| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
|
| |
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
| |
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
Don't check for NULL before calling a free routine. This gets X509_.*free:
x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free
X509_STORE_free X509_STORE_CTX_free X509_PKEY_free
X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
| |
Do not check for NULL before calling a free routine. This addresses:
ASN1_BIT_STRING_free ASN1_GENERALIZEDTIME_free ASN1_INTEGER_free
ASN1_OBJECT_free ASN1_OCTET_STRING_free ASN1_PCTX_free ASN1_SCTX_free
ASN1_STRING_clear_free ASN1_STRING_free ASN1_TYPE_free
ASN1_UTCTIME_free M_ASN1_free_of
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
| |
PR#3789
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With no more symlinks, there's no need for those variables, or the links
target. This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.
Also, removed METHTEST from test/Makefile. It looks like an old test that's
forgotten...
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.
Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
| |
Update code to use ASN1_TYPE_pack_sequence and ASN1_TYPE_unpack_sequence
instead of performing the same operation manually.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
|
|
|
|
|
| |
EVP_.*free; this gets:
EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
|
|
|
| |
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
| |
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
|
| |
Move ASN.1 internals used across multiple directories into new internal
header file asn1_int.h remove crypto/Makefile hack which allowed other
directories to include "asn1_locl.h"
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
|
|
|
| |
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Exported headers shouldn't be included as "foo.h" by code from the same
module, it should only do so for module-internal headers. This is
because the symlinking of exported headers (from include/openssl/foo.h
to crypto/foo/foo.h) is being removed, and the exported headers are
being moved to the include/openssl/ directory instead.
Change-Id: I4c1d80849544713308ddc6999a549848afc25f94
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
| |
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| | |
|
| |
|
|
| |
PR#3249
|
| |
|
|
|
|
|
|
| |
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.
PR#3348
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.
|
| |
|
|
|
| |
Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
|
| |
|
|
|
|
|
|
| |
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.
Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
|
| |
|
|
|
| |
Add hooks to support key agreement recipient info type (KARI) using
algorithm specific code in the relevant public key ASN1 method.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Add support for customisation of CMS handling of signed and enveloped
data from custom public key parameters.
This will provide support for RSA-PSS and RSA-OAEP but could also be
applied to other algorithms.
|
| |
|
|
|
|
|
|
| |
Add CMS_RecipientInfo_encrypt: this function encrypts an existing content
encryption key to match the key in the RecipientInfo structure: this is
useful if a new recpient is added to and existing enveloped data structure.
Add documentation.
|
| | |
|
| | |
|
| |
|
|
| |
Make sure tkeylen is initialised properly when encrypting CMS messages.
|
| |
|
|
|
|
|
|
| |
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
|
| |
|
|
| |
aspirational __owur annotations.
|
| | |
|
| |
|
|
|
| |
e_os2.h, this should fix WIN32 compilation issues and hopefully avoid
conflicts with other headers which may workaround ssize_t in different ways.
|
| | |
|
| | |
|
| | |
|
