|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
fc27fca8 |
| 09-Mar-2021 |
Shane Lontis |
Add ossl_bn_group symbols
Partial fix for #12964
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
| #
6d2a1eff |
| 05-Feb-2021 |
Matt Caswell |
Deprecate the low level SRP APIs
The OTC decided that all low level APIs should be deprecated. This extends
to SRP, even though at the current time there is no "EVP" interface to it.
Deprecate the low level SRP APIs
The OTC decided that all low level APIs should be deprecated. This extends
to SRP, even though at the current time there is no "EVP" interface to it.
This could be added in a future release.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14132)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha11 |
|
| #
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)
|
|
Revision tags: openssl-3.0.0-alpha10 |
|
| #
5b57aa24 |
| 06-Jan-2021 |
Matt Caswell |
Ensure SRP BN_mod_exp follows the constant time path
SRP_Calc_client_key calls BN_mod_exp with private data. However it was
not setting BN_FLG_CONSTTIME and therefore not using the const
Ensure SRP BN_mod_exp follows the constant time path
SRP_Calc_client_key calls BN_mod_exp with private data. However it was
not setting BN_FLG_CONSTTIME and therefore not using the constant time
implementation. This could be exploited in a side channel attack to
recover the password.
Since the attack is local host only this is outside of the current OpenSSL
threat model and therefore no CVE is assigned.
Thanks to Mohammed Sabt and Daniel De Almeida Braga for reporting this
issue.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13888)
show more ...
|
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
| #
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
|
Revision tags: OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
| #
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
|
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f |
|
| #
e85982c7 |
| 20-Mar-2020 |
Matt Caswell |
Make SRP library context aware
In order for the TLS SRP tests to pass when using a non-default library
context the underlying SRP calls need to be library context aware.
Reviewe
Make SRP library context aware
In order for the TLS SRP tests to pass when using a non-default library
context the underlying SRP calls need to be library context aware.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11410)
show more ...
|
|
Revision tags: OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
| #
25f2138b |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
W
Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.
To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:
#include "internal/file.h" # located in 'include/internal'
#include "internal/file_int.h" # located in 'crypto/include/internal'
This commit moves the private crypto headers from
'crypto/include/internal' to 'include/crypto'
As a result, the include directives become unambiguous
#include "internal/file.h" # located in 'include/internal'
#include "crypto/file.h" # located in 'include/crypto'
hence the superfluous '_int.h' suffixes can be stripped.
The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
d63bde78 |
| 14-Jan-2019 |
Matt Caswell |
Check more return values in the SRP code
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8019)
|
| #
7428b99b |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/srp/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/
Following the license change, modify the boilerplates in crypto/srp/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7819)
show more ...
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a |
|
| #
495a1e5c |
| 25-Oct-2018 |
Antoine Salon |
SRP module documentation
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged
SRP module documentation
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7522)
show more ...
|
|
Revision tags: OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3 |
|
| #
3b855b1f |
| 13-Mar-2018 |
Tim Hudson |
update SRP copyright notice
As per discussion with Peter Sylvester
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5603)
|
|
Revision tags: OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c |
|
| #
8f332ac9 |
| 29-Sep-2016 |
Dr. Stephen Henson |
SRP code tidy.
Tidy up srp_Calc_k and SRP_Calc_u by making them a special case of
srp_Calc_xy which performs SHA1(PAD(x) | PAD(y)).
This addresses an OCAP Audit issue.
SRP code tidy.
Tidy up srp_Calc_k and SRP_Calc_u by making them a special case of
srp_Calc_xy which performs SHA1(PAD(x) | PAD(y)).
This addresses an OCAP Audit issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0 |
|
| #
4162c7d3 |
| 22-Aug-2016 |
Matt Caswell |
Fix mem leak on error path
The mem pointed to by cAB can be leaked on an error path.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
85d6b09d |
| 22-Aug-2016 |
Matt Caswell |
Fix mem leak on error path
The mem pointed to by cAB can be leaked on an error path.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| #
c72b8e06 |
| 22-Aug-2016 |
Matt Caswell |
Fix mem leak on error path
The mem pointed to by tmp can be leaked on an error path.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
| #
d166ed8c |
| 18-Jun-2016 |
Dr. Stephen Henson |
check return values for EVP_Digest*() APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
98370c2d |
| 15-Jun-2016 |
Matt Caswell |
constify SRP
Add const qualifiers to lots of SRP stuff. This started out as an effort
to silence some "type-punning" warnings on OpenBSD...but the fix was to
have proper const correc
constify SRP
Add const qualifiers to lots of SRP stuff. This started out as an effort
to silence some "type-punning" warnings on OpenBSD...but the fix was to
have proper const correctness in SRP.
RT4378
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h |
|
| #
308ff286 |
| 25-Apr-2016 |
Matt Caswell |
Fix error return value in SRP functions
The functions SRP_Calc_client_key() and SRP_Calc_server_key() were
incorrectly returning a valid pointer in the event of error.
Issue rep
Fix error return value in SRP functions
The functions SRP_Calc_client_key() and SRP_Calc_server_key() were
incorrectly returning a valid pointer in the event of error.
Issue reported by Yuan Jochen Kang
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
c9141a43 |
| 01-May-2016 |
Cynh |
Fix SRP client key computation
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #1017
|
| #
aa6bb135 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 05/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4, OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12 |
|
| #
0d4fb843 |
| 05-Feb-2016 |
FdaSilvaYY |
GH601: Various spelling fixes.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2 |
|
| #
34980760 |
| 18-Dec-2015 |
Rich Salz |
Remove /* foo.c */ comments
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1
Remove /* foo.c */ comments
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_1_0-pre1 |
|
| #
39d51932 |
| 07-Dec-2015 |
Richard Levitte |
Fix clang complaints about uninitialised variables.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Revision tags: OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e |
|
| #
bfb0641f |
| 01-Dec-2015 |
Richard Levitte |
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy)
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
