| Age | Commit message (Collapse) | Author |
|---|
|
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5)
Conflicts:
crypto/x509v3/pcy_tree.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960)
Conflicts:
crypto/bn/bn_lcl.h
crypto/bn/bn_prime.c
crypto/engine/eng_all.c
crypto/rc4/rc4_utl.c
crypto/sha/sha.h
ssl/kssl.c
ssl/t1_lib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
RT: 3607
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 9e557ab2624d5c5e8d799c123f5e8211664d8845)
|
|
Various build fixes, mostly uncovered by clang's unused-const-variable
and unused-function errors.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit af6e2d51bfeabbae827030d4c9d58a8f7477c4a0)
|
|
ECDH_compute_key is silently ignored and the KDF is run on duff data
Thanks to github user tomykaira for the suggested fix.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 8d02bebddf4b69f7f260adfed4be4f498dcbd16c)
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit e04d426bf98ebb22abf0f15b6f09d333a6e8b2ad)
|
|
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit be07ae9b10ea57242baa1f15291af162442531d6)
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 16e5b45f72cd69b71ca28e84044d2354e068888c)
|
|
RT: 3149
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
|
|
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4d3fa06fce52682bfbc503c7ded2d0289e3f8cde)
|
|
Submitted by Shay Gueron, Intel Corp.
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit f54be179aa4cbbd944728771d7d59ed588158a12)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 6019cdd327526beb25a4c31c1ef63e72f5f8a4b0)
Resolved conflicts:
Configure
Makefile.org
TABLE
|
|
This is a more comprehensive fix. It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1. This is from
Kurt's upstream Debian changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 44e0c2bae4bfd87d770480902618dbccde84fd81)
|
|
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
|
|
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit ed383f847156940e93f256fed78599873a4a9b28)
|
|
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:
-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit b391570bdeb386d4fd325917c248d593d3c43930)
|
|
group_order_tests (ectest.c). Also fix the EC_POINTs_mul documentation (ec.h).
Reviewed-by: emilia@openssl.org
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 1433cac53c93f9f109290389f60b17078a572d3d)
|
|
(which didn't always handle value 0 correctly).
Reviewed-by: emilia@openssl.org
|
|
PR#2569
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit cba11f57ce161fd301a72194827327128191de7e)
|
|
|
|
PR: 3338
|
|
Fix eckey_priv_encode to return an error on failure of i2d_ECPrivateKey.
|
|
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be3483259de374f91e57d247d0fc667aef29)
Conflicts:
CHANGES
|
|
|
|
(cherry picked from commit 08b433540416c5bc9a874ba0343e35ba490c65f1)
|
|
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.
Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
(cherry picked from commit dc1ce3bc64845d16314af1f11acf5384e4ae9b34)
|
|
Check and set AlgorithmIdenfier parameters for key wrap algorithms.
Currently these just set parameters to NULL.
(cherry picked from commit e61f5d55bc0072e75023be8971ae6e849643f466)
|
|
Add support for ECDH in enveloped data. The CMS ctrls for the EC ASN1
method decode/encode the appropriate parameters from the CMS ASN1 data
and send appropriate data to the EC public key method.
(cherry picked from commit 88e20b8584a78c803eca7aa9fcf8c46ff0ece4ae)
|
|
Add X9.62 KDF to EC EVP_PKEY_METHOD.
(cherry picked from commit 25af7a5dbc05c7359d1d7f472d50d65a9d876b7e)
|
|
(cherry picked from commit 810639536cfa66df0c232fa4f15a7e5f00f31ce8)
|
|
- EC_GROUP_cmp shouldn't consider curves equal just because
the curve name is the same. (They really *should* be the same
in this case, but there's an EC_GROUP_set_curve_name API,
which could be misused.)
- EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
equality (not an error).
Reported by: king cope
(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
|
|
Don't check for binary curves by checking methods: the values will
be different in FIPS mode as they are redirected to the validated module
version.
(cherry picked from commit 94782e0e9c28bd872107b8f814f4db68c9fbf5ab)
|
|
parameter encoding option
(cherry picked from commit 24edfa9df9e6315b107b7c2d8ce0634208e8c350)
|
|
Submitted by: Adam Langley
|
|
|
|
|
|
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>
Add Brainpool curves from RFC5639.
Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
|
|
between NIDs and the more common NIST names such as "P-256". Enhance
ecparam utility and ECC method to recognise the NIST names for curves.
(backport from HEAD)
|
|
|
|
|
|
|
|
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
|
|
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
|
|
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)
Submitted by: Google Inc.
|
|
|
|
|
|
New functionality to allow default DRBG type to be set during compilation
or during runtime.
|
|
using OBJ xref utilities instead of string comparison with OID name.
This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
|
