| ae08ed08 | 02-Feb-2023 |
Richard Levitte |
Fix more VMS inclusions
inclusing quic/quic_local.h from ssl/ssl_lib.c presented another challenge
for the current VMS C. Since ssl/quic/quic_local.h in turn includes
../ssl_local.h
Fix more VMS inclusions
inclusing quic/quic_local.h from ssl/ssl_lib.c presented another challenge
for the current VMS C. Since ssl/quic/quic_local.h in turn includes
../ssl_local.h, we compensated for with the usual whack-a-mole in
Configurations/descrip.mms.tmpl.
As far as my personal tests go, this seems to be the last fix of this sort,
so far.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20196)
show more ...
|
| 03fd2dcb | 03-Feb-2023 |
Tomas Mraz |
Internaly declare the DSA type for no-deprecated builds
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 7
Internaly declare the DSA type for no-deprecated builds
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 7a21a1b5fa2dac438892cf3292d1f9c445d870d9)
(cherry picked from commit 2ad9928170768653d19d81881deabc5f9c1665c0)
show more ...
|
| 4072a762 | 05-Feb-2023 |
Pauli |
remove EdDSA from changes entry about non-fips algorithms
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://
remove EdDSA from changes entry about non-fips algorithms
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20219)
show more ...
|
| 92c0e33e | 05-Feb-2023 |
Pauli |
doc: remove EdDSA from list of non-FIPS algorithms.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github
doc: remove EdDSA from list of non-FIPS algorithms.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20219)
show more ...
|
| 09627a8c | 05-Feb-2023 |
Pauli |
Put EdDSA back as approved algorithms.
With FIPS 186-5 being published, these can again be validated.
https://csrc.nist.gov/publications/detail/fips/186/5/final
Reviewed-by: Sha
Put EdDSA back as approved algorithms.
With FIPS 186-5 being published, these can again be validated.
https://csrc.nist.gov/publications/detail/fips/186/5/final
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20219)
show more ...
|
| 98283a61 | 24-Jun-2021 |
Dmitry Belyavskiy |
Enable some disabled __owurs
Fixes #15902
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Enable some disabled __owurs
Fixes #15902
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/15905)
show more ...
|
| 1bb5ce7a | 19-Jan-2023 |
Tomas Mraz |
Additional testcase for missing return check of BIO_set_md() calls
This tests the handling of PKCS7 signedAndEnveloped type.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-
Additional testcase for missing return check of BIO_set_md() calls
This tests the handling of PKCS7 signedAndEnveloped type.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| 35da6af1 | 18-Jan-2023 |
Tomas Mraz |
Support signedAndEnveloped content in PKCS7_decrypt()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org> |
| c47b6fe9 | 18-Jan-2023 |
Tomas Mraz |
Add testcase for missing return check of BIO_set_md() calls
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org> |
| 6eebe6c0 | 18-Jan-2023 |
Tomas Mraz |
pk7_doit.c: Check return of BIO_set_md() calls
These calls invoke EVP_DigestInit() which can fail for digests
with implicit fetches. Subsequent EVP_DigestUpdate() from BIO_write()
or
pk7_doit.c: Check return of BIO_set_md() calls
These calls invoke EVP_DigestInit() which can fail for digests
with implicit fetches. Subsequent EVP_DigestUpdate() from BIO_write()
or EVP_DigestFinal() from BIO_read() will segfault on NULL
dereference. This can be triggered by an attacker providing
PKCS7 data digested with MD4 for example if the legacy provider
is not loaded.
If BIO_set_md() fails the md BIO cannot be used.
CVE-2023-0401
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| 7880536f | 17-Jan-2023 |
Hugo Landau |
Fix GENERAL_NAME_cmp for x400Address (master)
CVE-2023-0286
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org> |
| adf77d66 | 13-Jan-2023 |
Tomas Mraz |
Add test for DSA pubkey without param import and check
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 604247bf | 13-Jan-2023 |
Tomas Mraz |
Do not create DSA keys without parameters by decoder
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 9ac82e2e | 13-Jan-2023 |
Tomas Mraz |
Prevent creating DSA and DH keys without parameters through import
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| bcec03c3 | 11-Jan-2023 |
slontis |
Fix NULL deference when validating FFC public key.
Fixes CVE-2023-0217
When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NUL
Fix NULL deference when validating FFC public key.
Fixes CVE-2023-0217
When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.
As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| 3436f9c2 | 16-Jan-2023 |
Tomas Mraz |
Add test for d2i_PKCS7 NULL dereference
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 80253dbd | 16-Jan-2023 |
Tomas Mraz |
Do not dereference PKCS7 object data if not set
Fixes CVE-2023-0216
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 625faca9 | 14-Dec-2022 |
Matt Caswell |
Check CMS failure during BIO setup with -stream is handled correctly
Test for the issue fixed in the previous commit
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Toma
Check CMS failure during BIO setup with -stream is handled correctly
Test for the issue fixed in the previous commit
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| 9cc85002 | 14-Dec-2022 |
Matt Caswell |
Fix a UAF resulting from a bug in BIO_new_NDEF
If the aux->asn1_cb() call fails in BIO_new_NDEF then the "out" BIO will
be part of an invalid BIO chain. This causes a "use after free" wh
Fix a UAF resulting from a bug in BIO_new_NDEF
If the aux->asn1_cb() call fails in BIO_new_NDEF then the "out" BIO will
be part of an invalid BIO chain. This causes a "use after free" when the
BIO is eventually freed.
Based on an original patch by Viktor Dukhovni and an idea from Theo
Buehler.
Thanks to Octavio Galland for reporting this issue.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| dc341a46 | 13-Dec-2022 |
Matt Caswell |
Add a test for CVE-2022-4450
Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.
Add a test for CVE-2022-4450
Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| ee6243f3 | 13-Dec-2022 |
Matt Caswell |
Avoid dangling ptrs in header and data params for PEM_read_bio_ex
In the event of a failure in PEM_read_bio_ex() we free the buffers we
allocated for the header and data buffers. However
Avoid dangling ptrs in header and data params for PEM_read_bio_ex
In the event of a failure in PEM_read_bio_ex() we free the buffers we
allocated for the header and data buffers. However we were not clearing
the ptrs stored in *header and *data. Since, on success, the caller is
responsible for freeing these ptrs this can potentially lead to a double
free if the caller frees them even on failure.
Thanks to Dawei Wang for reporting this issue.
Based on a proposed patch by Kurt Roeckx.
CVE-2022-4450
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| b1892d21 | 30-Nov-2022 |
Dmitry Belyavskiy |
Fix Timing Oracle in RSA decryption
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network
Fix Timing Oracle in RSA decryption
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA
padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
Patch written by Dmitry Belyavsky and Hubert Kario
CVE-2022-4304
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| 96e77bd3 | 13-Dec-2022 |
Tomas Mraz |
Add testcase for nc_match_single type confusion
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org> |
| 748f478f | 13-Dec-2022 |
Viktor Dukhovni |
Fix type confusion in nc_match_single()
This function assumes that if the "gen" is an OtherName, then the "base"
is a rfc822Name constraint. This assumption is not true in all cases.
Fix type confusion in nc_match_single()
This function assumes that if the "gen" is an OtherName, then the "base"
is a rfc822Name constraint. This assumption is not true in all cases.
If the end-entity certificate contains an OtherName SAN of any type besides
SmtpUtf8Mailbox and the CA certificate contains a name constraint of
OtherName (of any type), then "nc_email_eai" will be invoked, with the
OTHERNAME "base" being incorrectly interpreted as a ASN1_IA5STRING.
Reported by Corey Bonnell from Digicert.
CVE-2022-4203
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
show more ...
|
| cded5d05 | 03-Feb-2023 |
Xu Yizhou |
Fix SM4-XTS build failure on Mac mini M1
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Fix SM4-XTS build failure on Mac mini M1
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20202)
show more ...
|
