#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
576a3572 |
| 04-Jan-2024 |
Holger Dengler |
Fix partial block encryption in cfb and ofb for s390x Use the number of processed bytes information (num) from the generic cipher context for the partial block handling in cfb and ofb, i
Fix partial block encryption in cfb and ofb for s390x Use the number of processed bytes information (num) from the generic cipher context for the partial block handling in cfb and ofb, instead of keep this information in the s390x-specific part of the cipher context. The information in the generic context is reset properly, even if the context is re-initialized without resetting the key or iv. Fixes: #23175 Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23201)
show more ...
|
#
ff555f81 |
| 28-May-2021 |
Juergen Christ |
Fix CipherInit on s390x. Various different initialization sequences led to bugs on s390x due to caching and processing during key setting. Since, e.g., the direction does not necess
Fix CipherInit on s390x. Various different initialization sequences led to bugs on s390x due to caching and processing during key setting. Since, e.g., the direction does not necessarily have to be correct during initialization, this produced bugs in s390x which were not present on other architectures. Fix this by recomputing the function codes on the fly during updates and final operations. Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15521)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
732a4d15 |
| 27-Jan-2021 |
Juergen Christ |
Fix cipher reinit on s390x if no key is specified If key==null on EVP_CipherInit_ex, the init functions for the hardware implementation is not called. The s390x implementation of OFB an
Fix cipher reinit on s390x if no key is specified If key==null on EVP_CipherInit_ex, the init functions for the hardware implementation is not called. The s390x implementation of OFB and CFB mode used the init function to copy the IV into the hardware causing test failures on cipher reinit. Fix this by moving the copy operation into the cipher operation. Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/13984)
show more ...
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
eec0ad10 |
| 15-Oct-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13144)
|
#
592dcfd3 |
| 29-Sep-2020 |
Pauli |
prov: prefix all exposed 'cipher' symbols with ossl_ Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13030)
|
Revision tags: OpenSSL_1_1_1h, openssl-3.0.0-alpha6 |
|
#
52015015 |
| 21-Jul-2020 |
Benjamin Kaduk |
Expose S390x HW ciphers' IV state to provider layer The S390x hardware-accelerated cipher implementations keep their IV state in an internal structure tied to the underlying implementati
Expose S390x HW ciphers' IV state to provider layer The S390x hardware-accelerated cipher implementations keep their IV state in an internal structure tied to the underlying implementation. However, the provider itself needs to be able to expose the IV state to libcrypto when processing the "iv-state" parameter. In the absence of a S390x hardware-specific get_ctx_params() implementation, be sure to copy the IV state from the hw-specific structure back to the generic PROV_CIPHER_CTX object after each cipher operation in order to synchronize the internal and fetchable state. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233)
show more ...
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
dbca0364 |
| 18-Nov-2019 |
Shane Lontis |
fix s390 compile error due to missing comma. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10467)
|
#
f75abcc0 |
| 18-Nov-2019 |
Shane Lontis |
Fix Use after free when copying cipher ctx Fixes #10438 issue found by clusterfuzz/ossfuzz The dest was getting a copy of the src structure which contained a pointer that should
Fix Use after free when copying cipher ctx Fixes #10438 issue found by clusterfuzz/ossfuzz The dest was getting a copy of the src structure which contained a pointer that should point to an offset inside itself - because of the copy it was pointing to the original structure. The setup for a ctx is mainly done by the initkey method in the PROV_CIPHER_HW structure. Because of this it makes sense that the structure should also contain a copyctx method that is use to resolve any pointers that need to be setup. A dup_ctx has been added to the cipher_enc tests in evp_test. It does a dup after setup and then frees the original ctx. This detects any floating pointers in the duplicated context that were pointing back to the freed ctx. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10443)
show more ...
|
#
604e884b |
| 04-Oct-2019 |
Richard Levitte |
Providers: move all ciphers From providers/{common,default}/ to providers/implementations/ Except for common code, which remains in providers/common/ciphers/. However, we do mov
Providers: move all ciphers From providers/{common,default}/ to providers/implementations/ Except for common code, which remains in providers/common/ciphers/. However, we do move providers/common/include/internal/ciphers/*.h to providers/common/include/prov/, and adjust all source including any of those header files. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10088)
show more ...
|