summaryrefslogtreecommitdiffstats
path: root/crypto/pkcs7 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Adjust all accesses to EVP_MD_CTX to use accessor functions.Richard Levitte2015-12-071-22/+36
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Continue standardising malloc style for libcryptoMatt Caswell2015-11-092-8/+10
| | | | | | | Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Rebuild error source files.Dr. Stephen Henson2015-11-051-19/+13
| | | | | | | Rebuild error source files: the new mkerr.pl functionality will now pick up and translate static function names properly. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove useless codeAlessandro Ghedini2015-10-231-1/+0
| | | | | | | RT#4081 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add GOST12 cms/smime capabilitiesMatt Caswell2015-09-301-0/+2
| | | | | | | | | Add additional NID references in the CMS/SMIME capabilities code to cater for GOST12. Patch supplied by Dmitry Belyavsky <beldmit@gmail.com> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove warning about use of uninitialised variableRichard Levitte2015-09-061-2/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Avoid direct X509 structure accessDr. Stephen Henson2015-09-061-3/+3
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* RT3955: Reduce some stack usageRich Salz2015-09-051-20/+34
| | | | | | Use malloc/free instead of big onstack buffers. Reviewed-by: Tim Hudson <tjh@openssl.org>
* Add X509_up_ref function.Dr. Stephen Henson2015-09-011-2/+2
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add X509_CRL_up_ref functionDr. Stephen Henson2015-09-011-1/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* GH354: Memory leak fixesAlessandro Ghedini2015-08-281-20/+6
| | | | | | | | | | | | Fix more potential leaks in X509_verify_cert() Fix memory leak in ClientHello test Fix memory leak in gost2814789 test Fix potential memory leak in PKCS7_verify() Fix potential memory leaks in X509_add1_reject_object() Refactor to use "goto err" in cleanup. Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* PKCS#7: Fix NULL dereference with missing EncryptedContent.Emilia Kasper2015-06-111-1/+15
| | | | | | CVE-2015-1790 Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix the update target and remove duplicate file updatesRichard Levitte2015-05-221-0/+2
| | | | | | | | | | | | | | | We had updates of certain header files in both Makefile.org and the Makefile in the directory the header file lived in. This is error prone and also sometimes generates slightly different results (usually just a comment that differs) depending on which way the update was done. This removes the file update targets from the top level Makefile, adds an update: target in all Makefiles and has it depend on the depend: or local_depend: targets, whichever is appropriate, so we don't get a double run through the whole file tree. Reviewed-by: Rich Salz <rsalz@openssl.org>
* make dependRichard Levitte2015-05-141-5/+8
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Identify and move common internal libcrypto header filesRichard Levitte2015-05-147-7/+7
| | | | | | | | | | | | | There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org>
* Use p==NULL not !p (in if statements, mainly)Rich Salz2015-05-114-24/+24
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* free null cleanup finaleRich Salz2015-05-011-5/+3
| | | | | | Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
* free cleanup almost the finaleRich Salz2015-04-301-33/+15
| | | | | | | | | | Add OPENSSL_clear_free which merges cleanse and free. (Names was picked to be similar to BN_clear_free, etc.) Removed OPENSSL_freeFunc macro. Fixed the small simple ones that are left: CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked Reviewed-by: Richard Levitte <levitte@openssl.org>
* free NULL cleanup 5aRich Salz2015-04-302-6/+3
| | | | | | | | | Don't check for NULL before calling a free routine. This gets X509_.*free: x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free X509_STORE_free X509_STORE_CTX_free X509_PKEY_free X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free Reviewed-by: Richard Levitte <levitte@openssl.org>
* free NULL cleanup 9Rich Salz2015-04-111-10/+5
| | | | | | | | | | | | Ongoing work to skip NULL check before calling free routine. This gets: ecp_nistz256_pre_comp_free nistp224_pre_comp_free nistp256_pre_comp_free nistp521_pre_comp_free PKCS7_free PKCS7_RECIP_INFO_free PKCS7_SIGNER_INFO_free sk_PKCS7_pop_free PKCS8_PRIV_KEY_INFO_free PKCS12_free PKCS12_SAFEBAG_free PKCS12_free sk_PKCS12_SAFEBAG_pop_free SSL_CONF_CTX_free SSL_CTX_free SSL_SESSION_free SSL_free ssl_cert_free ssl_sess_cert_free Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevantRichard Levitte2015-03-311-18/+2
| | | | | | | | | | | | With no more symlinks, there's no need for those variables, or the links target. This also goes for all install: and uninstall: targets that do nothing but copy $(EXHEADER) files, since that's now taken care of by the top Makefile. Also, removed METHTEST from test/Makefile. It looks like an old test that's forgotten... Reviewed-by: Rich Salz <rsalz@openssl.org>
* Stop symlinking, move files to intended directoryRichard Levitte2015-03-311-480/+0
| | | | | | | | | | | | | Rather than making include/openssl/foo.h a symlink to crypto/foo/foo.h, this change moves the file to include/openssl/foo.h once and for all. Likewise, move crypto/foo/footest.c to test/footest.c, instead of symlinking it there. Originally-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* free NULL cleanupRich Salz2015-03-282-10/+6
| | | | | | | | | EVP_.*free; this gets: EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* free NULL cleanupRich Salz2015-03-251-19/+10
| | | | | | | This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free BIO_free BIO_free_all BIO_vfree Reviewed-by: Matt Caswell <matt@openssl.org>
* RAND_bytes updatesMatt Caswell2015-03-251-1/+1
| | | | | | | Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: Richard Levitte <levitte@openssl.org>
* make dependDr. Stephen Henson2015-03-241-1/+1
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* Move some ASN.1 internals to asn1_int.hDr. Stephen Henson2015-03-241-1/+1
| | | | | | | | Move ASN.1 internals used across multiple directories into new internal header file asn1_int.h remove crypto/Makefile hack which allowed other directories to include "asn1_locl.h" Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove old ASN.1 code.Dr. Stephen Henson2015-03-232-13/+13
| | | | | | | | | Remove old M_ASN1_ macros and replace any occurences with the corresponding function. Remove d2i_ASN1_bytes, d2i_ASN1_SET, i2d_ASN1_SET: no longer used internally. Reviewed-by: Rich Salz <rsalz@openssl.org>
* PKCS#7: avoid NULL pointer dereferences with missing contentEmilia Kasper2015-03-192-14/+76
| | | | | | | | | | | | | | | | | | | In PKCS#7, the ASN.1 content component is optional. This typically applies to inner content (detached signatures), however we must also handle unexpected missing outer content correctly. This patch only addresses functions reachable from parsing, decryption and verification, and functions otherwise associated with reading potentially untrusted data. Correcting all low-level API calls requires further work. CVE-2015-0289 Thanks to Michal Zalewski (Google) for reporting this issue. Reviewed-by: Steve Henson <steve@openssl.org>
* Make X509_ATTRIBUTE opaque.Dr. Stephen Henson2015-03-161-17/+5
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove obsolete declarations.Dr. Stephen Henson2015-03-121-4/+0
| | | | | | | Remove DECLARE_ASN1_SET_OF and DECLARE_PKCS12_STACK_OF these haven't been used internally in OpenSSL for some time. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Dead code removal: #if 0 asn1, pkcs7Rich Salz2015-01-302-39/+5
| | | | | | | Keep one #if 0 but rename the symbol to be more descriptive of what it's doing (you can disable support for old broken Netscape software). Reviewed-by: Tim Hudson <tjh@openssl.org>
* ifdef cleanup part 3: OPENSSL_SYSNAMERich Salz2015-01-231-1/+1
| | | | | | | | Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx Remove MS_STATIC; it's a relic from platforms <32 bits. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
* Run util/openssl-format-source -v -c .Matt Caswell2015-01-2211-2901/+2781
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Cleanup OPENSSL_NO_xxx, part 1master-pre-reformatRich Salz2015-01-141-1/+1
| | | | | | | | | | OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixed: OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE Reviewed-by: Richard Levitte <levitte@openssl.org>
* mark all block comments that need format preserving so thatTim Hudson2014-12-301-1/+1
| | | | | | | indent will not alter them when reformatting comments Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove fipscanister build functionality from makefiles.Dr. Stephen Henson2014-12-081-1/+1
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Remove all .cvsignore filesRich Salz2014-11-291-8/+0
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Removed duplicate definition of PKCS7_type_is_encryptedMatt Caswell2014-10-071-4/+0
| | | | | | | | | Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also remove duplicate definition of PKCS7_type_is_digest. PR#3551 Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove ancient obsolete files under pkcs7.Dr. Stephen Henson2014-06-2734-2865/+0
|
* Fixed NULL pointer dereference in PKCS7_dataDecode reported by David Ramos ↵Matt Caswell2014-05-083-1/+8
| | | | in PR#3339
* Fix double frees.Ben Laurie2014-04-221-0/+1
|
* Add suppot for ASCII with CRLF canonicalisation.Dr. Stephen Henson2014-02-131-0/+3
|
* misspellings fixes by https://github.com/vlajos/misspell_fixerVeres Lajos2013-09-053-4/+4
|
* Submitted by: Markus Friedl <mfriedl@gmail.com>Dr. Stephen Henson2012-03-221-2/+14
| | | | Fix memory leaks in 'goto err' cases.
* Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key andDr. Stephen Henson2012-03-121-18/+47
| | | | | | | | continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
* check return value of BIO_write in PKCS7_decryptDr. Stephen Henson2012-03-081-1/+5
|
* Detect symmetric crypto errors in PKCS7_decrypt.Dr. Stephen Henson2012-02-271-2/+17
| | | | Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
* more vxworks patchesDr. Stephen Henson2011-10-151-1/+1
|
* Change AR to ARX to allow exclusion of fips object modulesDr. Stephen Henson2011-01-261-1/+1
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 15:06:24 +0100