root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
35,941 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

93 Commits

Author SHA1 Message Date
Rich Salz 349807608f Remove /* foo.c */ comments 
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-01-26 16:40:43 -05:00
Matt Caswell 90945fa31a Continue standardising malloc style for libcrypto 
Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2015-11-09 22:48:41 +00:00
Dr. Stephen Henson a187e08d85 Err isn't always malloc failure. 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-08-12 13:54:56 +01:00
Rich Salz 7fba8407cc RT3917: add cleanup on an error path 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-06-21 17:52:12 -04:00
Richard Levitte b39fc56061 Identify and move common internal libcrypto header files 
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-05-14 17:21:40 +02:00
Rich Salz 75ebbd9aa4 Use p==NULL not !p (in if statements, mainly) 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-11 10:06:38 -04:00
Rich Salz 25aaa98aa2 free NULL cleanup -- coda 
After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-01 14:37:16 -04:00
Rich Salz 222561fe8e free NULL cleanup 5a 
Don't check for NULL before calling a free routine.  This gets X509_.*free:
    x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
    X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
    X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-04-30 17:33:59 -04:00
Rich Salz ca3a82c3b3 free NULL cleanup 
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-03-25 11:31:18 -04:00
Dr. Stephen Henson 5fe736e5fc Move some ASN.1 internals to asn1_int.h 
Move ASN.1 internals used across multiple directories into new internal
header file asn1_int.h remove crypto/Makefile hack which allowed other
directories to include "asn1_locl.h"

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-03-24 12:03:36 +00:00
Matt Caswell 0f113f3ee4 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:09 +00:00
Dr. Stephen Henson 0bcb17a777 Return an error if no recipient type matches. 
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
 2014-05-09 14:24:54 +01:00
Dr. Stephen Henson 847865d0f9 Add suppot for ASCII with CRLF canonicalisation. 2014-02-13 14:35:56 +00:00
Dr. Stephen Henson cd30f03ac5 Canonicalise input in CMS_verify. 
If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.
 2013-12-22 00:35:29 +00:00
Dr. Stephen Henson 17c2764d2e CMS support for key agreeement recipient info. 
Add hooks to support key agreement recipient info type (KARI) using
algorithm specific code in the relevant public key ASN1 method.
 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson 146b52edd1 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:31:39 +00:00
Dr. Stephen Henson eb1c48be6f Add new type ossl_ssize_t instead of ssize_t and move definitions to 
e_os2.h, this should fix WIN32 compilation issues and hopefully avoid
conflicts with other headers which may workaround ssize_t in different ways.
 2010-07-26 18:15:59 +00:00
Dr. Stephen Henson d2a53c2238 Experimental CMS password based recipient Info support. 2009-11-26 18:57:39 +00:00
Dr. Stephen Henson 73ba116e96 Update from stable branch. 2009-03-25 12:54:14 +00:00
Dr. Stephen Henson 54571ba004 Use correct ctx name. 2009-03-15 14:03:47 +00:00
Dr. Stephen Henson 237d7b6cae Fix from stable branch. 2009-03-15 13:37:34 +00:00
Dr. Stephen Henson d0c3628834 Set memory BIOs up properly when stripping text headers from S/MIME messages. 2008-11-21 18:18:13 +00:00
Dr. Stephen Henson 6d6c47980e Correctly handle errors in CMS I/O code. 2008-08-05 15:55:53 +00:00
Dr. Stephen Henson e6ef05d5f3 Make certs argument work in CMS_sign() add test case. 
PR:1664
 2008-04-18 11:18:20 +00:00
Dr. Stephen Henson 852bd35065 Fix prototype for CMS_decrypt(), don't free up detached content. 2008-04-11 23:45:52 +00:00
Dr. Stephen Henson a5db50d005 Revert argument swap change... oops CMS_uncompress() was consistent... 2008-04-11 23:23:18 +00:00
Dr. Stephen Henson 529d329ce1 Make CMS_uncompress() argument order consistent with other functions. 2008-04-11 17:34:13 +00:00
Dr. Stephen Henson c02b6b6b21 Fix for compression and updated CMS_final(). 2008-04-11 17:07:01 +00:00
Dr. Stephen Henson e0fbd07309 Add additional parameter to CMS_final() to handle detached content. 2008-04-10 11:22:14 +00:00
Dr. Stephen Henson eaee098e1f Ignore nonsensical flags for signed receipts. 2008-04-10 11:12:42 +00:00
Dr. Stephen Henson 853eae51e0 Implement CMS_NOCRL. 2008-04-07 11:00:44 +00:00
Dr. Stephen Henson 36309aa2be Signed receipt generation code. 2008-03-28 19:43:16 +00:00
Dr. Stephen Henson eb9d8d8cd4 Support for verification of signed receipts. 2008-03-28 13:15:39 +00:00
Dr. Stephen Henson eeb9cdfc94 Add support for KEK decrypt in cms utility. 2008-03-19 18:39:51 +00:00
Dr. Stephen Henson e4f0e40eac Various tidies/fixes: 
Make streaming support in cms cleaner.

Note errors in various S/MIME functions if CMS_final() fails.

Add streaming support for enveloped data.
 2008-03-18 13:45:43 +00:00
Dr. Stephen Henson 6e3bc4f073 More support for KEK RecipientInfo. 
Generalise RecipientInfo and enveloped data handling so applications can
add their own key lookup routines as well as using the standard ones.
 2008-03-18 01:00:38 +00:00
Dr. Stephen Henson 761ffa729f Preliminary support for enveloped data content type creation. 
Fix signed data creation so versions are only corrected if structure is
being created.
 2008-03-17 13:38:51 +00:00
Dr. Stephen Henson 4f1aa191b3 Initial support for enveloped data decrypt. Extent runex.pl to cover these 
examples. All RFC4134 examples can not be processed.
 2008-03-15 23:21:33 +00:00
Dr. Stephen Henson e540d1cd77 Check for cipher BIO errors and set key length after parameter decode. 2008-03-15 13:37:32 +00:00
Dr. Stephen Henson fd47c36136 Return error if no cipher set for encrypted data type. 
Update CHANGES.
 2008-03-15 00:02:23 +00:00
Dr. Stephen Henson 320bfc1be7 Reorganise encrypted content info code to avoid duplication and be more 
consistent with other content types.
 2008-03-14 19:37:56 +00:00
Dr. Stephen Henson b820455c6e Encrypted Data type processing. Add options to cms utility and run section 7 
tests in RFC4134.
 2008-03-14 13:21:48 +00:00
Dr. Stephen Henson 8931b30d84 And so it begins... 
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
 2008-03-12 21:14:28 +00:00