7/RAND.pod | 21 - 3 files changed, 75 insertions(+), 23 deletions(-) diff --git a/doc/man3/BN_rand.pod b/doc/man3/BN_rand.pod index 099dda4..eb0a6b1 100644 --- a/doc/man3/BN_rand.pod +++ b/doc/man3/BN_rand.pod @@ -2,7 +2,9 @@ =head1 NAME -BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-random number +BN_rand, BN_priv_rand, BN_pseudo_rand, +BN_rand_range, BN_priv_rand_range, BN_pseudo_rand_range +- generate pseudo-random number =head1 SYNOPSIS @@ -10,10 +12,14 @@ BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-r int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); + int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom); + int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); int BN_rand_range(BIGNUM *rnd, BIGNUM *range); + int BN_priv_rand_range(BIGNUM *rnd, BIGNUM *range); + int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); =head1 DESCRIPTION @@ -37,7 +43,16 @@ If B is 1 then B cannot also be B. BN_rand_range() generates a cryptographically strong pseudo-random number B in the range 0 E= B E B. -The PRNG must be seeded prior to calling BN_rand() or BN_rand_range(). +BN_priv_rand() and BN_priv_rand_range() have the same semantics as +BN_rand() and BN_rand_range() respectively. They are intended to be +used for generating values that should remain private, and mirror the +same difference between L and L. + +=head1 NOTES + +Always check the error return value of these functions and do not take +randomness for granted: an error occurs if the CSPRNG has not been +seeded with enough randomness to ensure an unpredictable byte sequence. =head1 RETURN VALUES @@ -46,20 +61,34 @@ The error codes can be obtained by L. =head1 HISTORY -Starting with OpenSSL release 1.1.0, -BN_pseudo_rand() has been identical to BN_rand() -and -BN_pseudo_rand_range() has been identical to BN_rand_range(). +=over 2 + +=item * + +Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical +to BN_rand() and BN_pseudo_rand_range() has been identical to +BN_rand_range(). The "pseudo" functions should not be used and may be deprecated in a future release. +=item * + +BN_priv_rand() and BN_priv_rand_range() were added in OpenSSL 1.1.1. + +=back + =head1 SEE ALSO -L, L, L +L, +L, +L, +L, +L, +L =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/RAND_bytes.pod b/doc/man3/RAND_bytes.pod index 284b9db..fca1ad6 100644 --- a/doc/man3/RAND_bytes.pod +++ b/doc/man3/RAND_bytes.pod @@ -20,13 +20,21 @@ Deprecated: =head1 DESCRIPTION RAND_bytes() puts B cryptographically strong pseudo-random bytes -into B. An error occurs if the CSPRNG has not been seeded with -enough randomness to ensure an unpredictable byte sequence. +into B. RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to -be used for generating long-term private keys. If using the default -RAND_METHOD, this function uses a separate instance of the PRNG so that -a compromise of the global generator will not affect such key generation. +be used for generating values that should remain private. If using the +default RAND_METHOD, this function uses a separate "private" PRNG +instance so that a compromise of the "public" PRNG instance will not +affect the secrecy of these private values, as described in L +and L. + +=head1 NOTES + +Always check the error return value of RAND_bytes() and +RAND_priv_bytes() and do not take randomness for granted: an error occurs +if the CSPRNG has not been seeded with enough randomness to ensure an +unpredictable byte sequence. =head1 RETURN VALUES @@ -37,14 +45,26 @@ obtained by L. =head1 HISTORY +=over 2 + +=item * + RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead. +=item * + +
[openssl-commits] [openssl] master update
The branch master has been updated
via 748eb991f49585a609ec65b0d8d26835a2911045 (commit)
from 86a92bcb13a843f820fae7f1a4c78a6e654fe069 (commit)
- Log -
commit 748eb991f49585a609ec65b0d8d26835a2911045
Author: Dr. Matthias St. Pierre
Date: Tue Jun 5 23:22:06 2018 +0200
RAND_POOL: Add missing implementations for djgpp
Calling the functions rand_pool_add_{additional,nonce}_data()
in crypto/rand/rand_lib.c with no implementation for djgpp/MSDOS
causees unresolved symbols when linking with djgpp.
Reported and fixed by Gisle Vanem
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6421)
---
Summary of changes:
crypto/rand/rand_unix.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 7989081..fafa359 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -27,7 +27,8 @@
#if defined(__OpenBSD__) || defined(__NetBSD__)
# include
#endif
-#ifdef OPENSSL_SYS_UNIX
+
+#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__)
# include
# include
# include
@@ -70,7 +71,7 @@ static uint64_t get_timer_bits(void);
# define OSSL_POSIX_TIMER_OKAY
# endif
# endif
-#endif
+#endif /* defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) */
int syscall_random(void *buf, size_t buflen);
@@ -392,7 +393,7 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
# endif
#endif
-#ifdef OPENSSL_SYS_UNIX
+#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__)
int rand_pool_add_nonce_data(RAND_POOL *pool)
{
struct {
@@ -512,4 +513,4 @@ static uint64_t get_timer_bits(void)
# endif
return time(NULL);
}
-#endif
+#endif /* defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 0336df2fa316a3e08b8f0d2d0e8d4bc175e46634 (commit)
from 630fe1da888490b7dfef3fe0928b813ddff5d51a (commit)
- Log -
commit 0336df2fa316a3e08b8f0d2d0e8d4bc175e46634
Author: Georg Schmidt
Date: Thu May 31 01:42:39 2018 +0200
Issue warnings for large DSA and RSA keys
Issue a warning when generating DSA or RSA keys of size greater than
OPENSSL_DSA_MAX_MODULUS_BITS resp. OPENSSL_RSA_MAX_MODULUS_BITS.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/6380)
---
Summary of changes:
apps/dsaparam.c | 6 ++
apps/gendsa.c | 7 +++
apps/genrsa.c | 5 +
apps/req.c | 12
4 files changed, 30 insertions(+)
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 341480b..8e33ffd 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -128,6 +128,12 @@ int dsaparam_main(int argc, char **argv)
goto end;
if (numbits > 0) {
+if (numbits > OPENSSL_DSA_MAX_MODULUS_BITS)
+BIO_printf(bio_err,
+ "Warning: It is not recommended to use more than %d bit
for DSA keys.\n"
+ " Your key size is %d! Larger key size may
behave not as expected.\n",
+ OPENSSL_DSA_MAX_MODULUS_BITS, numbits);
+
cb = BN_GENCB_new();
if (cb == NULL) {
BIO_printf(bio_err, "Error allocating BN_GENCB object\n");
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 06e3792..4013754 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -117,6 +117,13 @@ int gendsa_main(int argc, char **argv)
goto end2;
DSA_get0_pqg(dsa, &p, NULL, NULL);
+
+if (BN_num_bits(p) > OPENSSL_DSA_MAX_MODULUS_BITS)
+BIO_printf(bio_err,
+ "Warning: It is not recommended to use more than %d bit for
DSA keys.\n"
+ " Your key size is %d! Larger key size may behave
not as expected.\n",
+ OPENSSL_DSA_MAX_MODULUS_BITS, BN_num_bits(p));
+
BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(p));
if (!DSA_generate_key(dsa))
goto end;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 2bc8fa0..c17cd14 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -123,6 +123,11 @@ opthelp:
if (argc == 1) {
if (!opt_int(argv[0], &num) || num <= 0)
goto end;
+if (num > OPENSSL_RSA_MAX_MODULUS_BITS)
+BIO_printf(bio_err,
+ "Warning: It is not recommended to use more than %d bit
for RSA keys.\n"
+ " Your key size is %d! Larger key size may
behave not as expected.\n",
+ OPENSSL_RSA_MAX_MODULUS_BITS, num);
} else if (argc > 0) {
BIO_printf(bio_err, "Extra arguments given.\n");
goto opthelp;
diff --git a/apps/req.c b/apps/req.c
index ca4b7ec..59baa89 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -517,6 +517,18 @@ int req_main(int argc, char **argv)
goto end;
}
+if (pkey_type == EVP_PKEY_RSA && newkey > OPENSSL_RSA_MAX_MODULUS_BITS)
+BIO_printf(bio_err,
+ "Warning: It is not recommended to use more than %d bit
for RSA keys.\n"
+ " Your key size is %ld! Larger key size may
behave not as expected.\n",
+ OPENSSL_RSA_MAX_MODULUS_BITS, newkey);
+
+if (pkey_type == EVP_PKEY_DSA && newkey > OPENSSL_DSA_MAX_MODULUS_BITS)
+BIO_printf(bio_err,
+ "Warning: It is not recommended to use more than %d bit
for DSA keys.\n"
+ " Your key size is %ld! Larger key size may
behave not as expected.\n",
+ OPENSSL_DSA_MAX_MODULUS_BITS, newkey);
+
if (genctx == NULL) {
genctx = set_keygen_ctx(NULL, &pkey_type, &newkey,
&keyalgstr, gen_eng);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via a0cef658d6e15c0711c6e27c5969281a76acf20f (commit) from 0396401d1c3fd65487116b0623e634b65bf28670 (commit) - Log - commit a0cef658d6e15c0711c6e27c5969281a76acf20f Author: Dr. Matthias St. Pierre Date: Mon May 28 22:46:21 2018 +0200 ECDSA_SIG: restore doc comments which were deleted accidentally amends 0396401d1c3f Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6366) --- Summary of changes: include/openssl/ec.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/openssl/ec.h b/include/openssl/ec.h index a24bee0..ed2161d 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1078,6 +1078,8 @@ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); /** Setter for r and s fields of ECDSA_SIG * \param sig pointer to ECDSA_SIG structure + * \param rpointer to BIGNUM for r (may be NULL) + * \param spointer to BIGNUM for s (may be NULL) */ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 0396401d1c3fd65487116b0623e634b65bf28670 (commit)
via 6692ffea3e75f964de7ee64761ec8565f9be (commit)
via e6f35b5768d8810644f1f2cc9ca8294d97688343 (commit)
via 5777254b7aa71ba14582912509c07ff9027a55eb (commit)
from e37d4a6704cf0c8b0a0a6601eff82ca65d16d4a3 (commit)
- Log -
commit 0396401d1c3fd65487116b0623e634b65bf28670
Author: Dr. Matthias St. Pierre
Date: Sun May 27 09:08:08 2018 +0200
ECDSA_SIG: add simple getters for commonly used struct members
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6290)
commit 6692ffea3e75f964de7ee64761ec8565f9be
Author: Dr. Matthias St. Pierre
Date: Sun May 27 09:01:28 2018 +0200
RSA: add simple getters for commonly used struct members
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6290)
commit e6f35b5768d8810644f1f2cc9ca8294d97688343
Author: Dr. Matthias St. Pierre
Date: Sun May 27 08:57:55 2018 +0200
DSA: add simple getters for commonly used struct members
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6290)
commit 5777254b7aa71ba14582912509c07ff9027a55eb
Author: Dr. Matthias St. Pierre
Date: Sun May 27 09:07:07 2018 +0200
DH: fix: add simple getters for commonly used struct members
amends 6db7fadf0975
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6290)
---
Summary of changes:
crypto/dsa/dsa_lib.c | 25 +
crypto/ec/ec_asn1.c| 10 ++
crypto/rsa/rsa_lib.c | 40
doc/man3/DH_get0_pqg.pod | 6 +-
doc/man3/DSA_get0_pqg.pod | 16 ++--
doc/man3/ECDSA_SIG_new.pod | 14 --
doc/man3/RSA_get0_key.pod | 22 +-
include/openssl/dsa.h | 5 +
include/openssl/ec.h | 16
include/openssl/rsa.h | 8
util/libcrypto.num | 25 -
11 files changed, 172 insertions(+), 15 deletions(-)
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index e730e8e..9275a53 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -305,6 +305,31 @@ int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
return 1;
}
+const BIGNUM *DSA_get0_p(const DSA *d)
+{
+return d->p;
+}
+
+const BIGNUM *DSA_get0_q(const DSA *d)
+{
+return d->q;
+}
+
+const BIGNUM *DSA_get0_g(const DSA *d)
+{
+return d->g;
+}
+
+const BIGNUM *DSA_get0_pub_key(const DSA *d)
+{
+return d->pub_key;
+}
+
+const BIGNUM *DSA_get0_priv_key(const DSA *d)
+{
+return d->priv_key;
+}
+
void DSA_clear_flags(DSA *d, int flags)
{
d->flags &= ~flags;
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 33c4c23..cdc5d38 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1183,6 +1183,16 @@ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM
**pr, const BIGNUM **ps)
*ps = sig->s;
}
+const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig)
+{
+return sig->r;
+}
+
+const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig)
+{
+return sig->s;
+}
+
int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
{
if (r == NULL || s == NULL)
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 133ba21..0974aa6 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -402,6 +402,46 @@ int RSA_get0_multi_prime_crt_params(const RSA *r, const
BIGNUM *exps[],
return 1;
}
+const BIGNUM *RSA_get0_n(const RSA *r)
+{
+return r->n;
+}
+
+const BIGNUM *RSA_get0_e(const RSA *r)
+{
+return r->e;
+}
+
+const BIGNUM *RSA_get0_d(const RSA *r)
+{
+return r->d;
+}
+
+const BIGNUM *RSA_get0_p(const RSA *r)
+{
+return r->p;
+}
+
+const BIGNUM *RSA_get0_q(const RSA *r)
+{
+return r->q;
+}
+
+const BIGNUM *RSA_get0_dmp1(const RSA *r)
+{
+return r->dmp1;
+}
+
+const BIGNUM *RSA_get0_dmq1(const RSA *r)
+{
+return r->dmq1;
+}
+
+const BIGNUM *RSA_get0_iqmp(const RSA *r)
+{
+return r->iqmp;
+}
+
void RSA_clear_flags(RSA *r, int flags)
{
r->flags &= ~flags;
diff --git a/doc/man3/DH_get0_pqg.pod b/doc/man3/DH_get0_pqg.pod
index 6b25556..00e8ef5 100644
--- a/doc/man3/DH_get0_pqg.pod
+++ b/doc/man3/DH_get0_pqg.pod
@@ -41,6 +41,8 @@ If the parameters have not yet been set then B<*p>, B<*q> and
B<*g> will be set
to NULL. Otherwise they are set to pointers to their respective values. These
point directly to the internal representations of the values and therefore
should not be freed directly.
+Any of the out parameters B, B, and B can be NULL, in which case no
+value will be returned for that par
[openssl-commits] [openssl] master update
The branch master has been updated via e37d4a6704cf0c8b0a0a6601eff82ca65d16d4a3 (commit) from 4de3fe5381b647de4b93436c5138ad16e575056c (commit) - Log - commit e37d4a6704cf0c8b0a0a6601eff82ca65d16d4a3 Author: Dr. Matthias St. Pierre Date: Wed May 16 22:53:41 2018 +0200 util/libcrypto.num: fix symbol collision between 1.1.0 and master In commit 6decf9436f7, fourteen public symbols were removed from util/libcrypto.num on the master branch and the following symbols renumbered. Unfortunately, the symbols `OCSP_resp_get0_signer` and `X509_get0_authority_key_id` were not adjusted accordingly on the OpenSSL_1_1_0-stable branch. This commit fixes the collision by doing a 'double swap'. Reviewed-by: Rich Salz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/6278) --- Summary of changes: util/libcrypto.num | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/util/libcrypto.num b/util/libcrypto.num index d3351c5..937b718 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4411,7 +4411,7 @@ EVP_sm4_ofb 4356 1_1_1 EXIST::FUNCTION:SM4 EVP_sm4_ecb 4357 1_1_1 EXIST::FUNCTION:SM4 EVP_sm4_cfb128 4358 1_1_1 EXIST::FUNCTION:SM4 EVP_sm3 4359 1_1_1 EXIST::FUNCTION:SM3 -OCSP_resp_get0_signer 4360 1_1_0h EXIST::FUNCTION:OCSP +RSA_get0_multi_prime_factors4360 1_1_1 EXIST::FUNCTION:RSA EVP_PKEY_public_check 4361 1_1_1 EXIST::FUNCTION: EVP_PKEY_param_check4362 1_1_1 EXIST::FUNCTION: EVP_PKEY_meth_set_public_check 4363 1_1_1 EXIST::FUNCTION: @@ -4425,7 +4425,7 @@ DH_check_pub_key_ex 4370 1_1_1 EXIST::FUNCTION:DH DH_check_params_ex 4371 1_1_1 EXIST::FUNCTION:DH RSA_generate_multi_prime_key4372 1_1_1 EXIST::FUNCTION:RSA RSA_get_multi_prime_extra_count 4373 1_1_1 EXIST::FUNCTION:RSA -RSA_get0_multi_prime_factors4374 1_1_1 EXIST::FUNCTION:RSA +OCSP_resp_get0_signer 4374 1_1_0h EXIST::FUNCTION:OCSP RSA_get0_multi_prime_crt_params 4375 1_1_1 EXIST::FUNCTION:RSA RSA_set0_multi_prime_params 4376 1_1_1 EXIST::FUNCTION:RSA RSA_get_version 4377 1_1_1 EXIST::FUNCTION:RSA @@ -4489,7 +4489,7 @@ OCSP_basic_sign_ctx 4430 1_1_1 EXIST::FUNCTION:OCSP RAND_DRBG_bytes 4431 1_1_1 EXIST::FUNCTION: RAND_DRBG_secure_new4432 1_1_1 EXIST::FUNCTION: OSSL_STORE_vctrl4433 1_1_1 EXIST::FUNCTION: -X509_get0_authority_key_id 4434 1_1_0h EXIST::FUNCTION: +OSSL_STORE_SEARCH_by_alias 4434 1_1_1 EXIST::FUNCTION: BIO_bind4435 1_1_1 EXIST::FUNCTION:SOCK OSSL_STORE_LOADER_set_expect4436 1_1_1 EXIST::FUNCTION: OSSL_STORE_expect 4437 1_1_1 EXIST::FUNCTION: @@ -4503,7 +4503,7 @@ OSSL_STORE_SEARCH_get0_bytes 1_1_1 EXIST::FUNCTION: OSSL_STORE_SEARCH_get0_string 4445 1_1_1 EXIST::FUNCTION: OSSL_STORE_SEARCH_by_issuer_serial 4446 1_1_1 EXIST::FUNCTION: OSSL_STORE_SEARCH_get0_name 4447 1_1_1 EXIST::FUNCTION: -OSSL_STORE_SEARCH_by_alias 4448 1_1_1 EXIST::FUNCTION: +X509_get0_authority_key_id 4448 1_1_0h EXIST::FUNCTION: OSSL_STORE_LOADER_set_find 4449 1_1_1 EXIST::FUNCTION: OSSL_STORE_SEARCH_free 4450 1_1_1 EXIST::FUNCTION: OSSL_STORE_SEARCH_get0_digest 4451 1_1_1 EXIST::FUNCTION: _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 2392eb77d237684a32b1290fc9e3d0e2f3b08554 (commit) from 4e07941373ac17086ab4e601950c4ca148e8bb31 (commit) - Log - commit 2392eb77d237684a32b1290fc9e3d0e2f3b08554 Author: Bernd Edlinger Date: Thu Mar 29 11:27:29 2018 +0200 Fix a possible crash in BN_from_montgomery_word Thanks to Darovskikh Andrei for for reporting this issue. Fixes: #5785 Fixes: #6302 Cherry-picked from f91e026e3832 (without test/bntest.c) Reviewed-by: Rich Salz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/6310) --- Summary of changes: crypto/bn/bn_mont.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index c0c1746..dad3d07 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -95,6 +95,8 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) /* clear the top words of T */ i = max - r->top; +if (i < 0) +return 0; if (i) memset(&rp[r->top], 0, sizeof(*rp) * i); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 8a59c08583424d59ac30c1261eedff40d653f8b0 (commit)
via 6db7fadf0975c75bfba01dd939063b4bdcb1a0fe (commit)
from b336ce57f2d5cca803a920d2a9e622b588cead3c (commit)
- Log -
commit 8a59c08583424d59ac30c1261eedff40d653f8b0
Author: Dr. Matthias St. Pierre
Date: Fri May 18 00:51:15 2018 +0200
DH: add some basic tests (and comments)
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6273)
commit 6db7fadf0975c75bfba01dd939063b4bdcb1a0fe
Author: Dr. Matthias St. Pierre
Date: Wed May 16 16:18:13 2018 +0200
DH: add simple getters for commonly used DH struct members
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6273)
---
Summary of changes:
crypto/dh/dh_lib.c | 25 ++
doc/man3/DH_get0_pqg.pod | 20 ++--
include/openssl/dh.h | 5 +++
test/dhtest.c| 85
util/libcrypto.num | 5 +++
5 files changed, 137 insertions(+), 3 deletions(-)
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index a33f324..a61aa4d 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -243,6 +243,31 @@ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
return 1;
}
+const BIGNUM *DH_get0_p(const DH *dh)
+{
+return dh->p;
+}
+
+const BIGNUM *DH_get0_q(const DH *dh)
+{
+return dh->q;
+}
+
+const BIGNUM *DH_get0_g(const DH *dh)
+{
+return dh->g;
+}
+
+const BIGNUM *DH_get0_priv_key(const DH *dh)
+{
+return dh->priv_key;
+}
+
+const BIGNUM *DH_get0_pub_key(const DH *dh)
+{
+return dh->pub_key;
+}
+
void DH_clear_flags(DH *dh, int flags)
{
dh->flags &= ~flags;
diff --git a/doc/man3/DH_get0_pqg.pod b/doc/man3/DH_get0_pqg.pod
index ec476a7..6b25556 100644
--- a/doc/man3/DH_get0_pqg.pod
+++ b/doc/man3/DH_get0_pqg.pod
@@ -2,9 +2,11 @@
=head1 NAME
-DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key, DH_clear_flags,
-DH_test_flags, DH_set_flags, DH_get0_engine, DH_get_length,
-DH_set_length - Routines for getting and setting data in a DH object
+DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key,
+DH_get0_p, DH_get0_q, DH_get0_g,
+DH_get0_priv_key, DH_get0_pub_key,
+DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine,
+DH_get_length, DH_set_length - Routines for getting and setting data in a DH
object
=head1 SYNOPSIS
@@ -16,6 +18,11 @@ DH_set_length - Routines for getting and setting data in a
DH object
void DH_get0_key(const DH *dh,
const BIGNUM **pub_key, const BIGNUM **priv_key);
int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+ const BIGNUM *DH_get0_p(const DH *dh);
+ const BIGNUM *DH_get0_q(const DH *dh);
+ const BIGNUM *DH_get0_g(const DH *dh);
+ const BIGNUM *DH_get0_priv_key(const DH *dh);
+ const BIGNUM *DH_get0_pub_key(const DH *dh);
void DH_clear_flags(DH *dh, int flags);
int DH_test_flags(const DH *dh, int flags);
void DH_set_flags(DH *dh, int flags);
@@ -54,6 +61,10 @@ untouched. As with DH_set0_pqg() this function transfers the
memory management
of the key values to the DH object, and therefore they should not be freed
directly after this function has been called.
+Any of the values B, B, B, B, and B can also be
+retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(),
+DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.
+
DH_set_flags() sets the flags in the B parameter on the DH object.
Multiple flags can be passed in one go (bitwise ORed together). Any flags that
are already set are left set. DH_test_flags() tests to see whether the flags
@@ -81,6 +92,9 @@ duplicate. The same applies to DH_get0_pqg() and
DH_set0_pqg().
DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.
+DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and
DH_get0_pub_key()
+return the respective value.
+
DH_test_flags() returns the current state of the flags in the DH object.
DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 9a1fdda..3527540 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -183,6 +183,11 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
void DH_get0_key(const DH *dh,
const BIGNUM **pub_key, const BIGNUM **priv_key);
int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+const BIGNUM *DH_get0_p(const DH *dh);
+const BIGNUM *DH_get0_q(const DH *dh);
+const BIGNUM *DH_get0_g(const DH *dh);
+const BIGNUM *DH_get0_priv_key(const DH *dh);
+const BIGNUM *DH_get0_pub_key(const DH *dh);
void DH_clear_flags(DH *dh, int flags);
int DH_test_flags(const DH *dh, int flags);
void DH_set_flags(DH *dh, int flags);
diff --git
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 0602a140aa22c7b695fcef4f5ae614dd612c3b7d (commit) from 7b6cfcd6dd99a86ecc3a1c51eef539494e191754 (commit) - Log - commit 0602a140aa22c7b695fcef4f5ae614dd612c3b7d Author: Dr. Matthias St. Pierre Date: Fri May 11 16:58:44 2018 +0200 Fix typo 'is an error occurred' in documentation Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6231) --- Summary of changes: doc/crypto/BIO_s_fd.pod| 2 +- doc/crypto/CMS_get0_SignerInfos.pod| 2 +- doc/crypto/CMS_get1_ReceiptRequest.pod | 2 +- doc/crypto/OBJ_nid2obj.pod | 2 +- doc/crypto/SMIME_read_PKCS7.pod| 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/crypto/BIO_s_fd.pod b/doc/crypto/BIO_s_fd.pod index b1de1d1..2830134 100644 --- a/doc/crypto/BIO_s_fd.pod +++ b/doc/crypto/BIO_s_fd.pod @@ -60,7 +60,7 @@ BIO_s_fd() returns the file descriptor BIO method. BIO_reset() returns zero for success and -1 if an error occurred. BIO_seek() and BIO_tell() return the current file position or -1 -is an error occurred. These values reflect the underlying lseek() +if an error occurred. These values reflect the underlying lseek() behaviour. BIO_set_fd() always returns 1. diff --git a/doc/crypto/CMS_get0_SignerInfos.pod b/doc/crypto/CMS_get0_SignerInfos.pod index b46c0e0..69fde81 100644 --- a/doc/crypto/CMS_get0_SignerInfos.pod +++ b/doc/crypto/CMS_get0_SignerInfos.pod @@ -51,7 +51,7 @@ CMS_SignerInfo_set1_signer_cert(). Once all signer certificates have been set CMS_verify() can be used. -Although CMS_get0_SignerInfos() can return NULL is an error occur B if +Although CMS_get0_SignerInfos() can return NULL if an error occurs B if there are no signers this is not a problem in practice because the only error which can occur is if the B structure is not of type signedData due to application error. diff --git a/doc/crypto/CMS_get1_ReceiptRequest.pod b/doc/crypto/CMS_get1_ReceiptRequest.pod index f546376..7a483ec 100644 --- a/doc/crypto/CMS_get1_ReceiptRequest.pod +++ b/doc/crypto/CMS_get1_ReceiptRequest.pod @@ -48,7 +48,7 @@ CMS_verify(). CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred. -CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred. +CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred. CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if diff --git a/doc/crypto/OBJ_nid2obj.pod b/doc/crypto/OBJ_nid2obj.pod index b8d2896..c870bd4 100644 --- a/doc/crypto/OBJ_nid2obj.pod +++ b/doc/crypto/OBJ_nid2obj.pod @@ -42,7 +42,7 @@ constants. OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B to an ASN1_OBJECT structure, its long name and its short name respectively, -or B is an error occurred. +or B if an error occurred. OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object B, the long name or the short name respectively diff --git a/doc/crypto/SMIME_read_PKCS7.pod b/doc/crypto/SMIME_read_PKCS7.pod index 9d46715..7cdca1e 100644 --- a/doc/crypto/SMIME_read_PKCS7.pod +++ b/doc/crypto/SMIME_read_PKCS7.pod @@ -57,7 +57,7 @@ streaming single pass option should be available. =head1 RETURN VALUES SMIME_read_PKCS7() returns a valid B structure or B -is an error occurred. The error can be obtained from ERR_get_error(3). +if an error occurred. The error can be obtained from ERR_get_error(3). =head1 SEE ALSO _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via f47bf4dab8c7b7063fbedff63ec8fe8cf8c3b15c (commit) from c47d1d7130c8cd3f601fc9648c6a26eb666edb44 (commit) - Log - commit f47bf4dab8c7b7063fbedff63ec8fe8cf8c3b15c Author: Dr. Matthias St. Pierre Date: Fri May 11 16:58:44 2018 +0200 Fix typo 'is an error occurred' in documentation Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6230) --- Summary of changes: doc/crypto/CMS_get0_SignerInfos.pod| 2 +- doc/crypto/CMS_get1_ReceiptRequest.pod | 2 +- doc/crypto/OBJ_nid2obj.pod | 2 +- doc/crypto/SMIME_read_PKCS7.pod| 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/crypto/CMS_get0_SignerInfos.pod b/doc/crypto/CMS_get0_SignerInfos.pod index e5532c9..70232cd 100644 --- a/doc/crypto/CMS_get0_SignerInfos.pod +++ b/doc/crypto/CMS_get0_SignerInfos.pod @@ -54,7 +54,7 @@ CMS_SignerInfo_set1_signer_cert(). Once all signer certificates have been set CMS_verify() can be used. -Although CMS_get0_SignerInfos() can return NULL is an error occur B if +Although CMS_get0_SignerInfos() can return NULL if an error occurs B if there are no signers this is not a problem in practice because the only error which can occur is if the B structure is not of type signedData due to application error. diff --git a/doc/crypto/CMS_get1_ReceiptRequest.pod b/doc/crypto/CMS_get1_ReceiptRequest.pod index 79f5f42..9a49bf6 100644 --- a/doc/crypto/CMS_get1_ReceiptRequest.pod +++ b/doc/crypto/CMS_get1_ReceiptRequest.pod @@ -48,7 +48,7 @@ CMS_verify(). CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred. -CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred. +CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred. CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if diff --git a/doc/crypto/OBJ_nid2obj.pod b/doc/crypto/OBJ_nid2obj.pod index 3ada667..82e5bcd 100644 --- a/doc/crypto/OBJ_nid2obj.pod +++ b/doc/crypto/OBJ_nid2obj.pod @@ -54,7 +54,7 @@ constants. OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B to an ASN1_OBJECT structure, its long name and its short name respectively, -or B is an error occurred. +or B if an error occurred. OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object B, the long name or the short name respectively diff --git a/doc/crypto/SMIME_read_PKCS7.pod b/doc/crypto/SMIME_read_PKCS7.pod index 3eb8bbc..40973d3 100644 --- a/doc/crypto/SMIME_read_PKCS7.pod +++ b/doc/crypto/SMIME_read_PKCS7.pod @@ -57,7 +57,7 @@ streaming single pass option should be available. =head1 RETURN VALUES SMIME_read_PKCS7() returns a valid B structure or B -is an error occurred. The error can be obtained from ERR_get_error(3). +if an error occurred. The error can be obtained from ERR_get_error(3). =head1 SEE ALSO _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 34e4a964afacb48414e37a5b205ce9a349259e6b (commit) from 61fb59238dad6452a37ec14513fae617a4faef29 (commit) - Log - commit 34e4a964afacb48414e37a5b205ce9a349259e6b Author: Dr. Matthias St. Pierre Date: Fri May 11 16:54:43 2018 +0200 Fix typo: 'is an error occurred' in documentation Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6229) --- Summary of changes: doc/man3/CMS_get0_SignerInfos.pod| 2 +- doc/man3/CMS_get1_ReceiptRequest.pod | 2 +- doc/man3/OBJ_nid2obj.pod | 2 +- doc/man3/SMIME_read_PKCS7.pod| 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/man3/CMS_get0_SignerInfos.pod b/doc/man3/CMS_get0_SignerInfos.pod index 7abe39f..18237dc 100644 --- a/doc/man3/CMS_get0_SignerInfos.pod +++ b/doc/man3/CMS_get0_SignerInfos.pod @@ -55,7 +55,7 @@ CMS_SignerInfo_set1_signer_cert(). Once all signer certificates have been set CMS_verify() can be used. -Although CMS_get0_SignerInfos() can return NULL is an error occur B if +Although CMS_get0_SignerInfos() can return NULL if an error occurs B if there are no signers this is not a problem in practice because the only error which can occur is if the B structure is not of type signedData due to application error. diff --git a/doc/man3/CMS_get1_ReceiptRequest.pod b/doc/man3/CMS_get1_ReceiptRequest.pod index 4f7f245..ba70480 100644 --- a/doc/man3/CMS_get1_ReceiptRequest.pod +++ b/doc/man3/CMS_get1_ReceiptRequest.pod @@ -54,7 +54,7 @@ CMS_verify(). CMS_ReceiptRequest_create0() returns a signed receipt request structure or NULL if an error occurred. -CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred. +CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred. CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and decoded. It returns 0 if a signed receipt request is not present and -1 if diff --git a/doc/man3/OBJ_nid2obj.pod b/doc/man3/OBJ_nid2obj.pod index 6c1aa13..6d85c11 100644 --- a/doc/man3/OBJ_nid2obj.pod +++ b/doc/man3/OBJ_nid2obj.pod @@ -54,7 +54,7 @@ constants. OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B to an ASN1_OBJECT structure, its long name and its short name respectively, -or B is an error occurred. +or B if an error occurred. OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID for the object B, the long name or the short name respectively diff --git a/doc/man3/SMIME_read_PKCS7.pod b/doc/man3/SMIME_read_PKCS7.pod index 3eb8bbc..40973d3 100644 --- a/doc/man3/SMIME_read_PKCS7.pod +++ b/doc/man3/SMIME_read_PKCS7.pod @@ -57,7 +57,7 @@ streaming single pass option should be available. =head1 RETURN VALUES SMIME_read_PKCS7() returns a valid B structure or B -is an error occurred. The error can be obtained from ERR_get_error(3). +if an error occurred. The error can be obtained from ERR_get_error(3). =head1 SEE ALSO _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 7f35627c7943c213f7f8555d13b83288cccd5fc9 (commit) from 60845a0aa4e54f2973bc178daa5ed475ea4e148d (commit) - Log - commit 7f35627c7943c213f7f8555d13b83288cccd5fc9 Author: Dr. Matthias St. Pierre Date: Tue May 8 12:32:12 2018 +0200 Fix typos in x509 documentation Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6207) --- Summary of changes: doc/man3/X509_NAME_get_index_by_NID.pod | 2 +- doc/man3/X509_cmp_time.pod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man3/X509_NAME_get_index_by_NID.pod b/doc/man3/X509_NAME_get_index_by_NID.pod index 5579dab..283d0f2 100644 --- a/doc/man3/X509_NAME_get_index_by_NID.pod +++ b/doc/man3/X509_NAME_get_index_by_NID.pod @@ -49,7 +49,7 @@ of space needed in B (excluding the final null) is returned. =head1 NOTES X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() should be -considered deprecaated because they +considered deprecated because they have various limitations which make them of minimal use in practice. They can only find the first matching entry and will copy the contents of the field verbatim: this can diff --git a/doc/man3/X509_cmp_time.pod b/doc/man3/X509_cmp_time.pod index 911814e..4b5cb67 100644 --- a/doc/man3/X509_cmp_time.pod +++ b/doc/man3/X509_cmp_time.pod @@ -46,7 +46,7 @@ X509_cmp_time() and X509_cmp_current_time() return -1 if B is earlier than, or equal to, B (resp. current time), and 1 otherwise. These methods return 0 on error. -X509_time_ad() and X509_time_adj_ex() return a pointer to the updated +X509_time_adj() and X509_time_adj_ex() return a pointer to the updated ASN1_TIME structure, and NULL on error. =head1 COPYRIGHT _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated
via 7b6cfcd6dd99a86ecc3a1c51eef539494e191754 (commit)
from 8dd55d9ee107337460e6a35b4ece234b4475e12d (commit)
- Log -
commit 7b6cfcd6dd99a86ecc3a1c51eef539494e191754
Author: Emilia Kasper
Date: Fri Feb 17 19:00:15 2017 +0100
X509 time: tighten validation per RFC 5280
- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time
GH issue 2620
Backported from 80770da39e
Reviewed-by: Rich Salz
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/6182)
---
Summary of changes:
CHANGES | 5 +-
crypto/x509/x509_vfy.c | 140 --
doc/man3/X509_cmp_time.pod | 39 +++
test/Makefile| 36 +--
test/recipes/60-test_x509_time.t | 12 +++
test/x509_time_test.c| 212 +++
6 files changed, 340 insertions(+), 104 deletions(-)
create mode 100644 doc/man3/X509_cmp_time.pod
create mode 100644 test/recipes/60-test_x509_time.t
create mode 100644 test/x509_time_test.c
diff --git a/CHANGES b/CHANGES
index 1da1a42..25b453e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,10 @@
Changes between 1.0.2o and 1.0.2p [xx XXX ]
- *)
+ *) Certificate time validation (X509_cmp_time) enforces stricter
+ compliance with RFC 5280. Fractional seconds and timezone offsets
+ are no longer allowed.
+ [Emilia Käsper]
Changes between 1.0.2n and 1.0.2o [27 Mar 2018]
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index ff23833..869460d 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
+#include
#include
#include
#include
@@ -1937,120 +1938,67 @@ int X509_cmp_current_time(const ASN1_TIME *ctm)
int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
{
-char *str;
-ASN1_TIME atm;
-long offset;
-char buff1[24], buff2[24], *p;
-int i, j, remaining;
+static const size_t utctime_length = sizeof("YYMMDDHHMMSSZ") - 1;
+static const size_t generalizedtime_length = sizeof("MMDDHHMMSSZ") - 1;
+ASN1_TIME *asn1_cmp_time = NULL;
+int i, day, sec, ret = 0;
-p = buff1;
-remaining = ctm->length;
-str = (char *)ctm->data;
/*
- * Note that the following (historical) code allows much more slack in the
- * time format than RFC5280. In RFC5280, the representation is fixed:
+ * Note that ASN.1 allows much more slack in the time format than RFC5280.
+ * In RFC5280, the representation is fixed:
* UTCTime: YYMMDDHHMMSSZ
* GeneralizedTime: MMDDHHMMSSZ
+ *
+ * We do NOT currently enforce the following RFC 5280 requirement:
+ * "CAs conforming to this profile MUST always encode certificate
+ * validity dates through the year 2049 as UTCTime; certificate validity
+ * dates in 2050 or later MUST be encoded as GeneralizedTime."
*/
-if (ctm->type == V_ASN1_UTCTIME) {
-/* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
-int min_length = sizeof("YYMMDDHHMMZ") - 1;
-int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
-if (remaining < min_length || remaining > max_length)
+switch (ctm->type) {
+case V_ASN1_UTCTIME:
+if (ctm->length != (int)(utctime_length))
return 0;
-memcpy(p, str, 10);
-p += 10;
-str += 10;
-remaining -= 10;
-} else {
-/* MMDDHHMM[SS[.fff]]Z or MMDDHHMM[SS[.f[f[f(+-)hhmm */
-int min_length = sizeof("MMDDHHMMZ") - 1;
-int max_length = sizeof("MMDDHHMMSS.fff+hhmm") - 1;
-if (remaining < min_length || remaining > max_length)
+break;
+case V_ASN1_GENERALIZEDTIME:
+if (ctm->length != (int)(generalizedtime_length))
return 0;
-memcpy(p, str, 12);
-p += 12;
-str += 12;
-remaining -= 12;
+break;
+default:
+return 0;
}
-if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
-*(p++) = '0';
-*(p++) = '0';
-} else {
-/* SS (seconds) */
-if (remaining < 2)
+/**
+ * Verify the format: the ASN.1 functions we use below allow a more
+ * flexible format than what's mandated by RFC 5280.
+ * Digit and date ranges will be verified in the conversion methods.
+ */
+for (i = 0; i < ctm->length - 1; i++) {
+if (!isdigit(ctm->data[i]))
return 0;
-
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via 414d19d0341407b211c64729df37889e2c572e12 (commit)
from 29627a364be80f8c30fe7824bc3642d43d7e2c0a (commit)
- Log -
commit 414d19d0341407b211c64729df37889e2c572e12
Author: Emilia Kasper
Date: Fri Feb 17 19:00:15 2017 +0100
X509 time: tighten validation per RFC 5280
- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time
GH issue 2620
Backported from 80770da39e
Reviewed-by: Rich Salz
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/6181)
---
Summary of changes:
CHANGES| 5 +
crypto/x509/x509_vfy.c | 140 +-
doc/man3/X509_cmp_time.pod | 39
test/build.info| 6 +-
.../{03-test_exdata.t => 60-test_x509_time.t} | 2 +-
test/x509_time_test.c | 212 +
6 files changed, 306 insertions(+), 98 deletions(-)
create mode 100644 doc/man3/X509_cmp_time.pod
copy test/recipes/{03-test_exdata.t => 60-test_x509_time.t} (88%)
create mode 100644 test/x509_time_test.c
diff --git a/CHANGES b/CHANGES
index 7199f3d..e8cd361 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,11 @@
Changes between 1.1.0h and 1.1.0i [xx XXX ]
+ *) Certificate time validation (X509_cmp_time) enforces stricter
+ compliance with RFC 5280. Fractional seconds and timezone offsets
+ are no longer allowed.
+ [Emilia Käsper]
+
*) Fixed a text canonicalisation bug in CMS
Where a CMS detached signature is used with text content the text goes
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index a48d231..3fa2e5c 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -7,6 +7,7 @@
* https://www.openssl.org/source/license.html
*/
+#include
#include
#include
#include
@@ -1756,120 +1757,67 @@ int X509_cmp_current_time(const ASN1_TIME *ctm)
int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
{
-char *str;
-ASN1_TIME atm;
-long offset;
-char buff1[24], buff2[24], *p;
-int i, j, remaining;
+static const size_t utctime_length = sizeof("YYMMDDHHMMSSZ") - 1;
+static const size_t generalizedtime_length = sizeof("MMDDHHMMSSZ") - 1;
+ASN1_TIME *asn1_cmp_time = NULL;
+int i, day, sec, ret = 0;
-p = buff1;
-remaining = ctm->length;
-str = (char *)ctm->data;
/*
- * Note that the following (historical) code allows much more slack in the
- * time format than RFC5280. In RFC5280, the representation is fixed:
+ * Note that ASN.1 allows much more slack in the time format than RFC5280.
+ * In RFC5280, the representation is fixed:
* UTCTime: YYMMDDHHMMSSZ
* GeneralizedTime: MMDDHHMMSSZ
+ *
+ * We do NOT currently enforce the following RFC 5280 requirement:
+ * "CAs conforming to this profile MUST always encode certificate
+ * validity dates through the year 2049 as UTCTime; certificate validity
+ * dates in 2050 or later MUST be encoded as GeneralizedTime."
*/
-if (ctm->type == V_ASN1_UTCTIME) {
-/* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
-int min_length = sizeof("YYMMDDHHMMZ") - 1;
-int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
-if (remaining < min_length || remaining > max_length)
+switch (ctm->type) {
+case V_ASN1_UTCTIME:
+if (ctm->length != (int)(utctime_length))
return 0;
-memcpy(p, str, 10);
-p += 10;
-str += 10;
-remaining -= 10;
-} else {
-/* MMDDHHMM[SS[.fff]]Z or MMDDHHMM[SS[.f[f[f(+-)hhmm */
-int min_length = sizeof("MMDDHHMMZ") - 1;
-int max_length = sizeof("MMDDHHMMSS.fff+hhmm") - 1;
-if (remaining < min_length || remaining > max_length)
+break;
+case V_ASN1_GENERALIZEDTIME:
+if (ctm->length != (int)(generalizedtime_length))
return 0;
-memcpy(p, str, 12);
-p += 12;
-str += 12;
-remaining -= 12;
+break;
+default:
+return 0;
}
-if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
-*(p++) = '0';
-*(p++) = '0';
-} else {
-/* SS (seconds) */
-if (remaining < 2)
+/**
+ * Verify the format: the ASN.1 functions we use below allow a more
+ * flexible format than what's mandated by RFC 5280.
+ * Digit and date ranges will b
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated
via c14a3be5adf88edc002199835d8fa40f1296e381 (commit)
from 1b3af972c0ea6435ce7ac897de9f7c0f138e05a7 (commit)
- Log -
commit c14a3be5adf88edc002199835d8fa40f1296e381
Author: Dr. Matthias St. Pierre
Date: Wed May 2 23:06:15 2018 +0200
v3_purp.c: add locking to x509v3_cache_extensions()
Fixes #6121
Thanks to Mingtao Yang for reporting this bug.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6164)
---
Summary of changes:
crypto/x509v3/v3_purp.c | 25 +++--
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 96e629a..1baa811 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -128,11 +128,10 @@ int X509_check_purpose(X509 *x, int id, int ca)
{
int idx;
const X509_PURPOSE *pt;
-if (!(x->ex_flags & EXFLAG_SET)) {
-CRYPTO_w_lock(CRYPTO_LOCK_X509);
-x509v3_cache_extensions(x);
-CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-}
+
+x509v3_cache_extensions(x);
+
+/* Return if side-effect only call */
if (id == -1)
return 1;
idx = X509_PURPOSE_get_by_id(id);
@@ -399,8 +398,16 @@ static void x509v3_cache_extensions(X509 *x)
X509_EXTENSION *ex;
int i;
+
if (x->ex_flags & EXFLAG_SET)
return;
+
+CRYPTO_w_lock(CRYPTO_LOCK_X509);
+if (x->ex_flags & EXFLAG_SET) {
+CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+return;
+}
+
#ifndef OPENSSL_NO_SHA
X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
#endif
@@ -536,6 +543,7 @@ static void x509v3_cache_extensions(X509 *x)
}
}
x->ex_flags |= EXFLAG_SET;
+CRYPTO_w_unlock(CRYPTO_LOCK_X509);
}
/*-
@@ -578,11 +586,7 @@ static int check_ca(const X509 *x)
int X509_check_ca(X509 *x)
{
-if (!(x->ex_flags & EXFLAG_SET)) {
-CRYPTO_w_lock(CRYPTO_LOCK_X509);
-x509v3_cache_extensions(x);
-CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-}
+x509v3_cache_extensions(x);
return check_ca(x);
}
@@ -796,6 +800,7 @@ int X509_check_issued(X509 *issuer, X509 *subject)
if (X509_NAME_cmp(X509_get_subject_name(issuer),
X509_get_issuer_name(subject)))
return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
+
x509v3_cache_extensions(issuer);
x509v3_cache_extensions(subject);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via 2c2d9dcd25b6a9e9c6522bfd030d6be5d8e1c92a (commit)
from f4be878edae21755fe83ef26f3f3821a2fe58a97 (commit)
- Log -
commit 2c2d9dcd25b6a9e9c6522bfd030d6be5d8e1c92a
Author: Dr. Matthias St. Pierre
Date: Wed May 2 23:06:15 2018 +0200
v3_purp.c: add locking to x509v3_cache_extensions()
Fixes #6121
Thanks to Mingtao Yang for reporting this bug.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6162)
---
Summary of changes:
crypto/x509v3/v3_purp.c | 24 ++--
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 6d2f354..144de0c 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -78,11 +78,9 @@ int X509_check_purpose(X509 *x, int id, int ca)
{
int idx;
const X509_PURPOSE *pt;
-if (!(x->ex_flags & EXFLAG_SET)) {
-CRYPTO_THREAD_write_lock(x->lock);
-x509v3_cache_extensions(x);
-CRYPTO_THREAD_unlock(x->lock);
-}
+
+x509v3_cache_extensions(x);
+
/* Return if side-effect only call */
if (id == -1)
return 1;
@@ -354,8 +352,16 @@ static void x509v3_cache_extensions(X509 *x)
X509_EXTENSION *ex;
int i;
+
if (x->ex_flags & EXFLAG_SET)
return;
+
+CRYPTO_THREAD_write_lock(x->lock);
+if (x->ex_flags & EXFLAG_SET) {
+CRYPTO_THREAD_unlock(x->lock);
+return;
+}
+
X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
/* V1 should mean no extensions ... */
if (!X509_get_version(x))
@@ -489,6 +495,7 @@ static void x509v3_cache_extensions(X509 *x)
}
}
x->ex_flags |= EXFLAG_SET;
+CRYPTO_THREAD_unlock(x->lock);
}
/*-
@@ -541,11 +548,7 @@ void X509_set_proxy_pathlen(X509 *x, long l)
int X509_check_ca(X509 *x)
{
-if (!(x->ex_flags & EXFLAG_SET)) {
-CRYPTO_THREAD_write_lock(x->lock);
-x509v3_cache_extensions(x);
-CRYPTO_THREAD_unlock(x->lock);
-}
+x509v3_cache_extensions(x);
return check_ca(x);
}
@@ -759,6 +762,7 @@ int X509_check_issued(X509 *issuer, X509 *subject)
if (X509_NAME_cmp(X509_get_subject_name(issuer),
X509_get_issuer_name(subject)))
return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
+
x509v3_cache_extensions(issuer);
x509v3_cache_extensions(subject);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via bc624bd95554ea218cbc3fad0d794abdfeb21eb6 (commit)
from 463e6ef500ead3fefccc470ce2f82429bb060e70 (commit)
- Log -
commit bc624bd95554ea218cbc3fad0d794abdfeb21eb6
Author: Dr. Matthias St. Pierre
Date: Wed May 2 23:06:15 2018 +0200
v3_purp.c: add locking to x509v3_cache_extensions()
Fixes #6121
Thanks to Mingtao Yang for reporting this bug.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6162)
---
Summary of changes:
crypto/x509v3/v3_purp.c | 24 ++--
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index d344e2d..1ba1ce8 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -78,11 +78,9 @@ int X509_check_purpose(X509 *x, int id, int ca)
{
int idx;
const X509_PURPOSE *pt;
-if (!(x->ex_flags & EXFLAG_SET)) {
-CRYPTO_THREAD_write_lock(x->lock);
-x509v3_cache_extensions(x);
-CRYPTO_THREAD_unlock(x->lock);
-}
+
+x509v3_cache_extensions(x);
+
/* Return if side-effect only call */
if (id == -1)
return 1;
@@ -354,8 +352,16 @@ static void x509v3_cache_extensions(X509 *x)
X509_EXTENSION *ex;
int i;
+
if (x->ex_flags & EXFLAG_SET)
return;
+
+CRYPTO_THREAD_write_lock(x->lock);
+if (x->ex_flags & EXFLAG_SET) {
+CRYPTO_THREAD_unlock(x->lock);
+return;
+}
+
X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
/* V1 should mean no extensions ... */
if (!X509_get_version(x))
@@ -490,6 +496,7 @@ static void x509v3_cache_extensions(X509 *x)
}
x509_init_sig_info(x);
x->ex_flags |= EXFLAG_SET;
+CRYPTO_THREAD_unlock(x->lock);
}
/*-
@@ -542,11 +549,7 @@ void X509_set_proxy_pathlen(X509 *x, long l)
int X509_check_ca(X509 *x)
{
-if (!(x->ex_flags & EXFLAG_SET)) {
-CRYPTO_THREAD_write_lock(x->lock);
-x509v3_cache_extensions(x);
-CRYPTO_THREAD_unlock(x->lock);
-}
+x509v3_cache_extensions(x);
return check_ca(x);
}
@@ -760,6 +763,7 @@ int X509_check_issued(X509 *issuer, X509 *subject)
if (X509_NAME_cmp(X509_get_subject_name(issuer),
X509_get_issuer_name(subject)))
return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
+
x509v3_cache_extensions(issuer);
x509v3_cache_extensions(subject);
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated
via 7e6c0f56e65af0727d87615342df1272cd017e9f (commit)
from a96022b3c4d159d1b14f54bd6811fd97a52df636 (commit)
- Log -
commit 7e6c0f56e65af0727d87615342df1272cd017e9f
Author: Dr. Matthias St. Pierre
Date: Thu Apr 26 20:36:41 2018 +0200
a_strex.c: prevent out of bound read in do_buf()
which is used for ASN1_STRING_print_ex*() and X509_NAME_print_ex*().
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6118)
---
Summary of changes:
crypto/asn1/a_strex.c | 25 +++--
crypto/asn1/asn1.h | 6 --
crypto/asn1/asn1_err.c | 1 +
3 files changed, 28 insertions(+), 4 deletions(-)
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 95f0416..65f47a7 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -194,18 +194,38 @@ static int do_buf(unsigned char *buf, int buflen,
int type, unsigned char flags, char *quotes, char_io *io_ch,
void *arg)
{
-int i, outlen, len;
+int i, outlen, len, charwidth;
unsigned char orflags, *p, *q;
unsigned long c;
p = buf;
q = buf + buflen;
outlen = 0;
+charwidth = type & BUF_TYPE_WIDTH_MASK;
+
+switch (charwidth) {
+case 4:
+if (buflen & 3) {
+ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
+return -1;
+}
+break;
+case 2:
+if (buflen & 1) {
+ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH);
+return -1;
+}
+break;
+default:
+break;
+}
+
while (p != q) {
if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
orflags = CHARTYPE_FIRST_ESC_2253;
else
orflags = 0;
-switch (type & BUF_TYPE_WIDTH_MASK) {
+
+switch (charwidth) {
case 4:
c = ((unsigned long)*p++) << 24;
c |= ((unsigned long)*p++) << 16;
@@ -226,6 +246,7 @@ static int do_buf(unsigned char *buf, int buflen,
i = UTF8_getc(p, buflen, &c);
if (i < 0)
return -1; /* Invalid UTF8String */
+buflen -= i;
p += i;
break;
default:
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 35a2b2a..256c531 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1164,6 +1164,7 @@ int SMIME_text(BIO *in, BIO *out);
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
+
void ERR_load_ASN1_strings(void);
/* Error codes for the ASN1 functions. */
@@ -1264,6 +1265,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_F_D2I_X509 156
# define ASN1_F_D2I_X509_CINF 157
# define ASN1_F_D2I_X509_PKEY 159
+# define ASN1_F_DO_BUF221
# define ASN1_F_I2D_ASN1_BIO_STREAM 211
# define ASN1_F_I2D_ASN1_SET 188
# define ASN1_F_I2D_ASN1_TIME 160
@@ -1414,7 +1416,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_R_WRONG_TAG 168
# define ASN1_R_WRONG_TYPE169
-#ifdef __cplusplus
+# ifdef __cplusplus
}
-#endif
+# endif
#endif
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index cfc1512..c144180 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -166,6 +166,7 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
+{ERR_FUNC(ASN1_F_DO_BUF), "DO_BUF"},
{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via ebdeeb363f03848cea5028e63c6be294a34a8426 (commit)
from bf87bf45f181fa130af27739f5c38aba88f88cfd (commit)
- Log -
commit ebdeeb363f03848cea5028e63c6be294a34a8426
Author: Dr. Matthias St. Pierre
Date: Thu Apr 26 20:36:41 2018 +0200
a_strex.c: prevent out of bound read in do_buf()
which is used for ASN1_STRING_print_ex*() and X509_NAME_print_ex*().
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6117)
---
Summary of changes:
crypto/asn1/a_strex.c | 25 +++--
crypto/asn1/asn1_err.c | 1 +
include/openssl/asn1.h | 1 +
3 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index b91266b..75bc431 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -139,7 +139,7 @@ static int do_buf(unsigned char *buf, int buflen,
int type, unsigned short flags, char *quotes, char_io *io_ch,
void *arg)
{
-int i, outlen, len;
+int i, outlen, len, charwidth;
unsigned short orflags;
unsigned char *p, *q;
unsigned long c;
@@ -147,12 +147,32 @@ static int do_buf(unsigned char *buf, int buflen,
p = buf;
q = buf + buflen;
outlen = 0;
+charwidth = type & BUF_TYPE_WIDTH_MASK;
+
+switch (charwidth) {
+case 4:
+if (buflen & 3) {
+ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
+return -1;
+}
+break;
+case 2:
+if (buflen & 1) {
+ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH);
+return -1;
+}
+break;
+default:
+break;
+}
+
while (p != q) {
if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
orflags = CHARTYPE_FIRST_ESC_2253;
else
orflags = 0;
-switch (type & BUF_TYPE_WIDTH_MASK) {
+
+switch (charwidth) {
case 4:
c = ((unsigned long)*p++) << 24;
c |= ((unsigned long)*p++) << 16;
@@ -173,6 +193,7 @@ static int do_buf(unsigned char *buf, int buflen,
i = UTF8_getc(p, buflen, &c);
if (i < 0)
return -1; /* Invalid UTF8String */
+buflen -= i;
p += i;
break;
default:
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 8602c40..7068c0c 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -92,6 +92,7 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
{ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
+{ERR_FUNC(ASN1_F_DO_BUF), "do_buf"},
{ERR_FUNC(ASN1_F_DO_TCREATE), "do_tcreate"},
{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 05ae1db..88e6469 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -953,6 +953,7 @@ int ERR_load_ASN1_strings(void);
# define ASN1_F_D2I_AUTOPRIVATEKEY207
# define ASN1_F_D2I_PRIVATEKEY154
# define ASN1_F_D2I_PUBLICKEY 155
+# define ASN1_F_DO_BUF142
# define ASN1_F_DO_TCREATE222
# define ASN1_F_I2D_ASN1_BIO_STREAM 211
# define ASN1_F_I2D_DSA_PUBKEY161
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via c6718437709108b4bcb784d774fb3df124df48e5 (commit)
from 6ebb49f3f9c9333611192561979bb799fa1eb76d (commit)
- Log -
commit c6718437709108b4bcb784d774fb3df124df48e5
Author: Dr. Matthias St. Pierre
Date: Thu Apr 26 20:36:41 2018 +0200
a_strex.c: prevent out of bound read in do_buf()
which is used for ASN1_STRING_print_ex*() and X509_NAME_print_ex*().
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6105)
---
Summary of changes:
crypto/asn1/a_strex.c | 25 +++--
crypto/asn1/asn1_err.c| 1 +
crypto/err/openssl.txt| 1 +
include/openssl/asn1err.h | 1 +
4 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 1d34f56..6a67bc8 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -139,7 +139,7 @@ static int do_buf(unsigned char *buf, int buflen,
int type, unsigned short flags, char *quotes, char_io *io_ch,
void *arg)
{
-int i, outlen, len;
+int i, outlen, len, charwidth;
unsigned short orflags;
unsigned char *p, *q;
unsigned long c;
@@ -147,12 +147,32 @@ static int do_buf(unsigned char *buf, int buflen,
p = buf;
q = buf + buflen;
outlen = 0;
+charwidth = type & BUF_TYPE_WIDTH_MASK;
+
+switch (charwidth) {
+case 4:
+if (buflen & 3) {
+ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
+return -1;
+}
+break;
+case 2:
+if (buflen & 1) {
+ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH);
+return -1;
+}
+break;
+default:
+break;
+}
+
while (p != q) {
if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
orflags = CHARTYPE_FIRST_ESC_2253;
else
orflags = 0;
-switch (type & BUF_TYPE_WIDTH_MASK) {
+
+switch (charwidth) {
case 4:
c = ((unsigned long)*p++) << 24;
c |= ((unsigned long)*p++) << 16;
@@ -173,6 +193,7 @@ static int do_buf(unsigned char *buf, int buflen,
i = UTF8_getc(p, buflen, &c);
if (i < 0)
return -1; /* Invalid UTF8String */
+buflen -= i;
p += i;
break;
default:
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 751d441..22bf06f 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -109,6 +109,7 @@ static const ERR_STRING_DATA ASN1_str_functs[] = {
"d2i_AutoPrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PRIVATEKEY, 0), "d2i_PrivateKey"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PUBLICKEY, 0), "d2i_PublicKey"},
+{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_BUF, 0), "do_buf"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_CREATE, 0), "do_create"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_DUMP, 0), "do_dump"},
{ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_TCREATE, 0), "do_tcreate"},
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 155a8f3..209bd0d 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -82,6 +82,7 @@ ASN1_F_D2I_ASN1_UINTEGER:150:d2i_ASN1_UINTEGER
ASN1_F_D2I_AUTOPRIVATEKEY:207:d2i_AutoPrivateKey
ASN1_F_D2I_PRIVATEKEY:154:d2i_PrivateKey
ASN1_F_D2I_PUBLICKEY:155:d2i_PublicKey
+ASN1_F_DO_BUF:142:do_buf
ASN1_F_DO_CREATE:124:do_create
ASN1_F_DO_DUMP:125:do_dump
ASN1_F_DO_TCREATE:222:do_tcreate
diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h
index 9697898..048a737 100644
--- a/include/openssl/asn1err.h
+++ b/include/openssl/asn1err.h
@@ -95,6 +95,7 @@ int ERR_load_ASN1_strings(void);
# define ASN1_F_D2I_AUTOPRIVATEKEY207
# define ASN1_F_D2I_PRIVATEKEY154
# define ASN1_F_D2I_PUBLICKEY 155
+# define ASN1_F_DO_BUF142
# define ASN1_F_DO_CREATE 124
# define ASN1_F_DO_DUMP 125
# define ASN1_F_DO_TCREATE222
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 32c6985349ba134761f75a3f61814234d096a1df (commit)
from 6fb7b08987b57a3a90d426fcad6ca24e6a11c705 (commit)
- Log -
commit 32c6985349ba134761f75a3f61814234d096a1df
Author: Dr. Matthias St. Pierre
Date: Thu Apr 26 13:57:14 2018 +0200
Fix mixed indentation (and other whitespace issues)
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6094)
---
Summary of changes:
apps/spkac.c | 2 +-
crypto/pem/pem_pkey.c | 2 +-
crypto/pkcs12/p12_utl.c| 4 +--
crypto/poly1305/poly1305_ieee754.c | 74 +++---
engines/e_capi.c | 16 +
ssl/t1_trce.c | 12 +++
6 files changed, 56 insertions(+), 54 deletions(-)
diff --git a/apps/spkac.c b/apps/spkac.c
index 8ed9dd9..f384af6 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -98,7 +98,7 @@ int spkac_main(int argc, char **argv)
case OPT_KEYFORM:
if (!opt_format(opt_arg(), OPT_FMT_ANY, &keyformat))
goto opthelp;
- break;
+break;
case OPT_CHALLENGE:
challenge = opt_arg();
break;
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 62eb91c..8c4797c 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -33,7 +33,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
pem_password_cb *cb,
EVP_PKEY *ret = NULL;
if (!PEM_bytes_read_bio_secmem(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp,
- cb, u))
+ cb, u))
return NULL;
p = data;
diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
index df5901a..7a8023b 100644
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -101,10 +101,10 @@ unsigned char *OPENSSL_utf82uni(const char *asc, int
asclen,
* decoding failure...
*/
if (j < 0)
- return OPENSSL_asc2uni(asc, asclen, uni, unilen);
+return OPENSSL_asc2uni(asc, asclen, uni, unilen);
if (utf32chr > 0x10)/* UTF-16 cap */
- return NULL;
+return NULL;
if (utf32chr >= 0x1)/* pair of UTF-16 characters */
ulen += 2*2;
diff --git a/crypto/poly1305/poly1305_ieee754.c
b/crypto/poly1305/poly1305_ieee754.c
index e9aaae3..995a02e 100644
--- a/crypto/poly1305/poly1305_ieee754.c
+++ b/crypto/poly1305/poly1305_ieee754.c
@@ -20,30 +20,30 @@
* for x86_64 code. And since we are at it, just for sense of it,
* large-block performance in cycles per processed byte for *this* code
* is:
- * gcc-4.8 icc-15.0clang-3.4(*)
+ * gcc-4.8 icc-15.0clang-3.4(*)
*
- * Westmere4.965.094.37
- * Sandy Bridge4.954.904.17
- * Haswell 4.924.873.78
- * Bulldozer 4.674.494.68
- * VIA Nano7.077.055.98
- * Silvermont 10.69.6112.6
+ * Westmere 4.965.094.37
+ * Sandy Bridge 4.954.904.17
+ * Haswell 4.924.873.78
+ * Bulldozer4.674.494.68
+ * VIA Nano 7.077.055.98
+ * Silvermont 10.69.6112.6
*
- * (*) clang managed to discover parallelism and deployed SIMD;
+ * (*) clang managed to discover parallelism and deployed SIMD;
*
* And for range of other platforms with unspecified gcc versions:
*
- * Freescale e300 12.5
- * PPC74x0 10.8
- * POWER6 4.92
- * POWER7 4.50
- * POWER8 4.10
+ * Freescale e300 12.5
+ * PPC74x0 10.8
+ * POWER6 4.92
+ * POWER7 4.50
+ * POWER8 4.10
*
- * z10 11.2
- * z196+ 7.30
+ * z10 11.2
+ * z196+7.30
*
- * UltraSPARC III 16.0
- * SPARC T416.1
+ * UltraSPARC III 16.0
+ * SPARC T4 16.1
*/
#if !(defined(__GNUC__) && __GNUC__>=2)
@@ -57,33 +57,33 @@ typedef unsigned int u32;
typedef unsigned long long u64;
typedef union { double d; u64 u; } elem64;
-#define TWO(p) ((double)(1ULL<<(p)))
-#define TWO0 TWO(0)
-#define TWO32 TWO(32)
-#define TWO64 (TWO32*TWO(32))
-#define TWO96 (TWO64*TWO(32))
-#define TWO130 (TWO96*TWO(34))
+#define TWO(p) ((double)(1ULL<&l
[openssl-commits] [openssl] master update
The branch master has been updated via 208056b2ae41e2501f071fa134765349ddb57b3c (commit) from 6862de63d469f3148a2ff5a04a6b9ab6413bd5ac (commit) - Log - commit 208056b2ae41e2501f071fa134765349ddb57b3c Author: Dr. Matthias St. Pierre Date: Tue Apr 24 09:17:09 2018 +0200 x509/by_dir.c: Remove dead code Noticed in #5837 Reviewed-by: Bernd Edlinger Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6064) --- Summary of changes: crypto/x509/by_dir.c | 6 -- 1 file changed, 6 deletions(-) diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index f213eec..c883458 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -385,12 +385,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, */ ERR_clear_error(); -/* - * If we were going to up the reference count, we would need to - * do it on a perl 'type' basis - */ -/*- CRYPTO_add(&tmp->data.x509->references,1, -CRYPTO_LOCK_X509);*/ goto finish; } } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 7fcdbd839c629f5419a49bf8da28c968c8140c3d (commit)
from d8f436f3cf771d519573460b14ece6ed01a157ff (commit)
- Log -
commit 7fcdbd839c629f5419a49bf8da28c968c8140c3d
Author: FdaSilvaYY
Date: Wed Mar 28 22:32:31 2018 +0200
X509: add more error codes on malloc or sk_TYP_push failure
Reviewed-by: Rich Salz
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5837)
---
Summary of changes:
crypto/err/openssl.txt | 12 ++
crypto/x509/by_dir.c| 42 +-
crypto/x509/by_file.c | 2 +-
crypto/x509/x509_err.c | 12 +-
crypto/x509/x509_lu.c | 55 -
crypto/x509/x509_vfy.c | 3 +++
crypto/x509/x_crl.c | 9 +---
crypto/x509/x_name.c| 28 ++-
crypto/x509/x_pubkey.c | 2 +-
crypto/x509/x_x509.c| 6 +++--
crypto/x509v3/pcy_cache.c | 26 ++---
crypto/x509v3/pcy_data.c| 6 -
crypto/x509v3/pcy_node.c| 21 -
crypto/x509v3/v3_cpols.c| 2 +-
crypto/x509v3/v3err.c | 8 ++-
include/openssl/x509err.h | 8 +++
include/openssl/x509v3err.h | 4
17 files changed, 175 insertions(+), 71 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index be03aeb..d62968e 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1587,8 +1587,12 @@ X509V3_F_I2S_ASN1_ENUMERATED:121:i2s_ASN1_ENUMERATED
X509V3_F_I2S_ASN1_IA5STRING:149:i2s_ASN1_IA5STRING
X509V3_F_I2S_ASN1_INTEGER:120:i2s_ASN1_INTEGER
X509V3_F_I2V_AUTHORITY_INFO_ACCESS:138:i2v_AUTHORITY_INFO_ACCESS
+X509V3_F_LEVEL_ADD_NODE:168:level_add_node
X509V3_F_NOTICE_SECTION:132:notice_section
X509V3_F_NREF_NOS:133:nref_nos
+X509V3_F_POLICY_CACHE_CREATE:169:policy_cache_create
+X509V3_F_POLICY_CACHE_NEW:170:policy_cache_new
+X509V3_F_POLICY_DATA_NEW:171:policy_data_new
X509V3_F_POLICY_SECTION:131:policy_section
X509V3_F_PROCESS_PCI_VALUE:150:process_pci_value
X509V3_F_R2I_CERTPOL:130:r2i_certpol
@@ -1641,8 +1645,11 @@ X509_F_CHECK_POLICY:145:check_policy
X509_F_DANE_I2D:107:dane_i2d
X509_F_DIR_CTRL:102:dir_ctrl
X509_F_GET_CERT_BY_SUBJECT:103:get_cert_by_subject
+X509_F_I2D_X509_AUX:151:i2d_X509_AUX
+X509_F_LOOKUP_CERTS_SK:152:lookup_certs_sk
X509_F_NETSCAPE_SPKI_B64_DECODE:129:NETSCAPE_SPKI_b64_decode
X509_F_NETSCAPE_SPKI_B64_ENCODE:130:NETSCAPE_SPKI_b64_encode
+X509_F_NEW_DIR:153:new_dir
X509_F_X509AT_ADD1_ATTR:135:X509at_add1_attr
X509_F_X509V3_ADD_EXT:104:X509v3_add_ext
X509_F_X509_ATTRIBUTE_CREATE_BY_NID:136:X509_ATTRIBUTE_create_by_NID
@@ -1652,6 +1659,7 @@
X509_F_X509_ATTRIBUTE_GET0_DATA:139:X509_ATTRIBUTE_get0_data
X509_F_X509_ATTRIBUTE_SET1_DATA:138:X509_ATTRIBUTE_set1_data
X509_F_X509_CHECK_PRIVATE_KEY:128:X509_check_private_key
X509_F_X509_CRL_DIFF:105:X509_CRL_diff
+X509_F_X509_CRL_METHOD_NEW:154:X509_CRL_METHOD_new
X509_F_X509_CRL_PRINT_FP:147:X509_CRL_print_fp
X509_F_X509_EXTENSION_CREATE_BY_NID:108:X509_EXTENSION_create_by_NID
X509_F_X509_EXTENSION_CREATE_BY_OBJ:109:X509_EXTENSION_create_by_OBJ
@@ -1659,7 +1667,9 @@
X509_F_X509_GET_PUBKEY_PARAMETERS:110:X509_get_pubkey_parameters
X509_F_X509_LOAD_CERT_CRL_FILE:132:X509_load_cert_crl_file
X509_F_X509_LOAD_CERT_FILE:111:X509_load_cert_file
X509_F_X509_LOAD_CRL_FILE:112:X509_load_crl_file
+X509_F_X509_LOOKUP_NEW:155:X509_LOOKUP_new
X509_F_X509_NAME_ADD_ENTRY:113:X509_NAME_add_entry
+X509_F_X509_NAME_CANON:156:x509_name_canon
X509_F_X509_NAME_ENTRY_CREATE_BY_NID:114:X509_NAME_ENTRY_create_by_NID
X509_F_X509_NAME_ENTRY_CREATE_BY_TXT:131:X509_NAME_ENTRY_create_by_txt
X509_F_X509_NAME_ENTRY_SET_OBJECT:115:X509_NAME_ENTRY_set_object
@@ -1676,10 +1686,12 @@ X509_F_X509_REQ_PRINT_FP:122:X509_REQ_print_fp
X509_F_X509_REQ_TO_X509:123:X509_REQ_to_X509
X509_F_X509_STORE_ADD_CERT:124:X509_STORE_add_cert
X509_F_X509_STORE_ADD_CRL:125:X509_STORE_add_crl
+X509_F_X509_STORE_ADD_LOOKUP:157:X509_STORE_add_lookup
X509_F_X509_STORE_CTX_GET1_ISSUER:146:X509_STORE_CTX_get1_issuer
X509_F_X509_STORE_CTX_INIT:143:X509_STORE_CTX_init
X509_F_X509_STORE_CTX_NEW:142:X509_STORE_CTX_new
X509_F_X509_STORE_CTX_PURPOSE_INHERIT:134:X509_STORE_CTX_purpose_inherit
+X509_F_X509_STORE_NEW:158:X509_STORE_new
X509_F_X509_TO_X509_REQ:126:X509_to_X509_REQ
X509_F_X509_TRUST_ADD:133:X509_TRUST_add
X509_F_X509_TRUST_SET:141:X509_TRUST_set
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index f64cf38..f213eec 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -48,7 +48,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl,
X509_LOOKUP_TYPE type,
X509_NAME *name, X509_OBJECT *ret);
static X509_LOOKUP_METHOD x509_dir_lookup = {
"Load certs from files
[openssl-commits] [openssl] master update
The branch master has been updated
via d8f436f3cf771d519573460b14ece6ed01a157ff (commit)
from 39df51522ba2e3773ae2f1d4df5a6031ef41c1ba (commit)
- Log -
commit d8f436f3cf771d519573460b14ece6ed01a157ff
Author: Dr. Matthias St. Pierre
Date: Fri Apr 20 17:55:02 2018 +0200
a_strex.c: improve documentation of 'tag2nbyte' lookup table
The 'tag2nbyte' lookup table maps the tags of ASN1 string types
to their respective character widths. It is used for example by
ASN1_STRING_to_UTF8(). This commit adds the tag names as comments.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6062)
---
Summary of changes:
crypto/asn1/a_strex.c | 22 --
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index db9fa80..1d34f56 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -281,12 +281,22 @@ static int do_dump(unsigned long lflags, char_io *io_ch,
void *arg,
static const signed char tag2nbyte[] = {
-1, -1, -1, -1, -1, /* 0-4 */
-1, -1, -1, -1, -1, /* 5-9 */
--1, -1, 0, -1, /* 10-13 */
--1, -1, -1, -1, /* 15-17 */
-1, 1, 1,/* 18-20 */
--1, 1, 1, 1,/* 21-24 */
--1, 1, -1, /* 25-27 */
-4, -1, 2/* 28-30 */
+-1, -1, /* 10-11 */
+ 0, /* 12 V_ASN1_UTF8STRING */
+-1, -1, -1, -1, -1, /* 13-17 */
+ 1, /* 18 V_ASN1_NUMERICSTRING */
+ 1, /* 19 V_ASN1_PRINTABLESTRING */
+ 1, /* 20 V_ASN1_T61STRING */
+-1, /* 21 */
+ 1, /* 22 V_ASN1_IA5STRING */
+ 1, /* 23 V_ASN1_UTCTIME */
+ 1, /* 24 V_ASN1_GENERALIZEDTIME */
+-1, /* 25 */
+ 1, /* 26 V_ASN1_ISO64STRING */
+-1, /* 27 */
+ 4, /* 28 V_ASN1_UNIVERSALSTRING */
+-1, /* 29 */
+ 2 /* 30 V_ASN1_BMPSTRING */
};
/*
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via e1c0348cc728cb37003ae411879bd23b6a84fcc8 (commit)
from 9d978ac3f304286be13fde228632c2739e00834c (commit)
- Log -
commit e1c0348cc728cb37003ae411879bd23b6a84fcc8
Author: Dr. Matthias St. Pierre
Date: Thu Apr 19 23:33:32 2018 +0200
openssl/err.h: remove duplicate OSSL_STOREerr()
Two definitions in lines 127 and 136, introduced in 71a5516dcc8.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/6029)
---
Summary of changes:
include/openssl/err.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 524c542..6cae1a3 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -133,7 +133,6 @@ typedef struct err_state_st {
# define ASYNCerr(f,r)
ERR_PUT_error(ERR_LIB_ASYNC,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define KDFerr(f,r)
ERR_PUT_error(ERR_LIB_KDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM2err(f,r)
ERR_PUT_error(ERR_LIB_SM2,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
-# define OSSL_STOREerr(f,r)
ERR_PUT_error(ERR_LIB_OSSL_STORE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define ERR_PACK(l,f,r) ( \
(((unsigned int)(l) & 0x0FF) << 24L) | \
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 9d978ac3f304286be13fde228632c2739e00834c (commit) from 4a432af895f7c0928760e76e05dd269bfbc267e1 (commit) - Log - commit 9d978ac3f304286be13fde228632c2739e00834c Author: Dr. Matthias St. Pierre Date: Thu Apr 19 18:26:36 2018 +0200 openssl/ssl.h: restore some renamed public SSL_CTRL defines Fixes #6022 In commit de4d764e3271, the following SSL_CTRL #define's where renamed SSL_CTRL_GET_CURVES-> SSL_CTRL_GET_GROUPS SSL_CTRL_SET_CURVES-> SSL_CTRL_SET_GROUPS SSL_CTRL_SET_CURVES_LIST -> SSL_CTRL_SET_GROUPS_LIST SSL_CTRL_GET_SHARED_CURVE -> SSL_CTRL_GET_SHARED_GROUP The corresponding function-like macros (e.g, SSL_get1_curves(ctx, s)) were renamed, too, and compatibility #define's were added. This was overlooked for the above constants. Since the constants are part of the public interface, they must not be removed for a minor release. As a consequence the Qt5 configure check (and the build) fails. Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/6023) --- Summary of changes: include/openssl/ssl.h | 29 + 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 5acf77c..4b45ae7 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1368,28 +1368,16 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st)) # define SSL_get1_groups(ctx, s) \ SSL_ctrl(ctx,SSL_CTRL_GET_GROUPS,0,(char *)(s)) -# define SSL_get1_curves(ctx, s) \ -SSL_get1_groups((ctx), (s)) # define SSL_CTX_set1_groups(ctx, glist, glistlen) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist)) # define SSL_CTX_set1_groups_list(ctx, s) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s)) -# define SSL_CTX_set1_curves(ctx, clist, clistlen) \ -SSL_CTX_set1_groups((ctx), (clist), (clistlen)) -# define SSL_CTX_set1_curves_list(ctx, s) \ -SSL_CTX_set1_groups_list((ctx), (s)) # define SSL_set1_groups(ctx, glist, glistlen) \ SSL_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist)) # define SSL_set1_groups_list(ctx, s) \ SSL_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s)) -# define SSL_set1_curves(ctx, clist, clistlen) \ -SSL_set1_groups((ctx), (clist), (clistlen)) -# define SSL_set1_curves_list(ctx, s) \ -SSL_set1_groups_list((ctx), (s)) # define SSL_get_shared_group(s, n) \ SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL) -# define SSL_get_shared_curve(s, n) \ -SSL_get_shared_group((s), (n)) # define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)(slist)) # define SSL_CTX_set1_sigalgs_list(ctx, s) \ @@ -1438,6 +1426,23 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) # define SSL_get_max_proto_version(s) \ SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL) +/* + * The following symbol names are old and obsolete. They are kept + * for compatibility reasons only and should not be used anymore. + */ +# define SSL_CTRL_GET_CURVES SSL_CTRL_GET_GROUPS +# define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS +# define SSL_CTRL_SET_CURVES_LIST SSL_CTRL_SET_GROUPS_LIST +# define SSL_CTRL_GET_SHARED_CURVE SSL_CTRL_GET_SHARED_GROUP + +# define SSL_get1_curves SSL_get1_groups +# define SSL_CTX_set1_curves SSL_CTX_set1_groups +# define SSL_CTX_set1_curves_list SSL_CTX_set1_groups_list +# define SSL_set1_curves SSL_set1_groups +# define SSL_set1_curves_list SSL_set1_groups_list +# define SSL_get_shared_curve SSL_get_shared_group + + # if OPENSSL_API_COMPAT < 0x1010L /* Provide some compatibility macros for removed functionality. */ # define SSL_CTX_need_tmp_RSA(ctx)0 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via a12de2cba83273b2a553f988716c231af7c9ba68 (commit)
from e62fb0d31bdf25854aa2c7cda8e1d03768984ab4 (commit)
- Log -
commit a12de2cba83273b2a553f988716c231af7c9ba68
Author: Dr. Matthias St. Pierre
Date: Tue Apr 17 08:54:26 2018 +0200
SSL_CTX_set_tlsext_ticket_key_cb.pod: fix error check of RAND_bytes() call
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5977)
---
Summary of changes:
doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
index 3cf0717..7782ea7 100644
--- a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
+++ b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
@@ -133,7 +133,7 @@ Reference Implementation:
HMAC_CTX *hctx, int enc)
{
if (enc) { /* create new session */
- if (RAND_bytes(iv, EVP_MAX_IV_LENGTH))
+ if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) <= 0)
return -1; /* insufficient random */
key = currentkey(); /* something that you need to implement */
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via 69712507e73437553790ccac6f19a9ded996c0cd (commit)
from dbbaeb8973d662ae0d009e0fb6c8975721991b63 (commit)
- Log -
commit 69712507e73437553790ccac6f19a9ded996c0cd
Author: Dr. Matthias St. Pierre
Date: Tue Apr 17 08:39:42 2018 +0200
p5_scrypt.c: fix error check of RAND_bytes() call
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5977)
---
Summary of changes:
crypto/asn1/p5_scrypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c
index 4cb7837..a5232fe 100644
--- a/crypto/asn1/p5_scrypt.c
+++ b/crypto/asn1/p5_scrypt.c
@@ -91,7 +91,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
-else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
goto err;
}
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via e62fb0d31bdf25854aa2c7cda8e1d03768984ab4 (commit)
from 43687d685ffd71fc1cf0ea1079f6d4958dff5026 (commit)
- Log -
commit e62fb0d31bdf25854aa2c7cda8e1d03768984ab4
Author: Dr. Matthias St. Pierre
Date: Tue Apr 17 08:39:42 2018 +0200
p5_scrypt.c: fix error check of RAND_bytes() call
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5977)
---
Summary of changes:
crypto/asn1/p5_scrypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c
index c556d01..1daaa6f 100644
--- a/crypto/asn1/p5_scrypt.c
+++ b/crypto/asn1/p5_scrypt.c
@@ -82,7 +82,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
-else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
goto err;
}
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 43687d685ffd71fc1cf0ea1079f6d4958dff5026 (commit)
from 826e154481e93413a79c37cb1bf4da6175a05875 (commit)
- Log -
commit 43687d685ffd71fc1cf0ea1079f6d4958dff5026
Author: Dr. Matthias St. Pierre
Date: Tue Apr 17 08:07:11 2018 +0200
DRBG: fix coverity issues
- drbg_lib.c: Silence coverity warning: the comment preceding the
RAND_DRBG_instantiate() call explicitely states that the error
is ignored and explains the reason why.
- drbgtest: Add checks for the return values of RAND_bytes() and
RAND_priv_bytes() to run_multi_thread_test().
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5976)
---
Summary of changes:
crypto/rand/drbg_lib.c | 8
test/drbgtest.c| 16 +---
2 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index cc59236..16ac03b 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -864,14 +864,14 @@ static RAND_DRBG *drbg_setup(RAND_DRBG *parent)
drbg->reseed_counter = 1;
/*
- * Ignore instantiation error so support just-in-time instantiation.
+ * Ignore instantiation error to support just-in-time instantiation.
*
* The state of the drbg will be checked in RAND_DRBG_generate() and
* an automatic recovery is attempted.
*/
-RAND_DRBG_instantiate(drbg,
- (const unsigned char *) ossl_pers_string,
- sizeof(ossl_pers_string) - 1);
+(void)RAND_DRBG_instantiate(drbg,
+(const unsigned char *) ossl_pers_string,
+sizeof(ossl_pers_string) - 1);
return drbg;
err:
diff --git a/test/drbgtest.c b/test/drbgtest.c
index 5426046..d69456b 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -783,6 +783,8 @@ error:
}
#if defined(OPENSSL_THREADS)
+static int multi_thread_rand_bytes_succeeded = 1;
+static int multi_thread_rand_priv_bytes_succeeded = 1;
static void run_multi_thread_test(void)
{
@@ -796,8 +798,10 @@ static void run_multi_thread_test(void)
RAND_DRBG_set_reseed_time_interval(private, 1);
do {
-RAND_bytes(buf, sizeof(buf));
-RAND_priv_bytes(buf, sizeof(buf));
+if (RAND_bytes(buf, sizeof(buf)) <= 0)
+multi_thread_rand_bytes_succeeded = 0;
+if (RAND_priv_bytes(buf, sizeof(buf)) <= 0)
+multi_thread_rand_priv_bytes_succeeded = 0;
}
while(time(NULL) - start < 5);
}
@@ -849,7 +853,7 @@ static int wait_for_thread(thread_t thread)
* The main thread will also run the test, so we'll have THREADS+1 parallel
* tests running
*/
-#define THREADS 3
+# define THREADS 3
static int test_multi_thread(void)
{
@@ -861,6 +865,12 @@ static int test_multi_thread(void)
run_multi_thread_test();
for (i = 0; i < THREADS; i++)
wait_for_thread(t[i]);
+
+if (!TEST_true(multi_thread_rand_bytes_succeeded))
+return 0;
+if (!TEST_true(multi_thread_rand_priv_bytes_succeeded))
+return 0;
+
return 1;
}
#endif
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via dbbaeb8973d662ae0d009e0fb6c8975721991b63 (commit)
from 6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 (commit)
- Log -
commit dbbaeb8973d662ae0d009e0fb6c8975721991b63
Author: Dr. Matthias St. Pierre
Date: Mon Apr 16 15:19:14 2018 +0200
Revert "Add OPENSSL_VERSION_AT_LEAST"
Fixes #5961
This reverts commit d8adfdcd2e5de23f3e1d1a1d10c2fda6f4a65c4a.
The macros OPENSSL_MAKE_VERSION() and OPENSSL_VERSION_AT_LEAST() contain
errors and don't work as designed. Apart from that, their introduction
should be held back until a decision has been mad about the future
versioning scheme.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5968)
---
Summary of changes:
doc/crypto/OPENSSL_VERSION_NUMBER.pod | 5 -
doc/ssl/ssl.pod | 6 --
include/openssl/opensslv.h| 5 -
3 files changed, 16 deletions(-)
diff --git a/doc/crypto/OPENSSL_VERSION_NUMBER.pod
b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
index f50faec..f5429d2 100644
--- a/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+++ b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
@@ -47,11 +47,6 @@ number was therefore 0x0090581f.
OpenSSL_version_num() returns the version number.
-The macro OPENSSL_VERSION_AT_LEAST(major,minor) can be used at compile
-time test if the current version is at least as new as the version provided.
-The arguments major, minor and fix correspond to the version information
-as given above.
-
OpenSSL_version() returns different strings depending on B:
=over 4
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index 4d91907..7307a2b 100644
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -91,12 +91,6 @@ includes both more private SSL headers and headers from the
B library.
Whenever you need hard-core details on the internals of the SSL API, look
inside this header file.
-OPENSSL_VERSION_AT_LEAST(major,minor) can be
-used in C<#if> statements in order to determine which version of the library is
-being used. This can be used to either enable optional features at compile
-time, or work around issues with a previous version.
-See L.
-
=item B
Unused. Present for backwards compatibility only.
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index 3532521..7221a45 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -46,11 +46,6 @@ extern "C" {
# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.0i-dev xx XXX "
# endif
-#define OPENSSL_MAKE_VERSION(maj,min,fix,patch)
((0x1000L)+((maj&0xff)<<20)+((min&0xff)<<12)+((fix&0xff)<<4)+patch)
-
-/* use this for #if tests, should never depend upon fix/patch */
-#define OPENSSL_VERSION_AT_LEAST(maj,min) (OPENSSL_MAKE_VERSION(maj,min, 0, 0)
>= OPENSSL_VERSION_NUMBER)
-
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via b7fb239438fb289a69e9420ad1edacf3bd1c5d69 (commit)
from 90b3a620f56da8d8ef9c4c76919d0dca51150685 (commit)
- Log -
commit b7fb239438fb289a69e9420ad1edacf3bd1c5d69
Author: Dr. Matthias St. Pierre
Date: Mon Apr 16 15:06:24 2018 +0200
Revert "Add OPENSSL_VERSION_AT_LEAST"
Fixes #5961
This reverts commit 3c5a61dd0f9d9a9eac098419bcaf47d1c296ca81.
The macros OPENSSL_MAKE_VERSION() and OPENSSL_VERSION_AT_LEAST() contain
errors and don't work as designed. Apart from that, their introduction
should be held back until a decision has been mad about the future
versioning scheme.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5968)
---
Summary of changes:
doc/man3/OPENSSL_VERSION_NUMBER.pod | 5 -
doc/man7/ssl.pod| 6 --
include/openssl/opensslv.h | 5 -
3 files changed, 16 deletions(-)
diff --git a/doc/man3/OPENSSL_VERSION_NUMBER.pod
b/doc/man3/OPENSSL_VERSION_NUMBER.pod
index d5842c0..6eca113 100644
--- a/doc/man3/OPENSSL_VERSION_NUMBER.pod
+++ b/doc/man3/OPENSSL_VERSION_NUMBER.pod
@@ -47,11 +47,6 @@ number was therefore 0x0090581f.
OpenSSL_version_num() returns the version number.
-The macro OPENSSL_VERSION_AT_LEAST(major,minor) can be used at compile
-time test if the current version is at least as new as the version provided.
-The arguments major, minor and fix correspond to the version information
-as given above.
-
OpenSSL_version() returns different strings depending on B:
=over 4
diff --git a/doc/man7/ssl.pod b/doc/man7/ssl.pod
index 03efc52..7cf7d61 100644
--- a/doc/man7/ssl.pod
+++ b/doc/man7/ssl.pod
@@ -89,12 +89,6 @@ includes both more private SSL headers and headers from the
B library.
Whenever you need hard-core details on the internals of the SSL API, look
inside this header file.
-OPENSSL_VERSION_AT_LEAST(major,minor) can be
-used in C<#if> statements in order to determine which version of the library is
-being used. This can be used to either enable optional features at compile
-time, or work around issues with a previous version.
-See L.
-
=item B
Unused. Present for backwards compatibility only.
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index 06c8b7c..241856d 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -42,11 +42,6 @@ extern "C" {
# define OPENSSL_VERSION_NUMBER 0x10101005L
# define OPENSSL_VERSION_TEXT"OpenSSL 1.1.1-pre5-dev xx XXX "
-#define OPENSSL_MAKE_VERSION(maj,min,fix,patch)
((0x1000L)+((maj&0xff)<<20)+((min&0xff)<<12)+((fix&0xff)<<4)+patch)
-
-/* use this for #if tests, should never depend upon fix/patch */
-#define OPENSSL_VERSION_AT_LEAST(maj,min) (OPENSSL_MAKE_VERSION(maj,min, 0, 0)
>= OPENSSL_VERSION_NUMBER)
-
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 5bc6bcf82d2adce982e04837b0810b1a6cd55a19 (commit) from 0e3ecaec3ebf2ed0dfbcff07b7fa1cfdd8240d5c (commit) - Log - commit 5bc6bcf82d2adce982e04837b0810b1a6cd55a19 Author: Dr. Matthias St. Pierre Date: Tue Apr 10 10:22:52 2018 +0200 DRBG: implement a get_nonce() callback Fixes #5849 In pull request #5503 a fallback was added which adds a random nonce of security_strength/2 bits if no nonce callback is provided. This change raised the entropy requirements form 256 to 384 bit, which can cause problems on some platforms (e.g. VMS, see issue #5849). The requirements for the nonce are given in section 8.6.7 of NIST SP 800-90Ar1: A nonce may be required in the construction of a seed during instantiation in order to provide a security cushion to block certain attacks. The nonce shall be either: a) A value with at least (security_strength/2) bits of entropy, or b) A value that is expected to repeat no more often than a (security_strength/2)-bit random string would be expected to repeat. Each nonce shall be unique to the cryptographic module in which instantiation is performed, but need not be secret. When used, the nonce shall be considered to be a critical security parameter. This commit implements a nonce of type b) in order to lower the entropy requirements during instantiation back to 256 bits. The formulation "shall be unique to the cryptographic module" above implies that the nonce needs to be unique among (with high probability) among all DRBG instances in "space" and "time". We try to achieve this goal by creating a nonce of the following form nonce = app-specific-data || high-resolution-utc-timestamp || counter Where || denotes concatenation. The application specific data can be something like the process or group id of the application. A utc timestamp is used because it increases monotonically, provided the system time is synchronized. This approach may not be perfect yet for a FIPS evaluation, but it should be good enough for the moment. This commit also harmonizes the implementation of the get_nonce() and the get_additional_data() callbacks and moves the platform specific parts from rand_lib.c into rand_unix.c, rand_win.c, and rand_vms.c. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5920) --- Summary of changes: crypto/include/internal/rand_int.h | 33 ++ crypto/rand/drbg_lib.c | 19 +++- crypto/rand/rand_lib.c | 200 - crypto/rand/rand_unix.c| 179 ++--- crypto/rand/rand_vms.c | 39 crypto/rand/rand_win.c | 38 +++ 6 files changed, 354 insertions(+), 154 deletions(-) diff --git a/crypto/include/internal/rand_int.h b/crypto/include/internal/rand_int.h index baa9bfe..cf82e4a 100644 --- a/crypto/include/internal/rand_int.h +++ b/crypto/include/internal/rand_int.h @@ -39,8 +39,15 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg, int prediction_resistance); void rand_drbg_cleanup_entropy(RAND_DRBG *drbg, unsigned char *out, size_t outlen); +size_t rand_drbg_get_nonce(RAND_DRBG *drbg, + unsigned char **pout, + int entropy, size_t min_len, size_t max_len); +void rand_drbg_cleanup_nonce(RAND_DRBG *drbg, + unsigned char *out, size_t outlen); + size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len); +void rand_drbg_cleanup_additional_data(unsigned char *out, size_t outlen); /* * RAND_POOL functions @@ -77,4 +84,30 @@ int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy); */ size_t rand_pool_acquire_entropy(RAND_POOL *pool); +/* + * Add some application specific nonce data + * + * This function is platform specific and adds some application specific + * data to the nonce used for instantiating the drbg. + * + * This data currently consists of the process and thread id, and a high + * resolution timestamp. The data does not include an atomic counter, + * because that is added by the calling function rand_drbg_get_nonce(). + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_add_nonce_data(RAND_POOL *pool); + + +/* + * Add some platform specific additional data + * + * This function is platform specific and adds some random noise to the + * additional data used for generating random bytes and for reseeding + * the drbg. + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool
[openssl-commits] [openssl] master update
The branch master has been updated via f7bef277eac05853224d33e67465147833c49108 (commit) from 708a6a17592865590344eca541cbfccd472d7b45 (commit) - Log - commit f7bef277eac05853224d33e67465147833c49108 Author: Dr. Matthias St. Pierre Date: Fri Mar 30 01:07:00 2018 +0200 Minor corrections for the RAND_DRBG API documentation - added some explaining text to a sentence that lost its context. - removed mention of per-ssl drbg - fix whitespace errors Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5804) --- Summary of changes: doc/man3/RAND_DRBG_set_callbacks.pod | 2 +- doc/man7/RAND.pod| 4 ++-- doc/man7/RAND_DRBG.pod | 17 + 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/doc/man3/RAND_DRBG_set_callbacks.pod b/doc/man3/RAND_DRBG_set_callbacks.pod index 3e9a985..a927d6a 100644 --- a/doc/man3/RAND_DRBG_set_callbacks.pod +++ b/doc/man3/RAND_DRBG_set_callbacks.pod @@ -79,7 +79,7 @@ See NOTES section for more details. The B() callback is called from the B to to clear and free the buffer allocated previously by get_entropy(). -The values B and B are the random buffer's address and length, +The values B and B are the random buffer's address and length, as returned by the get_entropy() callback. The B() and B() callbacks are used to obtain a nonce diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod index 6ec7548..578018f 100644 --- a/doc/man7/RAND.pod +++ b/doc/man7/RAND.pod @@ -32,8 +32,8 @@ return value of L and don't take randomness for granted. For long-term secrets, you can use L instead. This method does not provide 'better' randomness, it uses the same type of CSPRNG. The intention behind using a dedicated CSPRNG exclusively for long-term secrets is -that none of its output should be visible to an attacker (e.g used as salt value), -in order to reveal as little information as possible about its internal state. +that none of its output should be visible to an attacker (e.g used as salt value), +in order to reveal as little information as possible about its internal state. In the rare case where the default implementation does not satisfy your special requirements, there are two options: diff --git a/doc/man7/RAND_DRBG.pod b/doc/man7/RAND_DRBG.pod index a4c58c1..9f7f124 100644 --- a/doc/man7/RAND_DRBG.pod +++ b/doc/man7/RAND_DRBG.pod @@ -37,8 +37,7 @@ Typical examples for such special use cases are the following: =item * -You want to use your own private DRBG instances, similar to how it -is currently done in the ssl library. +You want to use your own private DRBG instances. Multiple DRBG instances which are accessed only by a single thread provide additional security (because their internal states are independent) and better scalability in multithreaded applications (because they don't need @@ -80,8 +79,8 @@ the thread-local and DRBG instance, respectively. =head2 The DRBG instance The DRBG is not used directly by the application, only for reseeding -the two other two DRBG instances. It reseeds itself by obtaining randomness -either from os entropy sources or by consuming randomness which was added +the two other two DRBG instances. It reseeds itself by obtaining randomness +either from os entropy sources or by consuming randomness which was added previously by L. =head2 The DRBG instance @@ -144,10 +143,12 @@ together and are being used. +--+ ++ - -The method L is a convenience method wrapping the -L function, which serves the actual request for -random data. +The usual way to obtain random bytes is to call RAND_bytes(...) or +RAND_priv_bytes(...). These calls are roughly equivalent to calling +RAND_DRBG_bytes(, ...) and RAND_DRBG_bytes(, ...), +respectively. The method L is a convenience method +wrapping the L function, which serves the actual +request for random data. =head1 RESEEDING _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 63a65d16acca53622a08861cdde8fe0e79beb522 (commit) from 55bd917bc4213bc668f48b87d8c6feb9918fef8f (commit) - Log - commit 63a65d16acca53622a08861cdde8fe0e79beb522 Author: Dr. Matthias St. Pierre Date: Sun Apr 8 12:09:10 2018 +0200 DRBG: fix memory leak on error in rand_drbg_get_entropy() Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5918) --- Summary of changes: crypto/rand/rand_lib.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 3589e75..6e98e4d 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -229,7 +229,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg, */ RANDerr(RAND_F_RAND_DRBG_GET_ENTROPY, RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED); -return 0; +goto err; } /* Get entropy by polling system entropy sources. */ @@ -241,6 +241,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg, *pout = rand_pool_detach(pool); } + err: rand_pool_free(pool); return ret; } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via a9b7a06ed8e6d70bf7caa778838d7a869a17db78 (commit)
from 5283e19f11f06d26bc92c6351cbb61324ffb3dfc (commit)
- Log -
commit a9b7a06ed8e6d70bf7caa778838d7a869a17db78
Author: Dr. Matthias St. Pierre
Date: Mon Apr 2 22:37:30 2018 +0200
Fix false positives of IS_*() macros for 8-bit ASCII characters
Fixes #5778, #5840
The various IS_*() macros did not work correctly for 8-bit ASCII
characters with the high bit set, because the CVT(a) preprocessor
macro and'ed the given ASCII value with 0x7F, effectively folding
the high value range 128-255 over the low value range 0-127.
As a consequence, some of the IS_*() erroneously returned TRUE.
This commit fixes the issue by adding range checks instead of
cutting off high order bits using a mask. In order avoid multiple
evaluation of macro arguments, most of the implementation was moved
from macros into a static function is_keytype().
Thanks to Румен Петров for reporting and analyzing the UTF-8 parsing
issue #5840.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5903)
---
Summary of changes:
crypto/conf/conf_def.c | 25 +
crypto/conf/conf_def.h | 27 ++-
crypto/conf/keysets.pl | 27 ++-
3 files changed, 45 insertions(+), 34 deletions(-)
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 05ba1c9..aa9f2fa 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -33,6 +33,7 @@
*/
#define MAX_CONF_VALUE_LENGTH 65536
+static int is_keytype(const CONF *conf, char c, unsigned short type);
static char *eat_ws(CONF *conf, char *p);
static void trim_ws(CONF *conf, char *start);
static char *eat_alpha_numeric(CONF *conf, char *p);
@@ -732,6 +733,30 @@ static BIO *get_next_file(const char *path,
OPENSSL_DIR_CTX **dirctx)
}
#endif
+static int is_keytype(const CONF *conf, char c, unsigned short type)
+{
+const unsigned short * keytypes = (const unsigned short *) conf->meth_data;
+unsigned char key = (unsigned char)c;
+
+#ifdef CHARSET_EBCDIC
+# if CHAR_BIT > 8
+if (key > 255) {
+/* key is out of range for os_toascii table */
+return 0;
+}
+# endif
+/* convert key from ebcdic to ascii */
+key = os_toascii[key];
+#endif
+
+if (key > 127) {
+/* key is not a seven bit ascii character */
+return 0;
+}
+
+return (keytypes[key] & type) ? 1 : 0;
+}
+
static char *eat_ws(CONF *conf, char *p)
{
while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h
index aa14d4a..73e88ba 100644
--- a/crypto/conf/conf_def.h
+++ b/crypto/conf/conf_def.h
@@ -25,24 +25,17 @@
#define CONF_ALNUM(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
#define CONF_ALNUM_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER|CONF_PUNCT)
-#define KEYTYPES(c) ((const unsigned short *)((c)->meth_data))
-#ifndef CHARSET_EBCDIC
-# define CVT(a) ((a) & 0x7F)
-#else
-# define CVT(a) os_toascci[(a) & 0x7F]
-#endif
-
-#define IS_COMMENT(c,a) (KEYTYPES(c)[CVT(a)] & CONF_COMMENT)
-#define IS_FCOMMENT(c,a)(KEYTYPES(c)[CVT(a)] & CONF_FCOMMENT)
-#define IS_EOF(c,a) (KEYTYPES(c)[CVT(a)] & CONF_EOF)
-#define IS_ESC(c,a) (KEYTYPES(c)[CVT(a)] & CONF_ESC)
-#define IS_NUMBER(c,a) (KEYTYPES(c)[CVT(a)] & CONF_NUMBER)
-#define IS_WS(c,a) (KEYTYPES(c)[CVT(a)] & CONF_WS)
-#define IS_ALNUM(c,a) (KEYTYPES(c)[CVT(a)] & CONF_ALNUM)
-#define IS_ALNUM_PUNCT(c,a) (KEYTYPES(c)[CVT(a)] & CONF_ALNUM_PUNCT)
-#define IS_QUOTE(c,a) (KEYTYPES(c)[CVT(a)] & CONF_QUOTE)
-#define IS_DQUOTE(c,a) (KEYTYPES(c)[CVT(a)] & CONF_DQUOTE)
+#define IS_COMMENT(conf,c) is_keytype(conf, c, CONF_COMMENT)
+#define IS_FCOMMENT(conf,c)is_keytype(conf, c, CONF_FCOMMENT)
+#define IS_EOF(conf,c) is_keytype(conf, c, CONF_EOF)
+#define IS_ESC(conf,c) is_keytype(conf, c, CONF_ESC)
+#define IS_NUMBER(conf,c) is_keytype(conf, c, CONF_NUMBER)
+#define IS_WS(conf,c) is_keytype(conf, c, CONF_WS)
+#define IS_ALNUM(conf,c) is_keytype(conf, c, CONF_ALNUM)
+#define IS_ALNUM_PUNCT(conf,c) is_keytype(conf, c, CONF_ALNUM_PUNCT)
+#define IS_QUOTE(conf,c) is_keytype(conf, c, CONF_QUOTE)
+#define IS_DQUOTE(conf,c) is_keytype(conf, c, CONF_DQUOTE)
static const unsigned short CONF_type_default[128] = {
0x0008, 0x, 0x, 0x, 0x, 0x, 0x, 0x,
diff --git a/crypto/conf/keysets.pl b/crypto/conf/keysets.pl
index e2af26c..cfa230e 100644
--- a/crypto/conf/keysets.pl
+++ b/crypto/conf/keysets.pl
@@ -85,24 +85,17 @@ print <<"EOF";
#def
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via 45ae18b38401a027f231f1408e71b13ff3111021 (commit)
from 89b4da476bcd0b97bd71f63b79538b358efec166 (commit)
- Log -
commit 45ae18b38401a027f231f1408e71b13ff3111021
Author: FdaSilvaYY
Date: Thu Mar 29 20:59:58 2018 +0200
EVP,KDF: Add more error code along some return 0
in methods :
- EVP_PBE_scrypt
- EVP_PKEY_meth_add0
- EVP_PKEY_meth_new
- EVP_PKEY_CTX_dup
Backport of 3484236d8d7afedd3e5c7771bd49d3385340e3bf
Reviewed-by: Bernd Edlinger
Reviewed-by: Rich Salz
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5803)
---
Summary of changes:
crypto/evp/evp_err.c | 3 +++
crypto/evp/pmeth_lib.c | 16
crypto/evp/scrypt.c| 23 ++-
include/openssl/evp.h | 3 +++
4 files changed, 36 insertions(+), 9 deletions(-)
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index c4b163f..3543d44 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -70,6 +70,8 @@ static ERR_STRING_DATA EVP_str_functs[] = {
{ERR_FUNC(EVP_F_EVP_PKEY_GET0_RSA), "EVP_PKEY_get0_RSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_METH_ADD0), "EVP_PKEY_meth_add0"},
+{ERR_FUNC(EVP_F_EVP_PKEY_METH_NEW), "EVP_PKEY_meth_new"},
{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
@@ -143,6 +145,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
{ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING),
"partially overlapping buffers"},
+{ERR_REASON(EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
{ERR_REASON(EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED),
"pkey application asn1 method already registered"},
{ERR_REASON(EVP_R_PKEY_ASN1_METHOD_ALREADY_REGISTERED),
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 5e650a9..3975e90 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -151,8 +151,10 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
EVP_PKEY_METHOD *pmeth;
pmeth = OPENSSL_zalloc(sizeof(*pmeth));
-if (pmeth == NULL)
+if (pmeth == NULL) {
+EVPerr(EVP_F_EVP_PKEY_METH_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
+}
pmeth->pkey_id = id;
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
@@ -238,8 +240,10 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
}
#endif
rctx = OPENSSL_malloc(sizeof(*rctx));
-if (rctx == NULL)
+if (rctx == NULL) {
+EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_MALLOC_FAILURE);
return NULL;
+}
rctx->pmeth = pctx->pmeth;
#ifndef OPENSSL_NO_ENGINE
@@ -273,11 +277,15 @@ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
{
if (app_pkey_methods == NULL) {
app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
-if (app_pkey_methods == NULL)
+if (app_pkey_methods == NULL) {
+EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);
return 0;
+}
}
-if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
+if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) {
+EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);
return 0;
+}
sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
return 1;
}
diff --git a/crypto/evp/scrypt.c b/crypto/evp/scrypt.c
index 101bb1e..119f7c7 100644
--- a/crypto/evp/scrypt.c
+++ b/crypto/evp/scrypt.c
@@ -171,8 +171,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
if (r == 0 || p == 0 || N < 2 || (N & (N - 1)))
return 0;
/* Check p * r < SCRYPT_PR_MAX avoiding overflow */
-if (p > SCRYPT_PR_MAX / r)
+if (p > SCRYPT_PR_MAX / r) {
+EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
+}
/*
* Need to check N: if 2^(128 * r / 8) overflows limit this is
@@ -180,8 +182,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
*/
if (16 * r <= LOG2_UINT64_MAX) {
-if (N >= (((uint64_t)1) << (16 * r)))
+if (N >= (((uint64_t)1) << (16 * r))) {
+EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
+}
}
/* Memory checks: check total allocated buffer size fits in uint64_t */
@@ -199,13 +203,17 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
[openssl-commits] [openssl] master update
The branch master has been updated
via a73d990e2b6b1a406b1c85837a176bf7525d3914 (commit)
from 3484236d8d7afedd3e5c7771bd49d3385340e3bf (commit)
- Log -
commit a73d990e2b6b1a406b1c85837a176bf7525d3914
Author: Dr. Matthias St. Pierre
Date: Tue Feb 27 19:02:24 2018 +0100
Add documentation for the RAND_DRBG API
The RAND_DRBG API was added in PR #5462 and modified by PR #5547.
This commit adds the corresponding documention.
Reviewed-by: Kurt Roeckx
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5461)
---
Summary of changes:
CHANGES | 4 +
INSTALL | 57 +--
crypto/rand/drbg_lib.c | 157 ++
doc/man3/CRYPTO_get_ex_new_index.pod | 20 +--
doc/man3/RAND_DRBG_generate.pod | 88 ++
doc/man3/RAND_DRBG_get0_master.pod | 80 ++
doc/man3/RAND_DRBG_new.pod | 127 +++
doc/man3/RAND_DRBG_reseed.pod| 111 +
doc/man3/RAND_DRBG_set_callbacks.pod | 147 +
doc/man3/RAND_DRBG_set_ex_data.pod | 68
doc/man3/RAND_add.pod| 123 --
doc/man3/RAND_bytes.pod | 12 +-
doc/man3/RAND_cleanup.pod| 4 +
doc/man3/RAND_egd.pod| 4 +-
doc/man3/RAND_load_file.pod | 6 +-
doc/man3/RAND_set_rand_method.pod| 9 +-
doc/man7/RAND.pod| 78 +
doc/man7/RAND_DRBG.pod | 300 +++
include/openssl/rand_drbg.h | 12 +-
util/private.num | 6 +
20 files changed, 1173 insertions(+), 240 deletions(-)
create mode 100644 doc/man3/RAND_DRBG_generate.pod
create mode 100644 doc/man3/RAND_DRBG_get0_master.pod
create mode 100644 doc/man3/RAND_DRBG_new.pod
create mode 100644 doc/man3/RAND_DRBG_reseed.pod
create mode 100644 doc/man3/RAND_DRBG_set_callbacks.pod
create mode 100644 doc/man3/RAND_DRBG_set_ex_data.pod
create mode 100644 doc/man7/RAND.pod
create mode 100644 doc/man7/RAND_DRBG.pod
diff --git a/CHANGES b/CHANGES
index 462394c..4eaed6f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
Changes between 1.1.0g and 1.1.1 [xx XXX ]
+ *) Added new public header file and documentation
+ for the RAND_DRBG API. See manual page RAND_DRBG(7) for an overview.
+ [Matthias St. Pierre]
+
*) QNX support removed (cannot find contributors to get their approval
for the license change).
[Rich Salz]
diff --git a/INSTALL b/INSTALL
index 007f6a3..71d6b88 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,4 +1,3 @@
-
OPENSSL INSTALLATION
@@ -209,12 +208,40 @@
without a path). This flag must be provided if the
zlib-dynamic option is not also used. If zlib-dynamic is
used
then this flag is optional and a default value ("ZLIB1") is
- used if not provided.
+ used if not provided.
On VMS: this is the filename of the zlib library (with or
without a path). This flag is optional and if not provided
then "GNV$LIBZSHR", "GNV$LIBZSHR32" or "GNV$LIBZSHR64" is
used by default depending on the pointer size chosen.
+
+ --with-rand-seed=seed1[,seed2,...]
+ A comma separated list of seeding methods which will be
tried
+ by OpenSSL in order to obtain random input (a.k.a "entropy")
+ for seeding its cryptographically secure random number
+ generator (CSPRNG). The current seeding methods are:
+
+ os: Use a trusted operating system entropy source.
+ This is the default method if such an entropy
+ source exists.
+ getrandom: Use the L system call if
available.
+ devrandom: Use the the first device from the DEVRANDOM list
+ which can be opened to read random bytes. The
+ DEVRANDOM preprocessor constant expands to
+ "/dev/urandom","/dev/random","/dev/srandom" on
+ most unix-ish operating systems.
+ egd:Check for an entropy generating daemon.
+ rdcpu: Use the RDSEED or RDRAND command if provided by
+ the CPU.
+ librandom: Use librandom (not implemented yet).
+ none: Disable automatic seeding. This is the default
+ on some operating sys
[openssl-commits] [openssl] master update
The branch master has been updated
via 3484236d8d7afedd3e5c7771bd49d3385340e3bf (commit)
from 88b8d83e9e8869c60c556a86bee09f92c56c5a64 (commit)
- Log -
commit 3484236d8d7afedd3e5c7771bd49d3385340e3bf
Author: FdaSilvaYY
Date: Thu Mar 29 20:59:58 2018 +0200
EVP,KDF: Add more error code along some return 0 in ...
methods :
- EVP_PBE_scrypt
- EVP_PKEY_meth_add0
- EVP_PKEY_meth_new
- EVP_PKEY_CTX_dup
Reviewed-by: Rich Salz
Reviewed-by: Bernd Edlinger
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5783)
---
Summary of changes:
crypto/err/openssl.txt | 5 +
crypto/evp/evp_err.c | 3 +++
crypto/evp/pbe_scrypt.c | 23 ++-
crypto/evp/pmeth_lib.c | 17 -
crypto/kdf/kdf_err.c | 5 -
crypto/kdf/scrypt.c | 8 ++--
include/openssl/evperr.h | 3 +++
include/openssl/kdferr.h | 2 ++
8 files changed, 53 insertions(+), 13 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 4fa56fd..f160438 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -702,6 +702,8 @@ EVP_F_EVP_PKEY_GET0_RSA:121:EVP_PKEY_get0_RSA
EVP_F_EVP_PKEY_GET0_SIPHASH:172:EVP_PKEY_get0_siphash
EVP_F_EVP_PKEY_KEYGEN:146:EVP_PKEY_keygen
EVP_F_EVP_PKEY_KEYGEN_INIT:147:EVP_PKEY_keygen_init
+EVP_F_EVP_PKEY_METH_ADD0:194:EVP_PKEY_meth_add0
+EVP_F_EVP_PKEY_METH_NEW:195:EVP_PKEY_meth_new
EVP_F_EVP_PKEY_NEW:106:EVP_PKEY_new
EVP_F_EVP_PKEY_NEW_CMAC_KEY:193:EVP_PKEY_new_CMAC_key
EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY:191:EVP_PKEY_new_raw_private_key
@@ -733,6 +735,8 @@ KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive
KDF_F_PKEY_SCRYPT_CTRL_STR:104:pkey_scrypt_ctrl_str
KDF_F_PKEY_SCRYPT_CTRL_UINT64:105:pkey_scrypt_ctrl_uint64
KDF_F_PKEY_SCRYPT_DERIVE:109:pkey_scrypt_derive
+KDF_F_PKEY_SCRYPT_INIT:106:pkey_scrypt_init
+KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_scrypt_set_membuf
KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str
KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive
OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
@@ -2109,6 +2113,7 @@ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\
operation not supported for this keytype
EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized
EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers
+EVP_R_PBKDF2_ERROR:181:pbkdf2 error
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
pkey application asn1 method already registered
EVP_R_PRIVATE_KEY_DECODE_ERROR:145:private key decode error
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 8678abd..5809783 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -92,6 +92,8 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN, 0), "EVP_PKEY_keygen"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN_INIT, 0),
"EVP_PKEY_keygen_init"},
+{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_METH_ADD0, 0), "EVP_PKEY_meth_add0"},
+{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_METH_NEW, 0), "EVP_PKEY_meth_new"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW, 0), "EVP_PKEY_new"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_CMAC_KEY, 0),
"EVP_PKEY_new_CMAC_key"},
@@ -212,6 +214,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
"operaton not initialized"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
"partially overlapping buffers"},
+{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
{ERR_PACK(ERR_LIB_EVP, 0,
EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED),
"pkey application asn1 method already registered"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_DECODE_ERROR),
diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index fddabc9..02f5895 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -170,8 +170,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
if (r == 0 || p == 0 || N < 2 || (N & (N - 1)))
return 0;
/* Check p * r < SCRYPT_PR_MAX avoiding overflow */
-if (p > SCRYPT_PR_MAX / r)
+if (p > SCRYPT_PR_MAX / r) {
+EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
+}
/*
* Need to check N: if 2^(128 * r / 8) overflows limit this is
@@ -179,8 +181,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
*/
if (16 * r <= LOG2_UINT64_MAX) {
-if (N >= (((uint64_t)1) << (16 * r)))
+if (N >= (((uint64_t)1) << (16 * r))) {
+EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
+}
}
/* Memory checks: check total allo
[openssl-commits] [openssl] master update
The branch master has been updated
via 440bce8f813fa661437ce52378c3df38e2fd073b (commit)
via 16cfc2c90d9e7776965db07c1f31bbec2f6c41e3 (commit)
via 7caf122e717e79afcb986fe217e77a630b67bf4c (commit)
from 4e6647506331fc3b3ef5b23e5dbe188279ddd575 (commit)
- Log -
commit 440bce8f813fa661437ce52378c3df38e2fd073b
Author: Kurt Roeckx
Date: Sun Mar 11 15:19:13 2018 +0100
Add a multithread rand test
Reviewed-by: Tim Hudson
Reviewed-by: Paul Dale
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5547)
commit 16cfc2c90d9e7776965db07c1f31bbec2f6c41e3
Author: Kurt Roeckx
Date: Thu Mar 8 22:30:28 2018 +0100
Don't use a ssl specific DRBG anymore
Since the public and private DRBG are per thread we don't need one
per ssl object anymore. It could also try to get entropy from a DRBG
that's really from an other thread because the SSL object moved to an
other thread.
Reviewed-by: Tim Hudson
Reviewed-by: Paul Dale
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5547)
commit 7caf122e717e79afcb986fe217e77a630b67bf4c
Author: Kurt Roeckx
Date: Wed Mar 7 19:25:55 2018 +0100
Make the public and private DRBG thread local
This avoids lock contention.
Reviewed-by: Tim Hudson
Reviewed-by: Paul Dale
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5547)
---
Summary of changes:
crypto/evp/e_aes.c | 22 ++---
crypto/evp/e_aes_cbc_hmac_sha1.c | 15 ++
crypto/evp/e_aes_cbc_hmac_sha256.c | 15 ++
crypto/evp/e_aria.c| 11 ++---
crypto/evp/e_des.c | 8 +--
crypto/evp/e_des3.c| 13 +
crypto/evp/evp_enc.c | 14 +-
crypto/evp/evp_locl.h | 1 -
crypto/evp/p_seal.c| 13 ++---
crypto/include/internal/cryptlib_int.h | 2 +
crypto/include/internal/rand_int.h | 1 +
crypto/init.c | 16 ++
crypto/rand/drbg_lib.c | 87 +
crypto/rand/rand_lib.c | 3 --
doc/man3/EVP_EncryptInit.pod | 14 --
include/openssl/evp.h | 2 -
ssl/record/ssl3_record.c | 2 +-
ssl/s3_enc.c | 1 -
ssl/s3_lib.c | 6 +--
ssl/ssl_lib.c | 37 --
ssl/ssl_locl.h | 2 -
ssl/ssl_sess.c | 2 +-
ssl/statem/statem_clnt.c | 7 ++-
ssl/statem/statem_srvr.c | 9 ++--
ssl/t1_enc.c | 1 -
ssl/tls13_enc.c| 1 -
ssl/tls_srp.c | 4 +-
test/drbgtest.c| 89 ++
28 files changed, 200 insertions(+), 198 deletions(-)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 2421385..1d5007a 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -17,7 +17,6 @@
#include "internal/evp_int.h"
#include "modes_lcl.h"
#include
-#include
#include "evp_locl.h"
typedef struct {
@@ -1405,14 +1404,8 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int
type, int arg, void *ptr)
memcpy(gctx->iv, ptr, arg);
enc = EVP_CIPHER_CTX_encrypting(c);
-if (enc) {
-if (c->drbg != NULL) {
-if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen -
arg) == 0)
-return 0;
-} else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
-return 0;
-}
-}
+if (enc && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
+return 0;
gctx->iv_gen = 1;
return 1;
@@ -2639,14 +2632,9 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int
arg, void *ptr)
return 0;
if (arg)
memcpy(gctx->iv, ptr, arg);
-if (EVP_CIPHER_CTX_encrypting(c)) {
-if (c->drbg != NULL) {
-if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen -
arg) == 0)
-return 0;
-} else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
-return 0;
-}
-}
+if (EVP_CIPHER_CTX_encrypting(c)
+&& RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
+return 0;
gctx->iv_gen = 1;
return 1;
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
ind
[openssl-commits] [openssl] master update
The branch master has been updated
via dd07e68b2066745caa7f0d9f866cfb6fdf0fc89f (commit)
from d597208c034722d09612c805e4894b0019bdd710 (commit)
- Log -
commit dd07e68b2066745caa7f0d9f866cfb6fdf0fc89f
Author: Dr. Matthias St. Pierre
Date: Fri Feb 16 15:45:32 2018 +0100
Fix miscellaneous typos in docs and source
- d2i_PKC8PrivateKey -> d2i_PKCS8PrivateKey
- bechmark -> benchmark
- ciperhsuite -> ciphersuite
- EncyptedPreMasterSecret -> EncryptedPreMasterSecret
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5570)
---
Summary of changes:
crypto/bn/asm/ppc.pl| 2 +-
doc/man1/speed.pod | 4 ++--
doc/man3/d2i_PrivateKey.pod | 2 +-
ssl/t1_trce.c | 4 ++--
test/recipes/70-test_tls13psk.t | 2 +-
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl
index 39349ae..d197f96 100644
--- a/crypto/bn/asm/ppc.pl
+++ b/crypto/bn/asm/ppc.pl
@@ -40,7 +40,7 @@
#dsa 512 bits 0.0087s 0.0106s114.3 94.5
#dsa 1024 bits 0.0256s 0.0313s 39.0 32.0
#
-# Same bechmark with this assembler code:
+# Same benchmark with this assembler code:
#
#rsa 512 bits 0.0056s 0.0005s178.6 2049.2
#rsa 1024 bits 0.0283s 0.0015s 35.3674.1
diff --git a/doc/man1/speed.pod b/doc/man1/speed.pod
index f57f55a..b20af84 100644
--- a/doc/man1/speed.pod
+++ b/doc/man1/speed.pod
@@ -73,11 +73,11 @@ is only effective if RSA algorithm is specified to test.
=item B<-seconds num>
-Run bechmarks for B seconds.
+Run benchmarks for B seconds.
=item B<-bytes num>
-Run bechmarks on B-byte buffers. Affects ciphers, digests and the CSPRNG.
+Run benchmarks on B-byte buffers. Affects ciphers, digests and the CSPRNG.
=item B<[zero or more test algorithms]>
diff --git a/doc/man3/d2i_PrivateKey.pod b/doc/man3/d2i_PrivateKey.pod
index f5b4667..813c8a6 100644
--- a/doc/man3/d2i_PrivateKey.pod
+++ b/doc/man3/d2i_PrivateKey.pod
@@ -44,7 +44,7 @@ These functions are similar to the d2i_X509() functions; see
L.
All these functions use DER format and unencrypted keys. Applications wishing
to encrypt or decrypt private keys should use other functions such as
-d2i_PKC8PrivateKey() instead.
+d2i_PKCS8PrivateKey() instead.
If the B<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey()
(i.e. an existing structure is being reused) and the key format is PKCS#8
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 3186b98..55f1824 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1086,10 +1086,10 @@ static int ssl_print_client_keyex(BIO *bio, int indent,
const SSL *ssl,
case SSL_kRSAPSK:
if (TLS1_get_version(ssl) == SSL3_VERSION) {
ssl_print_hex(bio, indent + 2,
- "EncyptedPreMasterSecret", msg, msglen);
+ "EncryptedPreMasterSecret", msg, msglen);
} else {
if (!ssl_print_hexbuf(bio, indent + 2,
- "EncyptedPreMasterSecret", 2, &msg, &msglen))
+ "EncryptedPreMasterSecret", 2, &msg,
&msglen))
return 0;
}
break;
diff --git a/test/recipes/70-test_tls13psk.t b/test/recipes/70-test_tls13psk.t
index fa30dd1..fedc527 100644
--- a/test/recipes/70-test_tls13psk.t
+++ b/test/recipes/70-test_tls13psk.t
@@ -63,7 +63,7 @@ $proxy->start();
ok(TLSProxy::Message->fail(), "PSK not last");
#Test 3: Attempt a resume after an HRR where PSK hash matches selected
-#ciperhsuite. Should see PSK on second ClientHello
+#ciphersuite. Should see PSK on second ClientHello
$proxy->clear();
$proxy->clientflags("-sess_in ".$session);
$proxy->serverflags("-curves P-256");
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 31393fd9067a1444fe4b73bfac51ab44d8d344e2 (commit)
from 80f2787717c2181438d4dc2da701fe784fd6286e (commit)
- Log -
commit 31393fd9067a1444fe4b73bfac51ab44d8d344e2
Author: Dr. Matthias St. Pierre
Date: Thu Mar 15 19:48:43 2018 +0100
RAND_DRBG: add a function for setting the default DRBG type and flags
This commit adds a new api RAND_DRBG_set_defaults() which sets the
default type and flags for new DRBG instances. See also #5576.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5632)
---
Summary of changes:
crypto/err/openssl.txt | 2 ++
crypto/rand/drbg_ctr.c | 2 +-
crypto/rand/drbg_lib.c | 55 -
crypto/rand/rand_err.c | 4
crypto/rand/rand_lcl.h | 2 +-
include/openssl/rand_drbg.h | 11 ++---
include/openssl/randerr.h | 2 ++
ssl/ssl_lib.c | 2 +-
util/libcrypto.num | 1 +
9 files changed, 69 insertions(+), 12 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 176a82b..728013b 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -916,6 +916,7 @@ RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new
RAND_F_RAND_DRBG_RESEED:110:RAND_DRBG_reseed
RAND_F_RAND_DRBG_RESTART:102:rand_drbg_restart
RAND_F_RAND_DRBG_SET:104:RAND_DRBG_set
+RAND_F_RAND_DRBG_SET_DEFAULTS:121:RAND_DRBG_set_defaults
RAND_F_RAND_DRBG_UNINSTANTIATE:118:RAND_DRBG_uninstantiate
RAND_F_RAND_LOAD_FILE:111:RAND_load_file
RAND_F_RAND_POOL_ADD:103:rand_pool_add
@@ -2314,6 +2315,7 @@ RAND_R_RANDOM_POOL_OVERFLOW:125:random pool overflow
RAND_R_REQUEST_TOO_LARGE_FOR_DRBG:117:request too large for drbg
RAND_R_RESEED_ERROR:118:reseed error
RAND_R_SELFTEST_FAILURE:119:selftest failure
+RAND_R_UNSUPPORTED_DRBG_FLAGS:132:unsupported drbg flags
RAND_R_UNSUPPORTED_DRBG_TYPE:120:unsupported drbg type
RSA_R_ALGORITHM_MISMATCH:100:algorithm mismatch
RSA_R_BAD_E_VALUE:101:bad e value
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c
index 84425dc..ac4af33 100644
--- a/crypto/rand/drbg_ctr.c
+++ b/crypto/rand/drbg_ctr.c
@@ -317,7 +317,7 @@ int drbg_ctr_init(RAND_DRBG *drbg)
RAND_DRBG_CTR *ctr = &drbg->data.ctr;
size_t keylen;
-switch (drbg->nid) {
+switch (drbg->type) {
default:
/* This can't happen, but silence the compiler warning. */
return 0;
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index 93092c8..360e775 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -113,6 +113,11 @@ static const char ossl_pers_string[] = "OpenSSL NIST SP
800-90A DRBG";
static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT;
+
+
+static int rand_drbg_type = RAND_DRBG_TYPE;
+static unsigned int rand_drbg_flags = RAND_DRBG_FLAGS;
+
static unsigned int master_reseed_interval = MASTER_RESEED_INTERVAL;
static unsigned int slave_reseed_interval = SLAVE_RESEED_INTERVAL;
@@ -127,19 +132,26 @@ static RAND_DRBG *rand_drbg_new(int secure,
RAND_DRBG *parent);
/*
- * Set/initialize |drbg| to be of type |nid|, with optional |flags|.
+ * Set/initialize |drbg| to be of type |type|, with optional |flags|.
+ *
+ * If |type| and |flags| are zero, use the defaults
*
* Returns 1 on success, 0 on failure.
*/
-int RAND_DRBG_set(RAND_DRBG *drbg, int nid, unsigned int flags)
+int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
{
int ret = 1;
+if (type == 0 && flags == 0) {
+type = rand_drbg_type;
+flags = rand_drbg_flags;
+}
+
drbg->state = DRBG_UNINITIALISED;
drbg->flags = flags;
-drbg->nid = nid;
+drbg->type = type;
-switch (nid) {
+switch (type) {
default:
RANDerr(RAND_F_RAND_DRBG_SET, RAND_R_UNSUPPORTED_DRBG_TYPE);
return 0;
@@ -159,6 +171,37 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int nid, unsigned int
flags)
}
/*
+ * Set/initialize default |type| and |flag| for new drbg instances.
+ *
+ * Returns 1 on success, 0 on failure.
+ */
+int RAND_DRBG_set_defaults(int type, unsigned int flags)
+{
+int ret = 1;
+
+switch (type) {
+default:
+RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_TYPE);
+return 0;
+case NID_aes_128_ctr:
+case NID_aes_192_ctr:
+case NID_aes_256_ctr:
+break;
+}
+
+if ((flags & ~RAND_DRBG_USED_FLAGS) != 0) {
+RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_FLAGS);
+return 0;
+}
+
+rand_drbg_type = type;
+rand_drbg_flags = flags;
+
+return ret;
+}
+
+
+/*
* Allocate memory and initialize a new DRBG. The DRBG is allocated on
* the secure heap if |secure| is nonzero and the s
[openssl-commits] [openssl] master update
The branch master has been updated
via 6decf9436f77ff65ed8ed773268663a9273cfbc8 (commit)
from f297e4ecc3e5bd9f460ffc99f38680e34d6d4d2f (commit)
- Log -
commit 6decf9436f77ff65ed8ed773268663a9273cfbc8
Author: Dr. Matthias St. Pierre
Date: Mon Mar 5 23:45:44 2018 +0100
Publish the RAND_DRBG API
Fixes #4403
This commit moves the internal header file "internal/rand.h" to
, making the RAND_DRBG API public.
The RAND_POOL API remains private, its function prototypes were
moved to "internal/rand_int.h" and converted to lowercase.
Documentation for the new API is work in progress on GitHub #5461.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5462)
---
Summary of changes:
crypto/err/openssl.txt | 10 +-
crypto/evp/e_aes.c | 2 +-
crypto/evp/e_aes_cbc_hmac_sha1.c | 2 +-
crypto/evp/e_aes_cbc_hmac_sha256.c | 2 +-
crypto/evp/e_aria.c | 2 +-
crypto/evp/e_des.c | 2 +-
crypto/evp/e_des3.c | 2 +-
crypto/evp/evp_enc.c | 2 +-
crypto/evp/p_seal.c | 2 +-
crypto/include/internal/rand_int.h | 58 +-
crypto/rand/drbg_ctr.c | 4 +-
crypto/rand/drbg_lib.c | 10 +-
crypto/rand/rand_err.c | 10 +-
crypto/rand/rand_lcl.h | 16 +-
crypto/rand/rand_lib.c | 110 +--
crypto/rand/rand_unix.c | 41 ++--
crypto/rand/rand_vms.c | 4 +-
crypto/rand/rand_win.c | 25 +--
include/openssl/ossl_typ.h | 1 -
include/{internal/rand.h => openssl/rand_drbg.h} | 50 ++---
ssl/ssl_lib.c| 2 +-
util/libcrypto.num | 236 +++
util/mkdef.pl| 1 -
23 files changed, 302 insertions(+), 292 deletions(-)
rename include/{internal/rand.h => openssl/rand_drbg.h} (73%)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 896c089..176a82b 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -918,11 +918,11 @@ RAND_F_RAND_DRBG_RESTART:102:rand_drbg_restart
RAND_F_RAND_DRBG_SET:104:RAND_DRBG_set
RAND_F_RAND_DRBG_UNINSTANTIATE:118:RAND_DRBG_uninstantiate
RAND_F_RAND_LOAD_FILE:111:RAND_load_file
-RAND_F_RAND_POOL_ADD:103:RAND_POOL_add
-RAND_F_RAND_POOL_ADD_BEGIN:113:RAND_POOL_add_begin
-RAND_F_RAND_POOL_ADD_END:114:RAND_POOL_add_end
-RAND_F_RAND_POOL_BYTES_NEEDED:115:RAND_POOL_bytes_needed
-RAND_F_RAND_POOL_NEW:116:RAND_POOL_new
+RAND_F_RAND_POOL_ADD:103:rand_pool_add
+RAND_F_RAND_POOL_ADD_BEGIN:113:rand_pool_add_begin
+RAND_F_RAND_POOL_ADD_END:114:rand_pool_add_end
+RAND_F_RAND_POOL_BYTES_NEEDED:115:rand_pool_bytes_needed
+RAND_F_RAND_POOL_NEW:116:rand_pool_new
RAND_F_RAND_WRITE_FILE:112:RAND_write_file
RSA_F_CHECK_PADDING_MD:140:check_padding_md
RSA_F_ENCODE_PKCS1:146:encode_pkcs1
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index bed9b27..2421385 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -17,7 +17,7 @@
#include "internal/evp_int.h"
#include "modes_lcl.h"
#include
-#include
+#include
#include "evp_locl.h"
typedef struct {
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 053189e..ac564a2 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -17,7 +17,7 @@
#include
#include
#include
-#include
+#include
#include "modes_lcl.h"
#include "internal/evp_int.h"
#include "internal/constant_time_locl.h"
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c
b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 215e02f..e752d30 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -18,7 +18,7 @@
#include
#include
#include
-#include
+#include
#include "modes_lcl.h"
#include "internal/constant_time_locl.h"
#include "internal/evp_int.h"
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index 10525a8..9c1036b 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -13,9 +13,9 @@
# include
# include
# include
+# include
# include "internal/aria.h"
# include "internal/evp_int.h"
-# include "internal/rand.h"
# include "modes_lcl.h"
# include "evp_locl.h"
diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index d8c4afa..3b4b714
[openssl-commits] [openssl] master update
The branch master has been updated
via 4917e91160fac2acef543ad6a74b2da2e1f17625 (commit)
from 9ad9794273f3d069e45cf505fbeaada073a849ce (commit)
- Log -
commit 4917e91160fac2acef543ad6a74b2da2e1f17625
Author: Dr. Matthias St. Pierre
Date: Fri Mar 9 18:24:23 2018 +0100
RAND_DRBG: add a function for setting the reseeding defaults
The introduction of thread local public and private DRBG instances (#5547)
makes it very cumbersome to change the reseeding (time) intervals for
those instances. This commit provides a function to set the default
values for all subsequently created DRBG instances.
int RAND_DRBG_set_reseed_defaults(
unsigned int master_reseed_interval,
unsigned int slave_reseed_interval,
time_t master_reseed_time_interval,
time_t slave_reseed_time_interval
);
The function is intended only to be used during application initialization,
before any threads are created and before any random bytes are generated.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5576)
---
Summary of changes:
crypto/rand/drbg_ctr.c | 2 +-
crypto/rand/drbg_lib.c | 55 ++---
include/internal/rand.h | 7 +++
util/libcrypto.num | 1 +
4 files changed, 56 insertions(+), 9 deletions(-)
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c
index 99cd997..0496cb0 100644
--- a/crypto/rand/drbg_ctr.c
+++ b/crypto/rand/drbg_ctr.c
@@ -366,6 +366,6 @@ int drbg_ctr_init(RAND_DRBG *drbg)
}
drbg->max_request = 1 << 16;
-drbg->reseed_interval = MAX_RESEED_INTERVAL;
+
return 1;
}
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index daac770..12070d7 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -113,6 +113,12 @@ static const char ossl_pers_string[] = "OpenSSL NIST SP
800-90A DRBG";
static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT;
+static unsigned int master_reseed_interval = MASTER_RESEED_INTERVAL;
+static unsigned int slave_reseed_interval = SLAVE_RESEED_INTERVAL;
+
+static time_t master_reseed_time_interval = MASTER_RESEED_TIME_INTERVAL;
+static time_t slave_reseed_time_interval = SLAVE_RESEED_TIME_INTERVAL;
+
static RAND_DRBG *drbg_setup(RAND_DRBG *parent);
static RAND_DRBG *rand_drbg_new(int secure,
@@ -175,6 +181,15 @@ static RAND_DRBG *rand_drbg_new(int secure,
drbg->secure = secure && CRYPTO_secure_allocated(drbg);
drbg->fork_count = rand_fork_count;
drbg->parent = parent;
+
+if (parent == NULL) {
+drbg->reseed_interval = master_reseed_interval;
+drbg->reseed_time_interval = master_reseed_time_interval;
+} else {
+drbg->reseed_interval = slave_reseed_interval;
+drbg->reseed_time_interval = slave_reseed_time_interval;
+}
+
if (RAND_DRBG_set(drbg, type, flags) == 0)
goto err;
@@ -710,6 +725,38 @@ int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
time_t interval)
return 1;
}
+/*
+ * Set the default values for reseed (time) intervals of new DRBG instances
+ *
+ * The default values can be set independently for master DRBG instances
+ * (without a parent) and slave DRBG instances (with parent).
+ *
+ * Returns 1 on success, 0 on failure.
+ */
+
+int RAND_DRBG_set_reseed_defaults(
+ unsigned int _master_reseed_interval,
+ unsigned int _slave_reseed_interval,
+ time_t _master_reseed_time_interval,
+ time_t _slave_reseed_time_interval
+ )
+{
+if (_master_reseed_interval > MAX_RESEED_INTERVAL
+|| _slave_reseed_interval > MAX_RESEED_INTERVAL)
+return 0;
+
+if (_master_reseed_time_interval > MAX_RESEED_TIME_INTERVAL
+|| _slave_reseed_time_interval > MAX_RESEED_TIME_INTERVAL)
+return 0;
+
+master_reseed_interval = _master_reseed_interval;
+slave_reseed_interval = _slave_reseed_interval;
+
+master_reseed_time_interval = _master_reseed_time_interval;
+slave_reseed_time_interval = _slave_reseed_time_interval;
+
+return 1;
+}
/*
* Locks the given drbg. Locking a drbg which does not have locking
@@ -809,14 +856,6 @@ static RAND_DRBG *drbg_setup(RAND_DRBG *parent)
if (rand_drbg_enable_locking(drbg) == 0)
goto err;
-if (parent == NULL) {
-drbg->reseed_interval = MASTER_RESEED_INTERVAL;
-drbg->reseed_time_interval = MASTER_RESEED_TIME_INTERVAL;
-} else {
[openssl-commits] [openssl] master update
The branch master has been updated via 83918ad6fddf33acc43aadcc40f08be22ff39482 (commit) from 5ff554cfd2c2b20f9f8c4b0f4c2a61c4e35379f1 (commit) - Log - commit 83918ad6fddf33acc43aadcc40f08be22ff39482 Author: Alex Gaynor Date: Thu Mar 8 07:59:50 2018 -0500 Fixed several readability issues in DH_generate_parameters.pod Reviewed-by: Tim Hudson Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/5553) --- Summary of changes: doc/man3/DH_generate_parameters.pod | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/man3/DH_generate_parameters.pod b/doc/man3/DH_generate_parameters.pod index 56ad4b1..bcbc12c 100644 --- a/doc/man3/DH_generate_parameters.pod +++ b/doc/man3/DH_generate_parameters.pod @@ -111,10 +111,10 @@ The parameter B is invalid. =back -DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similiar with -DH_check() and DH_check_params() respectively, but the error reasons are set -to the OpenSSL error handling framework instead of returning by the function -parameters. +DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to +DH_check() and DH_check_params() respectively, but the error reasons are added +to the thread's error queue instead of provided as return values from the +function. =head1 RETURN VALUES _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 36359ceca02671e0835a9712232eaf906caa6c9d (commit) from 72983c0eab750dfc1b6298c516df7afb1a73ba54 (commit) - Log - commit 36359ceca02671e0835a9712232eaf906caa6c9d Author: Dr. Matthias St. Pierre Date: Wed Mar 7 14:37:23 2018 +0100 BIO_s_mem.pod: fix indirection for out parameter **pp BIO_get_mem_data() and BIO_get_mem_ptr() assign to *pp, not pp Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5544) --- Summary of changes: doc/man3/BIO_s_mem.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man3/BIO_s_mem.pod b/doc/man3/BIO_s_mem.pod index b55ecbf..050d778 100644 --- a/doc/man3/BIO_s_mem.pod +++ b/doc/man3/BIO_s_mem.pod @@ -56,14 +56,14 @@ zero then it will return B when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value B should be set to a negative value, typically -1. -BIO_get_mem_data() sets B to a pointer to the start of the memory BIOs data +BIO_get_mem_data() sets *B to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro. BIO_set_mem_buf() sets the internal BUF_MEM structure to B and sets the close flag to B, that is B should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro. -BIO_get_mem_ptr() places the underlying BUF_MEM structure in B. It is +BIO_get_mem_ptr() places the underlying BUF_MEM structure in *B. It is a macro. BIO_new_mem_buf() creates a memory BIO using B bytes of data at B, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 7d162ac37eb829be319477f42ddb5509f6c766b0 (commit) from 77ba00bc3b7a1348f310ea7ce44890eb2c11899f (commit) - Log - commit 7d162ac37eb829be319477f42ddb5509f6c766b0 Author: Dr. Matthias St. Pierre Date: Wed Mar 7 14:37:23 2018 +0100 BIO_s_mem.pod: fix indirection for out parameter **pp BIO_get_mem_data() and BIO_get_mem_ptr() assign to *pp, not pp Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5544) --- Summary of changes: doc/crypto/BIO_s_mem.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/crypto/BIO_s_mem.pod b/doc/crypto/BIO_s_mem.pod index b272c41..2db39af 100644 --- a/doc/crypto/BIO_s_mem.pod +++ b/doc/crypto/BIO_s_mem.pod @@ -56,14 +56,14 @@ zero then it will return B when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value B should be set to a negative value, typically -1. -BIO_get_mem_data() sets B to a pointer to the start of the memory BIOs data +BIO_get_mem_data() sets *B to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro. BIO_set_mem_buf() sets the internal BUF_MEM structure to B and sets the close flag to B, that is B should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro. -BIO_get_mem_ptr() places the underlying BUF_MEM structure in B. It is +BIO_get_mem_ptr() places the underlying BUF_MEM structure in *B. It is a macro. BIO_new_mem_buf() creates a memory BIO using B bytes of data at B, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via abeb388fd014c86d990ab741a05de04416594dfe (commit) from 43032197607b1c0825e5dcfb5a08a7351a1289d5 (commit) - Log - commit abeb388fd014c86d990ab741a05de04416594dfe Author: Dr. Matthias St. Pierre Date: Wed Mar 7 14:37:23 2018 +0100 BIO_s_mem.pod: fix indirection for out parameter **pp BIO_get_mem_data() and BIO_get_mem_ptr() assign to *pp, not pp Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5544) --- Summary of changes: doc/crypto/BIO_s_mem.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/crypto/BIO_s_mem.pod b/doc/crypto/BIO_s_mem.pod index 9f23964..7663d8b 100644 --- a/doc/crypto/BIO_s_mem.pod +++ b/doc/crypto/BIO_s_mem.pod @@ -50,14 +50,14 @@ zero then it will return B when it is empty and it will set the read retry flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal positive return value B should be set to a negative value, typically -1. -BIO_get_mem_data() sets B to a pointer to the start of the memory BIOs data +BIO_get_mem_data() sets *B to a pointer to the start of the memory BIOs data and returns the total amount of data available. It is implemented as a macro. BIO_set_mem_buf() sets the internal BUF_MEM structure to B and sets the close flag to B, that is B should be either BIO_CLOSE or BIO_NOCLOSE. It is a macro. -BIO_get_mem_ptr() places the underlying BUF_MEM structure in B. It is +BIO_get_mem_ptr() places the underlying BUF_MEM structure in *B. It is a macro. BIO_new_mem_buf() creates a memory BIO using B bytes of data at B, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 9d927ddf1c74c293db4ada85e925b9620adb1436 (commit) from fa740328d67ee39f6db647e28ea5034e427ad83e (commit) - Log - commit 9d927ddf1c74c293db4ada85e925b9620adb1436 Author: Dr. Matthias St. Pierre Date: Wed Feb 14 12:21:26 2018 +0100 d2i_X509.pod: clarify usage of the 'pp' function parameter The 'pp' function parameters of d2i_TYPE() and i2d_TYPE() are referenced in the DESCRIPTION section as 'in' resp. 'out'. This commit renames the references to 'ppin' resp. 'ppout' and adds an explaining sentence. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5365) --- Summary of changes: doc/crypto/d2i_X509.pod | 20 +++- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/doc/crypto/d2i_X509.pod b/doc/crypto/d2i_X509.pod index 93bcc8e..d661f26 100644 --- a/doc/crypto/d2i_X509.pod +++ b/doc/crypto/d2i_X509.pod @@ -354,11 +354,11 @@ i2d_X509_VAL, =for comment generic - TYPE *d2i_TYPE(TYPE **a, unsigned char **pp, long length); + TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length); TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a); TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a); - int i2d_TYPE(TYPE *a, unsigned char **pp); + int i2d_TYPE(TYPE *a, unsigned char **ppout); int i2d_TYPE_fp(FILE *fp, TYPE *a); int i2d_TYPE_bio(BIO *bp, TYPE *a); @@ -366,14 +366,16 @@ i2d_X509_VAL, In the description here, I is used a placeholder for any of the OpenSSL datatypes, such as I. +The function parameters I and I are generally +either both named I in the headers, or I and I. These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on. -d2i_TYPE() attempts to decode B bytes at B<*in>. If successful a -pointer to the B structure is returned and B<*in> is incremented to +d2i_TYPE() attempts to decode B bytes at B<*ppin>. If successful a +pointer to the B structure is returned and B<*ppin> is incremented to the byte following the parsed data. If B is not B then a pointer to the returned structure is also written to B<*a>. If an error occurred then B is returned. @@ -391,13 +393,13 @@ d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer B. i2d_TYPE() encodes the structure pointed to by B into DER format. -If B is not B, it writes the DER encoded data to the buffer -at B<*out>, and increments it to point after the data just written. +If B is not B, it writes the DER encoded data to the buffer +at B<*ppout>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data. -If B<*out> is B memory will be allocated for a buffer and the encoded -data written to it. In this case B<*out> is not incremented and it points +If B<*ppout> is B memory will be allocated for a buffer and the encoded +data written to it. In this case B<*ppout> is not incremented and it points to the start of the data just written. i2d_TYPE_bio() is similar to i2d_TYPE() except it writes @@ -428,7 +430,7 @@ Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will B return the correct length of the encoded structure. -The ways that B<*in> and B<*out> are incremented after the operation +The ways that B<*ppin> and B<*ppout> are incremented after the operation can trap the unwary. See the B section for some common errors. The reason for this-auto increment behaviour is to reflect a typical _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via c1190c32c42b1e3ce35ea2ea8f214f46f336c5ed (commit) from b3f9b401ab6284e6bbde59dde06736f681f70a9d (commit) - Log - commit c1190c32c42b1e3ce35ea2ea8f214f46f336c5ed Author: Ivan Filenko Date: Sun Feb 25 16:49:27 2018 +0300 Fix typo in ASN1_STRING_length doc CLA: trivial Reviewed-by: Rich Salz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/5458) --- Summary of changes: doc/crypto/ASN1_STRING_length.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod index f651e4f..4ea6e8c 100644 --- a/doc/crypto/ASN1_STRING_length.pod +++ b/doc/crypto/ASN1_STRING_length.pod @@ -66,8 +66,8 @@ utility functions should be used instead. In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example -for and IA5String the data will be ASCII, for a BMPString two bytes per -character in big endian format, UTF8String will be in UTF8 format. +for an IA5String the data will be ASCII, for a BMPString two bytes per +character in big endian format, and for an UTF8String it will be in UTF8 format. Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set(). _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated via 30ecc60ac1fc7012daabc9eda7eacd401ef8e15a (commit) from ea8d9cec4739d6b06d25f3d01a1b7666d5a090ed (commit) - Log - commit 30ecc60ac1fc7012daabc9eda7eacd401ef8e15a Author: Ivan Filenko Date: Sun Feb 25 16:49:27 2018 +0300 Fix typo in ASN1_STRING_length doc CLA: trivial Reviewed-by: Rich Salz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/5458) --- Summary of changes: doc/crypto/ASN1_STRING_length.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod index 26cb176..a774a42 100644 --- a/doc/crypto/ASN1_STRING_length.pod +++ b/doc/crypto/ASN1_STRING_length.pod @@ -71,8 +71,8 @@ utility functions should be used instead. In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example -for and IA5String the data will be ASCII, for a BMPString two bytes per -character in big endian format, UTF8String will be in UTF8 format. +for an IA5String the data will be ASCII, for a BMPString two bytes per +character in big endian format, and for an UTF8String it will be in UTF8 format. Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set(). _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 4a56d2a3b3dca6f73e46b56625e1c0ac3634e62c (commit) from 178989b4a3ed714fa169cae5865c75f156ec9fdb (commit) - Log - commit 4a56d2a3b3dca6f73e46b56625e1c0ac3634e62c Author: Ivan Filenko Date: Sun Feb 25 16:49:27 2018 +0300 Fix typo in ASN1_STRING_length doc CLA: trivial Reviewed-by: Rich Salz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/5458) --- Summary of changes: doc/man3/ASN1_STRING_length.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man3/ASN1_STRING_length.pod b/doc/man3/ASN1_STRING_length.pod index 1888612..85d3565 100644 --- a/doc/man3/ASN1_STRING_length.pod +++ b/doc/man3/ASN1_STRING_length.pod @@ -71,8 +71,8 @@ utility functions should be used instead. In general it cannot be assumed that the data returned by ASN1_STRING_data() is null terminated or does not contain embedded nulls. The actual format of the data will depend on the actual string type itself: for example -for and IA5String the data will be ASCII, for a BMPString two bytes per -character in big endian format, UTF8String will be in UTF8 format. +for an IA5String the data will be ASCII, for a BMPString two bytes per +character in big endian format, and for an UTF8String it will be in UTF8 format. Similar care should be take to ensure the data is in the correct format when calling ASN1_STRING_set(). _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via b3f9064cc66324d2359dba5350c71540ce869ceb (commit) from 000edfec502c0eed742d07e3ac02c2012381ee5e (commit) - Log - commit b3f9064cc66324d2359dba5350c71540ce869ceb Author: David Makepeace Date: Wed Feb 28 16:30:32 2018 +1000 Fixed typo in description of EVP_CIPHER_meth_set_iv_length(). Reviewed-by: Rich Salz Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/5477) --- Summary of changes: doc/man3/EVP_CIPHER_meth_new.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man3/EVP_CIPHER_meth_new.pod b/doc/man3/EVP_CIPHER_meth_new.pod index a33cb76..15f7161 100644 --- a/doc/man3/EVP_CIPHER_meth_new.pod +++ b/doc/man3/EVP_CIPHER_meth_new.pod @@ -73,7 +73,7 @@ EVP_CIPHER_meth_dup() creates a copy of B. EVP_CIPHER_meth_free() destroys a B structure. -EVP_CIPHER_meth_iv_length() sets the length of the IV. +EVP_CIPHER_meth_set_iv_length() sets the length of the IV. This is only needed when the implemented cipher mode requires it. EVP_CIPHER_meth_set_flags() sets the flags to describe optional _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated
via b3f9b401ab6284e6bbde59dde06736f681f70a9d (commit)
from 37e62cee3ee50983ecad88813ec11b326efb123a (commit)
- Log -
commit b3f9b401ab6284e6bbde59dde06736f681f70a9d
Author: Dr. Matthias St. Pierre
Date: Wed Feb 21 01:45:14 2018 +0100
bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data
Fixes #5405, #1381
The base64 filter BIO reads its input in chunks of B64_BLOCK_SIZE bytes.
When processing input in PEM format it can happen in rare cases that
- the trailing PEM marker crosses the boundary of a chunk, and
- the beginning of the following chunk contains valid base64 encoded data.
This happened in issue #5405, where the PEM marker was split into
"-END CER" and "TIFICATE-" at the end of the first chunk.
The decoding of the first chunk terminated correctly at the '-' character,
which is treated as an EOF marker, and b64_read() returned. However,
when called the second time, b64_read() read the next chunk and interpreted
the string "TIFICATE" as valid base64 encoded data, adding 6 extra bytes
'4c 81 48 08 04 c4'.
This patch restores the assignment of the error code to 'ctx->cont', which
was deleted accidentally in commit 5562cfaca4f3 and which prevents
b64_read()
from reading additional data on subsequent calls.
This issue was observed and reported by Annie Yousar.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5422)
---
Summary of changes:
crypto/evp/bio_b64.c | 8
1 file changed, 8 insertions(+)
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index 538b520..5ad5a95 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -330,6 +330,14 @@ static int b64_read(BIO *b, char *out, int outl)
(unsigned char *)ctx->tmp, i);
ctx->tmp_len = 0;
}
+/*
+ * If eof or an error was signalled, then the condition
+ * 'ctx->cont <= 0' will prevent b64_read() from reading
+ * more data on subsequent calls. This assignment was
+ * deleted accidentally in commit 5562cfaca4f3.
+ */
+ctx->cont = i;
+
ctx->buf_off = 0;
if (i < 0) {
ret_code = 0;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
The branch OpenSSL_1_1_0-stable has been updated
via 5eb9a426d953b17c377b87315d0666c86126022f (commit)
from 4974a6f21b3e1aee969174fd20e2a68c36237e71 (commit)
- Log -
commit 5eb9a426d953b17c377b87315d0666c86126022f
Author: Dr. Matthias St. Pierre
Date: Wed Feb 21 01:45:14 2018 +0100
bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data
Fixes #5405, #1381
The base64 filter BIO reads its input in chunks of B64_BLOCK_SIZE bytes.
When processing input in PEM format it can happen in rare cases that
- the trailing PEM marker crosses the boundary of a chunk, and
- the beginning of the following chunk contains valid base64 encoded data.
This happened in issue #5405, where the PEM marker was split into
"-END CER" and "TIFICATE-" at the end of the first chunk.
The decoding of the first chunk terminated correctly at the '-' character,
which is treated as an EOF marker, and b64_read() returned. However,
when called the second time, b64_read() read the next chunk and interpreted
the string "TIFICATE" as valid base64 encoded data, adding 6 extra bytes
'4c 81 48 08 04 c4'.
This patch restores the assignment of the error code to 'ctx->cont', which
was deleted accidentally in commit 5562cfaca4f3 and which prevents
b64_read()
from reading additional data on subsequent calls.
This issue was observed and reported by Annie Yousar.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5422)
---
Summary of changes:
crypto/evp/bio_b64.c | 8
1 file changed, 8 insertions(+)
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index 41a10a7..05019fd 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -288,6 +288,14 @@ static int b64_read(BIO *b, char *out, int outl)
(unsigned char *)ctx->tmp, i);
ctx->tmp_len = 0;
}
+/*
+ * If eof or an error was signalled, then the condition
+ * 'ctx->cont <= 0' will prevent b64_read() from reading
+ * more data on subsequent calls. This assignment was
+ * deleted accidentally in commit 5562cfaca4f3.
+ */
+ctx->cont = i;
+
ctx->buf_off = 0;
if (i < 0) {
ret_code = 0;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via d070b4ae78a1280c5cb6b88df75bcbfbcef6a8f1 (commit)
from 9763f15e80f7e663f140f6201725e0910b59d86a (commit)
- Log -
commit d070b4ae78a1280c5cb6b88df75bcbfbcef6a8f1
Author: Dr. Matthias St. Pierre
Date: Wed Feb 21 01:45:14 2018 +0100
bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data
Fixes #5405, #1381
The base64 filter BIO reads its input in chunks of B64_BLOCK_SIZE bytes.
When processing input in PEM format it can happen in rare cases that
- the trailing PEM marker crosses the boundary of a chunk, and
- the beginning of the following chunk contains valid base64 encoded data.
This happened in issue #5405, where the PEM marker was split into
"-END CER" and "TIFICATE-" at the end of the first chunk.
The decoding of the first chunk terminated correctly at the '-' character,
which is treated as an EOF marker, and b64_read() returned. However,
when called the second time, b64_read() read the next chunk and interpreted
the string "TIFICATE" as valid base64 encoded data, adding 6 extra bytes
'4c 81 48 08 04 c4'.
This patch restores the assignment of the error code to 'ctx->cont', which
was deleted accidentally in commit 5562cfaca4f3 and which prevents
b64_read()
from reading additional data on subsequent calls.
This issue was observed and reported by Annie Yousar.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5422)
---
Summary of changes:
crypto/evp/bio_b64.c | 8
1 file changed, 8 insertions(+)
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index cade6f8..e70fc32 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -289,6 +289,14 @@ static int b64_read(BIO *b, char *out, int outl)
(unsigned char *)ctx->tmp, i);
ctx->tmp_len = 0;
}
+/*
+ * If eof or an error was signalled, then the condition
+ * 'ctx->cont <= 0' will prevent b64_read() from reading
+ * more data on subsequent calls. This assignment was
+ * deleted accidentally in commit 5562cfaca4f3.
+ */
+ctx->cont = i;
+
ctx->buf_off = 0;
if (i < 0) {
ret_code = 0;
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 856f231bd230e7f8bd3a2183a32d39093ab4ddc3 (commit) from 51cf8e0b50f677581bff2694942b690bbff630b7 (commit) - Log - commit 856f231bd230e7f8bd3a2183a32d39093ab4ddc3 Author: Dr. Matthias St. Pierre Date: Fri Feb 16 10:26:55 2018 +0100 pkeyparam.pod: correct the command description The description was probably copy&pasted from pkey.pod and forgotten. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5390) --- Summary of changes: doc/man1/pkeyparam.pod | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man1/pkeyparam.pod b/doc/man1/pkeyparam.pod index 1179705..70478c5 100644 --- a/doc/man1/pkeyparam.pod +++ b/doc/man1/pkeyparam.pod @@ -18,8 +18,8 @@ B B =head1 DESCRIPTION -The B command processes public or private keys. They can be converted -between various forms and their components printed out. +The B command processes public key algorithm parameters. +They can be checked for correctness and their components printed out. =head1 OPTIONS _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 812b15370613da4768d91b9e566fdf5a30c06805 (commit)
from 4d921bfb8b4161f735e5d3bc19fae264816c9c40 (commit)
- Log -
commit 812b15370613da4768d91b9e566fdf5a30c06805
Author: Dr. Matthias St. Pierre
Date: Thu Feb 15 10:29:56 2018 +0100
DRBG: make locking api truly private
In PR #5295 it was decided that the locking api should remain private
and used only inside libcrypto. However, the locking functions were added
back to `libcrypto.num` by `mkdef.pl`, because the function prototypes
were still listed in `internal/rand.h`. (This header contains functions
which are internal, but shared between libcrypto and libssl.)
This commit moves the prototypes to `rand_lcl.h` and changes the names
to lowercase, following the convention therein. It also corrects an
outdated documenting comment.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5375)
---
Summary of changes:
crypto/err/openssl.txt | 2 +-
crypto/rand/drbg_lib.c | 42 +-
crypto/rand/rand_err.c | 2 +-
crypto/rand/rand_lcl.h | 6 ++
crypto/rand/rand_lib.c | 12 ++--
include/internal/rand.h | 4
util/libcrypto.num | 7 ++-
7 files changed, 37 insertions(+), 38 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 8d00463..43001be 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -890,7 +890,7 @@ RAND_F_DRBG_GET_ENTROPY:105:drbg_get_entropy
RAND_F_DRBG_SETUP:117:drbg_setup
RAND_F_GET_ENTROPY:106:get_entropy
RAND_F_RAND_BYTES:100:RAND_bytes
-RAND_F_RAND_DRBG_ENABLE_LOCKING:119:RAND_DRBG_enable_locking
+RAND_F_RAND_DRBG_ENABLE_LOCKING:119:rand_drbg_enable_locking
RAND_F_RAND_DRBG_GENERATE:107:RAND_DRBG_generate
RAND_F_RAND_DRBG_INSTANTIATE:108:RAND_DRBG_instantiate
RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index c592a7b..c43f571 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -94,17 +94,17 @@ static RAND_DRBG *drbg_private;
* LOCKING
*
* The three shared DRBGs are intended to be used concurrently, so they
- * support locking by default. It is the callers responsibility to wrap
- * calls to functions like RAND_DRBG_generate() which modify the DRBGs
- * internal state with calls to RAND_DRBG_lock() and RAND_DRBG_unlock().
- * The functions RAND_bytes() and RAND_priv_bytes() take the locks
- * automatically, so using the RAND api is thread safe as before.
- *
- * All other DRBG instances don't have locking enabled by default, because
- * they are intendended to be used by a single thread. If it is desired,
- * locking can be enabled using RAND_DRBG_enable_locking(). However, instead
- * of accessing a single DRBG instance concurrently from different threads,
- * it is recommended to instantiate a separate DRBG instance per thread.
+ * support locking. The RAND methods take the locks automatically, so using
+ * the RAND api (in particular RAND_bytes() and RAND_priv_bytes()) is
+ * thread-safe. Note however that accessing the shared DRBGs directly via
+ * the RAND_DRBG interface is *not* thread-safe.
+ *
+ * All other DRBG instances don't support locking, because they are
+ * intendended to be used by a single thread. Instead of accessing a single
+ * DRBG instance concurrently from different threads, it is recommended to
+ * instantiate a separate DRBG instance per thread. Using the same shared
+ * DRBG (preferrably the public DRBG) as parent of DRBG instances on
+ * different threads is safe.
*/
@@ -708,7 +708,7 @@ int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
time_t interval)
*
* Returns 1 on success, 0 on failure.
*/
-int RAND_DRBG_lock(RAND_DRBG *drbg)
+int rand_drbg_lock(RAND_DRBG *drbg)
{
if (drbg->lock != NULL)
return CRYPTO_THREAD_write_lock(drbg->lock);
@@ -722,7 +722,7 @@ int RAND_DRBG_lock(RAND_DRBG *drbg)
*
* Returns 1 on success, 0 on failure.
*/
-int RAND_DRBG_unlock(RAND_DRBG *drbg)
+int rand_drbg_unlock(RAND_DRBG *drbg)
{
if (drbg->lock != NULL)
return CRYPTO_THREAD_unlock(drbg->lock);
@@ -738,7 +738,7 @@ int RAND_DRBG_unlock(RAND_DRBG *drbg)
*
* Returns 1 on success, 0 on failure.
*/
-int RAND_DRBG_enable_locking(RAND_DRBG *drbg)
+int rand_drbg_enable_locking(RAND_DRBG *drbg)
{
if (drbg->state != DRBG_UNINITIALISED) {
RANDerr(RAND_F_RAND_DRBG_ENABLE_LOCKING,
@@ -797,7 +797,7 @@ static RAND_DRBG *drbg_setup(RAND_DRBG *parent)
if (drbg == NULL)
return NULL;
-if (RAND_DRBG_enable_locking(drbg) == 0)
+if (rand_drbg_enable_locking(drbg) == 0)
goto err;
if (parent == NULL) {
@@ -869,9 +869,9 @@ static int drbg_bytes(unsigned char
[openssl-commits] [openssl] master update
The branch master has been updated via 87e17dc550318a7217dbb521603f0b096dff1764 (commit) from 0f4844a9d5eff470e1f1bfa4db4cc1fb90dc9a21 (commit) - Log - commit 87e17dc550318a7217dbb521603f0b096dff1764 Author: Dr. Matthias St. Pierre Date: Wed Feb 14 16:56:09 2018 +0100 PEM_read_bio_PrivateKey.pod: replace geek speek by something more serious Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5369) --- Summary of changes: doc/man3/PEM_read_bio_PrivateKey.pod | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index 67b99be..4ff5b2d 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -161,9 +161,9 @@ For more details about the meaning of arguments see the B section. Each operation has four functions associated with it. For -clarity the term "B functions" will be used to collectively -refer to the PEM_read_bio_foobar(), PEM_read_foobar(), -PEM_write_bio_foobar() and PEM_write_foobar() functions. +brevity the term "B functions" will be used below to collectively +refer to the PEM_read_bio_TYPE(), PEM_read_TYPE(), +PEM_write_bio_TYPE(), and PEM_write_TYPE() functions. The B functions read or write a private key in PEM format using an EVP_PKEY structure. The write routines use PKCS#8 private key format and are _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 7c60a968ce1a6a8290dd3a9418ae10e06327f424 (commit) from 6e99ae58c8e1b4a41ae376f91affc7992b0738f7 (commit) - Log - commit 7c60a968ce1a6a8290dd3a9418ae10e06327f424 Author: Dr. Matthias St. Pierre Date: Wed Feb 14 12:21:26 2018 +0100 d2i_X509.pod: clarify usage of the 'pp' function parameter The 'pp' function parameters of d2i_TYPE() and i2d_TYPE() are referenced in the DESCRIPTION section as 'in' resp. 'out'. This commit renames the references to 'ppin' resp. 'ppout' and adds an explaining sentence. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5365) --- Summary of changes: doc/man3/d2i_X509.pod | 20 +++- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/doc/man3/d2i_X509.pod b/doc/man3/d2i_X509.pod index 8096b39..80c5c9d 100644 --- a/doc/man3/d2i_X509.pod +++ b/doc/man3/d2i_X509.pod @@ -364,11 +364,11 @@ i2d_X509_VAL, =for comment generic - TYPE *d2i_TYPE(TYPE **a, unsigned char **pp, long length); + TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length); TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a); TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a); - int i2d_TYPE(TYPE *a, unsigned char **pp); + int i2d_TYPE(TYPE *a, unsigned char **ppout); int i2d_TYPE_fp(FILE *fp, TYPE *a); int i2d_TYPE_bio(BIO *bp, TYPE *a); @@ -376,14 +376,16 @@ i2d_X509_VAL, In the description here, I is used a placeholder for any of the OpenSSL datatypes, such as I. +The function parameters I and I are generally +either both named I in the headers, or I and I. These functions convert OpenSSL objects to and from their ASN.1/DER encoding. Unlike the C structures which can have pointers to sub-objects within, the DER is a serialized encoding, suitable for sending over the network, writing to a file, and so on. -d2i_TYPE() attempts to decode B bytes at B<*in>. If successful a -pointer to the B structure is returned and B<*in> is incremented to +d2i_TYPE() attempts to decode B bytes at B<*ppin>. If successful a +pointer to the B structure is returned and B<*ppin> is incremented to the byte following the parsed data. If B is not B then a pointer to the returned structure is also written to B<*a>. If an error occurred then B is returned. @@ -401,13 +403,13 @@ d2i_TYPE_fp() is similar to d2i_TYPE() except it attempts to parse data from FILE pointer B. i2d_TYPE() encodes the structure pointed to by B into DER format. -If B is not B, it writes the DER encoded data to the buffer -at B<*out>, and increments it to point after the data just written. +If B is not B, it writes the DER encoded data to the buffer +at B<*ppout>, and increments it to point after the data just written. If the return value is negative an error occurred, otherwise it returns the length of the encoded data. -If B<*out> is B memory will be allocated for a buffer and the encoded -data written to it. In this case B<*out> is not incremented and it points +If B<*ppout> is B memory will be allocated for a buffer and the encoded +data written to it. In this case B<*ppout> is not incremented and it points to the start of the data just written. i2d_TYPE_bio() is similar to i2d_TYPE() except it writes @@ -438,7 +440,7 @@ Therefore any FILE pointers or BIOs should be opened in binary mode. Functions such as strlen() will B return the correct length of the encoded structure. -The ways that B<*in> and B<*out> are incremented after the operation +The ways that B<*ppin> and B<*ppout> are incremented after the operation can trap the unwary. See the B section for some common errors. The reason for this-auto increment behaviour is to reflect a typical _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via d7c402c4f2d9c311a91616fd75c24a15afabe2e5 (commit) via 8164d91d1802e6173291dee50923cc60fcd3bf72 (commit) via 4f9dabbfe30c3539dd6cb0bd861ddb0127c11c20 (commit) via 3ce1c27b56fa9856693e5c98331cebaa2a3accfa (commit) from fcd21502737e96c031bff17fe6b6a432d07e3855 (commit) - Log - commit d7c402c4f2d9c311a91616fd75c24a15afabe2e5 Author: Dr. Matthias St. Pierre Date: Mon Feb 12 02:37:27 2018 +0100 OPENSSL_cleanup: cleanup secure memory If the global DRBGs are allocated on the secure heap, then calling CRYPTO_secure_malloc_done() inside main() will have no effect, unless OPENSSL_cleanup() has been called explicitely before that, because otherwise the DRBGs will still be allocated. So it is better to cleanup the secure heap automatically at the end of OPENSSL_cleanup(). Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5294) commit 8164d91d1802e6173291dee50923cc60fcd3bf72 Author: Dr. Matthias St. Pierre Date: Thu Feb 8 23:04:16 2018 +0100 DRBG: make the derivation function the default for ctr_drbg The NIST standard presents two alternative ways for seeding the CTR DRBG, depending on whether a derivation function is used or not. In Section 10.2.1 of NIST SP800-90Ar1 the following is assessed: The use of the derivation function is optional if either an approved RBG or an entropy source provides full entropy output when entropy input is requested by the DRBG mechanism. Otherwise, the derivation function shall be used. Since the OpenSSL DRBG supports being reseeded from low entropy random sources (using RAND_POOL), the use of a derivation function is mandatory. For that reason we change the default and replace the opt-in flag RAND_DRBG_FLAG_CTR_USE_DF with an opt-out flag RAND_DRBG_FLAG_CTR_NO_DF. This change simplifies the RAND_DRBG_new() calls. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5294) commit 4f9dabbfe30c3539dd6cb0bd861ddb0127c11c20 Author: Dr. Matthias St. Pierre Date: Thu Feb 8 22:46:23 2018 +0100 DRBG: unify initialization and cleanup code The functions drbg_setup() and drbg_cleanup() used to duplicate a lot of code from RAND_DRBG_new() and RAND_DRBG_free(). This duplication has been removed, which simplifies drbg_setup() and makes drbg_cleanup() obsolete. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5294) commit 3ce1c27b56fa9856693e5c98331cebaa2a3accfa Author: Dr. Matthias St. Pierre Date: Thu Feb 8 16:40:32 2018 +0100 DRBG: add locking api This commit adds three new accessors to the internal DRBG lock int RAND_DRBG_lock(RAND_DRBG *drbg) int RAND_DRBG_unlock(RAND_DRBG *drbg) int RAND_DRBG_enable_locking(RAND_DRBG *drbg) The three shared DRBGs are intended to be used concurrently, so they have locking enabled by default. It is the callers responsibility to guard access to the shared DRBGs by calls to RAND_DRBG_lock() and RAND_DRBG_unlock(). All other DRBG instances don't have locking enabled by default, because they are intendended to be used by a single thread. If it is desired, locking can be enabled by using RAND_DRBG_enable_locking(). Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5294) --- Summary of changes: crypto/err/openssl.txt| 3 + crypto/init.c | 2 + crypto/rand/drbg_ctr.c| 6 +- crypto/rand/drbg_lib.c| 167 +++--- crypto/rand/rand_err.c| 6 ++ crypto/rand/rand_lcl.h| 1 + crypto/rand/rand_lib.c| 17 +++-- include/internal/rand.h | 9 ++- include/openssl/randerr.h | 3 + ssl/ssl_lib.c | 3 +- test/drbgtest.c | 19 +++--- util/libcrypto.num| 4 ++ 12 files changed, 176 insertions(+), 64 deletions(-) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 3ed71fe..8d00463 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -890,6 +890,7 @@ RAND_F_DRBG_GET_ENTROPY:105:drbg_get_entropy RAND_F_DRBG_SETUP:117:drbg_setup RAND_F_GET_ENTROPY:106:get_entropy RAND_F_RAND_BYTES:100:RAND_bytes +RAND_F_RAND_DRBG_ENABLE_LOCKING:119:RAND_DRBG_enable_locking RAND_F_RAND_DRBG_GENERATE:107:RAND_DRBG_generate RAND_F_RAND_DRBG_INSTANTIATE:108:RAND_DRBG_instantiate RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new @@ -2256,6 +2257,7 @@ RAND_R_ADDITIONAL_INPUT_TOO_LONG:102:additional input too long RAND_R_ALREADY_INSTANTIATED:103:already instantiated RAND_R_ARGUMENT_OUT_OF_RANGE:105:argument out of range RAND_R_CANNOT_OPEN_FILE:121:Cannot open
[openssl-commits] [openssl] master update
The branch master has been updated via b9ed9ab38e492fa070c3d7ed63233e3debc36528 (commit) from 71cff963b4b3f8432e7fea4c94c138ca61b07d95 (commit) - Log - commit b9ed9ab38e492fa070c3d7ed63233e3debc36528 Author: Dr. Matthias St. Pierre Date: Fri Feb 9 08:52:56 2018 +0100 CRYPTO_THREAD_run_once.pod: fix typo and punktuation Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5293) --- Summary of changes: doc/man3/CRYPTO_THREAD_run_once.pod | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/man3/CRYPTO_THREAD_run_once.pod b/doc/man3/CRYPTO_THREAD_run_once.pod index 734d2d8..e57ae83 100644 --- a/doc/man3/CRYPTO_THREAD_run_once.pod +++ b/doc/man3/CRYPTO_THREAD_run_once.pod @@ -67,7 +67,7 @@ CRYPTO_THREAD_unlock() unlocks the previously locked B. =item * -CRYPTO_THREAD_lock_frees() frees the provided B. +CRYPTO_THREAD_lock_free() frees the provided B. =item * @@ -96,9 +96,9 @@ CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error. CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error. -CRYPTO_THREAD_lock_frees() returns no value. +CRYPTO_THREAD_lock_free() returns no value. -The other functions return 1 on success or 0 on error. +The other functions return 1 on success, or 0 on error. =head1 NOTES _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via f61f62ea13470a00ae8be691d62abec97f94f0ee (commit)
via 1648338ba1a63c19c7bae32170cd1d825b48eaee (commit)
via 58351fbd02e9960af199df99f6f003419c1487a4 (commit)
from 1c4b15458670aea5d3849d4b57b8c0ce34a54fbe (commit)
- Log -
commit f61f62ea13470a00ae8be691d62abec97f94f0ee
Author: Dr. Matthias St. Pierre
Date: Sat Feb 3 22:33:19 2018 +0100
Use RAND_DRBG_bytes() for RAND_bytes() and RAND_priv_bytes()
The functions RAND_bytes() and RAND_priv_bytes() are now both based
on a common implementation using RAND_DRBG_bytes() (if the default
OpenSSL rand method is active). This not only simplifies the code
but also has the advantage that additional input from a high precision
timer is added on every generate call if the timer is available.
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5251)
commit 1648338ba1a63c19c7bae32170cd1d825b48eaee
Author: Dr. Matthias St. Pierre
Date: Sat Feb 3 22:32:47 2018 +0100
Fix size limitation of RAND_DRBG_bytes()
When comparing the implementations of drbg_bytes() and RAND_DRBG_bytes(),
it was noticed that the former split the buffer into chunks when calling
RAND_DRBG_generate() to circumvent the size limitation of the buffer
to outlen <= drb->max_request. This loop was missing in RAND_DRBG_bytes(),
so it was adopted from drbg_bytes().
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5251)
commit 58351fbd02e9960af199df99f6f003419c1487a4
Author: Dr. Matthias St. Pierre
Date: Sat Feb 3 21:13:19 2018 +0100
drbg_bytes: remove check for DRBG_UNINITIALIZED state
This check not only prevented the automatic reinstantiation of the
DRBG, which is implemented in RAND_DRBG_generate(), but also prevented
an error message from being generated in the case of failure.
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5251)
---
Summary of changes:
crypto/rand/drbg_lib.c | 33 -
crypto/rand/rand_lib.c | 4 ++--
2 files changed, 18 insertions(+), 19 deletions(-)
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index cb2f9e8..4404e4f 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -546,10 +546,22 @@ int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out,
size_t outlen)
{
unsigned char *additional = NULL;
size_t additional_len;
+size_t chunk;
size_t ret;
additional_len = rand_drbg_get_additional_data(&additional,
drbg->max_adinlen);
-ret = RAND_DRBG_generate(drbg, out, outlen, 0, additional, additional_len);
+
+for ( ; outlen > 0; outlen -= chunk, out += chunk) {
+chunk = outlen;
+if (chunk > drbg->max_request)
+chunk = drbg->max_request;
+ret = RAND_DRBG_generate(drbg, out, chunk, 0, additional,
additional_len);
+if (!ret)
+goto err;
+}
+ret = 1;
+
+err:
if (additional_len != 0)
OPENSSL_secure_clear_free(additional, additional_len);
@@ -764,29 +776,16 @@ void rand_drbg_cleanup_int(void)
/* Implements the default OpenSSL RAND_bytes() method */
static int drbg_bytes(unsigned char *out, int count)
{
-int ret = 0;
-size_t chunk;
+int ret;
RAND_DRBG *drbg = RAND_DRBG_get0_public();
if (drbg == NULL)
return 0;
CRYPTO_THREAD_write_lock(drbg->lock);
-if (drbg->state == DRBG_UNINITIALISED)
-goto err;
-
-for ( ; count > 0; count -= chunk, out += chunk) {
-chunk = count;
-if (chunk > drbg->max_request)
-chunk = drbg->max_request;
-ret = RAND_DRBG_generate(drbg, out, chunk, 0, NULL, 0);
-if (!ret)
-goto err;
-}
-ret = 1;
-
-err:
+ret = RAND_DRBG_bytes(drbg, out, count);
CRYPTO_THREAD_unlock(drbg->lock);
+
return ret;
}
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 20ac583..e82a63e 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -719,7 +719,7 @@ int RAND_priv_bytes(unsigned char *buf, int num)
/* We have to lock the DRBG before generating bits from it. */
CRYPTO_THREAD_write_lock(drbg->lock);
-ret = RAND_DRBG_generate(drbg, buf, num, 0, NULL, 0);
+ret = RAND_DRBG_bytes(drbg, buf, num);
CRYPTO_THREAD_unlock(drbg->lock);
return re
[openssl-commits] [openssl] master update
The branch master has been updated via 2e230e8687486b71c113915b864d6b1f6d465ed1 (commit) from 85d6ad34aa0158fb25538e116e611e6b858d3638 (commit) - Log - commit 2e230e8687486b71c113915b864d6b1f6d465ed1 Author: Dr. Matthias St. Pierre Date: Tue Jan 30 23:53:57 2018 +0100 crypto/rand/rand_lib.c: fix undefined reference to `clock_gettime' Some older glibc versions require the `-lrt` linker option for resolving the reference to `clock_gettime'. Since it is not desired to add new library dependencies in version 1.1.1, the call to clock_gettime() is replaced by a call to gettimeofday() for the moment. It will be added back in version 1.2. Signed-off-by: Dr. Matthias St. Pierre Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/5199) --- Summary of changes: crypto/rand/rand_lib.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 3824d93..ab03356 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -210,13 +210,15 @@ size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len) size_t len; #ifdef OPENSSL_SYS_UNIX pid_t pid; -struct timespec ts; +struct timeval tv; #elif defined(OPENSSL_SYS_WIN32) DWORD pid; FILETIME ft; LARGE_INTEGER pc; #endif +#ifdef OPENSSL_CPUID_OBJ uint32_t tsc = 0; +#endif pool = RAND_POOL_new(0, 0, max_len); if (pool == NULL) @@ -241,12 +243,10 @@ size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len) #endif #ifdef OPENSSL_SYS_UNIX -if (tsc == 0 && clock_gettime(CLOCK_MONOTONIC, &ts) == 0) -RAND_POOL_add(pool, (unsigned char *)&ts, sizeof(ts), 0); -if (clock_gettime(CLOCK_REALTIME, &ts) == 0) -RAND_POOL_add(pool, (unsigned char *)&ts, sizeof(ts), 0); +if (gettimeofday(&tv, NULL) == 0) +RAND_POOL_add(pool, (unsigned char *)&tv, sizeof(tv), 0); #elif defined(OPENSSL_SYS_WIN32) -if (tsc == 0 && QueryPerformanceCounter(&pc) != 0) +if (QueryPerformanceCounter(&pc) != 0) RAND_POOL_add(pool, (unsigned char *)&pc, sizeof(pc), 0); GetSystemTimeAsFileTime(&ft); RAND_POOL_add(pool, (unsigned char *)&ft, sizeof(ft), 0); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via 20928ff635772182fe8696d618a19f9101a5370f (commit)
from 1af66bb7241268f96554136387126d280efab75d (commit)
- Log -
commit 20928ff635772182fe8696d618a19f9101a5370f
Author: Kurt Roeckx
Date: Fri Nov 17 15:00:35 2017 +0100
Add RAND_DRBG_bytes
Reviewed-by: Paul Dale
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/4752)
---
Summary of changes:
crypto/rand/drbg_lib.c | 22 +++
crypto/rand/rand_lcl.h | 1 +
crypto/rand/rand_lib.c | 74 +
include/internal/rand.h | 2 ++
ssl/ssl_lib.c | 6 ++--
util/libcrypto.num | 1 +
6 files changed, 104 insertions(+), 2 deletions(-)
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index 5d3d0f2..5e6bdce 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -535,6 +535,28 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char
*out, size_t outlen,
}
/*
+ * Generates |outlen| random bytes and stores them in |out|. It will
+ * using the given |drbg| to generate the bytes.
+ *
+ * Requires that drbg->lock is already locked for write, if non-null.
+ *
+ * Returns 1 on success 0 on failure.
+ */
+int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen)
+{
+unsigned char *additional = NULL;
+size_t additional_len;
+size_t ret;
+
+additional_len = rand_drbg_get_additional_data(&additional,
drbg->max_adinlen);
+ret = RAND_DRBG_generate(drbg, out, outlen, 0, additional, additional_len);
+if (additional_len != 0)
+OPENSSL_secure_clear_free(additional, additional_len);
+
+return ret;
+}
+
+/*
* Set the RAND_DRBG callbacks for obtaining entropy and nonce.
*
* In the following, the signature and the semantics of the
diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index 5f859d5..e3c0b76 100644
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -215,6 +215,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
int entropy, size_t min_len, size_t max_len);
void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
unsigned char *out, size_t outlen);
+size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len);
/* DRBG helpers */
int rand_drbg_restart(RAND_DRBG *drbg,
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 07f5427..3824d93 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -15,6 +15,12 @@
#include
#include "internal/thread_once.h"
#include "rand_lcl.h"
+#ifdef OPENSSL_SYS_UNIX
+# include
+# include
+# include
+#endif
+#include "e_os.h"
#ifndef OPENSSL_NO_ENGINE
/* non-NULL if default_RAND_meth is ENGINE-provided */
@@ -187,6 +193,74 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
return ret;
}
+/*
+ * Generate additional data that can be used for the drbg. The data does
+ * not need to contain entropy, but it's useful if it contains at least
+ * some bits that are unpredictable.
+ *
+ * Returns 0 on failure.
+ *
+ * On success it allocates a buffer at |*pout| and returns the length of
+ * the data. The buffer should get freed using OPENSSL_secure_clear_free().
+ */
+size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len)
+{
+RAND_POOL *pool;
+CRYPTO_THREAD_ID thread_id;
+size_t len;
+#ifdef OPENSSL_SYS_UNIX
+pid_t pid;
+struct timespec ts;
+#elif defined(OPENSSL_SYS_WIN32)
+DWORD pid;
+FILETIME ft;
+LARGE_INTEGER pc;
+#endif
+uint32_t tsc = 0;
+
+pool = RAND_POOL_new(0, 0, max_len);
+if (pool == NULL)
+return 0;
+
+#ifdef OPENSSL_SYS_UNIX
+pid = getpid();
+RAND_POOL_add(pool, (unsigned char *)&pid, sizeof(pid), 0);
+#elif defined(OPENSSL_SYS_WIN32)
+pid = GetCurrentProcessId();
+RAND_POOL_add(pool, (unsigned char *)&pid, sizeof(pid), 0);
+#endif
+
+thread_id = CRYPTO_THREAD_get_current_id();
+if (thread_id != 0)
+RAND_POOL_add(pool, (unsigned char *)&thread_id, sizeof(thread_id), 0);
+
+#ifdef OPENSSL_CPUID_OBJ
+tsc = OPENSSL_rdtsc();
+if (tsc != 0)
+RAND_POOL_add(pool, (unsigned char *)&tsc, sizeof(tsc), 0);
+#endif
+
+#ifdef OPENSSL_SYS_UNIX
+if (tsc == 0 && clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
+RAND_POOL_add(pool, (unsigned char *)&ts, sizeof(ts), 0);
+if (clock_gettime(CLOCK_REALTIME, &ts) == 0)
+RAND_POOL_add(pool, (unsigned char *)&ts, sizeof(ts), 0);
+#elif defined(OPENSSL_SYS_WIN32)
+if (tsc == 0 && QueryPerformanceCounter(&pc) != 0)
+RAND_POOL_add(pool, (unsigned char *)&pc, sizeof(pc), 0);
+GetSystemTimeAsFileTime(&ft);
+RAND_POOL_add(pool, (
[openssl-commits] [openssl] master update
The branch master has been updated
via 1af66bb7241268f96554136387126d280efab75d (commit)
from 0f5a77521961117df53256651ae7bca6dd8b54a2 (commit)
- Log -
commit 1af66bb7241268f96554136387126d280efab75d
Author: nickthetait
Date: Sun Jan 28 20:15:23 2018 +0100
Create troubleshooting subsection in INSTALL file
Fixes: #5130
Reviewed-by: Rich Salz
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5178)
---
Summary of changes:
INSTALL | 28
1 file changed, 20 insertions(+), 8 deletions(-)
diff --git a/INSTALL b/INSTALL
index 3130fbe..006f72d 100644
--- a/INSTALL
+++ b/INSTALL
@@ -736,22 +736,34 @@
("openssl"). The libraries will be built in the top-level directory,
and the binary will be in the "apps" subdirectory.
+ Troubleshooting:
+
If the build fails, look at the output. There may be reasons
for the failure that aren't problems in OpenSSL itself (like
- missing standard headers). If you are having problems you can
- get help by sending an email to the openssl-users email list (see
+ missing standard headers).
+
+ If the build succeeded previously, but fails after a source or
+ configuration change, it might be helpful to clean the build tree
+ before attempting another build. Use this command:
+
+ $ make clean # Unix
+ $ mms clean ! (or mmk) OpenVMS
+ $ nmake clean# Windows
+
+ Assembler error messages can sometimes be sidestepped by using the
+ "no-asm" configuration option.
+
+ Compiling parts of OpenSSL with gcc and others with the system
+ compiler will result in unresolved symbols on some systems.
+
+ If you are still having problems you can get help by sending an email
+ to the openssl-users email list (see
https://www.openssl.org/community/mailinglists.html for details). If
it is a bug with OpenSSL itself, please open an issue on GitHub, at
https://github.com/openssl/openssl/issues. Please review the existing
ones first; maybe the bug was already reported or has already been
fixed.
- (If you encounter assembler error messages, try the "no-asm"
- configuration option as an immediate fix.)
-
- Compiling parts of OpenSSL with gcc and others with the system
- compiler will result in unresolved symbols on some systems.
-
3. After a successful build, the libraries should be tested. Run:
$ make test # Unix
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated
via f0bbf36599e0dd41e20ee653a7323babc5a4deab (commit)
from 3c0c6b97e1910258bfac31be407c2d8b8cded76c (commit)
- Log -
commit f0bbf36599e0dd41e20ee653a7323babc5a4deab
Author: Steve Linsell
Date: Sun Jan 28 12:01:04 2018 +0100
Update copyright year in mkerr.pl
Reviewed-by: Richard Levitte
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5166)
---
Summary of changes:
util/mkerr.pl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/util/mkerr.pl b/util/mkerr.pl
index 51177b9..52a44c9 100755
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -702,7 +702,7 @@ if ( $newstate ) {
open(OUT, ">$statefile.new")
|| die "Can't write $statefile.new, $!";
print OUT <<"EOF";
-# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-$YEAR The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
