| Age | Commit message (Collapse) | Author |
|---|
|
Some hardware devices don't provide the public EC_POINT data. The only
way for X509_check_private_key() to validate that the key matches a
given certificate is to actually perform a sign operation and then
verify it using the public key in the certificate.
Maybe that can come later, as discussed in issue 1532. But for now let's
at least make it fail gracefully and not crash.
GH: 1532
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1547)
(cherry picked from commit 92ed7fa575a80955f3bb6efefca9bf576a953586)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit d3034d31e7c04b334dd245504dd4f56e513ca115)
|
|
RT#4625
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit e3057a57caf4274ea1fb074518e4714059dfcabf)
|
|
Addition was not preserving inputs' property of being fully reduced.
Thanks to Brian Smith for reporting this.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b62b2454fadfccaf5e055a1810d72174c2633b8f)
|
|
Thanks to Brian Smith for reporting this.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
RT#4611
Reviewed-by: Stephen Henson <steve@openssl.org>
(cherry picked from commit b8a7bd83e68405fdf595077973035ac6fe24cb97)
|
|
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1293)
|
|
Don't copy parameters is they're already present in the destination.
Return error if an attempt is made to copy different parameters to
destination. Update documentation.
If key type is not initialised return missing parameters
RT#4149
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit f72f00d49549c6620d7101f5e9bf7963da6df9ee)
|
|
RT#4363
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
(cherry picked from commit 2ab851b779a77d119e1677b2495b368a46d83eef)
Conflicts:
crypto/ec/ec_key.c
|
|
RT#4284
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d93753412b455907b4dc09427ccd2382209d9af2)
|
|
Add tests for have_precompute_mult for the optimised curves (nistp224,
nistp256 and nistp521) if present
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 8ce4e7e605577cb5818de068e2c6da60901cddba)
|
|
During precomputation if the group given is well known then we memcpy a
well known precomputation. However we go the wrong label in the code and
don't store the data properly. Consequently if we call have_precompute_mult
the data isn't there and we return 0.
RT#3600
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 615614c8862fb89dcf1551a4e113be0789dddf5f)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit dd67493c344d9d98413d2ee7fd2b6fa9411d975c)
|
|
Some URLs in the source code ended up getting mangled by indent. This fixes
it. Based on a patch supplied by Arnaud Lacombe <al@aerilon.ca>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
RT#4171
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit b9749432346f69b29d82070041e71b237d718ce7)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
RT#4142
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 76eba0d94bb418325be6409b272eac5e2bd4a0a9)
Resolved conflicts:
crypto/bn/asm/x86_64-mont.pl
crypto/bn/asm/x86_64-mont5.pl
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
MR #1005
(cherry picked from commit a46c9789ce2aecedceef119e9883513c7a49f1ca)
|
|
The |z| value should be 0x04 not 0x02
RT#3838
Signed-off-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 91d2728b38b1df930f337e163816a0fc9580b6a6)
|
|
EC_KEY_set_public_key_affine_coordinates was using some variables that only
apply if OPENSSL_NO_EC2M is not defined.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(cherry picked from commit 8d11b7c7ee84ad0aa243476088285d15b22c5470)
|
|
The function EC_POINT_is_on_curve does not return a boolean value.
It returns 1 if the point is on the curve, 0 if it is not, and -1
on error. Many usages within OpenSSL were incorrectly using this
function and therefore not correctly handling error conditions.
With thanks to the Open Crypto Audit Project for reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 68886be7e2cd395a759fcd41d2cede461b68843d)
|
|
RT#3858
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 71f6130b7a96bacbffae4611796ed98c2f724d96)
|
|
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0f539dc1a2f45580435c39dada44dd276e79cb88)
Conflicts:
Makefile.org
apps/Makefile
test/Makefile
|
|
Add a sanity check to the print_bin function to ensure that the |off|
argument is positive. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 3deeeeb61b0c5b9b5f0993a67b7967d2f85186da)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 6038354cf8ca0792420c1ac0ce50d6d2f0aedebf)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a4d5269e6d0dba0c276c968448a3576f7604666a)
|
|
Cosmetic, no real effect.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 4446044a793a9103a4bc70c0214005e6a4463767)
|
|
Thanks to Brian Smith for reporting these issues.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Thanks to Brian Smith for reporting these issues.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 53dd4ddf71ad79a64be934ca19445b1cf560adab)
|
|
Also add a few comments about constant-timeness.
Thanks to Brian Smith for reporting this issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
RFC5915 requires the use of the I2OSP primitive as defined in RFC3447
for storing an EC Private Key. This converts the private key into an
OCTETSTRING and retains any leading zeros. This commit ensures that those
leading zeros are present if required.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 30cd4ff294252c4b6a4b69cbef6a5b4117705d22)
Conflicts:
crypto/ec/ec_asn1.c
|
|
performance data.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit b06a6f7cc44baa0c17207a8f72c4ac360be7b555)
|
|
Reported by the LibreSSL project as a follow on to CVE-2015-0209
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Other curves don't have this problem.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 9fbbdd73c58c29dc46cc314f7165e45e6d43fd60)
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
|
Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org>
CVE-2015-0209
Reviewed-by: Emilia Käsper <emilia@openssl.org>
|
|
PR#3673
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
This should be a one off operation (subsequent invokation of the
script should not move them)
This commit is for the 1.0.2 changes
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/dsa/dsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl_locl.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/ec/ecp_nistz256.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/ec/ecp_nistz256.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/hmac/hmac.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Conflicts:
crypto/bn/bn.h
crypto/ec/ec_lcl.h
crypto/rsa/rsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl.h
ssl/ssl3.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
apps/ciphers.c
ssl/s3_pkt.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
