History log of /openssl/crypto/evp/encode.c (Results 1 – 25 of 54)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 7ed6de99 05-Sep-2024 Tomas Mraz

Copyright year updates


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes


# 0cd9dd70 21-Aug-2024 Viktor Dukhovni

Improve base64 BIO correctness and error reporting

Also improve related documentation.

- The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only
leading and trailin

Improve base64 BIO correctness and error reporting

Also improve related documentation.

- The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only
leading and trailing, but not internal, whitespace was supported:

$ echo 'AA AA' | openssl base64 -A -d | wc -c
0

- Switching from ignored leading input to valid base64 input misbehaved
when the length of the skipped input was one more than the length of
the second and subsequent valid base64 lines in the internal 1k
buffer:

$ printf '#foo\n#bar\nA\nAAA\nAAAA\n' | openssl base64 -d | wc -c
0

- When the underlying BIO is retriable, and a read returns less than
1k of data, some of the already buffered input lines that could have
been decoded and returned were retained internally for a retry by the
caller. This is somewhat surprising, and the new code decodes as many
of the buffered lines as possible. Issue reported by Michał Trojnara.

- After all valid data has been read, the next BIO_read(3) should
return 0 when the input was all valid or -1 if an error was detected.
This now occurs in more consistently, but further tests and code
refactoring may be needed to ensure this always happens.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25253)

show more ...


Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4
# fbd2ece1 25-Jun-2020 Matt Caswell

Update copyright year

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12273)


# 6f72b210 15-Jun-2020 haykam821 <24855774+haykam821@users.noreply.github.com>

Remove whitespace from 'white space'

CLA: trivial

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged

Remove whitespace from 'white space'

CLA: trivial

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12161)

show more ...


# 0800288e 13-Jun-2020 Richard Levitte

EVP: allow empty strings to EVP_Decode* functions

This is a simple check order correction.

Fixes #12143

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <p

EVP: allow empty strings to EVP_Decode* functions

This is a simple check order correction.

Fixes #12143

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12144)

show more ...


Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u
# 706457b7 27-Sep-2019 Dr. Matthias St. Pierre

Reorganize local header files

Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
direc

Reorganize local header files

Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like

'*_lcl.h', '*_local.h', or '*_int.h'

This commit changes the different suffixes to '*_local.h' uniformly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)

show more ...


# 25f2138b 27-Sep-2019 Dr. Matthias St. Pierre

Reorganize private crypto header files

Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

W

Reorganize private crypto header files

Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

#include "internal/file.h" # located in 'include/internal'
#include "internal/file_int.h" # located in 'crypto/include/internal'

This commit moves the private crypto headers from

'crypto/include/internal' to 'include/crypto'

As a result, the include directives become unambiguous

#include "internal/file.h" # located in 'include/internal'
#include "crypto/file.h" # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)

show more ...


Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b
# 9fdcc21f 15-Jan-2019 David von Oheimb

constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell

constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8029)

show more ...


Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i
# 5a285add 21-Jun-2018 David Makepeace

Added new EVP/KDF API.
Changed PKEY/KDF API to call the new API.
Added wrappers for PKCS5_PBKDF2_HMAC() and EVP_PBE_scrypt() to call the new EVP KDF APIs.
Documentation updated.

Added new EVP/KDF API.
Changed PKEY/KDF API to call the new API.
Added wrappers for PKCS5_PBKDF2_HMAC() and EVP_PBE_scrypt() to call the new EVP KDF APIs.
Documentation updated.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6674)

show more ...


# 4a8b0c55 06-Dec-2018 Richard Levitte

Following the license change, modify the boilerplates in crypto/evp/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/

Following the license change, modify the boilerplates in crypto/evp/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7794)

show more ...


Revision tags: OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5
# 28428130 17-Apr-2018 Richard Levitte

Update copyright year

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5990)


# 3fd59700 09-Apr-2018 Matt Caswell

Add support for the SRP base64 alphabet

Historically we used to implement standalone base64 code for SRP. This
was replaced by commit 3d3f21aa with the standard base64 processing code.

Add support for the SRP base64 alphabet

Historically we used to implement standalone base64 code for SRP. This
was replaced by commit 3d3f21aa with the standard base64 processing code.

However, the SRP base64 code was designed to be compatible with other SRP
libraries (notably libsrp, but also others) that use a variant of standard
base64. Specifically a different alphabet is used and no padding '='
characters are used. Instead 0 padding is added to the front of the string.
By changing to standard base64 we change the behaviour of the API which may
impact interoperability. It also means that SRP verifier files created prior
to 1.1.1 would not be readable in 1.1.1 and vice versa.

Instead we expand our standard base64 processing with the capability to be
able to read and generate the SRP base64 variant.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5925)

show more ...


# c0804614 09-Apr-2018 Matt Caswell

Change SRP functions to use EVP_EncodeUpdate/EVP_DecodeUpdate functions

Previously they were using EVP_EncodeBlock/EVP_DecodeBlock. These are low
level functions that do not handle paddi

Change SRP functions to use EVP_EncodeUpdate/EVP_DecodeUpdate functions

Previously they were using EVP_EncodeBlock/EVP_DecodeBlock. These are low
level functions that do not handle padding characters. This was causing
the SRP code to fail. One side effect of using EVP_EncodeUpdate is that
it inserts newlines which is not what we need in SRP so we add a flag to
avoid that.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5925)

show more ...


Revision tags: OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g
# 26a7d938 17-Oct-2017 KaoruToda

Remove parentheses of return.

Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt

Remove parentheses of return.

Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)

show more ...


# 208fb891 09-Oct-2017 KaoruToda

Since return is inconsistent, I removed unnecessary parentheses and
unified them.
- return (0); -> return 0;
- return (1); -> return 1;
- return (-1); -> return -1;

Reviewed-

Since return is inconsistent, I removed unnecessary parentheses and
unified them.
- return (0); -> return 0;
- return (1); -> return 1;
- return (-1); -> return -1;

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4500)

show more ...


Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6
# c1054bb4 24-Jul-2016 Jakub Zelenka

Add EVP_ENCODE_CTX_copy

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1344)


# 2cdce3e3 28-Jun-2016 Emilia Kasper

base64 macro: parenthesize for clarity

Reviewed-by: Richard Levitte <levitte@openssl.org>


Revision tags: OpenSSL-fips-2_0_13, OpenSSL_1_0_1t, OpenSSL_1_0_2h
# cf3404fc 25-Apr-2016 Matt Caswell

Change the return type of EVP_EncodeUpdate

Previously EVP_EncodeUpdate returned a void. However there are a couple
of error conditions that can occur. Therefore the return type has been

Change the return type of EVP_EncodeUpdate

Previously EVP_EncodeUpdate returned a void. However there are a couple
of error conditions that can occur. Therefore the return type has been
changed to an int, with 0 indicating error and 1 indicating success.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...


# 62867571 17-May-2016 Rich Salz

Copyright consolidation 04/10

Reviewed-by: Richard Levitte <levitte@openssl.org>


# 2bd5d70c 25-Apr-2016 Matt Caswell

Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. T

Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...


Revision tags: OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4
# ee1e3cac 04-Mar-2016 Matt Caswell

Avoid overflow in EVP_EncodeUpdate

An overflow can occur in the EVP_EncodeUpdate function which is used for
Base64 encoding of binary data. If an attacker is able to supply very large

Avoid overflow in EVP_EncodeUpdate

An overflow can occur in the EVP_EncodeUpdate function which is used for
Base64 encoding of binary data. If an attacker is able to supply very large
amounts of input data then a length check can overflow resulting in a heap
corruption. Due to the very large amounts of data involved this will most
likely result in a crash.

Internally to OpenSSL the EVP_EncodeUpdate function is primarly used by the
PEM_write_bio* family of functions. These are mainly used within the
OpenSSL command line applications, so any application which processes
data from an untrusted source and outputs it as a PEM file should be
considered vulnerable to this issue.

User applications that call these APIs directly with large amounts of
untrusted data may also be vulnerable.

Issue reported by Guido Vranken.

CVE-2016-2105

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...


Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12
# 43ecb9c3 08-Feb-2016 Rich Salz

GH641: Don't care openssl_zmalloc

Don't cast malloc-family return values.
Also found some places where (a) blank line was missing; and (b)
the *wrong* return value was checked.

GH641: Don't care openssl_zmalloc

Don't cast malloc-family return values.
Also found some places where (a) blank line was missing; and (b)
the *wrong* return value was checked.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...


Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2
# 34980760 18-Dec-2015 Rich Salz

Remove /* foo.c */ comments

This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1

Remove /* foo.c */ comments

This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

show more ...


# a0be4fd1 11-Dec-2015 Richard Levitte

Make EVP_ENCODE_CTX opaque

Reviewed-by: Rich Salz <rsalz@openssl.org>


Revision tags: OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e
# 4fe1cbdf 19-Sep-2015 Viktor Dukhovni

Fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>


123