#
eddbb78f |
| 01-Nov-2023 |
Tomas Mraz |
When changing IV length invalidate previously set IV Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/o
When changing IV length invalidate previously set IV Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22590)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
79d70225 |
| 08-May-2023 |
Pauli |
gcm: use the new faster param location mechanism. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/
gcm: use the new faster param location mechanism. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20935)
show more ...
|
#
e84b5fcc |
| 05-May-2023 |
Pauli |
params: provide a faster TRIE based param lookup. The separate file is a Perl script that generates the appropriate define directives for inclusion in core_names.h. By having this separ
params: provide a faster TRIE based param lookup. The separate file is a Perl script that generates the appropriate define directives for inclusion in core_names.h. By having this separation it will be possible to prebuild data structures to give faster access when looking up parameters by name. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20935)
show more ...
|
#
3ebcb2ff |
| 25-Jul-2022 |
Pauli |
GCM: record limit counter gets reset on AAD changes It shouldn't be. This moves the reset to the init function instead and only does the reset on a key change. Reviewed-by: Hug
GCM: record limit counter gets reset on AAD changes It shouldn't be. This moves the reset to the init function instead and only does the reset on a key change. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18860)
show more ...
|
#
c55c7d02 |
| 13-Jul-2021 |
Pauli |
Remove lower limit on GCM mode ciphers Fixes #16057 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://gith
Remove lower limit on GCM mode ciphers Fixes #16057 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16064)
show more ...
|
#
965fa9c0 |
| 28-May-2021 |
Pauli |
prov: add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
83da94ff |
| 02-Mar-2021 |
Pauli |
prov: support params argument to common cipher init calls Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
|
#
8f42380a |
| 02-Mar-2021 |
Pauli |
prov: support params argument to RCx ciphers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
e36b3c2f |
| 17-Feb-2021 |
Shane Lontis |
Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20
Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20_initctx, ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt, ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params, ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx PROV_CIPHER_HW_des_*, padblock, unpadblock, tlsunpadblock, fillblock, trailingdata Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14209)
show more ...
|
Revision tags: OpenSSL_1_1_1j |
|
#
f5f29796 |
| 05-Feb-2021 |
Tomas Mraz |
Various cleanup of PROV_R_ reason codes Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.c
Various cleanup of PROV_R_ reason codes Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14086)
show more ...
|
#
2741128e |
| 05-Feb-2021 |
Tomas Mraz |
Move the PROV_R reason codes to a public header The PROV_R codes can be returned to applications so it is useful to have some common set of provider reason codes for the applications
Move the PROV_R reason codes to a public header The PROV_R codes can be returned to applications so it is useful to have some common set of provider reason codes for the applications or third party providers. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14086)
show more ...
|
Revision tags: openssl-3.0.0-alpha11 |
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
#
0d83b7b9 |
| 14-Jan-2021 |
Tomas Mraz |
Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_up
Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870)
show more ...
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
a829b735 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' This change makes the naming more consistent, because three different terms were used for the same thing. (The term
Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' This change makes the naming more consistent, because three different terms were used for the same thing. (The term libctx was used by far most often.) Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
f99d3eed |
| 08-Sep-2020 |
Pauli |
ciphers: add FIPS error state handling The functions that check for the provider being runnable are: new, init, final and dupctx. Reviewed-by: Matt Caswell <matt@openssl.org>
ciphers: add FIPS error state handling The functions that check for the provider being runnable are: new, init, final and dupctx. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12801)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
ef58f9af |
| 20-Jun-2020 |
Benjamin Kaduk |
Make GCM providers more generous about fetching IVs The current check for iv_gen and iv_gen_rand only lets you fetch the IV for the case when it was set internally. It might also make
Make GCM providers more generous about fetching IVs The current check for iv_gen and iv_gen_rand only lets you fetch the IV for the case when it was set internally. It might also make sense to fetch the IV if one was set at cipher-context creation time, so switch to checking the iv_state, which should be enough to ensure that there is valid data in the context to be copied out. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233)
show more ...
|
#
84890268 |
| 19-Jun-2020 |
Benjamin Kaduk |
Support cipher provider "iv state" Some modes (e.g., CBC and OFB) update the effective IV with each block-cipher invocation, making the "IV" stored in the (historically) EVP_CIPHER_C
Support cipher provider "iv state" Some modes (e.g., CBC and OFB) update the effective IV with each block-cipher invocation, making the "IV" stored in the (historically) EVP_CIPHER_CTX or (current) PROV_CIPHER_CTX distinct from the initial IV passed in at cipher initialization time. The latter is stored in the "oiv" (original IV) field, and has historically been accessible via the EVP_CIPHER_CTX_original_iv() API. The "effective IV" has also historically been accessible, via both EVP_CIPHER_CTX_iv() and EVP_CIPHER_CTX_iv_noconst(), the latter of which allows for *write* access to the internal cipher state. This is particularly problematic given that provider-internal cipher state need not, in general, even be accessible from the same address space as libcrypto, so these APIs are not sustainable in the long term. However, it still remains necessary to provide access to the contents of the "IV state" (e.g., when serializing cipher state for in-kernel TLS); a subsequent reinitialization of a cipher context using the "IV state" as the input IV will be able to resume processing of data in a compatible manner. This problem was introduced in commit 089cb623be76b88a1eea6fcd135101037661bbc3, which effectively caused all IV queries to return the "original IV", removing access to the current IV state of the cipher. These functions for accessing the (even the "original") IV had remained undocumented for quite some time, presumably due to unease about exposing the internals of the cipher state in such a manner. Note that this also as a side effect "fixes" some "bugs" where things had been referring to the 'iv' field that should have been using the 'oiv' field. It also fixes the EVP_CTRL_GET_IV cipher control, which was clearly intended to expose the non-original IV, for use exporting the cipher state into the kernel for kTLS. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233)
show more ...
|
#
ee0c849e |
| 22-Jun-2020 |
Matt Caswell |
Ensure GCM "update" failures return 0 on error EVP_CipherUpdate is supposed to return 1 for success or 0 for error. However for GCM ciphers it was sometimes returning -1 for error.
Ensure GCM "update" failures return 0 on error EVP_CipherUpdate is supposed to return 1 for success or 0 for error. However for GCM ciphers it was sometimes returning -1 for error. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12288)
show more ...
|
Revision tags: openssl-3.0.0-alpha3 |
|
#
7cc5e0d2 |
| 01-Jun-2020 |
Benjamin Kaduk |
Allow oversized buffers for provider cipher IV fetch When we're fetching an IV, there's no need to enforce that the provided buffer is exactly the same size as the IV we want to writ
Allow oversized buffers for provider cipher IV fetch When we're fetching an IV, there's no need to enforce that the provided buffer is exactly the same size as the IV we want to write into it. This might happen, for example, when EVP_CIPHER_CTX_iv_noconst() passes sizeof(ctx->iv) (that is, EVP_MAX_IV_LENGTH) for an AES-GCM cipher that uses a shorter IV. AES-OCB and CCM were also affected. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12039)
show more ...
|
#
320d96a3 |
| 01-Jun-2020 |
Benjamin Kaduk |
Set cipher IV as octet string and pointer from providers OSSL_CIPHER_PARAM_IV can be accessed both as an octet string and as an octet pointer (for routines like EVP_CIPHER_CTX_iv() that
Set cipher IV as octet string and pointer from providers OSSL_CIPHER_PARAM_IV can be accessed both as an octet string and as an octet pointer (for routines like EVP_CIPHER_CTX_iv() that are in a nebulous undocumented-and-might-go-away-eventually state), the latter for when there is need to modify the actual value in the provider. Make sure that we consistently try to set it as both the string and pointer forms (not just octet string) and only fail if neither version succeeds. The generic cipher get_ctx_params routine was already doing so, but the AES-variant-, GCM-, and CCM-specific ones were not. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12039)
show more ...
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
993ebac9 |
| 15-Jan-2020 |
Matt Caswell |
Convert rand_bytes_ex and rand_priv_bytes_ex to public functions These were initially added as internal functions only. However they will also need to be used by libssl as well. Therefor
Convert rand_bytes_ex and rand_priv_bytes_ex to public functions These were initially added as internal functions only. However they will also need to be used by libssl as well. Therefore it make sense to move them into the public API. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10864)
show more ...
|
Revision tags: OpenSSL_1_0_2u |
|
#
11b44359 |
| 14-Oct-2019 |
Shane Lontis |
Add GCM support for EVP_CTRL_GCM_IV_GEN and EVP_CTRL_GCM_SET_IV_INV to providers Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10173)
|
#
68a51d59 |
| 03-Dec-2019 |
Richard Levitte |
Move providers/common/{ciphers,digests}/* to providers/implementations The idea to have all these things in providers/common was viable as long as the implementations was spread around t
Move providers/common/{ciphers,digests}/* to providers/implementations The idea to have all these things in providers/common was viable as long as the implementations was spread around their main providers. This is, however, no longer the case, so we move the common blocks closer to the source that use them. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10564)
show more ...
|